From 1805224ebff72a5f3536e0d16f38c3ce4a02176b Mon Sep 17 00:00:00 2001
From: Alex Kuzmin <alex.kuzmin@proton.me>
Date: Tue, 5 Dec 2023 19:33:40 +0800
Subject: [PATCH] Code review fixes

---
 kzg_prover/Cargo.lock            |  5 ---
 kzg_prover/Cargo.toml            |  3 --
 kzg_prover/src/circuits/tests.rs | 12 +++----
 kzg_prover/src/circuits/utils.rs | 60 +++++++++++++++++---------------
 4 files changed, 38 insertions(+), 42 deletions(-)

diff --git a/kzg_prover/Cargo.lock b/kzg_prover/Cargo.lock
index dd818cc6..c8b14250 100644
--- a/kzg_prover/Cargo.lock
+++ b/kzg_prover/Cargo.lock
@@ -4144,8 +4144,3 @@ name = "zeroize"
 version = "1.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d"
-
-[[patch.unused]]
-name = "halo2_proofs"
-version = "0.2.0"
-source = "git+https://github.com/privacy-scaling-explorations/halo2#6fc6d7ca018f3899b030618cb18580249b1e7c82"
diff --git a/kzg_prover/Cargo.toml b/kzg_prover/Cargo.toml
index 7d08ebec..562b59ba 100644
--- a/kzg_prover/Cargo.toml
+++ b/kzg_prover/Cargo.toml
@@ -27,8 +27,5 @@ regex-simple = { version = "1", package = "regex" }
 num-traits = "0.2.16"
 rayon = "1.8.0"
 
-[patch."https://github.com/privacy-scaling-explorations/halo2?rev=v2023_04_20"]
-halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2" }
-
 [dev-dependencies]
 criterion= "0.3"
diff --git a/kzg_prover/src/circuits/tests.rs b/kzg_prover/src/circuits/tests.rs
index 6d759d1b..05cbea66 100644
--- a/kzg_prover/src/circuits/tests.rs
+++ b/kzg_prover/src/circuits/tests.rs
@@ -106,7 +106,7 @@ mod test {
 
         // 1. Proving phase
         // The Custodian generates the ZK proof
-        let (zk_proof, advice_polys, omega) =
+        let (zk_snark_proof, advice_polys, omega) =
             full_prover(&params, &pk, circuit.clone(), vec![vec![]]);
 
         // Both the Custodian and the Verifier know what column range are the balance columns
@@ -125,7 +125,7 @@ mod test {
         let user_index = 3_u16;
 
         let balance_column_range = 1..N_CURRENCIES + 1;
-        let user_balances_kzg_proofs = open_user_balances::<N_CURRENCIES>(
+        let balance_opening_proofs = open_user_balances::<N_CURRENCIES>(
             &advice_polys.advice_polys,
             &advice_polys.advice_blinds,
             &params,
@@ -136,7 +136,7 @@ mod test {
 
         // 2. Verification phase
         // The Verifier verifies the ZK proof
-        assert!(full_verifier(&params, &vk, &zk_proof, vec![vec![]]));
+        assert!(full_verifier(&params, &vk, &zk_snark_proof, vec![vec![]]));
 
         // The Verifier is able to independently extract the omega from the verification key
         let omega = pk.get_vk().get_domain().get_omega();
@@ -151,7 +151,7 @@ mod test {
         // The Verifier verifies the KZG opening transcripts and calculates the grand sums
         let (verified, grand_sum) = verify_grand_sum_openings::<N_CURRENCIES>(
             &params,
-            &zk_proof,
+            &zk_snark_proof,
             kzg_proofs,
             poly_degree,
             balance_column_range,
@@ -165,8 +165,8 @@ mod test {
         let balance_column_range = 1..N_CURRENCIES + 1;
         let (balances_verified, balance_values) = verify_user_inclusion::<N_CURRENCIES>(
             &params,
-            &zk_proof,
-            user_balances_kzg_proofs,
+            &zk_snark_proof,
+            balance_opening_proofs,
             balance_column_range,
             omega,
             user_index,
diff --git a/kzg_prover/src/circuits/utils.rs b/kzg_prover/src/circuits/utils.rs
index 7773c3f4..7bd73670 100644
--- a/kzg_prover/src/circuits/utils.rs
+++ b/kzg_prover/src/circuits/utils.rs
@@ -127,10 +127,10 @@ pub fn open_grand_sums<const N_CURRENCIES: usize>(
     balance_column_range: Range<usize>,
 ) -> Vec<Vec<u8>> {
     let challenge = Fp::zero();
-    let mut kzg_proofs = Vec::new();
+    let mut challenge_opening_proofs = Vec::new();
     balance_column_range.for_each(|i| {
-        kzg_proofs.push(
-            create_kzg_proof::<
+        challenge_opening_proofs.push(
+            create_opening_proof_at_challenge::<
                 KZGCommitmentScheme<Bn256>,
                 ProverSHPLONK<'_, Bn256>,
                 Challenge255<G1Affine>,
@@ -139,7 +139,7 @@ pub fn open_grand_sums<const N_CURRENCIES: usize>(
             .to_vec(),
         )
     });
-    kzg_proofs
+    challenge_opening_proofs
 }
 
 pub fn open_user_balances<const N_CURRENCIES: usize>(
@@ -151,10 +151,10 @@ pub fn open_user_balances<const N_CURRENCIES: usize>(
     user_index: u16,
 ) -> Vec<Vec<u8>> {
     let omega_raised = omega.pow_vartime([user_index as u64]);
-    let mut kzg_proofs = Vec::new();
+    let mut balance_opening_proofs = Vec::new();
     balance_column_range.for_each(|i| {
-        kzg_proofs.push(
-            create_kzg_proof::<
+        balance_opening_proofs.push(
+            create_opening_proof_at_challenge::<
                 KZGCommitmentScheme<Bn256>,
                 ProverSHPLONK<'_, Bn256>,
                 Challenge255<G1Affine>,
@@ -168,26 +168,26 @@ pub fn open_user_balances<const N_CURRENCIES: usize>(
             .to_vec(),
         )
     });
-    kzg_proofs
+    balance_opening_proofs
 }
 
 /// Verifies the univariate polynomial grand sum openings
 pub fn verify_grand_sum_openings<const N_CURRENCIES: usize>(
     params: &ParamsKZG<Bn256>,
-    zk_proof: &[u8],
-    kzg_proofs: Vec<Vec<u8>>,
+    zk_snark_proof: &[u8],
+    challenge_opening_proofs: Vec<Vec<u8>>,
     polynomial_degree: u64,
     balance_column_range: Range<usize>,
 ) -> (Vec<bool>, Vec<BigUint>) {
     let mut transcript: Blake2bRead<&[u8], G1Affine, Challenge255<G1Affine>> =
-        Blake2bRead::<_, _, Challenge255<_>>::init(zk_proof);
+        Blake2bRead::<_, _, Challenge255<_>>::init(zk_snark_proof);
 
     //Read the commitment points for all the  advice polynomials from the proof transcript and put them into a vector
     let mut advice_commitments = Vec::new();
     for i in 0..N_CURRENCIES + balance_column_range.start {
         let point = transcript.read_point().unwrap();
-        // Skip the balances column commitment
-        if i != 0 {
+        // Skip the advice commitments before the desired range
+        if i >= balance_column_range.start {
             advice_commitments.push(point);
         }
     }
@@ -196,14 +196,18 @@ pub fn verify_grand_sum_openings<const N_CURRENCIES: usize>(
     let mut constant_terms = Vec::<BigUint>::new();
 
     for (i, advice_commitment) in advice_commitments.iter().enumerate() {
-        let (verified, constant_term) =
-            verify_kzg_proof::<
-                KZGCommitmentScheme<Bn256>,
-                VerifierSHPLONK<'_, Bn256>,
-                Challenge255<G1Affine>,
-                Blake2bRead<_, _, Challenge255<_>>,
-                AccumulatorStrategy<_>,
-            >(params, &kzg_proofs[i], Fp::zero(), *advice_commitment);
+        let (verified, constant_term) = verify_opening::<
+            KZGCommitmentScheme<Bn256>,
+            VerifierSHPLONK<'_, Bn256>,
+            Challenge255<G1Affine>,
+            Blake2bRead<_, _, Challenge255<_>>,
+            AccumulatorStrategy<_>,
+        >(
+            params,
+            &challenge_opening_proofs[i],
+            Fp::zero(),
+            *advice_commitment,
+        );
         verification_results.push(verified);
 
         if verified {
@@ -217,14 +221,14 @@ pub fn verify_grand_sum_openings<const N_CURRENCIES: usize>(
 
 pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
     params: &ParamsKZG<Bn256>,
-    zk_proof: &[u8],
-    kzg_proofs: Vec<Vec<u8>>,
+    zk_snark_proof: &[u8],
+    balance_opening_proofs: Vec<Vec<u8>>,
     balance_column_range: Range<usize>,
     omega: Fp,
     user_index: u16,
 ) -> (Vec<bool>, Vec<BigUint>) {
     let mut transcript: Blake2bRead<&[u8], G1Affine, Challenge255<G1Affine>> =
-        Blake2bRead::<_, _, Challenge255<_>>::init(zk_proof);
+        Blake2bRead::<_, _, Challenge255<_>>::init(zk_snark_proof);
 
     //Read the commitment points for all the  advice polynomials from the proof transcript and put them into a vector
     let mut advice_commitments = Vec::new();
@@ -240,7 +244,7 @@ pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
     let mut balances = Vec::<BigUint>::new();
 
     for (i, advice_commitment) in advice_commitments.iter().enumerate() {
-        let (verified, eval_at_challenge) = verify_kzg_proof::<
+        let (verified, eval_at_challenge) = verify_opening::<
             KZGCommitmentScheme<Bn256>,
             VerifierSHPLONK<'_, Bn256>,
             Challenge255<G1Affine>,
@@ -248,7 +252,7 @@ pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
             AccumulatorStrategy<_>,
         >(
             params,
-            &kzg_proofs[i],
+            &balance_opening_proofs[i],
             omega.pow_vartime([user_index as u64]),
             *advice_commitment,
         );
@@ -264,7 +268,7 @@ pub fn verify_user_inclusion<const N_CURRENCIES: usize>(
 }
 
 /// Creates a KZG proof for a polynomial evaluation at a challenge
-fn create_kzg_proof<
+fn create_opening_proof_at_challenge<
     'params,
     Scheme: CommitmentScheme<Curve = halo2_proofs::halo2curves::bn256::G1Affine, Scalar = Fp>,
     P: Prover<'params, Scheme>,
@@ -301,7 +305,7 @@ where
 }
 
 /// Verifies a KZG proof for a polynomial evaluation at a challenge
-pub fn verify_kzg_proof<
+pub fn verify_opening<
     'a,
     'params,
     Scheme: CommitmentScheme<Curve = halo2_proofs::halo2curves::bn256::G1Affine, Scalar = Fp>,