Skip to content

Commit

Permalink
Configure Sinsemilla chip
Browse files Browse the repository at this point in the history
  • Loading branch information
@therealyingtong
therealyingtong committed Jun 2, 2021
1 parent f244bcd commit 5b07764
Show file tree
Hide file tree
Showing 2 changed files with 73 additions and 13 deletions.
64 changes: 63 additions & 1 deletion src/circuit/gadget/sinsemilla/chip.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,13 @@ impl<F: FieldExt> MessagePiece<F> {
/// TODO: Configuration for the Sinsemilla hash chip
#[derive(Clone, Debug)]
pub struct SinsemillaConfig {
q_sinsemilla1: Selector,
q_sinsemilla2: Selector,
bits: Column<Advice>,
x_a: Column<Advice>,
x_p: Column<Advice>,
lambda: (Column<Advice>, Column<Advice>),
perm: Permutation,
generator_table: GeneratorTableConfig,
ecc_config: EccConfig,
}
Expand Down Expand Up @@ -118,6 +121,8 @@ impl<C: CurveAffine> SinsemillaChip<C> {
) -> <Self as Chip<C::Base>>::Config {
// Sinsemilla selector for lookup and expr1
let q_sinsemilla1 = meta.selector();
// Sinsemilla selector for expr2
let q_sinsemilla2 = meta.selector();

// Rename advice columns for the Sinsemilla context
let bits = advices[0];
Expand All @@ -129,7 +134,64 @@ impl<C: CurveAffine> SinsemillaChip<C> {
let generator_table =
GeneratorTableChip::<C>::configure(meta, q_sinsemilla1, lookup, bits, x_a, x_p, lambda);

todo!()
// Create custom gates
meta.create_gate("Sinsemilla gate 1", |meta| {
// (λ_{2,i})^2 − (x_{A,i+1} + (λ_{1,i}^2 − x_{A,i} − x_{P,i}) + x_{A,i})
let expr1 = {
let q_sinsemilla1 = meta.query_selector(q_sinsemilla1, Rotation::cur());
let lambda1 = meta.query_advice(lambda.0, Rotation::cur());
let lambda1_sq = lambda1.clone() * lambda1;
let lambda2 = meta.query_advice(lambda.1, Rotation::cur());
let lambda2_sq = lambda2.clone() * lambda2;
let x_a_next = meta.query_advice(x_a, Rotation::next());
let x_p_cur = meta.query_advice(x_p, Rotation::cur());

q_sinsemilla1 * (lambda2_sq - (x_a_next + (lambda1_sq - x_p_cur)))
};
vec![expr1]
});

meta.create_gate("Sinsemilla gate 2", |meta| {
// 2⋅λ_{2,i}⋅(x_{A,i} − x_{A,i+1}) − (y_{A,i} + y_{A,i+1})
// where y_{A,j} = [(λ_{1,j} + λ_{2,j})⋅(x_{A,j} − (λ_{1,j}^2 − x_{A,j} − x_{P,j}))] / 2
let expr2 = {
let q_sinsemilla2 = meta.query_selector(q_sinsemilla2, Rotation::cur());
let lambda1_cur = meta.query_advice(lambda.0, Rotation::cur());
let lambda1_cur_sq = lambda1_cur.clone() * lambda1_cur.clone();
let lambda1_next = meta.query_advice(lambda.0, Rotation::next());
let lambda1_next_sq = lambda1_next.clone() * lambda1_next.clone();
let lambda2_cur = meta.query_advice(lambda.1, Rotation::cur());
let lambda2_next = meta.query_advice(lambda.1, Rotation::next());
let x_a_cur = meta.query_advice(x_a, Rotation::cur());
let x_a_next = meta.query_advice(x_a, Rotation::next());
let x_p_cur = meta.query_advice(x_p, Rotation::cur());
let x_p_next = meta.query_advice(x_p, Rotation::next());

let y_a_cur = (lambda1_cur + lambda2_cur.clone())
* (x_a_cur.clone() - (lambda1_cur_sq - x_a_cur.clone() - x_p_cur))
* C::Base::TWO_INV;

let y_a_next = (lambda1_next + lambda2_next)
* (x_a_next.clone() - (lambda1_next_sq - x_a_next.clone() - x_p_next))
* C::Base::TWO_INV;

q_sinsemilla2 * (lambda2_cur * (x_a_cur - x_a_next) - (y_a_cur + y_a_next))
};

vec![expr2]
});

SinsemillaConfig {
q_sinsemilla1,
q_sinsemilla2,
bits,
x_a,
x_p,
lambda,
perm,
generator_table,
ecc_config,
}
}
}

Expand Down
22 changes: 10 additions & 12 deletions src/circuit/gadget/sinsemilla/chip/generator_table.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,26 +62,28 @@ impl<C: CurveAffine> GeneratorTableChip<C> {
let table_idx_cur = meta.query_fixed(lookup.0, Rotation::cur());
let table_x_cur = meta.query_fixed(lookup.1, Rotation::cur());
let table_y_cur = meta.query_fixed(lookup.2, Rotation::cur());

// m_{i+1} = z_{i} - 2^K * z_{i + 1}
let bits_cur = meta.query_advice(bits, Rotation::cur());
let bits_next = meta.query_advice(bits, Rotation::next());
let bits = bits_cur - (bits_next * C::Base::from_u64(1 << K));

let x_a_cur = meta.query_advice(x_a, Rotation::cur());
let x_p_cur = meta.query_advice(x_p, Rotation::cur());
let lambda1_cur = meta.query_advice(lambda.0, Rotation::cur());
let lambda2_cur = meta.query_advice(lambda.1, Rotation::cur());
let y_a_cur = (lambda1_cur.clone() + lambda2_cur)
* (x_a_cur.clone()
- (lambda1_cur.clone() * lambda1_cur.clone() - x_a_cur.clone() - x_p_cur.clone()))
- (lambda1_cur.clone() * lambda1_cur.clone()
- x_a_cur.clone()
- x_p_cur.clone()))
* C::Base::TWO_INV;

// y_p = y_a - lambda1 ⋅ (x_a - x_p)
let y_p = y_a_cur - lambda1_cur * (x_a_cur - x_p_cur.clone());

let init_p = get_s_by_idx::<C>(0).to_affine().coordinates().unwrap();

// Lookup expressions default to the first entry when `q_sinsemilla`
// is not enabled.
let m = sinsemilla_cur.clone() * bits
Expand All @@ -90,12 +92,8 @@ impl<C: CurveAffine> GeneratorTableChip<C> {
+ (Expression::Constant(C::Base::one()) - sinsemilla_cur.clone()) * *init_p.x();
let y_p = sinsemilla_cur.clone() * y_p
+ (Expression::Constant(C::Base::one()) - sinsemilla_cur) * *init_p.y();

vec![
(m, table_idx_cur),
(x_p, table_x_cur),
(y_p,table_y_cur)
]

vec![(m, table_idx_cur), (x_p, table_x_cur), (y_p, table_y_cur)]
});

GeneratorTableConfig {
Expand Down

0 comments on commit 5b07764

Please sign in to comment.