Skip to content

Hash the note type into the note commitment #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
naure merged 8 commits into from
Sep 25, 2022
Merged

Hash the note type into the note commitment #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
5366a3d
zsa-mux: draft note_type into hash
Aug 26, 2022
e690ed1
zsa-hash-note-type: calculate the value of h_2 for native/ZSA
Aug 26, 2022
a33788f
zsa-hash-note-type: recompose note_type from hash parts
Aug 26, 2022
f546d62
zsa-hash-note-type: decomposition check but not canonicity check
Sep 13, 2022
a39e8bb
zsa-hash-note-type: remove canonicity check of note_type
Sep 25, 2022
f41ebb6
Merge branch 'zsa-mux' into zsa-hash-note-type
Sep 25, 2022
56c8aaa
zsa-hash-note-type: remove unused canonicity check variables
Sep 25, 2022
17725f8
zsa-hash-note-type: fix lint
Sep 25, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 10 additions & 8 deletions src/circuit.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,8 @@ pub mod gadget;
mod note_commit;

/// Size of the Orchard circuit.
const K: u32 = 11;
const K: u32 = 12;
// TODO: attempt to optimize back to K=11.

// Absolute offsets for public inputs.
const ANCHOR: usize = 0;
Expand Down Expand Up @@ -407,6 +408,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
let is_zsa_value = note_type_value.map(|nt| !bool::from(nt.is_native()));

// Witness boolean is_zsa.
// TODO: or use RangeConstrained::witness_short?
let mux_chip = config.mux_chip();
let is_zsa =
mux_chip.witness_switch(layouter.namespace(|| "witness is_zsa"), is_zsa_value)?;
Expand Down Expand Up @@ -685,7 +687,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
g_d_new.inner(),
pk_d_new.inner(),
v_new.clone(),
is_zsa.clone(),
is_zsa,
note_type.inner(),
rho_new,
psi_new,
Expand Down Expand Up @@ -1055,8 +1057,8 @@ mod tests {
K as usize,
&circuits[0],
);
assert_eq!(usize::from(circuit_cost.proof_size(1)), 5024);
assert_eq!(usize::from(circuit_cost.proof_size(2)), 7296);
assert_eq!(usize::from(circuit_cost.proof_size(1)), 5088);
assert_eq!(usize::from(circuit_cost.proof_size(2)), 7360);
usize::from(circuit_cost.proof_size(instances.len()))
};

Expand Down Expand Up @@ -1100,8 +1102,8 @@ mod tests {
w.write_all(&<[u8; 32]>::from(instance.rk.clone()))?;
w.write_all(&instance.cmx.to_bytes())?;
w.write_all(&[
if instance.enable_spend { 1 } else { 0 },
if instance.enable_output { 1 } else { 0 },
instance.enable_spend as u8,
instance.enable_output as u8,
])?;

w.write_all(proof.as_ref())?;
Expand Down Expand Up @@ -1153,7 +1155,7 @@ mod tests {
let proof = Proof::create(&pk, &[circuit], instances, &mut rng).unwrap();
assert!(proof.verify(&vk, instances).is_ok());

let file = std::fs::File::create("circuit_proof_test_case.bin")?;
let file = std::fs::File::create("src/circuit_proof_test_case.bin")?;
write_test_case(file, &instance, &proof)
};
create_proof().expect("should be able to write new proof");
Expand All @@ -1164,7 +1166,7 @@ mod tests {
let test_case_bytes = include_bytes!("circuit_proof_test_case.bin");
read_test_case(&test_case_bytes[..]).expect("proof must be valid")
};
assert_eq!(proof.0.len(), 5024);
assert_eq!(proof.0.len(), 5088);

assert!(proof.verify(&vk, &[instance]).is_ok());
}
Expand Down
44 changes: 43 additions & 1 deletion src/circuit/gadget/mux_chip.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,7 @@ impl MuxChip {
}
}

// TODO: simplify or generalize this API.
pub trait MuxInstructions<C: CurveAffine> {
fn witness_switch(
&self,
Expand All @@ -94,6 +95,14 @@ pub trait MuxInstructions<C: CurveAffine> {
right: &AssignedCell<C::Base, C::Base>,
) -> Result<AssignedCell<C::Base, C::Base>, plonk::Error>;

fn mux_const(
&self,
layouter: impl Layouter<C::Base>,
switch: &AssignedCell<C::Base, C::Base>,
left: &C::Base,
right: &AssignedCell<C::Base, C::Base>,
) -> Result<AssignedCell<C::Base, C::Base>, plonk::Error>;

fn mux_point(
&self,
layouter: impl Layouter<pallas::Base>,
Expand Down Expand Up @@ -134,7 +143,7 @@ impl MuxInstructions<pallas::Affine> for MuxChip {
|| "load switch",
self.config.switch,
0,
|| value.map(|b| pallas::Base::from(b)),
|| value.map(pallas::Base::from),
)?;

// Copy the switch into the left input.
Expand Down Expand Up @@ -185,6 +194,39 @@ impl MuxInstructions<pallas::Affine> for MuxChip {
)
}

fn mux_const(
&self,
mut layouter: impl Layouter<pallas::Base>,
switch: &AssignedCell<pallas::Base, pallas::Base>,
left: &pallas::Base,
right: &AssignedCell<pallas::Base, pallas::Base>,
) -> Result<AssignedCell<pallas::Base, pallas::Base>, plonk::Error> {
layouter.assign_region(
|| "mux",
|mut region| {
// Enable the multiplexer gate.
self.config.q_mux.enable(&mut region, 0)?;

// Copy the inputs into the multiplexer row.
switch.copy_advice(|| "copy switch", &mut region, self.config.switch, 0)?;

region.assign_advice_from_constant(
|| "constant left",
self.config.left,
0,
*left,
)?;

right.copy_advice(|| "copy right", &mut region, self.config.right, 0)?;

// Assign the output value into the multiplexer row.
let out_val = compute_mux(switch.value(), Value::known(left), right.value());

region.assign_advice(|| "out", self.config.out, 0, || out_val)
},
)
}

fn mux_point(
&self,
mut layouter: impl Layouter<pallas::Base>,
Expand Down
Loading