[WIP] Add Sinsemilla test

zcash · Mar 30, 2021 · 0166722 · 0166722
1 parent 991d459
commit 0166722
Showing 1 changed file with 91 additions and 0 deletions.
diff --git a/src/circuit/gadget/sinsemilla.rs b/src/circuit/gadget/sinsemilla.rs
@@ -61,3 +61,94 @@ pub trait SinsemillaInstructions<C: CurveAffine>: Chip<Field = C::Base> {
         Self::commit(domain_prefix, msg, r).map(|point| Self::extract(&point))
     }
 }
+
+// #[test]
+fn test_sinsemilla() {
+    use crate::primitives::sinsemilla::HashDomain;
+    use group::Curve;
+    use halo2::{
+        arithmetic::CurveAffine,
+        circuit::layouter::SingleChip,
+        pasta::{EpAffine, EqAffine},
+        plonk::*,
+        poly::commitment::Params,
+        transcript::{Blake2bRead, Blake2bWrite},
+    };
+    use std::marker::PhantomData;
+
+    /// This represents an advice column at a certain row in the ConstraintSystem
+    #[derive(Copy, Clone, Debug)]
+    pub struct Variable(Column<Advice>, usize);
+
+    struct MyCircuit<C: CurveAffine> {
+        message: Vec<bool>,
+        _marker_c: PhantomData<C>,
+    }
+
+    impl<C: CurveAffine> Circuit<C::Base> for MyCircuit<C> {
+        type Config = SinsemillaConfig;
+
+        fn configure(meta: &mut ConstraintSystem<C::Base>) -> Self::Config {
+            let columns = SinsemillaColumns::new(
+                meta.fixed_column(),
+                meta.advice_column(),
+                meta.advice_column(),
+                meta.advice_column(),
+                meta.advice_column(),
+                meta.advice_column(),
+            );
+
+            SinsemillaChip::<C>::configure(meta, columns)
+        }
+
+        fn synthesize(
+            &self,
+            cs: &mut impl Assignment<C::Base>,
+            config: Self::Config,
+        ) -> Result<(), Error> {
+            let mut layouter = SingleChip::new(cs, config)?;
+            let point =
+                SinsemillaChip::<C>::hash_to_point(&mut layouter, &"prefix", self.message.clone())?;
+
+            // Check against implementation in crate::primitives::sinsemilla
+            let point_ref = HashDomain::new(&"prefix")
+                .hash_to_point(self.message.clone().into_iter())
+                .to_affine();
+            assert_eq!(format!("{:?}", point), format!("{:?}", point_ref));
+
+            Ok(())
+        }
+    }
+
+    // Initialize the polynomial commitment parameters
+    let k = 10;
+    let params: Params<EqAffine> = Params::new(k);
+    let empty_circuit: MyCircuit<EpAffine> = MyCircuit {
+        message: Vec::new(),
+        _marker_c: PhantomData,
+    };
+
+    // Initialize the proving key
+    let vk = keygen_vk(&params, &empty_circuit).expect("keygen_vk should not fail");
+    let pk = keygen_pk(&params, vk, &empty_circuit).expect("keygen_pk should not fail");
+
+    let circuit: MyCircuit<EpAffine> = MyCircuit {
+        // 101101101101
+        message: vec![
+            true, false, true, true, false, true, true, false, true, true, false, false,
+        ],
+        _marker_c: PhantomData,
+    };
+
+    // Create a proof
+    let mut transcript = Blake2bWrite::init(vec![]);
+    create_proof(&params, &pk, &[circuit], &[&[]], &mut transcript)
+        .expect("proof generation should not fail");
+    let proof: Vec<u8> = transcript.finalize();
+
+    let msm = params.empty_msm();
+    let mut transcript = Blake2bRead::init(&proof[..]);
+    let guard = verify_proof(&params, pk.get_vk(), msm, &[&[]], &mut transcript).unwrap();
+    let msm = guard.clone().use_challenges();
+    assert!(msm.eval());
+}