traits for a vector commitment engine and a polynomial evaluation engine (#136)

make spartan generic over the evaluation engine

update version

disable Wasm CI check

src/traits/commitment.rs

@@ -0,0 +1,149 @@
+//! This module defines a collection of traits that define the behavior of a commitment engine
+//! We require the commitment engine to provide a commitment to vectors with a single group element
+use crate::{
+  errors::NovaError,
+  traits::{AbsorbInROTrait, AppendToTranscriptTrait, CompressedGroup, Group},
+};
+use core::{
+  fmt::Debug,
+  ops::{Add, AddAssign, Mul, MulAssign},
+};
+use serde::{Deserialize, Serialize};
+
+/// This trait defines the behavior of commitment key
+#[allow(clippy::len_without_is_empty)]
+pub trait CommitmentGensTrait<G: Group>:
+  Clone + Debug + Send + Sync + Serialize + for<'de> Deserialize<'de>
+{
+  /// Holds the type of the commitment that can be produced
+  type Commitment;
+
+  /// Holds the type of the compressed commitment
+  type CompressedCommitment;
+
+  /// Samples a new commitment key of a specified size
+  fn new(label: &'static [u8], n: usize) -> Self;
+
+  /// Returns the vector length that can be committed
+  fn len(&self) -> usize;
+
+  /// Commits to a vector using the commitment key
+  fn commit(&self, v: &[G::Scalar]) -> Self::Commitment;
+
+  /// Splits the commitment key into two pieces at a specified point
+  fn split_at(&self, n: usize) -> (Self, Self)
+  where
+    Self: Sized;
+
+  /// Combines two commitment keys into one
+  fn combine(&self, other: &Self) -> Self;
+
+  /// Folds the two commitment keys into one using the provided weights
+  fn fold(&self, w1: &G::Scalar, w2: &G::Scalar) -> Self;
+
+  /// Scales the commitment key using the provided scalar
+  fn scale(&self, r: &G::Scalar) -> Self;
+
+  /// Reinterprets commitments as commitment keys
+  fn reinterpret_commitments_as_gens(c: &[Self::CompressedCommitment]) -> Result<Self, NovaError>
+  where
+    Self: Sized;
+}
+
+/// Defines basic operations on commitments
+pub trait CommitmentOps<Rhs = Self, Output = Self>:
+  Add<Rhs, Output = Output> + AddAssign<Rhs>
+{
+}
+
+impl<T, Rhs, Output> CommitmentOps<Rhs, Output> for T where
+  T: Add<Rhs, Output = Output> + AddAssign<Rhs>
+{
+}
+
+/// A helper trait for references with a commitment operation
+pub trait CommitmentOpsOwned<Rhs = Self, Output = Self>:
+  for<'r> CommitmentOps<&'r Rhs, Output>
+{
+}
+impl<T, Rhs, Output> CommitmentOpsOwned<Rhs, Output> for T where
+  T: for<'r> CommitmentOps<&'r Rhs, Output>
+{
+}
+
+/// A helper trait for types implementing a multiplication of a commitment with a scalar
+pub trait ScalarMul<Rhs, Output = Self>: Mul<Rhs, Output = Output> + MulAssign<Rhs> {}
+
+impl<T, Rhs, Output> ScalarMul<Rhs, Output> for T where T: Mul<Rhs, Output = Output> + MulAssign<Rhs>
+{}
+
+/// This trait defines the behavior of the commitment
+pub trait CommitmentTrait<G: Group>:
+  Clone
+  + Copy
+  + Debug
+  + Default
+  + PartialEq
+  + Eq
+  + Send
+  + Sync
+  + Serialize
+  + for<'de> Deserialize<'de>
+  + AbsorbInROTrait<G>
+  + AppendToTranscriptTrait
+  + CommitmentOps
+  + CommitmentOpsOwned
+  + ScalarMul<G::Scalar>
+{
+  /// Holds the type of the compressed commitment
+  type CompressedCommitment;
+
+  /// Compresses self into a compressed commitment
+  fn compress(&self) -> Self::CompressedCommitment;
+
+  /// Returns the coordinate representation of the commitment
+  fn to_coordinates(&self) -> (G::Base, G::Base, bool);
+}
+
+/// This trait defines the behavior of a compressed commitment
+pub trait CompressedCommitmentTrait<C: CompressedGroup>:
+  Clone
+  + Debug
+  + PartialEq
+  + Eq
+  + Send
+  + Sync
+  + Serialize
+  + for<'de> Deserialize<'de>
+  + AppendToTranscriptTrait
+{
+  /// Holds the type of the commitment that can be decompressed into
+  type Commitment;
+
+  /// Decompresses self into a commitment
+  fn decompress(&self) -> Result<Self::Commitment, NovaError>;
+}
+
+/// A trait that ties different pieces of the commitment generation together
+pub trait CommitmentEngineTrait<G: Group>:
+  Clone + Send + Sync + Serialize + for<'de> Deserialize<'de>
+{
+  /// Holds the type of the commitment key
+  type CommitmentGens: CommitmentGensTrait<
+    G,
+    Commitment = Self::Commitment,
+    CompressedCommitment = Self::CompressedCommitment,
+  >;
+
+  /// Holds the type of the commitment
+  type Commitment: CommitmentTrait<G, CompressedCommitment = Self::CompressedCommitment>;
+
+  /// Holds the type of the compressed commitment
+  type CompressedCommitment: CompressedCommitmentTrait<
+    G::CompressedGroupElement,
+    Commitment = Self::Commitment,
+  >;
+
+  /// Commits to the provided vector using the provided generators
+  fn commit(gens: &Self::CommitmentGens, v: &[G::Scalar]) -> Self::Commitment;
+}

src/traits/evaluation.rs

@@ -0,0 +1,46 @@
+//! This module defines a collection of traits that define the behavior of a polynomial evaluation engine
+//! A vector of size N is treated as a multilinear polynomial in \log{N} variables,
+//! and a commitment provided by the commitment engine is treated as a multilinear polynomial commitment
+use crate::{
+  errors::NovaError,
+  traits::{commitment::CommitmentEngineTrait, Group},
+};
+use merlin::Transcript;
+use serde::{Deserialize, Serialize};
+
+/// A trait that ties different pieces of the commitment evaluation together
+pub trait EvaluationEngineTrait<G: Group>:
+  Clone + Send + Sync + Serialize + for<'de> Deserialize<'de>
+{
+  /// A type that holds the associated commitment engine
+  type CE: CommitmentEngineTrait<G>;
+
+  /// A type that holds generators
+  type EvaluationGens: Clone + Send + Sync + Serialize + for<'de> Deserialize<'de>;
+
+  /// A type that holds the evaluation argument
+  type EvaluationArgument: Clone + Send + Sync + Serialize + for<'de> Deserialize<'de>;
+
+  /// A method to perform any additional setup needed to produce proofs of evaluations
+  fn setup(gens: &<Self::CE as CommitmentEngineTrait<G>>::CommitmentGens) -> Self::EvaluationGens;
+
+  /// A method to prove evaluations of a batch of polynomials
+  fn prove_batch(
+    gens: &Self::EvaluationGens,
+    transcript: &mut Transcript,
+    comm: &[<Self::CE as CommitmentEngineTrait<G>>::Commitment],
+    polys: &[Vec<G::Scalar>],
+    points: &[Vec<G::Scalar>],
+    evals: &[G::Scalar],
+  ) -> Result<Self::EvaluationArgument, NovaError>;
+
+  /// A method to verify purported evaluations of a batch of polynomials
+  fn verify_batch(
+    gens: &Self::EvaluationGens,
+    transcript: &mut Transcript,
+    comm: &[<Self::CE as CommitmentEngineTrait<G>>::Commitment],
+    points: &[Vec<G::Scalar>],
+    evals: &[G::Scalar],
+    arg: &Self::EvaluationArgument,
+  ) -> Result<(), NovaError>;
+}

src/traits/mod.rs

@@ -12,6 +12,10 @@ use merlin::Transcript;
 use num_bigint::BigInt;
 use serde::{Deserialize, Serialize};
 
+pub mod commitment;
+
+use commitment::CommitmentEngineTrait;
+
 /// Represents an element of a group
 /// This is currently tailored for an elliptic curve group
 pub trait Group:
@@ -47,7 +51,7 @@ pub trait Group:
     + for<'de> Deserialize<'de>;
 
   /// A type representing preprocessed group element
-  type PreprocessedGroupElement: Clone + Send + Sync + Serialize + for<'de> Deserialize<'de>;
+  type PreprocessedGroupElement: Clone + Debug + Send + Sync + Serialize + for<'de> Deserialize<'de>;
 
   /// A type that represents a hash function that consumes elements
   /// from the base field and squeezes out elements of the scalar field
@@ -56,6 +60,9 @@ pub trait Group:
   /// An alternate implementation of Self::RO in the circuit model
   type ROCircuit: ROCircuitTrait<Self::Base> + Serialize + for<'de> Deserialize<'de>;
 
+  /// A type that defines a commitment engine over scalars in the group
+  type CE: CommitmentEngineTrait<Self> + Serialize + for<'de> Deserialize<'de>;
+
   /// A method to compute a multiexponentation
   fn vartime_multiscalar_mul(
     scalars: &[Self::Scalar],
@@ -212,4 +219,5 @@ impl<F: PrimeField> AppendToTranscriptTrait for [F] {
 }
 
 pub mod circuit;
+pub mod evaluation;
 pub mod snark;