refactor to WordLoHi

zkevm-circuits/src/evm_circuit/execution/error_oog_precompile.rs

@@ -65,7 +65,7 @@ impl<F: Field> ExecutionGadget<F> for ErrorOOGPrecompileGadget<F> {
         // calculate required gas for precompile
         let precompiles_required_gas = [
             (
-                addr_bits.value_equals(PrecompileCalls::ECRecover),
+                addr_bits.value_equals(PrecompileCalls::Ecrecover),
                 GasCost::PRECOMPILE_ECRECOVER_BASE.expr(),
             ),
             // addr_bits.value_equals(PrecompileCalls::Sha256),

zkevm-circuits/src/evm_circuit/execution/precompiles/ecrecover.rs

@@ -17,7 +17,7 @@ use crate::{
         },
     },
     table::CallContextFieldTag,
-    util::word::{Word, Word32Cell, WordCell, WordExpr, WordLimbs},
+    util::word::{Word32Cell, WordExpr, WordLimbs, WordLoHi, WordLoHiCell},
     witness::{Block, Call, ExecStep, Transaction},
 };
 
@@ -32,7 +32,7 @@ pub struct EcrecoverGadget<F> {
     msg_hash_mod: ModGadget<F>,
     sig_r: Word32Cell<F>,
     sig_s: Word32Cell<F>,
-    sig_v: WordCell<F>,
+    sig_v: WordLoHiCell<F>,
 
     sig_r_canonical: LtWordGadget<F>,
     sig_s_canonical: LtWordGadget<F>,
@@ -119,7 +119,7 @@ impl<F: Field> ExecutionGadget<F> for EcrecoverGadget<F> {
                 select::expr(is_recovered.expr(), 32.expr(), 0.expr()),
             ),
         ] {
-            cb.call_context_lookup_read(None, field_tag, Word::from_lo_unchecked(value));
+            cb.call_context_lookup_read(None, field_tag, WordLoHi::from_lo_unchecked(value));
         }
 
         let gas_cost = select::expr(

zkevm-circuits/src/evm_circuit/table.rs

@@ -362,10 +362,10 @@ pub(crate) enum Lookup<F> {
         exponentiation_lo_hi: [Expression<F>; 2],
     },
     SigTable {
-        msg_hash: Word<Expression<F>>,
+        msg_hash: WordLoHi<Expression<F>>,
         sig_v: Expression<F>,
-        sig_r: Word<Expression<F>>,
-        sig_s: Word<Expression<F>>,
+        sig_r: WordLoHi<Expression<F>>,
+        sig_s: WordLoHi<Expression<F>>,
         recovered_addr: Expression<F>,
         is_valid: Expression<F>,
     },

zkevm-circuits/src/evm_circuit/util/constraint_builder.rs

@@ -1493,10 +1493,10 @@ impl<'a, F: Field> EVMConstraintBuilder<'a, F> {
     /// Sig Table
     pub(crate) fn sig_table_lookup(
         &mut self,
-        msg_hash: Word<Expression<F>>,
+        msg_hash: WordLoHi<Expression<F>>,
         sig_v: Expression<F>,
-        sig_r: Word<Expression<F>>,
-        sig_s: Word<Expression<F>>,
+        sig_r: WordLoHi<Expression<F>>,
+        sig_s: WordLoHi<Expression<F>>,
         recovered_addr: Expression<F>,
         is_valid: Expression<F>,
     ) {

zkevm-circuits/src/sig_circuit.rs

@@ -23,7 +23,7 @@ use crate::{
         utils::{calc_required_advices, FpChip},
     },
     table::{KeccakTable, SigTable},
-    util::{word::Word, Challenges, Expr, SubCircuit, SubCircuitConfig},
+    util::{word::WordLoHi, Challenges, Expr, SubCircuit, SubCircuitConfig},
 };
 use eth_types::{
     self,
@@ -428,7 +428,7 @@ impl<F: Field + halo2_base::utils::ScalarField> SigCircuit<F> {
         offset: usize,
         is_address_zero: &AssignedValue<F>,
         pk_rlc: &AssignedValue<F>,
-        pk_hash: &Word<AssignedValue<F>>,
+        pk_hash: &WordLoHi<AssignedValue<F>>,
     ) -> Result<(), Error> {
         log::trace!("keccak lookup");
 
@@ -674,7 +674,7 @@ impl<F: Field + halo2_base::utils::ScalarField> SigCircuit<F> {
                 word_lo_hi_powers.clone(),
             );
 
-            Word::new([msg_hash_cell_lo, msg_hash_cell_hi])
+            WordLoHi::new([msg_hash_cell_lo, msg_hash_cell_hi])
         };
 
         log::trace!(
@@ -711,7 +711,7 @@ impl<F: Field + halo2_base::utils::ScalarField> SigCircuit<F> {
                 word_lo_hi_powers.clone(),
             );
 
-            Word::new([pk_hash_cell_lo, pk_hash_cell_hi])
+            WordLoHi::new([pk_hash_cell_lo, pk_hash_cell_hi])
         };
 
         // step 4: r,s
@@ -730,7 +730,7 @@ impl<F: Field + halo2_base::utils::ScalarField> SigCircuit<F> {
                 word_lo_hi_powers.clone(),
             );
 
-            Word::new([r_cell_lo, r_cell_hi])
+            WordLoHi::new([r_cell_lo, r_cell_hi])
         };
         let s_cells = {
             let s_lo_cell_bytes = &sign_data_decomposed.s_cells[..16];
@@ -747,7 +747,7 @@ impl<F: Field + halo2_base::utils::ScalarField> SigCircuit<F> {
                 word_lo_hi_powers,
             );
 
-            Word::new([s_cell_lo, s_cell_hi])
+            WordLoHi::new([s_cell_lo, s_cell_hi])
         };
 
         log::trace!(
@@ -884,7 +884,7 @@ impl<F: Field + halo2_base::utils::ScalarField> SigCircuit<F> {
                         offset,
                         is_address_zero,
                         pk_rlc,
-                        &Word::new([*pk_hash_lo, *pk_hash_hi]),
+                        &WordLoHi::new([*pk_hash_lo, *pk_hash_hi]),
                     )?;
                 }
 

zkevm-circuits/src/sig_circuit/utils.rs

@@ -7,7 +7,7 @@ use halo2_ecc::{
 };
 use halo2_proofs::halo2curves::secp256k1::{Fp, Fq};
 
-use crate::util::word::Word;
+use crate::util::word::WordLoHi;
 
 // Hard coded parameters.
 // TODO: allow for a configurable param.
@@ -96,9 +96,9 @@ pub(crate) struct AssignedSignatureVerify<F: Field + halo2_base::utils::ScalarFi
     pub(crate) address: AssignedValue<F>,
     // pub(crate) msg_len: usize,
     // pub(crate) msg_rlc: Value<F>,
-    pub(crate) msg_hash: Word<AssignedValue<F>>,
-    pub(crate) r: Word<AssignedValue<F>>,
-    pub(crate) s: Word<AssignedValue<F>>,
+    pub(crate) msg_hash: WordLoHi<AssignedValue<F>>,
+    pub(crate) r: WordLoHi<AssignedValue<F>>,
+    pub(crate) s: WordLoHi<AssignedValue<F>>,
     pub(crate) v: AssignedValue<F>,
     pub(crate) sig_is_valid: AssignedValue<F>,
 }

zkevm-circuits/src/table/sig_table.rs

@@ -8,11 +8,11 @@ pub struct SigTable {
     /// Indicates whether or not the gates are enabled on the current row.
     pub q_enable: Column<Fixed>,
     /// Keccak256 hash of the message that's signed.
-    pub msg_hash: Word<Column<Advice>>,
+    pub msg_hash: WordLoHi<Column<Advice>>,
     /// signature's `r` component.
-    pub sig_r: Word<Column<Advice>>,
+    pub sig_r: WordLoHi<Column<Advice>>,
     /// signature's `s` component.
-    pub sig_s: Word<Column<Advice>>,
+    pub sig_s: WordLoHi<Column<Advice>>,
     /// should be in range [0, 1]
     pub sig_v: Column<Advice>,
     /// The recovered address, i.e. the 20-bytes address that must have signed the message.
@@ -26,9 +26,9 @@ impl SigTable {
     pub fn construct<F: Field>(meta: &mut ConstraintSystem<F>) -> Self {
         Self {
             q_enable: meta.fixed_column(),
-            msg_hash: Word::new([meta.advice_column(), meta.advice_column()]),
-            sig_r: Word::new([meta.advice_column(), meta.advice_column()]),
-            sig_s: Word::new([meta.advice_column(), meta.advice_column()]),
+            msg_hash: WordLoHi::new([meta.advice_column(), meta.advice_column()]),
+            sig_r: WordLoHi::new([meta.advice_column(), meta.advice_column()]),
+            sig_s: WordLoHi::new([meta.advice_column(), meta.advice_column()]),
             sig_v: meta.advice_column(),
             recovered_addr: meta.advice_column(),
             is_valid: meta.advice_column(),
@@ -48,11 +48,11 @@ impl SigTable {
 
                 for (offset, sign_data) in signatures.iter().enumerate() {
                     let msg_hash =
-                        Word::from(U256::from(sign_data.msg_hash.to_bytes())).into_value();
+                        WordLoHi::from(U256::from(sign_data.msg_hash.to_bytes())).into_value();
                     let sig_r =
-                        Word::from(U256::from(sign_data.signature.0.to_bytes())).into_value();
+                        WordLoHi::from(U256::from(sign_data.signature.0.to_bytes())).into_value();
                     let sig_s =
-                        Word::from(U256::from(sign_data.signature.1.to_bytes())).into_value();
+                        WordLoHi::from(U256::from(sign_data.signature.1.to_bytes())).into_value();
                     let sig_v = Value::known(F::from(sign_data.signature.2 as u64));
                     let recovered_addr = Value::known(sign_data.get_addr().to_scalar().unwrap());
                     region.assign_fixed(