Skip to content

Commit

Permalink
Merge pull request #16 from Stentonian/stent/change-curve25519-package
Browse files Browse the repository at this point in the history
Change dependency on curve25519-dalek-ng to curve25519-dalek
  • Loading branch information
cathieyun authored Feb 7, 2024
2 parents a4aa4c5 + 14a6134 commit fdb3537
Show file tree
Hide file tree
Showing 17 changed files with 112 additions and 105 deletions.
8 changes: 6 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

Entries are listed in reverse chronological order.

## 5.0.0

* Change `curve25519-dalek-ng` dependency to `curve25519-dalek`. A major version bump is required because one cannot import `curve25519-dalek` and `bulletproofs` without conflicts.

## 4.0.0

* Update to `rand_core` `0.6`. This requires a major version bump but the API
Expand Down Expand Up @@ -39,7 +43,7 @@ Entries are listed in reverse chronological order.
* Updates the library to use the renamed functions in Merlin 1.1.
* Adds additional validation checks to prevent identity points being used as
part of a proof. This does not appear to have security content, but is
intended as a defense-in-depth mechanism.
intended as a defense-in-depth mechanism.
See [this comment][identity_comment] for more motivation.
* Documentation tweaks.

Expand All @@ -52,7 +56,7 @@ Entries are listed in reverse chronological order.

## 1.0.0

* Minor tweaks to the prerelease version.
* Minor tweaks to the prerelease version.
* Preliminary support for R1CS proofs, but this feature is hard-disabled in the
published crate.

Expand Down
24 changes: 12 additions & 12 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
[package]
name = "bulletproofs"
# Before doing a release:
# - update version field
# - update version field
# - update html_root_url
# - update CHANGELOG
version = "4.0.0"
authors = ["Cathie Yun <cathieyun@gmail.com>",
version = "5.0.0"
authors = ["Cathie Yun <cathieyun@gmail.com>",
"Henry de Valence <hdevalence@hdevalence.ca>",
"Oleg Andreev <oleganza@gmail.com>"]
readme = "README.md"
Expand All @@ -17,10 +17,11 @@ description = "A pure-Rust implementation of Bulletproofs using Ristretto"
edition = "2018"

[dependencies]
curve25519-dalek = { package = "curve25519-dalek-ng", version = "4", default-features = false, features = ["u64_backend", "serde"] }
subtle = { package = "subtle-ng", version = "2.4", default-features = false }
sha3 = { version = "0.9.1", default-features = false }
digest = { version = "0.9.0", default-features = false }
curve25519-dalek = { version = "4.1.1", features = ["digest", "group", "rand_core", "serde"] }
group = { version = "0.13", default-features = false }
subtle = { version = "2.5", default-features = false }
sha3 = { version = "0.10", default-features = false }
digest = { version = "0.10", default-features = false }
rand_core = { version = "0.6", default-features = false, features = ["alloc"] }
rand = { version = "0.8", default-features = false, optional = true }
byteorder = { version = "1", default-features = false }
Expand All @@ -35,13 +36,13 @@ hex = "0.3"
criterion = "0.3"
bincode = "1"
rand_chacha = "0.3"
curve25519-dalek = { version = "4.1.1", features = ["digest", "group", "legacy_compatibility", "rand_core", "serde"] }

[features]
default = ["std"]
avx2_backend = ["curve25519-dalek/avx2_backend"]
yoloproofs = []
std = ["rand", "rand/std", "rand/std_rng", "thiserror", "curve25519-dalek/std"]
nightly = ["curve25519-dalek/nightly", "curve25519-dalek/alloc", "subtle/nightly", "clear_on_drop/nightly"]
std = ["rand", "rand/std", "rand/std_rng", "thiserror"]
nightly = ["subtle/nightly", "clear_on_drop/nightly"]
docs = ["nightly"]


Expand All @@ -55,7 +56,6 @@ required-features = ["yoloproofs"]
[[bench]]
name = "range_proof"
harness = false
required-features = ["avx2_backend"]

[[bench]]
name = "generators"
Expand All @@ -64,7 +64,7 @@ harness = false
[[bench]]
name = "r1cs"
harness = false
required-features = ["yoloproofs", "avx2_backend"]
required-features = ["yoloproofs"]

[[bench]]
name = "linear_proof"
Expand Down
2 changes: 1 addition & 1 deletion benches/linear_proof.rs
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ fn create_linear_proof_helper(c: &mut Criterion) {
/// \\]
/// Panics if the lengths of \\(\mathbf{a}\\) and \\(\mathbf{b}\\) are not equal.
fn inner_product(a: &[Scalar], b: &[Scalar]) -> Scalar {
let mut out = Scalar::zero();
let mut out = Scalar::ZERO;
if a.len() != b.len() {
panic!("inner_product(a,b): lengths of vectors do not match");
}
Expand Down
8 changes: 4 additions & 4 deletions src/generators.rs
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ use curve25519_dalek::constants::RISTRETTO_BASEPOINT_POINT;
use curve25519_dalek::ristretto::RistrettoPoint;
use curve25519_dalek::scalar::Scalar;
use curve25519_dalek::traits::MultiscalarMul;
use digest::{ExtendableOutputDirty, Update, XofReader};
use sha3::{Sha3XofReader, Sha3_512, Shake256};
use digest::{ExtendableOutput, Update, XofReader};
use sha3::{Sha3_512, Shake256, Shake256Reader};

/// Represents a pair of base points for Pedersen commitments.
///
Expand Down Expand Up @@ -56,7 +56,7 @@ impl Default for PedersenGens {
/// orthogonal generators. The sequence can be deterministically
/// produced starting with an arbitrary point.
struct GeneratorsChain {
reader: Sha3XofReader,
reader: Shake256Reader,
}

impl GeneratorsChain {
Expand All @@ -67,7 +67,7 @@ impl GeneratorsChain {
shake.update(label);

GeneratorsChain {
reader: shake.finalize_xof_dirty(),
reader: shake.finalize_xof(),
}
}

Expand Down
14 changes: 7 additions & 7 deletions src/inner_product_proof.rs
Original file line number Diff line number Diff line change
Expand Up @@ -398,9 +398,9 @@ impl InnerProductProof {
}

let pos = 2 * lg_n * 32;
let a =
Scalar::from_canonical_bytes(read32(&slice[pos..])).ok_or(ProofError::FormatError)?;
let b = Scalar::from_canonical_bytes(read32(&slice[pos + 32..]))
let a = Option::from(Scalar::from_canonical_bytes(read32(&slice[pos..])))
.ok_or(ProofError::FormatError)?;
let b = Option::from(Scalar::from_canonical_bytes(read32(&slice[pos + 32..])))
.ok_or(ProofError::FormatError)?;

Ok(InnerProductProof { L_vec, R_vec, a, b })
Expand All @@ -413,7 +413,7 @@ impl InnerProductProof {
/// \\]
/// Panics if the lengths of \\(\mathbf{a}\\) and \\(\mathbf{b}\\) are not equal.
pub fn inner_product(a: &[Scalar], b: &[Scalar]) -> Scalar {
let mut out = Scalar::zero();
let mut out = Scalar::ZERO;
if a.len() != b.len() {
panic!("inner_product(a,b): lengths of vectors do not match");
}
Expand Down Expand Up @@ -446,7 +446,7 @@ mod tests {
let b: Vec<_> = (0..n).map(|_| Scalar::random(&mut rng)).collect();
let c = inner_product(&a, &b);

let G_factors: Vec<Scalar> = iter::repeat(Scalar::one()).take(n).collect();
let G_factors: Vec<Scalar> = iter::repeat(Scalar::ONE).take(n).collect();

// y_inv is (the inverse of) a random challenge
let y_inv = Scalar::random(&mut rng);
Expand Down Expand Up @@ -483,7 +483,7 @@ mod tests {
.verify(
n,
&mut verifier,
iter::repeat(Scalar::one()).take(n),
iter::repeat(Scalar::ONE).take(n),
util::exp_iter(y_inv).take(n),
&P,
&Q,
Expand All @@ -498,7 +498,7 @@ mod tests {
.verify(
n,
&mut verifier,
iter::repeat(Scalar::one()).take(n),
iter::repeat(Scalar::ONE).take(n),
util::exp_iter(y_inv).take(n),
&P,
&Q,
Expand Down
2 changes: 1 addition & 1 deletion src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
#![cfg_attr(feature = "docs", doc(include = "../README.md"))]
#![cfg_attr(
feature = "docs",
doc(html_root_url = "https://docs.rs/bulletproofs/4.0.0")
doc(html_root_url = "https://docs.rs/bulletproofs/5.0.0")
)]

extern crate alloc;
Expand Down
8 changes: 4 additions & 4 deletions src/linear_proof.rs
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ impl LinearProof {
b_L[i] = b_L[i] + x_j * b_R[i];
// G_L = G_L + x_j * G_R
G_L[i] = RistrettoPoint::vartime_multiscalar_mul(
&[Scalar::one(), x_j],
&[Scalar::ONE, x_j],
&[G_L[i], G_R[i]],
);
}
Expand Down Expand Up @@ -300,7 +300,7 @@ impl LinearProof {
let lg_n = self.L_vec.len();

let mut s = Vec::with_capacity(n);
s.push(Scalar::one());
s.push(Scalar::ONE);
for i in 1..n {
let lg_i = (32 - 1 - (i as u32).leading_zeros()) as usize;
let k = 1 << lg_i;
Expand Down Expand Up @@ -391,9 +391,9 @@ impl LinearProof {

let pos = 2 * lg_n * 32;
let S = CompressedRistretto(read32(&slice[pos..]));
let a = Scalar::from_canonical_bytes(read32(&slice[pos + 32..]))
let a = Option::from(Scalar::from_canonical_bytes(read32(&slice[pos + 32..])))
.ok_or(ProofError::FormatError)?;
let r = Scalar::from_canonical_bytes(read32(&slice[pos + 64..]))
let r = Option::from(Scalar::from_canonical_bytes(read32(&slice[pos + 64..])))
.ok_or(ProofError::FormatError)?;

Ok(LinearProof {
Expand Down
6 changes: 3 additions & 3 deletions src/r1cs/linear_combination.rs
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ pub enum Variable {
impl From<Variable> for LinearCombination {
fn from(v: Variable) -> LinearCombination {
LinearCombination {
terms: vec![(v, Scalar::one())],
terms: vec![(v, Scalar::ONE)],
}
}
}
Expand Down Expand Up @@ -78,7 +78,7 @@ impl Add<Variable> for Scalar {

fn add(self, other: Variable) -> Self::Output {
LinearCombination {
terms: vec![(Variable::One(), self), (other, Scalar::one())],
terms: vec![(Variable::One(), self), (other, Scalar::ONE)],
}
}
}
Expand All @@ -88,7 +88,7 @@ impl Sub<Variable> for Scalar {

fn sub(self, other: Variable) -> Self::Output {
LinearCombination {
terms: vec![(Variable::One(), self), (other, -Scalar::one())],
terms: vec![(Variable::One(), self), (other, -Scalar::ONE)],
}
}
}
Expand Down
28 changes: 14 additions & 14 deletions src/r1cs/prover.rs
Original file line number Diff line number Diff line change
Expand Up @@ -120,8 +120,8 @@ impl<'g, T: BorrowMut<Transcript>> ConstraintSystem for Prover<'g, T> {
self.secrets.a_O.push(o);

// Constrain l,r,o:
left.terms.push((l_var, -Scalar::one()));
right.terms.push((r_var, -Scalar::one()));
left.terms.push((l_var, -Scalar::ONE));
right.terms.push((r_var, -Scalar::ONE));
self.constrain(left);
self.constrain(right);

Expand All @@ -136,8 +136,8 @@ impl<'g, T: BorrowMut<Transcript>> ConstraintSystem for Prover<'g, T> {
let i = self.secrets.a_L.len();
self.pending_multiplier = Some(i);
self.secrets.a_L.push(scalar);
self.secrets.a_R.push(Scalar::zero());
self.secrets.a_O.push(Scalar::zero());
self.secrets.a_R.push(Scalar::ZERO);
self.secrets.a_O.push(Scalar::ZERO);
Ok(Variable::MultiplierLeft(i))
}
Some(i) => {
Expand Down Expand Up @@ -322,10 +322,10 @@ impl<'g, T: BorrowMut<Transcript>> Prover<'g, T> {
let n = self.secrets.a_L.len();
let m = self.secrets.v.len();

let mut wL = vec![Scalar::zero(); n];
let mut wR = vec![Scalar::zero(); n];
let mut wO = vec![Scalar::zero(); n];
let mut wV = vec![Scalar::zero(); m];
let mut wL = vec![Scalar::ZERO; n];
let mut wR = vec![Scalar::ZERO; n];
let mut wO = vec![Scalar::ZERO; n];
let mut wV = vec![Scalar::ZERO; m];

let mut exp_z = *z;
for lc in self.constraints.iter() {
Expand Down Expand Up @@ -365,7 +365,7 @@ impl<'g, T: BorrowMut<Transcript>> Prover<'g, T> {
Variable::MultiplierRight(i) => self.secrets.a_R[*i],
Variable::MultiplierOutput(i) => self.secrets.a_O[*i],
Variable::Committed(i) => self.secrets.v[*i],
Variable::One() => Scalar::one(),
Variable::One() => Scalar::ONE,
}
})
.sum()
Expand Down Expand Up @@ -518,7 +518,7 @@ impl<'g, T: BorrowMut<Transcript>> Prover<'g, T> {
Scalar::random(&mut rng),
)
} else {
(Scalar::zero(), Scalar::zero(), Scalar::zero())
(Scalar::ZERO, Scalar::ZERO, Scalar::ZERO)
};

let mut s_L2: Vec<Scalar> = (0..n2).map(|_| Scalar::random(&mut rng)).collect();
Expand Down Expand Up @@ -580,7 +580,7 @@ impl<'g, T: BorrowMut<Transcript>> Prover<'g, T> {
let mut l_poly = util::VecPoly3::zero(n);
let mut r_poly = util::VecPoly3::zero(n);

let mut exp_y = Scalar::one(); // y^n starting at n=0
let mut exp_y = Scalar::ONE; // y^n starting at n=0
let y_inv = y.invert();
let exp_y_inv = util::exp_iter(y_inv).take(padded_n).collect::<Vec<_>>();

Expand Down Expand Up @@ -651,10 +651,10 @@ impl<'g, T: BorrowMut<Transcript>> Prover<'g, T> {
let t_x = t_poly.eval(x);
let t_x_blinding = t_blinding_poly.eval(x);
let mut l_vec = l_poly.eval(x);
l_vec.append(&mut vec![Scalar::zero(); pad]);
l_vec.append(&mut vec![Scalar::ZERO; pad]);

let mut r_vec = r_poly.eval(x);
r_vec.append(&mut vec![Scalar::zero(); pad]);
r_vec.append(&mut vec![Scalar::ZERO; pad]);

// XXX this should refer to the notes to explain why this is correct
for i in n..padded_n {
Expand All @@ -676,7 +676,7 @@ impl<'g, T: BorrowMut<Transcript>> Prover<'g, T> {
let w = transcript.challenge_scalar(b"w");
let Q = w * self.pc_gens.B;

let G_factors = iter::repeat(Scalar::one())
let G_factors = iter::repeat(Scalar::ONE)
.take(n1)
.chain(iter::repeat(u).take(n2 + pad))
.collect::<Vec<_>>();
Expand Down
24 changes: 12 additions & 12 deletions src/r1cs/verifier.rs
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,8 @@ impl<T: BorrowMut<Transcript>> ConstraintSystem for Verifier<T> {
let o_var = Variable::MultiplierOutput(var);

// Constrain l,r,o:
left.terms.push((l_var, -Scalar::one()));
right.terms.push((r_var, -Scalar::one()));
left.terms.push((l_var, -Scalar::ONE));
right.terms.push((r_var, -Scalar::ONE));
self.constrain(left);
self.constrain(right);

Expand Down Expand Up @@ -275,11 +275,11 @@ impl<T: BorrowMut<Transcript>> Verifier<T> {
let n = self.num_vars;
let m = self.V.len();

let mut wL = vec![Scalar::zero(); n];
let mut wR = vec![Scalar::zero(); n];
let mut wO = vec![Scalar::zero(); n];
let mut wV = vec![Scalar::zero(); m];
let mut wc = Scalar::zero();
let mut wL = vec![Scalar::ZERO; n];
let mut wR = vec![Scalar::ZERO; n];
let mut wO = vec![Scalar::ZERO; n];
let mut wV = vec![Scalar::ZERO; m];
let mut wc = Scalar::ZERO;

let mut exp_z = *z;
for lc in self.constraints.iter() {
Expand Down Expand Up @@ -428,12 +428,12 @@ impl<T: BorrowMut<Transcript>> Verifier<T> {
.into_iter()
.zip(y_inv_vec.iter())
.map(|(wRi, exp_y_inv)| wRi * exp_y_inv)
.chain(iter::repeat(Scalar::zero()).take(pad))
.chain(iter::repeat(Scalar::ZERO).take(pad))
.collect::<Vec<Scalar>>();

let delta = inner_product(&yneg_wR[0..n], &wL);

let u_for_g = iter::repeat(Scalar::one())
let u_for_g = iter::repeat(Scalar::ONE)
.take(n1)
.chain(iter::repeat(u).take(n2 + pad));
let u_for_h = u_for_g.clone();
Expand All @@ -449,10 +449,10 @@ impl<T: BorrowMut<Transcript>> Verifier<T> {
.iter()
.zip(u_for_h)
.zip(s.iter().rev().take(padded_n))
.zip(wL.into_iter().chain(iter::repeat(Scalar::zero()).take(pad)))
.zip(wO.into_iter().chain(iter::repeat(Scalar::zero()).take(pad)))
.zip(wL.into_iter().chain(iter::repeat(Scalar::ZERO).take(pad)))
.zip(wO.into_iter().chain(iter::repeat(Scalar::ZERO).take(pad)))
.map(|((((y_inv_i, u_or_1), s_i_inv), wLi), wOi)| {
u_or_1 * (y_inv_i * (x * wLi + wOi - b * s_i_inv) - Scalar::one())
u_or_1 * (y_inv_i * (x * wLi + wOi - b * s_i_inv) - Scalar::ONE)
});

// Create a `TranscriptRng` from the transcript. The verifier
Expand Down
2 changes: 1 addition & 1 deletion src/range_proof/dealer.rs
Original file line number Diff line number Diff line change
Expand Up @@ -255,7 +255,7 @@ impl<'a, 'b> DealerAwaitingProofShares<'a, 'b> {
let w = self.transcript.challenge_scalar(b"w");
let Q = w * self.pc_gens.B;

let G_factors: Vec<Scalar> = iter::repeat(Scalar::one()).take(self.n * self.m).collect();
let G_factors: Vec<Scalar> = iter::repeat(Scalar::ONE).take(self.n * self.m).collect();
let H_factors: Vec<Scalar> = util::exp_iter(self.bit_challenge.y.invert())
.take(self.n * self.m)
.collect();
Expand Down
Loading

0 comments on commit fdb3537

Please sign in to comment.