Update to use the latest version of pairing library.

2025-01-31 07:42:15 +00:00 · 2017-10-22 05:45:26 -06:00 · 2017-10-22 05:45:26 -06:00 · 326996139e
commit 326996139e
parent 2042876fcf
4 changed files with 25 additions and 55 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -15,11 +15,7 @@ futures = "0.1"
 futures-cpupool = "0.1"
 num_cpus = "1.6"
 crossbeam = "0.3"
-
+pairing = "0.13"
 [dependencies.pairing]
 version = "0.11"
 default-features = false
 features = ["unstable-wnaf"]
 [features]
 default = ["u128-support"]
--- a/src/domain.rs
+++ b/src/domain.rs
@ -42,13 +42,13 @@ impl<E: Engine, G: Group<E>> EvaluationDomain<E, G> {
            m *= 2;
            exp += 1;
-            if exp >= E::Fr::s() {
+            if exp >= E::Fr::S {
                return Err(Error::PolynomialDegreeTooLarge)
            }
        }
        let mut omega = E::Fr::root_of_unity();
-        for _ in exp..E::Fr::s() {
+        for _ in exp..E::Fr::S {
            omega.square();
        }
--- a/src/groth16/generator.rs
+++ b/src/groth16/generator.rs
@ -1,5 +1,4 @@
 use pairing::*;
 use pairing::wnaf::*;
 use ::{
    Input,
    Error,
@ -170,8 +169,8 @@ pub fn generate_parameters<E, C>(
    let mut powers_of_tau = EvaluationDomain::from_coeffs(powers_of_tau)?;
    // Compute G1 window table
-    let mut g1_table = vec![];
+    let mut g1_wnaf = Wnaf::new();
-    let g1_table_size = E::G1::recommended_wnaf_for_num_scalars(
+    let g1_wnaf = g1_wnaf.base(g1, {
        // H query
        (powers_of_tau.as_ref().len() - 1)
        // IC/L queries
@ -180,16 +179,14 @@ pub fn generate_parameters<E, C>(
        + assembly.num_inputs + assembly.num_aux
        // B query
        + assembly.num_inputs + assembly.num_aux
-    );
+    });
    wnaf_table(&mut g1_table, g1, g1_table_size);
    // Compute G2 window table
-    let mut g2_table = vec![];
+    let mut g2_wnaf = Wnaf::new();
-    let g2_table_size = E::G2::recommended_wnaf_for_num_scalars(
+    let g2_wnaf = g2_wnaf.base(g2, {
        // B query
        assembly.num_inputs + assembly.num_aux
-    );
+    });
    wnaf_table(&mut g2_table, g2, g2_table_size);
    let gamma_inverse = gamma.inverse().ok_or(Error::UnexpectedIdentity)?;
    let delta_inverse = delta.inverse().ok_or(Error::UnexpectedIdentity)?;
@ -223,12 +220,9 @@ pub fn generate_parameters<E, C>(
        multicore::scope(h.len(), |scope, chunk| {
            for (h, p) in h.chunks_mut(chunk).zip(powers_of_tau.as_ref().chunks(chunk))
            {
-                let g1_table = &g1_table;
+                let mut g1_wnaf = g1_wnaf.shared();
                scope.spawn(move || {
                    // Create wNAF form storage location for this thread
                    let mut wnaf = vec![];
                    // Set values of the H query to g1^{(tau^i * t(tau)) / delta}
                    for (h, p) in h.iter_mut().zip(p.iter())
                    {
@ -236,11 +230,8 @@ pub fn generate_parameters<E, C>(
                        let mut exp = p.0;
                        exp.mul_assign(&coeff);
                        // Compute wNAF form of exponent
                        wnaf_form(&mut wnaf, exp.into_repr(), g1_table_size);
                        // Exponentiate
-                        *h = wnaf_exp(g1_table, &wnaf);
+                        *h = g1_wnaf.scalar(exp.into_repr());
                    }
                    // Batch normalize
@ -262,10 +253,8 @@ pub fn generate_parameters<E, C>(
    fn eval<E: Engine>(
        // wNAF window tables
-        g1_table: &[E::G1],
+        g1_wnaf: &Wnaf<usize, &[E::G1], &mut Vec<i64>>,
-        g1_table_size: usize,
+        g2_wnaf: &Wnaf<usize, &[E::G2], &mut Vec<i64>>,
        g2_table: &[E::G2],
        g2_table_size: usize,
        // Lagrange coefficients for tau
        powers_of_tau: &[Scalar<E>],
@ -307,10 +296,10 @@ pub fn generate_parameters<E, C>(
                                                               .zip(bt.chunks(chunk))
                                                               .zip(ct.chunks(chunk))
            {
-                scope.spawn(move || {
+                let mut g1_wnaf = g1_wnaf.shared();
-                    // Create wNAF form storage location for this thread
+                let mut g2_wnaf = g2_wnaf.shared();
                    let mut wnaf = vec![];
                scope.spawn(move || {
                    for ((((((a, b_g1), b_g2), ext), at), bt), ct) in a.iter_mut()
                                                                       .zip(b_g1.iter_mut())
                                                                       .zip(b_g2.iter_mut())
@ -342,24 +331,14 @@ pub fn generate_parameters<E, C>(
                        // Compute A query (in G1)
                        if !at.is_zero() {
-                            wnaf_form(&mut wnaf, at.into_repr(), g1_table_size);
+                            *a = g1_wnaf.scalar(at.into_repr());
                            *a = wnaf_exp(&g1_table, &wnaf);
                        }
                        // Compute B query (in G1/G2)
                        if !bt.is_zero() {
                            // Normalize the field element once
                            let bt_repr = bt.into_repr();
-                            wnaf_form(&mut wnaf, bt_repr, g1_table_size);
+                            *b_g1 = g1_wnaf.scalar(bt_repr);
-                            *b_g1 = wnaf_exp(&g1_table, &wnaf);
+                            *b_g2 = g2_wnaf.scalar(bt_repr);
                            // G1 window table might use the same window size
                            // as the G2 window table, so we wouldn't need to
                            // recompute the wNAF form of the exponent.
                            if g1_table_size != g2_table_size {
                                wnaf_form(&mut wnaf, bt_repr, g2_table_size);
                            }
                            *b_g2 = wnaf_exp(&g2_table, &wnaf);
                        }
                        at.mul_assign(&beta);
@ -370,8 +349,7 @@ pub fn generate_parameters<E, C>(
                        e.add_assign(&ct);
                        e.mul_assign(inv);
-                        wnaf_form(&mut wnaf, e.into_repr(), g1_table_size);
+                        *ext = g1_wnaf.scalar(e.into_repr());
                        *ext = wnaf_exp(&g1_table, &wnaf);
                    }
                    // Batch normalize
@ -386,10 +364,8 @@ pub fn generate_parameters<E, C>(
    // Evaluate for inputs.
    eval(
-        &g1_table,
+        &g1_wnaf,
-        g1_table_size,
+        &g2_wnaf,
        &g2_table,
        g2_table_size,
        &powers_of_tau,
        &assembly.at_inputs,
        &assembly.bt_inputs,
@ -405,10 +381,8 @@ pub fn generate_parameters<E, C>(
    // Evaluate for auxillary variables.
    eval(
-        &g1_table,
+        &g1_wnaf,
-        g1_table_size,
+        &g2_wnaf,
        &g2_table,
        g2_table_size,
        &powers_of_tau,
        &assembly.at_aux,
        &assembly.bt_aux,
--- a/src/multiexp.rs
+++ b/src/multiexp.rs
@ -204,7 +204,7 @@ fn multiexp_inner<Q, D, G, S>(
    skip += c;
-    if skip >= <G::Engine as Engine>::Fr::num_bits() {
+    if skip >= <G::Engine as Engine>::Fr::NUM_BITS {
        // There isn't another region.
        this.boxed()
    } else {