diff --git a/rustfmt.toml b/rustfmt.toml index 7b20d96..351c26a 100644 --- a/rustfmt.toml +++ b/rustfmt.toml @@ -2,3 +2,4 @@ edition = "2018" tab_spaces = 2 newline_style = "Unix" use_try_shorthand = true +imports_granularity = "crate" diff --git a/src/bellperson/r1cs.rs b/src/bellperson/r1cs.rs index afed62f..c3851a8 100644 --- a/src/bellperson/r1cs.rs +++ b/src/bellperson/r1cs.rs @@ -2,8 +2,7 @@ #![allow(non_snake_case)] -use super::shape_cs::ShapeCS; -use super::solver::SatisfyingAssignment; +use super::{shape_cs::ShapeCS, solver::SatisfyingAssignment}; use bellperson::{Index, LinearCombination}; use ff::PrimeField; diff --git a/src/bellperson/shape_cs.rs b/src/bellperson/shape_cs.rs index 5ca5526..6e9468f 100644 --- a/src/bellperson/shape_cs.rs +++ b/src/bellperson/shape_cs.rs @@ -1,7 +1,9 @@ //! Support for generating R1CS shape using bellperson. -use std::cmp::Ordering; -use std::collections::{BTreeMap, HashMap}; +use std::{ + cmp::Ordering, + collections::{BTreeMap, HashMap}, +}; use crate::traits::{Group, PrimeField as PF}; use ff::{Field, PrimeField}; diff --git a/src/circuit.rs b/src/circuit.rs index e6aa13f..705795b 100644 --- a/src/circuit.rs +++ b/src/circuit.rs @@ -10,18 +10,19 @@ //! otherwise //! h1 = H(u2, i) and h2 = H(params = H(shape, gens), u1, i, z0, zi) -use super::commitments::Commitment; -use super::gadgets::{ - ecc::AllocatedPoint, - utils::{ - alloc_bignat_constant, alloc_num_equals, alloc_one, alloc_zero, conditionally_select, - conditionally_select_bignat, le_bits_to_num, +use super::{ + commitments::Commitment, + gadgets::{ + ecc::AllocatedPoint, + utils::{ + alloc_bignat_constant, alloc_num_equals, alloc_one, alloc_zero, conditionally_select, + conditionally_select_bignat, le_bits_to_num, + }, }, + poseidon::{NovaPoseidonConstants, PoseidonROGadget}, + r1cs::RelaxedR1CSInstance, + traits::{Group, PrimeField, StepCircuit}, }; -use super::poseidon::NovaPoseidonConstants; -use super::poseidon::PoseidonROGadget; -use super::r1cs::RelaxedR1CSInstance; -use super::traits::{Group, InnerCircuit, PrimeField}; use bellperson::{ gadgets::{boolean::Boolean, num::AllocatedNum, Assignment}, Circuit, ConstraintSystem, SynthesisError, @@ -33,12 +34,12 @@ use bellperson_nonnative::{ use ff::PrimeFieldBits; #[derive(Debug, Clone)] -pub struct VerificationCircuitParams { +pub struct NIFSVerifierCircuitParams { limb_width: usize, n_limbs: usize, } -impl VerificationCircuitParams { +impl NIFSVerifierCircuitParams { #[allow(dead_code)] pub fn new(limb_width: usize, n_limbs: usize) -> Self { Self { @@ -48,7 +49,7 @@ impl VerificationCircuitParams { } } -pub struct VerificationCircuitInputs +pub struct NIFSVerifierCircuitInputs where G: Group, { @@ -63,7 +64,7 @@ where w: Commitment, // The commitment to the witness of the fresh r1cs instance } -impl VerificationCircuitInputs +impl NIFSVerifierCircuitInputs where G: Group, { @@ -95,30 +96,30 @@ where } /// Circuit that encodes only the folding verifier -pub struct VerificationCircuit +pub struct NIFSVerifierCircuit where G: Group, ::Base: ff::PrimeField, - IC: InnerCircuit, + SC: StepCircuit, { - params: VerificationCircuitParams, - inputs: Option>, - inner_circuit: Option, // The function that is applied for each step. may be None. + params: NIFSVerifierCircuitParams, + inputs: Option>, + step_circuit: Option, // The function that is applied for each step. may be None. poseidon_constants: NovaPoseidonConstants, } -impl VerificationCircuit +impl NIFSVerifierCircuit where G: Group, ::Base: ff::PrimeField, - IC: InnerCircuit, + SC: StepCircuit, { /// Create a new verification circuit for the input relaxed r1cs instances #[allow(dead_code)] pub fn new( - params: VerificationCircuitParams, - inputs: Option>, - inner_circuit: Option, + params: NIFSVerifierCircuitParams, + inputs: Option>, + step_circuit: Option, poseidon_constants: NovaPoseidonConstants, ) -> Self where @@ -127,18 +128,18 @@ where Self { params, inputs, - inner_circuit, + step_circuit, poseidon_constants, } } } -impl Circuit<::Base> for VerificationCircuit +impl Circuit<::Base> for NIFSVerifierCircuit where G: Group, ::Base: ff::PrimeField + PrimeField + PrimeFieldBits, ::Scalar: PrimeFieldBits, - IC: InnerCircuit, + SC: StepCircuit, { fn synthesize::Base>>( self, @@ -304,7 +305,7 @@ where // Allocate W /***********************************************************************/ - // T = (x, y, infinity) + // W = (x, y, infinity) let W_x = AllocatedNum::alloc(cs.namespace(|| "W.x"), || { Ok(self.inputs.get()?.w.comm.to_coordinates().0) })?; @@ -336,7 +337,7 @@ where // Compute default values of U2': let zero_commitment = AllocatedPoint::new(zero.clone(), zero.clone(), one); - //W_default and E_default are a commitment to zero + // W_default and E_default are a commitment to zero let W_default = zero_commitment.clone(); let E_default = zero_commitment; @@ -501,7 +502,7 @@ where .collect::>, _>>()?; /***********************************************************************/ - //Compute i + 1 + // Compute i + 1 /***********************************************************************/ let next_i = AllocatedNum::alloc(cs.namespace(|| "i + 1"), || { @@ -515,7 +516,7 @@ where |lc| lc + next_i.get_variable() - CS::one() - i.get_variable(), ); - if self.inner_circuit.is_some() { + if self.step_circuit.is_some() { /***********************************************************************/ //Allocate z0 /***********************************************************************/ @@ -590,7 +591,7 @@ where /***********************************************************************/ let z_next = self - .inner_circuit + .step_circuit .unwrap() .synthesize(&mut cs.namespace(|| "F"), z_i)?; @@ -641,12 +642,12 @@ where h1_hash.absorb(u_r); h1_hash.absorb(i.clone()); - //absorb each of the limbs of X_r[0] + // absorb each of the limbs of X_r[0] for limb in Xr0_bn.into_iter() { h1_hash.absorb(limb); } - //absorb each of the limbs of X_r[1] + // absorb each of the limbs of X_r[1] for limb in Xr1_bn.into_iter() { h1_hash.absorb(limb); } @@ -698,12 +699,13 @@ where #[cfg(test)] mod tests { use super::*; - use crate::bellperson::shape_cs::ShapeCS; - use crate::bellperson::solver::SatisfyingAssignment; + use crate::bellperson::{shape_cs::ShapeCS, solver::SatisfyingAssignment}; type G1 = pasta_curves::pallas::Point; type G2 = pasta_curves::vesta::Point; - use crate::bellperson::r1cs::{NovaShape, NovaWitness}; - use crate::commitments::CommitTrait; + use crate::{ + bellperson::r1cs::{NovaShape, NovaWitness}, + commitments::CommitTrait, + }; use std::marker::PhantomData; struct TestCircuit @@ -713,7 +715,7 @@ mod tests { _p: PhantomData, } - impl InnerCircuit for TestCircuit + impl StepCircuit for TestCircuit where F: PrimeField + ff::PrimeField, { @@ -729,12 +731,12 @@ mod tests { #[test] fn test_verification_circuit() { // We experiment with 8 limbs of 32 bits each - let params = VerificationCircuitParams::new(32, 8); + let params = NIFSVerifierCircuitParams::new(32, 8); // The first circuit that verifies G2 let poseidon_constants1: NovaPoseidonConstants<::Base> = NovaPoseidonConstants::new(); - let circuit1: VerificationCircuit::Base>> = - VerificationCircuit::new( + let circuit1: NIFSVerifierCircuit::Base>> = + NIFSVerifierCircuit::new( params.clone(), None, Some(TestCircuit { @@ -745,8 +747,7 @@ mod tests { // First create the shape let mut cs: ShapeCS = ShapeCS::new(); let _ = circuit1.synthesize(&mut cs); - let shape1 = cs.r1cs_shape(); - let gens1 = cs.r1cs_gens(); + let (shape1, gens1) = (cs.r1cs_shape(), cs.r1cs_gens()); println!( "Circuit1 -> Number of constraints: {}", cs.num_constraints() @@ -755,28 +756,29 @@ mod tests { // The second circuit that verifies G1 let poseidon_constants2: NovaPoseidonConstants<::Base> = NovaPoseidonConstants::new(); - let circuit2: VerificationCircuit::Base>> = - VerificationCircuit::new(params.clone(), None, None, poseidon_constants2); + let circuit2: NIFSVerifierCircuit::Base>> = + NIFSVerifierCircuit::new(params.clone(), None, None, poseidon_constants2); // First create the shape let mut cs: ShapeCS = ShapeCS::new(); let _ = circuit2.synthesize(&mut cs); - let shape2 = cs.r1cs_shape(); - let gens2 = cs.r1cs_gens(); + let (shape2, gens2) = (cs.r1cs_shape(), cs.r1cs_gens()); println!( "Circuit2 -> Number of constraints: {}", cs.num_constraints() ); - //TODO: We need to hardwire default hash or give it as input + // TODO: We need to hardwire default hash or give it as input let default_hash = <::Base as ff::PrimeField>::from_str_vartime( "332553638888022689042501686561503049809", ) .unwrap(); + let T = vec![::Scalar::zero()].commit(&gens2.gens_E); let w = vec![::Scalar::zero()].commit(&gens2.gens_E); + // Now get an assignment let mut cs: SatisfyingAssignment = SatisfyingAssignment::new(); - let inputs: VerificationCircuitInputs = VerificationCircuitInputs::new( + let inputs: NIFSVerifierCircuitInputs = NIFSVerifierCircuitInputs::new( default_hash, RelaxedR1CSInstance::default(&gens2, &shape2), <::Base as PrimeField>::zero(), // TODO: provide real inputs @@ -787,8 +789,9 @@ mod tests { T, // TODO: provide real inputs w, ); - let circuit: VerificationCircuit::Base>> = - VerificationCircuit::new( + + let circuit: NIFSVerifierCircuit::Base>> = + NIFSVerifierCircuit::new( params, Some(inputs), Some(TestCircuit { diff --git a/src/commitments.rs b/src/commitments.rs index 9ac322c..1e1c2e5 100644 --- a/src/commitments.rs +++ b/src/commitments.rs @@ -1,7 +1,11 @@ -use super::errors::NovaError; -use super::traits::{CompressedGroup, Group}; -use core::fmt::Debug; -use core::ops::{Add, AddAssign, Mul, MulAssign}; +use super::{ + errors::NovaError, + traits::{CompressedGroup, Group}, +}; +use core::{ + fmt::Debug, + ops::{Add, AddAssign, Mul, MulAssign}, +}; use digest::{ExtendableOutput, Input}; use merlin::Transcript; use sha3::Shake256; diff --git a/src/gadgets/ecc.rs b/src/gadgets/ecc.rs index e101e5e..4e8d7a4 100644 --- a/src/gadgets/ecc.rs +++ b/src/gadgets/ecc.rs @@ -619,12 +619,9 @@ mod tests { assert_eq!(e_pasta, e_pasta_2); } - use crate::bellperson::shape_cs::ShapeCS; - use crate::bellperson::solver::SatisfyingAssignment; + use crate::bellperson::{shape_cs::ShapeCS, solver::SatisfyingAssignment}; use ff::{Field, PrimeFieldBits}; - use pasta_curves::arithmetic::CurveAffine; - use pasta_curves::group::Curve; - use pasta_curves::EpAffine; + use pasta_curves::{arithmetic::CurveAffine, group::Curve, EpAffine}; use std::ops::Mul; type G = pasta_curves::pallas::Point; type Fp = pasta_curves::pallas::Scalar; diff --git a/src/pasta.rs b/src/pasta.rs index dd5b98e..aaa7089 100644 --- a/src/pasta.rs +++ b/src/pasta.rs @@ -1,13 +1,15 @@ //! This module implements the Nova traits for pallas::Point, pallas::Scalar, vesta::Point, vesta::Scalar. use crate::traits::{ChallengeTrait, CompressedGroup, Group, PrimeField}; use merlin::Transcript; -use pasta_curves::arithmetic::{CurveAffine, CurveExt, FieldExt, Group as Grp}; -use pasta_curves::group::{Curve, GroupEncoding}; -use pasta_curves::{self, pallas, vesta, Ep, Eq, Fp, Fq}; +use pasta_curves::{ + self, + arithmetic::{CurveAffine, CurveExt, FieldExt, Group as Grp}, + group::{Curve, GroupEncoding}, + pallas, vesta, Ep, Eq, Fp, Fq, +}; use rand::{CryptoRng, RngCore}; use rug::Integer; -use std::borrow::Borrow; -use std::ops::Mul; +use std::{borrow::Borrow, ops::Mul}; //////////////////////////////////////Pallas/////////////////////////////////////////////// diff --git a/src/poseidon.rs b/src/poseidon.rs index 48ff399..57e8b18 100644 --- a/src/poseidon.rs +++ b/src/poseidon.rs @@ -189,9 +189,9 @@ mod tests { use super::*; type S = pasta_curves::pallas::Scalar; type G = pasta_curves::pallas::Point; - use crate::bellperson::solver::SatisfyingAssignment; - use crate::gadgets::utils::le_bits_to_num; - use crate::traits::PrimeField; + use crate::{ + bellperson::solver::SatisfyingAssignment, gadgets::utils::le_bits_to_num, traits::PrimeField, + }; use rand::rngs::OsRng; #[test] diff --git a/src/r1cs.rs b/src/r1cs.rs index fed9356..a2f3081 100644 --- a/src/r1cs.rs +++ b/src/r1cs.rs @@ -1,8 +1,10 @@ //! This module defines R1CS related types and a folding scheme for Relaxed R1CS #![allow(clippy::type_complexity)] -use super::commitments::{CommitGens, CommitTrait, Commitment, CompressedCommitment}; -use super::errors::NovaError; -use super::traits::{Group, PrimeField}; +use super::{ + commitments::{CommitGens, CommitTrait, Commitment, CompressedCommitment}, + errors::NovaError, + traits::{Group, PrimeField}, +}; use itertools::concat; use rayon::prelude::*; diff --git a/src/traits.rs b/src/traits.rs index d98c9d8..b4f89fb 100644 --- a/src/traits.rs +++ b/src/traits.rs @@ -1,8 +1,10 @@ //! This module defines various traits required by the users of the library to implement. use bellperson::{gadgets::num::AllocatedNum, ConstraintSystem, SynthesisError}; -use core::borrow::Borrow; -use core::fmt::Debug; -use core::ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign}; +use core::{ + borrow::Borrow, + fmt::Debug, + ops::{Add, AddAssign, Mul, MulAssign, Neg, Sub, SubAssign}, +}; use merlin::Transcript; use rand::{CryptoRng, RngCore}; use rug::Integer; @@ -131,9 +133,10 @@ impl ScalarMul for T where T: Mul: for<'r> ScalarMul<&'r Rhs, Output> {} impl ScalarMulOwned for T where T: for<'r> ScalarMul<&'r Rhs, Output> {} -///A helper trait for the inner circuit F -pub trait InnerCircuit { - ///Sythesize the circuit for a computation step and return variable that corresponds to z_{i+1} +/// A helper trait for a step of the incremental computation (i.e., circuit for F) +pub trait StepCircuit { + /// Sythesize the circuit for a computation step and return variable + /// that corresponds to the output of the step z_{i+1} fn synthesize>( &self, cs: &mut CS,