Skip to content

Commit c3cfd3a

Browse files
weikengchenweikengchen
committed
use individual opening challenges by default
1 parent dd448ea commit c3cfd3a

File tree

5 files changed

+291
-444
lines changed

5 files changed

+291
-444
lines changed

src/data_structures.rs

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,9 +29,6 @@ pub trait PCCommitterKey: Clone + core::fmt::Debug {
2929
/// Defines the minimal interface of verifier keys for any polynomial
3030
/// commitment scheme.
3131
pub trait PCVerifierKey: Clone + core::fmt::Debug {
32-
/// The prepared version of the key
33-
type PreparedKey;
34-
3532
/// Outputs the maximum degree supported by the universal parameters
3633
/// `Self` was derived from.
3734
fn max_degree(&self) -> usize;

src/ipa_pc/mod.rs

Lines changed: 34 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ impl<G: AffineCurve, D: Digest> InnerProductArgPC<G, D> {
8888
point: G::ScalarField,
8989
values: impl IntoIterator<Item = G::ScalarField>,
9090
proof: &Proof<G>,
91-
opening_challenge: G::ScalarField,
91+
opening_challenges: &dyn Fn(u64) -> G::ScalarField,
9292
) -> Option<SuccinctCheckPolynomial<G::ScalarField>> {
9393
let check_time = start_timer!(|| "Succinct checking");
9494

@@ -100,15 +100,19 @@ impl<G: AffineCurve, D: Digest> InnerProductArgPC<G, D> {
100100
let mut combined_commitment_proj = G::Projective::zero();
101101
let mut combined_v = G::ScalarField::zero();
102102

103-
let mut cur_challenge = opening_challenge;
103+
let mut opening_challenge_counter = 0;
104+
let mut cur_challenge = opening_challenges(opening_challenge_counter);
105+
opening_challenge_counter += 1;
106+
104107
let labeled_commitments = commitments.into_iter();
105108
let values = values.into_iter();
106109

107110
for (labeled_commitment, value) in labeled_commitments.zip(values) {
108111
let commitment = labeled_commitment.commitment();
109112
combined_v += &(cur_challenge * &value);
110113
combined_commitment_proj += &labeled_commitment.commitment().comm.mul(cur_challenge);
111-
cur_challenge *= &opening_challenge;
114+
cur_challenge = opening_challenges(opening_challenge_counter);
115+
opening_challenge_counter += 1;
112116

113117
let degree_bound = labeled_commitment.degree_bound();
114118
assert_eq!(degree_bound.is_some(), commitment.shifted_comm.is_some());
@@ -119,7 +123,8 @@ impl<G: AffineCurve, D: Digest> InnerProductArgPC<G, D> {
119123
combined_commitment_proj += &commitment.shifted_comm.unwrap().mul(cur_challenge);
120124
}
121125

122-
cur_challenge *= &opening_challenge;
126+
cur_challenge = opening_challenges(opening_challenge_counter);
127+
opening_challenge_counter += 1;
123128
}
124129

125130
let mut combined_commitment = combined_commitment_proj.into_affine();
@@ -441,12 +446,12 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
441446
Ok((comms, rands))
442447
}
443448

444-
fn open<'a>(
449+
fn open_individual_opening_challenges<'a>(
445450
ck: &Self::CommitterKey,
446451
labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField>>,
447452
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
448453
point: G::ScalarField,
449-
opening_challenge: G::ScalarField,
454+
opening_challenges: &dyn Fn(u64) -> G::ScalarField,
450455
rands: impl IntoIterator<Item = &'a Self::Randomness>,
451456
rng: Option<&mut dyn RngCore>,
452457
) -> Result<Self::Proof, Self::Error>
@@ -465,7 +470,11 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
465470
let comms_iter = commitments.into_iter();
466471

467472
let combine_time = start_timer!(|| "Combining polynomials, randomness, and commitments.");
468-
let mut cur_challenge = opening_challenge;
473+
474+
let mut opening_challenge_counter = 0;
475+
let mut cur_challenge = opening_challenges(opening_challenge_counter);
476+
opening_challenge_counter += 1;
477+
469478
for (labeled_polynomial, (labeled_commitment, randomness)) in
470479
polys_iter.zip(comms_iter.zip(rands_iter))
471480
{
@@ -486,7 +495,8 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
486495
combined_rand += &(cur_challenge * &randomness.rand);
487496
}
488497

489-
cur_challenge *= &opening_challenge;
498+
cur_challenge = opening_challenges(opening_challenge_counter);
499+
opening_challenge_counter += 1;
490500

491501
let has_degree_bound = degree_bound.is_some();
492502

@@ -519,7 +529,8 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
519529
}
520530
}
521531

522-
cur_challenge *= &opening_challenge;
532+
cur_challenge = opening_challenges(opening_challenge_counter);
533+
opening_challenge_counter += 1;
523534
}
524535

525536
end_timer!(combine_time);
@@ -679,13 +690,13 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
679690
})
680691
}
681692

682-
fn check<'a>(
693+
fn check_individual_opening_challenges<'a>(
683694
vk: &Self::VerifierKey,
684695
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
685696
point: G::ScalarField,
686697
values: impl IntoIterator<Item = G::ScalarField>,
687698
proof: &Self::Proof,
688-
opening_challenge: G::ScalarField,
699+
opening_challenges: &dyn Fn(u64) -> G::ScalarField,
689700
_rng: Option<&mut dyn RngCore>,
690701
) -> Result<bool, Self::Error>
691702
where
@@ -709,7 +720,7 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
709720
}
710721

711722
let check_poly =
712-
Self::succinct_check(vk, commitments, point, values, proof, opening_challenge);
723+
Self::succinct_check(vk, commitments, point, values, proof, opening_challenges);
713724

714725
if check_poly.is_none() {
715726
return Ok(false);
@@ -730,13 +741,13 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
730741
Ok(true)
731742
}
732743

733-
fn batch_check<'a, R: RngCore>(
744+
fn batch_check_individual_opening_challenges<'a, R: RngCore>(
734745
vk: &Self::VerifierKey,
735746
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
736747
query_set: &QuerySet<G::ScalarField>,
737748
values: &Evaluations<G::ScalarField>,
738749
proof: &Self::BatchProof,
739-
opening_challenge: G::ScalarField,
750+
opening_challenges: &dyn Fn(u64) -> G::ScalarField,
740751
rng: &mut R,
741752
) -> Result<bool, Self::Error>
742753
where
@@ -785,7 +796,7 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
785796
*point,
786797
vals.into_iter(),
787798
p,
788-
opening_challenge,
799+
opening_challenges,
789800
);
790801

791802
if check_poly.is_none() {
@@ -817,13 +828,13 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
817828
Ok(true)
818829
}
819830

820-
fn open_combinations<'a>(
831+
fn open_combinations_individual_opening_challenges<'a>(
821832
ck: &Self::CommitterKey,
822833
lc_s: impl IntoIterator<Item = &'a LinearCombination<G::ScalarField>>,
823834
polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField>>,
824835
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
825836
query_set: &QuerySet<G::ScalarField>,
826-
opening_challenge: G::ScalarField,
837+
opening_challenges: &dyn Fn(u64) -> G::ScalarField,
827838
rands: impl IntoIterator<Item = &'a Self::Randomness>,
828839
rng: Option<&mut dyn RngCore>,
829840
) -> Result<BatchLCProof<G::ScalarField, Self>, Self::Error>
@@ -912,12 +923,12 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
912923

913924
let lc_commitments = Self::construct_labeled_commitments(&lc_info, &lc_commitments);
914925

915-
let proof = Self::batch_open(
926+
let proof = Self::batch_open_individual_opening_challenges(
916927
ck,
917928
lc_polynomials.iter(),
918929
lc_commitments.iter(),
919930
&query_set,
920-
opening_challenge,
931+
opening_challenges,
921932
lc_randomness.iter(),
922933
rng,
923934
)?;
@@ -926,14 +937,14 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
926937

927938
/// Checks that `values` are the true evaluations at `query_set` of the polynomials
928939
/// committed in `labeled_commitments`.
929-
fn check_combinations<'a, R: RngCore>(
940+
fn check_combinations_individual_opening_challenges<'a, R: RngCore>(
930941
vk: &Self::VerifierKey,
931942
lc_s: impl IntoIterator<Item = &'a LinearCombination<G::ScalarField>>,
932943
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
933944
query_set: &QuerySet<G::ScalarField>,
934945
evaluations: &Evaluations<G::ScalarField>,
935946
proof: &BatchLCProof<G::ScalarField, Self>,
936-
opening_challenge: G::ScalarField,
947+
opening_challenges: &dyn Fn(u64) -> G::ScalarField,
937948
rng: &mut R,
938949
) -> Result<bool, Self::Error>
939950
where
@@ -1000,13 +1011,13 @@ impl<G: AffineCurve, D: Digest> PolynomialCommitment<G::ScalarField> for InnerPr
10001011

10011012
let lc_commitments = Self::construct_labeled_commitments(&lc_info, &lc_commitments);
10021013

1003-
Self::batch_check(
1014+
Self::batch_check_individual_opening_challenges(
10041015
vk,
10051016
&lc_commitments,
10061017
&query_set,
10071018
&evaluations,
10081019
proof,
1009-
opening_challenge,
1020+
opening_challenges,
10101021
rng,
10111022
)
10121023
}

0 commit comments

Comments
 (0)