From 0d26f7885c31cbb1c99a8de5da19f7c34c821cb9 Mon Sep 17 00:00:00 2001 From: Sergey Vasilyev Date: Sun, 17 May 2026 04:25:15 +0300 Subject: [PATCH 1/2] PiopParams takes 1 generic arg --- w3f-ring-proof/src/lib.rs | 2 +- w3f-ring-proof/src/piop/mod.rs | 2 +- w3f-ring-proof/src/piop/params.rs | 45 ++++++++++++++--------------- w3f-ring-proof/src/piop/prover.rs | 4 +-- w3f-ring-proof/src/ring.rs | 6 ++-- w3f-ring-proof/src/ring_prover.rs | 6 ++-- w3f-ring-proof/src/ring_verifier.rs | 6 ++-- 7 files changed, 35 insertions(+), 36 deletions(-) diff --git a/w3f-ring-proof/src/lib.rs b/w3f-ring-proof/src/lib.rs index 738a845..a197bde 100644 --- a/w3f-ring-proof/src/lib.rs +++ b/w3f-ring-proof/src/lib.rs @@ -154,7 +154,7 @@ mod tests { fn setup>( rng: &mut R, domain_size: usize, - ) -> (CS::Params, PiopParams) { + ) -> (CS::Params, PiopParams) { let setup_degree = 3 * domain_size; let pcs_params = CS::setup(setup_degree, rng); diff --git a/w3f-ring-proof/src/piop/mod.rs b/w3f-ring-proof/src/piop/mod.rs index 765f8fb..0cd73c3 100644 --- a/w3f-ring-proof/src/piop/mod.rs +++ b/w3f-ring-proof/src/piop/mod.rs @@ -183,7 +183,7 @@ impl VerifierKey> { pub fn index, Curve: TECurveConfig>( pcs_params: &CS::Params, - piop_params: &PiopParams, + piop_params: &PiopParams>, keys: &[Affine], ) -> (ProverKey>, VerifierKey) { let pcs_ck = pcs_params.ck(); diff --git a/w3f-ring-proof/src/piop/params.rs b/w3f-ring-proof/src/piop/params.rs index 74a8e43..dd2240e 100644 --- a/w3f-ring-proof/src/piop/params.rs +++ b/w3f-ring-proof/src/piop/params.rs @@ -1,6 +1,5 @@ -use ark_ec::twisted_edwards::{Affine, TECurveConfig}; use ark_ec::{AdditiveGroup, AffineRepr, CurveGroup}; -use ark_ff::{BigInteger, PrimeField}; +use ark_ff::{BigInteger, One, PrimeField, Zero}; use ark_std::{vec, vec::Vec}; use w3f_plonk_common::domain::Domain; @@ -10,22 +9,22 @@ use crate::piop::FixedColumns; /// Plonk Interactive Oracle Proofs (PIOP) parameters. #[derive(Clone)] -pub struct PiopParams> { +pub struct PiopParams> { /// Domain over which the piop is represented. - pub domain: Domain, + pub domain: Domain, /// Number of bits used to represent a jubjub scalar. pub scalar_bitlen: usize, /// Length of the part of the column representing the public keys (including the padding). pub keyset_part_size: usize, /// Blinding base point. - pub h: Affine, + pub h: G, /// Summation base point. - pub seed: Affine, + pub seed: G, /// The point used to pad the list of public keys. - pub padding: Affine, + pub padding: G, } -impl> PiopParams { +impl> PiopParams { /// Initialize PIOP parameters. /// /// - `domain`: polynomials evaluation domain. @@ -35,12 +34,12 @@ impl> PiopParams { /// /// All points should be of an unknown discrete log. pub fn setup( - domain: Domain, - h: Affine, - seed: Affine, - padding: Affine, + domain: Domain, + h: G, + seed: G, + padding: G, ) -> Self { - let scalar_bitlen = Curve::ScalarField::MODULUS_BIT_SIZE as usize; + let scalar_bitlen = G::ScalarField::MODULUS_BIT_SIZE as usize; // 1 accounts for the last cells of the points and bits columns that remain unconstrained let keyset_part_size = domain.capacity - scalar_bitlen - 1; Self { @@ -53,7 +52,7 @@ impl> PiopParams { } } - pub fn fixed_columns(&self, keys: &[Affine]) -> FixedColumns> { + pub fn fixed_columns(&self, keys: &[G]) -> FixedColumns { let ring_selector = self.keyset_part_selector(); let ring_selector = self.domain.public_column(ring_selector); let points = self.points_column(&keys); @@ -63,7 +62,7 @@ impl> PiopParams { } } - pub fn points_column(&self, keys: &[Affine]) -> AffineColumn> { + pub fn points_column(&self, keys: &[G]) -> AffineColumn { assert!(keys.len() <= self.keyset_part_size); let padding_len = self.keyset_part_size - keys.len(); let padding = vec![self.padding; padding_len]; @@ -72,7 +71,7 @@ impl> PiopParams { AffineColumn::public_column(points, &self.domain) } - pub fn power_of_2_multiples_of_h(&self) -> Vec> { + pub fn power_of_2_multiples_of_h(&self) -> Vec { let mut h = self.h.into_group(); let mut multiples = Vec::with_capacity(self.scalar_bitlen); multiples.push(h); @@ -83,21 +82,21 @@ impl> PiopParams { CurveGroup::normalize_batch(&multiples) } - pub fn scalar_part(&self, e: Curve::ScalarField) -> Vec { + pub fn scalar_part(&self, e: G::ScalarField) -> Vec { let bits_with_trailing_zeroes = e.into_bigint().to_bits_le(); let significant_bits = &bits_with_trailing_zeroes[..self.scalar_bitlen]; significant_bits.to_vec() } - pub fn keyset_part_selector(&self) -> Vec { + pub fn keyset_part_selector(&self) -> Vec { [ - vec![F::one(); self.keyset_part_size], - vec![F::zero(); self.scalar_bitlen], + vec![G::BaseField::one(); self.keyset_part_size], + vec![G::BaseField::zero(); self.scalar_bitlen], ] .concat() } - pub fn blind_pk(&self, pk_k: Affine, blinding: Curve::ScalarField) -> Affine { + pub fn blind_pk(&self, pk_k: G, blinding: G::ScalarField) -> G { let blinded_pk = pk_k + self.h * blinding; blinded_pk.into_affine() } @@ -105,7 +104,7 @@ impl> PiopParams { #[cfg(test)] mod tests { - use ark_ed_on_bls12_381_bandersnatch::{BandersnatchConfig, EdwardsAffine, Fq, Fr}; + use ark_ed_on_bls12_381_bandersnatch::{EdwardsAffine, Fr}; use ark_std::ops::Mul; use ark_std::{test_rng, UniformRand}; @@ -122,7 +121,7 @@ mod tests { let padding = EdwardsAffine::rand(rng); let domain = Domain::new(1024, false); - let params = PiopParams::::setup(domain, h, seed, padding); + let params = PiopParams::::setup(domain, h, seed, padding); let t = Fr::rand(rng); let t_bits = params.scalar_part(t); let th = cond_sum(&t_bits, ¶ms.power_of_2_multiples_of_h()); diff --git a/w3f-ring-proof/src/piop/prover.rs b/w3f-ring-proof/src/piop/prover.rs index a67d8cb..ddec2ba 100644 --- a/w3f-ring-proof/src/piop/prover.rs +++ b/w3f-ring-proof/src/piop/prover.rs @@ -40,7 +40,7 @@ pub struct PiopProver> { impl> PiopProver { pub fn build( - params: &PiopParams, + params: &PiopParams>, fixed_columns: FixedColumns>, prover_index_in_keys: usize, secret: Curve::ScalarField, @@ -73,7 +73,7 @@ impl> PiopProver { // TODO: move to params? fn bits_column( - params: &PiopParams, + params: &PiopParams>, index_in_keys: usize, secret: Curve::ScalarField, ) -> BitColumn { diff --git a/w3f-ring-proof/src/ring.rs b/w3f-ring-proof/src/ring.rs index 600455d..527a6c0 100644 --- a/w3f-ring-proof/src/ring.rs +++ b/w3f-ring-proof/src/ring.rs @@ -85,7 +85,7 @@ impl< /// - `srs`: Should return `srs[range]` for `range = (piop_params.keyset_part_size..domain_size)` /// - `g`: Generator used in the SRS pub fn empty( - piop_params: &PiopParams, + piop_params: &PiopParams>, srs: impl Fn(Range) -> Result, ()>, g: KzgCurve::G1, ) -> Self { @@ -162,7 +162,7 @@ impl< /// - `piop_params`: SNARK parameters. /// - `srs`: full-size Lagrangian SRS. pub fn with_keys( - piop_params: &PiopParams, + piop_params: &PiopParams>, keys: &[Affine], srs: &RingBuilderKey, ) -> Self { @@ -329,7 +329,7 @@ mod tests { fn get_monomial_commitment( pcs_params: &URS, - piop_params: &PiopParams, + piop_params: &PiopParams, keys: &[EdwardsAffine], ) -> (G1Affine, G1Affine) { let (_, verifier_key) = diff --git a/w3f-ring-proof/src/ring_prover.rs b/w3f-ring-proof/src/ring_prover.rs index f76ae3c..7aabea6 100644 --- a/w3f-ring-proof/src/ring_prover.rs +++ b/w3f-ring-proof/src/ring_prover.rs @@ -17,7 +17,7 @@ where Curve: TECurveConfig, T: PlonkTranscript, { - piop_params: PiopParams, + piop_params: PiopParams>, fixed_columns: FixedColumns>, // TODO: We could have a prover that as an optimization stores the commitment to the part of the trace // TODO: that depends on the prover's index but not the blinding. That would save some computation, @@ -35,7 +35,7 @@ where { pub fn init( prover_key: ProverKey>, - piop_params: PiopParams, + piop_params: PiopParams>, k: usize, empty_transcript: T, ) -> Self { @@ -75,7 +75,7 @@ where (blinded_pk, proof) } - pub fn piop_params(&self) -> &PiopParams { + pub fn piop_params(&self) -> &PiopParams> { &self.piop_params } } diff --git a/w3f-ring-proof/src/ring_verifier.rs b/w3f-ring-proof/src/ring_verifier.rs index ca38706..d406f3d 100644 --- a/w3f-ring-proof/src/ring_verifier.rs +++ b/w3f-ring-proof/src/ring_verifier.rs @@ -21,7 +21,7 @@ where Jubjub: TECurveConfig, T: PlonkTranscript, { - pub(crate) piop_params: PiopParams, + pub(crate) piop_params: PiopParams>, pub(crate) fixed_columns_committed: FixedColumnsCommitted, pub(crate) plonk_verifier: PlonkVerifier, } @@ -35,7 +35,7 @@ where { pub fn init( verifier_key: VerifierKey, - piop_params: PiopParams, + piop_params: PiopParams>, empty_transcript: T, ) -> Self { let pcs_vk = verifier_key.pcs_raw_vk.prepare(); @@ -72,7 +72,7 @@ where .verify(piop, proof, challenges, &mut transcript.to_rng()) } - pub fn piop_params(&self) -> &PiopParams { + pub fn piop_params(&self) -> &PiopParams> { &self.piop_params } From e55a7303561a846a8fc20ae19018acb2033b7ce1 Mon Sep 17 00:00:00 2001 From: Sergey Vasilyev Date: Sun, 17 May 2026 04:30:11 +0300 Subject: [PATCH 2/2] fmt --- w3f-ring-proof/src/piop/params.rs | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/w3f-ring-proof/src/piop/params.rs b/w3f-ring-proof/src/piop/params.rs index dd2240e..81e8ad3 100644 --- a/w3f-ring-proof/src/piop/params.rs +++ b/w3f-ring-proof/src/piop/params.rs @@ -33,12 +33,7 @@ impl> PiopParams { /// - `padding`: The point used to pad the list of public keys. /// /// All points should be of an unknown discrete log. - pub fn setup( - domain: Domain, - h: G, - seed: G, - padding: G, - ) -> Self { + pub fn setup(domain: Domain, h: G, seed: G, padding: G) -> Self { let scalar_bitlen = G::ScalarField::MODULUS_BIT_SIZE as usize; // 1 accounts for the last cells of the points and bits columns that remain unconstrained let keyset_part_size = domain.capacity - scalar_bitlen - 1;