Refactor

QED-it · Jul 8, 2024 · 68d65e0 · 68d65e0
1 parent 70af809
commit 68d65e0
Show file tree

Hide file tree

Showing 5 changed files with 124 additions and 103 deletions.
diff --git a/halo2_gadgets/src/ecc/chip/mul_fixed/short.rs b/halo2_gadgets/src/ecc/chip/mul_fixed/short.rs
@@ -588,7 +588,7 @@ pub mod tests {
         fn test_invalid_magnitude_sign() {
             // Magnitude larger than 64 bits should fail
             {
-                let circuits: Vec<MyMagnitudeSignCircuit<Lookup>> = vec![
+                let circuits = [
                     // 2^64
                     MyMagnitudeSignCircuit::<Lookup> {
                         magnitude: Value::known(pallas::Base::from_u128(1 << 64)),
@@ -742,7 +742,6 @@ pub mod tests {
         }
     }
 
-    #[cfg(feature = "test-dev-graph")]
     #[test]
     fn invalid_magnitude_sign() {
         MyMagnitudeSignCircuit::<PallasLookupRangeCheckConfig>::test_invalid_magnitude_sign();

diff --git a/halo2_gadgets/src/sinsemilla.rs b/halo2_gadgets/src/sinsemilla.rs
@@ -835,7 +835,7 @@ pub(crate) mod tests {
     }
 
     #[test]
-    fn test_against_stored_sinsemilla_chip() {
+    fn test_sinsemilla_chip_against_stored_circuit() {
         let circuit: MyCircuit<PallasLookupRangeCheckConfig> = MyCircuit {
             _lookup_marker: PhantomData,
         };

diff --git a/halo2_gadgets/src/sinsemilla/chip/hash_to_point.rs b/halo2_gadgets/src/sinsemilla/chip/hash_to_point.rs
@@ -50,7 +50,7 @@ where
         ),
         Error,
     > {
-        let (offset, x_a, y_a) = self.public_initialization(region, Q)?;
+        let (offset, x_a, y_a) = self.public_q_initialization(region, Q)?;
 
         let (x_a, y_a, zs_sum) = self.hash_all_pieces(region, offset, message, x_a, y_a)?;
 
@@ -80,87 +80,13 @@ where
             return Err(Error::HashFromPrivatePoint);
         }
 
-        let (offset, x_a, y_a) = self.private_initialization(region, Q)?;
+        let (offset, x_a, y_a) = self.private_q_initialization(region, Q)?;
 
         let (x_a, y_a, zs_sum) = self.hash_all_pieces(region, offset, message, x_a, y_a)?;
 
         self.check_hash_result(EccPointQ::PrivatePoint(Q), message, x_a, y_a, zs_sum)
     }
 
-    #[allow(unused_variables)]
-    #[allow(non_snake_case)]
-    #[allow(clippy::type_complexity)]
-    fn check_hash_result(
-        &self,
-        Q: EccPointQ,
-        message: &<Self as SinsemillaInstructions<
-            pallas::Affine,
-            { sinsemilla::K },
-            { sinsemilla::C },
-        >>::Message,
-        x_a: X<pallas::Base>,
-        y_a: AssignedCell<Assigned<pallas::Base>, pallas::Base>,
-        zs_sum: Vec<Vec<AssignedCell<pallas::Base, pallas::Base>>>,
-    ) -> Result<
-        (
-            NonIdentityEccPoint,
-            Vec<Vec<AssignedCell<pallas::Base, pallas::Base>>>,
-        ),
-        Error,
-    > {
-        #[cfg(test)]
-        // Check equivalence to result from primitives::sinsemilla::hash_to_point
-        {
-            use crate::sinsemilla::primitives::{K, S_PERSONALIZATION};
-
-            use group::{prime::PrimeCurveAffine, Curve};
-            use pasta_curves::arithmetic::CurveExt;
-
-            let field_elems: Value<Vec<_>> = message
-                .iter()
-                .map(|piece| piece.field_elem().map(|elem| (elem, piece.num_words())))
-                .collect();
-
-            let value_Q = match Q {
-                EccPointQ::PublicPoint(p) => Value::known(p),
-                EccPointQ::PrivatePoint(p) => p.point(),
-            };
-
-            field_elems
-                .zip(x_a.value().zip(y_a.value()))
-                .zip(value_Q)
-                .assert_if_known(|((field_elems, (x_a, y_a)), value_Q)| {
-                    // Get message as a bitstring.
-                    let bitstring: Vec<bool> = field_elems
-                        .iter()
-                        .flat_map(|(elem, num_words)| {
-                            elem.to_le_bits().into_iter().take(K * num_words)
-                        })
-                        .collect();
-
-                    let hasher_S = pallas::Point::hash_to_curve(S_PERSONALIZATION);
-                    let S = |chunk: &[bool]| hasher_S(&lebs2ip_k(chunk).to_le_bytes());
-
-                    // We can use complete addition here because it differs from
-                    // incomplete addition with negligible probability.
-                    let expected_point = bitstring
-                        .chunks(K)
-                        .fold(value_Q.to_curve(), |acc, chunk| (acc + S(chunk)) + acc);
-                    let actual_point =
-                        pallas::Affine::from_xy(x_a.evaluate(), y_a.evaluate()).unwrap();
-                    expected_point.to_affine() == actual_point
-                });
-        }
-
-        x_a.value()
-            .zip(y_a.value())
-            .error_if_known_and(|(x_a, y_a)| x_a.is_zero_vartime() || y_a.is_zero_vartime())?;
-        Ok((
-            NonIdentityEccPoint::from_coordinates_unchecked(x_a.0, y_a),
-            zs_sum,
-        ))
-    }
-
     #[allow(non_snake_case)]
     /// Assign the coordinates of the initial public point `Q`.
     ///
@@ -174,7 +100,7 @@ where
     /// --------------------------------------
     /// |   0    |     | y_Q |               |
     /// |   1    | x_Q |     |         1     |
-    fn public_initialization(
+    fn public_q_initialization(
         &self,
         region: &mut Region<'_, pallas::Base>,
         Q: pallas::Affine,
@@ -235,7 +161,7 @@ where
     /// --------------------------------------
     /// |   0    |     | y_Q |               |
     /// |   1    | x_Q |     |         1     |
-    fn private_initialization(
+    fn private_q_initialization(
         &self,
         region: &mut Region<'_, pallas::Base>,
         Q: &NonIdentityEccPoint,
@@ -545,6 +471,80 @@ where
 
         Ok((x_a, y_a, zs))
     }
+
+    #[allow(unused_variables)]
+    #[allow(non_snake_case)]
+    #[allow(clippy::type_complexity)]
+    fn check_hash_result(
+        &self,
+        Q: EccPointQ,
+        message: &<Self as SinsemillaInstructions<
+            pallas::Affine,
+            { sinsemilla::K },
+            { sinsemilla::C },
+        >>::Message,
+        x_a: X<pallas::Base>,
+        y_a: AssignedCell<Assigned<pallas::Base>, pallas::Base>,
+        zs_sum: Vec<Vec<AssignedCell<pallas::Base, pallas::Base>>>,
+    ) -> Result<
+        (
+            NonIdentityEccPoint,
+            Vec<Vec<AssignedCell<pallas::Base, pallas::Base>>>,
+        ),
+        Error,
+    > {
+        #[cfg(test)]
+        // Check equivalence to result from primitives::sinsemilla::hash_to_point
+        {
+            use crate::sinsemilla::primitives::{K, S_PERSONALIZATION};
+
+            use group::{prime::PrimeCurveAffine, Curve};
+            use pasta_curves::arithmetic::CurveExt;
+
+            let field_elems: Value<Vec<_>> = message
+                .iter()
+                .map(|piece| piece.field_elem().map(|elem| (elem, piece.num_words())))
+                .collect();
+
+            let value_Q = match Q {
+                EccPointQ::PublicPoint(p) => Value::known(p),
+                EccPointQ::PrivatePoint(p) => p.point(),
+            };
+
+            field_elems
+                .zip(x_a.value().zip(y_a.value()))
+                .zip(value_Q)
+                .assert_if_known(|((field_elems, (x_a, y_a)), value_Q)| {
+                    // Get message as a bitstring.
+                    let bitstring: Vec<bool> = field_elems
+                        .iter()
+                        .flat_map(|(elem, num_words)| {
+                            elem.to_le_bits().into_iter().take(K * num_words)
+                        })
+                        .collect();
+
+                    let hasher_S = pallas::Point::hash_to_curve(S_PERSONALIZATION);
+                    let S = |chunk: &[bool]| hasher_S(&lebs2ip_k(chunk).to_le_bytes());
+
+                    // We can use complete addition here because it differs from
+                    // incomplete addition with negligible probability.
+                    let expected_point = bitstring
+                        .chunks(K)
+                        .fold(value_Q.to_curve(), |acc, chunk| (acc + S(chunk)) + acc);
+                    let actual_point =
+                        pallas::Affine::from_xy(x_a.evaluate(), y_a.evaluate()).unwrap();
+                    expected_point.to_affine() == actual_point
+                });
+        }
+
+        x_a.value()
+            .zip(y_a.value())
+            .error_if_known_and(|(x_a, y_a)| x_a.is_zero_vartime() || y_a.is_zero_vartime())?;
+        Ok((
+            NonIdentityEccPoint::from_coordinates_unchecked(x_a.0, y_a),
+            zs_sum,
+        ))
+    }
 }
 
 /// The x-coordinate of the accumulator in a Sinsemilla hash instance.

diff --git a/halo2_gadgets/src/sinsemilla/merkle.rs b/halo2_gadgets/src/sinsemilla/merkle.rs
@@ -187,7 +187,10 @@ pub mod tests {
         tests::test_utils::test_against_stored_circuit,
         utilities::{
             i2lebsp,
-            lookup_range_check::{PallasLookupRangeCheck45BConfig, PallasLookupRangeCheckConfig},
+            lookup_range_check::{
+                PallasLookupRangeCheck, PallasLookupRangeCheck45BConfig,
+                PallasLookupRangeCheckConfig,
+            },
             UtilitiesInstructions,
         },
     };
@@ -200,10 +203,8 @@ pub mod tests {
         plonk::{Circuit, ConstraintSystem, Error},
     };
 
-    use crate::utilities::lookup_range_check::PallasLookupRangeCheck;
     use rand::{rngs::OsRng, RngCore};
-    use std::marker::PhantomData;
-    use std::{convert::TryInto, iter};
+    use std::{convert::TryInto, iter, marker::PhantomData};
 
     const MERKLE_DEPTH: usize = 32;