Skip to content

Commit

Permalink
Revert #679 (#687)
Browse files Browse the repository at this point in the history
Co-authored-by: Jeff Burdges <burdges@gnunet.org>
mmagician and burdges authored Oct 4, 2023
1 parent 4152c41 commit 5dfeedf
Showing 3 changed files with 32 additions and 23 deletions.
Original file line number Diff line number Diff line change
@@ -35,8 +35,8 @@ pub fn parity<F: Field>(element: &F) -> bool {
}

impl<P: SWUConfig> MapToCurve<Projective<P>> for SWUMap<P> {
/// Checks if `P` represents a valid map.
fn check_parameters() -> Result<(), HashToCurveError> {
/// Constructs a new map if `P` represents a valid map.
fn new() -> Result<Self, HashToCurveError> {
// Verifying that ZETA is a non-square
if P::ZETA.legendre().is_qr() {
return Err(HashToCurveError::MapToCurveError(
@@ -49,13 +49,13 @@ impl<P: SWUConfig> MapToCurve<Projective<P>> for SWUMap<P> {
return Err(HashToCurveError::MapToCurveError("Simplified SWU requires a * b != 0 in the short Weierstrass form of y^2 = x^3 + a*x + b ".to_string()));
}

Ok(())
Ok(SWUMap(PhantomData))
}

/// Map an arbitrary base field element to a curve point.
/// Based on
/// <https://github.com/zcash/pasta_curves/blob/main/src/hashtocurve.rs>.
fn map_to_curve(point: P::BaseField) -> Result<Affine<P>, HashToCurveError> {
fn map_to_curve(&self, point: P::BaseField) -> Result<Affine<P>, HashToCurveError> {
// 1. tv1 = inv0(Z^2 * u^4 + Z * u^2)
// 2. x1 = (-B / A) * (1 + tv1)
// 3. If tv1 == 0, set x1 = B / (Z * A)
@@ -256,12 +256,15 @@ mod test {
/// elements should be mapped to curve successfully. everything can be mapped
#[test]
fn map_field_to_curve_swu() {
SWUMap::<TestSWUMapToCurveConfig>::check_parameters().unwrap();
let test_map_to_curve = SWUMap::<TestSWUMapToCurveConfig>::new().unwrap();

let mut map_range: Vec<Affine<TestSWUMapToCurveConfig>> = vec![];
for current_field_element in 0..127 {
let point = F127::from(current_field_element as u64);
map_range.push(SWUMap::<TestSWUMapToCurveConfig>::map_to_curve(point).unwrap());
map_range.push(
test_map_to_curve
.map_to_curve(F127::from(current_field_element as u64))
.unwrap(),
);
}

let mut counts = HashMap::new();
Original file line number Diff line number Diff line change
@@ -79,13 +79,13 @@ pub trait WBConfig: SWCurveConfig + Sized {
}

pub struct WBMap<P: WBConfig> {
swu_field_curve_hasher: PhantomData<SWUMap<P::IsogenousCurve>>,
swu_field_curve_hasher: SWUMap<P::IsogenousCurve>,
curve_params: PhantomData<fn() -> P>,
}

impl<P: WBConfig> MapToCurve<Projective<P>> for WBMap<P> {
/// Checks if `P` represents a valid map.
fn check_parameters() -> Result<(), HashToCurveError> {
/// Constructs a new map if `P` represents a valid map.
fn new() -> Result<Self, HashToCurveError> {
match P::ISOGENY_MAP.apply(P::IsogenousCurve::GENERATOR) {
Ok(point_on_curve) => {
if !point_on_curve.is_on_curve() {
@@ -95,18 +95,21 @@ impl<P: WBConfig> MapToCurve<Projective<P>> for WBMap<P> {
Err(e) => return Err(e),
}

SWUMap::<P::IsogenousCurve>::check_parameters().unwrap(); // Or ?
Ok(())
Ok(WBMap {
swu_field_curve_hasher: SWUMap::<P::IsogenousCurve>::new().unwrap(),
curve_params: PhantomData,
})
}

/// Map random field point to a random curve point
/// inspired from
/// <https://github.com/zcash/pasta_curves/blob/main/src/hashtocurve.rs>
fn map_to_curve(
&self,
element: <Affine<P> as AffineRepr>::BaseField,
) -> Result<Affine<P>, HashToCurveError> {
// first we need to map the field point to the isogenous curve
let point_on_isogenious_curve = SWUMap::<P::IsogenousCurve>::map_to_curve(element).unwrap();
let point_on_isogenious_curve = self.swu_field_curve_hasher.map_to_curve(element).unwrap();
P::ISOGENY_MAP.apply(point_on_isogenious_curve)
}
}
23 changes: 13 additions & 10 deletions ec/src/hashing/map_to_curve_hasher.rs
Original file line number Diff line number Diff line change
@@ -7,11 +7,11 @@ use ark_std::marker::PhantomData;

/// Trait for mapping a random field element to a random curve point.
pub trait MapToCurve<T: CurveGroup>: Sized {
/// Checks whether supplied parameters represent a valid map.
fn check_parameters() -> Result<(), HashToCurveError>;
/// Constructs a new mapping.
fn new() -> Result<Self, HashToCurveError>;

/// Map an arbitary field element to a corresponding curve point.
fn map_to_curve(point: T::BaseField) -> Result<T::Affine, HashToCurveError>;
fn map_to_curve(&self, point: T::BaseField) -> Result<T::Affine, HashToCurveError>;
}

/// Helper struct that can be used to construct elements on the elliptic curve
@@ -24,7 +24,8 @@ where
M2C: MapToCurve<T>,
{
field_hasher: H2F,
_phantom: PhantomData<(T, M2C)>,
curve_mapper: M2C,
_params_t: PhantomData<T>,
}

impl<T, H2F, M2C> HashToCurve<T> for MapToCurveBasedHasher<T, H2F, M2C>
@@ -34,11 +35,13 @@ where
M2C: MapToCurve<T>,
{
fn new(domain: &[u8]) -> Result<Self, HashToCurveError> {
#[cfg(test)]
M2C::check_parameters()?;
let field_hasher = H2F::new(domain);
let curve_mapper = M2C::new()?;
let _params_t = PhantomData;
Ok(MapToCurveBasedHasher {
field_hasher: H2F::new(domain),
_phantom: PhantomData,
field_hasher,
curve_mapper,
_params_t,
})
}

@@ -58,8 +61,8 @@ where

let rand_field_elems = self.field_hasher.hash_to_field::<2>(msg);

let rand_curve_elem_0 = M2C::map_to_curve(rand_field_elems[0])?;
let rand_curve_elem_1 = M2C::map_to_curve(rand_field_elems[1])?;
let rand_curve_elem_0 = self.curve_mapper.map_to_curve(rand_field_elems[0])?;
let rand_curve_elem_1 = self.curve_mapper.map_to_curve(rand_field_elems[1])?;

let rand_curve_elem = (rand_curve_elem_0 + rand_curve_elem_1).into();
let rand_subgroup_elem = rand_curve_elem.clear_cofactor();

0 comments on commit 5dfeedf

Please sign in to comment.