Merge pull request #153 from KogarashiNetwork/feature/r1cs-refactoring

r1cs refactoring
KogarashiNetwork · Nov 4, 2023 · 6998af0 · 6998af0
2 parents 5754df4 + 8cc102c
commit 6998af0
Show file tree

Hide file tree

Showing 22 changed files with 200 additions and 235 deletions.
diff --git a/pallets/zkrollup/src/lib.rs b/pallets/zkrollup/src/lib.rs
@@ -46,10 +46,10 @@ pub mod pallet {
     pub trait Config: frame_system::Config + pallet_plonk::Config {
         type Plonk: Plonk<
             <Self as pallet_plonk::Config>::Pairing,
-            <<Self as pallet::Config>::RedDsa as RedDSA>::JubjubAffine,
+            <<Self as pallet::Config>::RedDsa as RedDSA>::Affine,
         >;
         type RedDsa: RedDSA<
-            ScalarField = <<Self as pallet_plonk::Config>::Pairing as Pairing>::ScalarField,
+            Range = <<Self as pallet_plonk::Config>::Pairing as Pairing>::ScalarField,
         >;
         type Transaction: Parameter + Member + Default + Copy;
         type Batch: BatchGetter<<Self as pallet::Config>::RedDsa>

diff --git a/primitive/plonk b/primitive/plonk
diff --git a/primitive/redjubjub/src/constant.rs b/primitive/redjubjub/src/constant.rs
@@ -32,10 +32,10 @@ fn sapling_base_point_y<F: FftField>() -> F {
     F::from(SAPLING_BASE_POINT_Y.inner())
 }
 
-pub fn sapling_base_point<P: RedDSA>() -> P::JubjubAffine {
+pub fn sapling_base_point<P: RedDSA>() -> P::Affine {
     let x = sapling_base_point_x();
     let y = sapling_base_point_y();
-    P::JubjubAffine::from_raw_unchecked(x, y)
+    P::Affine::from_raw_unchecked(x, y)
 }
 
 pub fn sapling_redjubjub_cofactor<F: FftField>() -> F {

diff --git a/primitive/redjubjub/src/lib.rs b/primitive/redjubjub/src/lib.rs
@@ -34,13 +34,13 @@ use zkstd::common::RedDSA;
 pub struct RedJubjub {}
 
 impl RedDSA for RedJubjub {
-    type ScalarField = Fr;
+    type Range = Fr;
 
-    type JubjubScalar = Fp;
+    type Scalar = Fp;
 
-    type JubjubAffine = JubjubAffine;
+    type Affine = JubjubAffine;
 
-    type JubjubExtended = JubjubExtended;
+    type Extended = JubjubExtended;
 }
 
 /// An redjubjub secret key and public key pair.

diff --git a/primitive/redjubjub/src/private_key.rs b/primitive/redjubjub/src/private_key.rs
@@ -8,11 +8,11 @@ use zkstd::common::{FftField, RedDSA, SigUtils};
 
 /// RedJubjub secret key struct used for signing transactions
 #[derive(Clone, Copy, Debug, PartialEq)]
-pub struct SecretKey<P: RedDSA>(pub(crate) P::JubjubScalar);
+pub struct SecretKey<P: RedDSA>(pub(crate) P::Scalar);
 
 impl<P: RedDSA> SigUtils<32> for SecretKey<P> {
     fn from_bytes(bytes: [u8; 32]) -> Option<Self> {
-        P::JubjubScalar::from_bytes(bytes).map(Self::new)
+        P::Scalar::from_bytes(bytes).map(Self::new)
     }
 
     fn to_bytes(self) -> [u8; 32] {
@@ -21,7 +21,7 @@ impl<P: RedDSA> SigUtils<32> for SecretKey<P> {
 }
 
 impl<P: RedDSA> SecretKey<P> {
-    pub fn new(key: P::JubjubScalar) -> Self {
+    pub fn new(key: P::Scalar) -> Self {
         Self(key)
     }
 
@@ -35,7 +35,7 @@ impl<P: RedDSA> SecretKey<P> {
             raw_bytes.resize(64, 0);
         }
         let bytes: [u8; 64] = raw_bytes[..64].try_into().unwrap();
-        Some(Self(P::JubjubScalar::from_bytes_wide(&bytes)))
+        Some(Self(P::Scalar::from_bytes_wide(&bytes)))
     }
 
     #[allow(non_snake_case)]
@@ -46,13 +46,13 @@ impl<P: RedDSA> SecretKey<P> {
 
         // r = H(T||vk||M)
         let pk = self.to_public_key();
-        let r = sapling_hash::<P::JubjubScalar>(&T, &pk.to_bytes(), m);
+        let r = sapling_hash::<P::Scalar>(&T, &pk.to_bytes(), m);
 
         // R = r * P_G
         let R = (sapling_base_point::<P>() * r).to_bytes();
 
         // S = r + H(R||m) * sk
-        let S = (r + sapling_hash::<P::JubjubScalar>(&R, &pk.to_bytes(), m) * self.0).to_bytes();
+        let S = (r + sapling_hash::<P::Scalar>(&R, &pk.to_bytes(), m) * self.0).to_bytes();
 
         Signature::new(R, S)
     }
@@ -61,7 +61,7 @@ impl<P: RedDSA> SecretKey<P> {
         PublicKey(sapling_base_point::<P>() * self.0)
     }
 
-    pub fn randomize_private(&self, r: P::JubjubScalar) -> Self {
+    pub fn randomize_private(&self, r: P::Scalar) -> Self {
         Self(r * self.0)
     }
 }
diff --git a/primitive/redjubjub/src/public_key.rs b/primitive/redjubjub/src/public_key.rs
@@ -3,7 +3,6 @@ use super::hash::sapling_hash;
 use super::signature::Signature;
 
 use serde::{Deserialize, Serialize};
-use zkstd::common::SigUtils;
 use zkstd::common::*;
 
 /// RedJubjub public key struct used for signature verification
@@ -21,28 +20,28 @@ use zkstd::common::*;
     Decode,
     Encode,
 )]
-pub struct PublicKey<P: RedDSA>(pub(crate) P::JubjubExtended);
+pub struct PublicKey<P: RedDSA>(pub(crate) P::Extended);
 
 impl<P: RedDSA> SigUtils<32> for PublicKey<P> {
     fn to_bytes(self) -> [u8; 32] {
         self.0.to_bytes()
     }
 
     fn from_bytes(bytes: [u8; 32]) -> Option<Self> {
-        P::JubjubExtended::from_bytes(bytes).map(Self)
+        P::Extended::from_bytes(bytes).map(Self)
     }
 }
 
 impl<P: RedDSA> PublicKey<P> {
-    pub fn new(raw: P::JubjubExtended) -> Self {
+    pub fn new(raw: P::Extended) -> Self {
         PublicKey(raw)
     }
 
     pub fn zero() -> Self {
-        Self(P::JubjubExtended::zero())
+        Self(P::Extended::zero())
     }
 
-    pub fn inner(&self) -> P::JubjubExtended {
+    pub fn inner(&self) -> P::Extended {
         self.0
     }
 
@@ -55,20 +54,20 @@ impl<P: RedDSA> PublicKey<P> {
     #[allow(non_snake_case)]
     pub fn validate(self, m: &[u8], sig: Signature) -> bool {
         // c = H(R||vk||m)
-        let c = sapling_hash::<P::JubjubScalar>(&sig.r, &self.to_bytes(), m);
+        let c = sapling_hash::<P::Scalar>(&sig.r, &self.to_bytes(), m);
 
-        let R = match P::JubjubAffine::from_bytes(sig.r) {
+        let R = match P::Affine::from_bytes(sig.r) {
             Some(R) => R,
             None => return false,
         };
-        let S = match P::JubjubScalar::from_bytes(sig.s) {
+        let S = match P::Scalar::from_bytes(sig.s) {
             Some(S) => S,
             None => return false,
         };
 
         // h_G(-S * P_G + R + c * vk)
         ((-(sapling_base_point::<P>() * S) + R + self.0 * c)
-            * sapling_redjubjub_cofactor::<P::JubjubScalar>())
+            * sapling_redjubjub_cofactor::<P::Scalar>())
         .is_identity()
     }
 
@@ -81,7 +80,7 @@ impl<P: RedDSA> PublicKey<P> {
         todo!()
     }
 
-    pub fn randomize_public(&self, r: P::JubjubScalar) -> Self {
+    pub fn randomize_public(&self, r: P::Scalar) -> Self {
         Self(self.0 * r)
     }
 }
diff --git a/primitive/zkrollup/src/batch_circuit.rs b/primitive/zkrollup/src/batch_circuit.rs
@@ -17,14 +17,14 @@ use self::merkle::check_membership;
 #[derive(Debug, PartialEq, Default)]
 pub struct BatchCircuit<
     P: RedDSA,
-    H: FieldHasher<P::ScalarField, 2>,
+    H: FieldHasher<P::Range, 2>,
     const N: usize,
     const BATCH_SIZE: usize,
 > {
     batch: Batch<P, H, N, BATCH_SIZE>,
 }
 
-impl<P: RedDSA, H: FieldHasher<P::ScalarField, 2>, const N: usize, const BATCH_SIZE: usize>
+impl<P: RedDSA, H: FieldHasher<P::Range, 2>, const N: usize, const BATCH_SIZE: usize>
     BatchCircuit<P, H, N, BATCH_SIZE>
 {
     #[allow(dead_code)]
@@ -36,13 +36,13 @@ impl<P: RedDSA, H: FieldHasher<P::ScalarField, 2>, const N: usize, const BATCH_S
 
 impl<
         P: RedDSA + Debug + Default,
-        H: FieldHasher<P::ScalarField, 2>,
+        H: FieldHasher<P::Range, 2>,
         const N: usize,
         const BATCH_SIZE: usize,
-    > Circuit<P::JubjubAffine> for BatchCircuit<P, H, N, BATCH_SIZE>
+    > Circuit<P::Affine> for BatchCircuit<P, H, N, BATCH_SIZE>
 {
-    type ConstraintSystem = Plonk<P::JubjubAffine>;
-    fn synthesize(&self, composer: &mut Plonk<P::JubjubAffine>) -> Result<(), Error> {
+    type ConstraintSystem = Plonk<P::Affine>;
+    fn synthesize(&self, composer: &mut Plonk<P::Affine>) -> Result<(), Error> {
         for RollupTransactionInfo {
             transaction,
             pre_root,
@@ -58,15 +58,15 @@ impl<
         {
             let Transaction(sig, t) = transaction;
 
-            check_membership::<P::JubjubAffine, N>(
+            check_membership::<P::Affine, N>(
                 composer,
                 pre_sender.to_field_element(),
                 *pre_root,
                 &pre_sender_proof.path,
                 &pre_sender_proof.path_pos,
             )?;
 
-            check_membership::<P::JubjubAffine, N>(
+            check_membership::<P::Affine, N>(
                 composer,
                 pre_receiver.to_field_element(),
                 *pre_root,
@@ -91,15 +91,15 @@ impl<
                 ..*pre_receiver
             };
 
-            check_membership::<P::JubjubAffine, N>(
+            check_membership::<P::Affine, N>(
                 composer,
                 post_sender.to_field_element(),
                 *post_root,
                 &post_sender_proof.path,
                 &post_sender_proof.path_pos,
             )?;
 
-            check_membership::<P::JubjubAffine, N>(
+            check_membership::<P::Affine, N>(
                 composer,
                 post_receiver.to_field_element(),
                 *post_root,

diff --git a/primitive/zkrollup/src/domain/transaction.rs b/primitive/zkrollup/src/domain/transaction.rs
@@ -4,31 +4,27 @@ use super::{FftField, PublicKey, RngCore, SecretKey, SigUtils, Signature, UserDa
 use zkstd::common::*;
 
 #[derive(Clone, Debug, PartialEq, Eq, Default, Encode, Decode)]
-pub(crate) struct RollupTransactionInfo<
-    P: RedDSA,
-    H: FieldHasher<P::ScalarField, 2>,
-    const N: usize,
-> {
+pub(crate) struct RollupTransactionInfo<P: RedDSA, H: FieldHasher<P::Range, 2>, const N: usize> {
     pub(crate) transaction: Transaction<P>,
-    pub(crate) pre_root: P::ScalarField,
-    pub(crate) post_root: P::ScalarField,
+    pub(crate) pre_root: P::Range,
+    pub(crate) post_root: P::Range,
     pub(crate) pre_sender: UserData<P>,
     pub(crate) pre_receiver: UserData<P>,
-    pub(crate) pre_sender_proof: MerkleProof<P::ScalarField, H, N>,
-    pub(crate) pre_receiver_proof: MerkleProof<P::ScalarField, H, N>,
-    pub(crate) post_sender_proof: MerkleProof<P::ScalarField, H, N>,
-    pub(crate) post_receiver_proof: MerkleProof<P::ScalarField, H, N>,
+    pub(crate) pre_sender_proof: MerkleProof<P::Range, H, N>,
+    pub(crate) pre_receiver_proof: MerkleProof<P::Range, H, N>,
+    pub(crate) post_sender_proof: MerkleProof<P::Range, H, N>,
+    pub(crate) post_receiver_proof: MerkleProof<P::Range, H, N>,
     pub(crate) is_withdrawal: bool,
 }
 
 #[derive(Default, Clone, Copy, Debug, PartialEq, Eq, Decode, Encode)]
 pub struct Transaction<P: RedDSA>(pub(crate) Signature, pub(crate) TransactionData<P>);
 
 impl<P: RedDSA> Transaction<P> {
-    pub fn to_field_element(self) -> P::ScalarField {
+    pub fn to_field_element(self) -> P::Range {
         let mut field = [0_u8; 64];
         field.copy_from_slice(&self.to_bytes()[0..64]);
-        P::ScalarField::from_bytes_wide(&field)
+        P::Range::from_bytes_wide(&field)
     }
 }
 

diff --git a/primitive/zkrollup/src/domain/user.rs b/primitive/zkrollup/src/domain/user.rs
@@ -59,9 +59,9 @@ impl<P: RedDSA> UserData<P> {
         self.address
     }
 
-    pub fn to_field_element(self) -> P::ScalarField {
+    pub fn to_field_element(self) -> P::Range {
         let mut field = [0_u8; 64];
         field[0..56].copy_from_slice(&self.to_bytes()[0..56]);
-        P::ScalarField::from_bytes_wide(&field)
+        P::Range::from_bytes_wide(&field)
     }
 }