Add ZSA features by ConstanceBeguier · Pull Request #845 · zcash/halo2

ConstanceBeguier · 2025-06-23T08:44:08Z

This PR contains the following modifications that are required for ZSA:

Add a new LookupRangeCheck config named LookupRangeCheck4_5BConfig optimized for 4, 5 and 10-bit range checks
Add variable-base sign-scalar multiplication function called mul_sign
Add mux functionalities into CondSwapChip
Update SinsemillaChip to support evaluating a hash from a private point
Extend SinsemillaChip with functions that allow separate evaluation of the hash and blinding factor of a commitment
Standardize test circuit names with My...Circuit convention

This commit contains the following modifications: - Add tests for Lookup, ECC, Merkle, and Sinsemilla to verify that the verification key and the proof have not been modified by comparing them to those saved in a file. - Introduce a `LookupRangeCheck` trait that provides common methods for a lookup range check. - Use this new trait as a generic parameter in configs, chips and tests that are using lookup. - Create a new Lookup chip which is optimized for 4, 5 and 10-bit range check and add tests for this new chip. - Add `init_from_private_point` parameter in `SinsemillaConfig`. If this parameter is set to false, the `SinsemillaChip` is the same as the current `SinsemillaChip` used in vanilla circuit. Otherwise, the `SinsemillaChip` is modified to support hash from private point. --------- Co-authored-by: YaoGalteland <yao@qed-it.com> Co-authored-by: Dmitry Demin <dmitry@qed-it.com> Co-authored-by: Constance Beguier <constance@qed-it.com>

Fix clippy warnings

- Move lookup table `load` function into `LookupRangeCheck` trait (and remove `table_range_check_tag` function which is no longer used) - Move some imports to reduce the diff with the main branch - Standardize test circuit names with `My...Circuit` convention - Reduce visibility of some functions - Update changelog file

…okup table (#43) This PR adds a comment to clarify why a duplicated-rows range check lookup table was chosen.

halo2_gadgets/src/ecc.rs

halo2_gadgets/src/ecc/chip.rs

halo2_gadgets/src/ecc.rs

halo2_gadgets/src/ecc/chip.rs

halo2_gadgets/src/ecc/chip/mul_fixed/short.rs

halo2_gadgets/src/sinsemilla/chip.rs

halo2_gadgets/src/sinsemilla/chip/hash_to_point.rs

daira · 2025-07-29T00:36:36Z

halo2_gadgets/src/sinsemilla/chip/hash_to_point.rs

+    /// If init_from_private_point is set,
+    /// | offset | x_A | x_P | q_sinsemilla4 |
+    /// --------------------------------------
+    /// |   0    |     | y_Q |               |
+    /// |   1    | x_Q |     |         1     |


This should be documented in book/src/design/gadgets/sinsemilla.md. I have a commit for that and will push it later.

halo2_gadgets/src/sinsemilla/chip/hash_to_point.rs

daira · 2025-07-29T00:46:09Z

halo2_gadgets/src/test_circuits/circuit_data/proof_ecc_chip.bin

I have not checked any of these binary files, but they are only used for tests and I assume they correspond to the original proofs.

daira · 2025-07-29T00:48:45Z

halo2_gadgets/src/test_circuits/circuit_data/vk_ecc_chip.rdata

I have not checked any of these pinned verification keys.

halo2_gadgets/src/utilities/cond_swap.rs

halo2_gadgets/src/utilities/lookup_range_check.rs

daira

utACK with suggestions.

Co-authored-by: Daira-Emma Hopwood <daira@jacaranda.org>

daira

utACK.

codecov-commenter · 2025-07-29T20:31:48Z

Codecov Report

❌ Patch coverage is 65.04298% with 122 lines in your changes missing coverage. Please review.
✅ Project coverage is 73.67%. Comparing base (bb56139) to head (27b2b33).
⚠️ Report is 1510 commits behind head on main.

Files with missing lines	Patch %	Lines
halo2_gadgets/src/utilities/lookup_range_check.rs	77.65%	40 Missing ⚠️
halo2_gadgets/src/sinsemilla/chip/hash_to_point.rs	25.00%	27 Missing ⚠️
halo2_gadgets/src/ecc/chip/witness_point.rs	0.00%	12 Missing ⚠️
halo2_gadgets/src/sinsemilla.rs	0.00%	10 Missing ⚠️
halo2_gadgets/src/ecc/chip/mul_fixed/short.rs	73.33%	8 Missing ⚠️
halo2_gadgets/src/ecc/chip.rs	40.00%	6 Missing ⚠️
halo2_gadgets/src/sinsemilla/merkle/chip.rs	0.00%	6 Missing ⚠️
halo2_gadgets/src/sinsemilla/chip.rs	44.44%	5 Missing ⚠️
halo2_gadgets/src/utilities/cond_swap.rs	90.24%	4 Missing ⚠️
halo2_gadgets/src/ecc.rs	62.50%	3 Missing ⚠️
... and 1 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #845      +/-   ##
==========================================
+ Coverage   67.96%   73.67%   +5.70%     
==========================================
  Files          47      105      +58     
  Lines        5891    11951    +6060     
==========================================
+ Hits         4004     8805    +4801     
- Misses       1887     3146    +1259

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

daira

utACK, good to merge.

YaoJGalteland and others added 12 commits August 8, 2024 14:54

Fix clippy warnings

eafce5f

Fix EccPointQ warnings

ac686ba

Merge pull request #35 from QED-it/fix_clippy_warnings

90bc565

Fix clippy warnings

Merge branch 'main' into merge_main_20250318

9ef9736

Fix bitrot CI

49c13e4

Add comments to fix clippy beta

4b6ab55

Merge branch main into zsa1

93f1038

Merge branch 'main' into merge_main_20250616

85875d2

Merge branch main into zsa1

c78bc7c

Add a comment to the rationale for the duplicated-rows range check lo…

bcf4877

…okup table (#43) This PR adds a comment to clarify why a duplicated-rows range check lookup table was chosen.