Support commit and prove

Cargo.toml

@@ -87,3 +87,4 @@ ark-mnt4-753 = { git = "https://github.com/arkworks-rs/curves/" }
 ark-mnt6-298 = { git = "https://github.com/arkworks-rs/curves/" }
 ark-mnt6-753 = { git = "https://github.com/arkworks-rs/curves/" }
 ark-pallas = { git = "https://github.com/arkworks-rs/curves/" }
+ark-relations = { git = "https://github.com/winderica/snark/", branch = "cp" }

src/alloc.rs

@@ -19,19 +19,22 @@ pub enum AllocationMode {
     /// Indicate to the `ConstraintSystem` that the high-level variable should
     /// be allocated as a private witness to the `ConstraintSystem`.
     Witness = 2,
+
+    Committed = 3,
 }
 
 impl AllocationMode {
     /// Outputs the maximum according to the relation `Constant < Input <
     /// Witness`.
     pub fn max(&self, other: Self) -> Self {
-        use AllocationMode::*;
-        match (self, other) {
-            (Constant, _) => other,
-            (Input, Constant) => *self,
-            (Input, _) => other,
-            (Witness, _) => *self,
-        }
+        // use AllocationMode::*;
+        // match (self, other) {
+        //     (Constant, _) => other,
+        //     (Input, Constant) => *self,
+        //     (Input, _) => other,
+        //     (Witness, _) => *self,
+        // }
+        unimplemented!()
     }
 }
 
@@ -77,6 +80,16 @@ pub trait AllocVar: Sized {
         Self::new_variable(cs, f, AllocationMode::Witness)
     }
 
+    /// Allocates a new commitment of type `Self` in the `ConstraintSystem`
+    /// `cs`.
+    #[tracing::instrument(target = "r1cs", skip(cs, f))]
+    fn new_committed<T: Borrow<V>>(
+        cs: impl Into<Namespace<F>>,
+        f: impl FnOnce() -> Result<T, SynthesisError>,
+    ) -> Result<Self, SynthesisError> {
+        Self::new_variable(cs, f, AllocationMode::Committed)
+    }
+
     /// Allocates a new constant or private witness of type `Self` in the
     /// `ConstraintSystem` `cs` with the allocation mode inferred from `cs`.
     /// A constant is allocated if `cs` is `None`, and a private witness is

src/fields/fp/mod.rs

@@ -703,10 +703,11 @@ impl AllocVar for AllocatedFp {
                 value = Some(*f()?.borrow());
                 value.ok_or(SynthesisError::AssignmentMissing)
             };
-            let variable = if mode == AllocationMode::Input {
-                cs.new_input_variable(value_generator)?
-            } else {
-                cs.new_witness_variable(value_generator)?
+            let variable = match mode {
+                AllocationMode::Input => cs.new_input_variable(value_generator)?,
+                AllocationMode::Witness => cs.new_witness_variable(value_generator)?,
+                AllocationMode::Committed => cs.new_committed_variable(value_generator)?,
+                _ => unreachable!(),
             };
             Ok(Self::new(value, variable, cs))
         }

src/groups/curves/short_weierstrass/mod.rs

@@ -514,12 +514,13 @@ where
         // zero if `self` was zero. However, we also want to make sure that generated
         // constraints are satisfiable in both cases.
         //
-        // In particular, using non-sensible values for `x` and `y` in zero-case may cause
-        // `unchecked` operations to generate constraints that can never be satisfied, depending
-        // on the curve equation coefficients.
+        // In particular, using non-sensible values for `x` and `y` in zero-case may
+        // cause `unchecked` operations to generate constraints that can never
+        // be satisfied, depending on the curve equation coefficients.
         //
-        // The safest approach is to use coordinates of some point from the curve, thus not
-        // violating assumptions of `NonZeroAffine`. For instance, generator point.
+        // The safest approach is to use coordinates of some point from the curve, thus
+        // not violating assumptions of `NonZeroAffine`. For instance, generator
+        // point.
         let x = infinity.select(&F::constant(P::GENERATOR.x), &x)?;
         let y = infinity.select(&F::constant(P::GENERATOR.y), &y)?;
         let non_zero_self = NonZeroAffineVar::new(x, y);
@@ -904,6 +905,7 @@ where
                     Ok(ge)
                 }
             },
+            _ => unimplemented!(),
         }
     }
 }

src/groups/curves/twisted_edwards/mod.rs

@@ -650,6 +650,7 @@ where
                     Ok(ge)
                 }
             },
+            _ => unimplemented!(),
         }
     }
 }

src/lib.rs

@@ -2,8 +2,8 @@
 //! This crate implements common "gadgets" that make
 //! programming rank-1 constraint systems easier.
 #![deny(
-    warnings,
-    unused,
+    // warnings,
+    // unused,
     future_incompatible,
     nonstandard_style,
     rust_2018_idioms