groth16: use same interface

KogarashiNetwork · Nov 2, 2023 · ca3429a · ca3429a
1 parent b679a93
commit ca3429a
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 32 deletions.
diff --git a/primitive/plonk b/primitive/plonk
diff --git a/primitive/zksnarks/src/constraint_system.rs b/primitive/zksnarks/src/constraint_system.rs
@@ -1,20 +1,16 @@
-use zkstd::common::{TwistedEdwardsAffine, Vec};
+use zkstd::common::TwistedEdwardsAffine;
 
 /// constraint system trait
 pub trait ConstraintSystem<C: TwistedEdwardsAffine> {
     type Wire;
     type Constraints;
 
     /// init constraint system
-
     fn initialize() -> Self;
 
     /// return constraints length
     fn m(&self) -> usize;
 
-    /// return public inputs and outputs
-    fn instance(&self) -> Vec<C::Range>;
-
     fn constraints(&self) -> Self::Constraints;
 
     /// allocate instance

diff --git a/primitive/zksnarks/src/groth16.rs b/primitive/zksnarks/src/groth16.rs
@@ -21,9 +21,6 @@ use zkstd::common::{vec, Group, TwistedEdwardsAffine, Vec};
 #[derive(Debug)]
 pub struct Groth16<C: TwistedEdwardsAffine> {
     constraints: R1csStruct<C::Range>,
-    a: Vec<C::Range>,
-    b: Vec<C::Range>,
-    c: Vec<C::Range>,
     pub(crate) instance: Vec<Element<C::Range>>,
     pub(crate) witness: Vec<Element<C::Range>>,
 }
@@ -35,9 +32,6 @@ impl<C: TwistedEdwardsAffine> ConstraintSystem<C> for Groth16<C> {
     fn initialize() -> Self {
         Self {
             constraints: R1csStruct::default(),
-            a: vec![],
-            b: vec![],
-            c: vec![],
             instance: [Element::one()].into_iter().collect(),
             witness: vec![],
         }
@@ -47,10 +41,6 @@ impl<C: TwistedEdwardsAffine> ConstraintSystem<C> for Groth16<C> {
         self.constraints().m()
     }
 
-    fn instance(&self) -> Vec<<C>::Range> {
-        Vec::new()
-    }
-
     fn constraints(&self) -> Self::Constraints {
         self.constraints.clone()
     }
@@ -125,13 +115,10 @@ impl<C: TwistedEdwardsAffine> Groth16<C> {
         )
     }
 
-    fn eval_constraints(&mut self) {
-        let (a, b, c) = self.constraints.evaluate(&self.instance, &self.witness);
-        self.a = a;
-        self.b = b;
-        self.c = c;
+    fn eval_constraints(&mut self) -> (Vec<C::Range>, Vec<C::Range>, Vec<C::Range>) {
         self.instance.sort();
         self.witness.sort();
+        self.constraints.evaluate(&self.instance, &self.witness)
     }
 
     fn instance_len(&self) -> usize {
@@ -313,7 +300,9 @@ mod tests {
 
         let (mut prover, verifier) = Groth16Key::<TatePairing, DummyCircuit>::compile(&pp)
             .expect("Failed to compile circuit");
-        let proof = prover.create_proof(circuit).expect("Failed to prove");
+        let proof = prover
+            .create_proof(&mut OsRng, circuit)
+            .expect("Failed to prove");
         verifier
             .verify(&proof, &[])
             .expect("Failed to verify the proof");
@@ -366,7 +355,9 @@ mod tests {
 
         let (mut prover, verifier) = Groth16Key::<TatePairing, DummyCircuit>::compile(&pp)
             .expect("Failed to compile circuit");
-        let proof = prover.create_proof(circuit).expect("Failed to prove");
+        let proof = prover
+            .create_proof(&mut OsRng, circuit)
+            .expect("Failed to prove");
         verifier
             .verify(&proof, &[x, o])
             .expect("Failed to verify the proof");

diff --git a/primitive/zksnarks/src/groth16/prover.rs b/primitive/zksnarks/src/groth16/prover.rs
@@ -6,9 +6,10 @@ use crate::error::Error;
 use crate::groth16::error::Groth16Error;
 use crate::groth16::key::Parameters;
 use crate::groth16::Groth16;
-use poly_commit::{msm_curve_addition, Fft, PointsValue};
 pub use proof::Proof;
-use rand::rngs::OsRng;
+
+use poly_commit::{msm_curve_addition, Fft, PointsValue};
+use rand::RngCore;
 use zkstd::common::{CurveGroup, Group, Pairing, Vec};
 
 #[derive(Debug)]
@@ -18,29 +19,34 @@ pub struct Prover<P: Pairing> {
 
 impl<P: Pairing> Prover<P> {
     /// Execute the gadget, and return whether all constraints were satisfied.
-    pub fn create_proof<C>(&mut self, circuit: C) -> Result<Proof<P>, Error>
+    pub fn create_proof<C, R: RngCore>(
+        &mut self,
+        rng: &mut R,
+        circuit: C,
+    ) -> Result<Proof<P>, Error>
     where
         C: Circuit<P::JubjubAffine, ConstraintSystem = Groth16<P::JubjubAffine>>,
     {
         let mut cs = Groth16::<P::JubjubAffine>::initialize();
         circuit.synthesize(&mut cs)?;
-        cs.eval_constraints();
 
         let size = cs.m().next_power_of_two();
         let k = size.trailing_zeros();
         let vk = self.params.vk.clone();
 
-        let r = P::ScalarField::random(OsRng);
-        let s = P::ScalarField::random(OsRng);
+        let r = P::ScalarField::random(&mut *rng);
+        let s = P::ScalarField::random(&mut *rng);
 
         let fft = Fft::<P::ScalarField>::new(k as usize);
 
+        let (a, b, c) = cs.eval_constraints();
+
         // Do the calculation of H(X): A(X) * B(X) - C(X) == H(X) * T(X)
-        let a = fft.idft(PointsValue(cs.a.clone()));
+        let a = fft.idft(PointsValue(a));
         let a = fft.coset_dft(a);
-        let b = fft.idft(PointsValue(cs.b.clone()));
+        let b = fft.idft(PointsValue(b));
         let b = fft.coset_dft(b);
-        let c = fft.idft(PointsValue(cs.c.clone()));
+        let c = fft.idft(PointsValue(c));
         let c = fft.coset_dft(c);
 
         let mut h = &a * &b;