Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hyrax++ #48

Closed
wants to merge 15 commits into from
6 changes: 3 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -128,13 +128,13 @@ let (ck, vk) = PCS::trim(&pp, degree, 2, Some(&[degree])).unwrap();

// 3. PolynomialCommitment::commit
// The prover commits to the polynomial using their committer key `ck`.
let (comms, rands) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let (comms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();

let challenge_generator: ChallengeGenerator<<Bls12_377 as Pairing>::ScalarField, Sponge_Bls12_377> = ChallengeGenerator::new_univariate(&mut test_sponge);

// 4a. PolynomialCommitment::open
// Opening proof at a single point.
let proof_single = PCS::open(&ck, [&labeled_poly], &comms, &point_1, &mut (challenge_generator.clone()), &rands, None).unwrap();
let proof_single = PCS::open(&ck, [&labeled_poly], &comms, &point_1, &mut (challenge_generator.clone()), &states, None).unwrap();

// 5a. PolynomialCommitment::check
// Verifying the proof at a single point, given the commitment, the point, the claimed evaluation, and the proof.
Expand All @@ -156,7 +156,7 @@ let proof_batched = PCS::batch_open(
&comms,
&query_set,
&mut (challenge_generator.clone()),
&rands,
&states,
Some(rng),
).unwrap();

Expand Down
12 changes: 6 additions & 6 deletions bench-templates/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ where
let labeled_poly =
LabeledPolynomial::new("test".to_string(), rand_poly(num_vars, rng), None, None);

let (coms, randomness) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let (coms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let point = rand_point(num_vars, rng);

let start = Instant::now();
Expand All @@ -133,7 +133,7 @@ where
&coms,
&point,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&randomness,
&states,
Some(rng),
)
.unwrap();
Expand All @@ -157,7 +157,7 @@ where
let labeled_poly =
LabeledPolynomial::new("test".to_string(), rand_poly(num_vars, rng), None, None);

let (coms, randomness) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let (coms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let point = P::Point::rand(rng);

let proofs = PCS::open(
Expand All @@ -166,7 +166,7 @@ where
&coms,
&point,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&randomness,
&states,
Some(rng),
)
.unwrap();
Expand Down Expand Up @@ -194,7 +194,7 @@ where
let labeled_poly =
LabeledPolynomial::new("test".to_string(), rand_poly(num_vars, rng), None, None);

let (coms, randomness) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let (coms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();
let point = rand_point(num_vars, rng);
let claimed_eval = labeled_poly.evaluate(&point);
let proof = PCS::open(
Expand All @@ -203,7 +203,7 @@ where
&coms,
&point,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&randomness,
&states,
Some(rng),
)
.unwrap();
Expand Down
12 changes: 7 additions & 5 deletions poly-commit/src/data_structures.rs
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,12 @@ pub trait PCPreparedCommitment<UNPREPARED: PCCommitment>: Clone {
fn prepare(comm: &UNPREPARED) -> Self;
}

/// Defines the minimal interface of commitment randomness for any polynomial
/// commitment scheme.
pub trait PCRandomness: Clone + CanonicalSerialize + CanonicalDeserialize {
/// Defines the minimal interface of commitment state for any polynomial
/// commitment scheme. It might be randomness etc.
pub trait PCCommitmentState: Clone + CanonicalSerialize + CanonicalDeserialize {
/// blah
type Randomness: Clone + CanonicalSerialize + CanonicalDeserialize;

/// Outputs empty randomness that does not hide the commitment.
fn empty() -> Self;

Expand All @@ -86,9 +89,8 @@ pub trait PCRandomness: Clone + CanonicalSerialize + CanonicalDeserialize {
has_degree_bound: bool,
num_vars: Option<usize>,
rng: &mut R,
) -> Self;
) -> Self::Randomness;
}

/// A proof of satisfaction of linear combinations.
#[derive(Clone, CanonicalSerialize, CanonicalDeserialize)]
pub struct BatchLCProof<F: PrimeField, T: Clone + CanonicalSerialize + CanonicalDeserialize> {
Expand Down
24 changes: 21 additions & 3 deletions poly-commit/src/hyrax/data_structures.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,10 @@ use ark_ff::PrimeField;
use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
use ark_std::{rand::RngCore, vec::Vec};

use crate::{PCCommitment, PCCommitterKey, PCRandomness, PCUniversalParams, PCVerifierKey};
use crate::{
utils::Matrix, PCCommitment, PCCommitmentState, PCCommitterKey, PCUniversalParams,
PCVerifierKey,
};

/// `UniversalParams` amounts to a Pederson commitment key of sufficient length
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
Expand Down Expand Up @@ -77,9 +80,24 @@ impl<G: AffineRepr> PCCommitment for HyraxCommitment<G> {

pub(crate) type HyraxRandomness<F> = Vec<F>;

/// Hyrax Commitment State blah blah blah blah
/// blah blah blah blah
/// blah blah blah blah
/// blah blah blah blah
#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
#[derivative(Default(bound = ""), Clone(bound = ""), Debug(bound = ""))]
pub struct HyraxCommitmentState<F>
where
F: PrimeField,
{
pub(crate) randomness: HyraxRandomness<F>,
pub(crate) mat: Matrix<F>,
}

/// A vector of scalars, each of which multiplies the distinguished group
/// element in the Pederson commitment key for a different commitment
impl<F: PrimeField> PCRandomness for HyraxRandomness<F> {
impl<F: PrimeField> PCCommitmentState for HyraxCommitmentState<F> {
type Randomness = HyraxRandomness<F>;
fn empty() -> Self {
unimplemented!()
}
Expand All @@ -89,7 +107,7 @@ impl<F: PrimeField> PCRandomness for HyraxRandomness<F> {
_has_degree_bound: bool,
_num_vars: Option<usize>,
rng: &mut R,
) -> Self {
) -> Self::Randomness {
(0..num_queries).map(|_| F::rand(rng)).collect()
}
}
Expand Down
26 changes: 14 additions & 12 deletions poly-commit/src/hyrax/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ impl<G: AffineRepr, P: MultilinearExtension<G::ScalarField>>
type CommitterKey = HyraxCommitterKey<G>;
type VerifierKey = HyraxVerifierKey<G>;
type Commitment = HyraxCommitment<G>;
type Randomness = HyraxRandomness<G::ScalarField>;
type CommitmentState = HyraxCommitmentState<G::ScalarField>;
type Proof = Vec<HyraxProof<G>>;
type BatchProof = Vec<Self::Proof>;
type Error = Error;
Expand Down Expand Up @@ -222,15 +222,15 @@ impl<G: AffineRepr, P: MultilinearExtension<G::ScalarField>>
) -> Result<
(
Vec<LabeledCommitment<Self::Commitment>>,
Vec<Self::Randomness>,
Vec<Self::CommitmentState>,
),
Self::Error,
>
where
P: 'a,
{
let mut coms = Vec::new();
let mut rands = Vec::new();
let mut states = Vec::new();

#[cfg(not(feature = "parallel"))]
let rng_inner = rng.expect("Committing to polynomials requires a random generator");
Expand Down Expand Up @@ -270,10 +270,13 @@ impl<G: AffineRepr, P: MultilinearExtension<G::ScalarField>>
let l_comm = LabeledCommitment::new(label.to_string(), com, Some(1));

coms.push(l_comm);
rands.push(com_rands);
states.push(HyraxCommitmentState {
randomness: com_rands,
mat: Matrix::new_from_rows(m),
});
}

Ok((coms, rands))
Ok((coms, states))
}

/// Opens a list of polynomial commitments at a desired point. This
Expand Down Expand Up @@ -305,12 +308,12 @@ impl<G: AffineRepr, P: MultilinearExtension<G::ScalarField>>
G::ScalarField,
PoseidonSponge<G::ScalarField>,
>,
rands: impl IntoIterator<Item = &'a Self::Randomness>,
states: impl IntoIterator<Item = &'a Self::CommitmentState>,
rng: Option<&mut dyn RngCore>,
) -> Result<Self::Proof, Self::Error>
where
Self::Commitment: 'a,
Self::Randomness: 'a,
Self::CommitmentState: 'a,
P: 'a,
{
let n = point.len();
Expand Down Expand Up @@ -339,9 +342,9 @@ impl<G: AffineRepr, P: MultilinearExtension<G::ScalarField>>

let rng_inner = rng.expect("Opening polynomials requires randomness");

for (l_poly, (l_com, randomness)) in labeled_polynomials
for (l_poly, (l_com, state)) in labeled_polynomials
.into_iter()
.zip(commitments.into_iter().zip(rands.into_iter()))
.zip(commitments.into_iter().zip(states.into_iter()))
{
let label = l_poly.label();
if label != l_com.label() {
Expand Down Expand Up @@ -374,15 +377,14 @@ impl<G: AffineRepr, P: MultilinearExtension<G::ScalarField>>
transcript.append_serializable_element(b"point", point)?;

// Commiting to the matrix formed by the polynomial coefficients
let t_aux = flat_to_matrix_column_major(&poly.to_evaluations(), dim, dim);
let t = Matrix::new_from_rows(t_aux);
let t = &state.mat;

let lt = t.row_mul(&l);

// t_prime coincides witht he Pedersen commitment to lt with the
// randomnes r_lt computed here
let r_lt = cfg_iter!(l)
.zip(cfg_iter!(randomness))
.zip(cfg_iter!(state.randomness))
.map(|(l, r)| *l * r)
.sum::<G::ScalarField>();

Expand Down
3 changes: 2 additions & 1 deletion poly-commit/src/ipa_pc/data_structures.rs
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,8 @@ pub struct Randomness<G: AffineRepr> {
pub shifted_rand: Option<G::ScalarField>,
}

impl<G: AffineRepr> PCRandomness for Randomness<G> {
impl<G: AffineRepr> PCCommitmentState for Randomness<G> {
type Randomness = Self;
fn empty() -> Self {
Self {
rand: G::ScalarField::zero(),
Expand Down
Loading
Loading