Skip to content

Commit

Permalink
Extract zsa (optimization) related changes into separate modules (...…
Browse files Browse the repository at this point in the history 
…_opt)
  • Loading branch information
@dmidem
dmidem committed Apr 2, 2024
1 parent a8af3ac commit 5d7ed7d
Show file tree
Hide file tree
Showing 28 changed files with 1,669 additions and 1,280 deletions.
61 changes: 7 additions & 54 deletions halo2_gadgets/src/ecc.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ use std::fmt::Debug;

use halo2_proofs::{
arithmetic::CurveAffine,
circuit::{AssignedCell, Chip, Layouter, Value},
circuit::{Chip, Layouter, Value},
plonk::Error,
};

Expand Down Expand Up @@ -60,15 +60,6 @@ pub trait EccInstructions<C: CurveAffine>:
value: Value<C>,
) -> Result<Self::Point, Error>;

/// Witnesses the given constant point as a private input to the circuit.
/// This allows the point to be the identity, mapped to (0, 0) in
/// affine coordinates.
fn witness_point_from_constant(
&self,
layouter: &mut impl Layouter<C::Base>,
value: C,
) -> Result<Self::Point, Error>;

/// Witnesses the given point as a private input to the circuit.
/// This returns an error if the point is the identity.
fn witness_point_non_id(
Expand Down Expand Up @@ -120,15 +111,6 @@ pub trait EccInstructions<C: CurveAffine>:
b: &B,
) -> Result<Self::Point, Error>;

/// Performs variable-base sign-scalar multiplication, returning `[sign] point`
/// `sign` must be in {-1, 1}.
fn mul_sign(
&self,
layouter: &mut impl Layouter<C::Base>,
sign: &AssignedCell<C::Base, C::Base>,
point: &Self::Point,
) -> Result<Self::Point, Error>;

/// Performs variable-base scalar multiplication, returning `[scalar] base`.
fn mul(
&self,
Expand Down Expand Up @@ -393,8 +375,8 @@ impl<C: CurveAffine, EccChip: EccInstructions<C> + Clone + Debug + Eq>
/// A point on a specific elliptic curve.
#[derive(Copy, Clone, Debug)]
pub struct Point<C: CurveAffine, EccChip: EccInstructions<C> + Clone + Debug + Eq> {
chip: EccChip,
inner: EccChip::Point,
pub(crate) chip: EccChip,
pub(crate) inner: EccChip::Point,
}

impl<C: CurveAffine, EccChip: EccInstructions<C> + Clone + Debug + Eq> Point<C, EccChip> {
Expand All @@ -408,16 +390,6 @@ impl<C: CurveAffine, EccChip: EccInstructions<C> + Clone + Debug + Eq> Point<C,
point.map(|inner| Point { chip, inner })
}

/// Constructs a new point with the given fixed value.
pub fn new_from_constant(
chip: EccChip,
mut layouter: impl Layouter<C::Base>,
value: C,
) -> Result<Self, Error> {
let point = chip.witness_point_from_constant(&mut layouter, value);
point.map(|inner| Point { chip, inner })
}

/// Constrains this point to be equal in value to another point.
pub fn constrain_equal<Other: Into<Point<C, EccChip>> + Clone>(
&self,
Expand Down Expand Up @@ -460,21 +432,6 @@ impl<C: CurveAffine, EccChip: EccInstructions<C> + Clone + Debug + Eq> Point<C,
inner,
})
}

/// Returns `[sign] self`.
/// `sign` must be in {-1, 1}.
pub fn mul_sign(
&self,
mut layouter: impl Layouter<C::Base>,
sign: &AssignedCell<C::Base, C::Base>,
) -> Result<Point<C, EccChip>, Error> {
self.chip
.mul_sign(&mut layouter, sign, &self.inner)
.map(|point| Point {
chip: self.chip.clone(),
inner: point,
})
}
}

/// The affine short Weierstrass x-coordinate of a point on a specific elliptic curve.
Expand Down Expand Up @@ -793,7 +750,6 @@ pub(crate) mod tests {
meta.advice_column(),
];
let lookup_table = meta.lookup_table_column();
let table_range_check_tag = meta.lookup_table_column();
let lagrange_coeffs = [
meta.fixed_column(),
meta.fixed_column(),
Expand All @@ -808,12 +764,7 @@ pub(crate) mod tests {
let constants = meta.fixed_column();
meta.enable_constant(constants);

let range_check = LookupRangeCheckConfig::configure(
meta,
advices[9],
lookup_table,
Some(table_range_check_tag),
);
let range_check = LookupRangeCheckConfig::configure(meta, advices[9], lookup_table);

Check failure on line 767 in halo2_gadgets/src/ecc.rs

View workflow job for this annotation

GitHub Actions / Clippy (beta)

this function takes 4 arguments but 3 arguments were supplied 

error[E0061]: this function takes 4 arguments but 3 arguments were supplied
   --> halo2_gadgets/src/ecc.rs:767:31
    |
767 |             let range_check = LookupRangeCheckConfig::configure(meta, advices[9], lookup_table);
    |                               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^-------------------------------- an argument of type `std::option::Option<halo2_proofs::plonk::TableColumn>` is missing
    |
note: associated function defined here
   --> halo2_gadgets/src/utilities/lookup_range_check.rs:90:12
    |
90  |     pub fn configure(
    |            ^^^^^^^^^
91  |         meta: &mut ConstraintSystem<F>,
    |         ------------------------------
92  |         running_sum: Column<Advice>,
    |         ---------------------------
93  |         table_idx: TableColumn,
    |         ----------------------
94  |         table_range_check_tag: Option<TableColumn>,
    |         ------------------------------------------
help: provide the argument
    |
767 |             let range_check = LookupRangeCheckConfig::configure(meta, advices[9], lookup_table, /* std::option::Option<halo2_proofs::plonk::TableColumn> */);
    |                                                                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
EccChip::<TestFixedBases>::configure(meta, advices, lagrange_coeffs, range_check)
}

Expand Down Expand Up @@ -914,9 +865,11 @@ pub(crate) mod tests {
)?;
}

// FIXME: find a way to move this test outside this module as it uses optimized version
// of the chip (make chip and mul_fixed ecc_opt non-crate pub after that)
// Test variable-base sign-scalar multiplication
{
super::chip::mul_fixed::short::tests::test_mul_sign(
crate::ecc_opt::chip::mul_fixed::short::tests::test_mul_sign(
chip.clone(),
layouter.namespace(|| "variable-base sign-scalar mul"),
)?;
Expand Down
44 changes: 7 additions & 37 deletions halo2_gadgets/src/ecc/chip.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@ pub(super) mod add;
pub(super) mod add_incomplete;
pub mod constants;
pub(super) mod mul;
pub(super) mod mul_fixed;
pub(super) mod witness_point;
pub(crate) mod mul_fixed;
pub(crate) mod witness_point;

pub use constants::*;

Expand All @@ -37,11 +37,11 @@ pub struct EccPoint {
/// x-coordinate
///
/// Stored as an `Assigned<F>` to enable batching inversions.
x: AssignedCell<Assigned<pallas::Base>, pallas::Base>,
pub(crate) x: AssignedCell<Assigned<pallas::Base>, pallas::Base>,
/// y-coordinate
///
/// Stored as an `Assigned<F>` to enable batching inversions.
y: AssignedCell<Assigned<pallas::Base>, pallas::Base>,
pub(crate) y: AssignedCell<Assigned<pallas::Base>, pallas::Base>,
}

impl EccPoint {
Expand Down Expand Up @@ -153,12 +153,12 @@ pub struct EccConfig<FixedPoints: super::FixedPoints<pallas::Affine>> {
/// Fixed-base full-width scalar multiplication
mul_fixed_full: mul_fixed::full_width::Config<FixedPoints>,
/// Fixed-base signed short scalar multiplication
mul_fixed_short: mul_fixed::short::Config<FixedPoints>,
pub(crate) mul_fixed_short: mul_fixed::short::Config<FixedPoints>,
/// Fixed-base mul using a base field element as a scalar
mul_fixed_base_field: mul_fixed::base_field_elem::Config<FixedPoints>,

/// Witness point
witness_point: witness_point::Config,
pub(crate) witness_point: witness_point::Config,

/// Lookup range check using 10-bit lookup table
pub lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>,
Expand Down Expand Up @@ -339,7 +339,7 @@ pub struct EccScalarFixed {
type MagnitudeCell = AssignedCell<pallas::Base, pallas::Base>;
// TODO: Make V an enum Sign { Positive, Negative }
type SignCell = AssignedCell<pallas::Base, pallas::Base>;
type MagnitudeSign = (MagnitudeCell, SignCell);
pub(crate) type MagnitudeSign = (MagnitudeCell, SignCell);

/// A signed short scalar used for fixed-base scalar multiplication.
/// A short scalar must have magnitude in the range [0..2^64), with
Expand Down Expand Up @@ -453,18 +453,6 @@ where
)
}

fn witness_point_from_constant(
&self,
layouter: &mut impl Layouter<pallas::Base>,
value: pallas::Affine,
) -> Result<Self::Point, Error> {
let config = self.config().witness_point;
layouter.assign_region(
|| "witness point (constant)",
|mut region| config.constant_point(value, 0, &mut region),
)
}

fn witness_point_non_id(
&self,
layouter: &mut impl Layouter<pallas::Base>,
Expand Down Expand Up @@ -544,24 +532,6 @@ where
)
}

/// Performs variable-base sign-scalar multiplication, returning `[sign] point`
/// `sign` must be in {-1, 1}.
fn mul_sign(
&self,
layouter: &mut impl Layouter<pallas::Base>,
sign: &AssignedCell<pallas::Base, pallas::Base>,
point: &Self::Point,
) -> Result<Self::Point, Error> {
// Multiply point by sign, using the same gate as mul_fixed::short.
// This also constrains sign to be in {-1, 1}.
let config_short = self.config().mul_fixed_short.clone();
config_short.assign_scalar_sign(
layouter.namespace(|| "variable-base sign-scalar mul"),
sign,
point,
)
}

fn mul(
&self,
layouter: &mut impl Layouter<pallas::Base>,
Expand Down
6 changes: 3 additions & 3 deletions halo2_gadgets/src/ecc/chip/mul_fixed.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,11 @@ pub struct Config<FixedPoints: super::FixedPoints<pallas::Affine>> {
fixed_z: Column<Fixed>,
// Decomposition of an `n-1`-bit scalar into `k`-bit windows:
// a = a_0 + 2^k(a_1) + 2^{2k}(a_2) + ... + 2^{(n-1)k}(a_{n-1})
window: Column<Advice>,
pub(crate) window: Column<Advice>,
// y-coordinate of accumulator (only used in the final row).
u: Column<Advice>,
pub(crate) u: Column<Advice>,
// Configuration for `add`
add_config: add::Config,
pub(crate) add_config: add::Config,
// Configuration for `add_incomplete`
add_incomplete_config: add_incomplete::Config,
_marker: PhantomData<FixedPoints>,
Expand Down
Loading

0 comments on commit 5d7ed7d

Please sign in to comment.