From 15476be4d4ef1899ffec5b51c3c946491475f5bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20Leegwater=20Sim=C3=B5es?= Date: Fri, 15 Oct 2021 10:43:42 +0200 Subject: [PATCH] Remove `Plonkup3Arity` (#619) * Remove `PlonkupTable3Arity` * Change to use `PlonkupTable4Arity` * Rename `PlonkupTable4Arity` to `IndexTable` * Fix tests to work with `IndexTable` * Remove bigint crate and the usage of `u256` from plonkup See also: #589 Co-authored-by: zer0 --- Cargo.toml | 1 - src/constraint_system/composer.rs | 12 +- src/constraint_system/helper.rs | 4 +- src/plonkup.rs | 5 +- src/plonkup/multiset.rs | 5 +- src/plonkup/table/hash_tables.rs | 4 +- src/plonkup/table/hash_tables/constants.rs | 737 ++------------------- src/plonkup/table/lookup_table.rs | 274 ++------ src/plonkup/table/preprocess.rs | 74 +-- src/plonkup/table/witness_table.rs | 123 +--- src/proof_system/preprocess.rs | 6 +- 11 files changed, 131 insertions(+), 1114 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index e04f21d4..7efee5ab 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -14,7 +14,6 @@ description = "A pure-Rust implementation of the PLONK ZK-Proof algorithm" exclude = [ ".github/" ] [dependencies] -bigint = "4.4" merlin = {version = "3.0", default-features = false} rand_core = {version="0.6", default-features=false} dusk-bytes = "0.1" diff --git a/src/constraint_system/composer.rs b/src/constraint_system/composer.rs index 506b83de..c75317e8 100644 --- a/src/constraint_system/composer.rs +++ b/src/constraint_system/composer.rs @@ -20,7 +20,7 @@ use crate::constraint_system::{Constraint, Selector, Witness}; use crate::permutation::Permutation; -use crate::plonkup::PlonkupTable4Arity; +use crate::plonkup::LookupTable; use alloc::collections::BTreeMap; use alloc::vec::Vec; use dusk_bls12_381::BlsScalar; @@ -96,7 +96,7 @@ pub struct TurboComposer { pub(crate) w_4: Vec, /// Public lookup table - pub(crate) lookup_table: PlonkupTable4Arity, + pub(crate) lookup_table: LookupTable, /// A zero Witness that is a part of the circuit description. /// We reserve a variable to be zero in the system @@ -218,7 +218,7 @@ impl TurboComposer { w_o: Vec::with_capacity(size), w_4: Vec::with_capacity(size), - lookup_table: PlonkupTable4Arity::new(), + lookup_table: LookupTable::new(), constant_zero: Witness::new(0), @@ -760,7 +760,7 @@ impl TurboComposer { /// When [`TurboComposer`] is initialised, it spawns a dummy table /// with 3 entries that should not be removed. This function appends /// its input table to the composer's dummy table - pub fn append_plonkup_table(&mut self, table: &PlonkupTable4Arity) { + pub fn append_plonkup_table(&mut self, table: &LookupTable) { table.0.iter().for_each(|k| self.lookup_table.0.push(*k)) } } @@ -828,7 +828,7 @@ mod tests { #[test] fn test_gadget() { - let mut t = PlonkupTable4Arity::new(); + let mut t = LookupTable::new(); t.insert_special_row( BlsScalar::from(12), BlsScalar::from(12), @@ -872,7 +872,7 @@ mod tests { #[test] #[should_panic] fn test_gadget_fail() { - let mut t = PlonkupTable4Arity::new(); + let mut t = LookupTable::new(); t.insert_special_row( BlsScalar::from(12), BlsScalar::from(12), diff --git a/src/constraint_system/helper.rs b/src/constraint_system/helper.rs index 845fbc7d..1a1a4f0a 100644 --- a/src/constraint_system/helper.rs +++ b/src/constraint_system/helper.rs @@ -8,7 +8,7 @@ use super::TurboComposer; use crate::commitment_scheme::PublicParameters; use crate::constraint_system::Constraint; use crate::error::Error; -use crate::plonkup::PlonkupTable4Arity; +use crate::plonkup::LookupTable; use crate::proof_system::{Prover, Verifier}; use dusk_bls12_381::BlsScalar; use rand_core::OsRng; @@ -100,7 +100,7 @@ pub(crate) fn gadget_tester( pub(crate) fn gadget_plonkup_tester( gadget: fn(composer: &mut TurboComposer), n: usize, - lookup_table: PlonkupTable4Arity, + lookup_table: LookupTable, ) -> Result<(), Error> { // Common View let public_parameters = PublicParameters::setup(2 * n, &mut OsRng)?; diff --git a/src/plonkup.rs b/src/plonkup.rs index 84173f68..d53ade0f 100644 --- a/src/plonkup.rs +++ b/src/plonkup.rs @@ -17,7 +17,6 @@ pub(crate) mod table; pub use multiset::MultiSet; pub use table::hash_tables::constants; pub use table::{ - lookup_table::{PlonkupTable3Arity, PlonkupTable4Arity}, - preprocess::{PreprocessedTable3Arity, PreprocessedTable4Arity}, - witness_table::{WitnessTable3Arity, WitnessTable4Arity}, + lookup_table::LookupTable, preprocess::PreprocessedLookupTable, + witness_table::WitnessTable, }; diff --git a/src/plonkup/multiset.rs b/src/plonkup/multiset.rs index 2aada8bb..5c4695ba 100644 --- a/src/plonkup/multiset.rs +++ b/src/plonkup/multiset.rs @@ -242,7 +242,7 @@ impl Mul for MultiSet { mod test { use super::*; use crate::fft::EvaluationDomain; - use crate::plonkup::WitnessTable3Arity; + use crate::plonkup::WitnessTable; #[test] fn test_halve() { @@ -384,7 +384,7 @@ mod test { let alpha = BlsScalar::from(2); let alpha_squared = alpha * alpha; - let mut table = WitnessTable3Arity::default(); + let mut table = WitnessTable::default(); // Fill in wires directly, no need to use a // plonkup table as this will not be going @@ -393,6 +393,7 @@ mod test { BlsScalar::from(1), BlsScalar::from(2), BlsScalar::from(3), + BlsScalar::from(4), ); // Computed expected result diff --git a/src/plonkup/table/hash_tables.rs b/src/plonkup/table/hash_tables.rs index aa22ed76..5315109b 100644 --- a/src/plonkup/table/hash_tables.rs +++ b/src/plonkup/table/hash_tables.rs @@ -10,6 +10,4 @@ /// Module containing constants required in reinforced concrete pub mod constants; -pub use constants::{ - BLS_SCALAR_REAL, DECOMPOSITION_S_I, N, S, SBOX_U256, T_S, V, -}; +pub use constants::{BLS_SCALAR_REAL, DECOMPOSITION_S_I, N, S, SBOX, T_S, V}; diff --git a/src/plonkup/table/hash_tables/constants.rs b/src/plonkup/table/hash_tables/constants.rs index cde13a4d..013e49c7 100644 --- a/src/plonkup/table/hash_tables/constants.rs +++ b/src/plonkup/table/hash_tables/constants.rs @@ -10,7 +10,6 @@ // These are the required constants for the // Currently making the s_i usize. -use bigint::U256 as u256; use dusk_bls12_381::BlsScalar; /// Constant V @@ -253,698 +252,58 @@ pub const BLS_RECIP: [u64; 26] = [ ]; /// Predefined S-box -pub const SBOX_U256: [u256; 659] = [ - u256([15, 0, 0, 0]), - u256([187, 0, 0, 0]), - u256([186, 0, 0, 0]), - u256([168, 0, 0, 0]), - u256([493, 0, 0, 0]), - u256([102, 0, 0, 0]), - u256([296, 0, 0, 0]), - u256([11, 0, 0, 0]), - u256([164, 0, 0, 0]), - u256([155, 0, 0, 0]), - u256([527, 0, 0, 0]), - u256([103, 0, 0, 0]), - u256([192, 0, 0, 0]), - u256([589, 0, 0, 0]), - u256([543, 0, 0, 0]), - u256([450, 0, 0, 0]), - u256([647, 0, 0, 0]), - u256([72, 0, 0, 0]), - u256([343, 0, 0, 0]), - u256([386, 0, 0, 0]), - u256([279, 0, 0, 0]), - u256([616, 0, 0, 0]), - u256([225, 0, 0, 0]), - u256([140, 0, 0, 0]), - u256([313, 0, 0, 0]), - u256([586, 0, 0, 0]), - u256([276, 0, 0, 0]), - u256([57, 0, 0, 0]), - u256([162, 0, 0, 0]), - u256([68, 0, 0, 0]), - u256([179, 0, 0, 0]), - u256([445, 0, 0, 0]), - u256([418, 0, 0, 0]), - u256([364, 0, 0, 0]), - u256([46, 0, 0, 0]), - u256([591, 0, 0, 0]), - u256([541, 0, 0, 0]), - u256([218, 0, 0, 0]), - u256([0, 0, 0, 0]), - u256([437, 0, 0, 0]), - u256([618, 0, 0, 0]), - u256([157, 0, 0, 0]), - u256([657, 0, 0, 0]), - u256([49, 0, 0, 0]), - u256([120, 0, 0, 0]), - u256([469, 0, 0, 0]), - u256([142, 0, 0, 0]), - u256([325, 0, 0, 0]), - u256([183, 0, 0, 0]), - u256([123, 0, 0, 0]), - u256([23, 0, 0, 0]), - u256([468, 0, 0, 0]), - u256([619, 0, 0, 0]), - u256([217, 0, 0, 0]), - u256([472, 0, 0, 0]), - u256([226, 0, 0, 0]), - u256([212, 0, 0, 0]), - u256([406, 0, 0, 0]), - u256([4, 0, 0, 0]), - u256([499, 0, 0, 0]), - u256([182, 0, 0, 0]), - u256([51, 0, 0, 0]), - u256([141, 0, 0, 0]), - u256([86, 0, 0, 0]), - u256([596, 0, 0, 0]), - u256([70, 0, 0, 0]), - u256([149, 0, 0, 0]), - u256([355, 0, 0, 0]), - u256([351, 0, 0, 0]), - u256([245, 0, 0, 0]), - u256([52, 0, 0, 0]), - u256([193, 0, 0, 0]), - u256([311, 0, 0, 0]), - u256([244, 0, 0, 0]), - u256([375, 0, 0, 0]), - u256([300, 0, 0, 0]), - u256([399, 0, 0, 0]), - u256([590, 0, 0, 0]), - u256([143, 0, 0, 0]), - u256([24, 0, 0, 0]), - u256([190, 0, 0, 0]), - u256([517, 0, 0, 0]), - u256([208, 0, 0, 0]), - u256([539, 0, 0, 0]), - u256([544, 0, 0, 0]), - u256([236, 0, 0, 0]), - u256([393, 0, 0, 0]), - u256([34, 0, 0, 0]), - u256([203, 0, 0, 0]), - u256([60, 0, 0, 0]), - u256([151, 0, 0, 0]), - u256([243, 0, 0, 0]), - u256([542, 0, 0, 0]), - u256([299, 0, 0, 0]), - u256([368, 0, 0, 0]), - u256([289, 0, 0, 0]), - u256([272, 0, 0, 0]), - u256([567, 0, 0, 0]), - u256([280, 0, 0, 0]), - u256([599, 0, 0, 0]), - u256([625, 0, 0, 0]), - u256([341, 0, 0, 0]), - u256([462, 0, 0, 0]), - u256([509, 0, 0, 0]), - u256([153, 0, 0, 0]), - u256([374, 0, 0, 0]), - u256([213, 0, 0, 0]), - u256([477, 0, 0, 0]), - u256([310, 0, 0, 0]), - u256([347, 0, 0, 0]), - u256([572, 0, 0, 0]), - u256([71, 0, 0, 0]), - u256([579, 0, 0, 0]), - u256([158, 0, 0, 0]), - u256([412, 0, 0, 0]), - u256([587, 0, 0, 0]), - u256([63, 0, 0, 0]), - u256([172, 0, 0, 0]), - u256([640, 0, 0, 0]), - u256([173, 0, 0, 0]), - u256([101, 0, 0, 0]), - u256([439, 0, 0, 0]), - u256([5, 0, 0, 0]), - u256([92, 0, 0, 0]), - u256([501, 0, 0, 0]), - u256([500, 0, 0, 0]), - u256([330, 0, 0, 0]), - u256([633, 0, 0, 0]), - u256([630, 0, 0, 0]), - u256([328, 0, 0, 0]), - u256([488, 0, 0, 0]), - u256([356, 0, 0, 0]), - u256([89, 0, 0, 0]), - u256([224, 0, 0, 0]), - u256([383, 0, 0, 0]), - u256([96, 0, 0, 0]), - u256([643, 0, 0, 0]), - u256([585, 0, 0, 0]), - u256([422, 0, 0, 0]), - u256([41, 0, 0, 0]), - u256([295, 0, 0, 0]), - u256([642, 0, 0, 0]), - u256([571, 0, 0, 0]), - u256([247, 0, 0, 0]), - u256([239, 0, 0, 0]), - u256([600, 0, 0, 0]), - u256([561, 0, 0, 0]), - u256([319, 0, 0, 0]), - u256([480, 0, 0, 0]), - u256([570, 0, 0, 0]), - u256([652, 0, 0, 0]), - u256([134, 0, 0, 0]), - u256([620, 0, 0, 0]), - u256([484, 0, 0, 0]), - u256([525, 0, 0, 0]), - u256([333, 0, 0, 0]), - u256([177, 0, 0, 0]), - u256([209, 0, 0, 0]), - u256([8, 0, 0, 0]), - u256([211, 0, 0, 0]), - u256([402, 0, 0, 0]), - u256([478, 0, 0, 0]), - u256([574, 0, 0, 0]), - u256([148, 0, 0, 0]), - u256([365, 0, 0, 0]), - u256([83, 0, 0, 0]), - u256([635, 0, 0, 0]), - u256([44, 0, 0, 0]), - u256([646, 0, 0, 0]), - u256([204, 0, 0, 0]), - u256([414, 0, 0, 0]), - u256([413, 0, 0, 0]), - u256([398, 0, 0, 0]), - u256([449, 0, 0, 0]), - u256([363, 0, 0, 0]), - u256([588, 0, 0, 0]), - u256([65, 0, 0, 0]), - u256([617, 0, 0, 0]), - u256([658, 0, 0, 0]), - u256([126, 0, 0, 0]), - u256([178, 0, 0, 0]), - u256([536, 0, 0, 0]), - u256([624, 0, 0, 0]), - u256([201, 0, 0, 0]), - u256([513, 0, 0, 0]), - u256([506, 0, 0, 0]), - u256([384, 0, 0, 0]), - u256([336, 0, 0, 0]), - u256([382, 0, 0, 0]), - u256([348, 0, 0, 0]), - u256([223, 0, 0, 0]), - u256([316, 0, 0, 0]), - u256([629, 0, 0, 0]), - u256([88, 0, 0, 0]), - u256([18, 0, 0, 0]), - u256([278, 0, 0, 0]), - u256([287, 0, 0, 0]), - u256([524, 0, 0, 0]), - u256([257, 0, 0, 0]), - u256([421, 0, 0, 0]), - u256([639, 0, 0, 0]), - u256([424, 0, 0, 0]), - u256([452, 0, 0, 0]), - u256([511, 0, 0, 0]), - u256([564, 0, 0, 0]), - u256([538, 0, 0, 0]), - u256([214, 0, 0, 0]), - u256([514, 0, 0, 0]), - u256([307, 0, 0, 0]), - u256([31, 0, 0, 0]), - u256([93, 0, 0, 0]), - u256([471, 0, 0, 0]), - u256([104, 0, 0, 0]), - u256([528, 0, 0, 0]), - u256([234, 0, 0, 0]), - u256([352, 0, 0, 0]), - u256([255, 0, 0, 0]), - u256([534, 0, 0, 0]), - u256([580, 0, 0, 0]), - u256([113, 0, 0, 0]), - u256([360, 0, 0, 0]), - u256([526, 0, 0, 0]), - u256([614, 0, 0, 0]), - u256([532, 0, 0, 0]), - u256([603, 0, 0, 0]), - u256([537, 0, 0, 0]), - u256([1, 0, 0, 0]), - u256([370, 0, 0, 0]), - u256([121, 0, 0, 0]), - u256([430, 0, 0, 0]), - u256([32, 0, 0, 0]), - u256([417, 0, 0, 0]), - u256([426, 0, 0, 0]), - u256([391, 0, 0, 0]), - u256([644, 0, 0, 0]), - u256([358, 0, 0, 0]), - u256([206, 0, 0, 0]), - u256([3, 0, 0, 0]), - u256([504, 0, 0, 0]), - u256([13, 0, 0, 0]), - u256([557, 0, 0, 0]), - u256([444, 0, 0, 0]), - u256([284, 0, 0, 0]), - u256([584, 0, 0, 0]), - u256([39, 0, 0, 0]), - u256([251, 0, 0, 0]), - u256([176, 0, 0, 0]), - u256([508, 0, 0, 0]), - u256([94, 0, 0, 0]), - u256([156, 0, 0, 0]), - u256([33, 0, 0, 0]), - u256([273, 0, 0, 0]), - u256([496, 0, 0, 0]), - u256([246, 0, 0, 0]), - u256([321, 0, 0, 0]), - u256([58, 0, 0, 0]), - u256([21, 0, 0, 0]), - u256([165, 0, 0, 0]), - u256([638, 0, 0, 0]), - u256([436, 0, 0, 0]), - u256([10, 0, 0, 0]), - u256([145, 0, 0, 0]), - u256([194, 0, 0, 0]), - u256([498, 0, 0, 0]), - u256([267, 0, 0, 0]), - u256([292, 0, 0, 0]), - u256([90, 0, 0, 0]), - u256([497, 0, 0, 0]), - u256([505, 0, 0, 0]), - u256([510, 0, 0, 0]), - u256([80, 0, 0, 0]), - u256([435, 0, 0, 0]), - u256([303, 0, 0, 0]), - u256([42, 0, 0, 0]), - u256([533, 0, 0, 0]), - u256([529, 0, 0, 0]), - u256([453, 0, 0, 0]), - u256([329, 0, 0, 0]), - u256([428, 0, 0, 0]), - u256([35, 0, 0, 0]), - u256([337, 0, 0, 0]), - u256([269, 0, 0, 0]), - u256([229, 0, 0, 0]), - u256([297, 0, 0, 0]), - u256([85, 0, 0, 0]), - u256([562, 0, 0, 0]), - u256([440, 0, 0, 0]), - u256([357, 0, 0, 0]), - u256([95, 0, 0, 0]), - u256([50, 0, 0, 0]), - u256([559, 0, 0, 0]), - u256([446, 0, 0, 0]), - u256([656, 0, 0, 0]), - u256([606, 0, 0, 0]), - u256([457, 0, 0, 0]), - u256([459, 0, 0, 0]), - u256([390, 0, 0, 0]), - u256([59, 0, 0, 0]), - u256([611, 0, 0, 0]), - u256([306, 0, 0, 0]), - u256([623, 0, 0, 0]), - u256([188, 0, 0, 0]), - u256([650, 0, 0, 0]), - u256([582, 0, 0, 0]), - u256([170, 0, 0, 0]), - u256([249, 0, 0, 0]), - u256([16, 0, 0, 0]), - u256([380, 0, 0, 0]), - u256([230, 0, 0, 0]), - u256([130, 0, 0, 0]), - u256([169, 0, 0, 0]), - u256([138, 0, 0, 0]), - u256([612, 0, 0, 0]), - u256([207, 0, 0, 0]), - u256([227, 0, 0, 0]), - u256([598, 0, 0, 0]), - u256([47, 0, 0, 0]), - u256([483, 0, 0, 0]), - u256([73, 0, 0, 0]), - u256([67, 10, 0, 0]), - u256([106, 0, 0, 0]), - u256([175, 0, 0, 0]), - u256([655, 0, 0, 0]), - u256([22, 0, 0, 0]), - u256([77, 0, 0, 0]), - u256([133, 0, 0, 0]), - u256([283, 0, 0, 0]), - u256([377, 0, 0, 0]), - u256([112, 0, 0, 0]), - u256([232, 0, 0, 0]), - u256([429, 0, 0, 0]), - u256([117, 0, 0, 0]), - u256([111, 0, 0, 0]), - u256([332, 0, 0, 0]), - u256([6, 0, 0, 0]), - u256([324, 0, 0, 0]), - u256([7, 0, 0, 0]), - u256([409, 0, 0, 0]), - u256([302, 0, 0, 0]), - u256([260, 0, 0, 0]), - u256([216, 0, 0, 0]), - u256([320, 0, 0, 0]), - u256([166, 0, 0, 0]), - u256([475, 0, 0, 0]), - u256([465, 0, 0, 0]), - u256([45, 0, 0, 0]), - u256([366, 0, 0, 0]), - u256([519, 0, 0, 0]), - u256([335, 0, 0, 0]), - u256([200, 0, 0, 0]), - u256([215, 0, 0, 0]), - u256([205, 0, 0, 0]), - u256([262, 0, 0, 0]), - u256([419, 0, 0, 0]), - u256([147, 0, 0, 0]), - u256([237, 0, 0, 0]), - u256([282, 0, 0, 0]), - u256([359, 0, 0, 0]), - u256([174, 0, 0, 0]), - u256([379, 0, 0, 0]), - u256([441, 0, 0, 0]), - u256([551, 0, 0, 0]), - u256([473, 0, 0, 0]), - u256([605, 0, 0, 0]), - u256([427, 0, 0, 0]), - u256([474, 0, 0, 0]), - u256([387, 0, 0, 0]), - u256([84, 0, 0, 0]), - u256([171, 0, 0, 0]), - u256([222, 0, 0, 0]), - u256([37, 0, 0, 0]), - u256([565, 0, 0, 0]), - u256([48, 0, 0, 0]), - u256([549, 0, 0, 0]), - u256([161, 0, 0, 0]), - u256([521, 0, 0, 0]), - u256([566, 0, 0, 0]), - u256([518, 0, 0, 0]), - u256([568, 0, 0, 0]), - u256([403, 0, 0, 0]), - u256([597, 0, 0, 0]), - u256([397, 0, 0, 0]), - u256([154, 0, 0, 0]), - u256([649, 0, 0, 0]), - u256([53, 0, 0, 0]), - u256([522, 0, 0, 0]), - u256([416, 0, 0, 0]), - u256([240, 0, 0, 0]), - u256([372, 0, 0, 0]), - u256([645, 0, 0, 0]), - u256([261, 0, 0, 0]), - u256([314, 0, 0, 0]), - u256([309, 0, 0, 0]), - u256([395, 0, 0, 0]), - u256([373, 0, 0, 0]), - u256([20, 0, 0, 0]), - u256([119, 0, 0, 0]), - u256([27, 0, 0, 0]), - u256([608, 0, 0, 0]), - u256([340, 0, 0, 0]), - u256([609, 0, 0, 0]), - u256([361, 0, 0, 0]), - u256([503, 0, 0, 0]), - u256([241, 0, 0, 0]), - u256([602, 0, 0, 0]), - u256([30, 0, 0, 0]), - u256([275, 0, 0, 0]), - u256([569, 0, 0, 0]), - u256([423, 0, 0, 0]), - u256([454, 0, 0, 0]), - u256([150, 0, 0, 0]), - u256([621, 0, 0, 0]), - u256([415, 0, 0, 0]), - u256([344, 0, 0, 0]), - u256([535, 0, 0, 0]), - u256([411, 0, 0, 0]), - u256([540, 0, 0, 0]), - u256([199, 0, 0, 0]), - u256([442, 0, 0, 0]), - u256([371, 0, 0, 0]), - u256([404, 0, 0, 0]), - u256([210, 0, 0, 0]), - u256([322, 0, 0, 0]), - u256([432, 0, 0, 0]), - u256([492, 0, 0, 0]), - u256([560, 0, 0, 0]), - u256([250, 0, 0, 0]), - u256([132, 0, 0, 0]), - u256([627, 0, 0, 0]), - u256([233, 0, 0, 0]), - u256([202, 0, 0, 0]), - u256([304, 0, 0, 0]), - u256([641, 0, 0, 0]), - u256([338, 0, 0, 0]), - u256([74, 0, 0, 0]), - u256([575, 0, 0, 0]), - u256([408, 0, 0, 0]), - u256([425, 0, 0, 0]), - u256([291, 0, 0, 0]), - u256([135, 0, 0, 0]), - u256([318, 0, 0, 0]), - u256([601, 0, 0, 0]), - u256([159, 0, 0, 0]), - u256([489, 0, 0, 0]), - u256([556, 0, 0, 0]), - u256([385, 0, 0, 0]), - u256([548, 0, 0, 0]), - u256([554, 0, 0, 0]), - u256([81, 0, 0, 0]), - u256([362, 0, 0, 0]), - u256([108, 0, 0, 0]), - u256([270, 0, 0, 0]), - u256([405, 0, 0, 0]), - u256([136, 0, 0, 0]), - u256([576, 0, 0, 0]), - u256([55, 0, 0, 0]), - u256([389, 0, 0, 0]), - u256([354, 0, 0, 0]), - u256([604, 0, 0, 0]), - u256([388, 0, 0, 0]), - u256([97, 0, 0, 0]), - u256([198, 0, 0, 0]), - u256([317, 0, 0, 0]), - u256([334, 0, 0, 0]), - u256([458, 0, 0, 0]), - u256([491, 0, 0, 0]), - u256([259, 0, 0, 0]), - u256([583, 0, 0, 0]), - u256([369, 0, 0, 0]), - u256([129, 0, 0, 0]), - u256([546, 0, 0, 0]), - u256([87, 0, 0, 0]), - u256([327, 0, 0, 0]), - u256([266, 0, 0, 0]), - u256([401, 0, 0, 0]), - u256([550, 0, 0, 0]), - u256([69, 0, 0, 0]), - u256([274, 0, 0, 0]), - u256([615, 0, 0, 0]), - u256([400, 0, 0, 0]), - u256([181, 0, 0, 0]), - u256([353, 0, 0, 0]), - u256([196, 0, 0, 0]), - u256([456, 0, 0, 0]), - u256([595, 0, 0, 0]), - u256([420, 0, 0, 0]), - u256([122, 0, 0, 0]), - u256([392, 0, 0, 0]), - u256([185, 0, 0, 0]), - u256([516, 0, 0, 0]), - u256([466, 0, 0, 0]), - u256([476, 0, 0, 0]), - u256([75, 0, 0, 0]), - u256([235, 0, 0, 0]), - u256([530, 0, 0, 0]), - u256([448, 0, 0, 0]), - u256([594, 0, 0, 0]), - u256([378, 0, 0, 0]), - u256([455, 0, 0, 0]), - u256([447, 0, 0, 0]), - u256([577, 0, 0, 0]), - u256([285, 0, 0, 0]), - u256([99, 0, 0, 0]), - u256([558, 0, 0, 0]), - u256([653, 0, 0, 0]), - u256([410, 0, 0, 0]), - u256([461, 0, 0, 0]), - u256([160, 0, 0, 0]), - u256([331, 0, 0, 0]), - u256([290, 0, 0, 0]), - u256([563, 0, 0, 0]), - u256([613, 0, 0, 0]), - u256([219, 0, 0, 0]), - u256([394, 0, 0, 0]), - u256([29, 0, 0, 0]), - u256([552, 0, 0, 0]), - u256([9, 0, 0, 0]), - u256([189, 0, 0, 0]), - u256([298, 0, 0, 0]), - u256([137, 0, 0, 0]), - u256([56, 0, 0, 0]), - u256([636, 0, 0, 0]), - u256([12, 0, 0, 0]), - u256([581, 0, 0, 0]), - u256([2, 0, 0, 0]), - u256([109, 0, 0, 0]), - u256([339, 0, 0, 0]), - u256([127, 0, 0, 0]), - u256([36, 0, 0, 0]), - u256([443, 0, 0, 0]), - u256([573, 0, 0, 0]), - u256([523, 0, 0, 0]), - u256([451, 0, 0, 0]), - u256([479, 0, 0, 0]), - u256([286, 0, 0, 0]), - u256([28, 0, 0, 0]), - u256([116, 0, 0, 0]), - u256([312, 0, 0, 0]), - u256([628, 0, 0, 0]), - u256([545, 0, 0, 0]), - u256([54, 0, 0, 0]), - u256([82, 0, 0, 0]), - u256([651, 0, 0, 0]), - u256([482, 0, 0, 0]), - u256([131, 0, 0, 0]), - u256([26, 0, 0, 0]), - u256([396, 0, 0, 0]), - u256([271, 0, 0, 0]), - u256([593, 0, 0, 0]), - u256([124, 0, 0, 0]), - u256([107, 0, 0, 0]), - u256([515, 0, 0, 0]), - u256([114, 0, 0, 0]), - u256([407, 0, 0, 0]), - u256([654, 0, 0, 0]), - u256([268, 0, 0, 0]), - u256([342, 0, 0, 0]), - u256([277, 0, 0, 0]), - u256([254, 0, 0, 0]), - u256([14, 0, 0, 0]), - u256([79, 0, 0, 0]), - u256([191, 0, 0, 0]), - u256([43, 0, 0, 0]), - u256([252, 0, 0, 0]), - u256([512, 0, 0, 0]), - u256([256, 0, 0, 0]), - u256([220, 0, 0, 0]), - u256([381, 0, 0, 0]), - u256([66, 0, 0, 0]), - u256([481, 0, 0, 0]), - u256([19, 0, 0, 0]), - u256([228, 0, 0, 0]), - u256([367, 0, 0, 0]), - u256([487, 0, 0, 0]), - u256([434, 0, 0, 0]), - u256([349, 0, 0, 0]), - u256([144, 0, 0, 0]), - u256([460, 0, 0, 0]), - u256([91, 0, 0, 0]), - u256([495, 0, 0, 0]), - u256([78, 0, 0, 0]), - u256([195, 0, 0, 0]), - u256([490, 0, 0, 0]), - u256([67, 0, 0, 0]), - u256([486, 0, 0, 0]), - u256([64, 0, 0, 0]), - u256([105, 0, 0, 0]), - u256([467, 0, 0, 0]), - u256([231, 0, 0, 0]), - u256([507, 0, 0, 0]), - u256([376, 0, 0, 0]), - u256([248, 0, 0, 0]), - u256([631, 0, 0, 0]), - u256([520, 0, 0, 0]), - u256([464, 0, 0, 0]), - u256([221, 0, 0, 0]), - u256([433, 0, 0, 0]), - u256([622, 0, 0, 0]), - u256([531, 0, 0, 0]), - u256([197, 0, 0, 0]), - u256([61, 0, 0, 0]), - u256([163, 0, 0, 0]), - u256([98, 0, 0, 0]), - u256([648, 0, 0, 0]), - u256([146, 0, 0, 0]), - u256([238, 0, 0, 0]), - u256([494, 0, 0, 0]), - u256([125, 0, 0, 0]), - u256([76, 0, 0, 0]), - u256([242, 0, 0, 0]), - u256([463, 0, 0, 0]), - u256([326, 0, 0, 0]), - u256([38, 0, 0, 0]), - u256([152, 0, 0, 0]), - u256([438, 0, 0, 0]), - u256([345, 0, 0, 0]), - u256([637, 0, 0, 0]), - u256([40, 0, 0, 0]), - u256([17, 0, 0, 0]), - u256([281, 0, 0, 0]), - u256([323, 0, 0, 0]), - u256([110, 0, 0, 0]), - u256([118, 0, 0, 0]), - u256([578, 0, 0, 0]), - u256([139, 0, 0, 0]), - u256([315, 0, 0, 0]), - u256([115, 0, 0, 0]), - u256([62, 0, 0, 0]), - u256([470, 0, 0, 0]), - u256([293, 0, 0, 0]), - u256([265, 0, 0, 0]), - u256([258, 0, 0, 0]), - u256([553, 0, 0, 0]), - u256([301, 0, 0, 0]), - u256([610, 0, 0, 0]), - u256([555, 0, 0, 0]), - u256([305, 0, 0, 0]), - u256([634, 0, 0, 0]), - u256([308, 0, 0, 0]), - u256([626, 0, 0, 0]), - u256([180, 0, 0, 0]), - u256([253, 0, 0, 0]), - u256([350, 0, 0, 0]), - u256([502, 0, 0, 0]), - u256([184, 0, 0, 0]), - u256([431, 0, 0, 0]), - u256([294, 0, 0, 0]), - u256([264, 0, 0, 0]), - u256([288, 0, 0, 0]), - u256([632, 0, 0, 0]), - u256([25, 0, 0, 0]), - u256([607, 0, 0, 0]), - u256([485, 0, 0, 0]), - u256([592, 0, 0, 0]), - u256([263, 0, 0, 0]), - u256([128, 0, 0, 0]), - u256([547, 0, 0, 0]), - u256([100, 0, 0, 0]), - u256([346, 0, 0, 0]), +pub const SBOX: [u16; 659] = [ + 15, 187, 186, 168, 493, 102, 296, 11, 164, 155, 527, 103, 192, 589, 543, + 450, 647, 72, 343, 386, 279, 616, 225, 140, 313, 586, 276, 57, 162, 68, + 179, 445, 418, 364, 46, 591, 541, 218, 0, 437, 618, 157, 657, 49, 120, 469, + 142, 325, 183, 123, 23, 468, 619, 217, 472, 226, 212, 406, 4, 499, 182, 51, + 141, 86, 596, 70, 149, 355, 351, 245, 52, 193, 311, 244, 375, 300, 399, + 590, 143, 24, 190, 517, 208, 539, 544, 236, 393, 34, 203, 60, 151, 243, + 542, 299, 368, 289, 272, 567, 280, 599, 625, 341, 462, 509, 153, 374, 213, + 477, 310, 347, 572, 71, 579, 158, 412, 587, 63, 172, 640, 173, 101, 439, 5, + 92, 501, 500, 330, 633, 630, 328, 488, 356, 89, 224, 383, 96, 643, 585, + 422, 41, 295, 642, 571, 247, 239, 600, 561, 319, 480, 570, 652, 134, 620, + 484, 525, 333, 177, 209, 8, 211, 402, 478, 574, 148, 365, 83, 635, 44, 646, + 204, 414, 413, 398, 449, 363, 588, 65, 617, 658, 126, 178, 536, 624, 201, + 513, 506, 384, 336, 382, 348, 223, 316, 629, 88, 18, 278, 287, 524, 257, + 421, 639, 424, 452, 511, 564, 538, 214, 514, 307, 31, 93, 471, 104, 528, + 234, 352, 255, 534, 580, 113, 360, 526, 614, 532, 603, 537, 1, 370, 121, + 430, 32, 417, 426, 391, 644, 358, 206, 3, 504, 13, 557, 444, 284, 584, 39, + 251, 176, 508, 94, 156, 33, 273, 496, 246, 321, 58, 21, 165, 638, 436, 10, + 145, 194, 498, 267, 292, 90, 497, 505, 510, 80, 435, 303, 42, 533, 529, + 453, 329, 428, 35, 337, 269, 229, 297, 85, 562, 440, 357, 95, 50, 559, 446, + 656, 606, 457, 459, 390, 59, 611, 306, 623, 188, 650, 582, 170, 249, 16, + 380, 230, 130, 169, 138, 612, 207, 227, 598, 47, 483, 73, 67, 106, 175, + 655, 22, 77, 133, 283, 377, 112, 232, 429, 117, 111, 332, 6, 324, 7, 409, + 302, 260, 216, 320, 166, 475, 465, 45, 366, 519, 335, 200, 215, 205, 262, + 419, 147, 237, 282, 359, 174, 379, 441, 551, 473, 605, 427, 474, 387, 84, + 171, 222, 37, 565, 48, 549, 161, 521, 566, 518, 568, 403, 597, 397, 154, + 649, 53, 522, 416, 240, 372, 645, 261, 314, 309, 395, 373, 20, 119, 27, + 608, 340, 609, 361, 503, 241, 602, 30, 275, 569, 423, 454, 150, 621, 415, + 344, 535, 411, 540, 199, 442, 371, 404, 210, 322, 432, 492, 560, 250, 132, + 627, 233, 202, 304, 641, 338, 74, 575, 408, 425, 291, 135, 318, 601, 159, + 489, 556, 385, 548, 554, 81, 362, 108, 270, 405, 136, 576, 55, 389, 354, + 604, 388, 97, 198, 317, 334, 458, 491, 259, 583, 369, 129, 546, 87, 327, + 266, 401, 550, 69, 274, 615, 400, 181, 353, 196, 456, 595, 420, 122, 392, + 185, 516, 466, 476, 75, 235, 530, 448, 594, 378, 455, 447, 577, 285, 99, + 558, 653, 410, 461, 160, 331, 290, 563, 613, 219, 394, 29, 552, 9, 189, + 298, 137, 56, 636, 12, 581, 2, 109, 339, 127, 36, 443, 573, 523, 451, 479, + 286, 28, 116, 312, 628, 545, 54, 82, 651, 482, 131, 26, 396, 271, 593, 124, + 107, 515, 114, 407, 654, 268, 342, 277, 254, 14, 79, 191, 43, 252, 512, + 256, 220, 381, 66, 481, 19, 228, 367, 487, 434, 349, 144, 460, 91, 495, 78, + 195, 490, 67, 486, 64, 105, 467, 231, 507, 376, 248, 631, 520, 464, 221, + 433, 622, 531, 197, 61, 163, 98, 648, 146, 238, 494, 125, 76, 242, 463, + 326, 38, 152, 438, 345, 637, 40, 17, 281, 323, 110, 118, 578, 139, 315, + 115, 62, 470, 293, 265, 258, 553, 301, 610, 555, 305, 634, 308, 626, 180, + 253, 350, 502, 184, 431, 294, 264, 288, 632, 25, 607, 485, 592, 263, 128, + 547, 100, 346, ]; /// Decomposition of -1 = [v_n, v_{n-1} ..., v_1], i.e. the representation of /// q-1 -pub const BLS_SCALAR_REAL: [u256; 27] = [ - u256([660, 0, 0, 0]), - u256([660, 0, 0, 0]), - u256([673, 0, 0, 0]), - u256([663, 0, 0, 0]), - u256([674, 0, 0, 0]), - u256([682, 0, 0, 0]), - u256([687, 0, 0, 0]), - u256([683, 0, 0, 0]), - u256([669, 0, 0, 0]), - u256([684, 0, 0, 0]), - u256([672, 0, 0, 0]), - u256([666, 0, 0, 0]), - u256([680, 0, 0, 0]), - u256([662, 0, 0, 0]), - u256([686, 0, 0, 0]), - u256([668, 0, 0, 0]), - u256([661, 0, 0, 0]), - u256([678, 0, 0, 0]), - u256([692, 0, 0, 0]), - u256([686, 0, 0, 0]), - u256([689, 0, 0, 0]), - u256([660, 0, 0, 0]), - u256([690, 0, 0, 0]), - u256([687, 0, 0, 0]), - u256([683, 0, 0, 0]), - u256([674, 0, 0, 0]), - u256([678, 0, 0, 0]), +pub const BLS_SCALAR_REAL: [u16; 27] = [ + 660, 660, 673, 663, 674, 682, 687, 683, 669, 684, 672, 666, 680, 662, 686, + 668, 661, 678, 692, 686, 689, 660, 690, 687, 683, 674, 678, ]; /// decomposition = [s_n, s_{n-1} ..., s_1] diff --git a/src/plonkup/table/lookup_table.rs b/src/plonkup/table/lookup_table.rs index cbbc2deb..2574ae47 100644 --- a/src/plonkup/table/lookup_table.rs +++ b/src/plonkup/table/lookup_table.rs @@ -7,211 +7,12 @@ //! Structs and functions for LookupTables //! Denoted as 't' in Plonkup paper. -use super::hash_tables::constants::{ - BLS_SCALAR_REAL, DECOMPOSITION_S_I, SBOX_U256, -}; +use super::hash_tables::constants::{BLS_SCALAR_REAL, DECOMPOSITION_S_I, SBOX}; use crate::error::Error; use crate::plonkup::MultiSet; use crate::prelude::BlsScalar; use alloc::vec::Vec; -/// For the implemenation of look up tables in PLONK, aptly named Plonkup -/// tables, there will be different fucntions depending on the type of table -/// that needs to be constructed. All tables entries envisioned will be with -/// different arity. Meaning each of the wires will correspond to a column. -/// -/// If the standard composer calls a plonkup gate, then the user will define -/// the length of the gate, measured in circuit size. - -/// This struct is a table, contaning a vector, -/// of arity 3 where each of the values is a -/// BlsScalar. The elements of the table are -/// determined by the function g for -/// g(x,y), used to compute tuples. -/// -/// This struct will be used to determine -/// the outputs of gates within arithmetic -/// circuits. -#[derive(Clone, Eq, PartialEq, Debug)] -pub struct PlonkupTable3Arity(Vec<[BlsScalar; 3]>); - -impl PlonkupTable3Arity { - /// Constructs a Lookup table of four columns corresponding to - /// vectors of witness values, a,b c, and d. The function - /// takes in a chosen number of 2^n values for the first column, - /// containing values of a. Then builds the combinations with b - /// and results them, modular the n, to construct c. - /// - /// The domain of the table is defined by the user. By default, it - /// will be 0 -> domain input. However, for checks within certain - /// ranges, the user will be able to specify values to and from. - /// The inputted domain size will apply only to the first column - /// and the corresponding columns will be filled in and an assertion - /// that they are equal in length will be given. - /// - /// XXX: Decide what use cases the 4th wire requires - /// - /// Function takes in two different usize numbers and checks the range - /// between them, as well as computing the value of their additions. - /// These numbers require exponentiation outside, for the lower bound, - /// otherwise the range cannot start from zero, as 2^0 = 1. - pub fn add_table(lower_bound: u64, n: u8) -> Self { - let upper_bound = 2u64.pow(n.into()); - - let range = lower_bound..upper_bound; - - let cap = ((upper_bound - lower_bound) * upper_bound) as usize; - - let mut table: Vec<[BlsScalar; 3]> = Vec::with_capacity(cap); - - for a in range.clone() { - range - .clone() - .map(|b| { - let c = (a + b) % upper_bound; - [BlsScalar::from(a), BlsScalar::from(b), BlsScalar::from(c)] - }) - .for_each(|row| { - table.push(row); - }); - } - - PlonkupTable3Arity(table) - } - - /// Function takes in two different usize numbers and checks the range - /// between them, as well as computing the value of their XOR operation. - /// These numbers require exponentiation outside, for the lower bound, - /// otherwise the range cannot start from zero, as 2^0 = 1. - pub fn xor_table(lower_bound: u64, n: u8) -> Self { - let upper_bound = 2u64.pow(n.into()); - - let range = lower_bound..upper_bound; - - let cap = ((upper_bound - lower_bound) * upper_bound) as usize; - - let mut table: Vec<[BlsScalar; 3]> = Vec::with_capacity(cap); - - for a in range.clone() { - range - .clone() - .map(|b| { - let c = (a ^ b) % upper_bound; - [BlsScalar::from(a), BlsScalar::from(b), BlsScalar::from(c)] - }) - .for_each(|row| { - table.push(row); - }); - } - - PlonkupTable3Arity(table) - } - - /// Function takes in two different usize numbers and checks the range - /// between them, as well as computing the value of their product. - /// These numbers require exponentiation outside, for the lower bound, - /// otherwise the range cannot start from zero, as 2^0 = 1. - pub fn mul_table(lower_bound: u64, n: u8) -> Self { - let upper_bound = 2u64.pow(n.into()); - - let range = lower_bound..upper_bound; - - let cap = ((upper_bound - lower_bound) * upper_bound) as usize; - - let mut table: Vec<[BlsScalar; 3]> = Vec::with_capacity(cap); - - for a in range.clone() { - range - .clone() - .map(|b| { - let c = (a * b) % upper_bound; - [BlsScalar::from(a), BlsScalar::from(b), BlsScalar::from(c)] - }) - .for_each(|row| { - table.push(row); - }); - } - - PlonkupTable3Arity(table) - } - - // Function takes in two different usize numbers and checks the range - /// between them, as well as computing the value of their AND bitwise - /// operation. These numbers require exponentiation outside, for the lower - /// bound, otherwise the range cannot start from zero, as 2^0 = 1. - pub fn and_table(lower_bound: u64, n: u8) -> Self { - let upper_bound = 2u64.pow(n.into()); - - let range = lower_bound..upper_bound; - - let cap = ((upper_bound - lower_bound) * upper_bound) as usize; - - let mut table: Vec<[BlsScalar; 3]> = Vec::with_capacity(cap); - - for a in range.clone() { - range - .clone() - .map(|b| { - let c = (a & b) % upper_bound; - [BlsScalar::from(a), BlsScalar::from(b), BlsScalar::from(c)] - }) - .for_each(|row| { - table.push(row); - }); - } - - PlonkupTable3Arity(table) - } - - /// Function that generates the S-box used in reinforced concrete - pub fn s_box_table() -> Self { - let mut s_box = Vec::with_capacity(659); - (0..659).for_each(|k| { - s_box.push([ - BlsScalar([k, 0, 0, 0]), - BlsScalar([k, 0, 0, 0]), - BlsScalar(SBOX_U256[k as usize].0), - ]); - }); - - PlonkupTable3Arity(s_box) - } - - /// Takes in a table, which is a list of vectors containing - /// 3 elements, and turns them into 3 distinct multisets for - /// a, b and c. - pub fn vec_to_multiset(&self) -> (MultiSet, MultiSet, MultiSet) { - let mut multiset_a = MultiSet::new(); - let mut multiset_b = MultiSet::new(); - let mut multiset_c = MultiSet::new(); - - self.0.iter().for_each(|row| { - multiset_a.push(row[0]); - multiset_b.push(row[1]); - multiset_c.push(row[2]); - }); - - (multiset_a, multiset_b, multiset_c) - } - - /// Attempts to find an output value, given two input values, by querying - /// the lookup table. If the element does not exist, it will return an - /// error. - pub fn lookup( - &self, - a: BlsScalar, - b: BlsScalar, - ) -> Result { - let pos = self - .0 - .iter() - .position(|row| row[0] == a && row[1] == b) - .ok_or(Error::ElementNotIndexed)?; - - Ok(self.0[pos][2]) - } -} - /// This struct is a table, contaning a vector, /// of arity 4 where each of the values is a /// BlsScalar. The elements of the table are @@ -222,18 +23,18 @@ impl PlonkupTable3Arity { /// the outputs of gates within arithmetic /// circuits. #[derive(Clone, Eq, PartialEq, Debug)] -pub struct PlonkupTable4Arity(pub Vec<[BlsScalar; 4]>); +pub struct LookupTable(pub Vec<[BlsScalar; 4]>); -impl Default for PlonkupTable4Arity { +impl Default for LookupTable { fn default() -> Self { - PlonkupTable4Arity::new() + LookupTable::new() } } -impl PlonkupTable4Arity { +impl LookupTable { /// Create a new, empty Plonkup table, with arity 4. pub fn new() -> Self { - PlonkupTable4Arity(vec![]) + LookupTable(vec![]) } /// Insert a new row for an addition operation. @@ -523,7 +324,7 @@ impl PlonkupTable4Arity { // Build the permutation part of the table (the top section) for k in 0..659 { let first = BlsScalar::from(k); - let third = BlsScalar::from_raw(SBOX_U256[k as usize].0); + let third = BlsScalar::from_raw([SBOX[k as usize] as u64, 0, 0, 0]); table.push([first, BlsScalar::zero(), third, BlsScalar::one()]); } // Build the remaining 27 sections that range from p' to s_i (except @@ -532,12 +333,12 @@ impl PlonkupTable4Arity { // The rev denotes that it is inverted, so s_rev_26 will actually be // s_1 (i.e. i = 27-k) let s_rev_k = DECOMPOSITION_S_I[k].0[0]; - let v_rev_k = BLS_SCALAR_REAL[k].as_u64(); + let v_rev_k = BLS_SCALAR_REAL[k] as u64; // If i=1, then we go to v_1 and not s_1 if k == 26 { // v_1 = 678 for j in 659..(v_rev_k + 1) { - let first = BlsScalar::from(j); + let first = BlsScalar::from(j as u64); // Fourth column is 1, unless j=v_i, in which case it is 0 let fourth = if j == v_rev_k { @@ -569,7 +370,7 @@ impl PlonkupTable4Arity { } } - PlonkupTable4Arity(table) + LookupTable(table) } } @@ -581,7 +382,11 @@ mod test { fn test_add_table() { let n = 4; - let table = PlonkupTable3Arity::add_table(0, n); + let table = { + let mut table = LookupTable::default(); + table.insert_multi_add(0, n); + table + }; // Create an identical matrix, but with std numbers. // This way, we can also do the modulo operation, and properly @@ -606,7 +411,11 @@ mod test { fn test_xor_table() { let n = 4; - let table = PlonkupTable3Arity::xor_table(0, n); + let table = { + let mut table = LookupTable::default(); + table.insert_multi_xor(0, n); + table + }; // println!("{:?}", table); let mut i = 0; @@ -629,7 +438,11 @@ mod test { fn test_mul_table() { let n = 4; - let table = PlonkupTable3Arity::mul_table(0, n); + let table = { + let mut table = LookupTable::default(); + table.insert_multi_mul(0, n); + table + }; // println!("{:?}", table); let mut i = 0; @@ -649,40 +462,53 @@ mod test { } #[test] - fn test_lookup_arity_3() { - let add_table = PlonkupTable3Arity::add_table(0, 3); + fn test_lookup() { + let add_table = { + let mut table = LookupTable::default(); + table.insert_multi_add(0, 3); + table + }; assert!(add_table - .lookup(BlsScalar::from(2), BlsScalar::from(3)) + .lookup(BlsScalar::from(2), BlsScalar::from(3), BlsScalar::zero()) .is_ok()); - let output = add_table.0[1][0] + add_table.0[1][1]; + let output = add_table.0[1][0] + add_table.0[1][1] + add_table.0[1][2]; // TODO are we sure this is right - assert_eq!(output, BlsScalar::one()); + assert_eq!(output, BlsScalar::from(2)); - let second_output = add_table.0[12][0] + add_table.0[12][1]; + let second_output = + add_table.0[12][0] + add_table.0[12][1] + add_table.0[12][2]; // TODO are we sure this is right - assert_eq!(second_output, BlsScalar::from(5)); + assert_eq!(second_output, BlsScalar::from(10)); } #[test] fn test_missing_lookup_value() { - let xor_table = PlonkupTable3Arity::xor_table(0, 5); + let xor_table = { + let mut table = LookupTable::default(); + table.insert_multi_xor(0, 5); + table + }; assert!(xor_table - .lookup(BlsScalar::from(17), BlsScalar::from(367)) + .lookup( + BlsScalar::from(17), + BlsScalar::from(367), + BlsScalar::from(1) + ) .is_err()); } #[test] fn test_concatenated_table() { - let mut table = PlonkupTable4Arity::new(); + let mut table = LookupTable::new(); table.insert_multi_xor(0, 5); table.insert_multi_add(4, 7); assert_eq!(table.0.last().unwrap()[2], BlsScalar::from(126u64)); - let xor = table.0[36][0] ^ table.0[36][1]; - assert_eq!(xor, BlsScalar::from(5u64)); + let xor = table.0[36][0] ^ table.0[36][1] ^ table.0[36][2]; + assert_eq!(xor, BlsScalar::zero()); } } diff --git a/src/plonkup/table/preprocess.rs b/src/plonkup/table/preprocess.rs index 180be14d..7ab3564f 100644 --- a/src/plonkup/table/preprocess.rs +++ b/src/plonkup/table/preprocess.rs @@ -7,78 +7,14 @@ use crate::commitment_scheme::{CommitKey, Commitment}; use crate::error::Error; use crate::fft::{EvaluationDomain, Polynomial}; -use crate::plonkup::{MultiSet, PlonkupTable3Arity, PlonkupTable4Arity}; - -/// This table will be the preprocessed version of the -/// precomputed table, T, of arity 3. This structure is -/// passed to the proof alongside the table of witness values. -#[derive(Clone, Eq, PartialEq, Debug)] -pub struct PreprocessedTable3Arity { - /// Circuit size - pub n: u32, - /// This is the first column in the preprocessed - /// table containing a MultiSet, Commitments to the - /// MultiSet and the coefficients as a Polynomial - pub(crate) t_1: (MultiSet, Commitment, Polynomial), - - /// This is the second column in the preprocessed - /// table containing a MultiSet, Commitments to the - /// MultiSet and the coefficients as a Polynomial - pub(crate) t_2: (MultiSet, Commitment, Polynomial), - - /// This is the third column in the preprocessed - /// table containing a MultiSet, Commitments to the - /// MultiSet and the coefficients as a Polynomial - pub(crate) t_3: (MultiSet, Commitment, Polynomial), -} - -impl PreprocessedTable3Arity { - /// This function takes in a precomputed look up table and - /// pads it to the length of the circuit entries, as a power - /// of 2. The function then interpolates a polynomial from the - /// padded table and makes a commitment to the poly. The - /// outputted struct will be used in the proof alongside our - /// circuit witness table. - pub fn preprocess( - table: PlonkupTable3Arity, - commit_key: &CommitKey, - n: u32, - ) -> Result { - let domain: EvaluationDomain = - EvaluationDomain::new(n as usize).unwrap(); - - let columned_table = table.vec_to_multiset(); - let mut t_1 = columned_table.0; - let mut t_2 = columned_table.1; - let mut t_3 = columned_table.2; - - t_1.pad(n); - t_2.pad(n); - t_3.pad(n); - - let t_1_poly = t_1.to_polynomial(&domain); - let t_2_poly = t_2.to_polynomial(&domain); - let t_3_poly = t_3.to_polynomial(&domain); - - let t_1_commit = commit_key.commit(&t_1_poly)?; - let t_2_commit = commit_key.commit(&t_2_poly)?; - let t_3_commit = commit_key.commit(&t_3_poly)?; - - Ok(PreprocessedTable3Arity { - n, - t_1: (t_1, t_1_commit, t_1_poly), - t_2: (t_2, t_2_commit, t_2_poly), - t_3: (t_3, t_3_commit, t_3_poly), - }) - } -} +use crate::plonkup::{LookupTable, MultiSet}; /// This table will be the preprocessed version of the /// precomputed table, T, with arity 4. This structure /// is passed to the proof alongside the table of witness /// values. #[derive(Clone, Eq, PartialEq, Debug)] -pub struct PreprocessedTable4Arity { +pub struct PreprocessedLookupTable { /// This is the circuit size pub n: u32, @@ -103,7 +39,7 @@ pub struct PreprocessedTable4Arity { pub(crate) t_4: (MultiSet, Commitment, Polynomial), } -impl PreprocessedTable4Arity { +impl PreprocessedLookupTable { /// This function takes in a precomputed look up table and /// pads it to the length of the circuit entries, as a power /// of 2. The function then interpolates a polynomial from the @@ -111,7 +47,7 @@ impl PreprocessedTable4Arity { /// outputted struct will be used in the proof alongside our /// circuit witness table. pub fn preprocess( - table: &PlonkupTable4Arity, + table: &LookupTable, commit_key: &CommitKey, n: u32, ) -> Result { @@ -139,7 +75,7 @@ impl PreprocessedTable4Arity { let t_3_commit = commit_key.commit(&t_3_poly)?; let t_4_commit = commit_key.commit(&t_4_poly)?; - Ok(PreprocessedTable4Arity { + Ok(PreprocessedLookupTable { n, t_1: (t_1, t_1_commit, t_1_poly), t_2: (t_2, t_2_commit, t_2_poly), diff --git a/src/plonkup/table/witness_table.rs b/src/plonkup/table/witness_table.rs index 89607fc7..dc271d9b 100644 --- a/src/plonkup/table/witness_table.rs +++ b/src/plonkup/table/witness_table.rs @@ -5,42 +5,15 @@ // Copyright (c) DUSK NETWORK. All rights reserved. use crate::error::Error; +use crate::plonkup::LookupTable; use crate::plonkup::MultiSet; -use crate::plonkup::{PlonkupTable3Arity, PlonkupTable4Arity}; use dusk_bls12_381::BlsScalar; /// This witness table contains quieries /// to a lookup table for lookup gates /// This table is of arity 3. #[derive(Clone, Eq, PartialEq, Debug)] -pub struct WitnessTable3Arity { - /// This column represents the - /// first values inside the lookup - /// table. At gate checks, this - /// can be regarded as the first - /// wire - pub f_1: MultiSet, - - /// This column represents the - /// first values inside the lookup - /// table. At gate checks, this - /// can be regarded as the second - /// wire - pub f_2: MultiSet, - - /// This column represents the - /// first values inside the lookup - /// table. At gate checks, this - /// can be regarded as the third - /// wire - pub f_3: MultiSet, -} - -/// This witness table contains quieries -/// to a lookup table for lookup gates -/// This table is of arity 3. -#[derive(Clone, Eq, PartialEq, Debug)] -pub struct WitnessTable4Arity { +pub struct WitnessTable { /// This column represents the /// first values inside the lookup /// table. At gate checks, this @@ -70,63 +43,16 @@ pub struct WitnessTable4Arity { pub f_4: MultiSet, } -impl Default for WitnessTable3Arity { - fn default() -> Self { - WitnessTable3Arity::new() - } -} - -impl WitnessTable3Arity { - /// Initialises an empty witness table of arity 4 - pub fn new() -> Self { - WitnessTable3Arity { - f_1: MultiSet::new(), - f_2: MultiSet::new(), - f_3: MultiSet::new(), - } - } - /// This allows the witness table to be filled directly without - /// taking any vaules, or the the results, from the lookup table. - /// If the values do no exists in the lookup table, then the proof - /// will fail when witness and preprocessed tables are concatenated. - pub fn from_wire_values( - &mut self, - left_wire_val: BlsScalar, - right_wire_val: BlsScalar, - output_wire_val: BlsScalar, - ) { - self.f_1.push(left_wire_val); - self.f_2.push(right_wire_val); - self.f_3.push(output_wire_val); - } - - /// Attempts to look up a value from a lookup table. If successful, all - /// three elements are pushed to their respective multisets. - pub fn value_from_table( - &mut self, - lookup_table: &PlonkupTable3Arity, - left_wire_val: BlsScalar, - right_wire_val: BlsScalar, - ) -> Result<(), Error> { - let output_wire_val = - lookup_table.lookup(left_wire_val, right_wire_val)?; - self.f_1.push(left_wire_val); - self.f_2.push(right_wire_val); - self.f_3.push(output_wire_val); - Ok(()) - } -} - -impl Default for WitnessTable4Arity { +impl Default for WitnessTable { fn default() -> Self { - WitnessTable4Arity::new() + WitnessTable::new() } } -impl WitnessTable4Arity { +impl WitnessTable { /// Initialses empty witness table of arity 4 pub fn new() -> Self { - WitnessTable4Arity { + WitnessTable { f_1: MultiSet::new(), f_2: MultiSet::new(), f_3: MultiSet::new(), @@ -154,7 +80,7 @@ impl WitnessTable4Arity { /// elements are pushed to their respective multisets. pub fn value_from_table( &mut self, - lookup_table: &PlonkupTable4Arity, + lookup_table: &LookupTable, left_wire_val: BlsScalar, right_wire_val: BlsScalar, fourth_wire_val: BlsScalar, @@ -174,39 +100,12 @@ impl WitnessTable4Arity { #[cfg(test)] mod test { use super::*; - use crate::plonkup::{PlonkupTable3Arity, PlonkupTable4Arity}; - - #[test] - fn test_lookup_fuctionality_arity3() { - // Build lookup table - let lookup_table = PlonkupTable3Arity::xor_table(0, 3); - - // Instantiate empty multisets of wire values in witness table - let mut f = WitnessTable3Arity::new(); - - // Read values from lookup table and insert into witness table - assert!(f - .value_from_table( - &lookup_table, - BlsScalar::from(2), - BlsScalar::from(5) - ) - .is_ok()); - - // Check that non existent elements cause a failure - assert!(f - .value_from_table( - &lookup_table, - BlsScalar::from(25), - BlsScalar::from(5) - ) - .is_err()); - } + use crate::plonkup::LookupTable; #[test] - fn test_lookup_fuctionality_arity4() { + fn test_lookup() { // Build empty lookup tables - let mut lookup_table = PlonkupTable4Arity::new(); + let mut lookup_table = LookupTable::new(); // Add a consecutive set of tables, with // XOR operationd and addition operations @@ -214,7 +113,7 @@ mod test { lookup_table.insert_multi_add(2, 3); // Build empty witness table - let mut f = WitnessTable4Arity::new(); + let mut f = WitnessTable::new(); // Check for output of wires within lookup table and // if they exist input them to the witness table diff --git a/src/proof_system/preprocess.rs b/src/proof_system/preprocess.rs index caadc103..c87f2de9 100644 --- a/src/proof_system/preprocess.rs +++ b/src/proof_system/preprocess.rs @@ -8,7 +8,7 @@ use crate::commitment_scheme::CommitKey; use crate::constraint_system::TurboComposer; -use crate::plonkup::PreprocessedTable4Arity; +use crate::plonkup::PreprocessedLookupTable; use crate::error::Error; use crate::fft::{EvaluationDomain, Evaluations, Polynomial}; @@ -318,7 +318,7 @@ impl TurboComposer { ( widget::VerifierKey, SelectorPolynomials, - PreprocessedTable4Arity, + PreprocessedLookupTable, EvaluationDomain, ), Error, @@ -393,7 +393,7 @@ impl TurboComposer { let fourth_sigma_poly_commit = commit_key.commit(&fourth_sigma_poly)?; // Preprocess the lookup table - let preprocessed_table = PreprocessedTable4Arity::preprocess( + let preprocessed_table = PreprocessedLookupTable::preprocess( &self.lookup_table, commit_key, domain.size() as u32,