allow the provider to provide byte representation of a scalar (#140)

2026-01-10 16:11:29 +01:00 · 2023-02-10 12:36:51 -08:00
parent 8faffd38ea
commit c4b07f0925
2 changed files with 25 additions and 21 deletions
--- a/src/provider/pasta.rs
+++ b/src/provider/pasta.rs
@@ -1,13 +1,15 @@
 //! This module implements the Nova traits for pallas::Point, pallas::Scalar, vesta::Point, vesta::Scalar.
 use crate::{
+  errors::NovaError,
  provider::{
    keccak::Keccak256Transcript,
    pedersen::CommitmentEngine,
    poseidon::{PoseidonRO, PoseidonROCircuit},
  },
-  traits::{CompressedGroup, Group, PrimeFieldExt},
+  traits::{ChallengeTrait, CompressedGroup, Group, PrimeFieldExt, TranscriptEngineTrait},
 };
 use digest::{ExtendableOutput, Input};
+use ff::PrimeField;
 use num_bigint::BigInt;
 use num_traits::Num;
 use pasta_curves::{
@@ -175,6 +177,10 @@ macro_rules! impl_traits {
        let bytes_arr: [u8; 64] = bytes.try_into().unwrap();
        $name::Scalar::from_bytes_wide(&bytes_arr)
      }
+
+      fn to_bytes(s: &Self) -> Vec<u8> {
+        s.to_repr().as_ref().to_vec()
+      }
    }

    impl CompressedGroup for $name_compressed {
@@ -191,6 +197,12 @@ macro_rules! impl_traits {
  };
 }

+impl<G: Group<Scalar = F>, F: PrimeField> ChallengeTrait<G> for F {
+  fn challenge(label: &'static [u8], transcript: &mut G::TE) -> Result<F, NovaError> {
+    transcript.squeeze_scalar(label)
+  }
+}
+
 impl_traits!(
  pallas,
  PallasCompressedElementWrapper,
@@ -210,7 +222,6 @@ impl_traits!(
 /// Native implementation of fast multiexp for platforms that do not support pasta_msm/semolina
 /// Adapted from zcash/halo2
 fn cpu_multiexp_serial<C: CurveAffine>(coeffs: &[C::Scalar], bases: &[C], acc: &mut C::Curve) {
-  use ff::PrimeField;
  let coeffs: Vec<_> = coeffs.iter().map(|a| a.to_repr()).collect();

  let c = if bases.len() < 4 {
--- a/src/traits/mod.rs
+++ b/src/traits/mod.rs
@@ -224,35 +224,28 @@ pub trait ChallengeTrait<G: Group> {

 /// Defines additional methods on PrimeField objects
 pub trait PrimeFieldExt: PrimeField {
-  /// Returns a Scalar representing the bytes
+  /// Returns a scalar representing the bytes
  fn from_uniform(bytes: &[u8]) -> Self;

-  /// Returns a byte representation
-  fn to_bytes(v: &[Self]) -> Vec<u8> {
-    (0..v.len())
-      .map(|i| v[i].to_repr().as_ref().to_vec())
-      .collect::<Vec<Vec<u8>>>()
-      .into_iter()
-      .flatten()
-      .collect::<Vec<u8>>()
-  }
+  /// Returns a vector of bytes representing the scalar
+  fn to_bytes(s: &Self) -> Vec<u8>;
 }

-impl<G: Group<Scalar = F>, F: PrimeField> ChallengeTrait<G> for F {
-  fn challenge(label: &'static [u8], transcript: &mut G::TE) -> Result<F, NovaError> {
-    transcript.squeeze_scalar(label)
-  }
-}
-
-impl<G: Group<Scalar = F>, F: PrimeField> AppendToTranscriptTrait<G> for F {
+impl<G: Group<Scalar = F>, F: PrimeField + PrimeFieldExt> AppendToTranscriptTrait<G> for F {
  fn append_to_transcript(&self, label: &'static [u8], transcript: &mut G::TE) {
-    transcript.absorb_bytes(label, self.to_repr().as_ref());
+    transcript.absorb_bytes(label, &<Self as PrimeFieldExt>::to_bytes(self));
  }
 }

 impl<G: Group<Scalar = F>, F: PrimeField + PrimeFieldExt> AppendToTranscriptTrait<G> for [F] {
  fn append_to_transcript(&self, label: &'static [u8], transcript: &mut G::TE) {
-    transcript.absorb_bytes(label, &<F as PrimeFieldExt>::to_bytes(self));
+    let bytes = (0..self.len())
+      .map(|i| <F as PrimeFieldExt>::to_bytes(&self[i]))
+      .collect::<Vec<_>>()
+      .into_iter()
+      .flatten()
+      .collect::<Vec<u8>>();
+    transcript.absorb_bytes(label, &bytes);
  }
 }