diff --git a/poly-commit/src/data_structures.rs b/poly-commit/src/data_structures.rs index 2b942ee1..acbe441c 100644 --- a/poly-commit/src/data_structures.rs +++ b/poly-commit/src/data_structures.rs @@ -1,4 +1,5 @@ use crate::{Polynomial, String, Vec}; +use ark_crypto_primitives::sponge::Absorb; use ark_ff::{Field, PrimeField, ToConstraintField}; use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; use ark_std::rand::RngCore; @@ -55,7 +56,7 @@ pub trait PCPreparedVerifierKey { /// Defines the minimal interface of commitments for any polynomial /// commitment scheme. -pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize { +pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize + Absorb { /// Outputs a non-hiding commitment to the zero polynomial. fn empty() -> Self; @@ -185,6 +186,16 @@ pub struct LabeledCommitment { degree_bound: Option, } +impl Absorb for LabeledCommitment { + fn to_sponge_bytes(&self, dest: &mut Vec) { + self.commitment.to_sponge_bytes(dest) + } + + fn to_sponge_field_elements(&self, dest: &mut Vec) { + self.commitment.to_sponge_field_elements(dest) + } +} + impl> ToConstraintField for LabeledCommitment { diff --git a/poly-commit/src/ipa_pc/data_structures.rs b/poly-commit/src/ipa_pc/data_structures.rs index 84fcb7f2..b7df381e 100644 --- a/poly-commit/src/ipa_pc/data_structures.rs +++ b/poly-commit/src/ipa_pc/data_structures.rs @@ -1,5 +1,6 @@ use crate::*; use crate::{PCCommitterKey, PCVerifierKey, Vec}; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::AffineRepr; use ark_ff::{Field, UniformRand, Zero}; use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; @@ -84,7 +85,7 @@ impl PCPreparedVerifierKey> for PreparedVerifierKe } /// Commitment to a polynomial that optionally enforces a degree bound. -#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)] +#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)] #[derivative( Default(bound = ""), Hash(bound = ""), @@ -94,7 +95,7 @@ impl PCPreparedVerifierKey> for PreparedVerifierKe PartialEq(bound = ""), Eq(bound = "") )] -pub struct Commitment { +pub struct Commitment { /// A Pedersen commitment to the polynomial. pub comm: G, @@ -104,7 +105,7 @@ pub struct Commitment { pub shifted_comm: Option, } -impl PCCommitment for Commitment { +impl PCCommitment for Commitment { #[inline] fn empty() -> Self { Commitment { @@ -121,7 +122,7 @@ impl PCCommitment for Commitment { /// Nothing to do to prepare this commitment (for now). pub type PreparedCommitment = Commitment; -impl PCPreparedCommitment> for PreparedCommitment { +impl PCPreparedCommitment> for PreparedCommitment { /// prepare `PreparedCommitment` from `Commitment` fn prepare(vk: &Commitment) -> Self { vk.clone() diff --git a/poly-commit/src/ipa_pc/mod.rs b/poly-commit/src/ipa_pc/mod.rs index 43a40852..b72ca204 100644 --- a/poly-commit/src/ipa_pc/mod.rs +++ b/poly-commit/src/ipa_pc/mod.rs @@ -15,7 +15,7 @@ pub use data_structures::*; #[cfg(feature = "parallel")] use rayon::prelude::*; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; use digest::Digest; /// A polynomial commitment scheme based on the hardness of the @@ -45,7 +45,7 @@ pub struct InnerProductArgPC< impl InnerProductArgPC where - G: AffineRepr, + G: AffineRepr + Absorb, G::Group: VariableBaseMSM, D: Digest, P: DenseUVPolynomial, @@ -337,7 +337,7 @@ where impl PolynomialCommitment for InnerProductArgPC where - G: AffineRepr, + G: AffineRepr + Absorb, G::Group: VariableBaseMSM, D: Digest, P: DenseUVPolynomial, diff --git a/poly-commit/src/kzg10/data_structures.rs b/poly-commit/src/kzg10/data_structures.rs index d648f19f..7cad995b 100644 --- a/poly-commit/src/kzg10/data_structures.rs +++ b/poly-commit/src/kzg10/data_structures.rs @@ -1,4 +1,5 @@ use crate::*; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; use ark_ec::AffineRepr; @@ -314,7 +315,7 @@ impl PreparedVerifierKey { } /// `Commitment` commits to a polynomial. It is output by `KZG10::commit`. -#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)] +#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)] #[derivative( Default(bound = ""), Hash(bound = ""), @@ -324,12 +325,19 @@ impl PreparedVerifierKey { PartialEq(bound = ""), Eq(bound = "") )] -pub struct Commitment( +pub struct Commitment( /// The commitment is a group element. pub E::G1Affine, -); +) +where + E: Pairing, + E::G1Affine: Absorb; -impl PCCommitment for Commitment { +impl PCCommitment for Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ #[inline] fn empty() -> Self { Commitment(E::G1Affine::zero()) @@ -340,16 +348,21 @@ impl PCCommitment for Commitment { } } -impl ToConstraintField<::BasePrimeField> for Commitment +impl ToConstraintField<::BasePrimeField> for Commitment where - E::G1Affine: ToConstraintField<::BasePrimeField>, + E::G1Affine: ToConstraintField<::BasePrimeField> + Absorb, + E: Pairing, { fn to_field_elements(&self) -> Option::BasePrimeField>> { self.0.to_field_elements() } } -impl<'a, E: Pairing> AddAssign<(E::ScalarField, &'a Commitment)> for Commitment { +impl<'a, E> AddAssign<(E::ScalarField, &'a Commitment)> for Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ #[inline] fn add_assign(&mut self, (f, other): (E::ScalarField, &'a Commitment)) { let mut other = other.0 * f; @@ -373,7 +386,11 @@ pub struct PreparedCommitment( pub Vec, ); -impl PreparedCommitment { +impl PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// prepare `PreparedCommitment` from `Commitment` pub fn prepare(comm: &Commitment) -> Self { let mut prepared_comm = Vec::::new(); diff --git a/poly-commit/src/kzg10/mod.rs b/poly-commit/src/kzg10/mod.rs index 508db2cb..649f356b 100644 --- a/poly-commit/src/kzg10/mod.rs +++ b/poly-commit/src/kzg10/mod.rs @@ -6,6 +6,7 @@ //! This construction achieves extractability in the algebraic group model (AGM). use crate::{BTreeMap, Error, LabeledPolynomial, PCCommitmentState, ToString, Vec}; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::AffineRepr; use ark_ec::{pairing::Pairing, CurveGroup}; use ark_ec::{scalar_mul::ScalarMul, VariableBaseMSM}; @@ -32,6 +33,7 @@ pub struct KZG10> { impl KZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { @@ -548,6 +550,7 @@ mod tests { fn end_to_end_test_template() -> Result<(), Error> where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { @@ -579,6 +582,7 @@ mod tests { fn linear_polynomial_test_template() -> Result<(), Error> where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { @@ -607,6 +611,7 @@ mod tests { fn batch_check_test_template() -> Result<(), Error> where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { diff --git a/poly-commit/src/marlin/marlin_pc/data_structures.rs b/poly-commit/src/marlin/marlin_pc/data_structures.rs index 203e3201..351bc034 100644 --- a/poly-commit/src/marlin/marlin_pc/data_structures.rs +++ b/poly-commit/src/marlin/marlin_pc/data_structures.rs @@ -2,6 +2,7 @@ use crate::{ DenseUVPolynomial, PCCommitment, PCCommitmentState, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, PCVerifierKey, Vec, }; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; use ark_ff::{Field, PrimeField, ToConstraintField}; @@ -213,7 +214,7 @@ impl PCPreparedVerifierKey> for PreparedVerifierKey PCPreparedVerifierKey> for PreparedVerifierKey { +pub struct Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// A KZG10 commitment to the polynomial. pub comm: kzg10::Commitment, @@ -235,7 +240,7 @@ pub struct Commitment { impl ToConstraintField<::BasePrimeField> for Commitment where - E::G1Affine: ToConstraintField<::BasePrimeField>, + E::G1Affine: ToConstraintField<::BasePrimeField> + Absorb, { fn to_field_elements(&self) -> Option::BasePrimeField>> { let mut res = Vec::new(); @@ -249,7 +254,11 @@ where } } -impl PCCommitment for Commitment { +impl PCCommitment for Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ #[inline] fn empty() -> Self { Self { @@ -272,12 +281,20 @@ impl PCCommitment for Commitment { PartialEq(bound = ""), Eq(bound = "") )] -pub struct PreparedCommitment { +pub struct PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ pub(crate) prepared_comm: kzg10::PreparedCommitment, pub(crate) shifted_comm: Option>, } -impl PCPreparedCommitment> for PreparedCommitment { +impl PCPreparedCommitment> for PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// Prepare commitment to a polynomial that optionally enforces a degree bound. fn prepare(comm: &Commitment) -> Self { let prepared_comm = kzg10::PreparedCommitment::::prepare(&comm.comm); diff --git a/poly-commit/src/marlin/marlin_pc/mod.rs b/poly-commit/src/marlin/marlin_pc/mod.rs index 7fbfba07..acf63a01 100644 --- a/poly-commit/src/marlin/marlin_pc/mod.rs +++ b/poly-commit/src/marlin/marlin_pc/mod.rs @@ -12,7 +12,7 @@ use ark_std::rand::RngCore; use ark_std::{marker::PhantomData, ops::Div, vec}; mod data_structures; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; pub use data_structures::*; /// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement, batching, @@ -57,6 +57,7 @@ pub(crate) fn shift_polynomial> impl PolynomialCommitment for MarlinKZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, S: CryptographicSponge, for<'a, 'b> &'a P: Div<&'b P, Output = P>, diff --git a/poly-commit/src/marlin/marlin_pst13_pc/mod.rs b/poly-commit/src/marlin/marlin_pst13_pc/mod.rs index eee026d7..320f316c 100644 --- a/poly-commit/src/marlin/marlin_pst13_pc/mod.rs +++ b/poly-commit/src/marlin/marlin_pst13_pc/mod.rs @@ -24,7 +24,7 @@ pub use data_structures::*; mod combinations; use combinations::*; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; #[cfg(feature = "parallel")] use rayon::prelude::*; @@ -146,6 +146,7 @@ impl, S: CryptographicSponge> impl PolynomialCommitment for MarlinPST13 where E: Pairing, + E::G1Affine: Absorb, P: DenseMVPolynomial + Sync, S: CryptographicSponge, P::Point: Index, diff --git a/poly-commit/src/marlin/mod.rs b/poly-commit/src/marlin/mod.rs index d7e7f5a1..0dc9f7c0 100644 --- a/poly-commit/src/marlin/mod.rs +++ b/poly-commit/src/marlin/mod.rs @@ -4,7 +4,7 @@ use crate::{BTreeMap, BTreeSet, Debug, RngCore, String, ToString, Vec}; use crate::{BatchLCProof, LabeledPolynomial, LinearCombination}; use crate::{Evaluations, LabeledCommitment, QuerySet}; use crate::{PCCommitmentState, Polynomial, PolynomialCommitment}; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; use ark_ec::pairing::Pairing; use ark_ec::AffineRepr; use ark_ec::CurveGroup; @@ -44,6 +44,7 @@ where impl Marlin where E: Pairing, + E::G1Affine: Absorb, S: CryptographicSponge, P: Polynomial, PC: PolynomialCommitment, diff --git a/poly-commit/src/sonic_pc/data_structures.rs b/poly-commit/src/sonic_pc/data_structures.rs index 4e1cd309..2311fc6f 100644 --- a/poly-commit/src/sonic_pc/data_structures.rs +++ b/poly-commit/src/sonic_pc/data_structures.rs @@ -2,6 +2,7 @@ use crate::kzg10; use crate::{ BTreeMap, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, PCVerifierKey, Vec, }; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; use ark_serialize::{ @@ -21,7 +22,11 @@ pub type Commitment = kzg10::Commitment; /// `PreparedCommitment` is the prepared commitment for the KZG10 scheme. pub type PreparedCommitment = kzg10::PreparedCommitment; -impl PCPreparedCommitment> for PreparedCommitment { +impl PCPreparedCommitment> for PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// prepare `PreparedCommitment` from `Commitment` fn prepare(comm: &Commitment) -> Self { let mut prepared_comm = Vec::::new(); diff --git a/poly-commit/src/sonic_pc/mod.rs b/poly-commit/src/sonic_pc/mod.rs index caf9b79c..ad6bc45d 100644 --- a/poly-commit/src/sonic_pc/mod.rs +++ b/poly-commit/src/sonic_pc/mod.rs @@ -12,7 +12,7 @@ use ark_std::rand::RngCore; use ark_std::{convert::TryInto, marker::PhantomData, ops::Div, ops::Mul, vec}; mod data_structures; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; pub use data_structures::*; /// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement and @@ -34,6 +34,7 @@ pub struct SonicKZG10, S: Crypt impl SonicKZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, S: CryptographicSponge, { @@ -137,6 +138,7 @@ where impl PolynomialCommitment for SonicKZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, S: CryptographicSponge, for<'a, 'b> &'a P: Div<&'b P, Output = P>,