Merge pull request #111 from jimpo/master

Fix off-by-one so pedersen_hash doesn't consume too many generators.
2025-01-30 15:32:14 +00:00 · 2019-08-20 21:14:48 +01:00 · 2019-08-20 21:14:48 +01:00 · 7b11d64cf9
commit 7b11d64cf9
parent 6f0080ba72 d4b6c0e1a2
1 changed files with 20 additions and 24 deletions
--- a/zcash_proofs/src/circuit/pedersen_hash.rs
+++ b/zcash_proofs/src/circuit/pedersen_hash.rs
@ -26,12 +26,12 @@ where
    assert_eq!(personalization.len(), 6);

    let mut edwards_result = None;
-    let mut bits = personalization.iter().chain(bits.iter());
+    let mut bits = personalization.iter().chain(bits.iter()).peekable();
    let mut segment_generators = params.pedersen_circuit_generators().iter();
    let boolean_false = Boolean::constant(false);

    let mut segment_i = 0;
-    loop {
+    while bits.peek().is_some() {
        let mut segment_result = None;
        let mut segment_windows = &segment_generators.next().expect("enough segments")[..];

@ -72,32 +72,28 @@ where
            window_i += 1;
        }

-        match segment_result {
-            Some(segment_result) => {
-                // Convert this segment into twisted Edwards form.
-                let segment_result = segment_result.into_edwards(
-                    cs.namespace(|| format!("conversion of segment {} into edwards", segment_i)),
+        let segment_result = segment_result.expect(
+            "bits is not exhausted due to while condition;
+                    thus there must be a segment window;
+                    thus there must be a segment result",
+        );
+
+        // Convert this segment into twisted Edwards form.
+        let segment_result = segment_result.into_edwards(
+            cs.namespace(|| format!("conversion of segment {} into edwards", segment_i)),
+            params,
+        )?;
+
+        match edwards_result {
+            Some(ref mut edwards_result) => {
+                *edwards_result = segment_result.add(
+                    cs.namespace(|| format!("addition of segment {} to accumulator", segment_i)),
+                    edwards_result,
                    params,
                )?;
-
-                match edwards_result {
-                    Some(ref mut edwards_result) => {
-                        *edwards_result = segment_result.add(
-                            cs.namespace(|| {
-                                format!("addition of segment {} to accumulator", segment_i)
-                            }),
-                            edwards_result,
-                            params,
-                        )?;
-                    }
-                    None => {
-                        edwards_result = Some(segment_result);
-                    }
-                }
            }
            None => {
-                // We didn't process any new bits.
-                break;
+                edwards_result = Some(segment_result);
            }
        }