b741ffc33d
replace `rand` with `ark_std::rand` and drop `rand_xorshift` ( #51 )
3 years ago
1f83ffdff4
Switch to panic='abort' for safety across FFI boundaries ( #47 )
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>
3 years ago
05fee34686
Add Mux gadget ( #48 )
3 years ago
a8f737bf26
Fix boolean or comment ( #44 )
3 years ago
d9e0200433
Improve handling of constant bits in scalar mul for SW curves ( #43 )
* We add a double_and_add method that computes 2 * self + other more
efficiently than just doubling + addition; this is not used anywhere
yet, but I am planning on fiddling with it to see if we can leverage
it somehow. (See zcash/zcash#3924 for details)
* We handle constant scalars better:
* We skip the most-significant constant zeroes to avoid unnecessary
doubling
* When intermediate bits of the scalar are constants, instead of
conditionally adding, we directly use the value of the bit to
decide whether to add or not.
Co-authored-by: Dev Ojha <ValarDragon@users.noreply.github.com>
Co-authored-by: weikeng <w.k@berkeley.edu>
3 years ago
5e4114b19c
Better scalar multiplication for Short Weierstrass curves ( #40 )
Co-authored-by: Dev Ojha <ValarDragon@users.noreply.github.com>
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>
3 years ago
f88d7c6ea3
Make `mul_by_inverse` use one constraint ( #42 )
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>
3 years ago
bdc9fbbf30
Add changelog and .github issue templates ( #39 )
* Add changelog and .github issue templates
3 years ago
2432ff4f88
Implement ToConstraintFieldGadget for Vec<UInt8> ( #36 )
* Implement ToConstraintFieldGadget for Vec<UInt8>
* Add documentation and implementation for slice
* Update documentation
3 years ago
20bd452cd9
Construct `FpVar` from bits ( #35 )
3 years ago
0162ef18bc
More efficient scalar multiplication for Short Weierstrass curves ( #33 )
* When a group element is a constant, precompute multiples of powers of two, and perform simple conditional additions (no doubling!).
* For short weierstrass curves, addition with a constant now uses mixed addition, which results in lower constraint weight.
* For short weierstrass curves, scalar multiplication now uses mixed addition, saving 1 constraint per bit of the scalar, along with lower constraint weight (at the cost of a small constant number of constraints to check for edge cases)
3 years ago
262fac3e83
Loosen restrictions
3 years ago
a44643ed76
Fix `mul_by_inverse` for constants
3 years ago
f52b866e59
Fix documentation links ( #28 )
3 years ago
1e935b0b94
Fix `to_non_unique_bytes` for `BLS12::G1Prepared`
3 years ago
9cb17dc130
Fix links in `Cargo.toml`s
3 years ago
0fd45d3d83
Reduce allocations in `UInt`s
4 years ago
905e7284b2
Reduce density of `ThreeBitCondNegLookup`
4 years ago
68f08b94d2
Add UInt128 for u128 ( #21 )
4 years ago
77dfd7dac6
'cargo +stable fmt'
4 years ago
45a4c3b326
'cargo fmt'
4 years ago
957ac48da4
Apply suggestions from code review
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>
4 years ago
0abb3a7dfe
CondSelectGadget for UInts
4 years ago
edc9a8ce02
Allow CS being none for into_edwards ( #16 )
* allow cs being none for into_edwards
4 years ago
18824c0c83
Allow CS being none for into_edwards ( #15 )
4 years ago
f4691621ee
Add ToConstraintFieldGadget for ProjectiveVar ( #13 )
4 years ago
8dca325042
Make ToBitsGadget for FpVar's output constant-length ( #12 )
This is related to a Zexe issue https://github.com/scipr-lab/zexe/issues/289
Basically, ToBitsGadget for FpVar may produce shorter output for a constant value, which is undesired for a few reasons.
4 years ago
6077f51c97
*Actually* fix `to_affine` for SW points.
The prior PR (#9 ) multiplied by `self.z` instead of `self.z.inverse()`.
4 years ago
ceec513f62
Fix SW `to_affine` ( #9 )
Adds constraints to check that the conversion to affine coordinates happened correctly.
4 years ago
e5ec2e66d3
fix: fix wrong constant case detection in three_bit_cond_neg_lookup
4 years ago
e5ac1f44cb
Remove `rustc-version`
4 years ago
2e2df52f79
replace frob(6) by unitary_inverse in bls12
4 years ago
636f93a3e5
Update to `arkworks` libraries ( #3 )
Co-authored-by: Nicholas Ward <npward@berkeley.edu>
4 years ago
cf4301cb75
Update workspace and dependency paths
4 years ago
d087166c51
add to_bits_be
4 years ago
2a8ee871d8
Exclude benches from tests
4 years ago
99e489cac7
`R1CSVar`: `Option::None` -> `ConstraintSystemRef::None` ( #281 )
4 years ago
13332bcc1d
Add doctests for `Boolean` and `UInt8`.
4 years ago
3a18ecee0d
Add examples and doctests for instantiated curves
4 years ago
370fbcdd3b
Document `r1cs-std`
4 years ago
c21d0b2796
Add `ToConstraintFieldGadget` ( #278 )
4 years ago
40ce981801
Fix integer conversions and log2
4 years ago
5e00793999
Switch to `tracing`-based constraint debugging
4 years ago
e22ab36f7e
Fix nits
4 years ago
d2d1b61d08
Refactor NIZK/MT verification to return a bit
4 years ago
6cca9327be
Refactor bit iteration infrastructure:
* `to_bits` -> `to_bits_le`
* `BitIterator` -> `BitIteratorLE` + `BitIteratorBE`
* `found_one`/`seen_one` -> `BitIteratorBE::without_leading_zeros`
4 years ago
bce788419f
Export `impl_bounded_ops`
This would be necessary if, in another crate, one wants to implement operators.
4 years ago
3bb3697c13
Update `crypto-primitives` and their contraints.
4 years ago
f575af4da1
Update `Cargo.toml` in `r1cs-std` and delete useless `ConstraintSystem`s
4 years ago
50388bdc22
Update concrete curves in `r1cs-std`.
4 years ago
Weikeng Chen
Dev Ojha
Tom Shen
Kobi Gurkan
Pratyush Mishra
William Lin
jon-chuang
Nirvan Tyagi
Nirvan Tyagi
yelhousni
oblivious-app