Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ZSA functionality (upstream) #14

Open
wants to merge 15 commits into
base: main
Choose a base branch
from

Conversation

ConstanceBeguier
Copy link

@ConstanceBeguier ConstanceBeguier commented Apr 20, 2023

The following modifications are required to support the ZSA circuit changes:

  • Added a variable-base sign-scalar multiplication called mul_sign. The implementation is based on the q_mul_fixed_short gate.
  • Added a function CommitDomain::new_with_personalization to initialize the CommitDomain from two different personalizations. This is required to be able to use an identical R for ZEC and ZSA note commitments but a different Q.
  • Exposed the HashDomain in a CommitDomain publicly to enable the usage of Sinsemilla hash function from a CommitDomain.
  • Added a function commit_from_hash_point to evaluate a Sinsemilla commit from a hash point.
  • Added the ability to hash and blind independently.
  • Added a multiplexer function MUX(choice, left, right) = if {choice} right else left
  • Added a function Point::new_from_constant to create a Point from a constant.
  • Optimized short range check on 4 and 5 bits to evaluate them with one lookup table instead of two
  • Added a function hash_to_point_with_private_init to evaluate a Sinsemilla hash from a private initial point (instead of a public initial point)

@PaulLaux PaulLaux changed the title Add some functionalities for ZSA (upstream) Add ZSA functionality (upstream) Apr 20, 2023
@PaulLaux PaulLaux force-pushed the zsa_functionalities_upstream branch 2 times, most recently from a4f764b to a68d519 Compare April 20, 2023 14:02
@ConstanceBeguier ConstanceBeguier changed the base branch from main to zsa1 April 21, 2023 11:15
@ConstanceBeguier ConstanceBeguier changed the base branch from zsa1 to main April 21, 2023 11:15
@ConstanceBeguier ConstanceBeguier force-pushed the zsa_functionalities_upstream branch from fc5c820 to 101afa8 Compare November 23, 2023 14:20
@ConstanceBeguier
Copy link
Author

Force pushed after rebasing on the last version of main branch

@ConstanceBeguier ConstanceBeguier force-pushed the zsa_functionalities_upstream branch from 86ab039 to 77abf73 Compare November 23, 2023 16:00
ConstanceBeguier and others added 10 commits December 7, 2023 16:10
It is now possible to create a Point from a constant.
This functionality is required to evaluate the old nullifier.
- for non split_notes, nf_old = Extract_P([PRF^{nfOrchard}_{nk}(rho_old) + psi_nf) mod q_P] NullifierK + cm_old)
- for split notes, nf_old = Extract_P([PRF^{nfOrchard}_{nk}(rho_old) + psi_nf) mod q_P] NullifierK + cm_old + NullifierL)
Short range checks on 4 and 5 bits are now performed with only one lookup (instead of 2).
To do that, we added a column `table_short_range_tag` in the lookup table.
This new column `table_short_range_tag` contains the value
- 4 for rows used in short range check on 4 bits
- 5 for rows used in short range check on 5 bits
- 0 for rows used in short range check on 10 bits

Disable tests on i686 and code coverage in CI
It is now possible to perform a mux between two points or between two non-identity points.
`mux(choice, left, right)` will return `left` when `choice=0` and `right` when `choice=1`.
`choice` must be constrained to `{0, 1}` outside the gate.

It is no longer needed to expose `from_coordinates_unchecked`.
…oint (#22)

To share ZEC and ZSA hash computations in Orchard circuit's note commitment evaluation, we need to compute a Sinsemille hash from a private input point.
@ConstanceBeguier ConstanceBeguier force-pushed the zsa_functionalities_upstream branch from e29b127 to e35f363 Compare December 7, 2023 15:12
@ConstanceBeguier
Copy link
Author

ConstanceBeguier commented Dec 7, 2023

Force pushed after rebasing on the last version of main branch (and removing "PR 805"
commit because it is now in main branch)

@ConstanceBeguier ConstanceBeguier force-pushed the zsa_functionalities_upstream branch from 63064b9 to dbcffa2 Compare December 18, 2023 08:09
@ConstanceBeguier ConstanceBeguier force-pushed the zsa_functionalities_upstream branch from b39ad75 to 5f436dc Compare December 18, 2023 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants