* chore: update to ff/group 0.13 and associated dependencies
Updates:
- zkcrypto/ff, zkcrypto/group to 0.13,
- bellperson to 0.25,
- pasta_curves to 0.5.1, and removes the fil_pasta_curves fork
- pasta-msm should no longer need a fork (WIP)
Adapts source in function, mostly for const usage and API updates.
* expose the portable feature of pasta-MSM
* update pointer to pasta-msm
* Clippy
---------
Co-authored-by: François Garillot <francois@garillot.net>
* cleanup code
* compiles
* additional plumbing
* add padding
* Add missing file
* integrate
* add a separate test
* cleanup
* cleanup
* add checks for outer sum-check
* sum-checks pass
* sum-checks pass
* sum-checks pass
* Add polycommit checks to the end
* switch to pasta_msm
* clippy
* remove int_log
* switch to pasta_curves
* clippy
* clippy
* add a special case for bases.len() = 1
* use naive MSM to avoid SIGFE error for smaller MSMs
* add rayon parallelism to naive MSM
* update comment since we already implement it
* address clippy
* cleanup map and reduce code
* add parallelism to final SNARK creation and verification
* add par
* add par
* add par
* add par
* store padded shapes in the parameters
* Address clippy
* pass padded shape in params
* pass padded shape in params
* cargo fmt
* add par
* add par
* Add par
* cleanup with a reorg
* factor out spartan-based snark into a separate module
* create traits for RelaxedR1CSSNARK
* make CompressedSNARK parameterized by a SNARK satisfying our new trait
* fix benches
* cleanup code
* remove unused
* move code to Spartan-based SNARK
* make unused function private
* rename IPA types for clarity
* cleanup
* return error types; rename r_j to r_i
* fix duplicate code
* recursion attempt
* address clippy
* initialize the running instance and witness of the primary correctly
* add asserts for debugging
* fix a bug in AllocatedPoint
* add debug statements
* fix an issue with how we inputize hashes; remove debug statements
* rename
* cleanup
* speedup tests
* require step_circuit implementors to provide a way to execute step computation
* remove send + sync
* introduce a new associative type to capture any form of preprocessing on group elements
* update pasta_curves version
* simplify trait requirements
* fix clippy
* VerificationCircuit --> NIFSVerifierCircuit, for clarity
* InnerCircuit --> StepCircuit
* Rename
* cleanup imports
* additional cleanup in the test
* small cleanup
* ECC scalar multiplication (first draft)
* fix clippy nits
* start implementing the ro gadget: 1st design Poseidon + truncate
* truncate to 128 bits
* implement add + double in constraints
* finish implementing constraints for ecc
* cargo fmt
* input of smul should be an array of bits
* cleanup ro a bit. Make the challenge returned be a vec of allocated bits
* switch to neptune 6.0
* start implementing high level circuit
* incomplete version of the verifier circuit with many TODOS
* optimize ecc ops. add i ==0 case to the circuit
* fix 0/1 constants at the circuit
* wrap CompressedGroupElement of Pallas and Vesta
* cargo fmt
* generate poseidon constants once instead of every time we call get_challenge
* Implement RO-based poseidon to use outside of circuit. Reorganize the repo
* add inner circuit to verification circuit
* start adding folding of the io. there is an error in the first call to mult_mod
* add test to check that bellperson-nonnative is compatible with nova
* remove swap file
* add another test that fails
* add inputs to the circuits in tests
* rename q to m in circuit.rs. add more tests in test_bellperson_non_native. change a in test_mult_mod to expose error
* push test for equal_with_carried. fix the issue is src/r1cs.rs
* cargo fmt + update the verifier circuit: add folding of X and update all hashes with X
* make limb_width and n_limbs parameters
* make params part of h1
* allocate the field order as constant. add check that z0 == zi when i == 0
* fix error in test_poseidon_ro
* remove merge error
* small fixes
* small fixes to comments
* clippy lints
* small edits; rename tests
* move inputize before from_num
* _limbs --> _bn
* _limbs --> _bn
Co-authored-by: Ioanna <iontzialla@gmail.com>
* Separate types for Relaxed R1CS and R1CS instances and witnesses
* Allows creating default values for Relaxed R1CS types
* StepSNARK now folds a regular R1CS instance-witness into a running Relaxed R1CS instance-witness
* We additionally enforce input chaining checks: the incoming instance must have input that matches the output of the incremental computation thus far
Srinath Setty
Samuel Burnham
iontzialla
porcuquine
porcuquine
dignifiedquire