privacy-scaling-explorations · lazovicff · Jul 6, 2023 · Jul 4, 2023 · Jul 4, 2023 · Jul 4, 2023
diff --git a/circuit/src/circuit.rs b/circuit/src/circuit.rs
@@ -541,7 +541,7 @@ mod test {
 			ops,
 		);
 
-		let k = 14;
+		let k = 13;
 		let prover = match MockProver::<Scalar>::run(k, &et, vec![res.to_vec()]) {
 			Ok(prover) => prover,
 			Err(e) => panic!("{}", e),
@@ -609,7 +609,7 @@ mod test {
 			ops,
 		);
 
-		let k = 14;
+		let k = 13;
 		let rng = &mut rand::thread_rng();
 		let params = generate_params(k);
 		let res = prove_and_verify::<Bn256, _, _>(params, et, &[&res], rng).unwrap();
@@ -676,7 +676,7 @@ mod test {
 			ops,
 		);
 
-		let k = 14;
+		let k = 13;
 		let params = read_params(k);
 		let pk = gen_pk(&params, &et);
 		let deployment_code = gen_evm_verifier(&params, pk.get_vk(), vec![NUM_NEIGHBOURS]);

diff --git a/circuit/src/eddsa/mod.rs b/circuit/src/eddsa/mod.rs
@@ -325,7 +325,7 @@ mod test {
 		let sig = sign(&sk, &pk, m);
 		let circuit = TestCircuit::new(sig.big_r.x, sig.big_r.y, sig.s, pk.0.x, pk.0.y, m);
 
-		let k = 11;
+		let k = 10;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 		assert_eq!(prover.verify(), Ok(()));
 	}
@@ -348,7 +348,7 @@ mod test {
 		sig.big_r = b8.mul_scalar(different_r).affine();
 		let circuit = TestCircuit::new(sig.big_r.x, sig.big_r.y, sig.s, pk.0.x, pk.0.y, m);
 
-		let k = 11;
+		let k = 10;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 		assert!(prover.verify().is_err());
 	}
@@ -366,7 +366,7 @@ mod test {
 		sig.s = sig.s.add(&Fr::from(1));
 		let circuit = TestCircuit::new(sig.big_r.x, sig.big_r.y, sig.s, pk.0.x, pk.0.y, m);
 
-		let k = 11;
+		let k = 10;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 		assert!(prover.verify().is_err());
 	}
@@ -385,7 +385,7 @@ mod test {
 		let m = Fr::from_str_vartime("123456789012345678901234567890").unwrap();
 		let sig = sign(&sk1, &pk1, m);
 		let circuit = TestCircuit::new(sig.big_r.x, sig.big_r.y, sig.s, pk2.0.x, pk2.0.y, m);
-		let k = 11;
+		let k = 10;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 		assert!(prover.verify().is_err());
 	}
@@ -404,7 +404,7 @@ mod test {
 		let sig = sign(&sk, &pk, m1);
 		let circuit = TestCircuit::new(sig.big_r.x, sig.big_r.y, sig.s, pk.0.x, pk.0.y, m2);
 
-		let k = 11;
+		let k = 10;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 
 		assert!(prover.verify().is_err());
@@ -421,7 +421,7 @@ mod test {
 		let sig = sign(&sk, &pk, m);
 		let circuit = TestCircuit::new(sig.big_r.x, sig.big_r.y, sig.s, pk.0.x, pk.0.y, m);
 
-		let k = 11;
+		let k = 10;
 		let rng = &mut rand::thread_rng();
 		let params = generate_params(k);
 		let res = prove_and_verify::<Bn256, _, _>(params, circuit, &[&[]], rng).unwrap();

diff --git a/circuit/src/edwards/mod.rs b/circuit/src/edwards/mod.rs
@@ -87,9 +87,9 @@ impl<F: FieldExt, P: EdwardsParams<F>> Chip<F> for PointAddChip<F, P> {
 			let e_y_exp = v_cells.query_advice(common.advice[4], Rotation::cur());
 			let e_z_exp = v_cells.query_advice(common.advice[5], Rotation::cur());
 
-			let r_x_next_exp = v_cells.query_advice(common.advice[0], Rotation::next());
-			let r_y_next_exp = v_cells.query_advice(common.advice[1], Rotation::next());
-			let r_z_next_exp = v_cells.query_advice(common.advice[2], Rotation::next());
+			let r_x_next_exp = v_cells.query_advice(common.advice[6], Rotation::cur());
+			let r_y_next_exp = v_cells.query_advice(common.advice[7], Rotation::cur());
+			let r_z_next_exp = v_cells.query_advice(common.advice[8], Rotation::cur());
 
 			let (r_x3, r_y3, r_z3) =
 				P::add_exp(r_x_exp, r_y_exp, r_z_exp, e_x_exp, e_y_exp, e_z_exp);
@@ -131,10 +131,9 @@ impl<F: FieldExt, P: EdwardsParams<F>> Chip<F> for PointAddChip<F, P> {
 					e_z.value().cloned(),
 				);
 
-				ctx.next();
-				let r_x_res = ctx.assign_advice(common.advice[0], r_x3)?;
-				let r_y_res = ctx.assign_advice(common.advice[1], r_y3)?;
-				let r_z_res = ctx.assign_advice(common.advice[2], r_z3)?;
+				let r_x_res = ctx.assign_advice(common.advice[6], r_x3)?;
+				let r_y_res = ctx.assign_advice(common.advice[7], r_y3)?;
+				let r_z_res = ctx.assign_advice(common.advice[8], r_z3)?;
 
 				let res = AssignedPoint::new(r_x_res, r_y_res, r_z_res);
 
@@ -550,7 +549,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = AddTestCircuit::new(e, r);
 
-		let k = 6;
+		let k = 4;
 		let pub_ins = vec![x_res, y_res, z_res];
 		let prover = MockProver::run(k, &circuit, vec![pub_ins]).unwrap();
 		assert_eq!(prover.verify(), Ok(()));
@@ -568,7 +567,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = AddTestCircuit::new(e, r);
 
-		let k = 10;
+		let k = 8;
 		let rng = &mut rand::thread_rng();
 		let params = generate_params(k);
 		let pub_ins = [x_res, y_res, z_res];
@@ -632,7 +631,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = IntoAffineTestCircuit::new(r);
 
-		let k = 6;
+		let k = 4;
 		let pub_ins = vec![r_affine.x, r_affine.y];
 		let prover = MockProver::run(k, &circuit, vec![pub_ins]).unwrap();
 		assert_eq!(prover.verify(), Ok(()));
@@ -647,7 +646,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = IntoAffineTestCircuit::new(r);
 
-		let k = 8;
+		let k = 6;
 		let rng = &mut rand::thread_rng();
 		let params = generate_params(k);
 		let pub_ins = vec![r_affine.x, r_affine.y];
@@ -734,7 +733,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = MulScalarTestCircuit::new(r, scalar);
 
-		let k = 10;
+		let k = 9;
 		let pub_ins = vec![res.x, res.y, res.z];
 		let prover = MockProver::run(k, &circuit, vec![pub_ins]).unwrap();
 		assert_eq!(prover.verify(), Ok(()));
@@ -752,7 +751,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = MulScalarTestCircuit::new(r, scalar);
 
-		let k = 10;
+		let k = 9;
 		let pub_ins = vec![res.x, res.y, res.z];
 		let prover = MockProver::run(k, &circuit, vec![pub_ins]).unwrap();
 		assert_eq!(prover.verify(), Ok(()));
@@ -770,7 +769,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = MulScalarTestCircuit::new(r, scalar);
 
-		let k = 10;
+		let k = 9;
 		let pub_ins = vec![res.x, res.y, res.z];
 		let prover = MockProver::run(k, &circuit, vec![pub_ins]).unwrap();
 		assert_eq!(prover.verify(), Ok(()));
@@ -787,7 +786,7 @@ mod test {
 		let r = UnassignedPoint::new(r.x, r.y, r.z);
 		let circuit = MulScalarTestCircuit::new(r, scalar);
 
-		let k = 10;
+		let k = 9;
 		let rng = &mut rand::thread_rng();
 		let params = generate_params(k);
 		let pub_ins = [res.x, res.y, res.z];

diff --git a/circuit/src/gadgets/absorb.rs b/circuit/src/gadgets/absorb.rs
@@ -1,7 +1,7 @@
 use crate::{Chip, CommonConfig, FieldExt, RegionCtx};
 use halo2::{
 	circuit::{AssignedCell, Layouter, Region},
-	plonk::{Advice, Column, ConstraintSystem, Error, Expression, Selector},
+	plonk::{ConstraintSystem, Error, Expression, Selector},
 	poly::Rotation,
 };
 
@@ -45,8 +45,9 @@ impl<F: FieldExt, const WIDTH: usize> Chip<F> for AbsorbChip<F, WIDTH> {
 			let s = v_cells.query_selector(absorb_selector);
 			for (i, expr) in exprs.iter_mut().enumerate().take(WIDTH) {
 				let hasher_exp = v_cells.query_advice(common.advice[i], Rotation::cur());
-				let sponge_exp = v_cells.query_advice(common.advice[i], Rotation::next());
-				let next_sponge_exp = v_cells.query_advice(common.advice[i], Rotation(2));
+				let sponge_exp = v_cells.query_advice(common.advice[i + WIDTH], Rotation::cur());
+				let next_sponge_exp =
+					v_cells.query_advice(common.advice[i + 2 * WIDTH], Rotation::cur());
 				let diff = next_sponge_exp - (sponge_exp + hasher_exp);
 				*expr = s.clone() * diff;
 			}
@@ -67,26 +68,39 @@ impl<F: FieldExt, const WIDTH: usize> Chip<F> for AbsorbChip<F, WIDTH> {
 				ctx.enable(*selector)?;
 
 				// Load previous RescuePrime state
-				let loaded_state = copy_state(&mut ctx, common, &self.prev_state)?;
-				ctx.next();
+				let loaded_state = {
+					let mut loaded_state: [Option<AssignedCell<F, F>>; WIDTH] =
+						[(); WIDTH].map(|_| None);
+					for i in 0..WIDTH {
+						let new_state =
+							ctx.copy_assign(common.advice[i], self.prev_state[i].clone())?;
+						loaded_state[i] = Some(new_state);
+					}
+					loaded_state.map(|item| item.unwrap())
+				};
 
 				// Load next chunk
-				let loaded_chunk = copy_state(&mut ctx, common, &self.state)?;
-				ctx.next();
+				let loaded_chunk = {
+					let mut loaded_chunk: [Option<AssignedCell<F, F>>; WIDTH] =
+						[(); WIDTH].map(|_| None);
+					for i in 0..WIDTH {
+						let new_state =
+							ctx.copy_assign(common.advice[i + WIDTH], self.state[i].clone())?;
+						loaded_chunk[i] = Some(new_state);
+					}
+					loaded_chunk.map(|item| item.unwrap())
+				};
 
 				// Calculate the next state to permute
-				let columns: [Column<Advice>; WIDTH] =
-					common.advice[0..WIDTH].to_vec().try_into().unwrap();
 				let mut next_state: [Option<AssignedCell<F, F>>; WIDTH] = [(); WIDTH].map(|_| None);
 				for i in 0..WIDTH {
 					let chunk_state = &loaded_chunk[i];
 					let pos_state = &loaded_state[i];
-					let column = columns[i];
 					let sum = chunk_state.value().and_then(|&s| {
 						let pos_state_val = pos_state.value();
 						pos_state_val.map(|&ps| s + ps)
 					});
-					let assigned_sum = ctx.assign_advice(column, sum)?;
+					let assigned_sum = ctx.assign_advice(common.advice[i + 2 * WIDTH], sum)?;
 					next_state[i] = Some(assigned_sum);
 				}
 

diff --git a/circuit/src/gadgets/bits2integer.rs b/circuit/src/gadgets/bits2integer.rs
@@ -177,7 +177,7 @@ mod test {
 		let numba = Integer::<W, N, NUM_LIMBS, NUM_BITS, P>::new(numba_big);
 
 		let circuit = TestCircuit::new(numba);
-		let k = 9;
+		let k = 8;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 
 		assert_eq!(prover.verify(), Ok(()));
@@ -193,7 +193,7 @@ mod test {
 		let numba = Integer::<W, N, NUM_LIMBS, NUM_BITS, P>::new(numba_big);
 
 		let circuit = TestCircuit::new(numba);
-		let k = 9;
+		let k = 8;
 		let prover = MockProver::run(k, &circuit, vec![vec![]]).unwrap();
 
 		assert_eq!(prover.verify(), Ok(()));
@@ -204,7 +204,7 @@ mod test {
 		let numba_big = BigUint::from_str("3823613239503432837285398709123").unwrap();
 		let numba = Integer::<W, N, NUM_LIMBS, NUM_BITS, P>::new(numba_big);
 		let circuit = TestCircuit::new(numba);
-		let k = 9;
+		let k = 8;
 		let rng = &mut rand::thread_rng();
 		let params = generate_params(k);
 		let res = prove_and_verify::<Bn256, _, _>(params, circuit, &[&[]], rng).unwrap();