diff --git a/README.md b/README.md index 833b2892..82c3e9a6 100644 --- a/README.md +++ b/README.md @@ -128,11 +128,11 @@ let (ck, vk) = PCS::trim(&pp, degree, 2, Some(&[degree])).unwrap(); // 3. PolynomialCommitment::commit // The prover commits to the polynomial using their committer key `ck`. -let (comms, rands) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); +let (comms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); // 4a. PolynomialCommitment::open // Opening proof at a single point. -let proof_single = PCS::open(&ck, [&labeled_poly], &comms, &point_1, &mut (test_sponge.clone()), &rands, None).unwrap(); +let proof_single = PCS::open(&ck, [&labeled_poly], &comms, &point_1, &mut (test_sponge.clone()), &states, None).unwrap(); // 5a. PolynomialCommitment::check // Verifying the proof at a single point, given the commitment, the point, the claimed evaluation, and the proof. @@ -154,7 +154,7 @@ let proof_batched = PCS::batch_open( &comms, &query_set, &mut (test_sponge.clone()), - &rands, + &states, Some(rng), ).unwrap(); diff --git a/bench-templates/src/lib.rs b/bench-templates/src/lib.rs index 6fc2e8bd..9451c313 100644 --- a/bench-templates/src/lib.rs +++ b/bench-templates/src/lib.rs @@ -114,7 +114,7 @@ where let labeled_poly = LabeledPolynomial::new("test".to_string(), rand_poly(num_vars, rng), None, None); - let (coms, randomness) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); + let (coms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); let point = P::Point::rand(rng); let start = Instant::now(); @@ -124,7 +124,7 @@ where &coms, &point, &mut test_sponge(), - &randomness, + &states, Some(rng), ) .unwrap(); @@ -148,7 +148,7 @@ where let labeled_poly = LabeledPolynomial::new("test".to_string(), rand_poly(num_vars, rng), None, None); - let (coms, randomness) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); + let (coms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); let point = P::Point::rand(rng); let proofs = PCS::open( @@ -157,7 +157,7 @@ where &coms, &point, &mut test_sponge(), - &randomness, + &states, Some(rng), ) .unwrap(); @@ -185,7 +185,7 @@ where let labeled_poly = LabeledPolynomial::new("test".to_string(), rand_poly(num_vars, rng), None, None); - let (coms, randomness) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); + let (coms, states) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap(); let point = P::Point::rand(rng); let claimed_eval = labeled_poly.evaluate(&point); let proof = PCS::open( @@ -194,7 +194,7 @@ where &coms, &point, &mut test_sponge(), - &randomness, + &states, Some(rng), ) .unwrap(); diff --git a/poly-commit/src/data_structures.rs b/poly-commit/src/data_structures.rs index 4a5eec21..2b942ee1 100644 --- a/poly-commit/src/data_structures.rs +++ b/poly-commit/src/data_structures.rs @@ -70,9 +70,12 @@ pub trait PCPreparedCommitment: Clone { fn prepare(comm: &UNPREPARED) -> Self; } -/// Defines the minimal interface of commitment randomness for any polynomial -/// commitment scheme. -pub trait PCRandomness: Clone + CanonicalSerialize + CanonicalDeserialize { +/// Defines the minimal interface of commitment state for any polynomial +/// commitment scheme. It might be randomness etc. +pub trait PCCommitmentState: Clone + CanonicalSerialize + CanonicalDeserialize { + /// This is the type of `Randomness` that the `rand` method returns + type Randomness: Clone + CanonicalSerialize + CanonicalDeserialize; + /// Outputs empty randomness that does not hide the commitment. fn empty() -> Self; @@ -86,9 +89,8 @@ pub trait PCRandomness: Clone + CanonicalSerialize + CanonicalDeserialize { has_degree_bound: bool, num_vars: Option, rng: &mut R, - ) -> Self; + ) -> Self::Randomness; } - /// A proof of satisfaction of linear combinations. #[derive(Clone, CanonicalSerialize, CanonicalDeserialize)] pub struct BatchLCProof { diff --git a/poly-commit/src/ipa_pc/data_structures.rs b/poly-commit/src/ipa_pc/data_structures.rs index 7ba56c95..84fcb7f2 100644 --- a/poly-commit/src/ipa_pc/data_structures.rs +++ b/poly-commit/src/ipa_pc/data_structures.rs @@ -146,7 +146,8 @@ pub struct Randomness { pub shifted_rand: Option, } -impl PCRandomness for Randomness { +impl PCCommitmentState for Randomness { + type Randomness = Self; fn empty() -> Self { Self { rand: G::ScalarField::zero(), diff --git a/poly-commit/src/ipa_pc/mod.rs b/poly-commit/src/ipa_pc/mod.rs index 652a54c0..43a40852 100644 --- a/poly-commit/src/ipa_pc/mod.rs +++ b/poly-commit/src/ipa_pc/mod.rs @@ -1,7 +1,7 @@ use crate::{BTreeMap, BTreeSet, String, ToString, Vec, CHALLENGE_SIZE}; use crate::{BatchLCProof, DenseUVPolynomial, Error, Evaluations, QuerySet}; use crate::{LabeledCommitment, LabeledPolynomial, LinearCombination}; -use crate::{PCCommitterKey, PCRandomness, PCUniversalParams, PolynomialCommitment}; +use crate::{PCCommitmentState, PCCommitterKey, PCUniversalParams, PolynomialCommitment}; use ark_ec::{AffineRepr, CurveGroup, VariableBaseMSM}; use ark_ff::{Field, One, PrimeField, UniformRand, Zero}; @@ -347,7 +347,7 @@ where type CommitterKey = CommitterKey; type VerifierKey = VerifierKey; type Commitment = Commitment; - type Randomness = Randomness; + type CommitmentState = Randomness; type Proof = Proof; type BatchProof = Vec; type Error = Error; @@ -418,7 +418,7 @@ where ) -> Result< ( Vec>, - Vec, + Vec, ), Self::Error, > @@ -427,7 +427,7 @@ where { let rng = &mut crate::optional_rng::OptionalRng(rng); let mut comms = Vec::new(); - let mut rands = Vec::new(); + let mut states = Vec::new(); let commit_time = start_timer!(|| "Committing to polynomials"); for labeled_polynomial in polynomials { @@ -446,7 +446,7 @@ where hiding_bound, )); - let randomness = if let Some(h) = hiding_bound { + let state = if let Some(h) = hiding_bound { Randomness::rand(h, degree_bound.is_some(), None, rng) } else { Randomness::empty() @@ -456,7 +456,7 @@ where &ck.comm_key[..(polynomial.degree() + 1)], &polynomial.coeffs(), Some(ck.s), - Some(randomness.rand), + Some(state.rand), ) .into(); @@ -465,7 +465,7 @@ where &ck.comm_key[(ck.supported_degree() - d)..], &polynomial.coeffs(), Some(ck.s), - randomness.shifted_rand, + state.shifted_rand, ) .into() }); @@ -474,13 +474,13 @@ where let labeled_comm = LabeledCommitment::new(label.to_string(), commitment, degree_bound); comms.push(labeled_comm); - rands.push(randomness); + states.push(state); end_timer!(commit_time); } end_timer!(commit_time); - Ok((comms, rands)) + Ok((comms, states)) } fn open<'a>( @@ -489,12 +489,12 @@ where commitments: impl IntoIterator>, point: &'a P::Point, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result where Self::Commitment: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, P: 'a, { let mut combined_polynomial = P::zero(); @@ -504,15 +504,15 @@ where let mut has_hiding = false; let polys_iter = labeled_polynomials.into_iter(); - let rands_iter = rands.into_iter(); + let states_iter = states.into_iter(); let comms_iter = commitments.into_iter(); let combine_time = start_timer!(|| "Combining polynomials, randomness, and commitments."); let mut cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0]; - for (labeled_polynomial, (labeled_commitment, randomness)) in - polys_iter.zip(comms_iter.zip(rands_iter)) + for (labeled_polynomial, (labeled_commitment, state)) in + polys_iter.zip(comms_iter.zip(states_iter)) { let label = labeled_polynomial.label(); assert_eq!(labeled_polynomial.label(), labeled_commitment.label()); @@ -528,7 +528,7 @@ where if hiding_bound.is_some() { has_hiding = true; - combined_rand += &(cur_challenge * &randomness.rand); + combined_rand += &(cur_challenge * &state.rand); } cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0]; @@ -554,7 +554,7 @@ where combined_commitment_proj += &commitment.shifted_comm.unwrap().mul(cur_challenge); if hiding_bound.is_some() { - let shifted_rand = randomness.shifted_rand; + let shifted_rand = state.shifted_rand; assert!( shifted_rand.is_some(), "shifted_rand.is_none() for {}", @@ -870,23 +870,23 @@ where commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result, Self::Error> where - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, P: 'a, { let label_poly_map = polynomials .into_iter() - .zip(rands) + .zip(states) .zip(commitments) - .map(|((p, r), c)| (p.label(), (p, r, c))) + .map(|((p, s), c)| (p.label(), (p, s, c))) .collect::>(); let mut lc_polynomials = Vec::new(); - let mut lc_randomness = Vec::new(); + let mut lc_states = Vec::new(); let mut lc_commitments = Vec::new(); let mut lc_info = Vec::new(); @@ -944,7 +944,7 @@ where let lc_poly = LabeledPolynomial::new(lc_label.clone(), poly, degree_bound, hiding_bound); lc_polynomials.push(lc_poly); - lc_randomness.push(Randomness { + lc_states.push(Randomness { rand: combined_rand, shifted_rand: combined_shifted_rand, }); @@ -965,7 +965,7 @@ where lc_commitments.iter(), &query_set, sponge, - lc_randomness.iter(), + lc_states.iter(), rng, )?; Ok(BatchLCProof { proof, evals: None }) diff --git a/poly-commit/src/kzg10/data_structures.rs b/poly-commit/src/kzg10/data_structures.rs index 60626e70..d648f19f 100644 --- a/poly-commit/src/kzg10/data_structures.rs +++ b/poly-commit/src/kzg10/data_structures.rs @@ -420,7 +420,8 @@ impl> Randomness { } } -impl> PCRandomness for Randomness { +impl> PCCommitmentState for Randomness { + type Randomness = Self; fn empty() -> Self { Self { blinding_polynomial: P::zero(), diff --git a/poly-commit/src/kzg10/mod.rs b/poly-commit/src/kzg10/mod.rs index 47089685..508db2cb 100644 --- a/poly-commit/src/kzg10/mod.rs +++ b/poly-commit/src/kzg10/mod.rs @@ -5,7 +5,7 @@ //! proposed by Kate, Zaverucha, and Goldberg ([KZG10](http://cacr.uwaterloo.ca/techreports/2010/cacr2010-10.pdf)). //! This construction achieves extractability in the algebraic group model (AGM). -use crate::{BTreeMap, Error, LabeledPolynomial, PCRandomness, ToString, Vec}; +use crate::{BTreeMap, Error, LabeledPolynomial, PCCommitmentState, ToString, Vec}; use ark_ec::AffineRepr; use ark_ec::{pairing::Pairing, CurveGroup}; use ark_ec::{scalar_mul::ScalarMul, VariableBaseMSM}; diff --git a/poly-commit/src/lib.rs b/poly-commit/src/lib.rs index 599db692..8ebb9710 100644 --- a/poly-commit/src/lib.rs +++ b/poly-commit/src/lib.rs @@ -153,8 +153,11 @@ pub trait PolynomialCommitment, S: Cryptographic type VerifierKey: PCVerifierKey; /// The commitment to a polynomial. type Commitment: PCCommitment + Default; - /// The commitment randomness. - type Randomness: PCRandomness; + /// Auxiliary state of the commitment, output by the `commit` phase. + /// It contains information that can be reused by the committer + /// during the `open` phase, such as the commitment randomness. + /// Not to be shared with the verifier. + type CommitmentState: PCCommitmentState; /// The evaluation proof for a single point. type Proof: Clone; /// The evaluation proof for a query set. @@ -200,7 +203,7 @@ pub trait PolynomialCommitment, S: Cryptographic ) -> Result< ( Vec>, - Vec, + Vec, ), Self::Error, > @@ -214,12 +217,12 @@ pub trait PolynomialCommitment, S: Cryptographic commitments: impl IntoIterator>, point: &'a P::Point, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a; /// check but with individual challenges @@ -250,12 +253,12 @@ pub trait PolynomialCommitment, S: Cryptographic commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, { // The default implementation achieves proceeds by rearranging the queries in @@ -263,16 +266,16 @@ pub trait PolynomialCommitment, S: Cryptographic // the same point, then opening their commitments simultaneously with a // single call to `open` (per point) let rng = &mut crate::optional_rng::OptionalRng(rng); - let poly_rand_comm: BTreeMap<_, _> = labeled_polynomials + let poly_st_comm: BTreeMap<_, _> = labeled_polynomials .into_iter() - .zip(rands) + .zip(states) .zip(commitments.into_iter()) - .map(|((poly, r), comm)| (poly.label(), (poly, r, comm))) + .map(|((poly, st), comm)| (poly.label(), (poly, st, comm))) .collect(); let open_time = start_timer!(|| format!( "Opening {} polynomials at query set of size {}", - poly_rand_comm.len(), + poly_st_comm.len(), query_set.len(), )); @@ -295,20 +298,20 @@ pub trait PolynomialCommitment, S: Cryptographic let mut proofs = Vec::new(); for (_point_label, (point, labels)) in query_to_labels_map.into_iter() { let mut query_polys: Vec<&'a LabeledPolynomial<_, _>> = Vec::new(); - let mut query_rands: Vec<&'a Self::Randomness> = Vec::new(); + let mut query_states: Vec<&'a Self::CommitmentState> = Vec::new(); let mut query_comms: Vec<&'a LabeledCommitment> = Vec::new(); // Constructing matching vectors with the polynomial, commitment // randomness and actual commitment for each polynomial being // queried at `point` for label in labels { - let (polynomial, rand, comm) = - poly_rand_comm.get(label).ok_or(Error::MissingPolynomial { + let (polynomial, state, comm) = + poly_st_comm.get(label).ok_or(Error::MissingPolynomial { label: label.to_string(), })?; query_polys.push(polynomial); - query_rands.push(rand); + query_states.push(state); query_comms.push(comm); } @@ -322,7 +325,7 @@ pub trait PolynomialCommitment, S: Cryptographic query_comms, &point, sponge, - query_rands, + query_states, Some(rng), )?; @@ -427,11 +430,11 @@ pub trait PolynomialCommitment, S: Cryptographic commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result, Self::Error> where - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, P: 'a, { @@ -453,7 +456,7 @@ pub trait PolynomialCommitment, S: Cryptographic commitments, &poly_query_set, sponge, - rands, + states, rng, )?; Ok(BatchLCProof { diff --git a/poly-commit/src/marlin/marlin_pc/data_structures.rs b/poly-commit/src/marlin/marlin_pc/data_structures.rs index 2b09e03a..203e3201 100644 --- a/poly-commit/src/marlin/marlin_pc/data_structures.rs +++ b/poly-commit/src/marlin/marlin_pc/data_structures.rs @@ -1,6 +1,6 @@ use crate::{ - DenseUVPolynomial, PCCommitment, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, - PCRandomness, PCVerifierKey, Vec, + DenseUVPolynomial, PCCommitment, PCCommitmentState, PCCommitterKey, PCPreparedCommitment, + PCPreparedVerifierKey, PCVerifierKey, Vec, }; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; @@ -360,7 +360,8 @@ impl<'a, F: PrimeField, P: DenseUVPolynomial> AddAssign<(F, &'a Randomness> PCRandomness for Randomness { +impl> PCCommitmentState for Randomness { + type Randomness = Self; fn empty() -> Self { Self { rand: kzg10::Randomness::empty(), diff --git a/poly-commit/src/marlin/marlin_pc/mod.rs b/poly-commit/src/marlin/marlin_pc/mod.rs index 622e12bd..7fbfba07 100644 --- a/poly-commit/src/marlin/marlin_pc/mod.rs +++ b/poly-commit/src/marlin/marlin_pc/mod.rs @@ -2,7 +2,7 @@ use crate::{kzg10, marlin::Marlin, PCCommitterKey, CHALLENGE_SIZE}; use crate::{BTreeMap, BTreeSet, ToString, Vec}; use crate::{BatchLCProof, Error, Evaluations, QuerySet}; use crate::{LabeledCommitment, LabeledPolynomial, LinearCombination}; -use crate::{PCRandomness, PCUniversalParams, PolynomialCommitment}; +use crate::{PCCommitmentState, PCUniversalParams, PolynomialCommitment}; use ark_ec::pairing::Pairing; use ark_ec::AffineRepr; use ark_ec::CurveGroup; @@ -65,7 +65,7 @@ where type CommitterKey = CommitterKey; type VerifierKey = VerifierKey; type Commitment = Commitment; - type Randomness = Randomness; + type CommitmentState = Randomness; type Proof = kzg10::Proof; type BatchProof = Vec; type Error = Error; @@ -179,7 +179,7 @@ where ) -> Result< ( Vec>, - Vec, + Vec, ), Self::Error, > @@ -190,7 +190,7 @@ where let commit_time = start_timer!(|| "Committing to polynomials"); let mut commitments = Vec::new(); - let mut randomness = Vec::new(); + let mut states = Vec::new(); for p in polynomials { let label = p.label(); @@ -231,17 +231,17 @@ where }; let comm = Commitment { comm, shifted_comm }; - let rand = Randomness { rand, shifted_rand }; + let state = Randomness { rand, shifted_rand }; commitments.push(LabeledCommitment::new( label.to_string(), comm, degree_bound, )); - randomness.push(rand); + states.push(state); end_timer!(commit_time); } end_timer!(commit_time); - Ok((commitments, randomness)) + Ok((commitments, states)) } /// On input a polynomial `p` and a point `point`, outputs a proof for the same. @@ -251,12 +251,12 @@ where _commitments: impl IntoIterator>, point: &'a P::Point, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, _rng: Option<&mut dyn RngCore>, ) -> Result where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, { let mut p = P::zero(); @@ -266,7 +266,7 @@ where let mut shifted_r_witness = P::zero(); let mut enforce_degree_bound = false; - for (polynomial, rand) in labeled_polynomials.into_iter().zip(rands) { + for (polynomial, rand) in labeled_polynomials.into_iter().zip(states) { let degree_bound = polynomial.degree_bound(); assert_eq!(degree_bound.is_some(), rand.shifted_rand.is_some()); @@ -407,12 +407,12 @@ where commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result, Self::Error> where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, { Marlin::::open_combinations( @@ -422,7 +422,7 @@ where commitments, query_set, sponge, - rands, + states, rng, ) } @@ -462,18 +462,18 @@ where commitments: impl IntoIterator>>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result>, Error> where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, { let rng = &mut crate::optional_rng::OptionalRng(rng); let poly_rand_comm: BTreeMap<_, _> = labeled_polynomials .into_iter() - .zip(rands) + .zip(states) .zip(commitments.into_iter()) .map(|((poly, r), comm)| (poly.label(), (poly, r, comm))) .collect(); @@ -496,7 +496,7 @@ where let mut proofs = Vec::new(); for (_point_label, (point, labels)) in query_to_labels_map.into_iter() { let mut query_polys: Vec<&'a LabeledPolynomial<_, _>> = Vec::new(); - let mut query_rands: Vec<&'a Self::Randomness> = Vec::new(); + let mut query_states: Vec<&'a Self::CommitmentState> = Vec::new(); let mut query_comms: Vec<&'a LabeledCommitment> = Vec::new(); for label in labels { @@ -506,7 +506,7 @@ where })?; query_polys.push(polynomial); - query_rands.push(rand); + query_states.push(rand); query_comms.push(comm); } @@ -517,7 +517,7 @@ where query_comms, point, sponge, - query_rands, + query_states, Some(rng), )?; diff --git a/poly-commit/src/marlin/marlin_pst13_pc/data_structures.rs b/poly-commit/src/marlin/marlin_pst13_pc/data_structures.rs index 8ccf300b..9cc8d73b 100644 --- a/poly-commit/src/marlin/marlin_pst13_pc/data_structures.rs +++ b/poly-commit/src/marlin/marlin_pst13_pc/data_structures.rs @@ -1,6 +1,6 @@ use crate::{BTreeMap, Vec}; use crate::{ - PCCommitterKey, PCPreparedVerifierKey, PCRandomness, PCUniversalParams, PCVerifierKey, + PCCommitmentState, PCCommitterKey, PCPreparedVerifierKey, PCUniversalParams, PCVerifierKey, }; use ark_ec::pairing::Pairing; use ark_poly::DenseMVPolynomial; @@ -362,12 +362,13 @@ where } } -impl PCRandomness for Randomness +impl PCCommitmentState for Randomness where E: Pairing, P: DenseMVPolynomial, P::Point: Index, { + type Randomness = Self; fn empty() -> Self { Self { blinding_polynomial: P::zero(), diff --git a/poly-commit/src/marlin/marlin_pst13_pc/mod.rs b/poly-commit/src/marlin/marlin_pst13_pc/mod.rs index 96855bd4..a825a9b5 100644 --- a/poly-commit/src/marlin/marlin_pst13_pc/mod.rs +++ b/poly-commit/src/marlin/marlin_pst13_pc/mod.rs @@ -5,7 +5,7 @@ use crate::{ }; use crate::{BatchLCProof, Error, Evaluations, QuerySet}; use crate::{LabeledCommitment, LabeledPolynomial, LinearCombination}; -use crate::{PCRandomness, PCUniversalParams, PolynomialCommitment}; +use crate::{PCCommitmentState, PCUniversalParams, PolynomialCommitment}; use crate::{ToString, Vec}; use ark_ec::AffineRepr; use ark_ec::{ @@ -154,7 +154,7 @@ where type CommitterKey = CommitterKey; type VerifierKey = VerifierKey; type Commitment = marlin_pc::Commitment; - type Randomness = Randomness; + type CommitmentState = Randomness; type Proof = Proof; type BatchProof = Vec; type Error = Error; @@ -332,7 +332,7 @@ where ) -> Result< ( Vec>, - Vec, + Vec, ), Self::Error, > @@ -430,25 +430,25 @@ where _commitments: impl IntoIterator>, point: &P::Point, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, _rng: Option<&mut dyn RngCore>, ) -> Result where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, { // Compute random linear combinations of committed polynomials and randomness let mut p = P::zero(); let mut r = Randomness::empty(); - for (polynomial, rand) in labeled_polynomials.into_iter().zip(rands) { + for (polynomial, state) in labeled_polynomials.into_iter().zip(states) { Self::check_degrees_and_bounds(ck.supported_degree, &polynomial)?; // compute challenge^j and challenge^{j+1}. let challenge_j = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0]; p += (challenge_j, polynomial.polynomial()); - r += (challenge_j, rand); + r += (challenge_j, state); } let open_time = start_timer!(|| format!("Opening polynomial of degree {}", p.degree())); @@ -650,12 +650,12 @@ where commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result, Self::Error> where P: 'a, - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, { Marlin::::open_combinations( @@ -665,7 +665,7 @@ where commitments, query_set, sponge, - rands, + states, rng, ) } diff --git a/poly-commit/src/marlin/mod.rs b/poly-commit/src/marlin/mod.rs index 4b4b9eed..d7e7f5a1 100644 --- a/poly-commit/src/marlin/mod.rs +++ b/poly-commit/src/marlin/mod.rs @@ -3,7 +3,7 @@ use crate::{kzg10, Error}; use crate::{BTreeMap, BTreeSet, Debug, RngCore, String, ToString, Vec}; use crate::{BatchLCProof, LabeledPolynomial, LinearCombination}; use crate::{Evaluations, LabeledCommitment, QuerySet}; -use crate::{PCRandomness, Polynomial, PolynomialCommitment}; +use crate::{PCCommitmentState, Polynomial, PolynomialCommitment}; use ark_crypto_primitives::sponge::CryptographicSponge; use ark_ec::pairing::Pairing; use ark_ec::AffineRepr; @@ -229,7 +229,7 @@ where commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result, Error> where @@ -242,18 +242,18 @@ where Commitment = marlin_pc::Commitment, Error = Error, >, - PC::Randomness: 'a + AddAssign<(E::ScalarField, &'a PC::Randomness)>, + PC::CommitmentState: 'a + AddAssign<(E::ScalarField, &'a PC::CommitmentState)>, PC::Commitment: 'a, { let label_map = polynomials .into_iter() - .zip(rands) + .zip(states) .zip(commitments) .map(|((p, r), c)| (p.label(), (p, r, c))) .collect::>(); let mut lc_polynomials = Vec::new(); - let mut lc_randomness = Vec::new(); + let mut lc_states: Vec = Vec::new(); let mut lc_commitments = Vec::new(); let mut lc_info = Vec::new(); @@ -263,13 +263,13 @@ where let mut degree_bound = None; let mut hiding_bound = None; - let mut randomness = PC::Randomness::empty(); + let mut randomness = PC::CommitmentState::empty(); let mut coeffs_and_comms = Vec::new(); let num_polys = lc.len(); for (coeff, label) in lc.iter().filter(|(_, l)| !l.is_one()) { let label: &String = label.try_into().expect("cannot be one!"); - let &(cur_poly, cur_rand, cur_comm) = + let &(cur_poly, cur_state, cur_comm) = label_map.get(label).ok_or(Error::MissingPolynomial { label: label.to_string(), })?; @@ -285,14 +285,14 @@ where // Some(_) > None, always. hiding_bound = core::cmp::max(hiding_bound, cur_poly.hiding_bound()); poly += (*coeff, cur_poly.polynomial()); - randomness += (*coeff, cur_rand); + randomness += (*coeff, cur_state); coeffs_and_comms.push((*coeff, cur_comm.commitment())); } let lc_poly = LabeledPolynomial::new(lc_label.clone(), poly, degree_bound, hiding_bound); lc_polynomials.push(lc_poly); - lc_randomness.push(randomness); + lc_states.push(randomness); lc_commitments.push(Self::combine_commitments(coeffs_and_comms)); lc_info.push((lc_label, degree_bound)); } @@ -310,7 +310,7 @@ where lc_commitments.iter(), &query_set, sponge, - lc_randomness.iter(), + lc_states.iter(), rng, )?; diff --git a/poly-commit/src/sonic_pc/mod.rs b/poly-commit/src/sonic_pc/mod.rs index 196fad21..caf9b79c 100644 --- a/poly-commit/src/sonic_pc/mod.rs +++ b/poly-commit/src/sonic_pc/mod.rs @@ -2,7 +2,7 @@ use crate::{kzg10, PCCommitterKey, CHALLENGE_SIZE}; use crate::{BTreeMap, BTreeSet, String, ToString, Vec}; use crate::{BatchLCProof, DenseUVPolynomial, Error, Evaluations, QuerySet}; use crate::{LabeledCommitment, LabeledPolynomial, LinearCombination}; -use crate::{PCRandomness, PCUniversalParams, PolynomialCommitment}; +use crate::{PCCommitmentState, PCUniversalParams, PolynomialCommitment}; use ark_ec::AffineRepr; use ark_ec::CurveGroup; @@ -145,7 +145,7 @@ where type CommitterKey = CommitterKey; type VerifierKey = VerifierKey; type Commitment = Commitment; - type Randomness = Randomness; + type CommitmentState = Randomness; type Proof = kzg10::Proof; type BatchProof = Vec; type Error = Error; @@ -280,7 +280,7 @@ where ) -> Result< ( Vec>, - Vec, + Vec, ), Self::Error, > @@ -290,7 +290,7 @@ where let rng = &mut crate::optional_rng::OptionalRng(rng); let commit_time = start_timer!(|| "Committing to polynomials"); let mut labeled_comms: Vec> = Vec::new(); - let mut randomness: Vec = Vec::new(); + let mut randomness: Vec = Vec::new(); for labeled_polynomial in polynomials { let enforced_degree_bounds: Option<&[usize]> = ck @@ -345,11 +345,11 @@ where _commitments: impl IntoIterator>, point: &'a P::Point, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, _rng: Option<&mut dyn RngCore>, ) -> Result where - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, P: 'a, { @@ -358,7 +358,7 @@ where let mut curr_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0]; - for (polynomial, rand) in labeled_polynomials.into_iter().zip(rands) { + for (polynomial, state) in labeled_polynomials.into_iter().zip(states) { let enforced_degree_bounds: Option<&[usize]> = ck .enforced_degree_bounds .as_ref() @@ -372,7 +372,7 @@ where )?; combined_polynomial += (curr_challenge, polynomial.polynomial()); - combined_rand += (curr_challenge, rand); + combined_rand += (curr_challenge, state); curr_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0]; } @@ -502,23 +502,23 @@ where commitments: impl IntoIterator>, query_set: &QuerySet, sponge: &mut S, - rands: impl IntoIterator, + states: impl IntoIterator, rng: Option<&mut dyn RngCore>, ) -> Result, Self::Error> where - Self::Randomness: 'a, + Self::CommitmentState: 'a, Self::Commitment: 'a, P: 'a, { let label_map = polynomials .into_iter() - .zip(rands) + .zip(states) .zip(commitments) - .map(|((p, r), c)| (p.label(), (p, r, c))) + .map(|((p, s), c)| (p.label(), (p, s, c))) .collect::>(); let mut lc_polynomials = Vec::new(); - let mut lc_randomness = Vec::new(); + let mut lc_states = Vec::new(); let mut lc_commitments = Vec::new(); let mut lc_info = Vec::new(); @@ -527,13 +527,13 @@ where let mut poly = P::zero(); let mut degree_bound = None; let mut hiding_bound = None; - let mut randomness = Self::Randomness::empty(); + let mut state = Self::CommitmentState::empty(); let mut comm = E::G1::zero(); let num_polys = lc.len(); for (coeff, label) in lc.iter().filter(|(_, l)| !l.is_one()) { let label: &String = label.try_into().expect("cannot be one!"); - let &(cur_poly, cur_rand, curr_comm) = + let &(cur_poly, cur_state, curr_comm) = label_map.get(label).ok_or(Error::MissingPolynomial { label: label.to_string(), })?; @@ -552,14 +552,14 @@ where // Some(_) > None, always. hiding_bound = core::cmp::max(hiding_bound, cur_poly.hiding_bound()); poly += (*coeff, cur_poly.polynomial()); - randomness += (*coeff, cur_rand); + state += (*coeff, cur_state); comm += &curr_comm.commitment().0.mul(*coeff); } let lc_poly = LabeledPolynomial::new(lc_label.clone(), poly, degree_bound, hiding_bound); lc_polynomials.push(lc_poly); - lc_randomness.push(randomness); + lc_states.push(state); lc_commitments.push(comm); lc_info.push((lc_label, degree_bound)); } @@ -581,7 +581,7 @@ where lc_commitments.iter(), &query_set, sponge, - lc_randomness.iter(), + lc_states.iter(), rng, )?; Ok(BatchLCProof { proof, evals: None })