Migrate to ff and group crates

Cargo.toml

@@ -1,6 +1,8 @@
 [workspace]
 members = [
     "bellman",
+    "ff",
+    "group",
     "librustzcash",
     "pairing",
     "sapling-crypto",

bellman/Cargo.toml

@@ -11,12 +11,20 @@ version = "0.1.0"
 [dependencies]
 rand = "0.4"
 bit-vec = "0.4.4"
+ff = { path = "../ff" }
 futures = "0.1"
 futures-cpupool = "0.1"
+group = { path = "../group" }
 num_cpus = "1"
 crossbeam = "0.3"
-pairing = { path = "../pairing" }
+pairing = { path = "../pairing", optional = true }
 byteorder = "1"
 
 [features]
-default = []
+groth16 = ["pairing"]
+default = ["groth16"]
+
+[[test]]
+name = "mimc"
+path = "tests/mimc.rs"
+required-features = ["groth16"]

bellman/src/domain.rs

@@ -10,20 +10,16 @@
 //! This allows us to perform polynomial operations in O(n)
 //! by performing an O(n log n) FFT over such a domain.
 
-use pairing::{
-    Engine,
-    Field,
-    PrimeField,
-    CurveProjective
-};
+use ff::{Field, PrimeField, ScalarEngine};
+use group::CurveProjective;
 
 use super::{
     SynthesisError
 };
 
 use super::multicore::Worker;
 
-pub struct EvaluationDomain<E: Engine, G: Group<E>> {
+pub struct EvaluationDomain<E: ScalarEngine, G: Group<E>> {
     coeffs: Vec<G>,
     exp: u32,
     omega: E::Fr,
@@ -32,7 +28,7 @@ pub struct EvaluationDomain<E: Engine, G: Group<E>> {
     minv: E::Fr
 }
 
-impl<E: Engine, G: Group<E>> EvaluationDomain<E, G> {
+impl<E: ScalarEngine, G: Group<E>> EvaluationDomain<E, G> {
     pub fn as_ref(&self) -> &[G] {
         &self.coeffs
     }
@@ -189,7 +185,7 @@ impl<E: Engine, G: Group<E>> EvaluationDomain<E, G> {
     }
 }
 
-pub trait Group<E: Engine>: Sized + Copy + Clone + Send + Sync {
+pub trait Group<E: ScalarEngine>: Sized + Copy + Clone + Send + Sync {
     fn group_zero() -> Self;
     fn group_mul_assign(&mut self, by: &E::Fr);
     fn group_add_assign(&mut self, other: &Self);
@@ -227,23 +223,23 @@ impl<G: CurveProjective> Group<G::Engine> for Point<G> {
     }
 }
 
-pub struct Scalar<E: Engine>(pub E::Fr);
+pub struct Scalar<E: ScalarEngine>(pub E::Fr);
 
-impl<E: Engine> PartialEq for Scalar<E> {
+impl<E: ScalarEngine> PartialEq for Scalar<E> {
     fn eq(&self, other: &Scalar<E>) -> bool {
         self.0 == other.0
     }
 }
 
-impl<E: Engine> Copy for Scalar<E> { }
+impl<E: ScalarEngine> Copy for Scalar<E> { }
 
-impl<E: Engine> Clone for Scalar<E> {
+impl<E: ScalarEngine> Clone for Scalar<E> {
     fn clone(&self) -> Scalar<E> {
         *self
     }
 }
 
-impl<E: Engine> Group<E> for Scalar<E> {
+impl<E: ScalarEngine> Group<E> for Scalar<E> {
     fn group_zero() -> Self {
         Scalar(E::Fr::zero())
     }
@@ -258,7 +254,7 @@ impl<E: Engine> Group<E> for Scalar<E> {
     }
 }
 
-fn best_fft<E: Engine, T: Group<E>>(a: &mut [T], worker: &Worker, omega: &E::Fr, log_n: u32)
+fn best_fft<E: ScalarEngine, T: Group<E>>(a: &mut [T], worker: &Worker, omega: &E::Fr, log_n: u32)
 {
     let log_cpus = worker.log_num_cpus();
 
@@ -269,7 +265,7 @@ fn best_fft<E: Engine, T: Group<E>>(a: &mut [T], worker: &Worker, omega: &E::Fr,
     }
 }
 
-fn serial_fft<E: Engine, T: Group<E>>(a: &mut [T], omega: &E::Fr, log_n: u32)
+fn serial_fft<E: ScalarEngine, T: Group<E>>(a: &mut [T], omega: &E::Fr, log_n: u32)
 {
     fn bitreverse(mut n: u32, l: u32) -> u32 {
         let mut r = 0;
@@ -314,7 +310,7 @@ fn serial_fft<E: Engine, T: Group<E>>(a: &mut [T], omega: &E::Fr, log_n: u32)
     }
 }
 
-fn parallel_fft<E: Engine, T: Group<E>>(
+fn parallel_fft<E: ScalarEngine, T: Group<E>>(
     a: &mut [T],
     worker: &Worker,
     omega: &E::Fr,
@@ -375,12 +371,13 @@ fn parallel_fft<E: Engine, T: Group<E>>(
 
 // Test multiplying various (low degree) polynomials together and
 // comparing with naive evaluations.
+#[cfg(feature = "pairing")]
 #[test]
 fn polynomial_arith() {
     use pairing::bls12_381::Bls12;
     use rand::{self, Rand};
 
-    fn test_mul<E: Engine, R: rand::Rng>(rng: &mut R)
+    fn test_mul<E: ScalarEngine, R: rand::Rng>(rng: &mut R)
     {
         let worker = Worker::new();
 
@@ -422,12 +419,13 @@ fn polynomial_arith() {
     test_mul::<Bls12, _>(rng);
 }
 
+#[cfg(feature = "pairing")]
 #[test]
 fn fft_composition() {
     use pairing::bls12_381::Bls12;
     use rand;
 
-    fn test_comp<E: Engine, R: rand::Rng>(rng: &mut R)
+    fn test_comp<E: ScalarEngine, R: rand::Rng>(rng: &mut R)
     {
         let worker = Worker::new();
 
@@ -460,13 +458,14 @@ fn fft_composition() {
     test_comp::<Bls12, _>(rng);
 }
 
+#[cfg(feature = "pairing")]
 #[test]
 fn parallel_fft_consistency() {
     use pairing::bls12_381::Bls12;
     use rand::{self, Rand};
     use std::cmp::min;
 
-    fn test_consistency<E: Engine, R: rand::Rng>(rng: &mut R)
+    fn test_consistency<E: ScalarEngine, R: rand::Rng>(rng: &mut R)
     {
         let worker = Worker::new();
 

bellman/src/groth16/generator.rs

@@ -2,14 +2,9 @@ use rand::Rng;
 
 use std::sync::Arc;
 
-use pairing::{
-    Engine,
-    PrimeField,
-    Field,
-    Wnaf,
-    CurveProjective,
-    CurveAffine
-};
+use ff::{Field, PrimeField};
+use group::{CurveAffine, CurveProjective, Wnaf};
+use pairing::Engine;
 
 use super::{
     Parameters,

bellman/src/groth16/mod.rs

@@ -1,7 +1,7 @@
+use group::{CurveAffine, EncodedPoint};
 use pairing::{
     Engine,
-    CurveAffine,
-    EncodedPoint
+    PairingCurveAffine,
 };
 
 use ::{
@@ -385,9 +385,9 @@ pub struct PreparedVerifyingKey<E: Engine> {
     /// Pairing result of alpha*beta
     alpha_g1_beta_g2: E::Fqk,
     /// -gamma in G2
-    neg_gamma_g2: <E::G2Affine as CurveAffine>::Prepared,
+    neg_gamma_g2: <E::G2Affine as PairingCurveAffine>::Prepared,
     /// -delta in G2
-    neg_delta_g2: <E::G2Affine as CurveAffine>::Prepared,
+    neg_delta_g2: <E::G2Affine as PairingCurveAffine>::Prepared,
     /// Copy of IC from `VerifiyingKey`.
     ic: Vec<E::G1Affine>
 }
@@ -486,8 +486,8 @@ mod test_with_bls12_381 {
     use super::*;
     use {Circuit, SynthesisError, ConstraintSystem};
 
+    use ff::Field;
     use rand::{Rand, thread_rng};
-    use pairing::{Field};
     use pairing::bls12_381::{Bls12, Fr};
 
     #[test]

bellman/src/groth16/prover.rs

@@ -4,13 +4,9 @@ use std::sync::Arc;
 
 use futures::Future;
 
-use pairing::{
-    Engine,
-    PrimeField,
-    Field,
-    CurveProjective,
-    CurveAffine
-};
+use ff::{Field, PrimeField};
+use group::{CurveAffine, CurveProjective};
+use pairing::Engine;
 
 use super::{
     ParameterSource,

bellman/src/groth16/tests/dummy_engine.rs

@@ -1,16 +1,8 @@
-use pairing::{
-    Engine,
-    PrimeField,
-    PrimeFieldRepr,
-    Field,
-    SqrtField,
-    LegendreSymbol,
-    CurveProjective,
-    CurveAffine,
-    PrimeFieldDecodingError,
-    GroupDecodingError,
-    EncodedPoint
-};
+use ff::{
+    Field, LegendreSymbol, PrimeField, PrimeFieldDecodingError,
+    PrimeFieldRepr, ScalarEngine, SqrtField};
+use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError};
+use pairing::{Engine, PairingCurveAffine};
 
 use std::cmp::Ordering;
 use std::fmt;
@@ -263,8 +255,11 @@ impl PrimeField for Fr {
 #[derive(Clone)]
 pub struct DummyEngine;
 
-impl Engine for DummyEngine {
+impl ScalarEngine for DummyEngine {
     type Fr = Fr;
+}
+
+impl Engine for DummyEngine {
     type G1 = Fr;
     type G1Affine = Fr;
     type G2 = Fr;
@@ -277,8 +272,8 @@ impl Engine for DummyEngine {
 
     fn miller_loop<'a, I>(i: I) -> Self::Fqk
         where I: IntoIterator<Item=&'a (
-                                    &'a <Self::G1Affine as CurveAffine>::Prepared,
-                                    &'a <Self::G2Affine as CurveAffine>::Prepared
+                                    &'a <Self::G1Affine as PairingCurveAffine>::Prepared,
+                                    &'a <Self::G2Affine as PairingCurveAffine>::Prepared
                                )>
     {
         let mut acc = <Fr as Field>::zero();
@@ -401,11 +396,8 @@ impl EncodedPoint for FakePoint {
 }
 
 impl CurveAffine for Fr {
-    type Pair = Fr;
-    type PairingResult = Fr;
     type Compressed = FakePoint;
     type Uncompressed = FakePoint;
-    type Prepared = Fr;
     type Projective = Fr;
     type Base = Fr;
     type Scalar = Fr;
@@ -437,15 +429,21 @@ impl CurveAffine for Fr {
         res
     }
 
+    fn into_projective(&self) -> Self::Projective {
+        *self
+    }
+}
+
+impl PairingCurveAffine for Fr {
+    type Prepared = Fr;
+    type Pair = Fr;
+    type PairingResult = Fr;
+
     fn prepare(&self) -> Self::Prepared {
         *self
     }
 
     fn pairing_with(&self, other: &Self::Pair) -> Self::PairingResult {
         self.mul(*other)
     }
-
-    fn into_projective(&self) -> Self::Projective {
-        *self
-    }
 }

bellman/src/groth16/tests/mod.rs

@@ -1,8 +1,5 @@
-use pairing::{
-    Engine,
-    Field,
-    PrimeField
-};
+use ff::{Field, PrimeField};
+use pairing::Engine;
 
 mod dummy_engine;
 use self::dummy_engine::*;

bellman/src/groth16/verifier.rs

@@ -1,9 +1,6 @@
-use pairing::{
-    Engine,
-    CurveProjective,
-    CurveAffine,
-    PrimeField
-};
+use ff::PrimeField;
+use group::{CurveAffine, CurveProjective};
+use pairing::{Engine, PairingCurveAffine};
 
 use super::{
     Proof,