diff --git a/src/constraints.rs b/src/constraints.rs new file mode 100644 index 0000000..28a06e4 --- /dev/null +++ b/src/constraints.rs @@ -0,0 +1,126 @@ +use crate::{Parameters, Signature}; + +use ark_ec::{AffineCurve, ProjectiveCurve}; +use ark_ed_on_bn254::{constraints::EdwardsVar, EdwardsParameters, FqParameters}; +use ark_ff::{ + fields::{Field, Fp256}, + to_bytes, ToConstraintField, +}; +use ark_r1cs_std::{ + alloc::{AllocVar, AllocationMode}, + bits::uint8::UInt8, + boolean::Boolean, + fields::fp::FpVar, + groups::{curves::twisted_edwards::AffineVar, GroupOpsBounds}, + prelude::CurveVar, + ToBitsGadget, +}; +use ark_relations::r1cs::{ConstraintSynthesizer, ConstraintSystemRef, Namespace, SynthesisError}; +use ark_std::ops::Mul; + +use core::{borrow::Borrow, marker::PhantomData}; +use derivative::Derivative; + +// hash +use arkworks_r1cs_gadgets::poseidon; +use arkworks_r1cs_gadgets::poseidon::{FieldHasherGadget, PoseidonGadget}; + +// type ConstraintF = <::BaseField as Field>::BasePrimeField; +type ConstraintF = ::ScalarField; // Fr + +#[derive(Derivative)] +#[derivative( + Debug(bound = "C: ProjectiveCurve, GC: CurveVar>"), + Clone(bound = "C: ProjectiveCurve, GC: CurveVar>") +)] +pub struct PublicKeyVar>> +where + for<'a> &'a GC: GroupOpsBounds<'a, C, GC>, +{ + pub_key: GC, + #[doc(hidden)] + _group: PhantomData<*const C>, +} + +#[derive(Derivative)] +#[derivative( + Debug(bound = "C: ProjectiveCurve, GC: CurveVar>"), + Clone(bound = "C: ProjectiveCurve, GC: CurveVar>") +)] +pub struct SignatureVar>> +where + for<'a> &'a GC: GroupOpsBounds<'a, C, GC>, +{ + // s: FpVar, + // s: C::ScalarField, + s: Vec>>, + r: GC, + _curve: PhantomData, +} + +impl AllocVar, ConstraintF> for SignatureVar +where + C: ProjectiveCurve, + // TODO not sure on '+ AllocVarar' + GC: CurveVar> + AllocVar>, + for<'a> &'a GC: GroupOpsBounds<'a, C, GC>, +{ + fn new_variable>>( + cs: impl Into>>, + f: impl FnOnce() -> Result, + mode: AllocationMode, + ) -> Result { + f().and_then(|val| { + let cs = cs.into(); + // let s = val.borrow().s; + let mut s = Vec::>>::new(); + let s_bytes = to_bytes![val.borrow().s].unwrap(); + for i in 0..s_bytes.len() { + s.push(UInt8::>::new_variable( + cs.clone(), + || Ok(s_bytes[i].clone()), + mode, + )?); + } + + let r = GC::new_variable(cs.clone(), || Ok(val.borrow().r), mode)?; + + Ok(Self { + s: s, // TODO not sure of FpVar::Constant + r: r, + _curve: PhantomData, + }) + }) + } +} + +#[derive(Clone)] +pub struct ParametersVar>> +where + for<'a> &'a GC: GroupOpsBounds<'a, C, GC>, +{ + generator: GC, + _curve: PhantomData, +} + +impl AllocVar, ConstraintF> for ParametersVar +where + C: ProjectiveCurve, + GC: CurveVar>, + for<'a> &'a GC: GroupOpsBounds<'a, C, GC>, +{ + fn new_variable>>( + cs: impl Into>>, + f: impl FnOnce() -> Result, + mode: AllocationMode, + ) -> Result { + f().and_then(|val| { + let cs = cs.into(); + let generator = GC::new_variable(cs.clone(), || Ok(val.borrow().generator), mode)?; + Ok(Self { + generator, + _curve: PhantomData, + }) + }) + } +} diff --git a/src/lib.rs b/src/lib.rs index 30e2939..ce9c0f3 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -126,6 +126,7 @@ where let modulus_repr = BigInteger256::try_from(modulus.into()).unwrap(); if !(x_repr >= one && x_repr < modulus_repr) { + // TODO maybe add a counter of attempts with a limit return Self::new_blind_params(parameters, rng, signer_r); } u