Replace with kate (privacy-scaling-explorations#199)

* replace with kate * fix clippy * update dev graph * igonore evm_word test * fix evm word * fix unexpected changes * update reference * test compilation success * fix from_u64 and fmt * fix test
Puyencobe · Dec 2, 2021 · 24e100b · 24e100b
1 parent fe3ada6
commit 24e100b
Show file tree

Hide file tree

Showing 44 changed files with 762 additions and 863 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -7,7 +7,7 @@ members = [
 ]
 
 [patch.crates-io]
-halo2 = { git = "https://github.com/zcash/halo2.git", rev = "4283713ec76051eaf21a06d0279fa7d3497cafb6" }
+halo2 = { git = "https://github.com/appliedzkp/halo2.git", rev = "b78c39cacc1c79d287032f1b5f94beb661b3fb42" }
 # This fork makes bitvec 0.20.x work with funty 1.1 and funty 1.2.  Without
 # this fork, bitvec 0.20.x is incompatible with funty 1.2, which we depend on,
 # and leads to a compilation error.  This can be removed once the upstream PR

diff --git a/bus-mapping/Cargo.toml b/bus-mapping/Cargo.toml
@@ -6,7 +6,7 @@ authors = ["CPerezz <[email protected]>"]
 
 [dependencies]
 ff = "0.11"
-pasta_curves = "0.1"
+pairing = { git = 'https://github.com/appliedzkp/pairing', package = "pairing_bn256" }
 itertools = "0.10"
 serde = {version = "1.0.130", features = ["derive"] }
 lazy_static = "1.4"

diff --git a/bus-mapping/README.md b/bus-mapping/README.md
@@ -49,7 +49,7 @@ all of the Memory, Stack and Storage ops performed by the provided trace.
 
 ```rust
 use bus_mapping::{ExecutionTrace, ExecutionStep, BlockConstants, Error, evm::EvmWord};
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 
 let input_trace = r#"
 [

diff --git a/bus-mapping/src/eth_types.rs b/bus-mapping/src/eth_types.rs
@@ -7,7 +7,7 @@ pub use ethers_core::types::{
     transaction::response::Transaction, Address, Block, Bytes, H160, H256,
     U256, U64,
 };
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 use serde::{de, Deserialize};
 use std::collections::HashMap;
 use std::str::FromStr;

diff --git a/bus-mapping/src/lib.rs b/bus-mapping/src/lib.rs
@@ -53,7 +53,7 @@
 //! use bus_mapping::mock;
 //! use bus_mapping::eth_types::{self, Address, Word, Hash, U64, GethExecTrace, GethExecStep};
 //! use bus_mapping::circuit_input_builder::CircuitInputBuilder;
-//! use pasta_curves::arithmetic::FieldExt;
+//! use pairing::arithmetic::FieldExt;
 //!
 //! let input_trace = r#"
 //! [

diff --git a/keccak256/Cargo.toml b/keccak256/Cargo.toml
@@ -7,9 +7,9 @@ edition = "2018"
 dev-graph = ["halo2/dev-graph", "plotters"]
 
 [dependencies]
-halo2 = "0.0"
+halo2 = { git = "https://github.com/appliedzkp/halo2.git", rev = "b78c39cacc1c79d287032f1b5f94beb661b3fb42" }
 itertools = "0.10.1"
 num-bigint = "0.4.2"
 num-traits = "0.2.14"
-pasta_curves =  "0.1"
+pairing = { git = 'https://github.com/appliedzkp/pairing', package = "pairing_bn256" }
 plotters = { version = "0.3.0", optional = true }
diff --git a/keccak256/src/gates/absorb.rs b/keccak256/src/gates/absorb.rs
@@ -3,7 +3,7 @@ use halo2::{
     plonk::{Advice, Column, ConstraintSystem, Error, Expression, Selector},
     poly::Rotation,
 };
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 use std::marker::PhantomData;
 
 /// The number of next_inputs that are used inside the `absorb` circuit.
@@ -105,8 +105,8 @@ mod tests {
     use halo2::{circuit::SimpleFloorPlanner, dev::MockProver, plonk::Circuit};
     use itertools::Itertools;
     use num_bigint::BigUint;
-    use pasta_curves::arithmetic::FieldExt;
-    use pasta_curves::pallas;
+    use pairing::arithmetic::FieldExt;
+    use pairing::bn256::Fr as Fp;
     use std::convert::TryInto;
     use std::marker::PhantomData;
 
@@ -128,7 +128,7 @@ mod tests {
             }
 
             fn configure(meta: &mut ConstraintSystem<F>) -> Self::Config {
-                let q_enable = meta.selector();
+                let q_enable = meta.complex_selector();
 
                 let state: [Column<Advice>; 25] = (0..25)
                     .map(|_| meta.advice_column())
@@ -174,7 +174,7 @@ mod tests {
                 Ok(())
             }
         }
-        fn big_uint_to_pallas(a: &BigUint) -> pallas::Base {
+        fn big_uint_to_pallas(a: &BigUint) -> Fp {
             let mut b: [u64; 4] = [0; 4];
             let mut iter = a.iter_u64_digits();
 
@@ -185,7 +185,7 @@ mod tests {
                 };
             }
 
-            pallas::Base::from_raw(b)
+            Fp::from_raw(b)
         }
 
         let input1: State = [
@@ -207,9 +207,8 @@ mod tests {
         let mut in_biguint = StateBigInt::default();
         let mut next_biguint = StateBigInt::default();
 
-        let mut in_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
-        let mut in_next_input_25: [pallas::Base; 25] =
-            [pallas::Base::zero(); 25];
+        let mut in_state: [Fp; 25] = [Fp::zero(); 25];
+        let mut in_next_input_25: [Fp; 25] = [Fp::zero(); 25];
 
         for (x, y) in (0..5).cartesian_product(0..5) {
             in_biguint[(x, y)] = convert_b2_to_b9(input1[x][y]);
@@ -219,24 +218,23 @@ mod tests {
                 big_uint_to_pallas(&next_biguint[(x, y)]);
         }
 
-        let mut in_next_input_17 = [pallas::Base::zero(); ABSORB_NEXT_INPUTS];
+        let mut in_next_input_17 = [Fp::zero(); ABSORB_NEXT_INPUTS];
         in_next_input_17
             .copy_from_slice(&in_next_input_25[0..ABSORB_NEXT_INPUTS]);
         let s1_arith = KeccakFArith::absorb(&in_biguint, &next_input);
-        let mut out_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut out_state: [Fp; 25] = [Fp::zero(); 25];
         for (x, y) in (0..5).cartesian_product(0..5) {
             out_state[5 * x + y] = big_uint_to_pallas(&s1_arith[(x, y)]);
         }
-        let circuit = MyCircuit::<pallas::Base> {
+        let circuit = MyCircuit::<Fp> {
             in_state,
             next_input: in_next_input_17,
             out_state,
             _marker: PhantomData,
         };
 
         // Test without public inputs
-        let prover =
-            MockProver::<pallas::Base>::run(9, &circuit, vec![]).unwrap();
+        let prover = MockProver::<Fp>::run(9, &circuit, vec![]).unwrap();
 
         assert_eq!(prover.verify(), Ok(()));
     }

diff --git a/keccak256/src/gates/gate_helpers.rs b/keccak256/src/gates/gate_helpers.rs
@@ -1,6 +1,6 @@
 use halo2::{circuit::Cell, plonk::Error};
 use num_bigint::BigUint;
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 
 #[derive(Debug, Clone)]
 pub struct Lane<F> {
@@ -22,7 +22,7 @@ pub fn biguint_to_f<F: FieldExt>(x: &BigUint) -> Result<F, Error> {
     let len = x_bytes.len();
     assert!(len <= 32, "expect len <=32 but got {}", len);
     word[..len].clone_from_slice(&x_bytes[..len]);
-    Option::from(F::from_bytes(&word)).ok_or(Error::SynthesisError)
+    Option::from(F::from_bytes(&word)).ok_or(Error::Synthesis)
 }
 
 pub fn f_to_biguint<F: FieldExt>(x: F) -> Option<BigUint> {

diff --git a/keccak256/src/gates/iota_b13.rs b/keccak256/src/gates/iota_b13.rs
@@ -4,7 +4,7 @@ use halo2::{
     plonk::{Advice, Column, ConstraintSystem, Error, Selector},
     poly::Rotation,
 };
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 use std::marker::PhantomData;
 
 #[derive(Clone, Debug)]
@@ -90,8 +90,8 @@ mod tests {
     use halo2::{circuit::SimpleFloorPlanner, dev::MockProver, plonk::Circuit};
     use itertools::Itertools;
     use num_bigint::BigUint;
-    use pasta_curves::arithmetic::FieldExt;
-    use pasta_curves::pallas;
+    use pairing::arithmetic::FieldExt;
+    use pairing::bn256::Fr as Fp;
     use std::convert::TryInto;
     use std::marker::PhantomData;
 
@@ -115,7 +115,7 @@ mod tests {
             }
 
             fn configure(meta: &mut ConstraintSystem<F>) -> Self::Config {
-                let q_enable = meta.selector();
+                let q_enable = meta.complex_selector();
 
                 let state: [Column<Advice>; 25] = (0..25)
                     .map(|_| meta.advice_column())
@@ -168,7 +168,7 @@ mod tests {
                 Ok(())
             }
         }
-        fn big_uint_to_pallas(a: &BigUint) -> pallas::Base {
+        fn big_uint_to_pallas(a: &BigUint) -> Fp {
             let mut b: [u64; 4] = [0; 4];
             let mut iter = a.iter_u64_digits();
 
@@ -179,7 +179,7 @@ mod tests {
                 };
             }
 
-            pallas::Base::from_raw(b)
+            Fp::from_raw(b)
         }
 
         let input1: State = [
@@ -190,18 +190,18 @@ mod tests {
             [0, 0, 0, 0, 0],
         ];
         let mut in_biguint = StateBigInt::default();
-        let mut in_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut in_state: [Fp; 25] = [Fp::zero(); 25];
 
         for (x, y) in (0..5).cartesian_product(0..5) {
             in_biguint[(x, y)] = convert_b2_to_b13(input1[x][y]);
             in_state[5 * x + y] = big_uint_to_pallas(&in_biguint[(x, y)]);
         }
         let s1_arith = KeccakFArith::iota_b13(&in_biguint, ROUND_CONSTANTS[0]);
-        let mut out_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut out_state: [Fp; 25] = [Fp::zero(); 25];
         for (x, y) in (0..5).cartesian_product(0..5) {
             out_state[5 * x + y] = big_uint_to_pallas(&s1_arith[(x, y)]);
         }
-        let circuit = MyCircuit::<pallas::Base> {
+        let circuit = MyCircuit::<Fp> {
             in_state,
             out_state,
             round_ctant_b13: 0,
@@ -214,8 +214,7 @@ mod tests {
             .collect();
         // Test without public inputs
         let prover =
-            MockProver::<pallas::Base>::run(9, &circuit, vec![constants])
-                .unwrap();
+            MockProver::<Fp>::run(9, &circuit, vec![constants]).unwrap();
 
         assert_eq!(prover.verify(), Ok(()));
     }

diff --git a/keccak256/src/gates/iota_b9.rs b/keccak256/src/gates/iota_b9.rs
@@ -4,7 +4,7 @@ use halo2::{
     plonk::{Advice, Column, ConstraintSystem, Error, Expression, Selector},
     poly::Rotation,
 };
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 use std::marker::PhantomData;
 
 #[derive(Clone, Debug)]
@@ -101,8 +101,8 @@ mod tests {
     use halo2::{circuit::SimpleFloorPlanner, dev::MockProver, plonk::Circuit};
     use itertools::Itertools;
     use num_bigint::BigUint;
-    use pasta_curves::arithmetic::FieldExt;
-    use pasta_curves::pallas;
+    use pairing::arithmetic::FieldExt;
+    use pairing::bn256::Fr as Fp;
     use std::convert::TryInto;
     use std::marker::PhantomData;
 
@@ -126,7 +126,7 @@ mod tests {
             }
 
             fn configure(meta: &mut ConstraintSystem<F>) -> Self::Config {
-                let q_enable = meta.selector();
+                let q_enable = meta.complex_selector();
 
                 let state: [Column<Advice>; 25] = (0..25)
                     .map(|_| meta.advice_column())
@@ -185,7 +185,7 @@ mod tests {
                 Ok(())
             }
         }
-        fn big_uint_to_pallas(a: &BigUint) -> pallas::Base {
+        fn big_uint_to_pallas(a: &BigUint) -> Fp {
             let mut b: [u64; 4] = [0; 4];
             let mut iter = a.iter_u64_digits();
 
@@ -196,7 +196,7 @@ mod tests {
                 };
             }
 
-            pallas::Base::from_raw(b)
+            Fp::from_raw(b)
         }
 
         let input1: State = [
@@ -207,18 +207,18 @@ mod tests {
             [0, 0, 0, 0, 0],
         ];
         let mut in_biguint = StateBigInt::default();
-        let mut in_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut in_state: [Fp; 25] = [Fp::zero(); 25];
 
         for (x, y) in (0..5).cartesian_product(0..5) {
             in_biguint[(x, y)] = convert_b2_to_b9(input1[x][y]);
             in_state[5 * x + y] = big_uint_to_pallas(&in_biguint[(x, y)]);
         }
         let s1_arith = KeccakFArith::iota_b9(&in_biguint, ROUND_CONSTANTS[0]);
-        let mut out_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut out_state: [Fp; 25] = [Fp::zero(); 25];
         for (x, y) in (0..5).cartesian_product(0..5) {
             out_state[5 * x + y] = big_uint_to_pallas(&s1_arith[(x, y)]);
         }
-        let circuit = MyCircuit::<pallas::Base> {
+        let circuit = MyCircuit::<Fp> {
             in_state,
             out_state,
             round_ctant_b9: 0,
@@ -231,8 +231,7 @@ mod tests {
             .collect();
         // Test without public inputs
         let prover =
-            MockProver::<pallas::Base>::run(9, &circuit, vec![constants])
-                .unwrap();
+            MockProver::<Fp>::run(9, &circuit, vec![constants]).unwrap();
 
         assert_eq!(prover.verify(), Ok(()));
     }

diff --git a/keccak256/src/gates/pi.rs b/keccak256/src/gates/pi.rs
@@ -6,7 +6,7 @@ use halo2::{
     poly::Rotation,
 };
 use itertools::Itertools;
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 use std::convert::TryInto;
 use std::marker::PhantomData;
 

diff --git a/keccak256/src/gates/rho.rs b/keccak256/src/gates/rho.rs
@@ -10,7 +10,7 @@ use halo2::{
     plonk::{Advice, Column, ConstraintSystem, Error, Fixed},
 };
 use itertools::Itertools;
-use pasta_curves::arithmetic::FieldExt;
+use pairing::arithmetic::FieldExt;
 use std::convert::TryInto;
 
 #[derive(Clone)]
@@ -122,8 +122,8 @@ mod tests {
     use halo2::plonk::{Advice, Column, ConstraintSystem, Error};
     use halo2::{circuit::SimpleFloorPlanner, dev::MockProver, plonk::Circuit};
     use itertools::Itertools;
-    use pasta_curves::arithmetic::FieldExt;
-    use pasta_curves::pallas;
+    use pairing::arithmetic::FieldExt;
+    use pairing::bn256::Fr as Fp;
     use std::convert::TryInto;
     #[test]
     fn test_rho_gate() {
@@ -230,7 +230,7 @@ mod tests {
             [0, 0, 0, 0, 0],
         ];
         let mut in_biguint = StateBigInt::default();
-        let mut in_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut in_state: [Fp; 25] = [Fp::zero(); 25];
 
         for (x, y) in (0..5).cartesian_product(0..5) {
             in_biguint[(x, y)] = convert_b2_to_b13(input1[x][y]);
@@ -240,29 +240,29 @@ mod tests {
             in_state[5 * x + y] = biguint_to_f(&s0_arith[(x, y)]).unwrap();
         }
         let s1_arith = KeccakFArith::rho(&s0_arith);
-        let mut out_state: [pallas::Base; 25] = [pallas::Base::zero(); 25];
+        let mut out_state: [Fp; 25] = [Fp::zero(); 25];
         for (x, y) in (0..5).cartesian_product(0..5) {
             out_state[5 * x + y] = biguint_to_f(&s1_arith[(x, y)]).unwrap();
         }
-        let circuit = MyCircuit::<pallas::Base> {
+        let circuit = MyCircuit::<Fp> {
             in_state,
             out_state,
         };
         #[cfg(feature = "dev-graph")]
         {
             use plotters::prelude::*;
+            let k = 15;
             let root =
                 BitMapBackend::new("rho-test-circuit.png", (4096, 65536))
                     .into_drawing_area();
             root.fill(&WHITE).unwrap();
             let root = root.titled("Rho", ("sans-serif", 60)).unwrap();
             halo2::dev::CircuitLayout::default()
-                .render(&circuit, &root)
+                .render(k, &circuit, &root)
                 .unwrap();
         }
         // Test without public inputs
-        let prover =
-            MockProver::<pallas::Base>::run(15, &circuit, vec![]).unwrap();
+        let prover = MockProver::<Fp>::run(15, &circuit, vec![]).unwrap();
 
         assert_eq!(prover.verify(), Ok(()));
     }