Unify the computation of digests and challenges in different folding schemes (#94)

* Remove the trait bound `C::BaseField: PrimeField` for better DX * Methods in `TranscriptVar` now exactly matches the ones in `Transcript` * Add `ProtoGalaxyTranscriptVar` and `CommittedInstanceVar` for protogalaxy * betas are unnecessary in "plain" (incoming) instances * Absorb the result of `get_challenge_nbits` as well * `ProtoGalaxyTranscript` now allows absorbing mulitple instances * Always return `Result<(), SynthesisError>` in `ProtoGalaxyTranscriptVar` * Impl `Transcript{Var}` for `PoseidonSponge{Var}` directly and remove `PoseidonTranscript{Var}` * `Transcript::absorb_point` doesn't need to return `Error` * Add `AbsorbNonNative` trait for hashing non-native values Note that now `absorb_point` only supports hashing points whose BaseField is equal to the sponge's field * More efficient `TranscriptVar::absorb_point` by securely removing `is_inf` * Use `sponge` and `transcript` consistently * Clarify the usage of `AbsorbNonNative{Gadget}` * Generic `sponge` and `transcript` params * Avoid unstable `associated_type_bounds` * Reuse `sponge` in hypernova * Clean up redundant imports * Remove unstable code * Clarify the usage of `absorb_point` and `absorb_nonnative`
2026-01-08 15:01:30 +01:00 · 2024-07-08 09:25:08 +01:00
parent c17fcf56c6
commit 16d51d757b
36 changed files with 1030 additions and 1033 deletions
--- a/solidity-verifiers/src/verifiers/kzg.rs
+++ b/solidity-verifiers/src/verifiers/kzg.rs
@@ -78,7 +78,8 @@ mod tests {
        utils::HeaderInclusion,
        ProtocolVerifierKey,
    };
-    use ark_bn254::{Bn254, Fr, G1Projective as G1};
+    use ark_bn254::{Bn254, Fr};
+    use ark_crypto_primitives::sponge::{poseidon::PoseidonSponge, CryptographicSponge};
    use ark_ec::{AffineRepr, CurveGroup};
    use ark_ff::{BigInteger, PrimeField};
    use ark_std::rand::{RngCore, SeedableRng};
@@ -89,10 +90,7 @@ mod tests {

    use folding_schemes::{
        commitment::{kzg::KZG, CommitmentScheme},
-        transcript::{
-            poseidon::{poseidon_canonical_config, PoseidonTranscript},
-            Transcript,
-        },
+        transcript::{poseidon::poseidon_canonical_config, Transcript},
    };

    use super::KZG10Verifier;
@@ -133,8 +131,8 @@ mod tests {
    fn kzg_verifier_accepts_and_rejects_proofs() {
        let mut rng = ark_std::rand::rngs::StdRng::seed_from_u64(test_rng().next_u64());
        let poseidon_config = poseidon_canonical_config::<Fr>();
-        let transcript_p = &mut PoseidonTranscript::<G1>::new(&poseidon_config);
-        let transcript_v = &mut PoseidonTranscript::<G1>::new(&poseidon_config);
+        let transcript_p = &mut PoseidonSponge::<Fr>::new(&poseidon_config);
+        let transcript_v = &mut PoseidonSponge::<Fr>::new(&poseidon_config);

        let (_, kzg_pk, kzg_vk, _, _, _) = setup(DEFAULT_SETUP_LEN);
        let kzg_vk = KZG10VerifierKey::from((kzg_vk.clone(), kzg_pk.powers_of_g[0..3].to_vec()));
@@ -159,7 +157,7 @@ mod tests {
        let (x_proof, y_proof) = proof_affine.xy().unwrap();
        let y = proof.eval.into_bigint().to_bytes_be();

-        transcript_v.absorb_point(&cm).unwrap();
+        transcript_v.absorb_nonnative(&cm);
        let x = transcript_v.get_challenge();

        let x = x.into_bigint().to_bytes_be();