allow the provider to provide byte representation of a scalar (#140)

src/provider/pasta.rs

@@ -1,13 +1,15 @@
 //! This module implements the Nova traits for pallas::Point, pallas::Scalar, vesta::Point, vesta::Scalar.
 use crate::{
+  errors::NovaError,
   provider::{
     keccak::Keccak256Transcript,
     pedersen::CommitmentEngine,
     poseidon::{PoseidonRO, PoseidonROCircuit},
   },
-  traits::{CompressedGroup, Group, PrimeFieldExt},
+  traits::{ChallengeTrait, CompressedGroup, Group, PrimeFieldExt, TranscriptEngineTrait},
 };
 use digest::{ExtendableOutput, Input};
+use ff::PrimeField;
 use num_bigint::BigInt;
 use num_traits::Num;
 use pasta_curves::{
@@ -175,6 +177,10 @@ macro_rules! impl_traits {
         let bytes_arr: [u8; 64] = bytes.try_into().unwrap();
         $name::Scalar::from_bytes_wide(&bytes_arr)
       }
+
+      fn to_bytes(s: &Self) -> Vec<u8> {
+        s.to_repr().as_ref().to_vec()
+      }
     }
 
     impl CompressedGroup for $name_compressed {
@@ -191,6 +197,12 @@ macro_rules! impl_traits {
   };
 }
 
+impl<G: Group<Scalar = F>, F: PrimeField> ChallengeTrait<G> for F {
+  fn challenge(label: &'static [u8], transcript: &mut G::TE) -> Result<F, NovaError> {
+    transcript.squeeze_scalar(label)
+  }
+}
+
 impl_traits!(
   pallas,
   PallasCompressedElementWrapper,
@@ -210,7 +222,6 @@ impl_traits!(
 /// Native implementation of fast multiexp for platforms that do not support pasta_msm/semolina
 /// Adapted from zcash/halo2
 fn cpu_multiexp_serial<C: CurveAffine>(coeffs: &[C::Scalar], bases: &[C], acc: &mut C::Curve) {
-  use ff::PrimeField;
   let coeffs: Vec<_> = coeffs.iter().map(|a| a.to_repr()).collect();
 
   let c = if bases.len() < 4 {

src/traits/mod.rs

@@ -224,35 +224,28 @@ pub trait ChallengeTrait<G: Group> {
 
 /// Defines additional methods on PrimeField objects
 pub trait PrimeFieldExt: PrimeField {
-  /// Returns a Scalar representing the bytes
+  /// Returns a scalar representing the bytes
   fn from_uniform(bytes: &[u8]) -> Self;
 
-  /// Returns a byte representation
+  /// Returns a vector of bytes representing the scalar
-  fn to_bytes(v: &[Self]) -> Vec<u8> {
+  fn to_bytes(s: &Self) -> Vec<u8>;
-    (0..v.len())
-      .map(|i| v[i].to_repr().as_ref().to_vec())
-      .collect::<Vec<Vec<u8>>>()
-      .into_iter()
-      .flatten()
-      .collect::<Vec<u8>>()
-  }
 }
 
-impl<G: Group<Scalar = F>, F: PrimeField> ChallengeTrait<G> for F {
+impl<G: Group<Scalar = F>, F: PrimeField + PrimeFieldExt> AppendToTranscriptTrait<G> for F {
-  fn challenge(label: &'static [u8], transcript: &mut G::TE) -> Result<F, NovaError> {
-    transcript.squeeze_scalar(label)
-  }
-}
-
-impl<G: Group<Scalar = F>, F: PrimeField> AppendToTranscriptTrait<G> for F {
   fn append_to_transcript(&self, label: &'static [u8], transcript: &mut G::TE) {
-    transcript.absorb_bytes(label, self.to_repr().as_ref());
+    transcript.absorb_bytes(label, &<Self as PrimeFieldExt>::to_bytes(self));
   }
 }
 
 impl<G: Group<Scalar = F>, F: PrimeField + PrimeFieldExt> AppendToTranscriptTrait<G> for [F] {
   fn append_to_transcript(&self, label: &'static [u8], transcript: &mut G::TE) {
-    transcript.absorb_bytes(label, &<F as PrimeFieldExt>::to_bytes(self));
+    let bytes = (0..self.len())
+      .map(|i| <F as PrimeFieldExt>::to_bytes(&self[i]))
+      .collect::<Vec<_>>()
+      .into_iter()
+      .flatten()
+      .collect::<Vec<u8>>();
+    transcript.absorb_bytes(label, &bytes);
   }
 }