From 209afce22b8f6b7c0bd5739f5a480d5a0a45e5bb Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Thu, 5 Oct 2023 14:40:47 +0200 Subject: [PATCH 01/45] Add custom traits Field and PrimeField with a blanket implementation for ff::Field and concrete implementations for Fr and Fq --- .../concordium_base/src/aggregate_sig/mod.rs | 3 +- .../src/bulletproofs/inner_product_proof.rs | 5 +- .../src/bulletproofs/range_proof.rs | 11 ++- .../src/bulletproofs/set_membership_proof.rs | 7 +- .../bulletproofs/set_non_membership_proof.rs | 3 +- .../concordium_base/src/bulletproofs/utils.rs | 10 +- .../curve_arithmetic/bls12_381_instance.rs | 98 ++++++++++++++++--- .../src/curve_arithmetic/mod.rs | 87 +++++++++++++++- .../src/curve_arithmetic/secret_value.rs | 15 ++- .../src/dodis_yampolskiy_prf/secret.rs | 3 +- rust-src/concordium_base/src/elgamal/mod.rs | 11 +-- .../concordium_base/src/elgamal/secret.rs | 7 +- .../concordium_base/src/id/account_holder.rs | 6 +- .../concordium_base/src/id/id_verifier.rs | 3 +- .../src/id/identity_provider.rs | 3 +- .../concordium_base/src/id/secret_sharing.rs | 7 +- rust-src/concordium_base/src/id/types.rs | 11 +-- rust-src/concordium_base/src/id/utils.rs | 21 ++-- .../src/pedersen_commitment/randomness.rs | 2 - rust-src/concordium_base/src/ps_sig/secret.rs | 2 - .../src/sigma_protocols/aggregate_dlog.rs | 3 +- .../src/sigma_protocols/com_enc_eq.rs | 3 +- .../src/sigma_protocols/com_eq.rs | 3 +- .../com_eq_different_groups.rs | 3 +- .../src/sigma_protocols/com_eq_sig.rs | 1 - .../src/sigma_protocols/com_ineq.rs | 3 +- .../src/sigma_protocols/com_lin.rs | 3 +- .../src/sigma_protocols/com_mult.rs | 3 +- .../src/sigma_protocols/dlog.rs | 3 +- .../src/sigma_protocols/dlogaggequal.rs | 3 +- .../src/sigma_protocols/enc_trans.rs | 3 +- .../src/sigma_protocols/vcom_eq.rs | 3 +- 32 files changed, 235 insertions(+), 114 deletions(-) diff --git a/rust-src/concordium_base/src/aggregate_sig/mod.rs b/rust-src/concordium_base/src/aggregate_sig/mod.rs index ab369bb6c..0b1566f32 100644 --- a/rust-src/concordium_base/src/aggregate_sig/mod.rs +++ b/rust-src/concordium_base/src/aggregate_sig/mod.rs @@ -4,11 +4,10 @@ mod ffi; use crate::{ common::{SerdeBase16Serialize, Serialize, *}, - curve_arithmetic::{Curve, Pairing, Value}, + curve_arithmetic::{Curve, Field, Pairing, Value}, random_oracle::RandomOracle, sigma_protocols::{common::*, dlog::*}, }; -use ff::Field; use rand::Rng; use rayon::iter::*; use sha2::{digest::Output, Digest, Sha512}; diff --git a/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs b/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs index f10145247..a1b625e0f 100644 --- a/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs @@ -2,10 +2,9 @@ //! this crate use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field, PrimeField}, random_oracle::RandomOracle, }; -use ff::Field; /// Inner product proof #[derive(Clone, Serialize, Debug)] @@ -442,7 +441,7 @@ pub(crate) fn verify_inner_product_with_scalars( /// the result is the inner product of the initial segments determined by the /// length of the shorter vector. #[allow(non_snake_case)] -pub fn inner_product(a: &[F], b: &[F]) -> F { +pub fn inner_product(a: &[F], b: &[F]) -> F { debug_assert_eq!( a.len(), b.len(), diff --git a/rust-src/concordium_base/src/bulletproofs/range_proof.rs b/rust-src/concordium_base/src/bulletproofs/range_proof.rs index 206f42922..cbe666677 100644 --- a/rust-src/concordium_base/src/bulletproofs/range_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/range_proof.rs @@ -2,12 +2,13 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve, Value}, + curve_arithmetic::{ + multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, PrimeField, Value, + }, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, }; -use ff::{Field, PrimeField}; use rand::*; use std::iter::once; @@ -42,7 +43,7 @@ fn ith_bit_bool(v: u64, i: u8) -> bool { v & (1 << i) != 0 } /// This function computes the n-bit binary representation `a_L` of input value /// `v` The vector `a_R` is the bit-wise negation of `a_L` #[allow(non_snake_case)] -fn a_L_a_R(v: u64, n: u8) -> (Vec, Vec) { +fn a_L_a_R(v: u64, n: u8) -> (Vec, Vec) { let mut a_L = Vec::with_capacity(usize::from(n)); let mut a_R = Vec::with_capacity(usize::from(n)); for i in 0..n { @@ -63,7 +64,7 @@ fn a_L_a_R(v: u64, n: u8) -> (Vec, Vec) { /// This could use the next `z_vec` function, but for efficiency it implements /// the special-case logic for doubling directly. #[allow(non_snake_case)] -fn two_n_vec(n: u8) -> Vec { +fn two_n_vec(n: u8) -> Vec { let mut two_n = Vec::with_capacity(usize::from(n)); let mut two_i = F::one(); for _ in 0..n { @@ -92,7 +93,7 @@ pub fn prove_given_scalars( let mut v_integers = Vec::with_capacity(v_vec.len()); for &v in v_vec { let rep = v.into_repr(); - let r = rep.as_ref()[0]; + let r = rep[0]; v_integers.push(r); } diff --git a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs index 02c996714..89dd09954 100644 --- a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs @@ -2,12 +2,13 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve}, + curve_arithmetic::{ + multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, PrimeField, + }, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, }; -use ff::Field; use rand::*; use std::{convert::TryInto, iter::once}; @@ -54,7 +55,7 @@ pub enum ProverError { /// Note: For multisets this function only sets the first hit to one, to allow /// set membership proofs in multisets. #[allow(non_snake_case)] -fn a_L_a_R(v: &F, set_slice: &[F]) -> Option<(Vec, Vec)> { +fn a_L_a_R(v: &F, set_slice: &[F]) -> Option<(Vec, Vec)> { let n = set_slice.len(); let mut a_L = Vec::with_capacity(n); let mut a_R = Vec::with_capacity(n); diff --git a/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs b/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs index 809047778..c99f24496 100644 --- a/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs @@ -2,12 +2,11 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve}, + curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field}, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, }; -use ff::Field; use rand::*; use std::iter::once; diff --git a/rust-src/concordium_base/src/bulletproofs/utils.rs b/rust-src/concordium_base/src/bulletproofs/utils.rs index cea1224fe..0f5060715 100644 --- a/rust-src/concordium_base/src/bulletproofs/utils.rs +++ b/rust-src/concordium_base/src/bulletproofs/utils.rs @@ -1,6 +1,8 @@ //! Shared functions used by the proofs in this crate -use crate::{common::*, curve_arithmetic::Curve}; -use ff::Field; +use crate::{ + common::*, + curve_arithmetic::{Curve, PrimeField}, +}; #[cfg(test)] use rand::Rng; /// Struct containing generators G and H needed for range proofs @@ -43,7 +45,7 @@ impl Generators { /// - z - the field element z /// - first_power - the first power j /// - n - the integer n. -pub fn z_vec(z: F, first_power: u64, n: usize) -> Vec { +pub fn z_vec(z: F, first_power: u64, n: usize) -> Vec { let mut z_n = Vec::with_capacity(n); let exp: [u64; 1] = [first_power]; let mut z_i = z.pow(exp); @@ -56,7 +58,7 @@ pub fn z_vec(z: F, first_power: u64, n: usize) -> Vec { /// Pads a non-empty field vector to a power of two length by repeating the last /// element For empty vectors the function is the identity. -pub(crate) fn pad_vector_to_power_of_two(vec: &mut Vec) { +pub(crate) fn pad_vector_to_power_of_two(vec: &mut Vec) { let n = vec.len(); if n == 0 { return; diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 321fcfa94..a51bd14ee 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -1,11 +1,10 @@ use super::{bls12_381_g1hash::*, bls12_381_g2hash::*, *}; use byteorder::ReadBytesExt; -use ff::{Field, PrimeField}; use group::{CurveAffine, CurveProjective, EncodedPoint}; use pairing::{ bls12_381::{ - Bls12, Fr, FrRepr, G1Affine, G1Compressed, G1Prepared, G2Affine, G2Compressed, G2Prepared, - G1, G2, + Bls12, Fq, FqRepr, Fr, FrRepr, G1Affine, G1Compressed, G1Prepared, G2Affine, G2Compressed, + G2Prepared, G1, G2, }, Engine, PairingCurveAffine, }; @@ -26,7 +25,75 @@ fn scalar_from_bytes_helper>(bytes: A) -> Fr { } // unset two topmost bits in the last read u64. fr[3] &= !(1u64 << 63 | 1u64 << 62); - Fr::from_repr(FrRepr(fr)).expect("The scalar with top two bits erased should be valid.") + ::from_repr(FrRepr(fr)) + .expect("The scalar with top two bits erased should be valid.") +} + +impl Field for F { + fn random(rng: &mut R) -> Self { Self::random(rng) } + + fn zero() -> Self { Self::zero() } + + fn one() -> Self { Self::one() } + + fn is_zero(&self) -> bool { Self::is_zero(self) } + + fn square(&mut self) { self.square() } + + fn double(&mut self) { self.double() } + + fn negate(&mut self) { self.negate() } + + fn add_assign(&mut self, other: &Self) { self.add_assign(other) } + + fn sub_assign(&mut self, other: &Self) { self.sub_assign(other) } + + fn mul_assign(&mut self, other: &Self) { self.mul_assign(other) } + + fn inverse(&self) -> Option { self.inverse() } + + fn frobenius_map(&mut self, power: usize) { self.frobenius_map(power) } +} + +impl From for CurveDecodingError { + fn from(e: ff::PrimeFieldDecodingError) -> Self { + let ff::PrimeFieldDecodingError::NotInField(msg) = e; + CurveDecodingError::NotInField(msg) + } +} + +impl PrimeField for Fr { + // TODO: check this. + const CAPACITY: u32 = 64 * 4; + // TODO: check this. + const NUM_BITS: u32 = 64 * 4; + + fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } + + fn from_repr(limbs: &[u64]) -> Result { + let l4: [u64; 4] = limbs + .try_into() + .map_err(|_| CurveDecodingError::NotInField(format!("{:?}", limbs)))?; + let res = ::from_repr(FrRepr(l4))?; + Ok(res) + } +} + +impl PrimeField for Fq { + // TODO: check this. + const CAPACITY: u32 = 64 * 6; + // TODO: check this. + const NUM_BITS: u32 = 64 * 6; + + fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } + + fn from_repr(limbs: &[u64]) -> Result { + let l6: [u64; 6] = limbs + .try_into() + .map_err(|_| CurveDecodingError::NotInField(format!("{:?}", limbs)))?; + let res = ::from_repr(FqRepr(l6))?; + Ok(res) + } } impl Curve for G2 { @@ -74,7 +141,7 @@ impl Curve for G2 { #[inline(always)] fn scalar_from_u64(n: u64) -> Self::Scalar { - Fr::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") + ::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") } #[inline(always)] @@ -90,7 +157,7 @@ impl Curve for G2 { fn generate(csprng: &mut T) -> Self { G2::random(csprng) } - fn generate_scalar(csprng: &mut T) -> Self::Scalar { Fr::random(csprng) } + fn generate_scalar(csprng: &mut T) -> Self::Scalar { ::random(csprng) } fn hash_to_group(b: &[u8]) -> Self { hash_to_curve_g2(b, HASH_TO_GROUP_G2_DST) } } @@ -140,7 +207,7 @@ impl Curve for G1 { #[inline(always)] fn scalar_from_u64(n: u64) -> Self::Scalar { - Fr::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") + ::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") } #[inline(always)] @@ -156,7 +223,7 @@ impl Curve for G1 { fn generate(csprng: &mut T) -> Self { G1::random(csprng) } - fn generate_scalar(csprng: &mut T) -> Self::Scalar { Fr::random(csprng) } + fn generate_scalar(csprng: &mut T) -> Self::Scalar { ::random(csprng) } fn hash_to_group(bytes: &[u8]) -> Self { hash_to_curve(bytes, HASH_TO_GROUP_G1_DST) } } @@ -203,7 +270,7 @@ impl Curve for G1Affine { } fn scalar_from_u64(n: u64) -> Self::Scalar { - Fr::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") + ::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") } #[inline(always)] @@ -219,7 +286,7 @@ impl Curve for G1Affine { fn generate(csprng: &mut T) -> Self { G1::random(csprng).into_affine() } - fn generate_scalar(csprng: &mut T) -> Self::Scalar { Fr::random(csprng) } + fn generate_scalar(csprng: &mut T) -> Self::Scalar { ::random(csprng) } fn hash_to_group(b: &[u8]) -> Self { hash_to_curve(b, HASH_TO_GROUP_G1_DST).into_affine() } } @@ -266,7 +333,7 @@ impl Curve for G2Affine { } fn scalar_from_u64(n: u64) -> Self::Scalar { - Fr::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") + ::from_repr(FrRepr::from(n)).expect("Every u64 is representable.") } #[inline(always)] @@ -282,13 +349,12 @@ impl Curve for G2Affine { fn generate(csprng: &mut T) -> Self { G2::random(csprng).into_affine() } - fn generate_scalar(csprng: &mut T) -> Self::Scalar { Fr::random(csprng) } + fn generate_scalar(csprng: &mut T) -> Self::Scalar { ::random(csprng) } fn hash_to_group(b: &[u8]) -> Self { hash_to_curve_g2(b, HASH_TO_GROUP_G2_DST).into_affine() } } impl Pairing for Bls12 { - type BaseField = ::Fq; type G1 = ::G1; type G1Prepared = G1Prepared; type G2 = ::G2; @@ -329,13 +395,13 @@ mod tests { fn scalar_from_bytes_small() { let mut rng = rand::thread_rng(); for _ in 0..1000 { - let n = Fr::random(&mut rng); + let n = ::random(&mut rng); let mut bytes = to_bytes(&n); bytes.reverse(); let m = scalar_from_bytes_helper(&bytes); // make sure that n and m only differ in the topmost bit. - let n = n.into_repr().0; - let m = m.into_repr().0; + let n = n.into_repr(); + let m = m.into_repr(); let mask = !(1u64 << 63 | 1u64 << 62); assert_eq!(n[0], m[0], "First limb."); assert_eq!(n[1], m[1], "Second limb."); diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index a6464b9ef..b925c87fc 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -9,7 +9,7 @@ pub use secret_value::{Secret, Value}; use crate::common::{Serial, Serialize}; use byteorder::ReadBytesExt; -use ff::{Field, PrimeField}; +use core::fmt; use rand::*; use std::{borrow::Borrow, fmt::Debug}; use thiserror::Error; @@ -18,6 +18,85 @@ use thiserror::Error; pub enum CurveDecodingError { #[error("Not a point on the curve.")] NotOnCurve, + #[error("{0} is not a field element.")] + NotInField(String), +} + +/// This trait represents an element of a field. +pub trait Field: + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display + 'static { + /// Returns an element chosen uniformly at random using a user-provided RNG. + fn random(rng: &mut R) -> Self; + + /// Returns the zero element of the field, the additive identity. + fn zero() -> Self; + + /// Returns the one element of the field, the multiplicative identity. + fn one() -> Self; + + /// Returns true iff this element is zero. + fn is_zero(&self) -> bool; + + /// Squares this element. + fn square(&mut self); + + /// Doubles this element. + fn double(&mut self); + + /// Negates this element. + fn negate(&mut self); + + /// Adds another element to this element. + fn add_assign(&mut self, other: &Self); + + /// Subtracts another element from this element. + fn sub_assign(&mut self, other: &Self); + + /// Multiplies another element by this element. + fn mul_assign(&mut self, other: &Self); + + /// Computes the multiplicative inverse of this element, if nonzero. + fn inverse(&self) -> Option; + + /// Exponentiates this element by a power of the base prime modulus via + /// the Frobenius automorphism. + fn frobenius_map(&mut self, power: usize); + + /// Exponentiates this element by a number represented with `u64` limbs, + /// least significant digit first. + fn pow>(&self, exp: S) -> Self { + let mut res = Self::one(); + + let mut found_one = false; + + for i in ff::BitIterator::new(exp) { + if found_one { + res.square(); + } else { + found_one = i; + } + + if i { + res.mul_assign(self); + } + } + + res + } +} + +pub trait PrimeField: Field { + /// How many bits are needed to represent an element of this field. + const NUM_BITS: u32; + + /// How many bits of information can be reliably stored in the field + /// element. + const CAPACITY: u32; + + fn into_repr(self) -> Vec; + + /// Convert this prime field element into a biginteger representation. + fn from_repr(_: &[u64]) -> Result; } /// A relatively large trait that covers what is needed to perform constructions @@ -27,7 +106,7 @@ pub enum CurveDecodingError { pub trait Curve: Serialize + Copy + Clone + Sized + Send + Sync + Debug + PartialEq + Eq + 'static { /// The prime field of the group order size. - type Scalar: PrimeField + Field + Serialize; + type Scalar: PrimeField + Serialize; /// Size in bytes of elements of the [Curve::Scalar] field. const SCALAR_LENGTH: usize; /// Size in bytes of group elements when serialized. @@ -95,8 +174,6 @@ pub trait Pairing: Sized + 'static + Clone { type G1Prepared; /// An auxiliary type that is used as an input to the pairing function. type G2Prepared; - /// Field of the size of G1 and G2. - type BaseField: PrimeField; /// The target of the pairing function. The pairing function actually maps /// to a subgroup of the same order as G1 and G2, but this subgroup is /// not exposed here and is generally not useful. It is subgroup of the @@ -236,7 +313,7 @@ pub fn multiexp_worker_given_table( let mut v = Vec::new(); let mut c = *c; while !c.is_zero() { - let limb = c.into_repr().as_ref()[0]; + let limb = c.into_repr()[0]; // if the first bit is set if limb & 1 == 1 { let u = limb & mask; diff --git a/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs b/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs index 2c6b44226..e0683c352 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs @@ -3,7 +3,6 @@ //! A thin wrapper around a scalar to indicate that it is a secret value. use crate::{common::*, curve_arithmetic::*}; -use ff::Field; use rand::*; use std::{ ops::{Deref, Drop}, @@ -15,23 +14,23 @@ use std::{ /// A generic wrapper for a secret that implements a zeroize on drop. /// Other types are expected to wrap this in more convenient interfaces. /// Ideally the constraint would be Default, but fields we have do not implement -/// it, so we cannot use it at the moment. Hence the temporary hack of 'F: -/// Field'. +/// it, so we cannot use it at the moment. Hence the temporary hack of 'T: +/// PrimeField'. #[repr(transparent)] #[derive(Debug, PartialEq, Eq, Serialize)] -pub struct Secret { +pub struct Secret { secret: T, } -impl Secret { +impl Secret { pub fn new(secret: F) -> Self { Secret { secret } } } -impl AsRef for Secret { +impl AsRef for Secret { fn as_ref(&self) -> &F { &self.secret } } -impl Deref for Secret { +impl Deref for Secret { type Target = F; fn deref(&self) -> &Self::Target { &self.secret } @@ -40,7 +39,7 @@ impl Deref for Secret { // This works for our current fields since they are arrays // But in the future we need to revisit, especially if our // upstream dependencies decide to implement drop themselves. -impl Drop for Secret { +impl Drop for Secret { fn drop(&mut self) { // This implementation is what the Zeroize trait implementations do. // It protects against most reorderings by the compiler. diff --git a/rust-src/concordium_base/src/dodis_yampolskiy_prf/secret.rs b/rust-src/concordium_base/src/dodis_yampolskiy_prf/secret.rs index 888c1a779..ed51efe9d 100644 --- a/rust-src/concordium_base/src/dodis_yampolskiy_prf/secret.rs +++ b/rust-src/concordium_base/src/dodis_yampolskiy_prf/secret.rs @@ -3,9 +3,8 @@ use super::errors::{InternalError::DivisionByZero, *}; use crate::{ common::*, - curve_arithmetic::{Curve, Secret, Value}, + curve_arithmetic::{Curve, Field, Secret, Value}, }; -use ff::Field; use rand::*; use std::rc::Rc; diff --git a/rust-src/concordium_base/src/elgamal/mod.rs b/rust-src/concordium_base/src/elgamal/mod.rs index 111b8a638..965943f04 100644 --- a/rust-src/concordium_base/src/elgamal/mod.rs +++ b/rust-src/concordium_base/src/elgamal/mod.rs @@ -8,8 +8,7 @@ mod secret; pub use self::{cipher::*, message::*, public::*, secret::*}; -use crate::curve_arithmetic::{Curve, Value}; -use ff::{Field, PrimeField}; +use crate::curve_arithmetic::{Curve, Field, PrimeField, Value}; use rand::*; /// Possible chunk sizes in bits. @@ -93,9 +92,8 @@ pub fn value_to_chunks(val: &C::Scalar, chunk_size: ChunkSize) -> Vec< let size = usize::from(u8::from(chunk_size)); let n = C::SCALAR_LENGTH / size; let mut out = Vec::with_capacity(n); - let repr = val.into_repr(); - let u64_chunks = repr.as_ref(); - for &chunk in u64_chunks { + let u64_chunks = val.into_repr(); + for chunk in u64_chunks { out.extend( chunk_size .u64_to_chunks(chunk) @@ -123,7 +121,7 @@ pub fn chunks_to_value(chunks: &[Value], chunk_size: ChunkSize) -> // get the u64 encoded in this chunk section let v = chunk_size.chunks_to_u64(chunk_section.iter().map(|chunk| { let repr = chunk.into_repr(); - repr.as_ref()[0] + repr[0] })); let mut val = C::scalar_from_u64(v); val.mul_assign(&factor); @@ -210,7 +208,6 @@ pub fn decrypt_from_chunks_given_table( #[cfg(test)] mod tests { use super::*; - use ff::Field; use pairing::bls12_381::{G1, G2}; use rand::{rngs::ThreadRng, Rng}; diff --git a/rust-src/concordium_base/src/elgamal/secret.rs b/rust-src/concordium_base/src/elgamal/secret.rs index 492e0c0fa..edb1c2ad2 100644 --- a/rust-src/concordium_base/src/elgamal/secret.rs +++ b/rust-src/concordium_base/src/elgamal/secret.rs @@ -4,10 +4,9 @@ use super::{cipher::*, message::*}; use crate::{ common::*, - curve_arithmetic::{Curve, Value}, + curve_arithmetic::{Curve, Field, Value}, }; use anyhow::{bail, Result}; -use ff::Field; use rand::*; use std::collections::HashMap; @@ -127,9 +126,9 @@ impl SecretKey { pub fn decrypt_exponent_slow(&self, c: &Cipher) -> Value { let m = self.decrypt(c).value; - let mut a = ::zero(); + let mut a = C::Scalar::zero(); let mut i = C::zero_point(); - let field_one = ::one(); + let field_one = C::Scalar::one(); while m != i { i = i.plus_point(&self.generator); a.add_assign(&field_one); diff --git a/rust-src/concordium_base/src/id/account_holder.rs b/rust-src/concordium_base/src/id/account_holder.rs index 77d4746eb..358a8d48d 100644 --- a/rust-src/concordium_base/src/id/account_holder.rs +++ b/rust-src/concordium_base/src/id/account_holder.rs @@ -7,7 +7,7 @@ use crate::{ range_proof::{prove_given_scalars as bulletprove, prove_less_than_or_equal, RangeProof}, }, common::types::TransactionTime, - curve_arithmetic::{Curve, Pairing}, + curve_arithmetic::{Curve, Field, Pairing}, dodis_yampolskiy_prf as prf, elgamal::{multicombine, Cipher}, pedersen_commitment::{ @@ -19,7 +19,6 @@ use crate::{ }, }; use anyhow::{bail, ensure}; -use ff::Field; use itertools::izip; use rand::*; use std::collections::{btree_map::BTreeMap, hash_map::HashMap, BTreeSet}; @@ -400,7 +399,8 @@ fn generate_pio_common<'a, P: Pairing, C: Curve, R: ran let u8_chunk_size = u8::from(CHUNK_SIZE); let two_chunksize = C::scalar_from_u64(1 << u8_chunk_size); let mut power_of_two = C::Scalar::one(); - let mut scalars = Vec::with_capacity(item.encrypted_share.len()); + let mut scalars: Vec<

::ScalarField> = + Vec::with_capacity(item.encrypted_share.len()); for _ in 0..item.encrypted_share.len() { scalars.push(power_of_two); power_of_two.mul_assign(&two_chunksize); diff --git a/rust-src/concordium_base/src/id/id_verifier.rs b/rust-src/concordium_base/src/id/id_verifier.rs index d1dce9095..9114a9e86 100644 --- a/rust-src/concordium_base/src/id/id_verifier.rs +++ b/rust-src/concordium_base/src/id/id_verifier.rs @@ -13,14 +13,13 @@ use crate::bulletproofs::{ use super::id_proof_types::*; use crate::{ - curve_arithmetic::Curve, + curve_arithmetic::{Curve, Field}, pedersen_commitment::{ Commitment, CommitmentKey as PedersenKey, Randomness as PedersenRandomness, Value, }, random_oracle::RandomOracle, sigma_protocols::{common::verify as sigma_verify, dlog::Dlog}, }; -use ff::Field; use sha2::{Digest, Sha256}; /// Function for opening an attribute inside a commitment. The arguments are diff --git a/rust-src/concordium_base/src/id/identity_provider.rs b/rust-src/concordium_base/src/id/identity_provider.rs index fa63f74be..e0b7fdfa8 100644 --- a/rust-src/concordium_base/src/id/identity_provider.rs +++ b/rust-src/concordium_base/src/id/identity_provider.rs @@ -4,13 +4,12 @@ use super::{id_proof_types::ProofVersion, secret_sharing::Threshold, types::*, u use crate::{ bulletproofs::range_proof::verify_efficient, common::{to_bytes, types::TransactionTime}, - curve_arithmetic::{multiexp, Curve, Pairing}, + curve_arithmetic::{multiexp, Curve, Field, Pairing}, elgamal::multicombine, pedersen_commitment::{Commitment, CommitmentKey}, random_oracle::RandomOracle, sigma_protocols::{com_enc_eq, com_eq, com_eq_different_groups, common::*, dlog}, }; -use ff::Field; use rand::*; use sha2::{Digest, Sha256}; use std::collections::{BTreeMap, BTreeSet}; diff --git a/rust-src/concordium_base/src/id/secret_sharing.rs b/rust-src/concordium_base/src/id/secret_sharing.rs index 6af02d569..6188a5ca1 100644 --- a/rust-src/concordium_base/src/id/secret_sharing.rs +++ b/rust-src/concordium_base/src/id/secret_sharing.rs @@ -1,7 +1,10 @@ //! Implementation of Shamir secret sharing. -use crate::{common::*, curve_arithmetic::*, pedersen_commitment::Value as PedersenValue}; +use crate::{ + common::*, + curve_arithmetic::{Curve, Field}, + pedersen_commitment::Value as PedersenValue, +}; use anyhow::bail; -use ff::Field; use rand::*; use serde_json::{json, Value}; use std::convert::TryFrom; diff --git a/rust-src/concordium_base/src/id/types.rs b/rust-src/concordium_base/src/id/types.rs index d7e6c4cc6..8723232a2 100644 --- a/rust-src/concordium_base/src/id/types.rs +++ b/rust-src/concordium_base/src/id/types.rs @@ -32,7 +32,6 @@ use derive_more::*; use ed25519_dalek as ed25519; use ed25519_dalek::Verifier; use either::Either; -use ff::Field; use hex::{decode, encode}; use serde::{ de, de::Visitor, ser::SerializeMap, Deserialize as SerdeDeserialize, Deserializer, @@ -365,7 +364,7 @@ impl From for AttributeTag { /// The meaning of attributes is then assigned at the outer layers when the /// library is used. In order to make the library as generic (and ultimately /// simple) as possible this trait is used. -pub trait Attribute: +pub trait Attribute: Clone + Sized + Send + Sync + fmt::Display + Serialize + Ord { /// Convert an attribute to a field element fn to_field_element(&self) -> F; @@ -550,7 +549,7 @@ impl From for u32 { ))] /// An attribute list that is part of a normal credential. It consists of some /// mandatory attributes and some user selected attributes. -pub struct AttributeList> { +pub struct AttributeList> { #[serde(rename = "validTo")] /// The latest month and year where the credential is still valid. pub valid_to: YearMonth, @@ -573,7 +572,7 @@ pub struct AttributeList> { pub _phantom: std::marker::PhantomData, } -impl> HasAttributeValues +impl> HasAttributeValues for AttributeList { fn get_attribute_value(&self, attribute_tag: &AttributeTag) -> Option<&AttributeType> { @@ -2522,11 +2521,11 @@ impl< } } -pub trait HasAttributeValues> { +pub trait HasAttributeValues> { fn get_attribute_value(&self, attribute_tag: &TagType) -> Option<&AttributeType>; } -impl> +impl> HasAttributeValues for BTreeMap { fn get_attribute_value(&self, attribute_tag: &TagType) -> Option<&AttributeType> { diff --git a/rust-src/concordium_base/src/id/utils.rs b/rust-src/concordium_base/src/id/utils.rs index 1d7e0f6ba..5e7bbdd58 100644 --- a/rust-src/concordium_base/src/id/utils.rs +++ b/rust-src/concordium_base/src/id/utils.rs @@ -7,14 +7,13 @@ use crate::{ types::{KeyIndex, TransactionTime}, ParseResult, }, - curve_arithmetic::{multiexp, Curve, Pairing, Value}, + curve_arithmetic::{multiexp, Curve, Field, Pairing, PrimeField, Value}, elgamal::*, pedersen_commitment::Commitment, }; use anyhow::bail; use ed25519_dalek::Verifier; use either::Either; -use ff::{Field, PrimeField}; use rand::*; use sha2::{Digest, Sha256}; use std::collections::{btree_map::BTreeMap, BTreeSet}; @@ -43,7 +42,7 @@ pub fn commitment_to_share( /// Interpret the array as coefficients of a polynomial starting at 0, /// and evaluate the polynomial at the given point. -pub fn evaluate_poly>(coeffs: &[R], point: &F) -> F { +pub fn evaluate_poly>(coeffs: &[R], point: &F) -> F { let mut eval: F = F::zero(); // Horner's scheme at point point for rand in coeffs.iter().rev() { @@ -128,8 +127,8 @@ pub fn encode_tags<'a, F: PrimeField, I: std::iter::IntoIterator(ars: &BTreeSet) -> Option> { } else { u64::from(ar_id) << 32 }; - f.as_mut()[i / 2] |= x; + f[i / 2] |= x; } - let mut scalar = F::from_repr(f).ok()?; + let mut scalar = F::from_repr(f.as_slice()).ok()?; // shift one bit left. scalar.mul_assign(&two); scalars.push(scalar) @@ -213,10 +212,10 @@ pub fn encode_public_credential_values( let ca: u32 = created_at.into(); let vt: u32 = valid_to.into(); let s = u64::from(vt) << 32 | u64::from(ca); - f.as_mut()[0] = s; // limbs in as_mut are little endian. + f[0] = s; // limbs are little endian. let threshold: u8 = threshold.into(); - f.as_mut()[1] = u64::from(threshold); - Ok(F::from_repr(f)?) + f[1] = u64::from(threshold); + Ok(F::from_repr(f.as_slice())?) } /// This function verifies that the signature inside diff --git a/rust-src/concordium_base/src/pedersen_commitment/randomness.rs b/rust-src/concordium_base/src/pedersen_commitment/randomness.rs index 7f72e13b5..dae67094e 100644 --- a/rust-src/concordium_base/src/pedersen_commitment/randomness.rs +++ b/rust-src/concordium_base/src/pedersen_commitment/randomness.rs @@ -5,8 +5,6 @@ use crate::{common::*, curve_arithmetic::*}; -use ff::Field; - use rand::*; use std::ops::Deref; diff --git a/rust-src/concordium_base/src/ps_sig/secret.rs b/rust-src/concordium_base/src/ps_sig/secret.rs index acd2cad08..17a07d9a5 100644 --- a/rust-src/concordium_base/src/ps_sig/secret.rs +++ b/rust-src/concordium_base/src/ps_sig/secret.rs @@ -10,8 +10,6 @@ use super::{ }; use crate::{common::*, curve_arithmetic::*}; -use ff::Field; - use rand::*; /// A secret key diff --git a/rust-src/concordium_base/src/sigma_protocols/aggregate_dlog.rs b/rust-src/concordium_base/src/sigma_protocols/aggregate_dlog.rs index 2190c81fd..6890df4ed 100644 --- a/rust-src/concordium_base/src/sigma_protocols/aggregate_dlog.rs +++ b/rust-src/concordium_base/src/sigma_protocols/aggregate_dlog.rs @@ -7,10 +7,9 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, random_oracle::{Challenge, RandomOracle}, }; -use ff::Field; use itertools::izip; use std::rc::Rc; diff --git a/rust-src/concordium_base/src/sigma_protocols/com_enc_eq.rs b/rust-src/concordium_base/src/sigma_protocols/com_enc_eq.rs index 378561d67..920c42d46 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_enc_eq.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_enc_eq.rs @@ -7,14 +7,13 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, elgamal::{ Cipher as ElGamalCipher, PublicKey as ElGamalPublicKey, Randomness as ElgamalRandomness, }, pedersen_commitment::{Commitment, CommitmentKey, Randomness as PedersenRandomness, Value}, random_oracle::RandomOracle, }; -use ff::Field; use rand::*; #[derive(Debug)] diff --git a/rust-src/concordium_base/src/sigma_protocols/com_eq.rs b/rust-src/concordium_base/src/sigma_protocols/com_eq.rs index 22c4b069e..95c9b82e6 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_eq.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_eq.rs @@ -11,11 +11,10 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, pedersen_commitment::{Commitment, CommitmentKey, Randomness, Value}, random_oracle::RandomOracle, }; -use ff::Field; #[derive(Clone, Debug, Eq, PartialEq, Serialize, SerdeBase16Serialize)] pub struct Response { diff --git a/rust-src/concordium_base/src/sigma_protocols/com_eq_different_groups.rs b/rust-src/concordium_base/src/sigma_protocols/com_eq_different_groups.rs index c3706740f..960a40bfd 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_eq_different_groups.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_eq_different_groups.rs @@ -6,11 +6,10 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, pedersen_commitment::{Commitment, CommitmentKey, Randomness, Value}, random_oracle::RandomOracle, }; -use ff::Field; use rand::*; #[derive(Debug)] diff --git a/rust-src/concordium_base/src/sigma_protocols/com_eq_sig.rs b/rust-src/concordium_base/src/sigma_protocols/com_eq_sig.rs index 744826f12..ddd414619 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_eq_sig.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_eq_sig.rs @@ -15,7 +15,6 @@ use crate::{ ps_sig::{BlindedSignature, BlindingRandomness, PublicKey as PsSigPublicKey}, random_oracle::RandomOracle, }; -use ff::Field; use itertools::izip; use rand::*; diff --git a/rust-src/concordium_base/src/sigma_protocols/com_ineq.rs b/rust-src/concordium_base/src/sigma_protocols/com_ineq.rs index 2f0fe3fdb..12a92895c 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_ineq.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_ineq.rs @@ -16,11 +16,10 @@ use super::{ }; use crate::{ common::*, - curve_arithmetic::Curve, + curve_arithmetic::{Curve, Field}, pedersen_commitment::{Commitment, CommitmentKey, Randomness, Value}, random_oracle::RandomOracle, }; -use ff::Field; #[derive(Debug, Clone, Eq, PartialEq, Serialize)] pub struct Response { diff --git a/rust-src/concordium_base/src/sigma_protocols/com_lin.rs b/rust-src/concordium_base/src/sigma_protocols/com_lin.rs index 89d5dc866..217d2f5bc 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_lin.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_lin.rs @@ -7,11 +7,10 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, pedersen_commitment::{Commitment, CommitmentKey, Randomness, Value}, random_oracle::{Challenge, RandomOracle}, }; -use ff::Field; use itertools::izip; pub struct ComLinSecret { diff --git a/rust-src/concordium_base/src/sigma_protocols/com_mult.rs b/rust-src/concordium_base/src/sigma_protocols/com_mult.rs index 5f784c345..538a6c4e8 100644 --- a/rust-src/concordium_base/src/sigma_protocols/com_mult.rs +++ b/rust-src/concordium_base/src/sigma_protocols/com_mult.rs @@ -6,11 +6,10 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, pedersen_commitment::{Commitment, CommitmentKey, Randomness, Value}, random_oracle::{Challenge, RandomOracle}, }; -use ff::Field; use itertools::izip; pub struct ComMultSecret { diff --git a/rust-src/concordium_base/src/sigma_protocols/dlog.rs b/rust-src/concordium_base/src/sigma_protocols/dlog.rs index 0ed2070f1..5d8949bc9 100644 --- a/rust-src/concordium_base/src/sigma_protocols/dlog.rs +++ b/rust-src/concordium_base/src/sigma_protocols/dlog.rs @@ -5,10 +5,9 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{Curve, Value}, + curve_arithmetic::{Curve, Field, Value}, random_oracle::{Challenge, RandomOracle}, }; -use ff::Field; pub struct Dlog { /// Evaluated point. diff --git a/rust-src/concordium_base/src/sigma_protocols/dlogaggequal.rs b/rust-src/concordium_base/src/sigma_protocols/dlogaggequal.rs index 21aed59eb..ede9fc3d0 100644 --- a/rust-src/concordium_base/src/sigma_protocols/dlogaggequal.rs +++ b/rust-src/concordium_base/src/sigma_protocols/dlogaggequal.rs @@ -8,11 +8,10 @@ use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, random_oracle::{Challenge, RandomOracle}, sigma_protocols::{aggregate_dlog::*, common::*, dlog::*}, }; -use ff::Field; use itertools::izip; use std::rc::Rc; diff --git a/rust-src/concordium_base/src/sigma_protocols/enc_trans.rs b/rust-src/concordium_base/src/sigma_protocols/enc_trans.rs index 9f702492b..5efc601e7 100644 --- a/rust-src/concordium_base/src/sigma_protocols/enc_trans.rs +++ b/rust-src/concordium_base/src/sigma_protocols/enc_trans.rs @@ -54,13 +54,12 @@ use super::{ }; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, elgamal::ChunkSize, encrypted_transfers::types::CHUNK_SIZE, pedersen_commitment::{Randomness as PedersenRandomness, Value}, random_oracle::{Challenge, RandomOracle}, }; -use ff::Field; use itertools::izip; use std::rc::Rc; diff --git a/rust-src/concordium_base/src/sigma_protocols/vcom_eq.rs b/rust-src/concordium_base/src/sigma_protocols/vcom_eq.rs index 2bf219327..6198c8640 100644 --- a/rust-src/concordium_base/src/sigma_protocols/vcom_eq.rs +++ b/rust-src/concordium_base/src/sigma_protocols/vcom_eq.rs @@ -6,11 +6,10 @@ use super::common::*; use crate::{ common::*, - curve_arithmetic::{multiexp, Curve}, + curve_arithmetic::{multiexp, Curve, Field}, pedersen_commitment::{Commitment, Value}, random_oracle::{Challenge, RandomOracle}, }; -use ff::Field; use itertools::izip; use std::collections::BTreeMap; From 3324f36e0a2e0e38e97bcb2e7a10f1b45c095c9b Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Thu, 5 Oct 2023 16:42:45 +0200 Subject: [PATCH 02/45] Do not use PrimeField where Field is enough --- .../src/bulletproofs/inner_product_proof.rs | 4 ++-- .../concordium_base/src/bulletproofs/range_proof.rs | 6 +++--- .../src/bulletproofs/set_membership_proof.rs | 5 ++--- rust-src/concordium_base/src/bulletproofs/utils.rs | 6 +++--- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 1 + .../src/curve_arithmetic/secret_value.rs | 12 ++++++------ rust-src/concordium_base/src/id/types.rs | 10 +++++----- rust-src/concordium_base/src/id/utils.rs | 2 +- 8 files changed, 23 insertions(+), 23 deletions(-) diff --git a/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs b/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs index a1b625e0f..7addcb249 100644 --- a/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/inner_product_proof.rs @@ -2,7 +2,7 @@ //! this crate use crate::{ common::*, - curve_arithmetic::{multiexp, Curve, Field, PrimeField}, + curve_arithmetic::{multiexp, Curve, Field}, random_oracle::RandomOracle, }; @@ -441,7 +441,7 @@ pub(crate) fn verify_inner_product_with_scalars( /// the result is the inner product of the initial segments determined by the /// length of the shorter vector. #[allow(non_snake_case)] -pub fn inner_product(a: &[F], b: &[F]) -> F { +pub fn inner_product(a: &[F], b: &[F]) -> F { debug_assert_eq!( a.len(), b.len(), diff --git a/rust-src/concordium_base/src/bulletproofs/range_proof.rs b/rust-src/concordium_base/src/bulletproofs/range_proof.rs index cbe666677..68e7275a0 100644 --- a/rust-src/concordium_base/src/bulletproofs/range_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/range_proof.rs @@ -3,7 +3,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, curve_arithmetic::{ - multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, PrimeField, Value, + multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, Value, PrimeField, }, id::id_proof_types::ProofVersion, pedersen_commitment::*, @@ -43,7 +43,7 @@ fn ith_bit_bool(v: u64, i: u8) -> bool { v & (1 << i) != 0 } /// This function computes the n-bit binary representation `a_L` of input value /// `v` The vector `a_R` is the bit-wise negation of `a_L` #[allow(non_snake_case)] -fn a_L_a_R(v: u64, n: u8) -> (Vec, Vec) { +fn a_L_a_R(v: u64, n: u8) -> (Vec, Vec) { let mut a_L = Vec::with_capacity(usize::from(n)); let mut a_R = Vec::with_capacity(usize::from(n)); for i in 0..n { @@ -64,7 +64,7 @@ fn a_L_a_R(v: u64, n: u8) -> (Vec, Vec) { /// This could use the next `z_vec` function, but for efficiency it implements /// the special-case logic for doubling directly. #[allow(non_snake_case)] -fn two_n_vec(n: u8) -> Vec { +fn two_n_vec(n: u8) -> Vec { let mut two_n = Vec::with_capacity(usize::from(n)); let mut two_i = F::one(); for _ in 0..n { diff --git a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs index 89dd09954..fdb32df64 100644 --- a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs @@ -3,8 +3,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, curve_arithmetic::{ - multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, PrimeField, - }, + multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, }, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, @@ -55,7 +54,7 @@ pub enum ProverError { /// Note: For multisets this function only sets the first hit to one, to allow /// set membership proofs in multisets. #[allow(non_snake_case)] -fn a_L_a_R(v: &F, set_slice: &[F]) -> Option<(Vec, Vec)> { +fn a_L_a_R(v: &F, set_slice: &[F]) -> Option<(Vec, Vec)> { let n = set_slice.len(); let mut a_L = Vec::with_capacity(n); let mut a_R = Vec::with_capacity(n); diff --git a/rust-src/concordium_base/src/bulletproofs/utils.rs b/rust-src/concordium_base/src/bulletproofs/utils.rs index 0f5060715..25d6125f2 100644 --- a/rust-src/concordium_base/src/bulletproofs/utils.rs +++ b/rust-src/concordium_base/src/bulletproofs/utils.rs @@ -1,7 +1,7 @@ //! Shared functions used by the proofs in this crate use crate::{ common::*, - curve_arithmetic::{Curve, PrimeField}, + curve_arithmetic::{Curve, Field}, }; #[cfg(test)] use rand::Rng; @@ -45,7 +45,7 @@ impl Generators { /// - z - the field element z /// - first_power - the first power j /// - n - the integer n. -pub fn z_vec(z: F, first_power: u64, n: usize) -> Vec { +pub fn z_vec(z: F, first_power: u64, n: usize) -> Vec { let mut z_n = Vec::with_capacity(n); let exp: [u64; 1] = [first_power]; let mut z_i = z.pow(exp); @@ -58,7 +58,7 @@ pub fn z_vec(z: F, first_power: u64, n: usize) -> Vec { /// Pads a non-empty field vector to a power of two length by repeating the last /// element For empty vectors the function is the identity. -pub(crate) fn pad_vector_to_power_of_two(vec: &mut Vec) { +pub(crate) fn pad_vector_to_power_of_two(vec: &mut Vec) { let n = vec.len(); if n == 0 { return; diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index b925c87fc..ee4bc7e66 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -93,6 +93,7 @@ pub trait PrimeField: Field { /// element. const CAPACITY: u32; + /// Convert a biginteger representation into a prime field element fn into_repr(self) -> Vec; /// Convert this prime field element into a biginteger representation. diff --git a/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs b/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs index e0683c352..60d38b1f5 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/secret_value.rs @@ -15,22 +15,22 @@ use std::{ /// Other types are expected to wrap this in more convenient interfaces. /// Ideally the constraint would be Default, but fields we have do not implement /// it, so we cannot use it at the moment. Hence the temporary hack of 'T: -/// PrimeField'. +/// Field'. #[repr(transparent)] #[derive(Debug, PartialEq, Eq, Serialize)] -pub struct Secret { +pub struct Secret { secret: T, } -impl Secret { +impl Secret { pub fn new(secret: F) -> Self { Secret { secret } } } -impl AsRef for Secret { +impl AsRef for Secret { fn as_ref(&self) -> &F { &self.secret } } -impl Deref for Secret { +impl Deref for Secret { type Target = F; fn deref(&self) -> &Self::Target { &self.secret } @@ -39,7 +39,7 @@ impl Deref for Secret { // This works for our current fields since they are arrays // But in the future we need to revisit, especially if our // upstream dependencies decide to implement drop themselves. -impl Drop for Secret { +impl Drop for Secret { fn drop(&mut self) { // This implementation is what the Zeroize trait implementations do. // It protects against most reorderings by the compiler. diff --git a/rust-src/concordium_base/src/id/types.rs b/rust-src/concordium_base/src/id/types.rs index 8723232a2..43c0d5e6d 100644 --- a/rust-src/concordium_base/src/id/types.rs +++ b/rust-src/concordium_base/src/id/types.rs @@ -364,7 +364,7 @@ impl From for AttributeTag { /// The meaning of attributes is then assigned at the outer layers when the /// library is used. In order to make the library as generic (and ultimately /// simple) as possible this trait is used. -pub trait Attribute: +pub trait Attribute: Clone + Sized + Send + Sync + fmt::Display + Serialize + Ord { /// Convert an attribute to a field element fn to_field_element(&self) -> F; @@ -549,7 +549,7 @@ impl From for u32 { ))] /// An attribute list that is part of a normal credential. It consists of some /// mandatory attributes and some user selected attributes. -pub struct AttributeList> { +pub struct AttributeList> { #[serde(rename = "validTo")] /// The latest month and year where the credential is still valid. pub valid_to: YearMonth, @@ -572,7 +572,7 @@ pub struct AttributeList> { pub _phantom: std::marker::PhantomData, } -impl> HasAttributeValues +impl> HasAttributeValues for AttributeList { fn get_attribute_value(&self, attribute_tag: &AttributeTag) -> Option<&AttributeType> { @@ -2521,11 +2521,11 @@ impl< } } -pub trait HasAttributeValues> { +pub trait HasAttributeValues> { fn get_attribute_value(&self, attribute_tag: &TagType) -> Option<&AttributeType>; } -impl> +impl> HasAttributeValues for BTreeMap { fn get_attribute_value(&self, attribute_tag: &TagType) -> Option<&AttributeType> { diff --git a/rust-src/concordium_base/src/id/utils.rs b/rust-src/concordium_base/src/id/utils.rs index 5e7bbdd58..a541f219c 100644 --- a/rust-src/concordium_base/src/id/utils.rs +++ b/rust-src/concordium_base/src/id/utils.rs @@ -42,7 +42,7 @@ pub fn commitment_to_share( /// Interpret the array as coefficients of a polynomial starting at 0, /// and evaluate the polynomial at the given point. -pub fn evaluate_poly>(coeffs: &[R], point: &F) -> F { +pub fn evaluate_poly>(coeffs: &[R], point: &F) -> F { let mut eval: F = F::zero(); // Horner's scheme at point point for rand in coeffs.iter().rev() { From 9a2ec6d7d6eebf9c6522a201dc997738928f832f Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Fri, 6 Oct 2023 14:35:33 +0200 Subject: [PATCH 03/45] Add curve25519 implementation stub --- .../curve_arithmetic/bls12_381_instance.rs | 16 +- .../src/curve_arithmetic/ed25519_instance.rs | 185 ++++++++++++++++++ .../src/curve_arithmetic/mod.rs | 1 + 3 files changed, 194 insertions(+), 8 deletions(-) create mode 100644 rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index a51bd14ee..3dcc0c07d 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -63,10 +63,10 @@ impl From for CurveDecodingError { } impl PrimeField for Fr { - // TODO: check this. - const CAPACITY: u32 = 64 * 4; - // TODO: check this. - const NUM_BITS: u32 = 64 * 4; + + const CAPACITY: u32 = ::CAPACITY; + + const NUM_BITS: u32 = ::NUM_BITS; fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } @@ -80,10 +80,10 @@ impl PrimeField for Fr { } impl PrimeField for Fq { - // TODO: check this. - const CAPACITY: u32 = 64 * 6; - // TODO: check this. - const NUM_BITS: u32 = 64 * 6; + + const CAPACITY: u32 = ::CAPACITY; + + const NUM_BITS: u32 = ::NUM_BITS; fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs new file mode 100644 index 000000000..0f7921172 --- /dev/null +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -0,0 +1,185 @@ + +use std::fmt::Display; + +use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar, traits::Identity}; +use crate::common::{Serial, Deserial, Buffer}; + +use super::{Curve, Field, PrimeField}; + +/// A wrapper to make it possible to implement external traits +/// and to avoid clashes with blacket implementations. +#[derive(Clone, Copy, Debug, PartialEq, Eq)] +pub struct RistrettoScalar(Scalar); + +impl Serial for RistrettoScalar { + fn serial(&self, out: &mut B) { + todo!() + } +} + +impl Deserial for RistrettoScalar { + + fn deserial(source: &mut R) -> crate::common::ParseResult { + todo!() + } +} + + +impl Display for RistrettoScalar { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + // Use Debug as Display for now + std::fmt::Debug::fmt(self, f) + } +} + +// Since we use a wrapper type, it is convenient to use `into()` to convert from Scalar. +impl From for RistrettoScalar { + fn from(value: Scalar) -> Self { + RistrettoScalar(value) + } +} + +impl Field for RistrettoScalar { + fn random(rng: &mut R) -> Self { + todo!() + } + + fn zero() -> Self { + Scalar::zero().into() + } + + fn one() -> Self { + todo!() + } + + fn is_zero(&self) -> bool { + todo!() + } + + fn square(&mut self) { + todo!() + } + + fn double(&mut self) { + todo!() + } + + fn negate(&mut self) { + todo!() + } + + fn add_assign(&mut self, other: &Self) { + todo!() + } + + fn sub_assign(&mut self, other: &Self) { + todo!() + } + + fn mul_assign(&mut self, other: &Self) { + todo!() + } + + fn inverse(&self) -> Option { + todo!() + } + + fn frobenius_map(&mut self, power: usize) { + todo!() + } +} + +impl PrimeField for RistrettoScalar { + // TODO: check this, this numbers are here just to make the compiler happy. + const NUM_BITS: u32 = 64 * 4; + + // TODO: check this, this numbers are here just to make the compiler happy. + const CAPACITY: u32 = 64 * 4; + + fn into_repr(self) -> Vec { + todo!() + } + + fn from_repr(_: &[u64]) -> Result { + todo!() + } +} + +impl Serial for RistrettoPoint { + fn serial(&self, out: &mut B) { + todo!() + } +} + +impl Deserial for RistrettoPoint { + fn deserial(source: &mut R) -> crate::common::ParseResult { + todo!() + } +} + + +impl Curve for RistrettoPoint { + type Scalar = RistrettoScalar; + + // TODO: copied from the BLS curve; update this. + const SCALAR_LENGTH: usize = 32; + + // TODO: copied from the BLS curve; update this. + const GROUP_ELEMENT_LENGTH: usize = 96; + + fn zero_point() -> Self { + Self::identity() + } + + fn one_point() -> Self { + todo!() + } + + fn is_zero_point(&self) -> bool { + todo!() + } + + fn inverse_point(&self) -> Self { + todo!() + } + + fn double_point(&self) -> Self { + todo!() + } + + fn plus_point(&self, other: &Self) -> Self { + todo!() + } + + fn minus_point(&self, other: &Self) -> Self { + todo!() + } + + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { + todo!() + } + + fn bytes_to_curve_unchecked(b: &mut R) -> anyhow::Result { + todo!() + } + + fn generate(rng: &mut R) -> Self { + todo!() + } + + fn generate_scalar(rng: &mut R) -> Self::Scalar { + todo!() + } + + fn scalar_from_u64(n: u64) -> Self::Scalar { + todo!() + } + + fn scalar_from_bytes>(bs: A) -> Self::Scalar { + todo!() + } + + fn hash_to_group(m: &[u8]) -> Self { + todo!() + } +} \ No newline at end of file diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index ee4bc7e66..ca7a0582d 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -3,6 +3,7 @@ mod bls12_381_g1hash; mod bls12_381_g2hash; mod bls12_381_instance; +mod ed25519_instance; pub mod secret_value; pub use secret_value::{Secret, Value}; From 159ca8a8a5cf603512cdd8b767b316c6f14ad80f Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Thu, 9 Nov 2023 13:16:44 +0100 Subject: [PATCH 04/45] Implement Field/Curve traits for ed25519 (WIP) --- .../curve_arithmetic/bls12_381_instance.rs | 2 +- .../src/curve_arithmetic/ed25519_instance.rs | 80 ++++++++++++------- .../src/curve_arithmetic/mod.rs | 8 +- 3 files changed, 56 insertions(+), 34 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 3dcc0c07d..7674bb860 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -52,7 +52,7 @@ impl Field for F { fn inverse(&self) -> Option { self.inverse() } - fn frobenius_map(&mut self, power: usize) { self.frobenius_map(power) } + //fn frobenius_map(&mut self, power: usize) { self.frobenius_map(power) } } impl From for CurveDecodingError { diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 0f7921172..a9733690d 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -1,6 +1,8 @@ -use std::fmt::Display; +use std::{fmt::Display, ops::MulAssign}; +use std::ops::{AddAssign, SubAssign, Neg}; +use curve25519_dalek::ristretto::CompressedRistretto; use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar, traits::Identity}; use crate::common::{Serial, Deserial, Buffer}; @@ -20,7 +22,10 @@ impl Serial for RistrettoScalar { impl Deserial for RistrettoScalar { fn deserial(source: &mut R) -> crate::common::ParseResult { - todo!() + let mut buf: [u8; 32] = [0; 32]; + source.read_exact(&mut buf)?; + let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!("Deserialization failed! Not a field value!"))?; + Ok(res.into()) } } @@ -41,7 +46,9 @@ impl From for RistrettoScalar { impl Field for RistrettoScalar { fn random(rng: &mut R) -> Self { - todo!() + let mut scalar_bytes = [0u8; 64]; + rng.fill_bytes(&mut scalar_bytes); + Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() } fn zero() -> Self { @@ -49,58 +56,64 @@ impl Field for RistrettoScalar { } fn one() -> Self { - todo!() + Scalar::one().into() } fn is_zero(&self) -> bool { - todo!() + self.0 == Self::zero().0 } fn square(&mut self) { - todo!() + self.0.mul_assign(self.0) } fn double(&mut self) { - todo!() + self.0.add_assign(self.0) } fn negate(&mut self) { - todo!() + let v = self.0.neg(); + self.0 = v; } fn add_assign(&mut self, other: &Self) { - todo!() + self.0.add_assign(other.0) } fn sub_assign(&mut self, other: &Self) { - todo!() + self.0.sub_assign(other.0) } fn mul_assign(&mut self, other: &Self) { - todo!() + self.0.mul_assign(other.0) } fn inverse(&self) -> Option { - todo!() + if self.is_zero() { + None + } else { + Some(self.0.invert().into()) + } } - fn frobenius_map(&mut self, power: usize) { - todo!() - } + //fn frobenius_map(&mut self, power: usize) { + //self.pow(power) + //todo!() + //} } impl PrimeField for RistrettoScalar { // TODO: check this, this numbers are here just to make the compiler happy. - const NUM_BITS: u32 = 64 * 4; + const NUM_BITS: u32 = 255; // TODO: check this, this numbers are here just to make the compiler happy. - const CAPACITY: u32 = 64 * 4; + const CAPACITY: u32 = 254; fn into_repr(self) -> Vec { todo!() } - fn from_repr(_: &[u64]) -> Result { + fn from_repr(r: &[u64]) -> Result { todo!() } } @@ -113,7 +126,10 @@ impl Serial for RistrettoPoint { impl Deserial for RistrettoPoint { fn deserial(source: &mut R) -> crate::common::ParseResult { - todo!() + let mut buf: [u8; 32] = [0; 32]; + source.read_exact(&mut buf)?; + let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + Ok(res) } } @@ -136,26 +152,27 @@ impl Curve for RistrettoPoint { } fn is_zero_point(&self) -> bool { - todo!() + self == &Self::zero_point() } fn inverse_point(&self) -> Self { - todo!() + -self } fn double_point(&self) -> Self { - todo!() + self + self } fn plus_point(&self, other: &Self) -> Self { - todo!() + self + other } fn minus_point(&self, other: &Self) -> Self { - todo!() + self - other } fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { + //self * scalar.scalar() todo!() } @@ -164,22 +181,27 @@ impl Curve for RistrettoPoint { } fn generate(rng: &mut R) -> Self { - todo!() + let mut uniform_bytes = [0u8; 64]; + rng.fill_bytes(&mut uniform_bytes); + + RistrettoPoint::from_uniform_bytes(&uniform_bytes) } fn generate_scalar(rng: &mut R) -> Self::Scalar { - todo!() + let mut scalar_bytes = [0u8; 64]; + rng.fill_bytes(&mut scalar_bytes); + Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() } fn scalar_from_u64(n: u64) -> Self::Scalar { - todo!() + Scalar::from(n).into() } fn scalar_from_bytes>(bs: A) -> Self::Scalar { - todo!() + Scalar::hash_from_bytes::(bs.as_ref()).into() } fn hash_to_group(m: &[u8]) -> Self { - todo!() + RistrettoPoint::hash_from_bytes::(m) } } \ No newline at end of file diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index ca7a0582d..d2f1e5989 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -61,7 +61,7 @@ pub trait Field: /// Exponentiates this element by a power of the base prime modulus via /// the Frobenius automorphism. - fn frobenius_map(&mut self, power: usize); + //fn frobenius_map(&mut self, power: usize); /// Exponentiates this element by a number represented with `u64` limbs, /// least significant digit first. @@ -93,11 +93,11 @@ pub trait PrimeField: Field { /// How many bits of information can be reliably stored in the field /// element. const CAPACITY: u32; - - /// Convert a biginteger representation into a prime field element + + /// Convert this prime field element into a biginteger representation. fn into_repr(self) -> Vec; - /// Convert this prime field element into a biginteger representation. + /// Convert a biginteger representation into a prime field element fn from_repr(_: &[u64]) -> Result; } From fe5be05dab4b99052ca349b5fc3b214e91b612af Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Thu, 9 Nov 2023 14:44:26 +0100 Subject: [PATCH 05/45] curve25519 WIP --- .../src/curve_arithmetic/ed25519_instance.rs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index a9733690d..01afb64a0 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -2,6 +2,7 @@ use std::{fmt::Display, ops::MulAssign}; use std::ops::{AddAssign, SubAssign, Neg}; +use byteorder::{LittleEndian, ByteOrder}; use curve25519_dalek::ristretto::CompressedRistretto; use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar, traits::Identity}; use crate::common::{Serial, Deserial, Buffer}; @@ -110,10 +111,16 @@ impl PrimeField for RistrettoScalar { const CAPACITY: u32 = 254; fn into_repr(self) -> Vec { + let bytes = self.0.to_bytes(); + let limb0: [u8; 8] = bytes[0..=7].try_into().unwrap(); + let i0 = u64::from_le_bytes(limb0); todo!() } fn from_repr(r: &[u64]) -> Result { + let mut s_bytes = [0u8; 32]; + let x = r[0]; + LittleEndian::write_u64(&mut s_bytes, x); todo!() } } @@ -172,8 +179,8 @@ impl Curve for RistrettoPoint { } fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { - //self * scalar.scalar() - todo!() + *self * (*scalar).0 + //todo!() } fn bytes_to_curve_unchecked(b: &mut R) -> anyhow::Result { From 4eb4b0e77357a236f4e2979e85be9548850f1acb Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Mon, 13 Nov 2023 16:09:51 +0100 Subject: [PATCH 06/45] Curve25519 Added --- .../src/curve_arithmetic/ed25519_instance.rs | 40 ++++++++++++------- 1 file changed, 26 insertions(+), 14 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 01afb64a0..3c4a3951a 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -3,8 +3,8 @@ use std::{fmt::Display, ops::MulAssign}; use std::ops::{AddAssign, SubAssign, Neg}; use byteorder::{LittleEndian, ByteOrder}; -use curve25519_dalek::ristretto::CompressedRistretto; -use curve25519_dalek::{ristretto::RistrettoPoint, scalar::Scalar, traits::Identity}; +use curve25519_dalek::ristretto::{CompressedRistretto, RistrettoPoint}; +use curve25519_dalek::{scalar::Scalar, traits::Identity, constants::RISTRETTO_BASEPOINT_POINT}; use crate::common::{Serial, Deserial, Buffer}; use super::{Curve, Field, PrimeField}; @@ -16,7 +16,8 @@ pub struct RistrettoScalar(Scalar); impl Serial for RistrettoScalar { fn serial(&self, out: &mut B) { - todo!() + let res: &[u8; 32] = self.0.as_bytes(); + out.write_all(res).expect("Writing to a buffer should not fail."); } } @@ -111,23 +112,32 @@ impl PrimeField for RistrettoScalar { const CAPACITY: u32 = 254; fn into_repr(self) -> Vec { + let mut vec: Vec = Vec::new(); let bytes = self.0.to_bytes(); - let limb0: [u8; 8] = bytes[0..=7].try_into().unwrap(); - let i0 = u64::from_le_bytes(limb0); - todo!() + for chunk in bytes.chunks(8) { + let x : [u8; 8] = chunk.try_into().unwrap(); + let x_64 = u64::from_le_bytes(x); + vec.push(x_64); + } + vec } fn from_repr(r: &[u64]) -> Result { + let mut tmp: [u64; 4] = r.try_into().map_err(|e| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; let mut s_bytes = [0u8; 32]; - let x = r[0]; - LittleEndian::write_u64(&mut s_bytes, x); - todo!() + for x in tmp { + LittleEndian::write_u64(&mut s_bytes, x); + } + let res = Scalar::from_canonical_bytes(s_bytes).ok_or(super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)))?; + Ok(res.into()) } } impl Serial for RistrettoPoint { fn serial(&self, out: &mut B) { - todo!() + let compressed_point = self.compress(); + let res: &[u8; 32] = compressed_point.as_bytes(); + out.write_all(res).expect("Writing to a buffer should not fail."); } } @@ -155,7 +165,7 @@ impl Curve for RistrettoPoint { } fn one_point() -> Self { - todo!() + RISTRETTO_BASEPOINT_POINT } fn is_zero_point(&self) -> bool { @@ -180,11 +190,13 @@ impl Curve for RistrettoPoint { fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { *self * (*scalar).0 - //todo!() } - fn bytes_to_curve_unchecked(b: &mut R) -> anyhow::Result { - todo!() + fn bytes_to_curve_unchecked(source: &mut R) -> anyhow::Result { + let mut buf: [u8; 32] = [0; 32]; + source.read_exact(&mut buf)?; + let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + Ok(res) } fn generate(rng: &mut R) -> Self { From 45c2bc1beadda7dbac6fa39420c3cabdf47615c4 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Mon, 13 Nov 2023 16:31:02 +0100 Subject: [PATCH 07/45] minor fixes --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 3c4a3951a..8bce57fc6 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -123,7 +123,7 @@ impl PrimeField for RistrettoScalar { } fn from_repr(r: &[u64]) -> Result { - let mut tmp: [u64; 4] = r.try_into().map_err(|e| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; + let tmp: [u64; 4] = r.try_into().map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; let mut s_bytes = [0u8; 32]; for x in tmp { LittleEndian::write_u64(&mut s_bytes, x); From 37fcf8ce2be52f84e249a9fcac5b60fed684f683 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 13 Nov 2023 17:20:33 +0100 Subject: [PATCH 08/45] Add benches --- rust-src/concordium_base/Cargo.toml | 4 + .../benches/range_proof_bench.rs | 123 ++++++++++++++++++ 2 files changed, 127 insertions(+) create mode 100644 rust-src/concordium_base/benches/range_proof_bench.rs diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 053bd319b..681961dd3 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -134,3 +134,7 @@ harness = false [package.metadata.docs.rs] # Expose the `encryption` feature in documentation. features = ["encryption"] + +[[bench]] +name = "range_proof_bench" +harness = false \ No newline at end of file diff --git a/rust-src/concordium_base/benches/range_proof_bench.rs b/rust-src/concordium_base/benches/range_proof_bench.rs new file mode 100644 index 000000000..6b850a9c0 --- /dev/null +++ b/rust-src/concordium_base/benches/range_proof_bench.rs @@ -0,0 +1,123 @@ +#![allow(non_snake_case)] + +#[macro_use] +extern crate criterion; + +use concordium_base::{ + bulletproofs::{range_proof::*, utils::Generators}, + curve_arithmetic::*, + id::id_proof_types::ProofVersion, + pedersen_commitment::*, + random_oracle::RandomOracle, +}; +use criterion::Criterion; +use curve25519_dalek::ristretto::RistrettoPoint; +use pairing::bls12_381::G1; +use rand::*; +use std::time::Duration; + +// type SomeCurve = G1; + +pub fn prove_verify_benchmarks (c: &mut Criterion) { + let mut group = c.benchmark_group("Range Proof"); + + let rng = &mut thread_rng(); + let n: u8 = 32; + let m: u8 = 16; + let nm: usize = usize::from(n) * usize::from(m); + let mut G = Vec::with_capacity(nm); + let mut H = Vec::with_capacity(nm); + let mut G_H = Vec::with_capacity(nm); + let mut randomness = Vec::with_capacity(usize::from(m)); + let mut commitments = Vec::with_capacity(usize::from(m)); + + for _ in 0..nm { + let g = SomeCurve::generate(rng); + let h = SomeCurve::generate(rng); + + G.push(g); + H.push(h); + G_H.push((g, h)); + } + let B = SomeCurve::generate(rng); + let B_tilde = SomeCurve::generate(rng); + let gens = Generators { G_H }; + let keys = CommitmentKey { g: B, h: B_tilde }; + + // Some numbers in [0, 2^n): + let v_vec: Vec = vec![ + 7, 4, 255, 15, 2, 15, 4294967295, 4, 4, 5, 6, 8, 12, 13, 10, + 8, /* ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 + * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 + * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 + * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 + * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 + * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 + * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 */ + ]; + + for &v in v_vec.iter().take(m.into()) { + let r = Randomness::generate(rng); + let v_scalar = SomeCurve::scalar_from_u64(v); + let v_value = Value::::new(v_scalar); + let com = keys.hide(&v_value, &r); + randomness.push(r); + commitments.push(com); + } + let v_vec_p = v_vec.clone(); + let gens_p = gens.clone(); + let randomness_p = randomness.clone(); + let mut transcript = RandomOracle::empty(); + group.bench_function("Prove", move |b| { + b.iter(|| { + prove( + ProofVersion::Version1, + &mut transcript, + rng, + n, + m, + &v_vec_p, + &gens_p, + &keys, + &randomness_p, + ); + }) + }); + + let rng = &mut thread_rng(); + let mut transcript = RandomOracle::empty(); + let proof = prove( + ProofVersion::Version1, + &mut transcript, + rng, + n, + m, + &v_vec, + &gens, + &keys, + &randomness, + ); + let proof = proof.unwrap(); + + group.bench_function("Verify Efficient", move |b| { + b.iter(|| { + let mut transcript = RandomOracle::empty(); + assert!(verify_efficient( + ProofVersion::Version1, + &mut transcript, + n, + &commitments, + &proof, + &gens, + &keys + ) + .is_ok()); + }) + }); +} + +criterion_group!( + name = benchmarks; + config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(10); + targets = prove_verify_benchmarks::, prove_verify_benchmarks::); +criterion_main!(benchmarks); From 43d286bb7b42621f326463045962d474842673b0 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Tue, 14 Nov 2023 10:23:18 +0100 Subject: [PATCH 09/45] Add ed25519_ng implementation; add dalek's bulletproof benchmark --- identity-provider-service/Cargo.lock | 200 +++++++++++++--- idiss/Cargo.lock | 196 +++++++++++++-- mobile_wallet/Cargo.lock | 198 +++++++++++++-- rust-bins/Cargo.lock | 204 +++++++++++++--- rust-src/Cargo.lock | 166 ++++++++++++- rust-src/concordium_base/Cargo.toml | 9 + .../benches/range_proof_bench.rs | 2 +- .../benches/range_proof_dalek_bench.rs | 70 ++++++ .../curve_arithmetic/ed25519_ng_instance.rs | 226 ++++++++++++++++++ .../src/curve_arithmetic/mod.rs | 2 + 10 files changed, 1155 insertions(+), 118 deletions(-) create mode 100644 rust-src/concordium_base/benches/range_proof_dalek_bench.rs create mode 100644 rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs diff --git a/identity-provider-service/Cargo.lock b/identity-provider-service/Cargo.lock index d4a878958..07ff35e13 100644 --- a/identity-provider-service/Cargo.lock +++ b/identity-provider-service/Cargo.lock @@ -82,7 +82,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -126,6 +126,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ + "block-padding", "generic-array", ] @@ -138,6 +139,12 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-padding" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" + [[package]] name = "borsh" version = "0.10.3" @@ -192,6 +199,26 @@ dependencies = [ "sha2 0.9.9", ] +[[package]] +name = "bulletproofs" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" +dependencies = [ + "byteorder", + "clear_on_drop", + "curve25519-dalek-ng", + "digest 0.9.0", + "merlin", + "rand 0.7.3", + "rand_core 0.5.1", + "serde", + "serde_derive", + "sha3 0.9.1", + "subtle-ng", + "thiserror", +] + [[package]] name = "bumpalo" version = "3.12.2" @@ -275,6 +302,15 @@ dependencies = [ "vec_map", ] +[[package]] +name = "clear_on_drop" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" +dependencies = [ + "cc", +] + [[package]] name = "concordium-contracts-common" version = "8.0.0" @@ -301,7 +337,7 @@ version = "4.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -310,20 +346,24 @@ version = "3.0.1" dependencies = [ "anyhow", "bs58", + "bulletproofs", "byteorder", "chrono", "concordium-contracts-common", "concordium_base_derive", - "curve25519-dalek", + "curve25519-dalek 3.2.1", + "curve25519-dalek 4.1.1", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "hex", "itertools", "leb128", "libc", + "merlin", "nom", "num", "num-bigint 0.4.3", @@ -337,7 +377,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.6", - "sha3", + "sha3 0.10.8", "subtle", "thiserror", "zeroize", @@ -349,7 +389,7 @@ version = "1.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -449,6 +489,49 @@ dependencies = [ "zeroize", ] +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "fiat-crypto", + "group 0.13.0", + "platforms", + "rand_core 0.6.4", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.39", +] + +[[package]] +name = "curve25519-dalek-ng" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "serde", + "subtle-ng", + "zeroize", +] + [[package]] name = "darling" version = "0.20.1" @@ -470,7 +553,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -481,7 +564,7 @@ checksum = "29a358ff9f12ec09c3e61fef9b5a9902623a695a46a917b07f269bff1445611a" dependencies = [ "darling_core", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -531,7 +614,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -608,6 +691,16 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "ff_derive" version = "0.4.1" @@ -622,6 +715,12 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "fiat-crypto" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" + [[package]] name = "fnv" version = "1.0.7" @@ -732,11 +831,22 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8cbdfc48f95bef47e3daf3b9d552a1dde6311e3a5fefa43e16c59f651d56fe5b" dependencies = [ - "ff", + "ff 0.5.2", "rand 0.7.3", "rand_xorshift", ] +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff 0.13.0", + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "h2" version = "0.3.19" @@ -1113,6 +1223,18 @@ dependencies = [ "autocfg", ] +[[package]] +name = "merlin" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.5.1", + "zeroize", +] + [[package]] name = "mime" version = "0.3.17" @@ -1325,7 +1447,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -1363,8 +1485,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94c40534479a28199cd5109da27fe2fc4a4728e4fc701d9e9c1bded78f3271e4" dependencies = [ "byteorder", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "rand_core 0.5.1", ] @@ -1435,6 +1557,12 @@ version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1476,9 +1604,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.56" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b63bdb0cd06f1f4dedf69b254734f9b45af66e4a031e42a7480257d9898b435" +checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" dependencies = [ "unicode-ident", ] @@ -1505,9 +1633,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.27" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f4f29d145265ec1c483c7c654450edde0bfe043d3938d6972630663356d9500" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2", ] @@ -1892,7 +2020,7 @@ checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -1943,7 +2071,7 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -1981,6 +2109,18 @@ dependencies = [ "digest 0.10.6", ] +[[package]] +name = "sha3" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" +dependencies = [ + "block-buffer 0.9.0", + "digest 0.9.0", + "keccak", + "opaque-debug", +] + [[package]] name = "sha3" version = "0.10.8" @@ -2085,6 +2225,12 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" +[[package]] +name = "subtle-ng" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" + [[package]] name = "syn" version = "1.0.109" @@ -2098,9 +2244,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.15" +version = "2.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a34fcf3e8b60f57e6a14301a2e916d323af98b0ea63c599441eec8558660c822" +checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" dependencies = [ "proc-macro2", "quote", @@ -2155,7 +2301,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -2238,7 +2384,7 @@ checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -2535,7 +2681,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", "wasm-bindgen-shared", ] @@ -2569,7 +2715,7 @@ checksum = "4783ce29f09b9d93134d41297aded3a712b7b979e9c6f28c32cb88c973a94869" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2803,5 +2949,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] diff --git a/idiss/Cargo.lock b/idiss/Cargo.lock index 4d155ee26..736163f2a 100644 --- a/idiss/Cargo.lock +++ b/idiss/Cargo.lock @@ -121,6 +121,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ + "block-padding", "generic-array", ] @@ -133,6 +134,12 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-padding" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" + [[package]] name = "borsh" version = "0.10.2" @@ -187,6 +194,26 @@ dependencies = [ "sha2 0.9.9", ] +[[package]] +name = "bulletproofs" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" +dependencies = [ + "byteorder", + "clear_on_drop", + "curve25519-dalek-ng", + "digest 0.9.0", + "merlin", + "rand 0.7.3", + "rand_core 0.5.1", + "serde", + "serde_derive", + "sha3 0.9.1", + "subtle-ng", + "thiserror", +] + [[package]] name = "bumpalo" version = "3.12.0" @@ -290,6 +317,15 @@ dependencies = [ "vec_map", ] +[[package]] +name = "clear_on_drop" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" +dependencies = [ + "cc", +] + [[package]] name = "codespan-reporting" version = "0.11.1" @@ -326,7 +362,7 @@ version = "4.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -335,20 +371,24 @@ version = "3.0.1" dependencies = [ "anyhow", "bs58", + "bulletproofs", "byteorder", "chrono", "concordium-contracts-common", "concordium_base_derive", - "curve25519-dalek", + "curve25519-dalek 3.2.1", + "curve25519-dalek 4.1.1", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "hex", "itertools", "leb128", "libc", + "merlin", "nom 7.1.3", "num", "num-bigint 0.4.3", @@ -362,7 +402,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.6", - "sha3", + "sha3 0.10.6", "subtle", "thiserror", "zeroize", @@ -374,7 +414,7 @@ version = "1.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -391,9 +431,9 @@ checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" [[package]] name = "cpufeatures" -version = "0.2.5" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" +checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" dependencies = [ "libc", ] @@ -464,6 +504,49 @@ dependencies = [ "zeroize", ] +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "fiat-crypto", + "group 0.13.0", + "platforms", + "rand_core 0.6.4", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.39", +] + +[[package]] +name = "curve25519-dalek-ng" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "serde", + "subtle-ng", + "zeroize", +] + [[package]] name = "cxx" version = "1.0.91" @@ -529,7 +612,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -540,7 +623,7 @@ checksum = "29a358ff9f12ec09c3e61fef9b5a9902623a695a46a917b07f269bff1445611a" dependencies = [ "darling_core", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -590,7 +673,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -628,6 +711,16 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "ff_derive" version = "0.4.1" @@ -642,6 +735,12 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "fiat-crypto" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" + [[package]] name = "fnv" version = "1.0.7" @@ -692,11 +791,22 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8cbdfc48f95bef47e3daf3b9d552a1dde6311e3a5fefa43e16c59f651d56fe5b" dependencies = [ - "ff", + "ff 0.5.2", "rand 0.7.3", "rand_xorshift", ] +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff 0.13.0", + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "hashbrown" version = "0.11.2" @@ -790,7 +900,7 @@ dependencies = [ "chrono", "concordium_base", "ed25519-dalek", - "ff", + "ff 0.5.2", "hex", "napi-build", "nodejs-sys", @@ -863,9 +973,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.139" +version = "0.2.150" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" +checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" [[package]] name = "libloading" @@ -910,6 +1020,18 @@ dependencies = [ "autocfg", ] +[[package]] +name = "merlin" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.5.1", + "zeroize", +] + [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1067,8 +1189,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94c40534479a28199cd5109da27fe2fc4a4728e4fc701d9e9c1bded78f3271e4" dependencies = [ "byteorder", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "rand_core 0.5.1", ] @@ -1078,6 +1200,12 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1095,9 +1223,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.60" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dec2b086b7a862cf4de201096214fa870344cf922b2b30c167badb3af3195406" +checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" dependencies = [ "unicode-ident", ] @@ -1124,9 +1252,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.28" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2", ] @@ -1364,7 +1492,7 @@ checksum = "d9735b638ccc51c28bf6914d90a2e9725b377144fc612c49a611fddd1b631d68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -1403,7 +1531,7 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -1430,6 +1558,18 @@ dependencies = [ "digest 0.10.6", ] +[[package]] +name = "sha3" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" +dependencies = [ + "block-buffer 0.9.0", + "digest 0.9.0", + "keccak", + "opaque-debug", +] + [[package]] name = "sha3" version = "0.10.6" @@ -1476,6 +1616,12 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +[[package]] +name = "subtle-ng" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" + [[package]] name = "syn" version = "1.0.109" @@ -1489,9 +1635,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.18" +version = "2.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e" +checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" dependencies = [ "proc-macro2", "quote", diff --git a/mobile_wallet/Cargo.lock b/mobile_wallet/Cargo.lock index a7c6cc304..b55b2c8ab 100644 --- a/mobile_wallet/Cargo.lock +++ b/mobile_wallet/Cargo.lock @@ -90,6 +90,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ + "block-padding", "generic-array", ] @@ -102,6 +103,12 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-padding" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" + [[package]] name = "borsh" version = "0.10.2" @@ -156,6 +163,26 @@ dependencies = [ "sha2 0.9.9", ] +[[package]] +name = "bulletproofs" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" +dependencies = [ + "byteorder", + "clear_on_drop", + "curve25519-dalek-ng", + "digest 0.9.0", + "merlin", + "rand 0.7.3", + "rand_core 0.5.1", + "serde", + "serde_derive", + "sha3 0.9.1", + "subtle-ng", + "thiserror", +] + [[package]] name = "bumpalo" version = "3.12.0" @@ -230,6 +257,15 @@ dependencies = [ "winapi", ] +[[package]] +name = "clear_on_drop" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" +dependencies = [ + "cc", +] + [[package]] name = "codespan-reporting" version = "0.11.1" @@ -279,7 +315,7 @@ version = "4.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -288,20 +324,24 @@ version = "3.0.1" dependencies = [ "anyhow", "bs58", + "bulletproofs", "byteorder", "chrono", "concordium-contracts-common", "concordium_base_derive", - "curve25519-dalek", + "curve25519-dalek 3.2.1", + "curve25519-dalek 4.1.1", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "hex", "itertools", "leb128", "libc", + "merlin", "nom", "num", "num-bigint 0.4.3", @@ -315,7 +355,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.6", - "sha3", + "sha3 0.10.6", "subtle", "thiserror", "zeroize", @@ -327,7 +367,7 @@ version = "1.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -344,9 +384,9 @@ checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" [[package]] name = "cpufeatures" -version = "0.2.5" +version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" +checksum = "ce420fe07aecd3e67c5f910618fe65e94158f6dcc0adf44e00d69ce2bdfe0fd0" dependencies = [ "libc", ] @@ -417,6 +457,49 @@ dependencies = [ "zeroize", ] +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "fiat-crypto", + "group 0.13.0", + "platforms", + "rand_core 0.6.4", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.39", +] + +[[package]] +name = "curve25519-dalek-ng" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "serde", + "subtle-ng", + "zeroize", +] + [[package]] name = "cxx" version = "1.0.91" @@ -482,7 +565,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -493,7 +576,7 @@ checksum = "29a358ff9f12ec09c3e61fef9b5a9902623a695a46a917b07f269bff1445611a" dependencies = [ "darling_core", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -544,7 +627,7 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "53d2e93f837d749c16d118e7ddf7a4dfd0ac8f452cf51e46e9348824e5ef6851" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -590,6 +673,16 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "ff_derive" version = "0.4.1" @@ -604,6 +697,12 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "fiat-crypto" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" + [[package]] name = "fnv" version = "1.0.7" @@ -648,11 +747,22 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8cbdfc48f95bef47e3daf3b9d552a1dde6311e3a5fefa43e16c59f651d56fe5b" dependencies = [ - "ff", + "ff 0.5.2", "rand 0.7.3", "rand_xorshift", ] +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff 0.13.0", + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "hashbrown" version = "0.11.2" @@ -823,7 +933,7 @@ name = "keygen_bls" version = "2.0.0" dependencies = [ "concordium_base", - "ff", + "ff 0.5.2", "hex", "hkdf", "pairing", @@ -838,9 +948,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.139" +version = "0.2.150" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" +checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" [[package]] name = "link-cplusplus" @@ -875,6 +985,18 @@ dependencies = [ "autocfg", ] +[[package]] +name = "merlin" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.5.1", + "zeroize", +] + [[package]] name = "minimal-lexical" version = "0.2.1" @@ -893,7 +1015,7 @@ dependencies = [ "ed25519-dalek", "ed25519_hd_key_derivation", "either", - "ff", + "ff 0.5.2", "hex", "jni", "key_derivation", @@ -1032,8 +1154,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94c40534479a28199cd5109da27fe2fc4a4728e4fc701d9e9c1bded78f3271e4" dependencies = [ "byteorder", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "rand_core 0.5.1", ] @@ -1060,6 +1182,12 @@ dependencies = [ "sha2 0.10.6", ] +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1077,9 +1205,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.60" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dec2b086b7a862cf4de201096214fa870344cf922b2b30c167badb3af3195406" +checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" dependencies = [ "unicode-ident", ] @@ -1106,9 +1234,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.28" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2", ] @@ -1349,7 +1477,7 @@ checksum = "d9735b638ccc51c28bf6914d90a2e9725b377144fc612c49a611fddd1b631d68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -1388,7 +1516,7 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.39", ] [[package]] @@ -1415,6 +1543,18 @@ dependencies = [ "digest 0.10.6", ] +[[package]] +name = "sha3" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" +dependencies = [ + "block-buffer 0.9.0", + "digest 0.9.0", + "keccak", + "opaque-debug", +] + [[package]] name = "sha3" version = "0.10.6" @@ -1449,6 +1589,12 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +[[package]] +name = "subtle-ng" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" + [[package]] name = "syn" version = "1.0.109" @@ -1462,9 +1608,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.18" +version = "2.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e" +checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" dependencies = [ "proc-macro2", "quote", diff --git a/rust-bins/Cargo.lock b/rust-bins/Cargo.lock index 9552b926a..ce4532a8b 100644 --- a/rust-bins/Cargo.lock +++ b/rust-bins/Cargo.lock @@ -133,6 +133,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ + "block-padding 0.2.1", "generic-array", ] @@ -145,6 +146,12 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-padding" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" + [[package]] name = "block-padding" version = "0.3.3" @@ -208,6 +215,26 @@ dependencies = [ "sha2 0.9.9", ] +[[package]] +name = "bulletproofs" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" +dependencies = [ + "byteorder", + "clear_on_drop", + "curve25519-dalek-ng", + "digest 0.9.0", + "merlin", + "rand 0.7.3", + "rand_core 0.5.1", + "serde", + "serde_derive", + "sha3 0.9.1", + "subtle-ng", + "thiserror", +] + [[package]] name = "bumpalo" version = "3.12.2" @@ -310,6 +337,15 @@ dependencies = [ "vec_map", ] +[[package]] +name = "clear_on_drop" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" +dependencies = [ + "cc", +] + [[package]] name = "concordium-contracts-common" version = "8.0.0" @@ -336,7 +372,7 @@ version = "4.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -347,22 +383,26 @@ dependencies = [ "anyhow", "base64 0.13.1", "bs58", + "bulletproofs", "byteorder", "cbc", "chrono", "concordium-contracts-common", "concordium_base_derive", - "curve25519-dalek", + "curve25519-dalek 3.2.1", + "curve25519-dalek 4.1.1", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "hex", "hmac", "itertools", "leb128", "libc", + "merlin", "nom", "num", "num-bigint 0.4.3", @@ -377,7 +417,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.6", - "sha3", + "sha3 0.10.8", "subtle", "thiserror", "zeroize", @@ -389,7 +429,7 @@ version = "1.0.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -527,6 +567,49 @@ dependencies = [ "zeroize", ] +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "fiat-crypto", + "group 0.13.0", + "platforms", + "rand_core 0.6.4", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.39", +] + +[[package]] +name = "curve25519-dalek-ng" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "serde", + "subtle-ng", + "zeroize", +] + [[package]] name = "darling" version = "0.20.1" @@ -548,7 +631,7 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -559,7 +642,7 @@ checksum = "29a358ff9f12ec09c3e61fef9b5a9902623a695a46a917b07f269bff1445611a" dependencies = [ "darling_core", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -622,7 +705,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -704,6 +787,16 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "ff_derive" version = "0.4.1" @@ -718,6 +811,12 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "fiat-crypto" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" + [[package]] name = "fnv" version = "1.0.7" @@ -840,11 +939,22 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8cbdfc48f95bef47e3daf3b9d552a1dde6311e3a5fefa43e16c59f651d56fe5b" dependencies = [ - "ff", + "ff 0.5.2", "rand 0.7.3", "rand_xorshift", ] +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff 0.13.0", + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "h2" version = "0.3.19" @@ -1072,7 +1182,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" dependencies = [ - "block-padding", + "block-padding 0.3.3", "generic-array", ] @@ -1154,7 +1264,7 @@ name = "keygen_bls" version = "2.0.0" dependencies = [ "concordium_base", - "ff", + "ff 0.5.2", "hex", "hkdf", "pairing", @@ -1219,6 +1329,18 @@ dependencies = [ "autocfg", ] +[[package]] +name = "merlin" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.5.1", + "zeroize", +] + [[package]] name = "mime" version = "0.3.17" @@ -1277,12 +1399,12 @@ dependencies = [ "clap", "concordium_base", "crossterm", - "curve25519-dalek", + "curve25519-dalek 3.2.1", "dialoguer", "ed25519-dalek", "ed25519_hd_key_derivation", "either", - "ff", + "ff 0.5.2", "hex", "hkdf", "hmac", @@ -1470,7 +1592,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -1508,8 +1630,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94c40534479a28199cd5109da27fe2fc4a4728e4fc701d9e9c1bded78f3271e4" dependencies = [ "byteorder", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "rand_core 0.5.1", ] @@ -1608,6 +1730,12 @@ version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1649,9 +1777,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.56" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b63bdb0cd06f1f4dedf69b254734f9b45af66e4a031e42a7480257d9898b435" +checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" dependencies = [ "unicode-ident", ] @@ -1678,9 +1806,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.27" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f4f29d145265ec1c483c7c654450edde0bfe043d3938d6972630663356d9500" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2", ] @@ -2025,7 +2153,7 @@ checksum = "8c805777e3930c8883389c602315a24224bcc738b63905ef87cd1420353ea93e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -2076,7 +2204,7 @@ dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -2103,6 +2231,18 @@ dependencies = [ "digest 0.10.6", ] +[[package]] +name = "sha3" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" +dependencies = [ + "block-buffer 0.9.0", + "digest 0.9.0", + "keccak", + "opaque-debug", +] + [[package]] name = "sha3" version = "0.10.8" @@ -2228,6 +2368,12 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +[[package]] +name = "subtle-ng" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" + [[package]] name = "syn" version = "1.0.109" @@ -2241,9 +2387,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.15" +version = "2.0.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a34fcf3e8b60f57e6a14301a2e916d323af98b0ea63c599441eec8558660c822" +checksum = "23e78b90f2fcf45d3e842032ce32e3f2d1545ba6636271dcbf24fa306d87be7a" dependencies = [ "proc-macro2", "quote", @@ -2295,7 +2441,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] [[package]] @@ -2549,7 +2695,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", "wasm-bindgen-shared", ] @@ -2583,7 +2729,7 @@ checksum = "4783ce29f09b9d93134d41297aded3a712b7b979e9c6f28c32cb88c973a94869" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2817,5 +2963,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.15", + "syn 2.0.39", ] diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index 4f2cefc81..269cb2387 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -136,6 +136,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ + "block-padding 0.2.1", "generic-array", ] @@ -148,6 +149,12 @@ dependencies = [ "generic-array", ] +[[package]] +name = "block-padding" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" + [[package]] name = "block-padding" version = "0.3.3" @@ -211,6 +218,26 @@ dependencies = [ "sha2 0.9.9", ] +[[package]] +name = "bulletproofs" +version = "3.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" +dependencies = [ + "byteorder", + "clear_on_drop", + "curve25519-dalek-ng", + "digest 0.9.0", + "merlin", + "rand 0.7.3", + "rand_core 0.5.1", + "serde", + "serde_derive", + "sha3 0.9.1", + "subtle-ng", + "thiserror", +] + [[package]] name = "bumpalo" version = "3.13.0" @@ -354,6 +381,15 @@ dependencies = [ "os_str_bytes", ] +[[package]] +name = "clear_on_drop" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" +dependencies = [ + "cc", +] + [[package]] name = "concordium-contracts-common" version = "8.0.0" @@ -391,23 +427,27 @@ dependencies = [ "anyhow", "base64 0.13.1", "bs58", + "bulletproofs", "byteorder", "cbc", "chrono", "concordium-contracts-common", "concordium_base_derive", "criterion", - "curve25519-dalek", + "curve25519-dalek 3.2.1", + "curve25519-dalek 4.1.1", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "hex", "hmac", "itertools", "leb128", "libc", + "merlin", "nom", "num", "num-bigint 0.4.4", @@ -422,7 +462,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.7", - "sha3", + "sha3 0.10.8", "subtle", "thiserror", "zeroize", @@ -560,6 +600,49 @@ dependencies = [ "zeroize", ] +[[package]] +name = "curve25519-dalek" +version = "4.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +dependencies = [ + "cfg-if", + "cpufeatures", + "curve25519-dalek-derive", + "fiat-crypto", + "group 0.13.0", + "platforms", + "rand_core 0.6.4", + "rustc_version", + "subtle", + "zeroize", +] + +[[package]] +name = "curve25519-dalek-derive" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.32", +] + +[[package]] +name = "curve25519-dalek-ng" +version = "3.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.5.1", + "serde", + "subtle-ng", + "zeroize", +] + [[package]] name = "darling" version = "0.20.3" @@ -652,7 +735,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek", + "curve25519-dalek 3.2.1", "ed25519", "rand 0.7.3", "serde", @@ -695,6 +778,16 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "ff" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "ff_derive" version = "0.4.1" @@ -709,6 +802,12 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "fiat-crypto" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" + [[package]] name = "fnv" version = "1.0.7" @@ -759,11 +858,22 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8cbdfc48f95bef47e3daf3b9d552a1dde6311e3a5fefa43e16c59f651d56fe5b" dependencies = [ - "ff", + "ff 0.5.2", "rand 0.7.3", "rand_xorshift", ] +[[package]] +name = "group" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" +dependencies = [ + "ff 0.13.0", + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "half" version = "1.8.2" @@ -896,7 +1006,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" dependencies = [ - "block-padding", + "block-padding 0.3.3", "generic-array", ] @@ -953,7 +1063,7 @@ name = "keygen_bls" version = "2.0.0" dependencies = [ "concordium_base", - "ff", + "ff 0.5.2", "hex", "hkdf", "pairing", @@ -999,6 +1109,18 @@ dependencies = [ "autocfg", ] +[[package]] +name = "merlin" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" +dependencies = [ + "byteorder", + "keccak", + "rand_core 0.5.1", + "zeroize", +] + [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1143,8 +1265,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94c40534479a28199cd5109da27fe2fc4a4728e4fc701d9e9c1bded78f3271e4" dependencies = [ "byteorder", - "ff", - "group", + "ff 0.5.2", + "group 0.2.0", "rand_core 0.5.1", ] @@ -1194,6 +1316,12 @@ dependencies = [ "sha2 0.10.7", ] +[[package]] +name = "platforms" +version = "3.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" + [[package]] name = "plotters" version = "0.3.5" @@ -1601,6 +1729,18 @@ dependencies = [ "digest 0.10.7", ] +[[package]] +name = "sha3" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" +dependencies = [ + "block-buffer 0.9.0", + "digest 0.9.0", + "keccak", + "opaque-debug", +] + [[package]] name = "sha3" version = "0.10.8" @@ -1642,6 +1782,12 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" +[[package]] +name = "subtle-ng" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" + [[package]] name = "syn" version = "1.0.109" diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 681961dd3..32bf967ec 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -34,6 +34,7 @@ rand = "0.7" num = "0.4" group = "0.2" curve25519-dalek = "3" +curve25519-dalek-new = {package = "curve25519-dalek", version = "4.1.1", features = ["group"]} zeroize = "1.1" # See https://github.com/serde-rs/json/issues/505 for the need to be careful. rust_decimal = { version = "1.25", features = ["serde-float", "serde-arbitrary-precision"]} @@ -52,6 +53,10 @@ pbkdf2 = { version = "0.11", optional = true } hmac = { version = "0.12", optional = true } nom = "7.1.3" +bulletproofs = "3.0.0" +merlin = { version = "2", default-features = false } +curve25519-dalek-ng = "3" + [lib] crate-type = ["rlib", "staticlib", "cdylib"] @@ -137,4 +142,8 @@ features = ["encryption"] [[bench]] name = "range_proof_bench" +harness = false + +[[bench]] +name = "range_proof_dalek_bench" harness = false \ No newline at end of file diff --git a/rust-src/concordium_base/benches/range_proof_bench.rs b/rust-src/concordium_base/benches/range_proof_bench.rs index 6b850a9c0..71803135e 100644 --- a/rust-src/concordium_base/benches/range_proof_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_bench.rs @@ -119,5 +119,5 @@ pub fn prove_verify_benchmarks (c: &mut Criterion) { criterion_group!( name = benchmarks; config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(10); - targets = prove_verify_benchmarks::, prove_verify_benchmarks::); + targets = prove_verify_benchmarks::, prove_verify_benchmarks::, prove_verify_benchmarks::); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs new file mode 100644 index 000000000..1306cfdd3 --- /dev/null +++ b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs @@ -0,0 +1,70 @@ +#![allow(non_snake_case)] + +use criterion::*; +use rand::Rng; +//use rand::*; +use rand_core::*; +use std::time::Duration; + + +use curve25519_dalek_ng::scalar::Scalar; +use merlin::Transcript; +use bulletproofs::RangeProof; +use bulletproofs::{BulletproofGens, PedersenGens}; + + +pub fn prove_verify_benchmarks(c: &mut Criterion) { + let n: usize = 32; + let m: usize = 16; + let mut group = c.benchmark_group("Range Proof over Dalek Curves"); + let pc_gens = PedersenGens::default(); + let bp_gens = BulletproofGens::new(n, m); + let mut rng = OsRng; + let (min, max) = (0u64, ((1u128 << n) - 1) as u64); + let values: Vec = (0..m).map(|_| rng.gen_range(min, max)).collect(); + let blindings: Vec = (0..m).map(|_| Scalar::random(&mut rng)).collect(); + let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); + + group.bench_function("Prove", move |b| { + b.iter(|| { + RangeProof::prove_multiple( + &bp_gens, + &pc_gens, + &mut transcript, + &values, + &blindings, + n, + ) + }) + }); + + let pc_gens = PedersenGens::default(); + let bp_gens = BulletproofGens::new(n, m); + let mut rng = rand::thread_rng(); + let (min, max) = (0u64, ((1u128 << n) - 1) as u64); + let values: Vec = (0..m).map(|_| rng.gen_range(min, max)).collect(); + let blindings: Vec = (0..m).map(|_| Scalar::random(&mut rng)).collect(); + let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); let (proof, value_commitments) = RangeProof::prove_multiple( + &bp_gens, + &pc_gens, + &mut transcript, + &values, + &blindings, + n, + ) + .unwrap(); + + group.bench_function("Verify Efficient", move |b| { + b.iter(|| { + let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); + assert!(proof.verify_multiple(&bp_gens, &pc_gens, &mut transcript, &value_commitments, n) + .is_ok()); + }) + }); +} + +criterion_group!( + name = benchmarks; + config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); + targets = prove_verify_benchmarks); +criterion_main!(benchmarks); \ No newline at end of file diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs new file mode 100644 index 000000000..1f8b1926b --- /dev/null +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs @@ -0,0 +1,226 @@ + +use std::{fmt::Display, ops::MulAssign}; +use std::ops::{AddAssign, SubAssign, Neg}; + +use byteorder::{LittleEndian, ByteOrder}; +use curve25519_dalek_ng::ristretto::{CompressedRistretto, RistrettoPoint}; +use curve25519_dalek_ng::{scalar::Scalar, traits::Identity, constants::RISTRETTO_BASEPOINT_POINT}; +use crate::common::{Serial, Deserial, Buffer}; + +use super::{Curve, Field, PrimeField}; + +/// A wrapper to make it possible to implement external traits +/// and to avoid clashes with blacket implementations. +#[derive(Clone, Copy, Debug, PartialEq, Eq)] +pub struct RistrettoScalar(Scalar); + +impl Serial for RistrettoScalar { + fn serial(&self, out: &mut B) { + let res: &[u8; 32] = self.0.as_bytes(); + out.write_all(res).expect("Writing to a buffer should not fail."); + } +} + +impl Deserial for RistrettoScalar { + + fn deserial(source: &mut R) -> crate::common::ParseResult { + let mut buf: [u8; 32] = [0; 32]; + source.read_exact(&mut buf)?; + let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!("Deserialization failed! Not a field value!"))?; + Ok(res.into()) + } +} + + +impl Display for RistrettoScalar { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + // Use Debug as Display for now + std::fmt::Debug::fmt(self, f) + } +} + +// Since we use a wrapper type, it is convenient to use `into()` to convert from Scalar. +impl From for RistrettoScalar { + fn from(value: Scalar) -> Self { + RistrettoScalar(value) + } +} + +impl Field for RistrettoScalar { + fn random(rng: &mut R) -> Self { + let mut scalar_bytes = [0u8; 64]; + rng.fill_bytes(&mut scalar_bytes); + Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() + } + + fn zero() -> Self { + Scalar::zero().into() + } + + fn one() -> Self { + Scalar::one().into() + } + + fn is_zero(&self) -> bool { + self.0 == Self::zero().0 + } + + fn square(&mut self) { + self.0.mul_assign(self.0) + } + + fn double(&mut self) { + self.0.add_assign(self.0) + } + + fn negate(&mut self) { + let v = self.0.neg(); + self.0 = v; + } + + fn add_assign(&mut self, other: &Self) { + self.0.add_assign(other.0) + } + + fn sub_assign(&mut self, other: &Self) { + self.0.sub_assign(other.0) + } + + fn mul_assign(&mut self, other: &Self) { + self.0.mul_assign(other.0) + } + + fn inverse(&self) -> Option { + if self.is_zero() { + None + } else { + Some(self.0.invert().into()) + } + } + + //fn frobenius_map(&mut self, power: usize) { + //self.pow(power) + //todo!() + //} +} + +impl PrimeField for RistrettoScalar { + // TODO: check this, this numbers are here just to make the compiler happy. + const NUM_BITS: u32 = 255; + + // TODO: check this, this numbers are here just to make the compiler happy. + const CAPACITY: u32 = 254; + + fn into_repr(self) -> Vec { + let mut vec: Vec = Vec::new(); + let bytes = self.0.to_bytes(); + for chunk in bytes.chunks(8) { + let x : [u8; 8] = chunk.try_into().unwrap(); + let x_64 = u64::from_le_bytes(x); + vec.push(x_64); + } + vec + } + + fn from_repr(r: &[u64]) -> Result { + let tmp: [u64; 4] = r.try_into().map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; + let mut s_bytes = [0u8; 32]; + for x in tmp { + LittleEndian::write_u64(&mut s_bytes, x); + } + let res = Scalar::from_canonical_bytes(s_bytes).ok_or(super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)))?; + Ok(res.into()) + } +} + +impl Serial for RistrettoPoint { + fn serial(&self, out: &mut B) { + let compressed_point = self.compress(); + let res: &[u8; 32] = compressed_point.as_bytes(); + out.write_all(res).expect("Writing to a buffer should not fail."); + } +} + +impl Deserial for RistrettoPoint { + fn deserial(source: &mut R) -> crate::common::ParseResult { + let mut buf: [u8; 32] = [0; 32]; + source.read_exact(&mut buf)?; + let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + Ok(res) + } +} + + +impl Curve for RistrettoPoint { + type Scalar = RistrettoScalar; + + // TODO: copied from the BLS curve; update this. + const SCALAR_LENGTH: usize = 32; + + // TODO: copied from the BLS curve; update this. + const GROUP_ELEMENT_LENGTH: usize = 96; + + fn zero_point() -> Self { + Self::identity() + } + + fn one_point() -> Self { + RISTRETTO_BASEPOINT_POINT + } + + fn is_zero_point(&self) -> bool { + self == &Self::zero_point() + } + + fn inverse_point(&self) -> Self { + -self + } + + fn double_point(&self) -> Self { + self + self + } + + fn plus_point(&self, other: &Self) -> Self { + self + other + } + + fn minus_point(&self, other: &Self) -> Self { + self - other + } + + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { + *self * (*scalar).0 + } + + fn bytes_to_curve_unchecked(source: &mut R) -> anyhow::Result { + let mut buf: [u8; 32] = [0; 32]; + source.read_exact(&mut buf)?; + let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + Ok(res) + } + + fn generate(rng: &mut R) -> Self { + let mut uniform_bytes = [0u8; 64]; + rng.fill_bytes(&mut uniform_bytes); + + RistrettoPoint::from_uniform_bytes(&uniform_bytes) + } + + fn generate_scalar(rng: &mut R) -> Self::Scalar { + let mut scalar_bytes = [0u8; 64]; + rng.fill_bytes(&mut scalar_bytes); + Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() + } + + fn scalar_from_u64(n: u64) -> Self::Scalar { + Scalar::from(n).into() + } + + fn scalar_from_bytes>(bs: A) -> Self::Scalar { + Scalar::hash_from_bytes::(bs.as_ref()).into() + } + + fn hash_to_group(m: &[u8]) -> Self { + RistrettoPoint::hash_from_bytes::(m) + } +} \ No newline at end of file diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index d2f1e5989..d133afe8f 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -4,6 +4,8 @@ mod bls12_381_g1hash; mod bls12_381_g2hash; mod bls12_381_instance; mod ed25519_instance; +mod ed25519_ng_instance; +//mod ed25519_new_instance; pub mod secret_value; pub use secret_value::{Secret, Value}; From 7a2005cadb9f47a8ed16dbf15246cfe9b8450693 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Fri, 17 Nov 2023 10:36:59 +0100 Subject: [PATCH 10/45] msm benchmark --- rust-src/concordium_base/Cargo.toml | 4 ++ rust-src/concordium_base/benches/msm_bench.rs | 57 +++++++++++++++++++ 2 files changed, 61 insertions(+) create mode 100644 rust-src/concordium_base/benches/msm_bench.rs diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 32bf967ec..d69649589 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -146,4 +146,8 @@ harness = false [[bench]] name = "range_proof_dalek_bench" +harness = false + +[[bench]] +name = "msm_bench" harness = false \ No newline at end of file diff --git a/rust-src/concordium_base/benches/msm_bench.rs b/rust-src/concordium_base/benches/msm_bench.rs new file mode 100644 index 000000000..f92ae2226 --- /dev/null +++ b/rust-src/concordium_base/benches/msm_bench.rs @@ -0,0 +1,57 @@ +#![allow(non_snake_case)] + +#[macro_use] +extern crate criterion; + +use concordium_base::curve_arithmetic::*; +use criterion::Criterion; +use curve25519_dalek::ristretto::RistrettoPoint; +use pairing::bls12_381::G1; +use rand::*; +use std::time::Duration; + +const N: usize = 512; + +pub fn ccd_msm_benchmarks (c: &mut Criterion) { + let mut group = c.benchmark_group("Multi-Scalar Multiplication"); + let rng = &mut thread_rng(); + + + let mut G = Vec::with_capacity(N); + let mut V: Vec<::Scalar> = Vec::with_capacity(N); + + for _ in 0..N { + let g = SomeCurve::generate(rng); + let v: ::Scalar = SomeCurve::generate_scalar(rng); + G.push(g); + V.push(v); + } + group.bench_function("MSM in Concordium over BLS/Ristretto curve", move |b| { + b.iter(|| { + multiexp(&G, &V); + }) + }); +} + +pub fn dalek_msm_benchmarks (c: &mut Criterion) { + let mut group = c.benchmark_group("Multi-Scalar Multiplication"); + let mut rng = &mut thread_rng(); + + use curve25519_dalek::scalar::Scalar; + use curve25519_dalek::traits::VartimeMultiscalarMul; + let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); + let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); + + group.bench_function("MSM in Dalek over Ristretto curve", move |b| { + b.iter(|| { + RistrettoPoint::vartime_multiscalar_mul(&V, &G); + }) + }); +} + +criterion_group!( + name = benchmarks; + config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(100); + targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks::); +criterion_main!(benchmarks); + From 8610c747d01d6b48c2b09fbe593c1790031299ec Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 22 Nov 2023 13:02:08 +0100 Subject: [PATCH 11/45] Use different multiexp implementations: generic of BSL and special for ristretto; add benchmarks --- identity-provider-service/Cargo.lock | 137 +++++ idiss/Cargo.lock | 137 +++++ mobile_wallet/Cargo.lock | 137 +++++ rust-bins/Cargo.lock | 137 +++++ rust-src/Cargo.lock | 490 +++++++++++++++++- rust-src/concordium_base/Cargo.toml | 9 +- rust-src/concordium_base/benches/msm_bench.rs | 32 +- .../benches/range_proof_bench.rs | 16 +- .../benches/range_proof_dalek_bench.rs | 43 +- .../src/bulletproofs/range_proof.rs | 19 +- .../src/bulletproofs/set_membership_proof.rs | 3 +- .../curve_arithmetic/arkworks_instances.rs | 140 +++++ .../curve_arithmetic/bls12_381_instance.rs | 10 +- .../src/curve_arithmetic/ed25519_arkworks.rs | 7 + .../src/curve_arithmetic/ed25519_instance.rs | 160 +++--- .../curve_arithmetic/ed25519_ng_instance.rs | 174 +++---- .../src/curve_arithmetic/mod.rs | 141 ++++- 17 files changed, 1548 insertions(+), 244 deletions(-) create mode 100644 rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs create mode 100644 rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs diff --git a/identity-provider-service/Cargo.lock b/identity-provider-service/Cargo.lock index 07ff35e13..c79a4b00b 100644 --- a/identity-provider-service/Cargo.lock +++ b/identity-provider-service/Cargo.lock @@ -57,6 +57,123 @@ version = "1.0.71" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8" +[[package]] +name = "ark-curve25519" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ab653b3eff27100f7dcb06b94785f2fbe0d1230408df55d543ee0ef48cd8760" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-ec" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +dependencies = [ + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", + "itertools", + "num-traits", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm", + "ark-ff-macros", + "ark-serialize", + "ark-std", + "derivative", + "digest 0.10.6", + "itertools", + "num-bigint 0.4.3", + "num-traits", + "paste", + "rustc_version", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint 0.4.3", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-poly" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +dependencies = [ + "ark-ff", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-serialize-derive", + "ark-std", + "digest 0.10.6", + "num-bigint 0.4.3", +] + +[[package]] +name = "ark-serialize-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand 0.8.5", +] + [[package]] name = "arrayvec" version = "0.7.2" @@ -345,6 +462,9 @@ name = "concordium_base" version = "3.0.1" dependencies = [ "anyhow", + "ark-curve25519", + "ark-ec", + "ark-ff", "bs58", "bulletproofs", "byteorder", @@ -567,6 +687,17 @@ dependencies = [ "syn 2.0.39", ] +[[package]] +name = "derivative" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "derive_more" version = "0.99.17" @@ -1513,6 +1644,12 @@ dependencies = [ "windows-sys 0.45.0", ] +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + [[package]] name = "percent-encoding" version = "2.2.0" diff --git a/idiss/Cargo.lock b/idiss/Cargo.lock index 736163f2a..9103703a3 100644 --- a/idiss/Cargo.lock +++ b/idiss/Cargo.lock @@ -57,6 +57,123 @@ version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "224afbd727c3d6e4b90103ece64b8d1b67fbb1973b1046c2281eed3f3803f800" +[[package]] +name = "ark-curve25519" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ab653b3eff27100f7dcb06b94785f2fbe0d1230408df55d543ee0ef48cd8760" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-ec" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +dependencies = [ + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", + "itertools", + "num-traits", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm", + "ark-ff-macros", + "ark-serialize", + "ark-std", + "derivative", + "digest 0.10.6", + "itertools", + "num-bigint 0.4.3", + "num-traits", + "paste", + "rustc_version", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint 0.4.3", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-poly" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +dependencies = [ + "ark-ff", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-serialize-derive", + "ark-std", + "digest 0.10.6", + "num-bigint 0.4.3", +] + +[[package]] +name = "ark-serialize-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand 0.8.5", +] + [[package]] name = "arrayvec" version = "0.7.2" @@ -370,6 +487,9 @@ name = "concordium_base" version = "3.0.1" dependencies = [ "anyhow", + "ark-curve25519", + "ark-ec", + "ark-ff", "bs58", "bulletproofs", "byteorder", @@ -626,6 +746,17 @@ dependencies = [ "syn 2.0.39", ] +[[package]] +name = "derivative" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "derive_more" version = "0.99.17" @@ -1194,6 +1325,12 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + [[package]] name = "peeking_take_while" version = "0.1.2" diff --git a/mobile_wallet/Cargo.lock b/mobile_wallet/Cargo.lock index b55b2c8ab..da6a566f1 100644 --- a/mobile_wallet/Cargo.lock +++ b/mobile_wallet/Cargo.lock @@ -48,6 +48,123 @@ version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "224afbd727c3d6e4b90103ece64b8d1b67fbb1973b1046c2281eed3f3803f800" +[[package]] +name = "ark-curve25519" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ab653b3eff27100f7dcb06b94785f2fbe0d1230408df55d543ee0ef48cd8760" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-ec" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +dependencies = [ + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", + "itertools", + "num-traits", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm", + "ark-ff-macros", + "ark-serialize", + "ark-std", + "derivative", + "digest 0.10.6", + "itertools", + "num-bigint 0.4.3", + "num-traits", + "paste", + "rustc_version", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint 0.4.3", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-poly" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +dependencies = [ + "ark-ff", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-serialize-derive", + "ark-std", + "digest 0.10.6", + "num-bigint 0.4.3", +] + +[[package]] +name = "ark-serialize-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand 0.8.5", +] + [[package]] name = "arrayvec" version = "0.7.2" @@ -323,6 +440,9 @@ name = "concordium_base" version = "3.0.1" dependencies = [ "anyhow", + "ark-curve25519", + "ark-ec", + "ark-ff", "bs58", "bulletproofs", "byteorder", @@ -579,6 +699,17 @@ dependencies = [ "syn 2.0.39", ] +[[package]] +name = "derivative" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "derive_more" version = "0.99.17" @@ -1170,6 +1301,12 @@ dependencies = [ "subtle", ] +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + [[package]] name = "pbkdf2" version = "0.10.1" diff --git a/rust-bins/Cargo.lock b/rust-bins/Cargo.lock index ce4532a8b..2af1805db 100644 --- a/rust-bins/Cargo.lock +++ b/rust-bins/Cargo.lock @@ -68,6 +68,123 @@ version = "1.0.71" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8" +[[package]] +name = "ark-curve25519" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ab653b3eff27100f7dcb06b94785f2fbe0d1230408df55d543ee0ef48cd8760" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-ec" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +dependencies = [ + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", + "itertools", + "num-traits", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm", + "ark-ff-macros", + "ark-serialize", + "ark-std", + "derivative", + "digest 0.10.6", + "itertools", + "num-bigint 0.4.3", + "num-traits", + "paste", + "rustc_version", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint 0.4.3", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-poly" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +dependencies = [ + "ark-ff", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-serialize-derive", + "ark-std", + "digest 0.10.6", + "num-bigint 0.4.3", +] + +[[package]] +name = "ark-serialize-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand 0.8.5", +] + [[package]] name = "arrayvec" version = "0.7.2" @@ -381,6 +498,9 @@ version = "3.0.1" dependencies = [ "aes", "anyhow", + "ark-curve25519", + "ark-ec", + "ark-ff", "base64 0.13.1", "bs58", "bulletproofs", @@ -645,6 +765,17 @@ dependencies = [ "syn 2.0.39", ] +[[package]] +name = "derivative" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "derive_more" version = "0.99.17" @@ -1682,6 +1813,12 @@ dependencies = [ "subtle", ] +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + [[package]] name = "pbkdf2" version = "0.10.1" diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index 269cb2387..b9041e9e3 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -2,6 +2,21 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "addr2line" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a30b2e23b9e17a9f90641c7ab1549cd9b44f296d3ccbf309d2863cfe398a0cb" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" + [[package]] name = "aes" version = "0.8.3" @@ -31,6 +46,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" dependencies = [ "cfg-if", + "getrandom 0.2.10", "once_cell", "version_check", ] @@ -71,6 +87,123 @@ version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" +[[package]] +name = "ark-curve25519" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4ab653b3eff27100f7dcb06b94785f2fbe0d1230408df55d543ee0ef48cd8760" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-std", +] + +[[package]] +name = "ark-ec" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +dependencies = [ + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", + "itertools", + "num-traits", + "zeroize", +] + +[[package]] +name = "ark-ff" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +dependencies = [ + "ark-ff-asm", + "ark-ff-macros", + "ark-serialize", + "ark-std", + "derivative", + "digest 0.10.7", + "itertools", + "num-bigint 0.4.4", + "num-traits", + "paste", + "rustc_version", + "zeroize", +] + +[[package]] +name = "ark-ff-asm" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +dependencies = [ + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-ff-macros" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +dependencies = [ + "num-bigint 0.4.4", + "num-traits", + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-poly" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +dependencies = [ + "ark-ff", + "ark-serialize", + "ark-std", + "derivative", + "hashbrown 0.13.2", +] + +[[package]] +name = "ark-serialize" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +dependencies = [ + "ark-serialize-derive", + "ark-std", + "digest 0.10.7", + "num-bigint 0.4.4", +] + +[[package]] +name = "ark-serialize-derive" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "ark-std" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +dependencies = [ + "num-traits", + "rand 0.8.5", +] + [[package]] name = "arrayvec" version = "0.7.4" @@ -94,6 +227,21 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "backtrace" +version = "0.3.69" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2089b7e3f35b9dd2d0ed921ead4f6d318c27680d4a5bd167b3ee120edb105837" +dependencies = [ + "addr2line", + "cc", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", +] + [[package]] name = "base64" version = "0.13.1" @@ -114,9 +262,15 @@ checksum = "8a32fd6af2b5827bce66c29053ba0e7c42b9dcab01835835058558c10851a46b" [[package]] name = "bitflags" -version = "1.3.2" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" + +[[package]] +name = "bitflags" +version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +checksum = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07" [[package]] name = "bitvec" @@ -266,6 +420,12 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "bytemuck" +version = "1.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "374d28ec25809ee0e23827c2ab573d729e293f281dfe393500e7ad618baa61c6" + [[package]] name = "byteorder" version = "1.4.3" @@ -366,7 +526,7 @@ version = "3.2.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123" dependencies = [ - "bitflags", + "bitflags 1.2.1", "clap_lex", "indexmap 1.9.3", "textwrap", @@ -425,6 +585,9 @@ version = "3.0.1" dependencies = [ "aes", "anyhow", + "ark-curve25519", + "ark-ec", + "ark-ff", "base64 0.13.1", "bs58", "bulletproofs", @@ -454,6 +617,7 @@ dependencies = [ "num-traits", "pairing", "pbkdf2 0.11.0", + "pprof", "rand 0.7.3", "rand_core 0.5.1", "rayon", @@ -489,6 +653,15 @@ version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" +[[package]] +name = "cpp_demangle" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7e8227005286ec39567949b33df9896bcadfa6051bccca2488129f108ca23119" +dependencies = [ + "cfg-if", +] + [[package]] name = "cpufeatures" version = "0.2.9" @@ -678,6 +851,15 @@ dependencies = [ "syn 2.0.32", ] +[[package]] +name = "debugid" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef552e6f588e446098f6ba40d89ac146c8c7b64aade83c051ee00bb5d2bc18d" +dependencies = [ + "uuid", +] + [[package]] name = "deranged" version = "0.3.8" @@ -687,6 +869,17 @@ dependencies = [ "serde", ] +[[package]] +name = "derivative" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "derive_more" version = "0.99.17" @@ -767,6 +960,22 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" +[[package]] +name = "errno" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c18ee0ed65a5f1f81cac6b1d213b69c35fa47d4252ad41f1486dbd8226fe36e" +dependencies = [ + "libc", + "windows-sys", +] + +[[package]] +name = "fastrand" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" + [[package]] name = "ff" version = "0.5.2" @@ -808,6 +1017,18 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" +[[package]] +name = "findshlibs" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "40b9e59cd0f7e0806cca4be089683ecb6434e602038df21fe6bf6711b2f07f64" +dependencies = [ + "cc", + "lazy_static", + "libc", + "winapi", +] + [[package]] name = "fnv" version = "1.0.7" @@ -852,6 +1073,12 @@ dependencies = [ "wasi 0.11.0+wasi-snapshot-preview1", ] +[[package]] +name = "gimli" +version = "0.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fb8d784f27acf97159b40fc4db5ecd8aa23b9ad5ef69cdd136d3bc80665f0c0" + [[package]] name = "group" version = "0.2.0" @@ -1000,6 +1227,24 @@ dependencies = [ "serde", ] +[[package]] +name = "inferno" +version = "0.11.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "abfb2e51b23c338595ae0b6bdaaa7a4a8b860b8d788a4331cb07b50fe5dea71b" +dependencies = [ + "ahash 0.8.3", + "indexmap 2.0.0", + "is-terminal", + "itoa", + "log", + "num-format", + "once_cell", + "quick-xml", + "rgb", + "str_stack", +] + [[package]] name = "inout" version = "0.1.3" @@ -1010,6 +1255,17 @@ dependencies = [ "generic-array", ] +[[package]] +name = "is-terminal" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" +dependencies = [ + "hermit-abi 0.3.2", + "rustix", + "windows-sys", +] + [[package]] name = "itertools" version = "0.10.5" @@ -1084,9 +1340,25 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "libc" -version = "0.2.147" +version = "0.2.150" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" + +[[package]] +name = "linux-raw-sys" +version = "0.4.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "969488b55f8ac402214f3f5fd243ebb7206cf82de60d3172994707a4bcc2b829" + +[[package]] +name = "lock_api" +version = "0.4.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" +dependencies = [ + "autocfg", + "scopeguard", +] [[package]] name = "log" @@ -1100,6 +1372,15 @@ version = "2.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c" +[[package]] +name = "memmap2" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83faa42c0a078c393f6b29d5db232d8be22776a891f8f56e5284faee4a20b327" +dependencies = [ + "libc", +] + [[package]] name = "memoffset" version = "0.9.0" @@ -1127,6 +1408,26 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" +[[package]] +name = "miniz_oxide" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" +dependencies = [ + "adler", +] + +[[package]] +name = "nix" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b" +dependencies = [ + "bitflags 1.2.1", + "cfg-if", + "libc", +] + [[package]] name = "nom" version = "7.1.3" @@ -1182,6 +1483,16 @@ dependencies = [ "num-traits", ] +[[package]] +name = "num-format" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a652d9771a63711fd3c3deb670acfbe5c30a4072e664d7a3bf5a9e1056ac72c3" +dependencies = [ + "arrayvec", + "itoa", +] + [[package]] name = "num-integer" version = "0.1.45" @@ -1234,6 +1545,15 @@ dependencies = [ "libc", ] +[[package]] +name = "object" +version = "0.32.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cf5f9dd3933bd50a9e1f149ec995f39ae2c496d31fd772c1fd45ebc27e902b0" +dependencies = [ + "memchr", +] + [[package]] name = "once_cell" version = "1.18.0" @@ -1270,6 +1590,29 @@ dependencies = [ "rand_core 0.5.1", ] +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core", +] + +[[package]] +name = "parking_lot_core" +version = "0.9.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e" +dependencies = [ + "cfg-if", + "libc", + "redox_syscall", + "smallvec", + "windows-targets", +] + [[package]] name = "password-hash" version = "0.3.2" @@ -1292,6 +1635,12 @@ dependencies = [ "subtle", ] +[[package]] +name = "paste" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" + [[package]] name = "pbkdf2" version = "0.10.1" @@ -1350,6 +1699,28 @@ dependencies = [ "plotters-backend", ] +[[package]] +name = "pprof" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "196ded5d4be535690899a4631cc9f18cdc41b7ebf24a79400f46f48e49a11059" +dependencies = [ + "backtrace", + "cfg-if", + "criterion", + "findshlibs", + "inferno", + "libc", + "log", + "nix", + "once_cell", + "parking_lot", + "smallvec", + "symbolic-demangle", + "tempfile", + "thiserror", +] + [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1394,6 +1765,15 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "quick-xml" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f50b1c63b38611e7d4d7f68b82d3ad0cc71a2ad2e7f61fc10f1328d917c93cd" +dependencies = [ + "memchr", +] + [[package]] name = "quote" version = "1.0.33" @@ -1521,6 +1901,15 @@ dependencies = [ "num_cpus", ] +[[package]] +name = "redox_syscall" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa" +dependencies = [ + "bitflags 1.2.1", +] + [[package]] name = "regex" version = "1.9.5" @@ -1559,6 +1948,15 @@ dependencies = [ "bytecheck", ] +[[package]] +name = "rgb" +version = "0.8.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05aaa8004b64fd573fc9d002f4e632d51ad4f026c2b5ba95fcb6c2f32c2c47d8" +dependencies = [ + "bytemuck", +] + [[package]] name = "rkyv" version = "0.7.42" @@ -1603,6 +2001,12 @@ dependencies = [ "serde_json", ] +[[package]] +name = "rustc-demangle" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" + [[package]] name = "rustc_version" version = "0.4.0" @@ -1612,6 +2016,19 @@ dependencies = [ "semver", ] +[[package]] +name = "rustix" +version = "0.38.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ffb93593068e9babdad10e4fce47dc9b3ac25315a72a59766ffd9e9a71996a04" +dependencies = [ + "bitflags 2.4.1", + "errno", + "libc", + "linux-raw-sys", + "windows-sys", +] + [[package]] name = "ryu" version = "1.0.15" @@ -1770,6 +2187,24 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f27f6278552951f1f2b8cf9da965d10969b2efdea95a6ec47987ab46edfe263a" +[[package]] +name = "smallvec" +version = "1.11.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dccd0940a2dcdf68d092b8cbab7dc0ad8fa938bf95787e1b916b0e3d0e8e970" + +[[package]] +name = "stable_deref_trait" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" + +[[package]] +name = "str_stack" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9091b6114800a5f2141aee1d1b9d6ca3592ac062dc5decb3764ec5895a47b4eb" + [[package]] name = "strsim" version = "0.10.0" @@ -1788,6 +2223,29 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" +[[package]] +name = "symbolic-common" +version = "10.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b55cdc318ede251d0957f07afe5fed912119b8c1bc5a7804151826db999e737" +dependencies = [ + "debugid", + "memmap2", + "stable_deref_trait", + "uuid", +] + +[[package]] +name = "symbolic-demangle" +version = "10.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "79be897be8a483a81fff6a3a4e195b4ac838ef73ca42d348b3f722da9902e489" +dependencies = [ + "cpp_demangle", + "rustc-demangle", + "symbolic-common", +] + [[package]] name = "syn" version = "1.0.109" @@ -1816,6 +2274,19 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" +[[package]] +name = "tempfile" +version = "3.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ef1adac450ad7f4b3c28589471ade84f25f731a7a0fe30d71dfa9f60fd808e5" +dependencies = [ + "cfg-if", + "fastrand", + "redox_syscall", + "rustix", + "windows-sys", +] + [[package]] name = "textwrap" version = "0.16.0" @@ -2054,6 +2525,15 @@ dependencies = [ "windows-targets", ] +[[package]] +name = "windows-sys" +version = "0.48.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" +dependencies = [ + "windows-targets", +] + [[package]] name = "windows-targets" version = "0.48.5" diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index d69649589..8a1d4c439 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -13,6 +13,9 @@ homepage = "https://github.com/Concordium/concordium-base" [dependencies] ff = "0.5" +ark-ff = "0.4" +ark-ec = "0.4" +ark-curve25519 = "0.4.0" sha2 = "0.10" sha3 = "0.10" anyhow = "1.0" @@ -34,7 +37,6 @@ rand = "0.7" num = "0.4" group = "0.2" curve25519-dalek = "3" -curve25519-dalek-new = {package = "curve25519-dalek", version = "4.1.1", features = ["group"]} zeroize = "1.1" # See https://github.com/serde-rs/json/issues/505 for the need to be careful. rust_decimal = { version = "1.25", features = ["serde-float", "serde-arbitrary-precision"]} @@ -80,6 +82,7 @@ encryption = ["cbc", "aes", "base64", "pbkdf2", "hmac"] [dev-dependencies] criterion = "0.4" rand = {version = "0.7", features = ["small_rng"]} +pprof = { version = "0.11", features = ["flamegraph", "criterion"] } [[bench]] name = "hash_bench" @@ -150,4 +153,6 @@ harness = false [[bench]] name = "msm_bench" -harness = false \ No newline at end of file +harness = false +[profile.release] +debug = true diff --git a/rust-src/concordium_base/benches/msm_bench.rs b/rust-src/concordium_base/benches/msm_bench.rs index f92ae2226..01c53606a 100644 --- a/rust-src/concordium_base/benches/msm_bench.rs +++ b/rust-src/concordium_base/benches/msm_bench.rs @@ -5,7 +5,7 @@ extern crate criterion; use concordium_base::curve_arithmetic::*; use criterion::Criterion; -use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek_ng::{ristretto::RistrettoPoint, traits::VartimePrecomputedMultiscalarMul}; use pairing::bls12_381::G1; use rand::*; use std::time::Duration; @@ -28,17 +28,20 @@ pub fn ccd_msm_benchmarks (c: &mut Criterion) { } group.bench_function("MSM in Concordium over BLS/Ristretto curve", move |b| { b.iter(|| { - multiexp(&G, &V); + // Create msm algoritm instane with a precomputed point table. + // For the ristretto curve it will use the VartimeRistrettoPrecomputation and our generic implementation for the BLS curve + let msm = SomeCurve::new_multiexp(&G); + msm.multiexp(&V); }) }); } -pub fn dalek_msm_benchmarks (c: &mut Criterion) { +pub fn dalek_msm_benchmarks(c: &mut Criterion) { let mut group = c.benchmark_group("Multi-Scalar Multiplication"); let mut rng = &mut thread_rng(); - use curve25519_dalek::scalar::Scalar; - use curve25519_dalek::traits::VartimeMultiscalarMul; + use curve25519_dalek_ng::scalar::Scalar; + use curve25519_dalek_ng::traits::VartimeMultiscalarMul; let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); @@ -49,9 +52,26 @@ pub fn dalek_msm_benchmarks (c: &mut Criterion) { }); } +pub fn dalek_msm_benchmarks_precompute(c: &mut Criterion) { + let mut group = c.benchmark_group("Multi-Scalar Multiplication"); + let mut rng = &mut thread_rng(); + + use curve25519_dalek_ng::scalar::Scalar; + use curve25519_dalek_ng::ristretto::VartimeRistrettoPrecomputation; + let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); + let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); + + group.bench_function("MSM in Dalek over Ristretto curve", move |b| { + b.iter(|| { + let msm = ::new(&G); + msm.vartime_multiscalar_mul(&V); + }) + }); +} + criterion_group!( name = benchmarks; config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(100); - targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks::); + targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks, dalek_msm_benchmarks_precompute); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/benches/range_proof_bench.rs b/rust-src/concordium_base/benches/range_proof_bench.rs index 71803135e..58f841f2f 100644 --- a/rust-src/concordium_base/benches/range_proof_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_bench.rs @@ -5,7 +5,7 @@ extern crate criterion; use concordium_base::{ bulletproofs::{range_proof::*, utils::Generators}, - curve_arithmetic::*, + curve_arithmetic::{arkworks_instances::*, *}, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, @@ -13,12 +13,13 @@ use concordium_base::{ use criterion::Criterion; use curve25519_dalek::ristretto::RistrettoPoint; use pairing::bls12_381::G1; +use pprof::criterion::Output; use rand::*; use std::time::Duration; // type SomeCurve = G1; -pub fn prove_verify_benchmarks (c: &mut Criterion) { +pub fn prove_verify_benchmarks(c: &mut Criterion) { let mut group = c.benchmark_group("Range Proof"); let rng = &mut thread_rng(); @@ -118,6 +119,13 @@ pub fn prove_verify_benchmarks (c: &mut Criterion) { criterion_group!( name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(10); - targets = prove_verify_benchmarks::, prove_verify_benchmarks::, prove_verify_benchmarks::); + config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10).with_profiler( + pprof::criterion::PProfProfiler::new(100, Output::Flamegraph(None)) + ); + targets = + prove_verify_benchmarks::, + prove_verify_benchmarks::, + prove_verify_benchmarks::, + //prove_verify_benchmarks::> +); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs index 1306cfdd3..00e2ba784 100644 --- a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs @@ -1,17 +1,15 @@ #![allow(non_snake_case)] use criterion::*; +use pprof::criterion::{Output, PProfProfiler}; use rand::Rng; -//use rand::*; +// use rand::*; use rand_core::*; use std::time::Duration; - +use bulletproofs::{BulletproofGens, PedersenGens, RangeProof}; use curve25519_dalek_ng::scalar::Scalar; use merlin::Transcript; -use bulletproofs::RangeProof; -use bulletproofs::{BulletproofGens, PedersenGens}; - pub fn prove_verify_benchmarks(c: &mut Criterion) { let n: usize = 32; @@ -23,18 +21,11 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { let (min, max) = (0u64, ((1u128 << n) - 1) as u64); let values: Vec = (0..m).map(|_| rng.gen_range(min, max)).collect(); let blindings: Vec = (0..m).map(|_| Scalar::random(&mut rng)).collect(); - let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); + let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); group.bench_function("Prove", move |b| { b.iter(|| { - RangeProof::prove_multiple( - &bp_gens, - &pc_gens, - &mut transcript, - &values, - &blindings, - n, - ) + RangeProof::prove_multiple(&bp_gens, &pc_gens, &mut transcript, &values, &blindings, n) }) }); @@ -44,27 +35,25 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { let (min, max) = (0u64, ((1u128 << n) - 1) as u64); let values: Vec = (0..m).map(|_| rng.gen_range(min, max)).collect(); let blindings: Vec = (0..m).map(|_| Scalar::random(&mut rng)).collect(); - let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); let (proof, value_commitments) = RangeProof::prove_multiple( - &bp_gens, - &pc_gens, - &mut transcript, - &values, - &blindings, - n, - ) - .unwrap(); + let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); + let (proof, value_commitments) = + RangeProof::prove_multiple(&bp_gens, &pc_gens, &mut transcript, &values, &blindings, n) + .unwrap(); group.bench_function("Verify Efficient", move |b| { b.iter(|| { let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); - assert!(proof.verify_multiple(&bp_gens, &pc_gens, &mut transcript, &value_commitments, n) - .is_ok()); + assert!(proof + .verify_multiple(&bp_gens, &pc_gens, &mut transcript, &value_commitments, n) + .is_ok()); }) }); } criterion_group!( name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); + config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10).with_profiler( + PProfProfiler::new(100, Output::Flamegraph(None)) + ); targets = prove_verify_benchmarks); -criterion_main!(benchmarks); \ No newline at end of file +criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/src/bulletproofs/range_proof.rs b/rust-src/concordium_base/src/bulletproofs/range_proof.rs index 68e7275a0..446ea8990 100644 --- a/rust-src/concordium_base/src/bulletproofs/range_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/range_proof.rs @@ -3,7 +3,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, curve_arithmetic::{ - multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, Value, PrimeField, + multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, PrimeField, Value, MultiExp, }, id::id_proof_types::ProofVersion, pedersen_commitment::*, @@ -226,11 +226,16 @@ pub fn prove( .copied() .chain(once(B_tilde)) .collect(); - // compute A and S comittments using multi exponentiation - let window_size = 4; - let table = multiexp_table(&GH_B_tilde, window_size); - let A = multiexp_worker_given_table(&A_scalars, &table, window_size); - let S = multiexp_worker_given_table(&S_scalars, &table, window_size); + // // compute A and S comittments using multi exponentiation + // let window_size = 4; + // let table = multiexp_table(&GH_B_tilde, window_size); + // let A = multiexp_worker_given_table(&A_scalars, &table, window_size); + // let S = multiexp_worker_given_table(&S_scalars, &table, window_size); + let multiexp_alg = C::new_multiexp(GH_B_tilde); + let A = multiexp_alg.multiexp(A_scalars); + let S = multiexp_alg.multiexp(S_scalars); + // let A = multiexp(&GH_B_tilde, &A_scalars); + // let S = multiexp(GH_B_tilde, &S_scalars); // append commitments A and S to transcript transcript.append_message(b"A", &A); transcript.append_message(b"S", &S); @@ -808,7 +813,7 @@ mod tests { /// The second check will fail. /// This is tested by checking if the verifier returns /// Err(Err(VerificationError::Second)) - type SomeCurve = G1; + type SomeCurve = curve25519_dalek::ristretto::RistrettoPoint; #[allow(non_snake_case)] #[allow(clippy::too_many_arguments)] #[allow(clippy::many_single_char_names)] diff --git a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs index fdb32df64..3778efdc2 100644 --- a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs @@ -2,8 +2,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{ - multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, }, + curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field}, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, diff --git a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs new file mode 100644 index 000000000..4f3a37c02 --- /dev/null +++ b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs @@ -0,0 +1,140 @@ +use core::fmt; + +use crate::common::{Deserial, Serial}; + +use super::{Curve, Field, PrimeField, GenericMultiExp}; + +#[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] +pub struct ArkField< + F: ark_ff::Field + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, +>(F); + +impl Serial + for ArkField +{ + fn serial(&self, out: &mut B) { todo!() } +} + +impl + Deserial for ArkField +{ + fn deserial(source: &mut R) -> crate::common::ParseResult { + todo!() + } +} + +impl + fmt::Display for ArkField +{ + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + ::fmt(&self.0, f) + } +} + +impl Field for ArkField { + fn random(rng: &mut R) -> Self { todo!() } + + fn zero() -> Self { todo!() } + + fn one() -> Self { todo!() } + + fn is_zero(&self) -> bool { todo!() } + + fn square(&mut self) { todo!() } + + fn double(&mut self) { todo!() } + + fn negate(&mut self) { todo!() } + + fn add_assign(&mut self, other: &Self) { todo!() } + + fn sub_assign(&mut self, other: &Self) { todo!() } + + fn mul_assign(&mut self, other: &Self) { todo!() } + + fn inverse(&self) -> Option { todo!() } +} + +impl PrimeField for ArkField { + const CAPACITY: u32 = Self::NUM_BITS - 1; + const NUM_BITS: u32 = F::MODULUS_BIT_SIZE; + + fn into_repr(self) -> Vec { self.0.into_bigint().as_ref().to_vec() } + + fn from_repr(_: &[u64]) -> Result { todo!() } +} + +#[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] +pub struct ArkGroup< + G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, +>(G); + +impl< + G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + > Serial for ArkGroup +{ + fn serial(&self, out: &mut B) { todo!() } +} + +impl< + G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + > Deserial for ArkGroup +{ + fn deserial(source: &mut R) -> crate::common::ParseResult { + todo!() + } +} + +impl< + G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + > From for ArkGroup +{ + fn from(value: G) -> Self { ArkGroup(value) } +} + +pub(crate) trait CurveElementLength { + const SCALAR_LENGTH: usize; + + const GROUP_ELEMENT_LENGTH: usize; +} + +impl Curve for ArkGroup { + type MultiExpType = GenericMultiExp; + type Scalar = ArkField; + + const GROUP_ELEMENT_LENGTH: usize = G::GROUP_ELEMENT_LENGTH; + const SCALAR_LENGTH: usize = G::SCALAR_LENGTH; + + fn zero_point() -> Self { ArkGroup(G::zero()) } + + fn one_point() -> Self { ArkGroup(G::generator()) } + + fn is_zero_point(&self) -> bool { self.0.is_zero() } + + fn inverse_point(&self) -> Self { ArkGroup(-self.0) } + + fn double_point(&self) -> Self { ArkGroup(self.0.double()) } + + fn plus_point(&self, other: &Self) -> Self { ArkGroup(self.0 + other.0) } + + fn minus_point(&self, other: &Self) -> Self { ArkGroup(self.0 - other.0) } + + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { ArkGroup(self.0 * scalar.0) } + + fn bytes_to_curve_unchecked(b: &mut R) -> anyhow::Result { + todo!() + } + + fn generate(rng: &mut R) -> Self { + // G::ran + todo!() + } + + fn generate_scalar(rng: &mut R) -> Self::Scalar { todo!() } + + fn scalar_from_u64(n: u64) -> Self::Scalar { todo!() } + + fn scalar_from_bytes>(bs: A) -> Self::Scalar { todo!() } + + fn hash_to_group(m: &[u8]) -> Self { todo!() } +} diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 7674bb860..9e579ec0b 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -52,7 +52,7 @@ impl Field for F { fn inverse(&self) -> Option { self.inverse() } - //fn frobenius_map(&mut self, power: usize) { self.frobenius_map(power) } + // fn frobenius_map(&mut self, power: usize) { self.frobenius_map(power) } } impl From for CurveDecodingError { @@ -63,9 +63,7 @@ impl From for CurveDecodingError { } impl PrimeField for Fr { - const CAPACITY: u32 = ::CAPACITY; - const NUM_BITS: u32 = ::NUM_BITS; fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } @@ -80,9 +78,7 @@ impl PrimeField for Fr { } impl PrimeField for Fq { - const CAPACITY: u32 = ::CAPACITY; - const NUM_BITS: u32 = ::NUM_BITS; fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } @@ -98,6 +94,7 @@ impl PrimeField for Fq { impl Curve for G2 { type Scalar = Fr; + type MultiExpType = GenericMultiExp; const GROUP_ELEMENT_LENGTH: usize = 96; const SCALAR_LENGTH: usize = 32; @@ -163,6 +160,7 @@ impl Curve for G2 { } impl Curve for G1 { + type MultiExpType = GenericMultiExp; type Scalar = Fr; const GROUP_ELEMENT_LENGTH: usize = 48; @@ -229,6 +227,7 @@ impl Curve for G1 { } impl Curve for G1Affine { + type MultiExpType = GenericMultiExp; type Scalar = Fr; const GROUP_ELEMENT_LENGTH: usize = 48; @@ -292,6 +291,7 @@ impl Curve for G1Affine { } impl Curve for G2Affine { + type MultiExpType = GenericMultiExp; type Scalar = Fr; const GROUP_ELEMENT_LENGTH: usize = 96; diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs new file mode 100644 index 000000000..eab28dab6 --- /dev/null +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs @@ -0,0 +1,7 @@ +use super::arkworks_instances::CurveElementLength; +use ark_curve25519::*; + +impl CurveElementLength for EdwardsProjective { + const GROUP_ELEMENT_LENGTH: usize = 64; + const SCALAR_LENGTH: usize = 32; +} diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 8bce57fc6..ddd3fe3d9 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -1,13 +1,18 @@ - -use std::{fmt::Display, ops::MulAssign}; -use std::ops::{AddAssign, SubAssign, Neg}; - -use byteorder::{LittleEndian, ByteOrder}; -use curve25519_dalek::ristretto::{CompressedRistretto, RistrettoPoint}; -use curve25519_dalek::{scalar::Scalar, traits::Identity, constants::RISTRETTO_BASEPOINT_POINT}; -use crate::common::{Serial, Deserial, Buffer}; - -use super::{Curve, Field, PrimeField}; +use std::{ + fmt::Display, + ops::{AddAssign, MulAssign, Neg, SubAssign}, +}; + +use crate::common::{Buffer, Deserial, Serial}; +use byteorder::{ByteOrder, LittleEndian}; +use curve25519_dalek::{ + constants::RISTRETTO_BASEPOINT_POINT, + ristretto::{CompressedRistretto, RistrettoPoint}, + scalar::Scalar, + traits::Identity, +}; + +use super::{Curve, Field, PrimeField, GenericMultiExp}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. @@ -17,21 +22,22 @@ pub struct RistrettoScalar(Scalar); impl Serial for RistrettoScalar { fn serial(&self, out: &mut B) { let res: &[u8; 32] = self.0.as_bytes(); - out.write_all(res).expect("Writing to a buffer should not fail."); + out.write_all(res) + .expect("Writing to a buffer should not fail."); } } impl Deserial for RistrettoScalar { - fn deserial(source: &mut R) -> crate::common::ParseResult { let mut buf: [u8; 32] = [0; 32]; source.read_exact(&mut buf)?; - let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!("Deserialization failed! Not a field value!"))?; + let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!( + "Deserialization failed! Not a field value!" + ))?; Ok(res.into()) } } - impl Display for RistrettoScalar { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { // Use Debug as Display for now @@ -39,11 +45,10 @@ impl Display for RistrettoScalar { } } -// Since we use a wrapper type, it is convenient to use `into()` to convert from Scalar. +// Since we use a wrapper type, it is convenient to use `into()` to convert from +// Scalar. impl From for RistrettoScalar { - fn from(value: Scalar) -> Self { - RistrettoScalar(value) - } + fn from(value: Scalar) -> Self { RistrettoScalar(value) } } impl Field for RistrettoScalar { @@ -53,42 +58,26 @@ impl Field for RistrettoScalar { Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() } - fn zero() -> Self { - Scalar::zero().into() - } + fn zero() -> Self { Scalar::zero().into() } - fn one() -> Self { - Scalar::one().into() - } + fn one() -> Self { Scalar::one().into() } - fn is_zero(&self) -> bool { - self.0 == Self::zero().0 - } + fn is_zero(&self) -> bool { self.0 == Self::zero().0 } - fn square(&mut self) { - self.0.mul_assign(self.0) - } + fn square(&mut self) { self.0.mul_assign(self.0) } - fn double(&mut self) { - self.0.add_assign(self.0) - } + fn double(&mut self) { self.0.add_assign(self.0) } fn negate(&mut self) { let v = self.0.neg(); self.0 = v; } - fn add_assign(&mut self, other: &Self) { - self.0.add_assign(other.0) - } + fn add_assign(&mut self, other: &Self) { self.0.add_assign(other.0) } - fn sub_assign(&mut self, other: &Self) { - self.0.sub_assign(other.0) - } + fn sub_assign(&mut self, other: &Self) { self.0.sub_assign(other.0) } - fn mul_assign(&mut self, other: &Self) { - self.0.mul_assign(other.0) - } + fn mul_assign(&mut self, other: &Self) { self.0.mul_assign(other.0) } fn inverse(&self) -> Option { if self.is_zero() { @@ -98,24 +87,23 @@ impl Field for RistrettoScalar { } } - //fn frobenius_map(&mut self, power: usize) { - //self.pow(power) - //todo!() + // fn frobenius_map(&mut self, power: usize) { + // self.pow(power) + // todo!() //} } impl PrimeField for RistrettoScalar { - // TODO: check this, this numbers are here just to make the compiler happy. - const NUM_BITS: u32 = 255; - // TODO: check this, this numbers are here just to make the compiler happy. const CAPACITY: u32 = 254; + // TODO: check this, this numbers are here just to make the compiler happy. + const NUM_BITS: u32 = 255; fn into_repr(self) -> Vec { let mut vec: Vec = Vec::new(); let bytes = self.0.to_bytes(); for chunk in bytes.chunks(8) { - let x : [u8; 8] = chunk.try_into().unwrap(); + let x: [u8; 8] = chunk.try_into().unwrap(); let x_64 = u64::from_le_bytes(x); vec.push(x_64); } @@ -123,12 +111,16 @@ impl PrimeField for RistrettoScalar { } fn from_repr(r: &[u64]) -> Result { - let tmp: [u64; 4] = r.try_into().map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; + let tmp: [u64; 4] = r + .try_into() + .map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; let mut s_bytes = [0u8; 32]; for x in tmp { LittleEndian::write_u64(&mut s_bytes, x); } - let res = Scalar::from_canonical_bytes(s_bytes).ok_or(super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)))?; + let res = Scalar::from_canonical_bytes(s_bytes).ok_or( + super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)), + )?; Ok(res.into()) } } @@ -137,65 +129,55 @@ impl Serial for RistrettoPoint { fn serial(&self, out: &mut B) { let compressed_point = self.compress(); let res: &[u8; 32] = compressed_point.as_bytes(); - out.write_all(res).expect("Writing to a buffer should not fail."); + out.write_all(res) + .expect("Writing to a buffer should not fail."); } -} +} impl Deserial for RistrettoPoint { fn deserial(source: &mut R) -> crate::common::ParseResult { let mut buf: [u8; 32] = [0; 32]; source.read_exact(&mut buf)?; - let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + let res = CompressedRistretto::from_slice(&buf) + .decompress() + .ok_or(anyhow::anyhow!("Failed!"))?; Ok(res) } -} - +} impl Curve for RistrettoPoint { + type MultiExpType = GenericMultiExp; type Scalar = RistrettoScalar; - // TODO: copied from the BLS curve; update this. + // TODO: check this. + const GROUP_ELEMENT_LENGTH: usize = 64; + // TODO: check this. const SCALAR_LENGTH: usize = 32; - // TODO: copied from the BLS curve; update this. - const GROUP_ELEMENT_LENGTH: usize = 96; - - fn zero_point() -> Self { - Self::identity() - } + fn zero_point() -> Self { Self::identity() } - fn one_point() -> Self { - RISTRETTO_BASEPOINT_POINT - } + fn one_point() -> Self { RISTRETTO_BASEPOINT_POINT } - fn is_zero_point(&self) -> bool { - self == &Self::zero_point() - } + fn is_zero_point(&self) -> bool { self == &Self::zero_point() } - fn inverse_point(&self) -> Self { - -self - } + fn inverse_point(&self) -> Self { -self } - fn double_point(&self) -> Self { - self + self - } + fn double_point(&self) -> Self { self + self } - fn plus_point(&self, other: &Self) -> Self { - self + other - } + fn plus_point(&self, other: &Self) -> Self { self + other } - fn minus_point(&self, other: &Self) -> Self { - self - other - } + fn minus_point(&self, other: &Self) -> Self { self - other } - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { - *self * (*scalar).0 - } + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { *self * (*scalar).0 } - fn bytes_to_curve_unchecked(source: &mut R) -> anyhow::Result { + fn bytes_to_curve_unchecked( + source: &mut R, + ) -> anyhow::Result { let mut buf: [u8; 32] = [0; 32]; source.read_exact(&mut buf)?; - let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + let res = CompressedRistretto::from_slice(&buf) + .decompress() + .ok_or(anyhow::anyhow!("Failed!"))?; Ok(res) } @@ -212,9 +194,7 @@ impl Curve for RistrettoPoint { Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() } - fn scalar_from_u64(n: u64) -> Self::Scalar { - Scalar::from(n).into() - } + fn scalar_from_u64(n: u64) -> Self::Scalar { Scalar::from(n).into() } fn scalar_from_bytes>(bs: A) -> Self::Scalar { Scalar::hash_from_bytes::(bs.as_ref()).into() @@ -223,4 +203,4 @@ impl Curve for RistrettoPoint { fn hash_to_group(m: &[u8]) -> Self { RistrettoPoint::hash_from_bytes::(m) } -} \ No newline at end of file +} diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs index 1f8b1926b..6eb7cfd76 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs @@ -1,13 +1,19 @@ - -use std::{fmt::Display, ops::MulAssign}; -use std::ops::{AddAssign, SubAssign, Neg}; - -use byteorder::{LittleEndian, ByteOrder}; -use curve25519_dalek_ng::ristretto::{CompressedRistretto, RistrettoPoint}; -use curve25519_dalek_ng::{scalar::Scalar, traits::Identity, constants::RISTRETTO_BASEPOINT_POINT}; -use crate::common::{Serial, Deserial, Buffer}; - -use super::{Curve, Field, PrimeField}; +use std::{ + fmt::Display, + ops::{AddAssign, MulAssign, Neg, SubAssign} +}; +use core::borrow::Borrow; +use crate::common::{Buffer, Deserial, Serial}; +use byteorder::{ByteOrder, LittleEndian}; +use curve25519_dalek_ng::traits::VartimePrecomputedMultiscalarMul; +use curve25519_dalek_ng::{ + constants::RISTRETTO_BASEPOINT_POINT, + ristretto::{CompressedRistretto, RistrettoPoint, VartimeRistrettoPrecomputation}, + scalar::Scalar, + traits::Identity, +}; + +use super::{Curve, Field, PrimeField, MultiExp}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. @@ -17,21 +23,22 @@ pub struct RistrettoScalar(Scalar); impl Serial for RistrettoScalar { fn serial(&self, out: &mut B) { let res: &[u8; 32] = self.0.as_bytes(); - out.write_all(res).expect("Writing to a buffer should not fail."); + out.write_all(res) + .expect("Writing to a buffer should not fail."); } } impl Deserial for RistrettoScalar { - fn deserial(source: &mut R) -> crate::common::ParseResult { let mut buf: [u8; 32] = [0; 32]; source.read_exact(&mut buf)?; - let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!("Deserialization failed! Not a field value!"))?; + let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!( + "Deserialization failed! Not a field value!" + ))?; Ok(res.into()) } } - impl Display for RistrettoScalar { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { // Use Debug as Display for now @@ -39,11 +46,10 @@ impl Display for RistrettoScalar { } } -// Since we use a wrapper type, it is convenient to use `into()` to convert from Scalar. +// Since we use a wrapper type, it is convenient to use `into()` to convert from +// Scalar. impl From for RistrettoScalar { - fn from(value: Scalar) -> Self { - RistrettoScalar(value) - } + fn from(value: Scalar) -> Self { RistrettoScalar(value) } } impl Field for RistrettoScalar { @@ -53,42 +59,26 @@ impl Field for RistrettoScalar { Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() } - fn zero() -> Self { - Scalar::zero().into() - } + fn zero() -> Self { Scalar::zero().into() } - fn one() -> Self { - Scalar::one().into() - } + fn one() -> Self { Scalar::one().into() } - fn is_zero(&self) -> bool { - self.0 == Self::zero().0 - } + fn is_zero(&self) -> bool { self.0 == Self::zero().0 } - fn square(&mut self) { - self.0.mul_assign(self.0) - } + fn square(&mut self) { self.0.mul_assign(self.0) } - fn double(&mut self) { - self.0.add_assign(self.0) - } + fn double(&mut self) { self.0.add_assign(self.0) } fn negate(&mut self) { let v = self.0.neg(); self.0 = v; } - fn add_assign(&mut self, other: &Self) { - self.0.add_assign(other.0) - } + fn add_assign(&mut self, other: &Self) { self.0.add_assign(other.0) } - fn sub_assign(&mut self, other: &Self) { - self.0.sub_assign(other.0) - } + fn sub_assign(&mut self, other: &Self) { self.0.sub_assign(other.0) } - fn mul_assign(&mut self, other: &Self) { - self.0.mul_assign(other.0) - } + fn mul_assign(&mut self, other: &Self) { self.0.mul_assign(other.0) } fn inverse(&self) -> Option { if self.is_zero() { @@ -98,24 +88,23 @@ impl Field for RistrettoScalar { } } - //fn frobenius_map(&mut self, power: usize) { - //self.pow(power) - //todo!() + // fn frobenius_map(&mut self, power: usize) { + // self.pow(power) + // todo!() //} } impl PrimeField for RistrettoScalar { - // TODO: check this, this numbers are here just to make the compiler happy. - const NUM_BITS: u32 = 255; - // TODO: check this, this numbers are here just to make the compiler happy. const CAPACITY: u32 = 254; + // TODO: check this, this numbers are here just to make the compiler happy. + const NUM_BITS: u32 = 255; fn into_repr(self) -> Vec { let mut vec: Vec = Vec::new(); let bytes = self.0.to_bytes(); for chunk in bytes.chunks(8) { - let x : [u8; 8] = chunk.try_into().unwrap(); + let x: [u8; 8] = chunk.try_into().unwrap(); let x_64 = u64::from_le_bytes(x); vec.push(x_64); } @@ -123,12 +112,16 @@ impl PrimeField for RistrettoScalar { } fn from_repr(r: &[u64]) -> Result { - let tmp: [u64; 4] = r.try_into().map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; + let tmp: [u64; 4] = r + .try_into() + .map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; let mut s_bytes = [0u8; 32]; for x in tmp { LittleEndian::write_u64(&mut s_bytes, x); } - let res = Scalar::from_canonical_bytes(s_bytes).ok_or(super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)))?; + let res = Scalar::from_canonical_bytes(s_bytes).ok_or( + super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)), + )?; Ok(res.into()) } } @@ -137,65 +130,55 @@ impl Serial for RistrettoPoint { fn serial(&self, out: &mut B) { let compressed_point = self.compress(); let res: &[u8; 32] = compressed_point.as_bytes(); - out.write_all(res).expect("Writing to a buffer should not fail."); + out.write_all(res) + .expect("Writing to a buffer should not fail."); } -} +} impl Deserial for RistrettoPoint { fn deserial(source: &mut R) -> crate::common::ParseResult { let mut buf: [u8; 32] = [0; 32]; source.read_exact(&mut buf)?; - let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + let res = CompressedRistretto::from_slice(&buf) + .decompress() + .ok_or(anyhow::anyhow!("Failed!"))?; Ok(res) } -} - +} impl Curve for RistrettoPoint { + type MultiExpType = VartimeRistrettoPrecomputation; type Scalar = RistrettoScalar; - // TODO: copied from the BLS curve; update this. + // TODO: check this. + const GROUP_ELEMENT_LENGTH: usize = 64; + // TODO: check this. const SCALAR_LENGTH: usize = 32; - // TODO: copied from the BLS curve; update this. - const GROUP_ELEMENT_LENGTH: usize = 96; + fn zero_point() -> Self { Self::identity() } - fn zero_point() -> Self { - Self::identity() - } + fn one_point() -> Self { RISTRETTO_BASEPOINT_POINT } - fn one_point() -> Self { - RISTRETTO_BASEPOINT_POINT - } + fn is_zero_point(&self) -> bool { self == &Self::zero_point() } - fn is_zero_point(&self) -> bool { - self == &Self::zero_point() - } - - fn inverse_point(&self) -> Self { - -self - } + fn inverse_point(&self) -> Self { -self } - fn double_point(&self) -> Self { - self + self - } + fn double_point(&self) -> Self { self + self } - fn plus_point(&self, other: &Self) -> Self { - self + other - } + fn plus_point(&self, other: &Self) -> Self { self + other } - fn minus_point(&self, other: &Self) -> Self { - self - other - } + fn minus_point(&self, other: &Self) -> Self { self - other } - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { - *self * (*scalar).0 - } + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { *self * (*scalar).0 } - fn bytes_to_curve_unchecked(source: &mut R) -> anyhow::Result { + fn bytes_to_curve_unchecked( + source: &mut R, + ) -> anyhow::Result { let mut buf: [u8; 32] = [0; 32]; source.read_exact(&mut buf)?; - let res = CompressedRistretto::from_slice(&buf).decompress().ok_or(anyhow::anyhow!("Failed!"))?; + let res = CompressedRistretto::from_slice(&buf) + .decompress() + .ok_or(anyhow::anyhow!("Failed!"))?; Ok(res) } @@ -212,9 +195,7 @@ impl Curve for RistrettoPoint { Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() } - fn scalar_from_u64(n: u64) -> Self::Scalar { - Scalar::from(n).into() - } + fn scalar_from_u64(n: u64) -> Self::Scalar { Scalar::from(n).into() } fn scalar_from_bytes>(bs: A) -> Self::Scalar { Scalar::hash_from_bytes::(bs.as_ref()).into() @@ -223,4 +204,19 @@ impl Curve for RistrettoPoint { fn hash_to_group(m: &[u8]) -> Self { RistrettoPoint::hash_from_bytes::(m) } +} + +impl MultiExp for VartimeRistrettoPrecomputation { + type CurvePoint = RistrettoPoint; + + fn new, I: IntoIterator>(gs: I) -> Self { + ::new(gs) + } + + fn multiexp_worker::Scalar>, I: IntoIterator>( + &self, + exps:I, + ) -> Self::CurvePoint { + self.vartime_multiscalar_mul(exps.into_iter().map(|p| p.borrow().0)) + } } \ No newline at end of file diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index d133afe8f..79ce24fbf 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -1,11 +1,13 @@ //! Basic definitions of the curve and pairing abstractions, and implementations //! of these abstractions for the curves used on Concordium. +pub mod arkworks_instances; mod bls12_381_g1hash; mod bls12_381_g2hash; mod bls12_381_instance; +mod ed25519_arkworks; mod ed25519_instance; mod ed25519_ng_instance; -//mod ed25519_new_instance; +// mod ed25519_new_instance; pub mod secret_value; pub use secret_value::{Secret, Value}; @@ -63,7 +65,7 @@ pub trait Field: /// Exponentiates this element by a power of the base prime modulus via /// the Frobenius automorphism. - //fn frobenius_map(&mut self, power: usize); + // fn frobenius_map(&mut self, power: usize); /// Exponentiates this element by a number represented with `u64` limbs, /// least significant digit first. @@ -95,7 +97,7 @@ pub trait PrimeField: Field { /// How many bits of information can be reliably stored in the field /// element. const CAPACITY: u32; - + /// Convert this prime field element into a biginteger representation. fn into_repr(self) -> Vec; @@ -111,10 +113,14 @@ pub trait Curve: Serialize + Copy + Clone + Sized + Send + Sync + Debug + PartialEq + Eq + 'static { /// The prime field of the group order size. type Scalar: PrimeField + Serialize; + type MultiExpType: MultiExp; /// Size in bytes of elements of the [Curve::Scalar] field. const SCALAR_LENGTH: usize; /// Size in bytes of group elements when serialized. const GROUP_ELEMENT_LENGTH: usize; + fn new_multiexp, I: IntoIterator>(gs: I) -> Self::MultiExpType { + Self::MultiExpType::new(gs) + } /// Unit for the group operation. fn zero_point() -> Self; /// Chosen generator of the group. @@ -165,6 +171,118 @@ pub trait Curve: fn hash_to_group(m: &[u8]) -> Self; } +pub trait MultiExp { + + type CurvePoint: Curve; + + fn new, I: IntoIterator>(gs: I) -> Self; + + fn multiexp_worker::Scalar>, I: IntoIterator>( + &self, + exps: I, + ) -> Self::CurvePoint; + + fn multiexp::Scalar>, I: IntoIterator>(&self, exps: I) -> Self::CurvePoint { + self.multiexp_worker(exps) + } + +} + +pub struct GenericMultiExp { + table: Vec>, +} + +impl GenericMultiExp { + // This number is based on the benchmark in benches/multiexp_bench.rs + const WINDOW_SIZE: usize = 4; +} + +impl MultiExp for GenericMultiExp { + type CurvePoint = C; + + fn new, I: IntoIterator>(gs: I) -> Self { + let mut table = Vec::new(); + for g in gs.into_iter() { + let sq = g.borrow().plus_point(g.borrow()); + let mut tmp = *g.borrow(); + // All of the odd exponents, between 1 and 2^w. + let num_exponents = 1 << (Self::WINDOW_SIZE - 1); + let mut exps = Vec::with_capacity(num_exponents); + exps.push(tmp); + for _ in 1..num_exponents { + tmp = tmp.plus_point(&sq); + exps.push(tmp); + } + table.push(exps); + } + GenericMultiExp { table } + } + + fn multiexp_worker::Scalar>, I: IntoIterator>( + &self, + exps: I, + ) -> Self::CurvePoint { + // Compute the wnaf + + // assert_eq!(gs.len(), k); + assert!(Self::WINDOW_SIZE >= 1); + assert!(Self::WINDOW_SIZE < 62); + + // 2^{window_size + 1} + let two_to_wp1: u64 = 2 << Self::WINDOW_SIZE; + let two_to_wp1_scalar = C::scalar_from_u64(two_to_wp1); + // a mask to extract the lowest window_size + 1 bits from a scalar. + let mask: u64 = two_to_wp1 - 1; + let mut wnaf = Vec::new(); + // 1 / 2 scalar + let half = C::scalar_from_u64(2) + .inverse() + .expect("Field size must be at least 3."); + + for c in exps.into_iter() { + let mut v = Vec::new(); + let mut c = *c.borrow(); + while !c.is_zero() { + let limb = c.into_repr()[0]; + // if the first bit is set + if limb & 1 == 1 { + let u = limb & mask; + // check if window_size'th bit is set. + c.sub_assign(&C::scalar_from_u64(u)); + if u & (1 << Self::WINDOW_SIZE) != 0 { + c.add_assign(&two_to_wp1_scalar); + v.push((u as i64) - (two_to_wp1 as i64)); + } else { + v.push(u as i64); + } + } else { + v.push(0); + } + c.mul_assign(&half); + } + wnaf.push(v); + } + + // evaluate using the precomputed table + let mut a = C::zero_point(); + for j in (0..=C::Scalar::NUM_BITS as usize).rev() { + a = a.double_point(); + for (wnaf_i, table_i) in wnaf.iter().zip(self.table.iter()) { + match wnaf_i.get(j) { + Some(&ge) if ge > 0 => { + a = a.plus_point(&table_i[(ge / 2) as usize]); + } + Some(&ge) if ge < 0 => { + a = a.minus_point(&table_i[((-ge) / 2) as usize]); + } + _ => (), + } + } + } + a + } +} + /// A pairing friendly curve is a collection of two groups and a pairing /// function. The groups must be of prime order. pub trait Pairing: Sized + 'static + Clone { @@ -252,14 +370,23 @@ pub trait Pairing: Sized + 'static + Clone { } } +/// Like 'multiexp_worker', but computes a reasonable window size automatically. +// #[inline(always)] +// pub fn multiexp>(gs: &[X], exps: &[C::Scalar]) -> C { +// // This number is based on the benchmark in benches/multiexp_bench.rs +// let window_size = 4; +// multiexp_worker(gs, exps, window_size) +// } + /// Like 'multiexp_worker', but computes a reasonable window size automatically. #[inline(always)] -pub fn multiexp>(gs: &[X], exps: &[C::Scalar]) -> C { - // This number is based on the benchmark in benches/multiexp_bench.rs - let window_size = 4; - multiexp_worker(gs, exps, window_size) +pub fn multiexp(gs: &[X], exps: &[C::Scalar]) -> C +where C: Curve, X: Borrow { + let t = C::new_multiexp(gs.into_iter().map(|x| *x.borrow())); + t.multiexp(exps) } + /// This implements the WNAF method from /// /// From 2cc21a741cdf67e01a58f8ac3545890dc09a784a Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 22 Nov 2023 16:11:17 +0100 Subject: [PATCH 12/45] Comment on msm benchmark --- rust-src/concordium_base/benches/msm_bench.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/rust-src/concordium_base/benches/msm_bench.rs b/rust-src/concordium_base/benches/msm_bench.rs index 01c53606a..0a1a7668e 100644 --- a/rust-src/concordium_base/benches/msm_bench.rs +++ b/rust-src/concordium_base/benches/msm_bench.rs @@ -60,9 +60,10 @@ pub fn dalek_msm_benchmarks_precompute(c: &mut Criterion) { use curve25519_dalek_ng::ristretto::VartimeRistrettoPrecomputation; let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); - group.bench_function("MSM in Dalek over Ristretto curve", move |b| { b.iter(|| { + // This is very slow compared to `RistrettoPoint::vartime_multiscalar_mul(&V, &G)`. + // Precomputation is done inside the loop to compare with `RistrettoPoint::vartime_multiscalar_mul(&V, &G)`, which does the same, but without precomputing the point table. let msm = ::new(&G); msm.vartime_multiscalar_mul(&V); }) From b2e6897e4927afcd5bac414fa9ea3a6a288b438b Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Fri, 24 Nov 2023 23:09:44 +0100 Subject: [PATCH 13/45] Change MultiExp interface a bit; GenericMultiExp::new takes window_size --- rust-src/Cargo.lock | 79 +------ rust-src/concordium_base/benches/msm_bench.rs | 34 +-- .../concordium_base/benches/multiexp_bench.rs | 2 +- .../src/bulletproofs/range_proof.rs | 10 +- .../src/bulletproofs/set_membership_proof.rs | 9 +- .../bulletproofs/set_non_membership_proof.rs | 9 +- .../curve_arithmetic/arkworks_instances.rs | 33 ++- .../curve_arithmetic/bls12_381_instance.rs | 2 +- .../src/curve_arithmetic/ed25519_instance.rs | 2 +- .../curve_arithmetic/ed25519_ng_instance.rs | 60 +++-- .../src/curve_arithmetic/mod.rs | 220 +++++------------- 11 files changed, 145 insertions(+), 315 deletions(-) diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index b9041e9e3..5eef81c7e 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -597,14 +597,13 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "criterion", - "curve25519-dalek 3.2.1", - "curve25519-dalek 4.1.1", + "curve25519-dalek", "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", - "ff 0.5.2", - "group 0.2.0", + "ff", + "group", "hex", "hmac", "itertools", @@ -773,35 +772,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "curve25519-dalek" -version = "4.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" -dependencies = [ - "cfg-if", - "cpufeatures", - "curve25519-dalek-derive", - "fiat-crypto", - "group 0.13.0", - "platforms", - "rand_core 0.6.4", - "rustc_version", - "subtle", - "zeroize", -] - -[[package]] -name = "curve25519-dalek-derive" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.32", -] - [[package]] name = "curve25519-dalek-ng" version = "3.0.3" @@ -928,7 +898,7 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ - "curve25519-dalek 3.2.1", + "curve25519-dalek", "ed25519", "rand 0.7.3", "serde", @@ -987,16 +957,6 @@ dependencies = [ "rand_core 0.5.1", ] -[[package]] -name = "ff" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" -dependencies = [ - "rand_core 0.6.4", - "subtle", -] - [[package]] name = "ff_derive" version = "0.4.1" @@ -1011,12 +971,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "fiat-crypto" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f69037fe1b785e84986b4f2cbcf647381876a00671d25ceef715d7812dd7e1dd" - [[package]] name = "findshlibs" version = "0.10.2" @@ -1085,22 +1039,11 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8cbdfc48f95bef47e3daf3b9d552a1dde6311e3a5fefa43e16c59f651d56fe5b" dependencies = [ - "ff 0.5.2", + "ff", "rand 0.7.3", "rand_xorshift", ] -[[package]] -name = "group" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" -dependencies = [ - "ff 0.13.0", - "rand_core 0.6.4", - "subtle", -] - [[package]] name = "half" version = "1.8.2" @@ -1319,7 +1262,7 @@ name = "keygen_bls" version = "2.0.0" dependencies = [ "concordium_base", - "ff 0.5.2", + "ff", "hex", "hkdf", "pairing", @@ -1585,8 +1528,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94c40534479a28199cd5109da27fe2fc4a4728e4fc701d9e9c1bded78f3271e4" dependencies = [ "byteorder", - "ff 0.5.2", - "group 0.2.0", + "ff", + "group", "rand_core 0.5.1", ] @@ -1665,12 +1608,6 @@ dependencies = [ "sha2 0.10.7", ] -[[package]] -name = "platforms" -version = "3.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14e6ab3f592e6fb464fc9712d8d6e6912de6473954635fd76a589d832cffcbb0" - [[package]] name = "plotters" version = "0.3.5" diff --git a/rust-src/concordium_base/benches/msm_bench.rs b/rust-src/concordium_base/benches/msm_bench.rs index 0a1a7668e..742cacc50 100644 --- a/rust-src/concordium_base/benches/msm_bench.rs +++ b/rust-src/concordium_base/benches/msm_bench.rs @@ -12,11 +12,10 @@ use std::time::Duration; const N: usize = 512; -pub fn ccd_msm_benchmarks (c: &mut Criterion) { +pub fn ccd_msm_benchmarks(c: &mut Criterion) { let mut group = c.benchmark_group("Multi-Scalar Multiplication"); let rng = &mut thread_rng(); - - + let mut G = Vec::with_capacity(N); let mut V: Vec<::Scalar> = Vec::with_capacity(N); @@ -29,7 +28,8 @@ pub fn ccd_msm_benchmarks (c: &mut Criterion) { group.bench_function("MSM in Concordium over BLS/Ristretto curve", move |b| { b.iter(|| { // Create msm algoritm instane with a precomputed point table. - // For the ristretto curve it will use the VartimeRistrettoPrecomputation and our generic implementation for the BLS curve + // For the ristretto curve it will use the VartimeRistrettoPrecomputation and + // our generic implementation for the BLS curve let msm = SomeCurve::new_multiexp(&G); msm.multiexp(&V); }) @@ -39,9 +39,8 @@ pub fn ccd_msm_benchmarks (c: &mut Criterion) { pub fn dalek_msm_benchmarks(c: &mut Criterion) { let mut group = c.benchmark_group("Multi-Scalar Multiplication"); let mut rng = &mut thread_rng(); - - use curve25519_dalek_ng::scalar::Scalar; - use curve25519_dalek_ng::traits::VartimeMultiscalarMul; + + use curve25519_dalek_ng::{scalar::Scalar, traits::VartimeMultiscalarMul}; let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); @@ -52,27 +51,8 @@ pub fn dalek_msm_benchmarks(c: &mut Criterion) { }); } -pub fn dalek_msm_benchmarks_precompute(c: &mut Criterion) { - let mut group = c.benchmark_group("Multi-Scalar Multiplication"); - let mut rng = &mut thread_rng(); - - use curve25519_dalek_ng::scalar::Scalar; - use curve25519_dalek_ng::ristretto::VartimeRistrettoPrecomputation; - let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); - let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); - group.bench_function("MSM in Dalek over Ristretto curve", move |b| { - b.iter(|| { - // This is very slow compared to `RistrettoPoint::vartime_multiscalar_mul(&V, &G)`. - // Precomputation is done inside the loop to compare with `RistrettoPoint::vartime_multiscalar_mul(&V, &G)`, which does the same, but without precomputing the point table. - let msm = ::new(&G); - msm.vartime_multiscalar_mul(&V); - }) - }); -} - criterion_group!( name = benchmarks; config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(100); - targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks, dalek_msm_benchmarks_precompute); + targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks); criterion_main!(benchmarks); - diff --git a/rust-src/concordium_base/benches/multiexp_bench.rs b/rust-src/concordium_base/benches/multiexp_bench.rs index abf4bd2fd..9599cc576 100644 --- a/rust-src/concordium_base/benches/multiexp_bench.rs +++ b/rust-src/concordium_base/benches/multiexp_bench.rs @@ -33,7 +33,7 @@ pub fn bench_multiexp(c: &mut Criterion) { let gsc = gs[..i].to_vec(); let esc = es[..i].to_vec(); group.bench_function(&format!("multiexp({})", w), move |b| { - b.iter(|| multiexp_worker(&gsc, &esc, w)) + b.iter(|| GenericMultiExp::::new(&gsc, w).multiexp(&esc)) }); } group.finish(); diff --git a/rust-src/concordium_base/src/bulletproofs/range_proof.rs b/rust-src/concordium_base/src/bulletproofs/range_proof.rs index 446ea8990..ae46f29e4 100644 --- a/rust-src/concordium_base/src/bulletproofs/range_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/range_proof.rs @@ -2,9 +2,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{ - multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field, PrimeField, Value, MultiExp, - }, + curve_arithmetic::{multiexp, Curve, Field, MultiExp, PrimeField, Value}, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, @@ -231,9 +229,9 @@ pub fn prove( // let table = multiexp_table(&GH_B_tilde, window_size); // let A = multiexp_worker_given_table(&A_scalars, &table, window_size); // let S = multiexp_worker_given_table(&S_scalars, &table, window_size); - let multiexp_alg = C::new_multiexp(GH_B_tilde); - let A = multiexp_alg.multiexp(A_scalars); - let S = multiexp_alg.multiexp(S_scalars); + let multiexp_alg = C::new_multiexp(&GH_B_tilde); + let A = multiexp_alg.multiexp(&A_scalars); + let S = multiexp_alg.multiexp(&S_scalars); // let A = multiexp(&GH_B_tilde, &A_scalars); // let S = multiexp(GH_B_tilde, &S_scalars); // append commitments A and S to transcript diff --git a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs index 3778efdc2..8b32c184b 100644 --- a/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/set_membership_proof.rs @@ -2,7 +2,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field}, + curve_arithmetic::{multiexp, Curve, Field, MultiExp}, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, @@ -168,10 +168,9 @@ pub fn prove( .chain(once(B_tilde)) .collect(); // compute A and S commitments using multi exponentiation - let window_size = 4; - let table = multiexp_table(&GH_B_tilde, window_size); - let A = multiexp_worker_given_table(&A_scalars, &table, window_size); - let S = multiexp_worker_given_table(&S_scalars, &table, window_size); + let mexp = C::new_multiexp(&GH_B_tilde); + let A = mexp.multiexp(&A_scalars); + let S = mexp.multiexp(&S_scalars); // append commitments A and S to transcript transcript.append_message(b"A", &A); transcript.append_message(b"S", &S); diff --git a/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs b/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs index c99f24496..251f9f54e 100644 --- a/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/set_non_membership_proof.rs @@ -2,7 +2,7 @@ use super::{inner_product_proof::*, utils::*}; use crate::{ common::*, - curve_arithmetic::{multiexp, multiexp_table, multiexp_worker_given_table, Curve, Field}, + curve_arithmetic::{multiexp, Curve, Field, MultiExp}, id::id_proof_types::ProofVersion, pedersen_commitment::*, random_oracle::RandomOracle, @@ -150,10 +150,9 @@ pub fn prove( let s_tilde = &S_scalars[2 * n]; // Compute A and S commitments using multi exponentiation - let window_size = 4; - let table = multiexp_table(&GH_B_tilde, window_size); - let A = multiexp_worker_given_table(&A_scalars, &table, window_size); - let S = multiexp_worker_given_table(&S_scalars, &table, window_size); + let mexp = C::new_multiexp(&GH_B_tilde); + let A = mexp.multiexp(&A_scalars); + let S = mexp.multiexp(&S_scalars); // append commitments A and S to transcript transcript.append_message(b"A", &A); transcript.append_message(b"S", &S); diff --git a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs index 4f3a37c02..33e6968e8 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs @@ -2,7 +2,7 @@ use core::fmt; use crate::common::{Deserial, Serial}; -use super::{Curve, Field, PrimeField, GenericMultiExp}; +use super::{Curve, Field, GenericMultiExp, PrimeField}; #[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] pub struct ArkField< @@ -12,13 +12,13 @@ pub struct ArkField< impl Serial for ArkField { - fn serial(&self, out: &mut B) { todo!() } + fn serial(&self, _out: &mut B) { todo!() } } impl Deserial for ArkField { - fn deserial(source: &mut R) -> crate::common::ParseResult { + fn deserial(_source: &mut R) -> crate::common::ParseResult { todo!() } } @@ -32,7 +32,7 @@ impl Field for ArkField { - fn random(rng: &mut R) -> Self { todo!() } + fn random(_rng: &mut R) -> Self { todo!() } fn zero() -> Self { todo!() } @@ -46,11 +46,11 @@ impl Field for ArkField { fn negate(&mut self) { todo!() } - fn add_assign(&mut self, other: &Self) { todo!() } + fn add_assign(&mut self, _other: &Self) { todo!() } - fn sub_assign(&mut self, other: &Self) { todo!() } + fn sub_assign(&mut self, _other: &Self) { todo!() } - fn mul_assign(&mut self, other: &Self) { todo!() } + fn mul_assign(&mut self, _other: &Self) { todo!() } fn inverse(&self) -> Option { todo!() } } @@ -73,14 +73,14 @@ impl< G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, > Serial for ArkGroup { - fn serial(&self, out: &mut B) { todo!() } + fn serial(&self, _out: &mut B) { todo!() } } impl< G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, > Deserial for ArkGroup { - fn deserial(source: &mut R) -> crate::common::ParseResult { + fn deserial(_source: &mut R) -> crate::common::ParseResult { todo!() } } @@ -121,20 +121,17 @@ impl Curve for ArkGr fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { ArkGroup(self.0 * scalar.0) } - fn bytes_to_curve_unchecked(b: &mut R) -> anyhow::Result { + fn bytes_to_curve_unchecked(_b: &mut R) -> anyhow::Result { todo!() } - fn generate(rng: &mut R) -> Self { - // G::ran - todo!() - } + fn generate(_rng: &mut R) -> Self { todo!() } - fn generate_scalar(rng: &mut R) -> Self::Scalar { todo!() } + fn generate_scalar(_rng: &mut R) -> Self::Scalar { todo!() } - fn scalar_from_u64(n: u64) -> Self::Scalar { todo!() } + fn scalar_from_u64(_n: u64) -> Self::Scalar { todo!() } - fn scalar_from_bytes>(bs: A) -> Self::Scalar { todo!() } + fn scalar_from_bytes>(_bs: A) -> Self::Scalar { todo!() } - fn hash_to_group(m: &[u8]) -> Self { todo!() } + fn hash_to_group(_m: &[u8]) -> Self { todo!() } } diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 9e579ec0b..99d631410 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -93,8 +93,8 @@ impl PrimeField for Fq { } impl Curve for G2 { - type Scalar = Fr; type MultiExpType = GenericMultiExp; + type Scalar = Fr; const GROUP_ELEMENT_LENGTH: usize = 96; const SCALAR_LENGTH: usize = 32; diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index ddd3fe3d9..fe3a1410b 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -12,7 +12,7 @@ use curve25519_dalek::{ traits::Identity, }; -use super::{Curve, Field, PrimeField, GenericMultiExp}; +use super::{Curve, Field, GenericMultiExp, PrimeField}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs index 6eb7cfd76..a7417ebf4 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs @@ -1,19 +1,18 @@ -use std::{ - fmt::Display, - ops::{AddAssign, MulAssign, Neg, SubAssign} -}; -use core::borrow::Borrow; use crate::common::{Buffer, Deserial, Serial}; use byteorder::{ByteOrder, LittleEndian}; -use curve25519_dalek_ng::traits::VartimePrecomputedMultiscalarMul; +use core::borrow::Borrow; use curve25519_dalek_ng::{ constants::RISTRETTO_BASEPOINT_POINT, ristretto::{CompressedRistretto, RistrettoPoint, VartimeRistrettoPrecomputation}, scalar::Scalar, - traits::Identity, + traits::{Identity, VartimeMultiscalarMul, VartimePrecomputedMultiscalarMul}, +}; +use std::{ + fmt::Display, + ops::{AddAssign, MulAssign, Neg, SubAssign}, }; -use super::{Curve, Field, PrimeField, MultiExp}; +use super::{Curve, Field, MultiExp, PrimeField}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. @@ -147,7 +146,7 @@ impl Deserial for RistrettoPoint { } impl Curve for RistrettoPoint { - type MultiExpType = VartimeRistrettoPrecomputation; + type MultiExpType = RistrettoMultiExpNoPrecompute; type Scalar = RistrettoScalar; // TODO: check this. @@ -206,17 +205,48 @@ impl Curve for RistrettoPoint { } } +/// An instance of multiexp algorithm from the Dalek labrary that uses +/// precomputed table of points. Precomputing is slow, so it makes sense to use +/// this implementation when one wants to share the precomputed table with many +/// subsequient computations. For our current usecases it seems not relevant. impl MultiExp for VartimeRistrettoPrecomputation { type CurvePoint = RistrettoPoint; - fn new, I: IntoIterator>(gs: I) -> Self { - ::new(gs) + fn new>(gs: &[X]) -> Self { + ::new(gs.into_iter().map(|p| p.borrow())) } - - fn multiexp_worker::Scalar>, I: IntoIterator>( + + fn multiexp::Scalar>>( &self, - exps:I, + exps: &[X], ) -> Self::CurvePoint { self.vartime_multiscalar_mul(exps.into_iter().map(|p| p.borrow().0)) } -} \ No newline at end of file +} + +/// An instance of multiexp algorithm from the Dalek labrary. +/// It is instantiated with points, but no precomutations is done. +/// This way it follows the same interface and our generic multiexp. +pub struct RistrettoMultiExpNoPrecompute { + points: Vec, +} + +impl MultiExp for RistrettoMultiExpNoPrecompute { + type CurvePoint = RistrettoPoint; + + fn new>(gs: &[X]) -> Self { + Self { + points: gs.into_iter().map(|x| *x.borrow()).collect(), + } + } + + fn multiexp::Scalar>>( + &self, + exps: &[X], + ) -> Self::CurvePoint { + Self::CurvePoint::vartime_multiscalar_mul( + exps.into_iter().map(|p| p.borrow().0), + &self.points, + ) + } +} diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index 79ce24fbf..c38b76bd5 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -63,10 +63,6 @@ pub trait Field: /// Computes the multiplicative inverse of this element, if nonzero. fn inverse(&self) -> Option; - /// Exponentiates this element by a power of the base prime modulus via - /// the Frobenius automorphism. - // fn frobenius_map(&mut self, power: usize); - /// Exponentiates this element by a number represented with `u64` limbs, /// least significant digit first. fn pow>(&self, exp: S) -> Self { @@ -118,9 +114,8 @@ pub trait Curve: const SCALAR_LENGTH: usize; /// Size in bytes of group elements when serialized. const GROUP_ELEMENT_LENGTH: usize; - fn new_multiexp, I: IntoIterator>(gs: I) -> Self::MultiExpType { - Self::MultiExpType::new(gs) - } + /// Create new instance of multiexp algorithm given some initial points. + fn new_multiexp>(gs: &[X]) -> Self::MultiExpType { Self::MultiExpType::new(gs) } /// Unit for the group operation. fn zero_point() -> Self; /// Chosen generator of the group. @@ -171,42 +166,43 @@ pub trait Curve: fn hash_to_group(m: &[u8]) -> Self; } +/// An abstraction over a multiexp algoritm. pub trait MultiExp { - type CurvePoint: Curve; - fn new, I: IntoIterator>(gs: I) -> Self; + /// Create new algorithm instance by providing initial points. + /// Can be used to precompute a lookup table. + // NOTE: this method does not take `window_size` as a parameter. + // Some libraries do not provide expose `window_size`, so it is left to a + // concrete implementation to take additional configuration parameters. + fn new>(gs: &[X]) -> Self; - fn multiexp_worker::Scalar>, I: IntoIterator>( + /// Multiexp algoritm that uses points provided at the instantiation step + /// and scalars provided as a parameter. + fn multiexp::Scalar>>( &self, - exps: I, + exps: &[X], ) -> Self::CurvePoint; - - fn multiexp::Scalar>, I: IntoIterator>(&self, exps: I) -> Self::CurvePoint { - self.multiexp_worker(exps) - } - } pub struct GenericMultiExp { - table: Vec>, + table: Vec>, + window_size: usize, } -impl GenericMultiExp { +impl GenericMultiExp { // This number is based on the benchmark in benches/multiexp_bench.rs - const WINDOW_SIZE: usize = 4; -} + const DEFAULT_WINDOW_SIZE: usize = 4; -impl MultiExp for GenericMultiExp { - type CurvePoint = C; - - fn new, I: IntoIterator>(gs: I) -> Self { - let mut table = Vec::new(); + /// Compute the table of powers that can be used `multiexp`. + pub fn new>(gs: &[X], window_size: usize) -> Self { + let k = gs.len(); + let mut table = Vec::with_capacity(k); for g in gs.into_iter() { let sq = g.borrow().plus_point(g.borrow()); let mut tmp = *g.borrow(); // All of the odd exponents, between 1 and 2^w. - let num_exponents = 1 << (Self::WINDOW_SIZE - 1); + let num_exponents = 1 << (window_size - 1); let mut exps = Vec::with_capacity(num_exponents); exps.push(tmp); for _ in 1..num_exponents { @@ -215,25 +211,41 @@ impl MultiExp for GenericMultiExp { } table.push(exps); } - GenericMultiExp { table } + Self { table, window_size } } +} - fn multiexp_worker::Scalar>, I: IntoIterator>( +impl MultiExp for GenericMultiExp { + type CurvePoint = C; + + /// Construct new instance of a lookup table with the default window size. + // fn new, I: IntoIterator>(gs: I) -> Self { + fn new>(gs: &[X]) -> Self { Self::new(gs, Self::DEFAULT_WINDOW_SIZE) } + + /// This implements the WNAF method from + /// + /// + /// Assumes: + /// - the length of input is the same as the table length + /// - window size at least 1 + /// - window size < 62 + fn multiexp::Scalar>>( &self, - exps: I, + exps: &[X], ) -> Self::CurvePoint { // Compute the wnaf - // assert_eq!(gs.len(), k); - assert!(Self::WINDOW_SIZE >= 1); - assert!(Self::WINDOW_SIZE < 62); + let k = exps.len(); + assert_eq!(self.table.len(), k); + assert!(self.window_size >= 1); + assert!(self.window_size < 62); // 2^{window_size + 1} - let two_to_wp1: u64 = 2 << Self::WINDOW_SIZE; + let two_to_wp1: u64 = 2 << self.window_size; let two_to_wp1_scalar = C::scalar_from_u64(two_to_wp1); // a mask to extract the lowest window_size + 1 bits from a scalar. let mask: u64 = two_to_wp1 - 1; - let mut wnaf = Vec::new(); + let mut wnaf = Vec::with_capacity(k); // 1 / 2 scalar let half = C::scalar_from_u64(2) .inverse() @@ -249,7 +261,7 @@ impl MultiExp for GenericMultiExp { let u = limb & mask; // check if window_size'th bit is set. c.sub_assign(&C::scalar_from_u64(u)); - if u & (1 << Self::WINDOW_SIZE) != 0 { + if u & (1 << self.window_size) != 0 { c.add_assign(&two_to_wp1_scalar); v.push((u as i64) - (two_to_wp1 as i64)); } else { @@ -370,137 +382,15 @@ pub trait Pairing: Sized + 'static + Clone { } } -/// Like 'multiexp_worker', but computes a reasonable window size automatically. -// #[inline(always)] -// pub fn multiexp>(gs: &[X], exps: &[C::Scalar]) -> C { -// // This number is based on the benchmark in benches/multiexp_bench.rs -// let window_size = 4; -// multiexp_worker(gs, exps, window_size) -// } - -/// Like 'multiexp_worker', but computes a reasonable window size automatically. +/// Calls a multiexp algorithm for a curve. +/// The function combines instantiation of an algorith implementation and +/// computation. #[inline(always)] -pub fn multiexp(gs: &[X], exps: &[C::Scalar]) -> C -where C: Curve, X: Borrow { - let t = C::new_multiexp(gs.into_iter().map(|x| *x.borrow())); - t.multiexp(exps) -} - - -/// This implements the WNAF method from -/// -/// -/// Assumes: -/// - the lengths of inputs are the same -/// - window size at least 1 -/// - window_size < 62 -pub fn multiexp_worker>( - gs: &[X], - exps: &[C::Scalar], - window_size: usize, -) -> C { - // Compute the wnaf - - let k = exps.len(); - assert_eq!(gs.len(), k); - assert!(window_size >= 1); - assert!(window_size < 62); - - let table = multiexp_table(gs, window_size); - - multiexp_worker_given_table(exps, &table, window_size) -} - -/// This function assumes the same properties about the inputs as -/// `multiexp_worker`, as well as the fact that the table corresponds to the -/// window-size and the given inputs. -/// -/// See for what it means -/// for the table to be computed correctly. -pub fn multiexp_worker_given_table( - exps: &[C::Scalar], - table: &[Vec], - window_size: usize, -) -> C { - // Compute the wnaf - - let k = exps.len(); - // assert_eq!(gs.len(), k); - assert!(window_size >= 1); - assert!(window_size < 62); - - // 2^{window_size + 1} - let two_to_wp1: u64 = 2 << window_size; - let two_to_wp1_scalar = C::scalar_from_u64(two_to_wp1); - // a mask to extract the lowest window_size + 1 bits from a scalar. - let mask: u64 = two_to_wp1 - 1; - let mut wnaf = Vec::with_capacity(k); - // 1 / 2 scalar - let half = C::scalar_from_u64(2) - .inverse() - .expect("Field size must be at least 3."); - - for c in exps.iter() { - let mut v = Vec::new(); - let mut c = *c; - while !c.is_zero() { - let limb = c.into_repr()[0]; - // if the first bit is set - if limb & 1 == 1 { - let u = limb & mask; - // check if window_size'th bit is set. - c.sub_assign(&C::scalar_from_u64(u)); - if u & (1 << window_size) != 0 { - c.add_assign(&two_to_wp1_scalar); - v.push((u as i64) - (two_to_wp1 as i64)); - } else { - v.push(u as i64); - } - } else { - v.push(0); - } - c.mul_assign(&half); - } - wnaf.push(v); - } - - // evaluate using the precomputed table - let mut a = C::zero_point(); - for j in (0..=C::Scalar::NUM_BITS as usize).rev() { - a = a.double_point(); - for (wnaf_i, table_i) in wnaf.iter().zip(table.iter()) { - match wnaf_i.get(j) { - Some(&ge) if ge > 0 => { - a = a.plus_point(&table_i[(ge / 2) as usize]); - } - Some(&ge) if ge < 0 => { - a = a.minus_point(&table_i[((-ge) / 2) as usize]); - } - _ => (), - } - } - } - a -} - -/// Compute the table of powers that can be used `multiexp_worker_given_table`. -pub fn multiexp_table>(gs: &[X], window_size: usize) -> Vec> { - let k = gs.len(); - let mut table = Vec::with_capacity(k); - for g in gs.iter() { - let sq = g.borrow().plus_point(g.borrow()); - let mut tmp = *g.borrow(); - // All of the odd exponents, between 1 and 2^w. - let num_exponents = 1 << (window_size - 1); - let mut exps = Vec::with_capacity(num_exponents); - exps.push(tmp); - for _ in 1..num_exponents { - tmp = tmp.plus_point(&sq); - exps.push(tmp); - } - table.push(exps); - } - table +pub fn multiexp(gs: &[X], exps: &[C::Scalar]) -> C +where + C: Curve, + X: Borrow, { + C::new_multiexp(gs).multiexp(exps) } #[cfg(test)] From 5ccd66f176094bd1c89542ec606690f99d678f1c Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 27 Nov 2023 12:51:17 +0100 Subject: [PATCH 14/45] Arkworks integration WIP --- rust-src/Cargo.lock | 131 ++++++++---------- rust-src/concordium_base/Cargo.toml | 5 +- .../curve_arithmetic/arkworks_instances.rs | 87 +++++++++--- .../src/curve_arithmetic/mod.rs | 2 +- 4 files changed, 135 insertions(+), 90 deletions(-) diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index 5eef81c7e..3d94d70b2 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -87,59 +87,41 @@ version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" -[[package]] -name = "ark-curve25519" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ab653b3eff27100f7dcb06b94785f2fbe0d1230408df55d543ee0ef48cd8760" -dependencies = [ - "ark-ec", - "ark-ff", - "ark-std", -] - [[package]] name = "ark-ec" -version = "0.4.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba" +checksum = "c56006994f509d76fbce6f6ffe3108f7191b4f3754ecd00bbae7cac20ec05020" dependencies = [ "ark-ff", - "ark-poly", "ark-serialize", "ark-std", "derivative", - "hashbrown 0.13.2", - "itertools", "num-traits", "zeroize", ] [[package]] name = "ark-ff" -version = "0.4.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba" +checksum = "a4d8802d40fce9212c5c09be08f75c4b3becc0c488e87f60fff787b01250ce33" dependencies = [ "ark-ff-asm", "ark-ff-macros", "ark-serialize", "ark-std", "derivative", - "digest 0.10.7", - "itertools", - "num-bigint 0.4.4", "num-traits", - "paste", - "rustc_version", + "rustc_version 0.3.3", "zeroize", ] [[package]] name = "ark-ff-asm" -version = "0.4.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348" +checksum = "3e8cb28c2137af1ef058aa59616db3f7df67dbb70bf2be4ee6920008cc30d98c" dependencies = [ "quote", "syn 1.0.109", @@ -147,61 +129,33 @@ dependencies = [ [[package]] name = "ark-ff-macros" -version = "0.4.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565" +checksum = "0b9c256a93a10ed9708c16a517d6dcfaba3d215c0d7fab44d29a9affefb5eeb8" dependencies = [ "num-bigint 0.4.4", "num-traits", - "proc-macro2", "quote", "syn 1.0.109", ] -[[package]] -name = "ark-poly" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" -dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "hashbrown 0.13.2", -] - [[package]] name = "ark-serialize" -version = "0.4.2" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5" +checksum = "c3e9b59329dc9b92086b3dc619f31cef4a0c802f10829b575a3666d48a48387d" dependencies = [ - "ark-serialize-derive", "ark-std", - "digest 0.10.7", - "num-bigint 0.4.4", -] - -[[package]] -name = "ark-serialize-derive" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", ] [[package]] name = "ark-std" -version = "0.4.0" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" +checksum = "fb5b856a29bea7b810858116a596beee3d20fc4c5aeb240e8e5a8bca4845a470" dependencies = [ - "num-traits", - "rand 0.8.5", + "rand 0.7.3", + "rand_xorshift", ] [[package]] @@ -585,7 +539,6 @@ version = "3.0.1" dependencies = [ "aes", "anyhow", - "ark-curve25519", "ark-ec", "ark-ff", "base64 0.13.1", @@ -859,7 +812,7 @@ dependencies = [ "convert_case", "proc-macro2", "quote", - "rustc_version", + "rustc_version 0.4.0", "syn 1.0.109", ] @@ -1578,12 +1531,6 @@ dependencies = [ "subtle", ] -[[package]] -name = "paste" -version = "1.0.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c" - [[package]] name = "pbkdf2" version = "0.10.1" @@ -1608,6 +1555,17 @@ dependencies = [ "sha2 0.10.7", ] +[[package]] +name = "pest" +version = "2.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae9cee2a55a544be8b89dc6848072af97a20f2422603c10865be2a42b580fff5" +dependencies = [ + "memchr", + "thiserror", + "ucd-trie", +] + [[package]] name = "plotters" version = "0.3.5" @@ -1944,13 +1902,22 @@ version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" +[[package]] +name = "rustc_version" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" +dependencies = [ + "semver 0.11.0", +] + [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver", + "semver 1.0.18", ] [[package]] @@ -1993,12 +1960,30 @@ version = "4.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" +[[package]] +name = "semver" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" +dependencies = [ + "semver-parser", +] + [[package]] name = "semver" version = "1.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b0293b4b29daaf487284529cc2f5675b8e57c61f70167ba415a463651fd6a918" +[[package]] +name = "semver-parser" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" +dependencies = [ + "pest", +] + [[package]] name = "serde" version = "1.0.188" @@ -2318,6 +2303,12 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" +[[package]] +name = "ucd-trie" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" + [[package]] name = "unicode-ident" version = "1.0.11" diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 8a1d4c439..3e32ff45e 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -13,9 +13,8 @@ homepage = "https://github.com/Concordium/concordium-base" [dependencies] ff = "0.5" -ark-ff = "0.4" -ark-ec = "0.4" -ark-curve25519 = "0.4.0" +ark-ff = "0.2" +ark-ec = "0.2" sha2 = "0.10" sha3 = "0.10" anyhow = "1.0" diff --git a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs index 33e6968e8..e2ad90c65 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs @@ -1,12 +1,23 @@ +use ark_ec::AffineCurve; +use ark_ff::{FpParameters, FromBytes}; use core::fmt; use crate::common::{Deserial, Serial}; -use super::{Curve, Field, GenericMultiExp, PrimeField}; +use super::{Curve, CurveDecodingError, Field, GenericMultiExp, PrimeField}; #[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] pub struct ArkField< - F: ark_ff::Field + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + F: ark_ff::Field + + Sized + + Eq + + Copy + + Clone + + Send + + Sync + + fmt::Debug + + fmt::Display + + ark_ff::UniformRand, >(F); impl Serial @@ -57,27 +68,56 @@ impl Field for ArkField { impl PrimeField for ArkField { const CAPACITY: u32 = Self::NUM_BITS - 1; - const NUM_BITS: u32 = F::MODULUS_BIT_SIZE; + const NUM_BITS: u32 = F::Params::MODULUS_BITS; - fn into_repr(self) -> Vec { self.0.into_bigint().as_ref().to_vec() } + fn into_repr(self) -> Vec { + // self.0.into_bigint().as_ref().to_vec() + self.0.into_repr().as_ref().to_vec() + } - fn from_repr(_: &[u64]) -> Result { todo!() } + fn from_repr(repr: &[u64]) -> Result { + let mut buffer = Vec::new(); + for u in repr { + buffer.extend(u.to_le_bytes()); + } + let big_int = F::BigInt::read(buffer.as_slice()) + .map_err(|_| CurveDecodingError::NotInField(format!("{:?}", repr)))?; + let res = + F::from_repr(big_int).ok_or(CurveDecodingError::NotInField(format!("{:?}", repr)))?; + Ok(ArkField(res)) + } } #[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] pub struct ArkGroup< - G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + G: ark_ec::ProjectiveCurve + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, >(G); impl< - G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + G: ark_ec::ProjectiveCurve + + Sized + + Eq + + Copy + + Clone + + Send + + Sync + + fmt::Debug + + fmt::Display, > Serial for ArkGroup { fn serial(&self, _out: &mut B) { todo!() } } impl< - G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + G: ark_ec::ProjectiveCurve + + Sized + + Eq + + Copy + + Clone + + Send + + Sync + + fmt::Debug + + fmt::Display, > Deserial for ArkGroup { fn deserial(_source: &mut R) -> crate::common::ParseResult { @@ -86,7 +126,15 @@ impl< } impl< - G: ark_ec::CurveGroup + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, + G: ark_ec::ProjectiveCurve + + Sized + + Eq + + Copy + + Clone + + Send + + Sync + + fmt::Debug + + fmt::Display, > From for ArkGroup { fn from(value: G) -> Self { ArkGroup(value) } @@ -98,7 +146,7 @@ pub(crate) trait CurveElementLength { const GROUP_ELEMENT_LENGTH: usize; } -impl Curve for ArkGroup { +impl Curve for ArkGroup { type MultiExpType = GenericMultiExp; type Scalar = ArkField; @@ -107,7 +155,7 @@ impl Curve for ArkGr fn zero_point() -> Self { ArkGroup(G::zero()) } - fn one_point() -> Self { ArkGroup(G::generator()) } + fn one_point() -> Self { ArkGroup(G::prime_subgroup_generator()) } fn is_zero_point(&self) -> bool { self.0.is_zero() } @@ -119,19 +167,26 @@ impl Curve for ArkGr fn minus_point(&self, other: &Self) -> Self { ArkGroup(self.0 - other.0) } - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { ArkGroup(self.0 * scalar.0) } + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { + ArkGroup(self.0.into_affine().mul(scalar.0)) + } fn bytes_to_curve_unchecked(_b: &mut R) -> anyhow::Result { todo!() } - fn generate(_rng: &mut R) -> Self { todo!() } + fn generate(rng: &mut R) -> Self { ArkGroup(G::rand(rng)) } - fn generate_scalar(_rng: &mut R) -> Self::Scalar { todo!() } + fn generate_scalar(rng: &mut R) -> Self::Scalar { + ArkField(::rand(rng)) + } - fn scalar_from_u64(_n: u64) -> Self::Scalar { todo!() } + fn scalar_from_u64(n: u64) -> Self::Scalar { ArkField(G::ScalarField::from(n)) } - fn scalar_from_bytes>(_bs: A) -> Self::Scalar { todo!() } + fn scalar_from_bytes>(bs: A) -> Self::Scalar { + let res = G::ScalarField::read(bs.as_ref()).unwrap(); + ArkField(res) + } fn hash_to_group(_m: &[u8]) -> Self { todo!() } } diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index c38b76bd5..fb9ffff21 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -4,7 +4,7 @@ pub mod arkworks_instances; mod bls12_381_g1hash; mod bls12_381_g2hash; mod bls12_381_instance; -mod ed25519_arkworks; +// mod ed25519_arkworks; mod ed25519_instance; mod ed25519_ng_instance; // mod ed25519_new_instance; From 89c71bf5537be377ab49a15c546d5eb972886f28 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 27 Nov 2023 15:26:27 +0100 Subject: [PATCH 15/45] Fix clippy warnings --- .../src/curve_arithmetic/ed25519_instance.rs | 2 +- .../src/curve_arithmetic/ed25519_ng_instance.rs | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index fe3a1410b..9f4d4050f 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -168,7 +168,7 @@ impl Curve for RistrettoPoint { fn minus_point(&self, other: &Self) -> Self { self - other } - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { *self * (*scalar).0 } + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { self * scalar.0 } fn bytes_to_curve_unchecked( source: &mut R, diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs index a7417ebf4..0f3abf2d4 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs @@ -168,7 +168,7 @@ impl Curve for RistrettoPoint { fn minus_point(&self, other: &Self) -> Self { self - other } - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { *self * (*scalar).0 } + fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { self * scalar.0 } fn bytes_to_curve_unchecked( source: &mut R, @@ -213,14 +213,14 @@ impl MultiExp for VartimeRistrettoPrecomputation { type CurvePoint = RistrettoPoint; fn new>(gs: &[X]) -> Self { - ::new(gs.into_iter().map(|p| p.borrow())) + ::new(gs.iter().map(|p| p.borrow())) } fn multiexp::Scalar>>( &self, exps: &[X], ) -> Self::CurvePoint { - self.vartime_multiscalar_mul(exps.into_iter().map(|p| p.borrow().0)) + self.vartime_multiscalar_mul(exps.iter().map(|p| p.borrow().0)) } } @@ -236,7 +236,7 @@ impl MultiExp for RistrettoMultiExpNoPrecompute { fn new>(gs: &[X]) -> Self { Self { - points: gs.into_iter().map(|x| *x.borrow()).collect(), + points: gs.iter().map(|x| *x.borrow()).collect(), } } @@ -245,7 +245,7 @@ impl MultiExp for RistrettoMultiExpNoPrecompute { exps: &[X], ) -> Self::CurvePoint { Self::CurvePoint::vartime_multiscalar_mul( - exps.into_iter().map(|p| p.borrow().0), + exps.iter().map(|p| p.borrow().0), &self.points, ) } From d6edf657f5daba0c60bda20e4b1fac9c6b55a405 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 27 Nov 2023 16:24:56 +0100 Subject: [PATCH 16/45] Clean-up: remove experimental code; fix imports; constants and comments --- rust-src/concordium_base/benches/msm_bench.rs | 7 +- .../benches/range_proof_bench.rs | 4 - .../curve_arithmetic/arkworks_instances.rs | 192 ------------- .../src/curve_arithmetic/ed25519_arkworks.rs | 7 - .../src/curve_arithmetic/ed25519_instance.rs | 63 ++++- .../curve_arithmetic/ed25519_ng_instance.rs | 252 ------------------ .../src/curve_arithmetic/mod.rs | 12 +- 7 files changed, 61 insertions(+), 476 deletions(-) delete mode 100644 rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs delete mode 100644 rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs delete mode 100644 rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs diff --git a/rust-src/concordium_base/benches/msm_bench.rs b/rust-src/concordium_base/benches/msm_bench.rs index 742cacc50..b3ca2374c 100644 --- a/rust-src/concordium_base/benches/msm_bench.rs +++ b/rust-src/concordium_base/benches/msm_bench.rs @@ -5,7 +5,6 @@ extern crate criterion; use concordium_base::curve_arithmetic::*; use criterion::Criterion; -use curve25519_dalek_ng::{ristretto::RistrettoPoint, traits::VartimePrecomputedMultiscalarMul}; use pairing::bls12_381::G1; use rand::*; use std::time::Duration; @@ -40,7 +39,9 @@ pub fn dalek_msm_benchmarks(c: &mut Criterion) { let mut group = c.benchmark_group("Multi-Scalar Multiplication"); let mut rng = &mut thread_rng(); - use curve25519_dalek_ng::{scalar::Scalar, traits::VartimeMultiscalarMul}; + use curve25519_dalek::{ + ristretto::RistrettoPoint, scalar::Scalar, traits::VartimeMultiscalarMul, + }; let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); @@ -54,5 +55,5 @@ pub fn dalek_msm_benchmarks(c: &mut Criterion) { criterion_group!( name = benchmarks; config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(100); - targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks); + targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/benches/range_proof_bench.rs b/rust-src/concordium_base/benches/range_proof_bench.rs index 7129d75ab..58335f1c0 100644 --- a/rust-src/concordium_base/benches/range_proof_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_bench.rs @@ -17,8 +17,6 @@ use pprof::criterion::Output; use rand::*; use std::time::Duration; -// type SomeCurve = G1; - pub fn prove_verify_benchmarks(c: &mut Criterion) { let mut group = c.benchmark_group("Range Proof"); @@ -125,7 +123,5 @@ criterion_group!( targets = prove_verify_benchmarks::, prove_verify_benchmarks::, - prove_verify_benchmarks::, - //prove_verify_benchmarks::> ); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs b/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs deleted file mode 100644 index e2ad90c65..000000000 --- a/rust-src/concordium_base/src/curve_arithmetic/arkworks_instances.rs +++ /dev/null @@ -1,192 +0,0 @@ -use ark_ec::AffineCurve; -use ark_ff::{FpParameters, FromBytes}; -use core::fmt; - -use crate::common::{Deserial, Serial}; - -use super::{Curve, CurveDecodingError, Field, GenericMultiExp, PrimeField}; - -#[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] -pub struct ArkField< - F: ark_ff::Field - + Sized - + Eq - + Copy - + Clone - + Send - + Sync - + fmt::Debug - + fmt::Display - + ark_ff::UniformRand, ->(F); - -impl Serial - for ArkField -{ - fn serial(&self, _out: &mut B) { todo!() } -} - -impl - Deserial for ArkField -{ - fn deserial(_source: &mut R) -> crate::common::ParseResult { - todo!() - } -} - -impl - fmt::Display for ArkField -{ - fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { - ::fmt(&self.0, f) - } -} - -impl Field for ArkField { - fn random(_rng: &mut R) -> Self { todo!() } - - fn zero() -> Self { todo!() } - - fn one() -> Self { todo!() } - - fn is_zero(&self) -> bool { todo!() } - - fn square(&mut self) { todo!() } - - fn double(&mut self) { todo!() } - - fn negate(&mut self) { todo!() } - - fn add_assign(&mut self, _other: &Self) { todo!() } - - fn sub_assign(&mut self, _other: &Self) { todo!() } - - fn mul_assign(&mut self, _other: &Self) { todo!() } - - fn inverse(&self) -> Option { todo!() } -} - -impl PrimeField for ArkField { - const CAPACITY: u32 = Self::NUM_BITS - 1; - const NUM_BITS: u32 = F::Params::MODULUS_BITS; - - fn into_repr(self) -> Vec { - // self.0.into_bigint().as_ref().to_vec() - self.0.into_repr().as_ref().to_vec() - } - - fn from_repr(repr: &[u64]) -> Result { - let mut buffer = Vec::new(); - for u in repr { - buffer.extend(u.to_le_bytes()); - } - let big_int = F::BigInt::read(buffer.as_slice()) - .map_err(|_| CurveDecodingError::NotInField(format!("{:?}", repr)))?; - let res = - F::from_repr(big_int).ok_or(CurveDecodingError::NotInField(format!("{:?}", repr)))?; - Ok(ArkField(res)) - } -} - -#[derive(PartialEq, Eq, Copy, Clone, fmt::Debug)] -pub struct ArkGroup< - G: ark_ec::ProjectiveCurve + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display, ->(G); - -impl< - G: ark_ec::ProjectiveCurve - + Sized - + Eq - + Copy - + Clone - + Send - + Sync - + fmt::Debug - + fmt::Display, - > Serial for ArkGroup -{ - fn serial(&self, _out: &mut B) { todo!() } -} - -impl< - G: ark_ec::ProjectiveCurve - + Sized - + Eq - + Copy - + Clone - + Send - + Sync - + fmt::Debug - + fmt::Display, - > Deserial for ArkGroup -{ - fn deserial(_source: &mut R) -> crate::common::ParseResult { - todo!() - } -} - -impl< - G: ark_ec::ProjectiveCurve - + Sized - + Eq - + Copy - + Clone - + Send - + Sync - + fmt::Debug - + fmt::Display, - > From for ArkGroup -{ - fn from(value: G) -> Self { ArkGroup(value) } -} - -pub(crate) trait CurveElementLength { - const SCALAR_LENGTH: usize; - - const GROUP_ELEMENT_LENGTH: usize; -} - -impl Curve for ArkGroup { - type MultiExpType = GenericMultiExp; - type Scalar = ArkField; - - const GROUP_ELEMENT_LENGTH: usize = G::GROUP_ELEMENT_LENGTH; - const SCALAR_LENGTH: usize = G::SCALAR_LENGTH; - - fn zero_point() -> Self { ArkGroup(G::zero()) } - - fn one_point() -> Self { ArkGroup(G::prime_subgroup_generator()) } - - fn is_zero_point(&self) -> bool { self.0.is_zero() } - - fn inverse_point(&self) -> Self { ArkGroup(-self.0) } - - fn double_point(&self) -> Self { ArkGroup(self.0.double()) } - - fn plus_point(&self, other: &Self) -> Self { ArkGroup(self.0 + other.0) } - - fn minus_point(&self, other: &Self) -> Self { ArkGroup(self.0 - other.0) } - - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { - ArkGroup(self.0.into_affine().mul(scalar.0)) - } - - fn bytes_to_curve_unchecked(_b: &mut R) -> anyhow::Result { - todo!() - } - - fn generate(rng: &mut R) -> Self { ArkGroup(G::rand(rng)) } - - fn generate_scalar(rng: &mut R) -> Self::Scalar { - ArkField(::rand(rng)) - } - - fn scalar_from_u64(n: u64) -> Self::Scalar { ArkField(G::ScalarField::from(n)) } - - fn scalar_from_bytes>(bs: A) -> Self::Scalar { - let res = G::ScalarField::read(bs.as_ref()).unwrap(); - ArkField(res) - } - - fn hash_to_group(_m: &[u8]) -> Self { todo!() } -} diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs deleted file mode 100644 index eab28dab6..000000000 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_arkworks.rs +++ /dev/null @@ -1,7 +0,0 @@ -use super::arkworks_instances::CurveElementLength; -use ark_curve25519::*; - -impl CurveElementLength for EdwardsProjective { - const GROUP_ELEMENT_LENGTH: usize = 64; - const SCALAR_LENGTH: usize = 32; -} diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 9f4d4050f..e16086677 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -1,4 +1,5 @@ use std::{ + borrow::Borrow, fmt::Display, ops::{AddAssign, MulAssign, Neg, SubAssign}, }; @@ -7,12 +8,12 @@ use crate::common::{Buffer, Deserial, Serial}; use byteorder::{ByteOrder, LittleEndian}; use curve25519_dalek::{ constants::RISTRETTO_BASEPOINT_POINT, - ristretto::{CompressedRistretto, RistrettoPoint}, + ristretto::{CompressedRistretto, RistrettoPoint, VartimeRistrettoPrecomputation}, scalar::Scalar, - traits::Identity, + traits::{Identity, VartimeMultiscalarMul, VartimePrecomputedMultiscalarMul}, }; -use super::{Curve, Field, GenericMultiExp, PrimeField}; +use super::{Curve, Field, GenericMultiExp, MultiExp, PrimeField}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. @@ -86,18 +87,13 @@ impl Field for RistrettoScalar { Some(self.0.invert().into()) } } - - // fn frobenius_map(&mut self, power: usize) { - // self.pow(power) - // todo!() - //} } impl PrimeField for RistrettoScalar { - // TODO: check this, this numbers are here just to make the compiler happy. - const CAPACITY: u32 = 254; - // TODO: check this, this numbers are here just to make the compiler happy. - const NUM_BITS: u32 = 255; + // Taken from `curve25519-dalek` v.4.1.1 that implements `ff::PrimeField` + const CAPACITY: u32 = 252; + // Taken from `curve25519-dalek` v.4.1.1 that implements `ff::PrimeField`` + const NUM_BITS: u32 = 253; fn into_repr(self) -> Vec { let mut vec: Vec = Vec::new(); @@ -204,3 +200,46 @@ impl Curve for RistrettoPoint { RistrettoPoint::hash_from_bytes::(m) } } + +/// An instance of multiexp algorithm from the Dalek library that uses +/// precomputed table of points. Precomputing is slow, so it makes sense to use +/// this implementation when one wants to share the precomputed table with many +/// subsequient computations. For our current usecases it seems not relevant. +impl MultiExp for VartimeRistrettoPrecomputation { + type CurvePoint = RistrettoPoint; + + fn new>(gs: &[X]) -> Self { + ::new(gs.iter().map(|p| p.borrow())) + } + + fn multiexp::Scalar>>( + &self, + exps: &[X], + ) -> Self::CurvePoint { + self.vartime_multiscalar_mul(exps.iter().map(|p| p.borrow().0)) + } +} + +/// An instance of multiexp algorithm from the Dalek library. +/// It is instantiated with points, but no precomutations is done. +/// This way, it follows the same interface as our generic multiexp. +pub struct RistrettoMultiExpNoPrecompute { + points: Vec, +} + +impl MultiExp for RistrettoMultiExpNoPrecompute { + type CurvePoint = RistrettoPoint; + + fn new>(gs: &[X]) -> Self { + Self { + points: gs.iter().map(|x| *x.borrow()).collect(), + } + } + + fn multiexp::Scalar>>( + &self, + exps: &[X], + ) -> Self::CurvePoint { + Self::CurvePoint::vartime_multiscalar_mul(exps.iter().map(|p| p.borrow().0), &self.points) + } +} diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs deleted file mode 100644 index 0f3abf2d4..000000000 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_ng_instance.rs +++ /dev/null @@ -1,252 +0,0 @@ -use crate::common::{Buffer, Deserial, Serial}; -use byteorder::{ByteOrder, LittleEndian}; -use core::borrow::Borrow; -use curve25519_dalek_ng::{ - constants::RISTRETTO_BASEPOINT_POINT, - ristretto::{CompressedRistretto, RistrettoPoint, VartimeRistrettoPrecomputation}, - scalar::Scalar, - traits::{Identity, VartimeMultiscalarMul, VartimePrecomputedMultiscalarMul}, -}; -use std::{ - fmt::Display, - ops::{AddAssign, MulAssign, Neg, SubAssign}, -}; - -use super::{Curve, Field, MultiExp, PrimeField}; - -/// A wrapper to make it possible to implement external traits -/// and to avoid clashes with blacket implementations. -#[derive(Clone, Copy, Debug, PartialEq, Eq)] -pub struct RistrettoScalar(Scalar); - -impl Serial for RistrettoScalar { - fn serial(&self, out: &mut B) { - let res: &[u8; 32] = self.0.as_bytes(); - out.write_all(res) - .expect("Writing to a buffer should not fail."); - } -} - -impl Deserial for RistrettoScalar { - fn deserial(source: &mut R) -> crate::common::ParseResult { - let mut buf: [u8; 32] = [0; 32]; - source.read_exact(&mut buf)?; - let res = Scalar::from_canonical_bytes(buf).ok_or(anyhow::anyhow!( - "Deserialization failed! Not a field value!" - ))?; - Ok(res.into()) - } -} - -impl Display for RistrettoScalar { - fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - // Use Debug as Display for now - std::fmt::Debug::fmt(self, f) - } -} - -// Since we use a wrapper type, it is convenient to use `into()` to convert from -// Scalar. -impl From for RistrettoScalar { - fn from(value: Scalar) -> Self { RistrettoScalar(value) } -} - -impl Field for RistrettoScalar { - fn random(rng: &mut R) -> Self { - let mut scalar_bytes = [0u8; 64]; - rng.fill_bytes(&mut scalar_bytes); - Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() - } - - fn zero() -> Self { Scalar::zero().into() } - - fn one() -> Self { Scalar::one().into() } - - fn is_zero(&self) -> bool { self.0 == Self::zero().0 } - - fn square(&mut self) { self.0.mul_assign(self.0) } - - fn double(&mut self) { self.0.add_assign(self.0) } - - fn negate(&mut self) { - let v = self.0.neg(); - self.0 = v; - } - - fn add_assign(&mut self, other: &Self) { self.0.add_assign(other.0) } - - fn sub_assign(&mut self, other: &Self) { self.0.sub_assign(other.0) } - - fn mul_assign(&mut self, other: &Self) { self.0.mul_assign(other.0) } - - fn inverse(&self) -> Option { - if self.is_zero() { - None - } else { - Some(self.0.invert().into()) - } - } - - // fn frobenius_map(&mut self, power: usize) { - // self.pow(power) - // todo!() - //} -} - -impl PrimeField for RistrettoScalar { - // TODO: check this, this numbers are here just to make the compiler happy. - const CAPACITY: u32 = 254; - // TODO: check this, this numbers are here just to make the compiler happy. - const NUM_BITS: u32 = 255; - - fn into_repr(self) -> Vec { - let mut vec: Vec = Vec::new(); - let bytes = self.0.to_bytes(); - for chunk in bytes.chunks(8) { - let x: [u8; 8] = chunk.try_into().unwrap(); - let x_64 = u64::from_le_bytes(x); - vec.push(x_64); - } - vec - } - - fn from_repr(r: &[u64]) -> Result { - let tmp: [u64; 4] = r - .try_into() - .map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; - let mut s_bytes = [0u8; 32]; - for x in tmp { - LittleEndian::write_u64(&mut s_bytes, x); - } - let res = Scalar::from_canonical_bytes(s_bytes).ok_or( - super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)), - )?; - Ok(res.into()) - } -} - -impl Serial for RistrettoPoint { - fn serial(&self, out: &mut B) { - let compressed_point = self.compress(); - let res: &[u8; 32] = compressed_point.as_bytes(); - out.write_all(res) - .expect("Writing to a buffer should not fail."); - } -} - -impl Deserial for RistrettoPoint { - fn deserial(source: &mut R) -> crate::common::ParseResult { - let mut buf: [u8; 32] = [0; 32]; - source.read_exact(&mut buf)?; - let res = CompressedRistretto::from_slice(&buf) - .decompress() - .ok_or(anyhow::anyhow!("Failed!"))?; - Ok(res) - } -} - -impl Curve for RistrettoPoint { - type MultiExpType = RistrettoMultiExpNoPrecompute; - type Scalar = RistrettoScalar; - - // TODO: check this. - const GROUP_ELEMENT_LENGTH: usize = 64; - // TODO: check this. - const SCALAR_LENGTH: usize = 32; - - fn zero_point() -> Self { Self::identity() } - - fn one_point() -> Self { RISTRETTO_BASEPOINT_POINT } - - fn is_zero_point(&self) -> bool { self == &Self::zero_point() } - - fn inverse_point(&self) -> Self { -self } - - fn double_point(&self) -> Self { self + self } - - fn plus_point(&self, other: &Self) -> Self { self + other } - - fn minus_point(&self, other: &Self) -> Self { self - other } - - fn mul_by_scalar(&self, scalar: &Self::Scalar) -> Self { self * scalar.0 } - - fn bytes_to_curve_unchecked( - source: &mut R, - ) -> anyhow::Result { - let mut buf: [u8; 32] = [0; 32]; - source.read_exact(&mut buf)?; - let res = CompressedRistretto::from_slice(&buf) - .decompress() - .ok_or(anyhow::anyhow!("Failed!"))?; - Ok(res) - } - - fn generate(rng: &mut R) -> Self { - let mut uniform_bytes = [0u8; 64]; - rng.fill_bytes(&mut uniform_bytes); - - RistrettoPoint::from_uniform_bytes(&uniform_bytes) - } - - fn generate_scalar(rng: &mut R) -> Self::Scalar { - let mut scalar_bytes = [0u8; 64]; - rng.fill_bytes(&mut scalar_bytes); - Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() - } - - fn scalar_from_u64(n: u64) -> Self::Scalar { Scalar::from(n).into() } - - fn scalar_from_bytes>(bs: A) -> Self::Scalar { - Scalar::hash_from_bytes::(bs.as_ref()).into() - } - - fn hash_to_group(m: &[u8]) -> Self { - RistrettoPoint::hash_from_bytes::(m) - } -} - -/// An instance of multiexp algorithm from the Dalek labrary that uses -/// precomputed table of points. Precomputing is slow, so it makes sense to use -/// this implementation when one wants to share the precomputed table with many -/// subsequient computations. For our current usecases it seems not relevant. -impl MultiExp for VartimeRistrettoPrecomputation { - type CurvePoint = RistrettoPoint; - - fn new>(gs: &[X]) -> Self { - ::new(gs.iter().map(|p| p.borrow())) - } - - fn multiexp::Scalar>>( - &self, - exps: &[X], - ) -> Self::CurvePoint { - self.vartime_multiscalar_mul(exps.iter().map(|p| p.borrow().0)) - } -} - -/// An instance of multiexp algorithm from the Dalek labrary. -/// It is instantiated with points, but no precomutations is done. -/// This way it follows the same interface and our generic multiexp. -pub struct RistrettoMultiExpNoPrecompute { - points: Vec, -} - -impl MultiExp for RistrettoMultiExpNoPrecompute { - type CurvePoint = RistrettoPoint; - - fn new>(gs: &[X]) -> Self { - Self { - points: gs.iter().map(|x| *x.borrow()).collect(), - } - } - - fn multiexp::Scalar>>( - &self, - exps: &[X], - ) -> Self::CurvePoint { - Self::CurvePoint::vartime_multiscalar_mul( - exps.iter().map(|p| p.borrow().0), - &self.points, - ) - } -} diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index 9d0c49181..90eb435d0 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -1,13 +1,9 @@ //! Basic definitions of the curve and pairing abstractions, and implementations //! of these abstractions for the curves used on Concordium. -pub mod arkworks_instances; mod bls12_381_g1hash; mod bls12_381_g2hash; mod bls12_381_instance; -// mod ed25519_arkworks; mod ed25519_instance; -mod ed25519_ng_instance; -// mod ed25519_new_instance; pub mod secret_value; pub use secret_value::{Secret, Value}; @@ -86,6 +82,9 @@ pub trait Field: } } +/// This is an extension of the `Field` trait that adds some constants decribing +/// the element size and operations for conveting to/from bib integer +/// representation (an array of `u64` limbs.) pub trait PrimeField: Field { /// How many bits are needed to represent an element of this field. const NUM_BITS: u32; @@ -94,10 +93,11 @@ pub trait PrimeField: Field { /// element. const CAPACITY: u32; - /// Convert this prime field element into a biginteger representation. + /// Get a big integer representation with least significant digit first. fn into_repr(self) -> Vec; - /// Convert a biginteger representation into a prime field element + /// Get a prime field element from its big integer representaion (least + /// significant digit first). fn from_repr(_: &[u64]) -> Result; } From 5b128fee95f1a8b84cd1fd950e84e754e9b3c6ae Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 27 Nov 2023 20:29:39 +0100 Subject: [PATCH 17/45] Use RistrettoMultiExpNoPrecompute as multiexp for ristretto --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index e16086677..84c578a2f 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -142,7 +142,7 @@ impl Deserial for RistrettoPoint { } impl Curve for RistrettoPoint { - type MultiExpType = GenericMultiExp; + type MultiExpType = RistrettoMultiExpNoPrecompute; type Scalar = RistrettoScalar; // TODO: check this. From 91306b570e613252cfc87325553642cc27e991e9 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 27 Nov 2023 22:37:14 +0100 Subject: [PATCH 18/45] Remove unused import and redundant comment --- rust-src/concordium_base/benches/range_proof_dalek_bench.rs | 1 - .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs index 00e2ba784..e9dbd8571 100644 --- a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs @@ -3,7 +3,6 @@ use criterion::*; use pprof::criterion::{Output, PProfProfiler}; use rand::Rng; -// use rand::*; use rand_core::*; use std::time::Duration; diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 84c578a2f..bdcbfe32e 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -13,7 +13,7 @@ use curve25519_dalek::{ traits::{Identity, VartimeMultiscalarMul, VartimePrecomputedMultiscalarMul}, }; -use super::{Curve, Field, GenericMultiExp, MultiExp, PrimeField}; +use super::{Curve, Field, MultiExp, PrimeField}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. From b48d1fdd4d52da1aece99583c012ac6412cc1e60 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Mon, 27 Nov 2023 22:48:26 +0100 Subject: [PATCH 19/45] Cleanup --- .../concordium_base/src/bulletproofs/range_proof.rs | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/rust-src/concordium_base/src/bulletproofs/range_proof.rs b/rust-src/concordium_base/src/bulletproofs/range_proof.rs index ae46f29e4..b45a3ebf0 100644 --- a/rust-src/concordium_base/src/bulletproofs/range_proof.rs +++ b/rust-src/concordium_base/src/bulletproofs/range_proof.rs @@ -224,16 +224,10 @@ pub fn prove( .copied() .chain(once(B_tilde)) .collect(); - // // compute A and S comittments using multi exponentiation - // let window_size = 4; - // let table = multiexp_table(&GH_B_tilde, window_size); - // let A = multiexp_worker_given_table(&A_scalars, &table, window_size); - // let S = multiexp_worker_given_table(&S_scalars, &table, window_size); + // compute A and S comittments using multi exponentiation let multiexp_alg = C::new_multiexp(&GH_B_tilde); let A = multiexp_alg.multiexp(&A_scalars); let S = multiexp_alg.multiexp(&S_scalars); - // let A = multiexp(&GH_B_tilde, &A_scalars); - // let S = multiexp(GH_B_tilde, &S_scalars); // append commitments A and S to transcript transcript.append_message(b"A", &A); transcript.append_message(b"S", &S); @@ -811,7 +805,7 @@ mod tests { /// The second check will fail. /// This is tested by checking if the verifier returns /// Err(Err(VerificationError::Second)) - type SomeCurve = curve25519_dalek::ristretto::RistrettoPoint; + type SomeCurve = G1; #[allow(non_snake_case)] #[allow(clippy::too_many_arguments)] #[allow(clippy::many_single_char_names)] From cfa3b5937c9f84b3045dcb1df5a1fae6cf17e906 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Tue, 28 Nov 2023 09:44:01 +0100 Subject: [PATCH 20/45] Update CHANGELOG --- rust-src/concordium_base/CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/rust-src/concordium_base/CHANGELOG.md b/rust-src/concordium_base/CHANGELOG.md index 39135fbd4..c6f4850e1 100644 --- a/rust-src/concordium_base/CHANGELOG.md +++ b/rust-src/concordium_base/CHANGELOG.md @@ -1,6 +1,9 @@ ## Unreleased changes - Improve performance of `multiexp*` family of functions. +- Add traits `Field` and `PrimeField` with implementations for the underlying field of the `BLS12-381`` curve. +- Add `MultiExp` trait that allows to have different `multiexp` algorithm implementations for different curves. +- Add implementations of `Field`, `PrimeField` and `Curve` for the Ristretto representation of `curve25519`. ## 3.2.0 (2023-11-22) From c7329396754aeed7487fd04e836407b4932ce96b Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Tue, 28 Nov 2023 14:31:43 +0100 Subject: [PATCH 21/45] Cleanup; set GROUP_ELEMENT_LENGTH to 32 for curve25519 --- rust-src/Cargo.lock | 1 - rust-src/concordium_base/Cargo.toml | 1 - .../src/curve_arithmetic/bls12_381_instance.rs | 1 - .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 4 ++-- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 2 +- 5 files changed, 3 insertions(+), 6 deletions(-) diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index bde3a9762..8cfc1b3cd 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -545,7 +545,6 @@ dependencies = [ "concordium_base_derive", "criterion", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index fecf7a495..7d518b7a0 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -56,7 +56,6 @@ nom = "7.1.3" bulletproofs = "3.0.0" merlin = { version = "2", default-features = false } -curve25519-dalek-ng = "3" [lib] crate-type = ["rlib", "staticlib", "cdylib"] diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 99d631410..cd77984a9 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -52,7 +52,6 @@ impl Field for F { fn inverse(&self) -> Option { self.inverse() } - // fn frobenius_map(&mut self, power: usize) { self.frobenius_map(power) } } impl From for CurveDecodingError { diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index bdcbfe32e..7ea785bd1 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -146,7 +146,7 @@ impl Curve for RistrettoPoint { type Scalar = RistrettoScalar; // TODO: check this. - const GROUP_ELEMENT_LENGTH: usize = 64; + const GROUP_ELEMENT_LENGTH: usize = 32; // TODO: check this. const SCALAR_LENGTH: usize = 32; @@ -204,7 +204,7 @@ impl Curve for RistrettoPoint { /// An instance of multiexp algorithm from the Dalek library that uses /// precomputed table of points. Precomputing is slow, so it makes sense to use /// this implementation when one wants to share the precomputed table with many -/// subsequient computations. For our current usecases it seems not relevant. +/// subsequent computations. For our current use cases it seems not relevant. impl MultiExp for VartimeRistrettoPrecomputation { type CurvePoint = RistrettoPoint; diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index 90eb435d0..f38dc6f26 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -25,7 +25,7 @@ pub enum CurveDecodingError { /// This trait represents an element of a field. pub trait Field: - Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display + 'static { + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display { /// Returns an element chosen uniformly at random using a user-provided RNG. fn random(rng: &mut R) -> Self; From 9de8c22ff4bd73c814615078c7533411985e6e62 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 29 Nov 2023 09:14:06 +0100 Subject: [PATCH 22/45] Remove ArkWorks stuff --- identity-provider-service/Cargo.lock | 133 +-------------------------- idiss/Cargo.lock | 133 +-------------------------- mobile_wallet/Cargo.lock | 133 +-------------------------- rust-bins/Cargo.lock | 133 +-------------------------- rust-src/Cargo.lock | 132 +------------------------- rust-src/concordium_base/Cargo.toml | 2 - 6 files changed, 10 insertions(+), 656 deletions(-) diff --git a/identity-provider-service/Cargo.lock b/identity-provider-service/Cargo.lock index 59cd20194..7e746895f 100644 --- a/identity-provider-service/Cargo.lock +++ b/identity-provider-service/Cargo.lock @@ -78,77 +78,6 @@ version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" -[[package]] -name = "ark-ec" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c56006994f509d76fbce6f6ffe3108f7191b4f3754ecd00bbae7cac20ec05020" -dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "zeroize", -] - -[[package]] -name = "ark-ff" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4d8802d40fce9212c5c09be08f75c4b3becc0c488e87f60fff787b01250ce33" -dependencies = [ - "ark-ff-asm", - "ark-ff-macros", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "rustc_version 0.3.3", - "zeroize", -] - -[[package]] -name = "ark-ff-asm" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e8cb28c2137af1ef058aa59616db3f7df67dbb70bf2be4ee6920008cc30d98c" -dependencies = [ - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-ff-macros" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9c256a93a10ed9708c16a517d6dcfaba3d215c0d7fab44d29a9affefb5eeb8" -dependencies = [ - "num-bigint 0.4.4", - "num-traits", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-serialize" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3e9b59329dc9b92086b3dc619f31cef4a0c802f10829b575a3666d48a48387d" -dependencies = [ - "ark-std", -] - -[[package]] -name = "ark-std" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5b856a29bea7b810858116a596beee3d20fc4c5aeb240e8e5a8bca4845a470" -dependencies = [ - "rand 0.7.3", - "rand_xorshift", -] - [[package]] name = "arrayvec" version = "0.7.4" @@ -466,8 +395,6 @@ name = "concordium_base" version = "3.2.0" dependencies = [ "anyhow", - "ark-ec", - "ark-ff", "bs58", "bulletproofs", "byteorder", @@ -475,7 +402,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", @@ -665,17 +591,6 @@ dependencies = [ "serde", ] -[[package]] -name = "derivative" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "derive_more" version = "0.99.17" @@ -685,7 +600,7 @@ dependencies = [ "convert_case", "proc-macro2", "quote", - "rustc_version 0.4.0", + "rustc_version", "syn 1.0.109", ] @@ -1617,17 +1532,6 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" -[[package]] -name = "pest" -version = "2.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae9cee2a55a544be8b89dc6848072af97a20f2422603c10865be2a42b580fff5" -dependencies = [ - "memchr", - "thiserror", - "ucd-trie", -] - [[package]] name = "pin-project" version = "1.1.3" @@ -2017,22 +1921,13 @@ version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" -[[package]] -name = "rustc_version" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" -dependencies = [ - "semver 0.11.0", -] - [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver 1.0.19", + "semver", ] [[package]] @@ -2122,30 +2017,12 @@ dependencies = [ "libc", ] -[[package]] -name = "semver" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" -dependencies = [ - "semver-parser", -] - [[package]] name = "semver" version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ad977052201c6de01a8ef2aa3378c4bd23217a056337d1d6da40468d267a4fb0" -[[package]] -name = "semver-parser" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" -dependencies = [ - "pest", -] - [[package]] name = "serde" version = "1.0.188" @@ -2664,12 +2541,6 @@ version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" -[[package]] -name = "ucd-trie" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" - [[package]] name = "unicase" version = "2.7.0" diff --git a/idiss/Cargo.lock b/idiss/Cargo.lock index f1ba047cc..7d3344228 100644 --- a/idiss/Cargo.lock +++ b/idiss/Cargo.lock @@ -63,77 +63,6 @@ version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" -[[package]] -name = "ark-ec" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c56006994f509d76fbce6f6ffe3108f7191b4f3754ecd00bbae7cac20ec05020" -dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "zeroize", -] - -[[package]] -name = "ark-ff" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4d8802d40fce9212c5c09be08f75c4b3becc0c488e87f60fff787b01250ce33" -dependencies = [ - "ark-ff-asm", - "ark-ff-macros", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "rustc_version 0.3.3", - "zeroize", -] - -[[package]] -name = "ark-ff-asm" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e8cb28c2137af1ef058aa59616db3f7df67dbb70bf2be4ee6920008cc30d98c" -dependencies = [ - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-ff-macros" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9c256a93a10ed9708c16a517d6dcfaba3d215c0d7fab44d29a9affefb5eeb8" -dependencies = [ - "num-bigint 0.4.4", - "num-traits", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-serialize" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3e9b59329dc9b92086b3dc619f31cef4a0c802f10829b575a3666d48a48387d" -dependencies = [ - "ark-std", -] - -[[package]] -name = "ark-std" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5b856a29bea7b810858116a596beee3d20fc4c5aeb240e8e5a8bca4845a470" -dependencies = [ - "rand 0.7.3", - "rand_xorshift", -] - [[package]] name = "arrayvec" version = "0.7.4" @@ -451,8 +380,6 @@ name = "concordium_base" version = "3.2.0" dependencies = [ "anyhow", - "ark-ec", - "ark-ff", "bs58", "bulletproofs", "byteorder", @@ -460,7 +387,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", @@ -634,17 +560,6 @@ dependencies = [ "serde", ] -[[package]] -name = "derivative" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "derive_more" version = "0.99.17" @@ -654,7 +569,7 @@ dependencies = [ "convert_case", "proc-macro2", "quote", - "rustc_version 0.4.0", + "rustc_version", "syn 1.0.109", ] @@ -1189,17 +1104,6 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" -[[package]] -name = "pest" -version = "2.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae9cee2a55a544be8b89dc6848072af97a20f2422603c10865be2a42b580fff5" -dependencies = [ - "memchr", - "thiserror", - "ucd-trie", -] - [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1447,22 +1351,13 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" -[[package]] -name = "rustc_version" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" -dependencies = [ - "semver 0.11.0", -] - [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver 1.0.19", + "semver", ] [[package]] @@ -1483,30 +1378,12 @@ version = "4.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" -[[package]] -name = "semver" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" -dependencies = [ - "semver-parser", -] - [[package]] name = "semver" version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ad977052201c6de01a8ef2aa3378c4bd23217a056337d1d6da40468d267a4fb0" -[[package]] -name = "semver-parser" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" -dependencies = [ - "pest", -] - [[package]] name = "serde" version = "1.0.188" @@ -1779,12 +1656,6 @@ version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" -[[package]] -name = "ucd-trie" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" - [[package]] name = "unicode-ident" version = "1.0.12" diff --git a/mobile_wallet/Cargo.lock b/mobile_wallet/Cargo.lock index cde45038e..43d338a65 100644 --- a/mobile_wallet/Cargo.lock +++ b/mobile_wallet/Cargo.lock @@ -48,77 +48,6 @@ version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "224afbd727c3d6e4b90103ece64b8d1b67fbb1973b1046c2281eed3f3803f800" -[[package]] -name = "ark-ec" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c56006994f509d76fbce6f6ffe3108f7191b4f3754ecd00bbae7cac20ec05020" -dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "zeroize", -] - -[[package]] -name = "ark-ff" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4d8802d40fce9212c5c09be08f75c4b3becc0c488e87f60fff787b01250ce33" -dependencies = [ - "ark-ff-asm", - "ark-ff-macros", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "rustc_version 0.3.3", - "zeroize", -] - -[[package]] -name = "ark-ff-asm" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e8cb28c2137af1ef058aa59616db3f7df67dbb70bf2be4ee6920008cc30d98c" -dependencies = [ - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-ff-macros" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9c256a93a10ed9708c16a517d6dcfaba3d215c0d7fab44d29a9affefb5eeb8" -dependencies = [ - "num-bigint 0.4.3", - "num-traits", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-serialize" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3e9b59329dc9b92086b3dc619f31cef4a0c802f10829b575a3666d48a48387d" -dependencies = [ - "ark-std", -] - -[[package]] -name = "ark-std" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5b856a29bea7b810858116a596beee3d20fc4c5aeb240e8e5a8bca4845a470" -dependencies = [ - "rand 0.7.3", - "rand_xorshift", -] - [[package]] name = "arrayvec" version = "0.7.2" @@ -388,8 +317,6 @@ name = "concordium_base" version = "3.2.0" dependencies = [ "anyhow", - "ark-ec", - "ark-ff", "bs58", "bulletproofs", "byteorder", @@ -397,7 +324,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", @@ -616,17 +542,6 @@ dependencies = [ "syn 2.0.39", ] -[[package]] -name = "derivative" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "derive_more" version = "0.99.17" @@ -636,7 +551,7 @@ dependencies = [ "convert_case", "proc-macro2", "quote", - "rustc_version 0.4.0", + "rustc_version", "syn 1.0.109", ] @@ -1203,17 +1118,6 @@ dependencies = [ "sha2 0.10.6", ] -[[package]] -name = "pest" -version = "2.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae9cee2a55a544be8b89dc6848072af97a20f2422603c10865be2a42b580fff5" -dependencies = [ - "memchr", - "thiserror", - "ucd-trie", -] - [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1438,22 +1342,13 @@ dependencies = [ "serde_json", ] -[[package]] -name = "rustc_version" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" -dependencies = [ - "semver 0.11.0", -] - [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver 1.0.16", + "semver", ] [[package]] @@ -1489,30 +1384,12 @@ version = "4.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" -[[package]] -name = "semver" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" -dependencies = [ - "semver-parser", -] - [[package]] name = "semver" version = "1.0.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "58bc9567378fc7690d6b2addae4e60ac2eeea07becb2c64b9f218b53865cba2a" -[[package]] -name = "semver-parser" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" -dependencies = [ - "pest", -] - [[package]] name = "serde" version = "1.0.164" @@ -1764,12 +1641,6 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" -[[package]] -name = "ucd-trie" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" - [[package]] name = "unicode-ident" version = "1.0.6" diff --git a/rust-bins/Cargo.lock b/rust-bins/Cargo.lock index 63ce511ef..8e5969d75 100644 --- a/rust-bins/Cargo.lock +++ b/rust-bins/Cargo.lock @@ -89,77 +89,6 @@ version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" -[[package]] -name = "ark-ec" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c56006994f509d76fbce6f6ffe3108f7191b4f3754ecd00bbae7cac20ec05020" -dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "zeroize", -] - -[[package]] -name = "ark-ff" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4d8802d40fce9212c5c09be08f75c4b3becc0c488e87f60fff787b01250ce33" -dependencies = [ - "ark-ff-asm", - "ark-ff-macros", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "rustc_version 0.3.3", - "zeroize", -] - -[[package]] -name = "ark-ff-asm" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e8cb28c2137af1ef058aa59616db3f7df67dbb70bf2be4ee6920008cc30d98c" -dependencies = [ - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-ff-macros" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9c256a93a10ed9708c16a517d6dcfaba3d215c0d7fab44d29a9affefb5eeb8" -dependencies = [ - "num-bigint 0.4.4", - "num-traits", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-serialize" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3e9b59329dc9b92086b3dc619f31cef4a0c802f10829b575a3666d48a48387d" -dependencies = [ - "ark-std", -] - -[[package]] -name = "ark-std" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5b856a29bea7b810858116a596beee3d20fc4c5aeb240e8e5a8bca4845a470" -dependencies = [ - "rand 0.7.3", - "rand_xorshift", -] - [[package]] name = "arrayvec" version = "0.7.4" @@ -490,8 +419,6 @@ version = "3.2.0" dependencies = [ "aes", "anyhow", - "ark-ec", - "ark-ff", "base64", "bs58", "bulletproofs", @@ -501,7 +428,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", @@ -725,17 +651,6 @@ dependencies = [ "serde", ] -[[package]] -name = "derivative" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "derive_more" version = "0.99.17" @@ -745,7 +660,7 @@ dependencies = [ "convert_case", "proc-macro2", "quote", - "rustc_version 0.4.0", + "rustc_version", "syn 1.0.109", ] @@ -1796,17 +1711,6 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" -[[package]] -name = "pest" -version = "2.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae9cee2a55a544be8b89dc6848072af97a20f2422603c10865be2a42b580fff5" -dependencies = [ - "memchr", - "thiserror", - "ucd-trie", -] - [[package]] name = "pin-project-lite" version = "0.2.13" @@ -2163,22 +2067,13 @@ version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" -[[package]] -name = "rustc_version" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" -dependencies = [ - "semver 0.11.0", -] - [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver 1.0.19", + "semver", ] [[package]] @@ -2244,30 +2139,12 @@ dependencies = [ "libc", ] -[[package]] -name = "semver" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" -dependencies = [ - "semver-parser", -] - [[package]] name = "semver" version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ad977052201c6de01a8ef2aa3378c4bd23217a056337d1d6da40468d267a4fb0" -[[package]] -name = "semver-parser" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" -dependencies = [ - "pest", -] - [[package]] name = "serde" version = "1.0.188" @@ -2717,12 +2594,6 @@ version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" -[[package]] -name = "ucd-trie" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" - [[package]] name = "unicode-bidi" version = "0.3.13" diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index 8cfc1b3cd..40085d6f3 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -87,77 +87,6 @@ version = "1.0.75" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6" -[[package]] -name = "ark-ec" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c56006994f509d76fbce6f6ffe3108f7191b4f3754ecd00bbae7cac20ec05020" -dependencies = [ - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "zeroize", -] - -[[package]] -name = "ark-ff" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4d8802d40fce9212c5c09be08f75c4b3becc0c488e87f60fff787b01250ce33" -dependencies = [ - "ark-ff-asm", - "ark-ff-macros", - "ark-serialize", - "ark-std", - "derivative", - "num-traits", - "rustc_version 0.3.3", - "zeroize", -] - -[[package]] -name = "ark-ff-asm" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e8cb28c2137af1ef058aa59616db3f7df67dbb70bf2be4ee6920008cc30d98c" -dependencies = [ - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-ff-macros" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9c256a93a10ed9708c16a517d6dcfaba3d215c0d7fab44d29a9affefb5eeb8" -dependencies = [ - "num-bigint 0.4.4", - "num-traits", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "ark-serialize" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3e9b59329dc9b92086b3dc619f31cef4a0c802f10829b575a3666d48a48387d" -dependencies = [ - "ark-std", -] - -[[package]] -name = "ark-std" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5b856a29bea7b810858116a596beee3d20fc4c5aeb240e8e5a8bca4845a470" -dependencies = [ - "rand 0.7.3", - "rand_xorshift", -] - [[package]] name = "arrayvec" version = "0.7.4" @@ -533,8 +462,6 @@ version = "3.2.0" dependencies = [ "aes", "anyhow", - "ark-ec", - "ark-ff", "base64", "bs58", "bulletproofs", @@ -785,17 +712,6 @@ dependencies = [ "serde", ] -[[package]] -name = "derivative" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - [[package]] name = "derive_more" version = "0.99.17" @@ -805,7 +721,7 @@ dependencies = [ "convert_case", "proc-macro2", "quote", - "rustc_version 0.4.0", + "rustc_version", "syn 1.0.109", ] @@ -1548,17 +1464,6 @@ dependencies = [ "sha2 0.10.7", ] -[[package]] -name = "pest" -version = "2.7.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae9cee2a55a544be8b89dc6848072af97a20f2422603c10865be2a42b580fff5" -dependencies = [ - "memchr", - "thiserror", - "ucd-trie", -] - [[package]] name = "plotters" version = "0.3.5" @@ -1895,22 +1800,13 @@ version = "0.1.23" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" -[[package]] -name = "rustc_version" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0dfe2087c51c460008730de8b57e6a320782fbfb312e1f4d520e6c6fae155ee" -dependencies = [ - "semver 0.11.0", -] - [[package]] name = "rustc_version" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" dependencies = [ - "semver 1.0.18", + "semver", ] [[package]] @@ -1953,30 +1849,12 @@ version = "4.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" -[[package]] -name = "semver" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" -dependencies = [ - "semver-parser", -] - [[package]] name = "semver" version = "1.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b0293b4b29daaf487284529cc2f5675b8e57c61f70167ba415a463651fd6a918" -[[package]] -name = "semver-parser" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00b0bef5b7f9e0df16536d3961cfb6e84331c065b4066afb39768d0e319411f7" -dependencies = [ - "pest", -] - [[package]] name = "serde" version = "1.0.188" @@ -2296,12 +2174,6 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" -[[package]] -name = "ucd-trie" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9" - [[package]] name = "unicode-ident" version = "1.0.11" diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 7d518b7a0..bbdaec5c3 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -13,8 +13,6 @@ homepage = "https://github.com/Concordium/concordium-base" [dependencies] ff = "0.5" -ark-ff = "0.2" -ark-ec = "0.2" sha2 = "0.10" sha3 = "0.10" anyhow = "1.0" From 8876529065e202fe2104f5a40b4e44ed63b37986 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 29 Nov 2023 11:33:02 +0100 Subject: [PATCH 23/45] Remove pprof profiling dependency; add curve25519-dalek-ng to dev dependencies --- identity-provider-service/Cargo.lock | 1 + idiss/Cargo.lock | 1 + mobile_wallet/Cargo.lock | 1 + rust-bins/Cargo.lock | 1 + rust-src/Cargo.lock | 346 +----------------- rust-src/concordium_base/Cargo.toml | 2 +- .../benches/range_proof_bench.rs | 5 +- .../benches/range_proof_dalek_bench.rs | 5 +- .../curve_arithmetic/bls12_381_instance.rs | 1 - .../src/curve_arithmetic/mod.rs | 3 +- 10 files changed, 10 insertions(+), 356 deletions(-) diff --git a/identity-provider-service/Cargo.lock b/identity-provider-service/Cargo.lock index 7e746895f..bf2bbc310 100644 --- a/identity-provider-service/Cargo.lock +++ b/identity-provider-service/Cargo.lock @@ -402,6 +402,7 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/idiss/Cargo.lock b/idiss/Cargo.lock index 7d3344228..cf020559b 100644 --- a/idiss/Cargo.lock +++ b/idiss/Cargo.lock @@ -387,6 +387,7 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/mobile_wallet/Cargo.lock b/mobile_wallet/Cargo.lock index 43d338a65..e78aa12ab 100644 --- a/mobile_wallet/Cargo.lock +++ b/mobile_wallet/Cargo.lock @@ -324,6 +324,7 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/rust-bins/Cargo.lock b/rust-bins/Cargo.lock index 8e5969d75..d2b5fe087 100644 --- a/rust-bins/Cargo.lock +++ b/rust-bins/Cargo.lock @@ -428,6 +428,7 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index 40085d6f3..8d37ca9db 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -2,21 +2,6 @@ # It is not intended for manual editing. version = 3 -[[package]] -name = "addr2line" -version = "0.21.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a30b2e23b9e17a9f90641c7ab1549cd9b44f296d3ccbf309d2863cfe398a0cb" -dependencies = [ - "gimli", -] - -[[package]] -name = "adler" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" - [[package]] name = "aes" version = "0.8.3" @@ -46,7 +31,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" dependencies = [ "cfg-if", - "getrandom 0.2.10", "once_cell", "version_check", ] @@ -110,21 +94,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -[[package]] -name = "backtrace" -version = "0.3.69" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2089b7e3f35b9dd2d0ed921ead4f6d318c27680d4a5bd167b3ee120edb105837" -dependencies = [ - "addr2line", - "cc", - "cfg-if", - "libc", - "miniz_oxide", - "object", - "rustc-demangle", -] - [[package]] name = "base64" version = "0.21.4" @@ -143,12 +112,6 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -[[package]] -name = "bitflags" -version = "2.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07" - [[package]] name = "bitvec" version = "1.0.1" @@ -297,12 +260,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "bytemuck" -version = "1.14.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "374d28ec25809ee0e23827c2ab573d729e293f281dfe393500e7ad618baa61c6" - [[package]] name = "byteorder" version = "1.4.3" @@ -403,7 +360,7 @@ version = "3.2.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123" dependencies = [ - "bitflags 1.3.2", + "bitflags", "clap_lex", "indexmap 1.9.3", "textwrap", @@ -472,6 +429,7 @@ dependencies = [ "concordium_base_derive", "criterion", "curve25519-dalek", + "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", @@ -489,7 +447,6 @@ dependencies = [ "num-traits", "pairing", "pbkdf2 0.11.0", - "pprof", "rand 0.7.3", "rand_core 0.5.1", "rayon", @@ -525,15 +482,6 @@ version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" -[[package]] -name = "cpp_demangle" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e8227005286ec39567949b33df9896bcadfa6051bccca2488129f108ca23119" -dependencies = [ - "cfg-if", -] - [[package]] name = "cpufeatures" version = "0.2.9" @@ -694,15 +642,6 @@ dependencies = [ "syn 2.0.32", ] -[[package]] -name = "debugid" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bef552e6f588e446098f6ba40d89ac146c8c7b64aade83c051ee00bb5d2bc18d" -dependencies = [ - "uuid", -] - [[package]] name = "deranged" version = "0.3.8" @@ -792,22 +731,6 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" -[[package]] -name = "errno" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f258a7194e7f7c2a7837a8913aeab7fd8c383457034fa20ce4dd3dcb813e8eb8" -dependencies = [ - "libc", - "windows-sys", -] - -[[package]] -name = "fastrand" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" - [[package]] name = "ff" version = "0.5.2" @@ -833,18 +756,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "findshlibs" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "40b9e59cd0f7e0806cca4be089683ecb6434e602038df21fe6bf6711b2f07f64" -dependencies = [ - "cc", - "lazy_static", - "libc", - "winapi", -] - [[package]] name = "fnv" version = "1.0.7" @@ -889,12 +800,6 @@ dependencies = [ "wasi 0.11.0+wasi-snapshot-preview1", ] -[[package]] -name = "gimli" -version = "0.28.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4271d37baee1b8c7e4b708028c57d816cf9d2434acb33a549475f78c181f6253" - [[package]] name = "group" version = "0.2.0" @@ -1032,24 +937,6 @@ dependencies = [ "serde", ] -[[package]] -name = "inferno" -version = "0.11.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "321f0f839cd44a4686e9504b0a62b4d69a50b62072144c71c68f5873c167b8d9" -dependencies = [ - "ahash 0.8.3", - "indexmap 2.0.0", - "is-terminal", - "itoa", - "log", - "num-format", - "once_cell", - "quick-xml", - "rgb", - "str_stack", -] - [[package]] name = "inout" version = "0.1.3" @@ -1060,17 +947,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "is-terminal" -version = "0.4.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" -dependencies = [ - "hermit-abi 0.3.2", - "rustix", - "windows-sys", -] - [[package]] name = "itertools" version = "0.10.5" @@ -1149,22 +1025,6 @@ version = "0.2.150" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "89d92a4743f9a61002fae18374ed11e7973f530cb3a3255fb354818118b2203c" -[[package]] -name = "linux-raw-sys" -version = "0.4.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "969488b55f8ac402214f3f5fd243ebb7206cf82de60d3172994707a4bcc2b829" - -[[package]] -name = "lock_api" -version = "0.4.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" -dependencies = [ - "autocfg", - "scopeguard", -] - [[package]] name = "log" version = "0.4.20" @@ -1177,15 +1037,6 @@ version = "2.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c" -[[package]] -name = "memmap2" -version = "0.5.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83faa42c0a078c393f6b29d5db232d8be22776a891f8f56e5284faee4a20b327" -dependencies = [ - "libc", -] - [[package]] name = "memoffset" version = "0.9.0" @@ -1213,26 +1064,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" -[[package]] -name = "miniz_oxide" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7" -dependencies = [ - "adler", -] - -[[package]] -name = "nix" -version = "0.26.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b" -dependencies = [ - "bitflags 1.3.2", - "cfg-if", - "libc", -] - [[package]] name = "nom" version = "7.1.3" @@ -1288,16 +1119,6 @@ dependencies = [ "num-traits", ] -[[package]] -name = "num-format" -version = "0.4.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a652d9771a63711fd3c3deb670acfbe5c30a4072e664d7a3bf5a9e1056ac72c3" -dependencies = [ - "arrayvec", - "itoa", -] - [[package]] name = "num-integer" version = "0.1.45" @@ -1350,15 +1171,6 @@ dependencies = [ "libc", ] -[[package]] -name = "object" -version = "0.32.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9cf5f9dd3933bd50a9e1f149ec995f39ae2c496d31fd772c1fd45ebc27e902b0" -dependencies = [ - "memchr", -] - [[package]] name = "once_cell" version = "1.18.0" @@ -1395,29 +1207,6 @@ dependencies = [ "rand_core 0.5.1", ] -[[package]] -name = "parking_lot" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" -dependencies = [ - "lock_api", - "parking_lot_core", -] - -[[package]] -name = "parking_lot_core" -version = "0.9.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e" -dependencies = [ - "cfg-if", - "libc", - "redox_syscall", - "smallvec", - "windows-targets", -] - [[package]] name = "password-hash" version = "0.3.2" @@ -1492,28 +1281,6 @@ dependencies = [ "plotters-backend", ] -[[package]] -name = "pprof" -version = "0.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "196ded5d4be535690899a4631cc9f18cdc41b7ebf24a79400f46f48e49a11059" -dependencies = [ - "backtrace", - "cfg-if", - "criterion", - "findshlibs", - "inferno", - "libc", - "log", - "nix", - "once_cell", - "parking_lot", - "smallvec", - "symbolic-demangle", - "tempfile", - "thiserror", -] - [[package]] name = "ppv-lite86" version = "0.2.17" @@ -1558,15 +1325,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "quick-xml" -version = "0.26.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f50b1c63b38611e7d4d7f68b82d3ad0cc71a2ad2e7f61fc10f1328d917c93cd" -dependencies = [ - "memchr", -] - [[package]] name = "quote" version = "1.0.33" @@ -1694,15 +1452,6 @@ dependencies = [ "num_cpus", ] -[[package]] -name = "redox_syscall" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa" -dependencies = [ - "bitflags 1.3.2", -] - [[package]] name = "regex" version = "1.9.5" @@ -1741,15 +1490,6 @@ dependencies = [ "bytecheck", ] -[[package]] -name = "rgb" -version = "0.8.37" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05aaa8004b64fd573fc9d002f4e632d51ad4f026c2b5ba95fcb6c2f32c2c47d8" -dependencies = [ - "bytemuck", -] - [[package]] name = "rkyv" version = "0.7.42" @@ -1794,12 +1534,6 @@ dependencies = [ "serde_json", ] -[[package]] -name = "rustc-demangle" -version = "0.1.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d626bb9dae77e28219937af045c257c28bfd3f69333c512553507f5f9798cb76" - [[package]] name = "rustc_version" version = "0.4.0" @@ -1809,19 +1543,6 @@ dependencies = [ "semver", ] -[[package]] -name = "rustix" -version = "0.38.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc99bc2d4f1fed22595588a013687477aedf3cdcfb26558c559edb67b4d9b22e" -dependencies = [ - "bitflags 2.4.1", - "errno", - "libc", - "linux-raw-sys", - "windows-sys", -] - [[package]] name = "ryu" version = "1.0.15" @@ -1980,24 +1701,6 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f27f6278552951f1f2b8cf9da965d10969b2efdea95a6ec47987ab46edfe263a" -[[package]] -name = "smallvec" -version = "1.11.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4dccd0940a2dcdf68d092b8cbab7dc0ad8fa938bf95787e1b916b0e3d0e8e970" - -[[package]] -name = "stable_deref_trait" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3" - -[[package]] -name = "str_stack" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9091b6114800a5f2141aee1d1b9d6ca3592ac062dc5decb3764ec5895a47b4eb" - [[package]] name = "strsim" version = "0.10.0" @@ -2016,29 +1719,6 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" -[[package]] -name = "symbolic-common" -version = "10.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b55cdc318ede251d0957f07afe5fed912119b8c1bc5a7804151826db999e737" -dependencies = [ - "debugid", - "memmap2", - "stable_deref_trait", - "uuid", -] - -[[package]] -name = "symbolic-demangle" -version = "10.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "79be897be8a483a81fff6a3a4e195b4ac838ef73ca42d348b3f722da9902e489" -dependencies = [ - "cpp_demangle", - "rustc-demangle", - "symbolic-common", -] - [[package]] name = "syn" version = "1.0.109" @@ -2067,19 +1747,6 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" -[[package]] -name = "tempfile" -version = "3.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ef1adac450ad7f4b3c28589471ade84f25f731a7a0fe30d71dfa9f60fd808e5" -dependencies = [ - "cfg-if", - "fastrand", - "redox_syscall", - "rustix", - "windows-sys", -] - [[package]] name = "textwrap" version = "0.16.0" @@ -2318,15 +1985,6 @@ dependencies = [ "windows-targets", ] -[[package]] -name = "windows-sys" -version = "0.48.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" -dependencies = [ - "windows-targets", -] - [[package]] name = "windows-targets" version = "0.48.5" diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index bbdaec5c3..7e0016163 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -78,7 +78,7 @@ encryption = ["cbc", "aes", "base64", "pbkdf2", "hmac"] [dev-dependencies] criterion = "0.4" rand = {version = "0.7", features = ["small_rng"]} -pprof = { version = "0.11", features = ["flamegraph", "criterion"] } +curve25519-dalek-ng = "3" [[bench]] name = "hash_bench" diff --git a/rust-src/concordium_base/benches/range_proof_bench.rs b/rust-src/concordium_base/benches/range_proof_bench.rs index 58335f1c0..d41a6a26c 100644 --- a/rust-src/concordium_base/benches/range_proof_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_bench.rs @@ -13,7 +13,6 @@ use concordium_base::{ use criterion::Criterion; use curve25519_dalek::ristretto::RistrettoPoint; use pairing::bls12_381::G1; -use pprof::criterion::Output; use rand::*; use std::time::Duration; @@ -117,9 +116,7 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { criterion_group!( name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10).with_profiler( - pprof::criterion::PProfProfiler::new(100, Output::Flamegraph(None)) - ); + config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); targets = prove_verify_benchmarks::, prove_verify_benchmarks::, diff --git a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs index e9dbd8571..682c93a71 100644 --- a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs +++ b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs @@ -1,7 +1,6 @@ #![allow(non_snake_case)] use criterion::*; -use pprof::criterion::{Output, PProfProfiler}; use rand::Rng; use rand_core::*; use std::time::Duration; @@ -51,8 +50,6 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { criterion_group!( name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10).with_profiler( - PProfProfiler::new(100, Output::Flamegraph(None)) - ); + config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); targets = prove_verify_benchmarks); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index cd77984a9..17bfdf960 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -51,7 +51,6 @@ impl Field for F { fn mul_assign(&mut self, other: &Self) { self.mul_assign(other) } fn inverse(&self) -> Option { self.inverse() } - } impl From for CurveDecodingError { diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index f38dc6f26..0c5dab179 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -24,8 +24,7 @@ pub enum CurveDecodingError { } /// This trait represents an element of a field. -pub trait Field: - Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display { +pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display { /// Returns an element chosen uniformly at random using a user-provided RNG. fn random(rng: &mut R) -> Self; From 989792896df1efcd39542984b96ecaa85eecab39 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 29 Nov 2023 11:34:16 +0100 Subject: [PATCH 24/45] Dependencies in Cargo.lock --- identity-provider-service/Cargo.lock | 1 - idiss/Cargo.lock | 1 - mobile_wallet/Cargo.lock | 1 - rust-bins/Cargo.lock | 1 - 4 files changed, 4 deletions(-) diff --git a/identity-provider-service/Cargo.lock b/identity-provider-service/Cargo.lock index bf2bbc310..7e746895f 100644 --- a/identity-provider-service/Cargo.lock +++ b/identity-provider-service/Cargo.lock @@ -402,7 +402,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/idiss/Cargo.lock b/idiss/Cargo.lock index cf020559b..7d3344228 100644 --- a/idiss/Cargo.lock +++ b/idiss/Cargo.lock @@ -387,7 +387,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/mobile_wallet/Cargo.lock b/mobile_wallet/Cargo.lock index e78aa12ab..43d338a65 100644 --- a/mobile_wallet/Cargo.lock +++ b/mobile_wallet/Cargo.lock @@ -324,7 +324,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", diff --git a/rust-bins/Cargo.lock b/rust-bins/Cargo.lock index d2b5fe087..8e5969d75 100644 --- a/rust-bins/Cargo.lock +++ b/rust-bins/Cargo.lock @@ -428,7 +428,6 @@ dependencies = [ "concordium-contracts-common", "concordium_base_derive", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", From 1cca837f2a9f3664d7bfbb1298d8d8af89b291d9 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Tue, 5 Dec 2023 11:25:48 +0100 Subject: [PATCH 25/45] removed dalek range bench --- .../benches/range_proof_dalek_bench.rs | 55 ------------------- 1 file changed, 55 deletions(-) delete mode 100644 rust-src/concordium_base/benches/range_proof_dalek_bench.rs diff --git a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs b/rust-src/concordium_base/benches/range_proof_dalek_bench.rs deleted file mode 100644 index 682c93a71..000000000 --- a/rust-src/concordium_base/benches/range_proof_dalek_bench.rs +++ /dev/null @@ -1,55 +0,0 @@ -#![allow(non_snake_case)] - -use criterion::*; -use rand::Rng; -use rand_core::*; -use std::time::Duration; - -use bulletproofs::{BulletproofGens, PedersenGens, RangeProof}; -use curve25519_dalek_ng::scalar::Scalar; -use merlin::Transcript; - -pub fn prove_verify_benchmarks(c: &mut Criterion) { - let n: usize = 32; - let m: usize = 16; - let mut group = c.benchmark_group("Range Proof over Dalek Curves"); - let pc_gens = PedersenGens::default(); - let bp_gens = BulletproofGens::new(n, m); - let mut rng = OsRng; - let (min, max) = (0u64, ((1u128 << n) - 1) as u64); - let values: Vec = (0..m).map(|_| rng.gen_range(min, max)).collect(); - let blindings: Vec = (0..m).map(|_| Scalar::random(&mut rng)).collect(); - let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); - - group.bench_function("Prove", move |b| { - b.iter(|| { - RangeProof::prove_multiple(&bp_gens, &pc_gens, &mut transcript, &values, &blindings, n) - }) - }); - - let pc_gens = PedersenGens::default(); - let bp_gens = BulletproofGens::new(n, m); - let mut rng = rand::thread_rng(); - let (min, max) = (0u64, ((1u128 << n) - 1) as u64); - let values: Vec = (0..m).map(|_| rng.gen_range(min, max)).collect(); - let blindings: Vec = (0..m).map(|_| Scalar::random(&mut rng)).collect(); - let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); - let (proof, value_commitments) = - RangeProof::prove_multiple(&bp_gens, &pc_gens, &mut transcript, &values, &blindings, n) - .unwrap(); - - group.bench_function("Verify Efficient", move |b| { - b.iter(|| { - let mut transcript = Transcript::new(b"AggregateRangeProofBenchmark"); - assert!(proof - .verify_multiple(&bp_gens, &pc_gens, &mut transcript, &value_commitments, n) - .is_ok()); - }) - }); -} - -criterion_group!( - name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); - targets = prove_verify_benchmarks); -criterion_main!(benchmarks); From 78fd866aec42af18e5ed9a3c5a47ea2ac1ac925b Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Tue, 5 Dec 2023 11:44:40 +0100 Subject: [PATCH 26/45] minor --- rust-src/concordium_base/Cargo.toml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 7e0016163..6001fb3b3 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -143,10 +143,6 @@ features = ["encryption"] name = "range_proof_bench" harness = false -[[bench]] -name = "range_proof_dalek_bench" -harness = false - [[bench]] name = "msm_bench" harness = false From 23a835b37d429c1ac21e7e6a251b06b8fcf2af25 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Wed, 6 Dec 2023 12:03:03 +0100 Subject: [PATCH 27/45] msm_bench clean-up --- rust-src/concordium_base/Cargo.toml | 6 -- rust-src/concordium_base/benches/msm_bench.rs | 59 ----------------- .../concordium_base/benches/multiexp_bench.rs | 64 +++++++++++++++++-- 3 files changed, 60 insertions(+), 69 deletions(-) delete mode 100644 rust-src/concordium_base/benches/msm_bench.rs diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 6001fb3b3..19f1d2bbb 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -142,9 +142,3 @@ features = ["encryption"] [[bench]] name = "range_proof_bench" harness = false - -[[bench]] -name = "msm_bench" -harness = false -[profile.release] -debug = true diff --git a/rust-src/concordium_base/benches/msm_bench.rs b/rust-src/concordium_base/benches/msm_bench.rs deleted file mode 100644 index b3ca2374c..000000000 --- a/rust-src/concordium_base/benches/msm_bench.rs +++ /dev/null @@ -1,59 +0,0 @@ -#![allow(non_snake_case)] - -#[macro_use] -extern crate criterion; - -use concordium_base::curve_arithmetic::*; -use criterion::Criterion; -use pairing::bls12_381::G1; -use rand::*; -use std::time::Duration; - -const N: usize = 512; - -pub fn ccd_msm_benchmarks(c: &mut Criterion) { - let mut group = c.benchmark_group("Multi-Scalar Multiplication"); - let rng = &mut thread_rng(); - - let mut G = Vec::with_capacity(N); - let mut V: Vec<::Scalar> = Vec::with_capacity(N); - - for _ in 0..N { - let g = SomeCurve::generate(rng); - let v: ::Scalar = SomeCurve::generate_scalar(rng); - G.push(g); - V.push(v); - } - group.bench_function("MSM in Concordium over BLS/Ristretto curve", move |b| { - b.iter(|| { - // Create msm algoritm instane with a precomputed point table. - // For the ristretto curve it will use the VartimeRistrettoPrecomputation and - // our generic implementation for the BLS curve - let msm = SomeCurve::new_multiexp(&G); - msm.multiexp(&V); - }) - }); -} - -pub fn dalek_msm_benchmarks(c: &mut Criterion) { - let mut group = c.benchmark_group("Multi-Scalar Multiplication"); - let mut rng = &mut thread_rng(); - - use curve25519_dalek::{ - ristretto::RistrettoPoint, scalar::Scalar, traits::VartimeMultiscalarMul, - }; - let G: Vec = (0..N).map(|_| RistrettoPoint::random(&mut rng)).collect(); - let V: Vec<_> = (0..N).map(|_| Scalar::random(&mut rng)).collect(); - - group.bench_function("MSM in Dalek over Ristretto curve", move |b| { - b.iter(|| { - RistrettoPoint::vartime_multiscalar_mul(&V, &G); - }) - }); -} - -criterion_group!( - name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(100); - targets = ccd_msm_benchmarks::, ccd_msm_benchmarks::, dalek_msm_benchmarks); -criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/benches/multiexp_bench.rs b/rust-src/concordium_base/benches/multiexp_bench.rs index 5b673f6d0..018c4e1dc 100644 --- a/rust-src/concordium_base/benches/multiexp_bench.rs +++ b/rust-src/concordium_base/benches/multiexp_bench.rs @@ -3,10 +3,12 @@ extern crate criterion; use concordium_base::curve_arithmetic::*; use criterion::Criterion; +use curve25519_dalek::ristretto::RistrettoPoint; use pairing::bls12_381::G1; use rand::*; +use std::time::Duration; -pub fn bench_multiexp(c: &mut Criterion) { +pub fn bench_multiexp_bls(c: &mut Criterion) { let mut csprng = thread_rng(); let m = 3; let ns = (1..=m).map(|x| x * x); @@ -21,7 +23,7 @@ pub fn bench_multiexp(c: &mut Criterion) { let gsc = gs[..i].to_vec(); let esc = es[..i].to_vec(); let mut group = c.benchmark_group(format!("Group({})", i)); - group.bench_function(format!("{}: Baseline", module_path!()), move |b| { + group.bench_function(format!("{}: Baseline for BLS", module_path!()), move |b| { b.iter(|| { let mut a = G1::zero_point(); for (g, e) in gsc.iter().zip(esc.iter()) { @@ -33,7 +35,7 @@ pub fn bench_multiexp(c: &mut Criterion) { let gsc = gs[..i].to_vec(); let esc = es[..i].to_vec(); group.bench_function( - &format!("{}: Multiexp (window = {w})", module_path!()), + &format!("{}: Multiexp for BLS (window = {w})", module_path!()), move |b| b.iter(|| GenericMultiExp::new(&gsc, w).multiexp(&esc)), ); } @@ -41,5 +43,59 @@ pub fn bench_multiexp(c: &mut Criterion) { } } -criterion_group!(multiexp_benchmarks, bench_multiexp); +// Benchmarking multi-exponentiation over the Ristretto curve. Note that we have +// two multiexp algorithms in our library: one that is tailor-made for the +// Ristretto curve, and one generic algorithm for other curves (e.g., BLS). +// The purpose of this benchmark is to measure the running time of the multiexp +// algorithm for the Ristretto curve. +pub fn bench_multiexp_ristretto(c: &mut Criterion) { + let mut csprng = thread_rng(); + let m = 3; + let ns = (1..=m).map(|x| x * x); + let mut gs: Vec = Vec::with_capacity(m * m); + let mut es: Vec<::Scalar> = Vec::with_capacity(m * m); + for _ in 0..(m * m) { + gs.push(RistrettoPoint::generate(&mut csprng)); + es.push(RistrettoPoint::generate_scalar(&mut csprng)); + } + + for i in ns { + let gsc = gs[..i].to_vec(); + let esc = es[..i].to_vec(); + let mut group = c.benchmark_group(format!("Group({})", i)); + group.bench_function( + format!("{}: Baseline for Ristretto", module_path!()), + move |b| { + b.iter(|| { + let mut a = RistrettoPoint::zero_point(); + for (g, e) in gsc.iter().zip(esc.iter()) { + a = a.plus_point(&g.mul_by_scalar(e)) + } + }) + }, + ); + + let gsc = gs[..i].to_vec(); + let esc = es[..i].to_vec(); + group.bench_function( + format!("{}: Multiexp for Ristretto", module_path!()), + move |b| { + b.iter(|| { + // Create msm algorithm instance with a precomputed point table. + // For the Ristretto curve it will use the RistrettoMultiExpNoPrecompute and + // our generic implementation for the BLS curve. + let msm = RistrettoPoint::new_multiexp(&gsc); + msm.multiexp(&esc); + }) + }, + ); + + group.finish(); + } +} + +criterion_group!( + name = multiexp_benchmarks; + config = Criterion::default().measurement_time(Duration::from_millis(10000)).sample_size(100); + targets = bench_multiexp_bls, bench_multiexp_ristretto); criterion_main!(multiexp_benchmarks); From 92be6ff49b3cdbcc2a0a992626e1c05df1ae6f86 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Wed, 6 Dec 2023 13:56:48 +0100 Subject: [PATCH 28/45] range_proof_bench clean-up --- rust-src/concordium_base/Cargo.toml | 4 - .../concordium_base/benches/bulletproofs.rs | 26 ++-- .../benches/range_proof_bench.rs | 124 ------------------ 3 files changed, 13 insertions(+), 141 deletions(-) delete mode 100644 rust-src/concordium_base/benches/range_proof_bench.rs diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index 19f1d2bbb..e5cf22e10 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -138,7 +138,3 @@ harness = false [package.metadata.docs.rs] # Expose the `encryption` feature in documentation. features = ["encryption"] - -[[bench]] -name = "range_proof_bench" -harness = false diff --git a/rust-src/concordium_base/benches/bulletproofs.rs b/rust-src/concordium_base/benches/bulletproofs.rs index 6716a8ff8..916ee699c 100644 --- a/rust-src/concordium_base/benches/bulletproofs.rs +++ b/rust-src/concordium_base/benches/bulletproofs.rs @@ -11,16 +11,14 @@ use concordium_base::{ random_oracle::RandomOracle, }; use criterion::Criterion; -use ff::Field; -use pairing::bls12_381::{Fr, G1}; +use curve25519_dalek::ristretto::RistrettoPoint; +use pairing::bls12_381::G1; use rand::*; use std::time::Duration; -type SomeCurve = G1; -type SomeField = Fr; - -pub fn prove_verify_benchmarks(c: &mut Criterion) { - let mut group = c.benchmark_group("Range Proof"); +pub fn prove_verify_benchmarks(c: &mut Criterion) { + let bench_group_name = "Range Proof for ".to_owned() + std::any::type_name::(); + let mut group = c.benchmark_group(bench_group_name); let rng = &mut thread_rng(); let n: u8 = 32; @@ -118,8 +116,10 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { } #[allow(non_snake_case)] -fn compare_inner_product_proof(c: &mut Criterion) { - let mut group = c.benchmark_group("Inner-Product Proof"); +fn compare_inner_product_proof(c: &mut Criterion) { + let bench_group_name = + "Inner-Product Proof for ".to_owned() + std::any::type_name::(); + let mut group = c.benchmark_group(bench_group_name); // Testing with n = 4 let rng = &mut thread_rng(); @@ -145,7 +145,7 @@ fn compare_inner_product_proof(c: &mut Criterion) { let H = H_vec.clone(); let mut H_prime: Vec = Vec::with_capacity(n); let y_inv = y.inverse().unwrap(); - let mut H_prime_scalars: Vec = Vec::with_capacity(n); + let mut H_prime_scalars: Vec<::Scalar> = Vec::with_capacity(n); let mut transcript = RandomOracle::empty(); let G_vec_p = G_vec.clone(); let H_vec_p = H_vec.clone(); @@ -153,7 +153,7 @@ fn compare_inner_product_proof(c: &mut Criterion) { let b_vec_p = b_vec.clone(); group.bench_function("Naive inner product proof", move |b| { b.iter(|| { - let mut y_inv_i = SomeField::one(); + let mut y_inv_i = ::Scalar::one(); for h in H.iter().take(n) { H_prime.push(h.mul_by_scalar(&y_inv_i)); y_inv_i.mul_assign(&y_inv); @@ -164,7 +164,7 @@ fn compare_inner_product_proof(c: &mut Criterion) { let mut transcript = RandomOracle::empty(); group.bench_function("Better inner product proof with scalars", move |b| { b.iter(|| { - let mut y_inv_i = SomeField::one(); + let mut y_inv_i = ::Scalar::one(); for _ in 0..n { H_prime_scalars.push(y_inv_i); y_inv_i.mul_assign(&y_inv); @@ -185,5 +185,5 @@ fn compare_inner_product_proof(c: &mut Criterion) { criterion_group!( name = benchmarks; config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); - targets = prove_verify_benchmarks, compare_inner_product_proof); + targets = prove_verify_benchmarks::, prove_verify_benchmarks::, compare_inner_product_proof::, compare_inner_product_proof::); criterion_main!(benchmarks); diff --git a/rust-src/concordium_base/benches/range_proof_bench.rs b/rust-src/concordium_base/benches/range_proof_bench.rs deleted file mode 100644 index d41a6a26c..000000000 --- a/rust-src/concordium_base/benches/range_proof_bench.rs +++ /dev/null @@ -1,124 +0,0 @@ -#![allow(non_snake_case)] - -#[macro_use] -extern crate criterion; - -use concordium_base::{ - bulletproofs::{range_proof::*, utils::Generators}, - curve_arithmetic::*, - id::id_proof_types::ProofVersion, - pedersen_commitment::*, - random_oracle::RandomOracle, -}; -use criterion::Criterion; -use curve25519_dalek::ristretto::RistrettoPoint; -use pairing::bls12_381::G1; -use rand::*; -use std::time::Duration; - -pub fn prove_verify_benchmarks(c: &mut Criterion) { - let mut group = c.benchmark_group("Range Proof"); - - let rng = &mut thread_rng(); - let n: u8 = 32; - let m: u8 = 16; - let nm: usize = usize::from(n) * usize::from(m); - let mut G = Vec::with_capacity(nm); - let mut H = Vec::with_capacity(nm); - let mut G_H = Vec::with_capacity(nm); - let mut randomness = Vec::with_capacity(usize::from(m)); - let mut commitments = Vec::with_capacity(usize::from(m)); - - for _ in 0..nm { - let g = SomeCurve::generate(rng); - let h = SomeCurve::generate(rng); - - G.push(g); - H.push(h); - G_H.push((g, h)); - } - let B = SomeCurve::generate(rng); - let B_tilde = SomeCurve::generate(rng); - let gens = Generators { G_H }; - let keys = CommitmentKey { g: B, h: B_tilde }; - - // Some numbers in [0, 2^n): - let v_vec: Vec = vec![ - 7, 4, 255, 15, 2, 15, 4294967295, 4, 4, 5, 6, 8, 12, 13, 10, - 8, /* ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 - * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 - * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 - * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 - * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 - * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 - * ,7,4,15,15,2,15,5,4,4,5,6,8,12,13,10,8 */ - ]; - - for &v in v_vec.iter().take(m.into()) { - let r = Randomness::generate(rng); - let v_scalar = SomeCurve::scalar_from_u64(v); - let v_value = Value::::new(v_scalar); - let com = keys.hide(&v_value, &r); - randomness.push(r); - commitments.push(com); - } - let v_vec_p = v_vec.clone(); - let gens_p = gens.clone(); - let randomness_p = randomness.clone(); - let mut transcript = RandomOracle::empty(); - group.bench_function("Prove", move |b| { - b.iter(|| { - prove( - ProofVersion::Version1, - &mut transcript, - rng, - n, - m, - &v_vec_p, - &gens_p, - &keys, - &randomness_p, - ); - }) - }); - - let rng = &mut thread_rng(); - let mut transcript = RandomOracle::empty(); - let proof = prove( - ProofVersion::Version1, - &mut transcript, - rng, - n, - m, - &v_vec, - &gens, - &keys, - &randomness, - ); - let proof = proof.unwrap(); - - group.bench_function("Verify Efficient", move |b| { - b.iter(|| { - let mut transcript = RandomOracle::empty(); - assert!(verify_efficient( - ProofVersion::Version1, - &mut transcript, - n, - &commitments, - &proof, - &gens, - &keys - ) - .is_ok()); - }) - }); -} - -criterion_group!( - name = benchmarks; - config = Criterion::default().measurement_time(Duration::from_millis(1000)).sample_size(10); - targets = - prove_verify_benchmarks::, - prove_verify_benchmarks::, -); -criterion_main!(benchmarks); From 0e6b2b96c2537011d89b392214b1e9729b84d228 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 13 Dec 2023 13:12:34 +0100 Subject: [PATCH 29/45] Remove todos --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 7ea785bd1..42ccd8dd8 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -145,9 +145,8 @@ impl Curve for RistrettoPoint { type MultiExpType = RistrettoMultiExpNoPrecompute; type Scalar = RistrettoScalar; - // TODO: check this. const GROUP_ELEMENT_LENGTH: usize = 32; - // TODO: check this. + const SCALAR_LENGTH: usize = 32; fn zero_point() -> Self { Self::identity() } From 40f91327e6e8755f286f9e80442b20fa92b07474 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 13 Dec 2023 13:59:06 +0100 Subject: [PATCH 30/45] Remove Display from Field constraints --- .../src/curve_arithmetic/ed25519_instance.rs | 10 +--------- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 2 +- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 42ccd8dd8..359fb6310 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -1,6 +1,5 @@ use std::{ borrow::Borrow, - fmt::Display, ops::{AddAssign, MulAssign, Neg, SubAssign}, }; @@ -39,13 +38,6 @@ impl Deserial for RistrettoScalar { } } -impl Display for RistrettoScalar { - fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { - // Use Debug as Display for now - std::fmt::Debug::fmt(self, f) - } -} - // Since we use a wrapper type, it is convenient to use `into()` to convert from // Scalar. impl From for RistrettoScalar { @@ -146,7 +138,7 @@ impl Curve for RistrettoPoint { type Scalar = RistrettoScalar; const GROUP_ELEMENT_LENGTH: usize = 32; - + const SCALAR_LENGTH: usize = 32; fn zero_point() -> Self { Self::identity() } diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index 0c5dab179..b5d8657c0 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -24,7 +24,7 @@ pub enum CurveDecodingError { } /// This trait represents an element of a field. -pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display { +pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug { /// Returns an element chosen uniformly at random using a user-provided RNG. fn random(rng: &mut R) -> Self; From 1d8027f07c8f3a36d48ed6c4bb47635ee959505b Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 13 Dec 2023 15:38:46 +0100 Subject: [PATCH 31/45] Drive from, comment on unwrapping in into_repr() --- .../src/curve_arithmetic/ed25519_instance.rs | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 359fb6310..f5a052c54 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -16,7 +16,7 @@ use super::{Curve, Field, MultiExp, PrimeField}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. -#[derive(Clone, Copy, Debug, PartialEq, Eq)] +#[derive(Clone, Copy, Debug, PartialEq, Eq, derive_more::From)] pub struct RistrettoScalar(Scalar); impl Serial for RistrettoScalar { @@ -38,12 +38,6 @@ impl Deserial for RistrettoScalar { } } -// Since we use a wrapper type, it is convenient to use `into()` to convert from -// Scalar. -impl From for RistrettoScalar { - fn from(value: Scalar) -> Self { RistrettoScalar(value) } -} - impl Field for RistrettoScalar { fn random(rng: &mut R) -> Self { let mut scalar_bytes = [0u8; 64]; @@ -89,8 +83,11 @@ impl PrimeField for RistrettoScalar { fn into_repr(self) -> Vec { let mut vec: Vec = Vec::new(); - let bytes = self.0.to_bytes(); - for chunk in bytes.chunks(8) { + let bytes: [u8; 32] = self.0.to_bytes(); + for chunk in bytes.chunks_exact(8) { + // The chunk size is always 8 and there is no remider after chunking, since the + // the the representation is a 32-byte array. That is why it is safe to unwrap + // here. let x: [u8; 8] = chunk.try_into().unwrap(); let x_64 = u64::from_le_bytes(x); vec.push(x_64); @@ -138,7 +135,6 @@ impl Curve for RistrettoPoint { type Scalar = RistrettoScalar; const GROUP_ELEMENT_LENGTH: usize = 32; - const SCALAR_LENGTH: usize = 32; fn zero_point() -> Self { Self::identity() } From e7bbf67b5da346f8e3d6a45900bdf81c39374a3c Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 13 Dec 2023 15:53:27 +0100 Subject: [PATCH 32/45] Apply suggestions from code review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Aleš Bizjak Co-authored-by: eb-concordium <77331975+eb-concordium@users.noreply.github.com> --- rust-src/concordium_base/benches/bulletproofs.rs | 3 +-- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 4 +--- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/rust-src/concordium_base/benches/bulletproofs.rs b/rust-src/concordium_base/benches/bulletproofs.rs index 916ee699c..1180011e2 100644 --- a/rust-src/concordium_base/benches/bulletproofs.rs +++ b/rust-src/concordium_base/benches/bulletproofs.rs @@ -117,8 +117,7 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { #[allow(non_snake_case)] fn compare_inner_product_proof(c: &mut Criterion) { - let bench_group_name = - "Inner-Product Proof for ".to_owned() + std::any::type_name::(); + let bench_group_name = format!("Inner-Product Proof for {}", std::any::type_name::()); let mut group = c.benchmark_group(bench_group_name); // Testing with n = 4 diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 7ea785bd1..d7f171928 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -3,7 +3,6 @@ use std::{ fmt::Display, ops::{AddAssign, MulAssign, Neg, SubAssign}, }; - use crate::common::{Buffer, Deserial, Serial}; use byteorder::{ByteOrder, LittleEndian}; use curve25519_dalek::{ @@ -12,11 +11,10 @@ use curve25519_dalek::{ scalar::Scalar, traits::{Identity, VartimeMultiscalarMul, VartimePrecomputedMultiscalarMul}, }; - use super::{Curve, Field, MultiExp, PrimeField}; /// A wrapper to make it possible to implement external traits -/// and to avoid clashes with blacket implementations. +/// and to avoid clashes with blanket implementations. #[derive(Clone, Copy, Debug, PartialEq, Eq)] pub struct RistrettoScalar(Scalar); From 2bea10821f77e39f28107437920f0c615e21ae39 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 13 Dec 2023 16:08:26 +0100 Subject: [PATCH 33/45] Remove redundant dependencies --- identity-provider-service/Cargo.lock | 84 +----------------- idiss/Cargo.lock | 84 +----------------- mobile_wallet/Cargo.lock | 84 +----------------- rust-bins/Cargo.lock | 86 +----------------- rust-src/Cargo.lock | 87 +------------------ rust-src/concordium_base/Cargo.toml | 4 - .../concordium_base/benches/bulletproofs.rs | 5 +- .../src/curve_arithmetic/ed25519_instance.rs | 10 +-- 8 files changed, 16 insertions(+), 428 deletions(-) diff --git a/identity-provider-service/Cargo.lock b/identity-provider-service/Cargo.lock index 7e746895f..578f8b13a 100644 --- a/identity-provider-service/Cargo.lock +++ b/identity-provider-service/Cargo.lock @@ -174,7 +174,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding", "generic-array", ] @@ -187,12 +186,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "borsh" version = "0.10.3" @@ -247,26 +240,6 @@ dependencies = [ "sha2 0.9.9", ] -[[package]] -name = "bulletproofs" -version = "3.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" -dependencies = [ - "byteorder", - "clear_on_drop", - "curve25519-dalek-ng", - "digest 0.9.0", - "merlin", - "rand 0.7.3", - "rand_core 0.5.1", - "serde", - "serde_derive", - "sha3 0.9.1", - "subtle-ng", - "thiserror", -] - [[package]] name = "bumpalo" version = "3.14.0" @@ -352,15 +325,6 @@ dependencies = [ "vec_map", ] -[[package]] -name = "clear_on_drop" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" -dependencies = [ - "cc", -] - [[package]] name = "concordium-contracts-common" version = "8.1.1" @@ -396,7 +360,6 @@ version = "3.2.0" dependencies = [ "anyhow", "bs58", - "bulletproofs", "byteorder", "chrono", "concordium-contracts-common", @@ -411,7 +374,6 @@ dependencies = [ "itertools", "leb128", "libc", - "merlin", "nom", "num", "num-bigint 0.4.4", @@ -425,7 +387,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "subtle", "thiserror", "zeroize", @@ -527,20 +489,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "curve25519-dalek-ng" -version = "3.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" -dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", - "serde", - "subtle-ng", - "zeroize", -] - [[package]] name = "darling" version = "0.20.3" @@ -1219,18 +1167,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "merlin" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" -dependencies = [ - "byteorder", - "keccak", - "rand_core 0.5.1", - "zeroize", -] - [[package]] name = "mime" version = "0.3.17" @@ -2130,18 +2066,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug", -] - [[package]] name = "sha3" version = "0.10.8" @@ -2256,12 +2180,6 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" -[[package]] -name = "subtle-ng" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" - [[package]] name = "syn" version = "1.0.109" diff --git a/idiss/Cargo.lock b/idiss/Cargo.lock index 7d3344228..756ac175e 100644 --- a/idiss/Cargo.lock +++ b/idiss/Cargo.lock @@ -139,7 +139,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding", "generic-array", ] @@ -152,12 +151,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "borsh" version = "0.10.3" @@ -212,26 +205,6 @@ dependencies = [ "sha2 0.9.9", ] -[[package]] -name = "bulletproofs" -version = "3.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" -dependencies = [ - "byteorder", - "clear_on_drop", - "curve25519-dalek-ng", - "digest 0.9.0", - "merlin", - "rand 0.7.3", - "rand_core 0.5.1", - "serde", - "serde_derive", - "sha3 0.9.1", - "subtle-ng", - "thiserror", -] - [[package]] name = "bumpalo" version = "3.14.0" @@ -337,15 +310,6 @@ dependencies = [ "vec_map", ] -[[package]] -name = "clear_on_drop" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" -dependencies = [ - "cc", -] - [[package]] name = "concordium-contracts-common" version = "8.1.1" @@ -381,7 +345,6 @@ version = "3.2.0" dependencies = [ "anyhow", "bs58", - "bulletproofs", "byteorder", "chrono", "concordium-contracts-common", @@ -396,7 +359,6 @@ dependencies = [ "itertools", "leb128", "libc", - "merlin", "nom 7.1.3", "num", "num-bigint 0.4.4", @@ -410,7 +372,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "subtle", "thiserror", "zeroize", @@ -502,20 +464,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "curve25519-dalek-ng" -version = "3.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" -dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", - "serde", - "subtle-ng", - "zeroize", -] - [[package]] name = "darling" version = "0.20.3" @@ -934,18 +882,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "merlin" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" -dependencies = [ - "byteorder", - "keccak", - "rand_core 0.5.1", - "zeroize", -] - [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1468,18 +1404,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug", -] - [[package]] name = "sha3" version = "0.10.8" @@ -1526,12 +1450,6 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" -[[package]] -name = "subtle-ng" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" - [[package]] name = "syn" version = "1.0.109" diff --git a/mobile_wallet/Cargo.lock b/mobile_wallet/Cargo.lock index 43d338a65..072052530 100644 --- a/mobile_wallet/Cargo.lock +++ b/mobile_wallet/Cargo.lock @@ -84,7 +84,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding", "generic-array", ] @@ -97,12 +96,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "borsh" version = "0.10.2" @@ -157,26 +150,6 @@ dependencies = [ "sha2 0.9.9", ] -[[package]] -name = "bulletproofs" -version = "3.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" -dependencies = [ - "byteorder", - "clear_on_drop", - "curve25519-dalek-ng", - "digest 0.9.0", - "merlin", - "rand 0.7.3", - "rand_core 0.5.1", - "serde", - "serde_derive", - "sha3 0.9.1", - "subtle-ng", - "thiserror", -] - [[package]] name = "bumpalo" version = "3.12.0" @@ -251,15 +224,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "clear_on_drop" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" -dependencies = [ - "cc", -] - [[package]] name = "codespan-reporting" version = "0.11.1" @@ -318,7 +282,6 @@ version = "3.2.0" dependencies = [ "anyhow", "bs58", - "bulletproofs", "byteorder", "chrono", "concordium-contracts-common", @@ -333,7 +296,6 @@ dependencies = [ "itertools", "leb128", "libc", - "merlin", "nom", "num", "num-bigint 0.4.3", @@ -347,7 +309,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.6", - "sha3 0.10.6", + "sha3", "subtle", "thiserror", "zeroize", @@ -449,20 +411,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "curve25519-dalek-ng" -version = "3.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" -dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", - "serde", - "subtle-ng", - "zeroize", -] - [[package]] name = "cxx" version = "1.0.91" @@ -921,18 +869,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "merlin" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" -dependencies = [ - "byteorder", - "keccak", - "rand_core 0.5.1", - "zeroize", -] - [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1473,18 +1409,6 @@ dependencies = [ "digest 0.10.6", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug", -] - [[package]] name = "sha3" version = "0.10.6" @@ -1519,12 +1443,6 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" -[[package]] -name = "subtle-ng" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" - [[package]] name = "syn" version = "1.0.109" diff --git a/rust-bins/Cargo.lock b/rust-bins/Cargo.lock index 8e5969d75..d2efbf8d1 100644 --- a/rust-bins/Cargo.lock +++ b/rust-bins/Cargo.lock @@ -169,7 +169,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding 0.2.1", "generic-array", ] @@ -182,12 +181,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "block-padding" version = "0.3.3" @@ -251,26 +244,6 @@ dependencies = [ "sha2 0.9.9", ] -[[package]] -name = "bulletproofs" -version = "3.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" -dependencies = [ - "byteorder", - "clear_on_drop", - "curve25519-dalek-ng", - "digest 0.9.0", - "merlin", - "rand 0.7.3", - "rand_core 0.5.1", - "serde", - "serde_derive", - "sha3 0.9.1", - "subtle-ng", - "thiserror", -] - [[package]] name = "bumpalo" version = "3.14.0" @@ -375,15 +348,6 @@ dependencies = [ "vec_map", ] -[[package]] -name = "clear_on_drop" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" -dependencies = [ - "cc", -] - [[package]] name = "concordium-contracts-common" version = "8.1.1" @@ -421,7 +385,6 @@ dependencies = [ "anyhow", "base64", "bs58", - "bulletproofs", "byteorder", "cbc", "chrono", @@ -438,7 +401,6 @@ dependencies = [ "itertools", "leb128", "libc", - "merlin", "nom", "num", "num-bigint 0.4.4", @@ -453,7 +415,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.8", - "sha3 0.10.8", + "sha3", "subtle", "thiserror", "zeroize", @@ -593,20 +555,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "curve25519-dalek-ng" -version = "3.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" -dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", - "serde", - "subtle-ng", - "zeroize", -] - [[package]] name = "darling" version = "0.20.3" @@ -1178,7 +1126,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" dependencies = [ - "block-padding 0.3.3", + "block-padding", "generic-array", ] @@ -1311,18 +1259,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "merlin" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" -dependencies = [ - "byteorder", - "keccak", - "rand_core 0.5.1", - "zeroize", -] - [[package]] name = "mime" version = "0.3.17" @@ -2241,18 +2177,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug", -] - [[package]] name = "sha3" version = "0.10.8" @@ -2388,12 +2312,6 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" -[[package]] -name = "subtle-ng" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" - [[package]] name = "syn" version = "1.0.109" diff --git a/rust-src/Cargo.lock b/rust-src/Cargo.lock index 8d37ca9db..afef8031f 100644 --- a/rust-src/Cargo.lock +++ b/rust-src/Cargo.lock @@ -130,7 +130,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding 0.2.1", "generic-array", ] @@ -143,12 +142,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "block-padding" version = "0.3.3" @@ -212,26 +205,6 @@ dependencies = [ "sha2 0.9.9", ] -[[package]] -name = "bulletproofs" -version = "3.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e42bd0735a0bff360156b152861eea25507f1ac303117e94215c2684f2100c26" -dependencies = [ - "byteorder", - "clear_on_drop", - "curve25519-dalek-ng", - "digest 0.9.0", - "merlin", - "rand 0.7.3", - "rand_core 0.5.1", - "serde", - "serde_derive", - "sha3 0.9.1", - "subtle-ng", - "thiserror", -] - [[package]] name = "bumpalo" version = "3.13.0" @@ -375,15 +348,6 @@ dependencies = [ "os_str_bytes", ] -[[package]] -name = "clear_on_drop" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38508a63f4979f0048febc9966fadbd48e5dab31fd0ec6a3f151bbf4a74f7423" -dependencies = [ - "cc", -] - [[package]] name = "concordium-contracts-common" version = "8.1.1" @@ -421,7 +385,6 @@ dependencies = [ "anyhow", "base64", "bs58", - "bulletproofs", "byteorder", "cbc", "chrono", @@ -429,7 +392,6 @@ dependencies = [ "concordium_base_derive", "criterion", "curve25519-dalek", - "curve25519-dalek-ng", "derive_more", "ed25519-dalek", "either", @@ -440,7 +402,6 @@ dependencies = [ "itertools", "leb128", "libc", - "merlin", "nom", "num", "num-bigint 0.4.4", @@ -455,7 +416,7 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.7", - "sha3 0.10.8", + "sha3", "subtle", "thiserror", "zeroize", @@ -593,20 +554,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "curve25519-dalek-ng" -version = "3.0.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b8dfd4d479156d9ad3fe6d1562f78ff31a9ba8831d3575126061541c7294e48" -dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", - "serde", - "subtle-ng", - "zeroize", -] - [[package]] name = "darling" version = "0.20.3" @@ -943,7 +890,7 @@ version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5" dependencies = [ - "block-padding 0.3.3", + "block-padding", "generic-array", ] @@ -1046,18 +993,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "merlin" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4e261cf0f8b3c42ded9f7d2bb59dea03aa52bc8a1cbc7482f9fc3fd1229d3b42" -dependencies = [ - "byteorder", - "keccak", - "rand_core 0.5.1", - "zeroize", -] - [[package]] name = "minimal-lexical" version = "0.2.1" @@ -1660,18 +1595,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug", -] - [[package]] name = "sha3" version = "0.10.8" @@ -1713,12 +1636,6 @@ version = "2.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" -[[package]] -name = "subtle-ng" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "734676eb262c623cec13c3155096e08d1f8f29adce39ba17948b18dad1e54142" - [[package]] name = "syn" version = "1.0.109" diff --git a/rust-src/concordium_base/Cargo.toml b/rust-src/concordium_base/Cargo.toml index e5cf22e10..56b02c281 100644 --- a/rust-src/concordium_base/Cargo.toml +++ b/rust-src/concordium_base/Cargo.toml @@ -52,9 +52,6 @@ pbkdf2 = { version = "0.11", optional = true } hmac = { version = "0.12", optional = true } nom = "7.1.3" -bulletproofs = "3.0.0" -merlin = { version = "2", default-features = false } - [lib] crate-type = ["rlib", "staticlib", "cdylib"] @@ -78,7 +75,6 @@ encryption = ["cbc", "aes", "base64", "pbkdf2", "hmac"] [dev-dependencies] criterion = "0.4" rand = {version = "0.7", features = ["small_rng"]} -curve25519-dalek-ng = "3" [[bench]] name = "hash_bench" diff --git a/rust-src/concordium_base/benches/bulletproofs.rs b/rust-src/concordium_base/benches/bulletproofs.rs index 1180011e2..4c6b77839 100644 --- a/rust-src/concordium_base/benches/bulletproofs.rs +++ b/rust-src/concordium_base/benches/bulletproofs.rs @@ -117,7 +117,10 @@ pub fn prove_verify_benchmarks(c: &mut Criterion) { #[allow(non_snake_case)] fn compare_inner_product_proof(c: &mut Criterion) { - let bench_group_name = format!("Inner-Product Proof for {}", std::any::type_name::()); + let bench_group_name = format!( + "Inner-Product Proof for {}", + std::any::type_name::() + ); let mut group = c.benchmark_group(bench_group_name); // Testing with n = 4 diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index fcbdeaadd..b25f370bf 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -1,7 +1,4 @@ -use std::{ - borrow::Borrow, - ops::{AddAssign, MulAssign, Neg, SubAssign}, -}; +use super::{Curve, Field, MultiExp, PrimeField}; use crate::common::{Buffer, Deserial, Serial}; use byteorder::{ByteOrder, LittleEndian}; use curve25519_dalek::{ @@ -10,7 +7,10 @@ use curve25519_dalek::{ scalar::Scalar, traits::{Identity, VartimeMultiscalarMul, VartimePrecomputedMultiscalarMul}, }; -use super::{Curve, Field, MultiExp, PrimeField}; +use std::{ + borrow::Borrow, + ops::{AddAssign, MulAssign, Neg, SubAssign}, +}; /// A wrapper to make it possible to implement external traits /// and to avoid clashes with blacket implementations. From 287a2b89be8873eee070a863d65020dde0152891 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Tue, 19 Dec 2023 17:23:09 +0100 Subject: [PATCH 34/45] Adding tests for ed25519 --- .../src/curve_arithmetic/ed25519_instance.rs | 125 +++++++++++++++++- 1 file changed, 124 insertions(+), 1 deletion(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index b25f370bf..b9822e119 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -98,8 +98,11 @@ impl PrimeField for RistrettoScalar { .try_into() .map_err(|_| super::CurveDecodingError::NotInField(format!("{:?}", r)))?; let mut s_bytes = [0u8; 32]; + let mut offset = 0; for x in tmp { - LittleEndian::write_u64(&mut s_bytes, x); + let max = offset + 8; + LittleEndian::write_u64(&mut s_bytes[offset..max], x); + offset = max; } let res = Scalar::from_canonical_bytes(s_bytes).ok_or( super::CurveDecodingError::NotInField(format!("{:?}", s_bytes)), @@ -228,3 +231,123 @@ impl MultiExp for RistrettoMultiExpNoPrecompute { Self::CurvePoint::vartime_multiscalar_mul(exps.iter().map(|p| p.borrow().0), &self.points) } } + +#[cfg(test)] +pub(crate) mod tests { + use super::{RistrettoScalar, *}; + use crate::common::*; + use curve25519_dalek::ristretto::RistrettoPoint; + use std::io::Cursor; + + // Test serialization for scalars + #[test] + fn test_scalar_serialization() { + let mut csprng = rand::thread_rng(); + for _ in 0..1000 { + let mut out = Vec::::new(); + let scalar = RistrettoScalar::random(&mut csprng); + scalar.serial(&mut out); + let scalar_res = RistrettoScalar::deserial(&mut Cursor::new(out)); + assert!(scalar_res.is_ok()); + assert_eq!(scalar, scalar_res.unwrap()); + } + } + + // Test serialization for curve points + #[test] + fn test_point_serialization() { + let mut csprng = rand::thread_rng(); + for _ in 0..1000 { + let mut out = Vec::::new(); + let point = RistrettoPoint::generate(&mut csprng); + point.serial(&mut out); + let point_res = RistrettoPoint::deserial(&mut Cursor::new(out)); + assert!(point_res.is_ok()); + assert!(point_res.is_ok()); + assert_eq!(point, point_res.unwrap()); + } + } + + // Turn scalar elements into representations and back again, and compare. + #[test] + fn test_into_from_rep() { + let mut csprng = rand::thread_rng(); + for _ in 0..1000 { + let scalar = RistrettoScalar::random(&mut csprng); + let scalar_vec64 = scalar.into_repr(); + let scalar_res = RistrettoScalar::from_repr(&scalar_vec64); + assert!(scalar_res.is_ok()); + assert_eq!(scalar, scalar_res.unwrap()); + } + } + + // Turn curve points into representations and back again, and compare. + #[test] + fn test_point_byte_conversion_unchecked() { + let mut csprng = rand::thread_rng(); + for _ in 0..1000 { + let point = RistrettoPoint::generate(&mut csprng); + let bytes = to_bytes(&point); + let point_res = RistrettoPoint::bytes_to_curve_unchecked(&mut Cursor::new(&bytes)); + assert!(point_res.is_ok()); + assert_eq!(point, point_res.unwrap()); + } + } + + /// Random element from the scalar field GF(2\^{252} + + /// 27742317777372353535851937790883648493) + /// a = 2238329342913194256032495932344128051776374960164957527413114840482143558222 + static A_BYTES: [u8; 32] = [ + 0x4e, 0x5a, 0xb4, 0x34, 0x5d, 0x47, 0x08, 0x84, 0x59, 0x13, 0xb4, 0x64, 0x1b, 0xc2, 0x7d, + 0x52, 0x52, 0xa5, 0x85, 0x10, 0x1b, 0xcc, 0x42, 0x44, 0xd4, 0x49, 0xf4, 0xa8, 0x79, 0xd9, + 0xf2, 0x04, + ]; + + /// 1/a = 6859937278830797291664592131120606308688036382723378951768035303146619657244 + static AINV_BYTES: [u8; 32] = [ + 0x1c, 0xdc, 0x17, 0xfc, 0xe0, 0xe9, 0xa5, 0xbb, 0xd9, 0x24, 0x7e, 0x56, 0xbb, 0x01, 0x63, + 0x47, 0xbb, 0xba, 0x31, 0xed, 0xd5, 0xa9, 0xbb, 0x96, 0xd5, 0x0b, 0xcd, 0x7a, 0x3f, 0x96, + 0x2a, 0x0f, + ]; + + /// a^2 = 7223459340038346301359662082310065231337362643762546120300009460524582755663 + static ASQ_BYTES: [u8; 32] = [ + 0x4f, 0xdd, 0x54, 0x3d, 0xc3, 0x58, 0x8c, 0x8, 0x74, 0xd3, 0xde, 0xf1, 0x15, 0xeb, 0x46, + 0x1, 0x9e, 0x90, 0xcc, 0x16, 0x4a, 0xc2, 0x3c, 0x3, 0xe4, 0x52, 0x13, 0x22, 0x46, 0x55, + 0xf8, 0xf, + ]; + + #[test] + fn test_scalar_mult() { + let a: RistrettoScalar = Scalar::from_bytes_mod_order(A_BYTES).into(); + let mut aa = a.clone(); + aa.mul_assign(&a); + let asq: RistrettoScalar = Scalar::from_bytes_mod_order(ASQ_BYTES).into(); + assert_eq!(asq, aa); + } + + #[test] + fn test_scalar_square() { + let a: RistrettoScalar = Scalar::from_bytes_mod_order(A_BYTES).into(); + let mut aa = a.clone(); + aa.square(); + let asq: RistrettoScalar = Scalar::from_bytes_mod_order(ASQ_BYTES).into(); + assert_eq!(asq, aa); + } + + #[test] + fn test_scalar_inverse() { + // Zero element has no inverse in a field + let zero: RistrettoScalar = Scalar::zero().into(); + let zero_inv = zero.inverse(); + assert_eq!(zero_inv, None); + // Every non-zero element 'a' should have an inverse computed as 'a.inverse()' + let a: RistrettoScalar = Scalar::from_bytes_mod_order(A_BYTES).into(); + let ainv = a.inverse().unwrap(); + let should_be_inverse: RistrettoScalar = Scalar::from_bytes_mod_order(AINV_BYTES).into(); + let mut one = a.clone(); + one.mul_assign(&ainv); + assert_eq!(ainv, should_be_inverse); + assert_eq!(RistrettoScalar::one(), one); + } +} From 7451a6f461c916212fe3802e6e0ded83d68225a1 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Wed, 20 Dec 2023 10:03:37 +0100 Subject: [PATCH 35/45] removing unnecessary tests --- .../src/curve_arithmetic/ed25519_instance.rs | 62 +------------------ 1 file changed, 1 insertion(+), 61 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index b9822e119..fef60e026 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -173,9 +173,7 @@ impl Curve for RistrettoPoint { } fn generate_scalar(rng: &mut R) -> Self::Scalar { - let mut scalar_bytes = [0u8; 64]; - rng.fill_bytes(&mut scalar_bytes); - Scalar::from_bytes_mod_order_wide(&scalar_bytes).into() + Self::Scalar::random(rng) } fn scalar_from_u64(n: u64) -> Self::Scalar { Scalar::from(n).into() } @@ -263,7 +261,6 @@ pub(crate) mod tests { point.serial(&mut out); let point_res = RistrettoPoint::deserial(&mut Cursor::new(out)); assert!(point_res.is_ok()); - assert!(point_res.is_ok()); assert_eq!(point, point_res.unwrap()); } } @@ -293,61 +290,4 @@ pub(crate) mod tests { assert_eq!(point, point_res.unwrap()); } } - - /// Random element from the scalar field GF(2\^{252} + - /// 27742317777372353535851937790883648493) - /// a = 2238329342913194256032495932344128051776374960164957527413114840482143558222 - static A_BYTES: [u8; 32] = [ - 0x4e, 0x5a, 0xb4, 0x34, 0x5d, 0x47, 0x08, 0x84, 0x59, 0x13, 0xb4, 0x64, 0x1b, 0xc2, 0x7d, - 0x52, 0x52, 0xa5, 0x85, 0x10, 0x1b, 0xcc, 0x42, 0x44, 0xd4, 0x49, 0xf4, 0xa8, 0x79, 0xd9, - 0xf2, 0x04, - ]; - - /// 1/a = 6859937278830797291664592131120606308688036382723378951768035303146619657244 - static AINV_BYTES: [u8; 32] = [ - 0x1c, 0xdc, 0x17, 0xfc, 0xe0, 0xe9, 0xa5, 0xbb, 0xd9, 0x24, 0x7e, 0x56, 0xbb, 0x01, 0x63, - 0x47, 0xbb, 0xba, 0x31, 0xed, 0xd5, 0xa9, 0xbb, 0x96, 0xd5, 0x0b, 0xcd, 0x7a, 0x3f, 0x96, - 0x2a, 0x0f, - ]; - - /// a^2 = 7223459340038346301359662082310065231337362643762546120300009460524582755663 - static ASQ_BYTES: [u8; 32] = [ - 0x4f, 0xdd, 0x54, 0x3d, 0xc3, 0x58, 0x8c, 0x8, 0x74, 0xd3, 0xde, 0xf1, 0x15, 0xeb, 0x46, - 0x1, 0x9e, 0x90, 0xcc, 0x16, 0x4a, 0xc2, 0x3c, 0x3, 0xe4, 0x52, 0x13, 0x22, 0x46, 0x55, - 0xf8, 0xf, - ]; - - #[test] - fn test_scalar_mult() { - let a: RistrettoScalar = Scalar::from_bytes_mod_order(A_BYTES).into(); - let mut aa = a.clone(); - aa.mul_assign(&a); - let asq: RistrettoScalar = Scalar::from_bytes_mod_order(ASQ_BYTES).into(); - assert_eq!(asq, aa); - } - - #[test] - fn test_scalar_square() { - let a: RistrettoScalar = Scalar::from_bytes_mod_order(A_BYTES).into(); - let mut aa = a.clone(); - aa.square(); - let asq: RistrettoScalar = Scalar::from_bytes_mod_order(ASQ_BYTES).into(); - assert_eq!(asq, aa); - } - - #[test] - fn test_scalar_inverse() { - // Zero element has no inverse in a field - let zero: RistrettoScalar = Scalar::zero().into(); - let zero_inv = zero.inverse(); - assert_eq!(zero_inv, None); - // Every non-zero element 'a' should have an inverse computed as 'a.inverse()' - let a: RistrettoScalar = Scalar::from_bytes_mod_order(A_BYTES).into(); - let ainv = a.inverse().unwrap(); - let should_be_inverse: RistrettoScalar = Scalar::from_bytes_mod_order(AINV_BYTES).into(); - let mut one = a.clone(); - one.mul_assign(&ainv); - assert_eq!(ainv, should_be_inverse); - assert_eq!(RistrettoScalar::one(), one); - } } From 0463cd933154f50b238671f2fb8198339953b925 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Wed, 20 Dec 2023 13:53:18 +0100 Subject: [PATCH 36/45] Apply suggestions from code review applied Emil B's comments Co-authored-by: eb-concordium <77331975+eb-concordium@users.noreply.github.com> --- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index b5d8657c0..6a5de8eb8 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -82,7 +82,7 @@ pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug { } /// This is an extension of the `Field` trait that adds some constants decribing -/// the element size and operations for conveting to/from bib integer +/// the element size and operations for converting to/from big integer /// representation (an array of `u64` limbs.) pub trait PrimeField: Field { /// How many bits are needed to represent an element of this field. @@ -172,7 +172,7 @@ pub trait MultiExp { /// Create new algorithm instance by providing initial points. /// Can be used to precompute a lookup table. // NOTE: this method does not take `window_size` as a parameter. - // Some libraries do not provide expose `window_size`, so it is left to a + // Some libraries do not expose `window_size`, so it is left to a // concrete implementation to take additional configuration parameters. fn new>(gs: &[X]) -> Self; From 46c9ac069e39667c7a1ddb7dee26ec6153dab141 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:05:23 +0100 Subject: [PATCH 37/45] Apply suggestions from code review minor suggestions --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 2 +- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index fef60e026..b2a5fab30 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -207,7 +207,7 @@ impl MultiExp for VartimeRistrettoPrecomputation { } /// An instance of multiexp algorithm from the Dalek library. -/// It is instantiated with points, but no precomutations is done. +/// It is instantiated with points, but no precomputations is done. /// This way, it follows the same interface as our generic multiexp. pub struct RistrettoMultiExpNoPrecompute { points: Vec, diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index 6a5de8eb8..781c22699 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -165,7 +165,7 @@ pub trait Curve: fn hash_to_group(m: &[u8]) -> Self; } -/// An abstraction over a multiexp algoritm. +/// An abstraction over a multiexp algorithm. pub trait MultiExp { type CurvePoint: Curve; @@ -176,7 +176,7 @@ pub trait MultiExp { // concrete implementation to take additional configuration parameters. fn new>(gs: &[X]) -> Self; - /// Multiexp algoritm that uses points provided at the instantiation step + /// Multiexp algorithm that uses points provided at the instantiation step /// and scalars provided as a parameter. fn multiexp::Scalar>>( &self, From 5facd01950572f2f41c68aa0dd49f059e74c8041 Mon Sep 17 00:00:00 2001 From: Hamidreza <54936533+hamiidreza@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:06:12 +0100 Subject: [PATCH 38/45] Apply suggestions from code review typo --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index b2a5fab30..f0c68532b 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -83,8 +83,8 @@ impl PrimeField for RistrettoScalar { let mut vec: Vec = Vec::new(); let bytes: [u8; 32] = self.0.to_bytes(); for chunk in bytes.chunks_exact(8) { - // The chunk size is always 8 and there is no remider after chunking, since the - // the the representation is a 32-byte array. That is why it is safe to unwrap + // The chunk size is always 8 and there is no remainder after chunking, since the + // representation is a 32-byte array. That is why it is safe to unwrap // here. let x: [u8; 8] = chunk.try_into().unwrap(); let x_64 = u64::from_le_bytes(x); From c459bc32843d9655a3179369373fd7a0d67a23da Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Thu, 21 Dec 2023 19:31:49 +0100 Subject: [PATCH 39/45] Add tests for into_repr() and scalar_from_bytes() --- .../curve_arithmetic/bls12_381_instance.rs | 6 +- .../src/curve_arithmetic/ed25519_instance.rs | 77 +++++++++++++++++-- 2 files changed, 73 insertions(+), 10 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 17bfdf960..b98540c89 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -396,15 +396,17 @@ mod tests { let n = ::random(&mut rng); let mut bytes = to_bytes(&n); bytes.reverse(); + println!("bytes: {:?}", bytes[31]); let m = scalar_from_bytes_helper(&bytes); - // make sure that n and m only differ in the topmost bit. + // Make sure that n and m only differ in the topmost bits; + // `scalar_from_bytes_helper` resets the topmost bits to zeros. let n = n.into_repr(); let m = m.into_repr(); let mask = !(1u64 << 63 | 1u64 << 62); assert_eq!(n[0], m[0], "First limb."); assert_eq!(n[1], m[1], "Second limb."); assert_eq!(n[2], m[2], "Third limb."); - assert_eq!(n[3] & mask, m[3] & mask, "Fourth limb with top bit masked."); + assert_eq!(n[3] & mask, m[3], "Fourth limb with top bit masked."); } } diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index fef60e026..9cbd2cb19 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -172,14 +172,24 @@ impl Curve for RistrettoPoint { RistrettoPoint::from_uniform_bytes(&uniform_bytes) } - fn generate_scalar(rng: &mut R) -> Self::Scalar { - Self::Scalar::random(rng) - } + fn generate_scalar(rng: &mut R) -> Self::Scalar { Self::Scalar::random(rng) } fn scalar_from_u64(n: u64) -> Self::Scalar { Scalar::from(n).into() } fn scalar_from_bytes>(bs: A) -> Self::Scalar { - Scalar::hash_from_bytes::(bs.as_ref()).into() + // Traverse at most 4 8-byte chunks, for a total of 256 bits. + // The top-most four bits in the last chunk are set to 0. + let mut fr = [0u64; 4]; + for (i, chunk) in bs.as_ref().chunks(8).take(4).enumerate() { + let mut v = [0u8; 8]; + v[..chunk.len()].copy_from_slice(chunk); + fr[i] = u64::from_le_bytes(v); + } + // unset four topmost bits in the last read u64. + fr[3] &= !(1u64 << 63 | 1u64 << 62 | 1u64 << 61 | 1u64 << 60); + ::from_repr(&fr) + .expect("The scalar with top two bits erased should be valid.") + // Scalar::hash_from_bytes::(bs.as_ref()).into() } fn hash_to_group(m: &[u8]) -> Self { @@ -237,7 +247,7 @@ pub(crate) mod tests { use curve25519_dalek::ristretto::RistrettoPoint; use std::io::Cursor; - // Test serialization for scalars + /// Test serialization for scalars #[test] fn test_scalar_serialization() { let mut csprng = rand::thread_rng(); @@ -251,7 +261,7 @@ pub(crate) mod tests { } } - // Test serialization for curve points + /// Test serialization for curve points #[test] fn test_point_serialization() { let mut csprng = rand::thread_rng(); @@ -265,7 +275,7 @@ pub(crate) mod tests { } } - // Turn scalar elements into representations and back again, and compare. + /// Turn scalar elements into representations and back again, and compare. #[test] fn test_into_from_rep() { let mut csprng = rand::thread_rng(); @@ -278,7 +288,7 @@ pub(crate) mod tests { } } - // Turn curve points into representations and back again, and compare. + /// Turn curve points into representations and back again, and compare. #[test] fn test_point_byte_conversion_unchecked() { let mut csprng = rand::thread_rng(); @@ -290,4 +300,55 @@ pub(crate) mod tests { assert_eq!(point, point_res.unwrap()); } } + + /// Test that `into_repr()` correclty converts a scalar constructed from a + /// byte array to an array of limbs with least significant digits first. + #[test] + fn test_into() { + let s: RistrettoScalar = Scalar::from_canonical_bytes([ + 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 254, 255, 255, 255, 255, 255, 255, 255, + 0, 0, 0, 0, 0, 0, 0, 0, + ]) + .expect("Expected a valid scalar") + .into(); + assert_eq!(s.into_repr(), [1u64, 0u64, u64::MAX - 1, 0u64]); + } + + // Check that scalar_from_bytes for ed25519 works on small values. + #[test] + fn scalar_from_bytes_small() { + let mut rng = rand::thread_rng(); + for _ in 0..1000 { + let n = ::random(&mut rng); + let bytes = to_bytes(&n); + let m = ::scalar_from_bytes(&bytes); + // Make sure that n and m only differ in the topmost bits; + // `scalar_from_bytes_helper` resets the topmost bits to zeros. + let n = n.into_repr(); + let m = m.into_repr(); + let mask = !(1u64 << 63 | 1u64 << 62 | 1u64 << 61 | 1u64 << 60); + assert_eq!(n[0], m[0], "First limb."); + assert_eq!(n[1], m[1], "Second limb."); + assert_eq!(n[2], m[2], "Third limb."); + assert_eq!(n[3] & mask, m[3], "Fourth limb with top bit masked."); + } + } + + /// Test that everything that exeeds `PrimeField::CAPACITY` is ignored by + /// `Curve::scalar_from_bytes()` + #[test] + fn test_scalar_from_bytes_cut_at_max_capacity() { + for n in 1..16 { + let fits_capacity = ::scalar_from_bytes([ + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 15, + ]); + let extend = 15 + (n << 4); + let over_capacity = ::scalar_from_bytes([ + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, extend, + ]); + assert_eq!(fits_capacity, over_capacity); + } + } } From a1f5187ae7a3853e38aff44215fc538a8e1b0e02 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Fri, 22 Dec 2023 15:22:09 +0100 Subject: [PATCH 40/45] Fix curve25519 tests --- .../src/curve_arithmetic/ed25519_instance.rs | 51 ++++++++++++------- 1 file changed, 34 insertions(+), 17 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 752e3bf72..8aecb1986 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -83,9 +83,9 @@ impl PrimeField for RistrettoScalar { let mut vec: Vec = Vec::new(); let bytes: [u8; 32] = self.0.to_bytes(); for chunk in bytes.chunks_exact(8) { - // The chunk size is always 8 and there is no remainder after chunking, since the - // representation is a 32-byte array. That is why it is safe to unwrap - // here. + // The chunk size is always 8 and there is no remainder after chunking, since + // the representation is a 32-byte array. That is why it is safe to + // unwrap here. let x: [u8; 8] = chunk.try_into().unwrap(); let x_64 = u64::from_le_bytes(x); vec.push(x_64); @@ -245,6 +245,8 @@ pub(crate) mod tests { use super::{RistrettoScalar, *}; use crate::common::*; use curve25519_dalek::ristretto::RistrettoPoint; + use rand::Rng; + use rand_core::RngCore; use std::io::Cursor; /// Test serialization for scalars @@ -316,7 +318,7 @@ pub(crate) mod tests { // Check that scalar_from_bytes for ed25519 works on small values. #[test] - fn scalar_from_bytes_small() { + fn test_scalar_from_bytes_small() { let mut rng = rand::thread_rng(); for _ in 0..1000 { let n = ::random(&mut rng); @@ -330,24 +332,39 @@ pub(crate) mod tests { assert_eq!(n[0], m[0], "First limb."); assert_eq!(n[1], m[1], "Second limb."); assert_eq!(n[2], m[2], "Third limb."); + // It is unlikely that the limbs will differ even without masking, because the + // difference between the max number for `RistrettoScalar::CAPACITY` and the + // curve order is quite small. We, however, keep the mask here, + // because we're interesed in lower bytes in this test. assert_eq!(n[3] & mask, m[3], "Fourth limb with top bit masked."); } } - /// Test that everything that exeeds `PrimeField::CAPACITY` is ignored by - /// `Curve::scalar_from_bytes()` + /// Test that everything that exeeds `RistrettoScalar::CAPACITY` is ignored + /// by `Curve::scalar_from_bytes()` #[test] - fn test_scalar_from_bytes_cut_at_max_capacity() { - for n in 1..16 { - let fits_capacity = ::scalar_from_bytes([ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 15, - ]); - let extend = 15 + (n << 4); - let over_capacity = ::scalar_from_bytes([ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, extend, - ]); + fn test_scalar_from_bytes_big() { + let mut rng = rand::thread_rng(); + for _ in 0..1000 { + // First, we generate 31 random bytes. + let mut lower_bytes: [u8; 31] = [0u8; 31]; + rng.fill_bytes(&mut lower_bytes); + let mut fits_capacity_bytes = [0u8; 32]; + // Next, we create a byte array that is filled with random lower bytes, the last + // byte is in [0; 15], that is, of the form 0b0000XXXX (big-endian). + fits_capacity_bytes[0..31].copy_from_slice(&lower_bytes); + let n = rng.gen_range(0, 16); + fits_capacity_bytes[31] = n; + let fits_capacity = ::scalar_from_bytes(fits_capacity_bytes); + let i = rng.gen_range(1, 16); + // Now, we create a byte array from lower bytes with the last byte being number + // that is guaranteed to exceed `RistrettoScalar::CAPACITY`. + let mut bytes: [u8; 32] = [0u8; 32]; + bytes[0..31].copy_from_slice(&lower_bytes); + // Add 0bXXXX0000 that leaves the first four bits untouched. + bytes[31] = n + (i << 4); + let over_capacity = ::scalar_from_bytes(bytes); + // Check that four topmost bits are ignored. assert_eq!(fits_capacity, over_capacity); } } From f5e58733c757d173793bf0e2a714ab7c82126b5b Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Fri, 22 Dec 2023 15:47:21 +0100 Subject: [PATCH 41/45] Add comments to curve25519 tests --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 8aecb1986..681885b3d 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -240,6 +240,10 @@ impl MultiExp for RistrettoMultiExpNoPrecompute { } } +/// In the tests we focus on the functionality related to conversion form/to +/// bytes or other representations. We do not test field/group operations here +/// since we delegate this functionality to the `curve25519-dalek` +/// implementation, which features its own test suite. #[cfg(test)] pub(crate) mod tests { use super::{RistrettoScalar, *}; From f75deb84deb7b6648cbfd47ade6a124cd50df5bd Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Tue, 2 Jan 2024 17:18:34 +0100 Subject: [PATCH 42/45] Apply suggestions from code review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Aleš Bizjak --- .../src/curve_arithmetic/bls12_381_instance.rs | 8 ++++---- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index b98540c89..1983a437f 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -61,8 +61,8 @@ impl From for CurveDecodingError { } impl PrimeField for Fr { - const CAPACITY: u32 = ::CAPACITY; - const NUM_BITS: u32 = ::NUM_BITS; + const CAPACITY: u32 = ::CAPACITY; + const NUM_BITS: u32 = ::NUM_BITS; fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } @@ -76,8 +76,8 @@ impl PrimeField for Fr { } impl PrimeField for Fq { - const CAPACITY: u32 = ::CAPACITY; - const NUM_BITS: u32 = ::NUM_BITS; + const CAPACITY: u32 = ::CAPACITY; + const NUM_BITS: u32 = ::NUM_BITS; fn into_repr(self) -> Vec { ::into_repr(&self).0.to_vec() } diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index 781c22699..e454d659b 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -10,7 +10,7 @@ pub use secret_value::{Secret, Value}; use crate::common::{Serial, Serialize}; use byteorder::ReadBytesExt; -use core::fmt; +use std::fmt; use rand::*; use std::{borrow::Borrow, fmt::Debug}; use thiserror::Error; @@ -405,7 +405,7 @@ pub trait Pairing: Sized + 'static + Clone { } /// Calls a multiexp algorithm for a curve. -/// The function combines instantiation of an algorith implementation and +/// The function combines instantiation of an algorithm implementation and /// computation. #[inline(always)] pub fn multiexp(gs: &[X], exps: &[C::Scalar]) -> C From a85d36a220d8dc67795ba1ab08b36af5ca80bf84 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Tue, 2 Jan 2024 17:21:36 +0100 Subject: [PATCH 43/45] Fix comments --- .../concordium_base/src/curve_arithmetic/bls12_381_instance.rs | 2 +- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs index 1983a437f..95d9d8ce4 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/bls12_381_instance.rs @@ -23,7 +23,7 @@ fn scalar_from_bytes_helper>(bytes: A) -> Fr { v[..chunk.len()].copy_from_slice(chunk); fr[i] = u64::from_le_bytes(v); } - // unset two topmost bits in the last read u64. + // unset two topmost bits in the last u64 limb. fr[3] &= !(1u64 << 63 | 1u64 << 62); ::from_repr(FrRepr(fr)) .expect("The scalar with top two bits erased should be valid.") diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index 681885b3d..b52fa8275 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -185,7 +185,7 @@ impl Curve for RistrettoPoint { v[..chunk.len()].copy_from_slice(chunk); fr[i] = u64::from_le_bytes(v); } - // unset four topmost bits in the last read u64. + // unset four topmost bits in the last u64 limb. fr[3] &= !(1u64 << 63 | 1u64 << 62 | 1u64 << 61 | 1u64 << 60); ::from_repr(&fr) .expect("The scalar with top two bits erased should be valid.") From c51bdeb3bc8453a75e6d4ae4017fa3e2481a184b Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Tue, 2 Jan 2024 18:16:03 +0100 Subject: [PATCH 44/45] Remove ff::BitIterator, use pow_vartime implementation from newer version of ff crate --- .../src/curve_arithmetic/mod.rs | 25 +++++++++---------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index e454d659b..b86fcdc68 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -10,9 +10,8 @@ pub use secret_value::{Secret, Value}; use crate::common::{Serial, Serialize}; use byteorder::ReadBytesExt; -use std::fmt; use rand::*; -use std::{borrow::Borrow, fmt::Debug}; +use std::{borrow::Borrow, fmt, fmt::Debug}; use thiserror::Error; #[derive(Error, Debug)] @@ -24,6 +23,7 @@ pub enum CurveDecodingError { } /// This trait represents an element of a field. +/// The trait essentially copies `ff::Field` from `v0.5`. pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug { /// Returns an element chosen uniformly at random using a user-provided RNG. fn random(rng: &mut R) -> Self; @@ -59,21 +59,20 @@ pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug { fn inverse(&self) -> Option; /// Exponentiates this element by a number represented with `u64` limbs, - /// least significant digit first. + /// least significant digit first. This operation is variable time with + /// respect to `self`, for all exponent. fn pow>(&self, exp: S) -> Self { + // Note: this implementations is + // copied the `ff` crate trait method `ff::Field::pow_vartime()`. + // https://docs.rs/ff/0.13.0/src/ff/lib.rs.html#178-191 let mut res = Self::one(); - - let mut found_one = false; - - for i in ff::BitIterator::new(exp) { - if found_one { + for e in exp.as_ref().iter().rev() { + for i in (0..64).rev() { res.square(); - } else { - found_one = i; - } - if i { - res.mul_assign(self); + if ((*e >> i) & 1) == 1 { + res.mul_assign(self); + } } } From 7d726846eb8434f3135ba2a01640b8094432a212 Mon Sep 17 00:00:00 2001 From: Danil Annenkov Date: Wed, 3 Jan 2024 10:20:18 +0100 Subject: [PATCH 45/45] Add a comment about double; remove commented out line --- .../concordium_base/src/curve_arithmetic/ed25519_instance.rs | 5 ++++- rust-src/concordium_base/src/curve_arithmetic/mod.rs | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs index b52fa8275..eeb16550d 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/ed25519_instance.rs @@ -146,6 +146,10 @@ impl Curve for RistrettoPoint { fn inverse_point(&self) -> Self { -self } + // A doubling operation on the Ristretto representation is not available + // directly. Moreover, v4.1.1 of `curve25519-dalek` implements `double()` + // using addition. + // https://docs.rs/curve25519-dalek/4.1.1/src/curve25519_dalek/ristretto.rs.html#1203-1205 fn double_point(&self) -> Self { self + self } fn plus_point(&self, other: &Self) -> Self { self + other } @@ -189,7 +193,6 @@ impl Curve for RistrettoPoint { fr[3] &= !(1u64 << 63 | 1u64 << 62 | 1u64 << 61 | 1u64 << 60); ::from_repr(&fr) .expect("The scalar with top two bits erased should be valid.") - // Scalar::hash_from_bytes::(bs.as_ref()).into() } fn hash_to_group(m: &[u8]) -> Self { diff --git a/rust-src/concordium_base/src/curve_arithmetic/mod.rs b/rust-src/concordium_base/src/curve_arithmetic/mod.rs index b86fcdc68..d70dd52d8 100644 --- a/rust-src/concordium_base/src/curve_arithmetic/mod.rs +++ b/rust-src/concordium_base/src/curve_arithmetic/mod.rs @@ -63,7 +63,7 @@ pub trait Field: Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug { /// respect to `self`, for all exponent. fn pow>(&self, exp: S) -> Self { // Note: this implementations is - // copied the `ff` crate trait method `ff::Field::pow_vartime()`. + // copied from the `ff` crate's trait method `ff::Field::pow_vartime()`. // https://docs.rs/ff/0.13.0/src/ff/lib.rs.html#178-191 let mut res = Self::one(); for e in exp.as_ref().iter().rev() {