diff --git a/backend/groth16/bls12-377/marshal_test.go b/backend/groth16/bls12-377/marshal_test.go index 156ae2228d..2abaf23406 100644 --- a/backend/groth16/bls12-377/marshal_test.go +++ b/backend/groth16/bls12-377/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bls12-377/prove.go b/backend/groth16/bls12-377/prove.go index 25acf39b2e..e79d9e835e 100644 --- a/backend/groth16/bls12-377/prove.go +++ b/backend/groth16/bls12-377/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bls12-377/setup.go b/backend/groth16/bls12-377/setup.go index 393d6a802e..97c88ba3ce 100644 --- a/backend/groth16/bls12-377/setup.go +++ b/backend/groth16/bls12-377/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bls12-377/verify.go b/backend/groth16/bls12-377/verify.go index e4fbc2d27b..03da861b2f 100644 --- a/backend/groth16/bls12-377/verify.go +++ b/backend/groth16/bls12-377/verify.go @@ -98,8 +98,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/backend/groth16/bls12-381/marshal_test.go b/backend/groth16/bls12-381/marshal_test.go index 93e98ac44e..32201fdfcc 100644 --- a/backend/groth16/bls12-381/marshal_test.go +++ b/backend/groth16/bls12-381/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bls12-381/prove.go b/backend/groth16/bls12-381/prove.go index 6cb00ceec7..37dd0a0d50 100644 --- a/backend/groth16/bls12-381/prove.go +++ b/backend/groth16/bls12-381/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bls12-381/setup.go b/backend/groth16/bls12-381/setup.go index b5333ba374..caf1e9d48b 100644 --- a/backend/groth16/bls12-381/setup.go +++ b/backend/groth16/bls12-381/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bls12-381/verify.go b/backend/groth16/bls12-381/verify.go index 497009bdf4..39d3ba6432 100644 --- a/backend/groth16/bls12-381/verify.go +++ b/backend/groth16/bls12-381/verify.go @@ -98,8 +98,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/backend/groth16/bls24-315/marshal_test.go b/backend/groth16/bls24-315/marshal_test.go index 6bf286b39e..c4115cacea 100644 --- a/backend/groth16/bls24-315/marshal_test.go +++ b/backend/groth16/bls24-315/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bls24-315/prove.go b/backend/groth16/bls24-315/prove.go index 424e8b0e74..e3c3e560a7 100644 --- a/backend/groth16/bls24-315/prove.go +++ b/backend/groth16/bls24-315/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bls24-315/setup.go b/backend/groth16/bls24-315/setup.go index 6a8c8e60d2..19f1ed2e3d 100644 --- a/backend/groth16/bls24-315/setup.go +++ b/backend/groth16/bls24-315/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bls24-315/verify.go b/backend/groth16/bls24-315/verify.go index b832adec1e..28a66d60ca 100644 --- a/backend/groth16/bls24-315/verify.go +++ b/backend/groth16/bls24-315/verify.go @@ -98,8 +98,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/backend/groth16/bls24-317/marshal_test.go b/backend/groth16/bls24-317/marshal_test.go index 4110b35746..e926a1b459 100644 --- a/backend/groth16/bls24-317/marshal_test.go +++ b/backend/groth16/bls24-317/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bls24-317/prove.go b/backend/groth16/bls24-317/prove.go index 80bfdfa99b..59651832cb 100644 --- a/backend/groth16/bls24-317/prove.go +++ b/backend/groth16/bls24-317/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bls24-317/setup.go b/backend/groth16/bls24-317/setup.go index 68ee5c8922..7a051e02db 100644 --- a/backend/groth16/bls24-317/setup.go +++ b/backend/groth16/bls24-317/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bls24-317/verify.go b/backend/groth16/bls24-317/verify.go index 79d828492b..de18d44097 100644 --- a/backend/groth16/bls24-317/verify.go +++ b/backend/groth16/bls24-317/verify.go @@ -98,8 +98,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/backend/groth16/bn254/marshal_test.go b/backend/groth16/bn254/marshal_test.go index 170bac74c0..a62d4297f5 100644 --- a/backend/groth16/bn254/marshal_test.go +++ b/backend/groth16/bn254/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bn254/prove.go b/backend/groth16/bn254/prove.go index 100f30e85a..b9dd9f0cdf 100644 --- a/backend/groth16/bn254/prove.go +++ b/backend/groth16/bn254/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bn254/setup.go b/backend/groth16/bn254/setup.go index 372c723da0..b9fd6a0563 100644 --- a/backend/groth16/bn254/setup.go +++ b/backend/groth16/bn254/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bn254/verify.go b/backend/groth16/bn254/verify.go index 00914c003d..b275d0109c 100644 --- a/backend/groth16/bn254/verify.go +++ b/backend/groth16/bn254/verify.go @@ -101,8 +101,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/backend/groth16/bw6-633/marshal_test.go b/backend/groth16/bw6-633/marshal_test.go index 05d9637e2a..2ff195dc2a 100644 --- a/backend/groth16/bw6-633/marshal_test.go +++ b/backend/groth16/bw6-633/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bw6-633/prove.go b/backend/groth16/bw6-633/prove.go index 31e0ef7722..55be59061e 100644 --- a/backend/groth16/bw6-633/prove.go +++ b/backend/groth16/bw6-633/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bw6-633/setup.go b/backend/groth16/bw6-633/setup.go index f168993476..466755b840 100644 --- a/backend/groth16/bw6-633/setup.go +++ b/backend/groth16/bw6-633/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bw6-633/verify.go b/backend/groth16/bw6-633/verify.go index cb2389f7e3..fb4b6dbb24 100644 --- a/backend/groth16/bw6-633/verify.go +++ b/backend/groth16/bw6-633/verify.go @@ -98,8 +98,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/backend/groth16/bw6-761/marshal_test.go b/backend/groth16/bw6-761/marshal_test.go index 7f59bf90e8..3be88f02a2 100644 --- a/backend/groth16/bw6-761/marshal_test.go +++ b/backend/groth16/bw6-761/marshal_test.go @@ -109,7 +109,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -183,7 +183,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) } diff --git a/backend/groth16/bw6-761/prove.go b/backend/groth16/bw6-761/prove.go index 6b47f5bfee..f98967d4b6 100644 --- a/backend/groth16/bw6-761/prove.go +++ b/backend/groth16/bw6-761/prove.go @@ -123,8 +123,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/backend/groth16/bw6-761/setup.go b/backend/groth16/bw6-761/setup.go index b0fa2811e6..8f7cfc1f4b 100644 --- a/backend/groth16/bw6-761/setup.go +++ b/backend/groth16/bw6-761/setup.go @@ -287,7 +287,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -563,7 +563,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/backend/groth16/bw6-761/verify.go b/backend/groth16/bw6-761/verify.go index 6204909127..718578e64f 100644 --- a/backend/groth16/bw6-761/verify.go +++ b/backend/groth16/bw6-761/verify.go @@ -98,8 +98,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/go.mod b/go.mod index 7879abea87..5009f16db6 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/blang/semver/v4 v4.0.0 github.com/consensys/bavard v0.1.13 github.com/consensys/compress v0.2.5 - github.com/consensys/gnark-crypto v0.12.2-0.20240703135258-5d8b5fab1afb + github.com/consensys/gnark-crypto v0.13.1-0.20240802214859-ff4c0ddbe1ef github.com/fxamacker/cbor/v2 v2.5.0 github.com/google/go-cmp v0.5.9 github.com/google/pprof v0.0.0-20230817174616-7a8ec2ada47b diff --git a/go.sum b/go.sum index e3ee06ca09..4772926b5d 100644 --- a/go.sum +++ b/go.sum @@ -6,8 +6,8 @@ github.com/consensys/bavard v0.1.13 h1:oLhMLOFGTLdlda/kma4VOJazblc7IM5y5QPd2A/Yj github.com/consensys/bavard v0.1.13/go.mod h1:9ItSMtA/dXMAiL7BG6bqW2m3NdSEObYWoH223nGHukI= github.com/consensys/compress v0.2.5 h1:gJr1hKzbOD36JFsF1AN8lfXz1yevnJi1YolffY19Ntk= github.com/consensys/compress v0.2.5/go.mod h1:pyM+ZXiNUh7/0+AUjUf9RKUM6vSH7T/fsn5LLS0j1Tk= -github.com/consensys/gnark-crypto v0.12.2-0.20240703135258-5d8b5fab1afb h1:LMfC1GSeYv1TKp3zNIuwYNEqb9RCVrMkCV4Y9k5ZJ6o= -github.com/consensys/gnark-crypto v0.12.2-0.20240703135258-5d8b5fab1afb/go.mod h1:wKqwsieaKPThcFkHe0d0zMsbHEUWFmZcG7KBCse210o= +github.com/consensys/gnark-crypto v0.13.1-0.20240802214859-ff4c0ddbe1ef h1:4DaS1IYXk0vKcCdguGjkHVyN43YqmKUmpYDxb90VBnU= +github.com/consensys/gnark-crypto v0.13.1-0.20240802214859-ff4c0ddbe1ef/go.mod h1:wKqwsieaKPThcFkHe0d0zMsbHEUWFmZcG7KBCse210o= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= diff --git a/internal/generator/backend/template/zkpschemes/groth16/groth16.prove.go.tmpl b/internal/generator/backend/template/zkpschemes/groth16/groth16.prove.go.tmpl index ce7293958a..4bc05dd14d 100644 --- a/internal/generator/backend/template/zkpschemes/groth16/groth16.prove.go.tmpl +++ b/internal/generator/backend/template/zkpschemes/groth16/groth16.prove.go.tmpl @@ -107,8 +107,11 @@ func Prove(r1cs *cs.R1CS, pk *ProvingKey, fullWitness witness.Witness, opts ...b for i := range commitmentInfo { copy(commitmentsSerialized[fr.Bytes*i:], wireValues[commitmentInfo[i].CommitmentIndex].Marshal()) } - - if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return nil, err + } + if proof.CommitmentPok, err = pedersen.BatchProve(pk.CommitmentKeys, privateCommittedValues, challenge[0]); err != nil { return nil, err } diff --git a/internal/generator/backend/template/zkpschemes/groth16/groth16.setup.go.tmpl b/internal/generator/backend/template/zkpschemes/groth16/groth16.setup.go.tmpl index 1795c3987d..81af9215b5 100644 --- a/internal/generator/backend/template/zkpschemes/groth16/groth16.setup.go.tmpl +++ b/internal/generator/backend/template/zkpschemes/groth16/groth16.setup.go.tmpl @@ -269,7 +269,7 @@ func Setup(r1cs *cs.R1CS, pk *ProvingKey, vk *VerifyingKey) error { return errors.New("didn't consume all G1 points") // TODO @Tabaie Remove this } - pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys, vk.CommitmentKey, err = pedersen.Setup(commitmentBases) if err != nil { return err } @@ -545,7 +545,7 @@ func DummySetup(r1cs *cs.R1CS, pk *ProvingKey) error { } } - pk.CommitmentKeys,_, err = pedersen.Setup(commitmentBases...) + pk.CommitmentKeys,_, err = pedersen.Setup(commitmentBases) if err != nil { return err } diff --git a/internal/generator/backend/template/zkpschemes/groth16/groth16.verify.go.tmpl b/internal/generator/backend/template/zkpschemes/groth16/groth16.verify.go.tmpl index bd33510a58..e1ec6e6c02 100644 --- a/internal/generator/backend/template/zkpschemes/groth16/groth16.verify.go.tmpl +++ b/internal/generator/backend/template/zkpschemes/groth16/groth16.verify.go.tmpl @@ -85,8 +85,11 @@ func Verify(proof *Proof, vk *VerifyingKey, publicWitness fr.Vector, opts ...bac publicWitness = append(publicWitness, res) copy(commitmentsSerialized[i*fr.Bytes:], res.Marshal()) } - - if folded, err := pedersen.FoldCommitments(proof.Commitments, commitmentsSerialized); err != nil { + challenge, err := fr.Hash(commitmentsSerialized, []byte("G16-BSB22"), 1) + if err != nil { + return err + } + if folded, err := pedersen.FoldCommitments(proof.Commitments, challenge[0]); err != nil { return err } else { if err = vk.CommitmentKey.Verify(folded, proof.CommitmentPok); err != nil { diff --git a/internal/generator/backend/template/zkpschemes/groth16/tests/groth16.marshal.go.tmpl b/internal/generator/backend/template/zkpschemes/groth16/tests/groth16.marshal.go.tmpl index a5bc1d73ea..7df6fa02b9 100644 --- a/internal/generator/backend/template/zkpschemes/groth16/tests/groth16.marshal.go.tmpl +++ b/internal/generator/backend/template/zkpschemes/groth16/tests/groth16.marshal.go.tmpl @@ -93,7 +93,7 @@ func TestVerifyingKeySerialization(t *testing.T) { elem.Add(&elem, &p1) } } - _, vk.CommitmentKey, err = pedersen.Setup(bases...) + _, vk.CommitmentKey, err = pedersen.Setup(bases) assert.NoError(t, err) } @@ -169,7 +169,7 @@ func TestProvingKeySerialization(t *testing.T) { } { var err error - pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases...) + pk.CommitmentKeys, _, err = pedersen.Setup(pedersenBases) require.NoError(t, err) }