Updated to arkworks 0.4 (#3)

Author: tgodden

Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "ark-spartan"
 # sync up with Arkwork's version
-version = "0.3.0"
+version = "0.4.0"
 authors = [
     # author of original Spartan paper and code base 
     # for which this library is modified from
@@ -32,12 +32,12 @@ thiserror = "1.0"
 
 rand_chacha = { version = "0.3.0", default-features = false }
 
-ark-ec = { version = "^0.3.0", default-features = false }
-ark-ff = { version = "^0.3.0", default-features = false }
-ark-std = { version = "^0.3.0", default-features = false }
-ark-serialize =  { version = "^0.3.0", default-features = false, features = [ "derive" ] }
+ark-ec = { version = "^0.4.0", default-features = false }
+ark-ff = { version = "^0.4.0", default-features = false }
+ark-std = { version = "^0.4.0", default-features = false }
+ark-serialize =  { version = "^0.4.0", default-features = false, features = [ "derive" ] }
 
-ark-bls12-381 = { version = "0.3.0", default-features = false, features = [ "curve" ] }
+ark-bls12-381 = { version = "^0.4.0", default-features = false, features = [ "curve" ] }
 
 [dev-dependencies]
 criterion = "0.3.1"

benches/nizk.rs

@@ -9,13 +9,13 @@ extern crate rand;
 extern crate sha3;
 
 use ark_bls12_381::G1Projective;
-use ark_ec::ProjectiveCurve;
+use ark_ec::CurveGroup;
 use libspartan::{Instance, NIZKGens, NIZK};
 use merlin::Transcript;
 
 use criterion::*;
 
-fn nizk_prove_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
+fn nizk_prove_benchmark<G: CurveGroup>(c: &mut Criterion) {
   for &s in [10, 12, 16].iter() {
     let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
     let mut group = c.benchmark_group("NIZK_prove_benchmark");
@@ -47,7 +47,7 @@ fn nizk_prove_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
   }
 }
 
-fn nizk_verify_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
+fn nizk_verify_benchmark<G: CurveGroup>(c: &mut Criterion) {
   for &s in [10, 12, 16].iter() {
     let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
     let mut group = c.benchmark_group("NIZK_verify_benchmark");

benches/snark.rs

@@ -3,13 +3,13 @@ extern crate libspartan;
 extern crate merlin;
 
 use ark_bls12_381::G1Projective;
-use ark_ec::ProjectiveCurve;
+use ark_ec::CurveGroup;
 use libspartan::{Instance, SNARKGens, SNARK};
 use merlin::Transcript;
 
 use criterion::*;
 
-fn snark_encode_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
+fn snark_encode_benchmark<G: CurveGroup>(c: &mut Criterion) {
   for s in 10..21 {
     let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
     let mut group = c.benchmark_group("SNARK_encode_benchmark");
@@ -35,7 +35,7 @@ fn snark_encode_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
   }
 }
 
-fn snark_prove_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
+fn snark_prove_benchmark<G: CurveGroup>(c: &mut Criterion) {
   for s in 9..21 {
     let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
     let mut group = c.benchmark_group("SNARK_prove_benchmark");
@@ -74,7 +74,7 @@ fn snark_prove_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
   }
 }
 
-fn snark_verify_benchmark<G: ProjectiveCurve>(c: &mut Criterion) {
+fn snark_verify_benchmark<G: CurveGroup>(c: &mut Criterion) {
   for s in 10..21 {
     let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
     let mut group = c.benchmark_group("SNARK_verify_benchmark");

profiler/nizk.rs

@@ -37,7 +37,7 @@ pub fn main() {
     let proof = NIZK::prove(&inst, vars, &inputs, &gens, &mut prover_transcript);
 
     let mut proof_encoded = vec![];
-    proof.serialize(&mut proof_encoded).unwrap();
+    proof.serialize_compressed(&mut proof_encoded).unwrap();
 
     let msg_proof_len = format!("NIZK::proof_compressed_len {:?}", proof_encoded.len());
     print(&msg_proof_len);

profiler/snark.rs

@@ -47,7 +47,7 @@ pub fn main() {
     );
 
     let mut proof_encoded = vec![];
-    proof.serialize(&mut proof_encoded).unwrap();
+    proof.serialize_compressed(&mut proof_encoded).unwrap();
 
     let msg_proof_len = format!("SNARK::proof_compressed_len {:?}", proof_encoded.len());
     print(&msg_proof_len);

src/commitments.rs

@@ -1,6 +1,5 @@
-use ark_ec::msm::VariableBaseMSM;
-use ark_ec::ProjectiveCurve;
-use ark_ff::PrimeField;
+use ark_ec::CurveGroup;
+use ark_ec::VariableBaseMSM;
 use ark_std::rand::SeedableRng;
 use digest::{ExtendableOutput, Input};
 use rand_chacha::ChaCha20Rng;
@@ -14,12 +13,12 @@ pub struct MultiCommitGens<G> {
   pub h: G,
 }
 
-impl<G: ProjectiveCurve> MultiCommitGens<G> {
+impl<G: CurveGroup> MultiCommitGens<G> {
   pub fn new(n: usize, label: &[u8]) -> Self {
     let mut shake = Shake256::default();
     shake.input(label);
     let mut buf = vec![];
-    G::prime_subgroup_generator().serialize(&mut buf).unwrap();
+    G::generator().serialize_compressed(&mut buf).unwrap();
     shake.input(buf);
 
     let mut reader = shake.xof_result();
@@ -65,26 +64,26 @@ impl<G: ProjectiveCurve> MultiCommitGens<G> {
   }
 }
 
-pub trait Commitments<G: ProjectiveCurve>: Sized {
+pub trait Commitments<G: CurveGroup>: Sized {
   fn commit(&self, blind: &G::ScalarField, gens_n: &MultiCommitGens<G>) -> G;
   fn batch_commit(inputs: &[Self], blind: &G::ScalarField, gens_n: &MultiCommitGens<G>) -> G;
 }
 
-impl<G: ProjectiveCurve> Commitments<G> for G::ScalarField {
+impl<G: CurveGroup> Commitments<G> for G::ScalarField {
   fn commit(&self, blind: &G::ScalarField, gens_n: &MultiCommitGens<G>) -> G {
     assert_eq!(gens_n.n, 1);
 
-    gens_n.G[0].mul(self.into_repr()) + gens_n.h.mul(blind.into_repr())
+    gens_n.G[0] * self + gens_n.h * blind
   }
 
   fn batch_commit(inputs: &[Self], blind: &G::ScalarField, gens_n: &MultiCommitGens<G>) -> G {
     assert_eq!(gens_n.n, inputs.len());
 
-    let mut bases = ProjectiveCurve::batch_normalization_into_affine(gens_n.G.as_ref());
-    let mut scalars = inputs.iter().map(|x| x.into_repr()).collect::<Vec<_>>();
+    let mut bases = CurveGroup::normalize_batch(gens_n.G.as_ref());
+    let mut scalars = inputs.to_vec();
     bases.push(gens_n.h.into_affine());
-    scalars.push(blind.into_repr());
+    scalars.push(*blind);
 
-    VariableBaseMSM::multi_scalar_mul(bases.as_ref(), scalars.as_ref())
+    VariableBaseMSM::msm(bases.as_ref(), scalars.as_ref()).unwrap()
   }
 }

src/dense_mlpoly.rs

@@ -5,8 +5,8 @@ use super::math::Math;
 use super::nizk::{DotProductProofGens, DotProductProofLog};
 use super::random::RandomTape;
 use super::transcript::{AppendToTranscript, ProofTranscript};
-use ark_ec::msm::VariableBaseMSM;
-use ark_ec::ProjectiveCurve;
+use ark_ec::CurveGroup;
+use ark_ec::VariableBaseMSM;
 use ark_ff::PrimeField;
 use ark_serialize::*;
 use ark_std::Zero;
@@ -27,7 +27,7 @@ pub struct PolyCommitmentGens<G> {
   pub gens: DotProductProofGens<G>,
 }
 
-impl<G: ProjectiveCurve> PolyCommitmentGens<G> {
+impl<G: CurveGroup> PolyCommitmentGens<G> {
   // the number of variables in the multilinear polynomial
   pub fn new(num_vars: usize, label: &'static [u8]) -> Self {
     let (_left, right) = EqPolynomial::<G::ScalarField>::compute_factored_lens(num_vars);
@@ -41,12 +41,12 @@ pub struct PolyCommitmentBlinds<F> {
 }
 
 #[derive(Debug, CanonicalSerialize, CanonicalDeserialize)]
-pub struct PolyCommitment<G: ProjectiveCurve> {
+pub struct PolyCommitment<G: CurveGroup> {
   C: Vec<G>,
 }
 
 #[derive(Debug, CanonicalSerialize, CanonicalDeserialize)]
-pub struct ConstPolyCommitment<G: ProjectiveCurve> {
+pub struct ConstPolyCommitment<G: CurveGroup> {
   C: G,
 }
 
@@ -163,7 +163,7 @@ impl<F: PrimeField> DensePolynomial<F> {
   }
 
   #[cfg(not(feature = "multicore"))]
-  fn commit_inner<G: ProjectiveCurve<ScalarField = F>>(
+  fn commit_inner<G: CurveGroup<ScalarField = F>>(
     &self,
     blinds: &[F],
     gens: &MultiCommitGens<G>,
@@ -189,7 +189,7 @@ impl<F: PrimeField> DensePolynomial<F> {
     random_tape: Option<&mut RandomTape<G>>,
   ) -> (PolyCommitment<G>, PolyCommitmentBlinds<F>)
   where
-    G: ProjectiveCurve<ScalarField = F>,
+    G: CurveGroup<ScalarField = F>,
   {
     let n = self.Z.len();
     let ell = self.get_num_vars();
@@ -244,7 +244,7 @@ impl<F: PrimeField> DensePolynomial<F> {
   // returns Z(r) in O(n) time
   pub fn evaluate<G>(&self, r: &[F]) -> F
   where
-    G: ProjectiveCurve<ScalarField = F>,
+    G: CurveGroup<ScalarField = F>,
   {
     // r must have a value for each variable
     assert_eq!(r.len(), self.get_num_vars());
@@ -298,7 +298,7 @@ impl<F> Index<usize> for DensePolynomial<F> {
   }
 }
 
-impl<G: ProjectiveCurve> AppendToTranscript<G> for PolyCommitment<G> {
+impl<G: CurveGroup> AppendToTranscript<G> for PolyCommitment<G> {
   fn append_to_transcript(&self, label: &'static [u8], transcript: &mut Transcript) {
     transcript.append_message(label, b"poly_commitment_begin");
     for i in 0..self.C.len() {
@@ -309,11 +309,11 @@ impl<G: ProjectiveCurve> AppendToTranscript<G> for PolyCommitment<G> {
 }
 
 #[derive(Debug, CanonicalSerialize, CanonicalDeserialize)]
-pub struct PolyEvalProof<G: ProjectiveCurve> {
+pub struct PolyEvalProof<G: CurveGroup> {
   proof: DotProductProofLog<G>,
 }
 
-impl<G: ProjectiveCurve> PolyEvalProof<G> {
+impl<G: CurveGroup> PolyEvalProof<G> {
   fn protocol_name() -> &'static [u8] {
     b"polynomial evaluation proof"
   }
@@ -395,10 +395,9 @@ impl<G: ProjectiveCurve> PolyEvalProof<G> {
     let (L, R) = eq.compute_factored_evals();
 
     // compute a weighted sum of commitments and L
-    let C_affine = G::batch_normalization_into_affine(&comm.C);
+    let C_affine = G::normalize_batch(&comm.C);
 
-    let L_repr = L.iter().map(|x| x.into_repr()).collect::<Vec<_>>();
-    let C_LZ = VariableBaseMSM::multi_scalar_mul(C_affine.as_ref(), L_repr.as_ref());
+    let C_LZ = VariableBaseMSM::msm(C_affine.as_ref(), L.as_ref()).unwrap();
 
     self
       .proof
@@ -429,10 +428,7 @@ mod tests {
   use ark_std::One;
   use ark_std::UniformRand;
 
-  fn evaluate_with_LR<G: ProjectiveCurve>(
-    Z: &[G::ScalarField],
-    r: &[G::ScalarField],
-  ) -> G::ScalarField {
+  fn evaluate_with_LR<G: CurveGroup>(Z: &[G::ScalarField], r: &[G::ScalarField]) -> G::ScalarField {
     let eq = EqPolynomial::<G::ScalarField>::new(r.to_vec());
     let (L, R) = eq.compute_factored_evals();
 
@@ -458,7 +454,7 @@ mod tests {
     check_polynomial_evaluation_helper::<G1Projective>()
   }
 
-  fn check_polynomial_evaluation_helper<G: ProjectiveCurve>() {
+  fn check_polynomial_evaluation_helper<G: CurveGroup>() {
     // Z = [1, 2, 1, 4]
     let Z = vec![
       G::ScalarField::one(),
@@ -551,7 +547,7 @@ mod tests {
     check_memoized_chis_helper::<G1Projective>()
   }
 
-  fn check_memoized_chis_helper<G: ProjectiveCurve>() {
+  fn check_memoized_chis_helper<G: CurveGroup>() {
     let mut prng = test_rng();
 
     let s = 10;
@@ -608,7 +604,7 @@ mod tests {
     check_polynomial_commit_helper::<G1Projective>()
   }
 
-  fn check_polynomial_commit_helper<G: ProjectiveCurve>() {
+  fn check_polynomial_commit_helper<G: CurveGroup>() {
     let Z = vec![
       G::ScalarField::one(),
       G::ScalarField::from(2u64),