Move Jubjub and Pedersen hash gadgets into zcash_proofs

These are currently too Zcash-specific to be generalized, and need some
targeted refactoring.

sapling-crypto/src/circuit/mod.rs

@@ -6,8 +6,6 @@ pub mod uint32;
 pub mod blake2s;
 pub mod num;
 pub mod lookup;
-pub mod ecc;
-pub mod pedersen_hash;
 pub mod multipack;
 pub mod sha256;
 

zcash_proofs/src/circuit.rs

@@ -1,2 +1,5 @@
+pub mod ecc;
+pub mod pedersen_hash;
+
 pub mod sapling;
 pub mod sprout;

zcash_proofs/src/circuit/ecc.rs

@@ -6,27 +6,27 @@ use bellman::{
     ConstraintSystem
 };
 
-use super::{
+use sapling_crypto::circuit::{
     Assignment
 };
 
-use super::num::{
+use sapling_crypto::circuit::num::{
     AllocatedNum,
     Num
 };
 
-use ::jubjub::{
+use sapling_crypto::jubjub::{
     edwards,
     JubjubEngine,
     JubjubParams,
     FixedGenerators
 };
 
-use super::lookup::{
+use sapling_crypto::circuit::lookup::{
     lookup3_xy
 };
 
-use super::boolean::Boolean;
+use sapling_crypto::circuit::boolean::Boolean;
 
 #[derive(Clone)]
 pub struct EdwardsPoint<E: Engine> {
@@ -753,22 +753,23 @@ mod test {
     use rand_core::{RngCore, SeedableRng};
     use rand_xorshift::XorShiftRng;
 
-    use ::circuit::test::*;
-    use ::jubjub::{
+    use sapling_crypto::circuit::test::*;
+    use sapling_crypto::jubjub::{
         montgomery,
         edwards,
         JubjubBls12,
         JubjubParams,
         FixedGenerators
     };
-    use ::jubjub::fs::Fs;
+    use sapling_crypto::jubjub::fs::Fs;
+
     use super::{
         MontgomeryPoint,
         EdwardsPoint,
         AllocatedNum,
         fixed_base_multiplication
     };
-    use super::super::boolean::{
+    use sapling_crypto::circuit::boolean::{
         Boolean,
         AllocatedBit
     };

zcash_proofs/src/circuit/pedersen_hash.rs

@@ -1,23 +1,20 @@
-use super::*;
 use super::ecc::{
     MontgomeryPoint,
     EdwardsPoint
 };
-use super::boolean::Boolean;
-use ::jubjub::*;
+use sapling_crypto::circuit::boolean::Boolean;
+use sapling_crypto::jubjub::*;
 use bellman::{
-    ConstraintSystem
+    ConstraintSystem, SynthesisError
 };
-use super::lookup::*;
-pub use pedersen_hash::Personalization;
+use sapling_crypto::circuit::lookup::*;
+pub use sapling_crypto::pedersen_hash::Personalization;
 
-impl Personalization {
-    fn get_constant_bools(&self) -> Vec<Boolean> {
-        self.get_bits()
+fn get_constant_bools(person: &Personalization) -> Vec<Boolean> {
+    person.get_bits()
         .into_iter()
         .map(|e| Boolean::constant(e))
         .collect()
-    }
 }
 
 pub fn pedersen_hash<E: JubjubEngine, CS>(
@@ -28,7 +25,7 @@ pub fn pedersen_hash<E: JubjubEngine, CS>(
 ) -> Result<EdwardsPoint<E>, SynthesisError>
     where CS: ConstraintSystem<E>
 {
-    let personalization = personalization.get_constant_bools();
+    let personalization = get_constant_bools(&personalization);
     assert_eq!(personalization.len(), 6);
 
     let mut edwards_result = None;
@@ -113,8 +110,9 @@ pub fn pedersen_hash<E: JubjubEngine, CS>(
 #[cfg(test)]
 mod test {
     use super::*;
-    use ::circuit::test::*;
-    use ::circuit::boolean::{Boolean, AllocatedBit};
+    use sapling_crypto::circuit::test::*;
+    use sapling_crypto::circuit::boolean::{Boolean, AllocatedBit};
+    use sapling_crypto::pedersen_hash;
     use ff::PrimeField;
     use pairing::bls12_381::{Bls12, Fr};
     use rand_core::{RngCore, SeedableRng};
@@ -177,7 +175,7 @@ mod test {
 
                 assert!(cs.is_satisfied());
 
-                let expected = ::pedersen_hash::pedersen_hash::<Bls12, _>(
+                let expected = pedersen_hash::pedersen_hash::<Bls12, _>(
                     Personalization::MerkleTree(1),
                     input.clone().into_iter(),
                     params
@@ -187,7 +185,7 @@ mod test {
                 assert_eq!(res.get_y().get_value().unwrap(), expected.1);
 
                 // Test against the output of a different personalization
-                let unexpected = ::pedersen_hash::pedersen_hash::<Bls12, _>(
+                let unexpected = pedersen_hash::pedersen_hash::<Bls12, _>(
                     Personalization::MerkleTree(0),
                     input.into_iter(),
                     params

zcash_proofs/src/circuit/sapling.rs

@@ -21,8 +21,8 @@ use sapling_crypto::primitives::{
 
 use sapling_crypto::circuit::Assignment;
 use sapling_crypto::circuit::boolean;
-use sapling_crypto::circuit::ecc;
-use sapling_crypto::circuit::pedersen_hash;
+use super::ecc;
+use super::pedersen_hash;
 use sapling_crypto::circuit::blake2s;
 use sapling_crypto::circuit::num;
 use sapling_crypto::circuit::multipack;