|
@ -2,7 +2,7 @@ |
|
|
use crate::commitments::{CommitGens, CommitTrait, Commitment, CompressedCommitment};
|
|
|
use crate::commitments::{CommitGens, CommitTrait, Commitment, CompressedCommitment};
|
|
|
use crate::errors::NovaError;
|
|
|
use crate::errors::NovaError;
|
|
|
use crate::traits::{AppendToTranscriptTrait, ChallengeTrait, Group};
|
|
|
use crate::traits::{AppendToTranscriptTrait, ChallengeTrait, Group};
|
|
|
use core::iter;
|
|
|
|
|
|
|
|
|
use core::{cmp::max, iter};
|
|
|
use ff::Field;
|
|
|
use ff::Field;
|
|
|
use merlin::Transcript;
|
|
|
use merlin::Transcript;
|
|
|
use rayon::prelude::*;
|
|
|
use rayon::prelude::*;
|
|
@ -35,6 +35,16 @@ impl InnerProductInstance { |
|
|
c: *c,
|
|
|
c: *c,
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pub fn pad(&self, n: usize) -> InnerProductInstance<G> {
|
|
|
|
|
|
let mut b_vec = self.b_vec.clone();
|
|
|
|
|
|
b_vec.resize(n, G::Scalar::zero());
|
|
|
|
|
|
InnerProductInstance {
|
|
|
|
|
|
comm_a_vec: self.comm_a_vec,
|
|
|
|
|
|
b_vec,
|
|
|
|
|
|
c: self.c,
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
pub struct InnerProductWitness<G: Group> {
|
|
|
pub struct InnerProductWitness<G: Group> {
|
|
@ -47,6 +57,12 @@ impl InnerProductWitness { |
|
|
a_vec: a_vec.to_vec(),
|
|
|
a_vec: a_vec.to_vec(),
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pub fn pad(&self, n: usize) -> InnerProductWitness<G> {
|
|
|
|
|
|
let mut a_vec = self.a_vec.clone();
|
|
|
|
|
|
a_vec.resize(n, G::Scalar::zero());
|
|
|
|
|
|
InnerProductWitness { a_vec }
|
|
|
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
|
|
|
/// A non-interactive folding scheme (NIFS) for inner product relations
|
|
|
/// A non-interactive folding scheme (NIFS) for inner product relations
|
|
@ -68,6 +84,12 @@ impl NIFSForInnerProduct { |
|
|
) -> (Self, InnerProductInstance<G>, InnerProductWitness<G>) {
|
|
|
) -> (Self, InnerProductInstance<G>, InnerProductWitness<G>) {
|
|
|
transcript.append_message(b"protocol-name", Self::protocol_name());
|
|
|
transcript.append_message(b"protocol-name", Self::protocol_name());
|
|
|
|
|
|
|
|
|
|
|
|
// pad the instances and witness so they are of the same length
|
|
|
|
|
|
let U1 = U1.pad(max(U1.b_vec.len(), U2.b_vec.len()));
|
|
|
|
|
|
let U2 = U2.pad(max(U1.b_vec.len(), U2.b_vec.len()));
|
|
|
|
|
|
let W1 = W1.pad(max(U1.b_vec.len(), U2.b_vec.len()));
|
|
|
|
|
|
let W2 = W2.pad(max(U1.b_vec.len(), U2.b_vec.len()));
|
|
|
|
|
|
|
|
|
// add the two commitments and two public vectors to the transcript
|
|
|
// add the two commitments and two public vectors to the transcript
|
|
|
U1.comm_a_vec
|
|
|
U1.comm_a_vec
|
|
|
.append_to_transcript(b"U1_comm_a_vec", transcript);
|
|
|
.append_to_transcript(b"U1_comm_a_vec", transcript);
|
|
@ -120,6 +142,10 @@ impl NIFSForInnerProduct { |
|
|
) -> InnerProductInstance<G> {
|
|
|
) -> InnerProductInstance<G> {
|
|
|
transcript.append_message(b"protocol-name", Self::protocol_name());
|
|
|
transcript.append_message(b"protocol-name", Self::protocol_name());
|
|
|
|
|
|
|
|
|
|
|
|
// pad the instances so they are of the same length
|
|
|
|
|
|
let U1 = U1.pad(max(U1.b_vec.len(), U2.b_vec.len()));
|
|
|
|
|
|
let U2 = U2.pad(max(U1.b_vec.len(), U2.b_vec.len()));
|
|
|
|
|
|
|
|
|
// add the two commitments and two public vectors to the transcript
|
|
|
// add the two commitments and two public vectors to the transcript
|
|
|
U1.comm_a_vec
|
|
|
U1.comm_a_vec
|
|
|
.append_to_transcript(b"U1_comm_a_vec", transcript);
|
|
|
.append_to_transcript(b"U1_comm_a_vec", transcript);
|
|
|