pass tests

privacy-scaling-explorations · Feb 16, 2024 · 6e040da · 6e040da
1 parent 1007ec9
commit 6e040da
Show file tree

Hide file tree

Showing 16 changed files with 111 additions and 42 deletions.
diff --git a/halo2_backend/src/plonk/prover.rs b/halo2_backend/src/plonk/prover.rs
@@ -59,7 +59,7 @@ impl<
     > ProverV2Single<'a, 'params, Scheme, P, E, R, T>
 {
     /// Create a new prover object
-    pub fn new(
+    pub fn new_with_engine(
         engine: &impl MsmAccel<Scheme::Curve>,
         params: &'params Scheme::ParamsProver,
         pk: &'a ProvingKey<Scheme::Curve>,
@@ -72,7 +72,7 @@ impl<
     where
         Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
     {
-        Ok(Self(ProverV2::new(
+        Ok(Self(ProverV2::new_with_engine(
             engine,
             params,
             pk,
@@ -82,6 +82,21 @@ impl<
         )?))
     }
 
+    pub fn new(
+        params: &'params Scheme::ParamsProver,
+        pk: &'a ProvingKey<Scheme::Curve>,
+        // TODO: If this was a vector the usage would be simpler
+        // https://github.com/privacy-scaling-explorations/halo2/issues/265
+        instance: &[&[Scheme::Scalar]],
+        rng: R,
+        transcript: &'a mut T,
+    ) -> Result<Self, Error>
+    where
+        Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
+    {
+        Self::new_with_engine(&H2cEngine::new(), params, pk, instance, rng, transcript)
+    }
+
     /// Commit the `witness` at `phase` and return the challenges after `phase`.
     pub fn commit_phase(
         &mut self,
@@ -152,7 +167,7 @@ impl<
     > ProverV2<'a, 'params, Scheme, P, E, R, T>
 {
     /// Create a new prover object
-    pub fn new(
+    pub fn new_with_engine(
         engine: &impl MsmAccel<Scheme::Curve>,
         params: &'params Scheme::ParamsProver,
         pk: &'a ProvingKey<Scheme::Curve>,
@@ -744,14 +759,30 @@ impl<
 
         let prover = P::new(params);
         prover
-            .create_proof(engine, rng, self.transcript, instances)
+            .create_proof_with_engine(engine, rng, self.transcript, instances)
             .map_err(|_| Error::ConstraintSystemFailure)?;
 
         Ok(())
     }
 
+    /// Create a new prover object
+    pub fn new(
+        params: &'params Scheme::ParamsProver,
+        pk: &'a ProvingKey<Scheme::Curve>,
+        // TODO: If this was a vector the usage would be simpler.
+        // https://github.com/privacy-scaling-explorations/halo2/issues/265
+        instances: &[&[&[Scheme::Scalar]]],
+        rng: R,
+        transcript: &'a mut T,
+    ) -> Result<Self, Error>
+    where
+        Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
+    {
+        Self::new_with_engine(&H2cEngine::new(), params, pk, instances, rng, transcript)
+    }
+
     /// Finalizes the proof creation.
-    pub fn create_proof(mut self) -> Result<(), Error>
+    pub fn create_proof(self) -> Result<(), Error>
     where
         Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
     {

diff --git a/halo2_backend/src/poly/commitment.rs b/halo2_backend/src/poly/commitment.rs
@@ -6,7 +6,7 @@ use super::{
 use crate::poly::Error;
 use crate::transcript::{EncodedChallenge, TranscriptRead, TranscriptWrite};
 use halo2_middleware::ff::Field;
-use halo2curves::{zal::MsmAccel, CurveAffine};
+use halo2curves::{zal::{MsmAccel, H2cEngine}, CurveAffine};
 use rand_core::RngCore;
 use std::{
     fmt::Debug,
@@ -137,7 +137,7 @@ pub trait Prover<'params, Scheme: CommitmentScheme> {
     fn new(params: &'params Scheme::ParamsProver) -> Self;
 
     /// Create a multi-opening proof
-    fn create_proof<
+    fn create_proof_with_engine<
         'com,
         E: EncodedChallenge<Scheme::Curve>,
         T: TranscriptWrite<Scheme::Curve, E>,
@@ -153,6 +153,26 @@ pub trait Prover<'params, Scheme: CommitmentScheme> {
     where
         I: IntoIterator<Item = ProverQuery<'com, Scheme::Curve>> + Clone,
         R: RngCore;
+
+    /// Create a multi-opening proof
+    fn create_proof<
+        'com,
+        E: EncodedChallenge<Scheme::Curve>,
+        T: TranscriptWrite<Scheme::Curve, E>,
+        R,
+        I,
+    >(
+        &self,
+        rng: R,
+        transcript: &mut T,
+        queries: I,
+    ) -> io::Result<()>
+    where
+        I: IntoIterator<Item = ProverQuery<'com, Scheme::Curve>> + Clone,
+        R: RngCore
+    {
+        self.create_proof_with_engine(&H2cEngine::new(), rng, transcript, queries)
+    }
 }
 
 /// Common multi-open verifier interface for various commitment schemes

diff --git a/halo2_backend/src/poly/ipa/commitment.rs b/halo2_backend/src/poly/ipa/commitment.rs
@@ -16,7 +16,7 @@ use std::marker::PhantomData;
 mod prover;
 mod verifier;
 
-pub use prover::create_proof;
+pub use prover::create_proof_with_engine;
 pub use verifier::verify_proof;
 
 use std::io;
@@ -238,7 +238,7 @@ impl<'params, C: CurveAffine> ParamsProver<'params, C> for ParamsIPA<C> {
 mod test {
     use crate::poly::commitment::ParamsProver;
     use crate::poly::commitment::{Blind, Params, MSM};
-    use crate::poly::ipa::commitment::{create_proof, verify_proof, ParamsIPA};
+    use crate::poly::ipa::commitment::{create_proof_with_engine, verify_proof, ParamsIPA};
     use crate::poly::ipa::msm::MSMIPA;
 
     use group::Curve;
@@ -350,7 +350,7 @@ mod test {
         transcript.write_scalar(v).unwrap();
 
         let (proof, ch_prover) = {
-            create_proof(&engine, &params, rng, &mut transcript, &px, blind, *x).unwrap();
+            create_proof_with_engine(&engine, &params, rng, &mut transcript, &px, blind, *x).unwrap();
             let ch_prover = transcript.squeeze_challenge();
             (transcript.finalize(), ch_prover)
         };

diff --git a/halo2_backend/src/poly/ipa/commitment/prover.rs b/halo2_backend/src/poly/ipa/commitment/prover.rs
@@ -27,7 +27,7 @@ use std::io::{self};
 /// opening v, and the point x. It's probably also nice for the transcript
 /// to have seen the elliptic curve description and the URS, if you want to
 /// be rigorous.
-pub fn create_proof<
+pub fn create_proof_with_engine<
     C: CurveAffine,
     E: EncodedChallenge<C>,
     R: RngCore,

diff --git a/halo2_backend/src/poly/ipa/multiopen/prover.rs b/halo2_backend/src/poly/ipa/multiopen/prover.rs
@@ -28,7 +28,7 @@ impl<'params, C: CurveAffine> Prover<'params, IPACommitmentScheme<C>> for Prover
     }
 
     /// Create a multi-opening proof
-    fn create_proof<'com, Z: EncodedChallenge<C>, T: TranscriptWrite<C, Z>, R, I>(
+    fn create_proof_with_engine<'com, Z: EncodedChallenge<C>, T: TranscriptWrite<C, Z>, R, I>(
         &self,
         engine: &impl MsmAccel<C>,
         mut rng: R,
@@ -122,7 +122,7 @@ impl<'params, C: CurveAffine> Prover<'params, IPACommitmentScheme<C>> for Prover
             },
         );
 
-        commitment::create_proof(
+        commitment::create_proof_with_engine(
             engine,
             self.params,
             rng,

diff --git a/halo2_backend/src/poly/kzg/multiopen/gwc/prover.rs b/halo2_backend/src/poly/kzg/multiopen/gwc/prover.rs
@@ -36,7 +36,7 @@ where
     }
 
     /// Create a multi-opening proof
-    fn create_proof<
+    fn create_proof_with_engine<
         'com,
         Ch: EncodedChallenge<E::G1Affine>,
         T: TranscriptWrite<E::G1Affine, Ch>,

diff --git a/halo2_backend/src/poly/kzg/multiopen/shplonk/prover.rs b/halo2_backend/src/poly/kzg/multiopen/shplonk/prover.rs
@@ -118,7 +118,7 @@ where
     }
 
     /// Create a multi-opening proof
-    fn create_proof<
+    fn create_proof_with_engine<
         'com,
         Ch: EncodedChallenge<E::G1Affine>,
         T: TranscriptWrite<E::G1Affine, Ch>,

diff --git a/halo2_backend/src/poly/multiopen_test.rs b/halo2_backend/src/poly/multiopen_test.rs
@@ -297,7 +297,7 @@ mod test {
 
         let prover = P::new(params);
         prover
-            .create_proof(engine, &mut OsRng, &mut transcript, queries)
+            .create_proof(&mut OsRng, &mut transcript, queries)
             .unwrap();
 
         transcript.finalize()

diff --git a/halo2_proofs/examples/serialization.rs b/halo2_proofs/examples/serialization.rs
@@ -24,7 +24,6 @@ use halo2_proofs::{
     SerdeFormat,
 };
 use halo2curves::bn256::{Bn256, Fr, G1Affine};
-use halo2curves::zal::H2cEngine;
 use rand_core::OsRng;
 
 #[derive(Clone, Copy)]
@@ -130,7 +129,6 @@ impl Circuit<Fr> for StandardPlonk {
 }
 
 fn main() {
-    let engine = H2cEngine::new();
     let k = 4;
     let circuit = StandardPlonk(Fr::random(OsRng));
     let params = ParamsKZG::<Bn256>::setup(k, OsRng);
@@ -165,7 +163,6 @@ fn main() {
         Blake2bWrite<Vec<u8>, G1Affine, Challenge255<_>>,
         _,
     >(
-        &engine,
         &params,
         &pk,
         &[circuit],

diff --git a/halo2_proofs/examples/shuffle.rs b/halo2_proofs/examples/shuffle.rs
@@ -18,7 +18,6 @@ use halo2_proofs::{
         Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
     },
 };
-use halo2curves::zal::{H2cEngine, MsmAccel};
 use rand_core::{OsRng, RngCore};
 use std::iter;
 
@@ -271,7 +270,6 @@ fn test_mock_prover<F: Ord + FromUniformBytes<64>, const W: usize, const H: usiz
 }
 
 fn test_prover<C: CurveAffine, const W: usize, const H: usize>(
-    engine: &impl MsmAccel<C>,
     k: u32,
     circuit: MyCircuit<C::Scalar, W, H>,
     expected: bool,
@@ -286,7 +284,6 @@ fn test_prover<C: CurveAffine, const W: usize, const H: usize>(
         let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
 
         create_proof::<IPACommitmentScheme<C>, ProverIPA<C>, _, _, _, _>(
-            engine,
             &params,
             &pk,
             &[circuit],
@@ -322,12 +319,11 @@ fn main() {
     const H: usize = 32;
     const K: u32 = 8;
 
-    let engine = H2cEngine::new();
     let circuit = &MyCircuit::<_, W, H>::rand(&mut OsRng);
 
     {
         test_mock_prover(K, circuit.clone(), Ok(()));
-        test_prover::<EqAffine, W, H>(&engine, K, circuit.clone(), true);
+        test_prover::<EqAffine, W, H>(K, circuit.clone(), true);
     }
 
     #[cfg(not(feature = "sanity-checks"))]
@@ -351,6 +347,6 @@ fn main() {
                 },
             )]),
         );
-        test_prover::<EqAffine, W, H>(&engine, K, circuit, false);
+        test_prover::<EqAffine, W, H>(K, circuit, false);
     }
 }
diff --git a/halo2_proofs/src/lib.rs b/halo2_proofs/src/lib.rs
@@ -24,7 +24,7 @@ pub mod circuit {
 ///! field and polynomial arithmetic.
 pub mod arithmetic {
     pub use halo2_common::arithmetic::{
-        best_fft, parallelize, small_multiexp, CurveAffine, CurveExt, Field,
+        best_fft, parallelize, CurveAffine, CurveExt, Field,
     };
 }
 /// Tools for developing circuits.

diff --git a/halo2_proofs/src/plonk.rs b/halo2_proofs/src/plonk.rs
@@ -13,7 +13,7 @@ mod verifier {
 
 pub use keygen::{keygen_pk, keygen_vk};
 
-pub use prover::create_proof;
+pub use prover::{create_proof, create_proof_with_engine};
 pub use verifier::verify_proof;
 
 pub use halo2_backend::plonk::{ProvingKey, VerifyingKey};

diff --git a/halo2_proofs/src/plonk/keygen.rs b/halo2_proofs/src/plonk/keygen.rs
@@ -6,7 +6,6 @@ use halo2_backend::{arithmetic::CurveAffine, poly::commitment::Params};
 use halo2_common::plonk::{circuit::Circuit, Error};
 use halo2_frontend::circuit::compile_circuit;
 use halo2_middleware::ff::FromUniformBytes;
-use halo2curves::zal::H2cEngine;
 
 /// Generate a `VerifyingKey` from an instance of `Circuit`.
 /// By default, selector compression is turned **off**.

diff --git a/halo2_proofs/src/plonk/prover.rs b/halo2_proofs/src/plonk/prover.rs
@@ -42,7 +42,7 @@ where
         .enumerate()
         .map(|(i, circuit)| WitnessCalculator::new(params.k(), circuit, &config, &cs, instances[i]))
         .collect();
-    let mut prover = ProverV2::<Scheme, P, _, _, _>::new(engine, params, pk, instances, rng, transcript)?;
+    let mut prover = ProverV2::<Scheme, P, _, _, _>::new_with_engine(engine, params, pk, instances, rng, transcript)?;
     let mut challenges = HashMap::new();
     let phases = prover.phases.clone();
     for phase in &phases {
@@ -78,7 +78,7 @@ pub fn create_proof<
 where
     Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
 {
-    create_proof_with_engine(&H2cEngine::new(), params, pk, circuits, instances, rng, transcript)
+    create_proof_with_engine::<Scheme, P, _, _, _, _>(&H2cEngine::new(), params, pk, circuits, instances, rng, transcript)
 }
 
 #[test]

diff --git a/halo2_proofs/tests/frontend_backend_split.rs b/halo2_proofs/tests/frontend_backend_split.rs
@@ -548,9 +548,12 @@ fn test_mycircuit_full_legacy() {
 
 #[test]
 fn test_mycircuit_full_split() {
+    use halo2curves::zal::H2cEngine;
+
     #[cfg(feature = "heap-profiling")]
     let _profiler = dhat::Profiler::new_heap();
 
+    let engine = H2cEngine::new();
     let k = K;
     let circuit: MyCircuit<Fr, WIDTH_FACTOR> = MyCircuit::new(k, 42);
     let (compiled_circuit, config, cs) = compile_circuit(k, &circuit, false).unwrap();
@@ -577,8 +580,11 @@ fn test_mycircuit_full_split() {
     let start = Instant::now();
     let mut witness_calc = WitnessCalculator::new(k, &circuit, &config, &cs, instances_slice);
     let mut transcript = Blake2bWrite::<_, G1Affine, Challenge255<_>>::init(vec![]);
+    // TODO: is ProverV2Single::new part of the public API?
+    // if yes we need to create a ProverV2Single::new_with_engine instead.
     let mut prover =
-        ProverV2Single::<KZGCommitmentScheme<Bn256>, ProverSHPLONK<'_, Bn256>, _, _, _>::new(
+        ProverV2Single::<KZGCommitmentScheme<Bn256>, ProverSHPLONK<'_, Bn256>, _, _, _>::new_with_engine(
+            &engine,
             &params,
             &pk,
             instances_slice,
@@ -590,9 +596,9 @@ fn test_mycircuit_full_split() {
     for phase in 0..cs.phases().count() {
         println!("phase {phase}");
         let witness = witness_calc.calc(phase as u8, &challenges).unwrap();
-        challenges = prover.commit_phase(phase as u8, witness).unwrap();
+        challenges = prover.commit_phase(&engine, phase as u8, witness).unwrap();
     }
-    prover.create_proof().unwrap();
+    prover.create_proof_with_engine(&engine).unwrap();
     let proof = transcript.finalize();
     println!("Prove: {:?}", start.elapsed());