Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an Absorb trait bound to PCCommitment #144

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 12 additions & 1 deletion poly-commit/src/data_structures.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
use crate::{Polynomial, String, Vec};
use ark_crypto_primitives::sponge::Absorb;
use ark_ff::{Field, PrimeField, ToConstraintField};
use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
use ark_std::rand::RngCore;
Expand Down Expand Up @@ -55,7 +56,7 @@ pub trait PCPreparedVerifierKey<Unprepared: PCVerifierKey> {

/// Defines the minimal interface of commitments for any polynomial
/// commitment scheme.
pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize {
pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize + Absorb {
/// Outputs a non-hiding commitment to the zero polynomial.
fn empty() -> Self;

Expand Down Expand Up @@ -185,6 +186,16 @@ pub struct LabeledCommitment<C: PCCommitment> {
degree_bound: Option<usize>,
}

impl<C: PCCommitment> Absorb for LabeledCommitment<C> {
fn to_sponge_bytes(&self, dest: &mut Vec<u8>) {
self.commitment.to_sponge_bytes(dest)
}

fn to_sponge_field_elements<F: PrimeField>(&self, dest: &mut Vec<F>) {
self.commitment.to_sponge_field_elements(dest)
}
}

impl<F: Field, C: PCCommitment + ToConstraintField<F>> ToConstraintField<F>
for LabeledCommitment<C>
{
Expand Down
9 changes: 5 additions & 4 deletions poly-commit/src/ipa_pc/data_structures.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
use crate::*;
use crate::{PCCommitterKey, PCVerifierKey, Vec};
use ark_crypto_primitives::sponge::Absorb;
use ark_ec::AffineRepr;
use ark_ff::{Field, UniformRand, Zero};
use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
Expand Down Expand Up @@ -84,7 +85,7 @@ impl<G: AffineRepr> PCPreparedVerifierKey<VerifierKey<G>> for PreparedVerifierKe
}

/// Commitment to a polynomial that optionally enforces a degree bound.
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)]
#[derivative(
Default(bound = ""),
Hash(bound = ""),
Expand All @@ -94,7 +95,7 @@ impl<G: AffineRepr> PCPreparedVerifierKey<VerifierKey<G>> for PreparedVerifierKe
PartialEq(bound = ""),
Eq(bound = "")
)]
pub struct Commitment<G: AffineRepr> {
pub struct Commitment<G: AffineRepr + Absorb> {
/// A Pedersen commitment to the polynomial.
pub comm: G,

Expand All @@ -104,7 +105,7 @@ pub struct Commitment<G: AffineRepr> {
pub shifted_comm: Option<G>,
}

impl<G: AffineRepr> PCCommitment for Commitment<G> {
impl<G: AffineRepr + Absorb> PCCommitment for Commitment<G> {
#[inline]
fn empty() -> Self {
Commitment {
Expand All @@ -121,7 +122,7 @@ impl<G: AffineRepr> PCCommitment for Commitment<G> {
/// Nothing to do to prepare this commitment (for now).
pub type PreparedCommitment<E> = Commitment<E>;

impl<G: AffineRepr> PCPreparedCommitment<Commitment<G>> for PreparedCommitment<G> {
impl<G: AffineRepr + Absorb> PCPreparedCommitment<Commitment<G>> for PreparedCommitment<G> {
/// prepare `PreparedCommitment` from `Commitment`
fn prepare(vk: &Commitment<G>) -> Self {
vk.clone()
Expand Down
6 changes: 3 additions & 3 deletions poly-commit/src/ipa_pc/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ pub use data_structures::*;
#[cfg(feature = "parallel")]
use rayon::prelude::*;

use ark_crypto_primitives::sponge::CryptographicSponge;
use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
use digest::Digest;

/// A polynomial commitment scheme based on the hardness of the
Expand Down Expand Up @@ -45,7 +45,7 @@ pub struct InnerProductArgPC<

impl<G, D, P, S> InnerProductArgPC<G, D, P, S>
where
G: AffineRepr,
G: AffineRepr + Absorb,
G::Group: VariableBaseMSM<MulBase = G>,
D: Digest,
P: DenseUVPolynomial<G::ScalarField>,
Expand Down Expand Up @@ -337,7 +337,7 @@ where

impl<G, D, P, S> PolynomialCommitment<G::ScalarField, P, S> for InnerProductArgPC<G, D, P, S>
where
G: AffineRepr,
G: AffineRepr + Absorb,
G::Group: VariableBaseMSM<MulBase = G>,
D: Digest,
P: DenseUVPolynomial<G::ScalarField, Point = G::ScalarField>,
Expand Down
33 changes: 25 additions & 8 deletions poly-commit/src/kzg10/data_structures.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
use crate::*;
use ark_crypto_primitives::sponge::Absorb;
use ark_ec::pairing::Pairing;
use ark_ec::AdditiveGroup;
use ark_ec::AffineRepr;
Expand Down Expand Up @@ -314,7 +315,7 @@ impl<E: Pairing> PreparedVerifierKey<E> {
}

/// `Commitment` commits to a polynomial. It is output by `KZG10::commit`.
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)]
#[derivative(
Default(bound = ""),
Hash(bound = ""),
Expand All @@ -324,12 +325,19 @@ impl<E: Pairing> PreparedVerifierKey<E> {
PartialEq(bound = ""),
Eq(bound = "")
)]
pub struct Commitment<E: Pairing>(
pub struct Commitment<E>(
/// The commitment is a group element.
pub E::G1Affine,
);
)
where
E: Pairing,
E::G1Affine: Absorb;
Comment on lines +328 to +334
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically, we don't need an Absorb bound on E::G1Affine, only on the PCCommitment impl and on the Absorb impl, right?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That would avoid most of this churn I think

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I restrict PCCommitment: Absorb, then I also have to ensure any struct which implements PCCommitment also implements Absorb - and so I need to restrict E::G1Affine etc. to also be Absorb.
Let me know if you have another idea for this, I currently can't see a better workaround.


impl<E: Pairing> PCCommitment for Commitment<E> {
impl<E> PCCommitment for Commitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
#[inline]
fn empty() -> Self {
Commitment(E::G1Affine::zero())
Expand All @@ -340,16 +348,21 @@ impl<E: Pairing> PCCommitment for Commitment<E> {
}
}

impl<E: Pairing> ToConstraintField<<E::TargetField as Field>::BasePrimeField> for Commitment<E>
impl<E> ToConstraintField<<E::TargetField as Field>::BasePrimeField> for Commitment<E>
where
E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField>,
E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField> + Absorb,
E: Pairing,
{
fn to_field_elements(&self) -> Option<Vec<<E::TargetField as Field>::BasePrimeField>> {
self.0.to_field_elements()
}
}

impl<'a, E: Pairing> AddAssign<(E::ScalarField, &'a Commitment<E>)> for Commitment<E> {
impl<'a, E> AddAssign<(E::ScalarField, &'a Commitment<E>)> for Commitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
#[inline]
fn add_assign(&mut self, (f, other): (E::ScalarField, &'a Commitment<E>)) {
let mut other = other.0 * f;
Expand All @@ -373,7 +386,11 @@ pub struct PreparedCommitment<E: Pairing>(
pub Vec<E::G1Affine>,
);

impl<E: Pairing> PreparedCommitment<E> {
impl<E> PreparedCommitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
/// prepare `PreparedCommitment` from `Commitment`
pub fn prepare(comm: &Commitment<E>) -> Self {
let mut prepared_comm = Vec::<E::G1Affine>::new();
Expand Down
5 changes: 5 additions & 0 deletions poly-commit/src/kzg10/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
//! This construction achieves extractability in the algebraic group model (AGM).

use crate::{BTreeMap, Error, LabeledPolynomial, PCCommitmentState, ToString, Vec};
use ark_crypto_primitives::sponge::Absorb;
use ark_ec::AffineRepr;
use ark_ec::{pairing::Pairing, CurveGroup};
use ark_ec::{scalar_mul::ScalarMul, VariableBaseMSM};
Expand All @@ -32,6 +33,7 @@ pub struct KZG10<E: Pairing, P: DenseUVPolynomial<E::ScalarField>> {
impl<E, P> KZG10<E, P>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
for<'a, 'b> &'a P: Div<&'b P, Output = P>,
{
Expand Down Expand Up @@ -548,6 +550,7 @@ mod tests {
fn end_to_end_test_template<E, P>() -> Result<(), Error>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
for<'a, 'b> &'a P: Div<&'b P, Output = P>,
{
Expand Down Expand Up @@ -579,6 +582,7 @@ mod tests {
fn linear_polynomial_test_template<E, P>() -> Result<(), Error>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
for<'a, 'b> &'a P: Div<&'b P, Output = P>,
{
Expand Down Expand Up @@ -607,6 +611,7 @@ mod tests {
fn batch_check_test_template<E, P>() -> Result<(), Error>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
for<'a, 'b> &'a P: Div<&'b P, Output = P>,
{
Expand Down
29 changes: 23 additions & 6 deletions poly-commit/src/marlin/marlin_pc/data_structures.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ use crate::{
DenseUVPolynomial, PCCommitment, PCCommitmentState, PCCommitterKey, PCPreparedCommitment,
PCPreparedVerifierKey, PCVerifierKey, Vec,
};
use ark_crypto_primitives::sponge::Absorb;
use ark_ec::pairing::Pairing;
use ark_ec::AdditiveGroup;
use ark_ff::{Field, PrimeField, ToConstraintField};
Expand Down Expand Up @@ -213,7 +214,7 @@ impl<E: Pairing> PCPreparedVerifierKey<VerifierKey<E>> for PreparedVerifierKey<E
}

/// Commitment to a polynomial that optionally enforces a degree bound.
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)]
#[derivative(
Default(bound = ""),
Hash(bound = ""),
Expand All @@ -223,7 +224,11 @@ impl<E: Pairing> PCPreparedVerifierKey<VerifierKey<E>> for PreparedVerifierKey<E
PartialEq(bound = ""),
Eq(bound = "")
)]
pub struct Commitment<E: Pairing> {
pub struct Commitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
/// A KZG10 commitment to the polynomial.
pub comm: kzg10::Commitment<E>,

Expand All @@ -235,7 +240,7 @@ pub struct Commitment<E: Pairing> {

impl<E: Pairing> ToConstraintField<<E::TargetField as Field>::BasePrimeField> for Commitment<E>
where
E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField>,
E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField> + Absorb,
{
fn to_field_elements(&self) -> Option<Vec<<E::TargetField as Field>::BasePrimeField>> {
let mut res = Vec::new();
Expand All @@ -249,7 +254,11 @@ where
}
}

impl<E: Pairing> PCCommitment for Commitment<E> {
impl<E> PCCommitment for Commitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
#[inline]
fn empty() -> Self {
Self {
Expand All @@ -272,12 +281,20 @@ impl<E: Pairing> PCCommitment for Commitment<E> {
PartialEq(bound = ""),
Eq(bound = "")
)]
pub struct PreparedCommitment<E: Pairing> {
pub struct PreparedCommitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
pub(crate) prepared_comm: kzg10::PreparedCommitment<E>,
pub(crate) shifted_comm: Option<kzg10::Commitment<E>>,
}

impl<E: Pairing> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E> {
impl<E> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
/// Prepare commitment to a polynomial that optionally enforces a degree bound.
fn prepare(comm: &Commitment<E>) -> Self {
let prepared_comm = kzg10::PreparedCommitment::<E>::prepare(&comm.comm);
Expand Down
3 changes: 2 additions & 1 deletion poly-commit/src/marlin/marlin_pc/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use ark_std::rand::RngCore;
use ark_std::{marker::PhantomData, ops::Div, vec};

mod data_structures;
use ark_crypto_primitives::sponge::CryptographicSponge;
use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
pub use data_structures::*;

/// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement, batching,
Expand Down Expand Up @@ -57,6 +57,7 @@ pub(crate) fn shift_polynomial<E: Pairing, P: DenseUVPolynomial<E::ScalarField>>
impl<E, P, S> PolynomialCommitment<E::ScalarField, P, S> for MarlinKZG10<E, P, S>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
S: CryptographicSponge,
for<'a, 'b> &'a P: Div<&'b P, Output = P>,
Expand Down
3 changes: 2 additions & 1 deletion poly-commit/src/marlin/marlin_pst13_pc/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ pub use data_structures::*;
mod combinations;
use combinations::*;

use ark_crypto_primitives::sponge::CryptographicSponge;
use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
#[cfg(feature = "parallel")]
use rayon::prelude::*;

Expand Down Expand Up @@ -146,6 +146,7 @@ impl<E: Pairing, P: DenseMVPolynomial<E::ScalarField>, S: CryptographicSponge>
impl<E, P, S> PolynomialCommitment<E::ScalarField, P, S> for MarlinPST13<E, P, S>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseMVPolynomial<E::ScalarField> + Sync,
S: CryptographicSponge,
P::Point: Index<usize, Output = E::ScalarField>,
Expand Down
3 changes: 2 additions & 1 deletion poly-commit/src/marlin/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ use crate::{BTreeMap, BTreeSet, Debug, RngCore, String, ToString, Vec};
use crate::{BatchLCProof, LabeledPolynomial, LinearCombination};
use crate::{Evaluations, LabeledCommitment, QuerySet};
use crate::{PCCommitmentState, Polynomial, PolynomialCommitment};
use ark_crypto_primitives::sponge::CryptographicSponge;
use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
use ark_ec::pairing::Pairing;
use ark_ec::AffineRepr;
use ark_ec::CurveGroup;
Expand Down Expand Up @@ -44,6 +44,7 @@ where
impl<E, S, P, PC> Marlin<E, S, P, PC>
where
E: Pairing,
E::G1Affine: Absorb,
S: CryptographicSponge,
P: Polynomial<E::ScalarField>,
PC: PolynomialCommitment<E::ScalarField, P, S>,
Expand Down
7 changes: 6 additions & 1 deletion poly-commit/src/sonic_pc/data_structures.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ use crate::kzg10;
use crate::{
BTreeMap, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, PCVerifierKey, Vec,
};
use ark_crypto_primitives::sponge::Absorb;
use ark_ec::pairing::Pairing;
use ark_ec::AdditiveGroup;
use ark_serialize::{
Expand All @@ -21,7 +22,11 @@ pub type Commitment<E> = kzg10::Commitment<E>;
/// `PreparedCommitment` is the prepared commitment for the KZG10 scheme.
pub type PreparedCommitment<E> = kzg10::PreparedCommitment<E>;

impl<E: Pairing> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E> {
impl<E> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E>
where
E: Pairing,
E::G1Affine: Absorb,
{
/// prepare `PreparedCommitment` from `Commitment`
fn prepare(comm: &Commitment<E>) -> Self {
let mut prepared_comm = Vec::<E::G1Affine>::new();
Expand Down
4 changes: 3 additions & 1 deletion poly-commit/src/sonic_pc/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use ark_std::rand::RngCore;
use ark_std::{convert::TryInto, marker::PhantomData, ops::Div, ops::Mul, vec};

mod data_structures;
use ark_crypto_primitives::sponge::CryptographicSponge;
use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
pub use data_structures::*;

/// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement and
Expand All @@ -34,6 +34,7 @@ pub struct SonicKZG10<E: Pairing, P: DenseUVPolynomial<E::ScalarField>, S: Crypt
impl<E, P, S> SonicKZG10<E, P, S>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField>,
S: CryptographicSponge,
{
Expand Down Expand Up @@ -137,6 +138,7 @@ where
impl<E, P, S> PolynomialCommitment<E::ScalarField, P, S> for SonicKZG10<E, P, S>
where
E: Pairing,
E::G1Affine: Absorb,
P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
S: CryptographicSponge,
for<'a, 'b> &'a P: Div<&'b P, Output = P>,
Expand Down
Loading