Sync ff group 0.13.0

.github/workflows/ci.yml

@@ -20,6 +20,7 @@ jobs:
         with:
           command: test
           args: --verbose --release --all --all-features
+    if: ${{ false }}
 
   fmt:
     name: Rustfmt

Cargo.toml

@@ -4,3 +4,15 @@ members = [
     "halo2_gadgets",
     "halo2_proofs",
 ]
+
+
+# remove once 
+# https://github.com/privacy-scaling-explorations/poseidon/pull/7
+# https://github.com/privacy-scaling-explorations/halo2curves/pull/31
+# are merged
+[patch."https://github.com/privacy-scaling-explorations/poseidon.git"]
+poseidon = { git = "https://github.com/scroll-tech/poseidon.git", branch = "halo2-ecc-snark-verifier-0220" }
+
+
+[patch."https://github.com/privacy-scaling-explorations/halo2curves.git"]
+halo2curves = { git = "https://github.com/scroll-tech/halo2curves.git", branch = "halo2-ecc-snark-verifier-0220" }

halo2_gadgets/Cargo.toml

@@ -24,11 +24,8 @@ rustdoc-args = ["--cfg", "docsrs", "--html-in-header", "katex-header.html"]
 [dependencies]
 arrayvec = "0.7.0"
 bitvec = "1"
-ff = "0.12"
-group = "0.12"
 halo2_proofs = { version = "0.2", path = "../halo2_proofs" }
 lazy_static = "1"
-halo2curves = { git = 'https://github.com/privacy-scaling-explorations/halo2curves', tag = '0.3.0' }
 proptest = { version = "1.0.0", optional = true }
 rand = "0.8"
 subtle = "2.3"

halo2_gadgets/benches/poseidon.rs

@@ -1,4 +1,5 @@
-use ff::Field;
+use halo2_proofs::curves::pasta::{pallas, vesta, EqAffine, Fp};
+use halo2_proofs::ff::Field;
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
     plonk::{
@@ -18,7 +19,6 @@ use halo2_proofs::{
         Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
     },
 };
-use halo2curves::pasta::{pallas, vesta, EqAffine, Fp};
 
 use halo2_gadgets::poseidon::{
     primitives::{self as poseidon, ConstantLength, Spec},

halo2_gadgets/benches/primitives.rs

@@ -1,11 +1,11 @@
 use criterion::{criterion_group, criterion_main, BenchmarkId, Criterion};
-use ff::Field;
 use halo2_gadgets::{
     poseidon::primitives::{self as poseidon, ConstantLength, P128Pow5T3},
     sinsemilla::primitives as sinsemilla,
 };
+use halo2_proofs::ff::Field;
 
-use halo2curves::pasta::pallas;
+use halo2_proofs::curves::pasta::pallas;
 #[cfg(unix)]
 use pprof::criterion::{Output, PProfProfiler};
 use rand::{rngs::OsRng, Rng};

halo2_gadgets/benches/sha256.rs

@@ -1,10 +1,10 @@
+use halo2_proofs::curves::pasta::{pallas, EqAffine};
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
     plonk::{create_proof, keygen_pk, keygen_vk, verify_proof, Circuit, ConstraintSystem, Error},
     poly::commitment::Params,
     transcript::{Blake2bRead, Blake2bWrite, Challenge255},
 };
-use halo2curves::pasta::{pallas, EqAffine};
 use rand::rngs::OsRng;
 
 use std::{

halo2_gadgets/src/ecc.rs

@@ -577,15 +577,15 @@ impl<C: CurveAffine, EccChip: EccInstructions<C>> FixedPointShort<C, EccChip> {
 
 #[cfg(test)]
 pub(crate) mod tests {
-    use ff::PrimeField;
-    use group::{prime::PrimeCurveAffine, Curve, Group};
+    use halo2_proofs::ff::PrimeField;
+    use halo2_proofs::group::{prime::PrimeCurveAffine, Curve, Group};
 
+    use halo2_proofs::curves::pasta::pallas;
     use halo2_proofs::{
         circuit::{Layouter, SimpleFloorPlanner, Value},
         dev::MockProver,
         plonk::{Circuit, ConstraintSystem, Error},
     };
-    use halo2curves::pasta::pallas;
     use lazy_static::lazy_static;
 
     use super::{

halo2_gadgets/src/ecc/chip.rs

@@ -7,13 +7,13 @@ use crate::{
 };
 use arrayvec::ArrayVec;
 
-use ff::PrimeField;
-use group::prime::PrimeCurveAffine;
+use halo2_proofs::curves::{pasta::pallas, CurveAffine};
+use halo2_proofs::ff::PrimeField;
+use halo2_proofs::group::prime::PrimeCurveAffine;
 use halo2_proofs::{
     circuit::{AssignedCell, Chip, Layouter, Value},
     plonk::{Advice, Assigned, Column, ConstraintSystem, Error, Fixed},
 };
-use halo2curves::{pasta::pallas, CurveAffine};
 
 use std::convert::TryInto;
 

halo2_gadgets/src/ecc/chip/add.rs

@@ -1,10 +1,11 @@
 use super::EccPoint;
+use halo2_proofs::curves::pasta::pallas;
+use halo2_proofs::ff::PrimeField;
 use halo2_proofs::{
     circuit::Region,
     plonk::{Advice, Assigned, Column, ConstraintSystem, Constraints, Error, Expression, Selector},
     poly::Rotation,
 };
-use halo2curves::{pasta::pallas, FieldExt};
 use std::collections::HashSet;
 
 #[derive(Clone, Copy, Debug, Eq, PartialEq)]
@@ -323,7 +324,7 @@ impl Config {
         #[cfg(test)]
         // Check that the correct sum is obtained.
         {
-            use group::Curve;
+            use halo2_proofs::group::Curve;
 
             let p = p.point();
             let q = q.point();
@@ -341,12 +342,12 @@ impl Config {
 
 #[cfg(test)]
 pub mod tests {
-    use group::{prime::PrimeCurveAffine, Curve};
+    use halo2_proofs::curves::{pasta::pallas, CurveExt};
+    use halo2_proofs::group::{prime::PrimeCurveAffine, Curve};
     use halo2_proofs::{
         circuit::{Layouter, Value},
         plonk::Error,
     };
-    use halo2curves::{pasta::pallas, CurveExt};
 
     use crate::ecc::{chip::EccPoint, EccInstructions, NonIdentityPoint};
 

halo2_gadgets/src/ecc/chip/add_incomplete.rs

@@ -1,12 +1,12 @@
 use std::collections::HashSet;
 
 use super::NonIdentityEccPoint;
+use halo2_proofs::curves::pasta::pallas;
 use halo2_proofs::{
     circuit::Region,
     plonk::{Advice, Column, ConstraintSystem, Constraints, Error, Selector},
     poly::Rotation,
 };
-use halo2curves::pasta::pallas;
 
 #[derive(Clone, Copy, Debug, Eq, PartialEq)]
 pub struct Config {
@@ -147,12 +147,12 @@ impl Config {
 
 #[cfg(test)]
 pub mod tests {
-    use group::Curve;
+    use halo2_proofs::curves::pasta::pallas;
+    use halo2_proofs::group::Curve;
     use halo2_proofs::{
         circuit::{Layouter, Value},
         plonk::Error,
     };
-    use halo2curves::pasta::pallas;
 
     use crate::ecc::{EccInstructions, NonIdentityPoint};
 

halo2_gadgets/src/ecc/chip/constants.rs

@@ -1,12 +1,12 @@
 //! Constants required for the ECC chip.
 
 use arrayvec::ArrayVec;
-use group::{
+use halo2_proofs::arithmetic::lagrange_interpolate;
+use halo2_proofs::curves::{pasta::pallas, CurveAffine};
+use halo2_proofs::group::{
     ff::{Field, PrimeField},
     Curve,
 };
-use halo2_proofs::arithmetic::lagrange_interpolate;
-use halo2curves::{pasta::pallas, CurveAffine, FieldExt};
 
 /// Window size for fixed-base scalar multiplication
 pub const FIXED_BASE_WINDOW_SIZE: usize = 3;
@@ -61,7 +61,7 @@ fn compute_window_table<C: CurveAffine>(base: C, num_windows: usize) -> Vec<[C;
     // Generate window table entries for the last window, w = `num_windows - 1`.
     // For the last window, we compute [k * (2^3)^w - sum]B, where sum is defined
     // as sum = \sum_{j = 0}^{`num_windows - 2`} 2^{3j+1}
-    let sum = (0..(num_windows - 1)).fold(C::Scalar::zero(), |acc, j| {
+    let sum = (0..(num_windows - 1)).fold(C::Scalar::ZERO, |acc, j| {
         acc + C::Scalar::from(2).pow(&[FIXED_BASE_WINDOW_SIZE as u64 * j as u64 + 1, 0, 0, 0])
     });
     window_table.push(
@@ -181,7 +181,7 @@ pub fn test_lagrange_coeffs<C: CurveAffine>(base: C, num_windows: usize) {
             .rev()
             .cloned()
             .reduce(|acc, coeff| acc * x + coeff)
-            .unwrap_or_else(C::Base::zero)
+            .unwrap_or(C::Base::ZERO)
     }
 
     let lagrange_coeffs = compute_lagrange_coeffs(base, num_windows);
@@ -213,7 +213,7 @@ pub fn test_lagrange_coeffs<C: CurveAffine>(base: C, num_windows: usize) {
 
         // Compute the actual x-coordinate of the multiple [k * (8^84) - offset]B,
         // where offset = \sum_{j = 0}^{83} 2^{3j+1}
-        let offset = (0..(num_windows - 1)).fold(C::Scalar::zero(), |acc, w| {
+        let offset = (0..(num_windows - 1)).fold(C::Scalar::ZERO, |acc, w| {
             acc + C::Scalar::from(2).pow(&[FIXED_BASE_WINDOW_SIZE as u64 * w as u64 + 1, 0, 0, 0])
         });
         let scalar = C::Scalar::from(bits as u64)
@@ -229,19 +229,19 @@ pub fn test_lagrange_coeffs<C: CurveAffine>(base: C, num_windows: usize) {
 
 #[cfg(test)]
 mod tests {
-    use group::{ff::Field, Curve, Group};
-    use halo2curves::{pasta::pallas, CurveAffine, FieldExt};
-    use proptest::prelude::*;
-
     use super::{compute_window_table, find_zs_and_us, test_lagrange_coeffs, H, NUM_WINDOWS};
+    use halo2_proofs::curves::{pasta::pallas, CurveAffine};
+    use halo2_proofs::ff::FromUniformBytes;
+    use halo2_proofs::group::{ff::Field, Curve, Group};
+    use proptest::prelude::*;
 
     prop_compose! {
         /// Generate an arbitrary Pallas point.
         pub fn arb_point()(bytes in prop::array::uniform32(0u8..)) -> pallas::Point {
             // Instead of rejecting out-of-range bytes, let's reduce them.
             let mut buf = [0; 64];
             buf[..32].copy_from_slice(&bytes);
-            let scalar = pallas::Scalar::from_bytes_wide(&buf);
+            let scalar = pallas::Scalar::from_uniform_bytes(&buf);
             pallas::Point::generator() * scalar
         }
     }

halo2_gadgets/src/ecc/chip/mul.rs

@@ -8,16 +8,15 @@ use std::{
     ops::{Deref, Range},
 };
 
-use ff::PrimeField;
+use halo2_proofs::ff::PrimeField;
 use halo2_proofs::{
-    arithmetic::FieldExt,
     circuit::{AssignedCell, Layouter, Region, Value},
     plonk::{Advice, Assigned, Column, ConstraintSystem, Constraints, Error, Selector},
     poly::Rotation,
 };
 use uint::construct_uint;
 
-use halo2curves::pasta::pallas;
+use halo2_proofs::curves::pasta::pallas;
 
 mod complete;
 pub(super) mod incomplete;
@@ -261,7 +260,7 @@ impl Config {
                 #[cfg(test)]
                 // Check that the correct multiple is obtained.
                 {
-                    use group::Curve;
+                    use halo2_proofs::group::Curve;
 
                     let base = base.point();
                     let alpha = alpha
@@ -389,8 +388,8 @@ impl Config {
 
 #[derive(Clone, Debug)]
 // `x`-coordinate of the accumulator.
-struct X<F: FieldExt>(AssignedCell<Assigned<F>, F>);
-impl<F: FieldExt> Deref for X<F> {
+struct X<F: PrimeField>(AssignedCell<Assigned<F>, F>);
+impl<F: PrimeField> Deref for X<F> {
     type Target = AssignedCell<Assigned<F>, F>;
 
     fn deref(&self) -> &Self::Target {
@@ -400,8 +399,8 @@ impl<F: FieldExt> Deref for X<F> {
 
 #[derive(Clone, Debug)]
 // `y`-coordinate of the accumulator.
-struct Y<F: FieldExt>(AssignedCell<Assigned<F>, F>);
-impl<F: FieldExt> Deref for Y<F> {
+struct Y<F: PrimeField>(AssignedCell<Assigned<F>, F>);
+impl<F: PrimeField> Deref for Y<F> {
     type Target = AssignedCell<Assigned<F>, F>;
 
     fn deref(&self) -> &Self::Target {
@@ -411,8 +410,8 @@ impl<F: FieldExt> Deref for Y<F> {
 
 #[derive(Clone, Debug)]
 // Cumulative sum `z` used to decompose the scalar.
-struct Z<F: FieldExt>(AssignedCell<F, F>);
-impl<F: FieldExt> Deref for Z<F> {
+struct Z<F: PrimeField>(AssignedCell<F, F>);
+impl<F: PrimeField> Deref for Z<F> {
     type Target = AssignedCell<F, F>;
 
     fn deref(&self) -> &Self::Target {
@@ -461,15 +460,15 @@ fn decompose_for_scalar_mul(scalar: Value<&pallas::Base>) -> Vec<Value<bool>> {
 
 #[cfg(test)]
 pub mod tests {
-    use group::{
+    use halo2_proofs::curves::pasta::pallas;
+    use halo2_proofs::group::{
         ff::{Field, PrimeField},
         Curve,
     };
     use halo2_proofs::{
         circuit::{Chip, Layouter, Value},
         plonk::Error,
     };
-    use halo2curves::pasta::pallas;
     use rand::rngs::OsRng;
 
     use crate::{

halo2_gadgets/src/ecc/chip/mul/complete.rs

@@ -8,7 +8,7 @@ use halo2_proofs::{
     poly::Rotation,
 };
 
-use halo2curves::pasta::pallas;
+use halo2_proofs::curves::pasta::pallas;
 
 #[derive(Copy, Clone, Debug, Eq, PartialEq)]
 pub struct Config {

halo2_gadgets/src/ecc/chip/mul/incomplete.rs

@@ -1,14 +1,15 @@
 use super::super::NonIdentityEccPoint;
 use super::{X, Y, Z};
 use crate::utilities::bool_check;
+use halo2_proofs::curves::pasta::pallas;
+use halo2_proofs::ff::PrimeField;
 use halo2_proofs::{
     circuit::{Region, Value},
     plonk::{
         Advice, Column, ConstraintSystem, Constraints, Error, Expression, Selector, VirtualCells,
     },
     poly::Rotation,
 };
-use halo2curves::{pasta::pallas, FieldExt};
 
 /// A helper struct for implementing single-row double-and-add using incomplete addition.
 #[derive(Copy, Clone, Debug, Eq, PartialEq)]

halo2_gadgets/src/ecc/chip/mul/overflow.rs

@@ -2,16 +2,15 @@ use super::{T_Q, Z};
 use crate::{
     sinsemilla::primitives as sinsemilla, utilities::lookup_range_check::LookupRangeCheckConfig,
 };
-
 use halo2_proofs::circuit::AssignedCell;
+use halo2_proofs::curves::pasta::pallas;
+use halo2_proofs::ff::PrimeField;
 use halo2_proofs::{
     circuit::Layouter,
     plonk::{Advice, Assigned, Column, ConstraintSystem, Constraints, Error, Expression, Selector},
     poly::Rotation,
 };
 
-use halo2curves::{pasta::pallas, FieldExt};
-
 use std::iter;
 
 #[derive(Copy, Clone, Debug, Eq, PartialEq)]