wip: upgrade halo2/halo2curve dependency

privacy-scaling-explorations · Jan 31, 2024 · dcf47f4 · dcf47f4
1 parent c400ffc
commit dcf47f4
Show file tree

Hide file tree

Showing 11 changed files with 35 additions and 29 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -3,3 +3,8 @@ members = [
     "snark-verifier",
     "snark-verifier-sdk"
 ]
+resolver = "2"
+
+[patch.crates-io]
+halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2.git", tag = "v0.3.0" }
+halo2curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", tag = "v0.6.0" }
diff --git a/rust-toolchain b/rust-toolchain
@@ -1 +1 @@
-1.69.0
+1.75.0
diff --git a/snark-verifier-sdk/Cargo.toml b/snark-verifier-sdk/Cargo.toml
@@ -20,8 +20,8 @@ ark-std = { version = "0.3.0", features = ["print-trace"], optional = true }
 snark-verifier = { path = "../snark-verifier", default-features = false }
 
 # system_halo2
-halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2", tag = "v2023_04_20" } # not optional for now
-halo2curves = { git = 'https://github.com/privacy-scaling-explorations/halo2curves', tag = "0.3.2" }  # must be same version as in halo2_proofs
+halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2", tag = "v0.3.0" } # not optional for now
+halo2curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", tag = "v0.6.0" }
 
 # loader_halo2
 halo2_wrong_ecc = { git = "https://github.com/privacy-scaling-explorations/halo2wrong", tag = "v2023_04_20", package = "ecc", optional = true }

diff --git a/snark-verifier/Cargo.toml b/snark-verifier/Cargo.toml
@@ -11,13 +11,13 @@ num-integer = "0.1.45"
 num-traits = "0.2.15"
 rand = "0.8"
 hex = "0.4"
-halo2_curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", tag = "0.3.2", package = "halo2curves" }
+halo2_curves = { git = "https://github.com/privacy-scaling-explorations/halo2curves", tag = "v0.6.0", package = "halo2curves" }
 
 # parallel
 rayon = { version = "1.5.3", optional = true }
 
 # system_halo2
-halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2", tag = "v2023_04_20", optional = true }
+halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2", tag = "v0.3.0", optional = true }
 
 # loader_evm
 sha3 = { version = "0.10", optional = true }

diff --git a/snark-verifier/src/pcs/kzg.rs b/snark-verifier/src/pcs/kzg.rs
@@ -1,7 +1,7 @@
 //! [KZG](<https://www.iacr.org/archive/asiacrypt2010/6477178/6477178.pdf>)
 //! polynomial commitment scheme and accumulation scheme.
 
-use crate::util::arithmetic::CurveAffine;
+use crate::util::arithmetic::PairingCurveAffine;
 
 mod accumulation;
 mod accumulator;
@@ -17,20 +17,20 @@ pub use multiopen::{Bdfg21, Bdfg21Proof, Gwc19, Gwc19Proof};
 pub use accumulator::LimbsEncodingInstructions;
 
 /// KZG succinct verifying key.
-#[derive(Clone, Copy, Debug)]
-pub struct KzgSuccinctVerifyingKey<C: CurveAffine> {
+#[derive(Clone, Debug, Copy)]
+pub struct KzgSuccinctVerifyingKey<C: PairingCurveAffine> {
     /// Generator.
     pub g: C,
 }
 
-impl<C: CurveAffine> KzgSuccinctVerifyingKey<C> {
+impl<C: PairingCurveAffine> KzgSuccinctVerifyingKey<C> {
     /// Initialize a [`KzgSuccinctVerifyingKey`].
     pub fn new(g: C) -> Self {
         Self { g }
     }
 }
 
-impl<C: CurveAffine> From<C> for KzgSuccinctVerifyingKey<C> {
+impl<C: PairingCurveAffine> From<C> for KzgSuccinctVerifyingKey<C> {
     fn from(g: C) -> KzgSuccinctVerifyingKey<C> {
         KzgSuccinctVerifyingKey::new(g)
     }

diff --git a/snark-verifier/src/pcs/kzg/accumulation.rs b/snark-verifier/src/pcs/kzg/accumulation.rs
@@ -19,7 +19,7 @@ pub struct KzgAs<M, MOS>(PhantomData<(M, MOS)>);
 impl<M, L, MOS> AccumulationScheme<M::G1Affine, L> for KzgAs<M, MOS>
 where
     M: MultiMillerLoop,
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
     L: Loader<M::G1Affine>,
     MOS: Clone + Debug,
 {
@@ -140,7 +140,7 @@ where
 impl<M, MOS> AccumulationSchemeProver<M::G1Affine> for KzgAs<M, MOS>
 where
     M: MultiMillerLoop,
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
     MOS: Clone + Debug,
 {
     type ProvingKey = KzgAsProvingKey<M::G1Affine>;

diff --git a/snark-verifier/src/pcs/kzg/decider.rs b/snark-verifier/src/pcs/kzg/decider.rs
@@ -59,7 +59,7 @@ mod native {
     impl<M, MOS> AccumulationDecider<M::G1Affine, NativeLoader> for KzgAs<M, MOS>
     where
         M: MultiMillerLoop,
-        M::Scalar: PrimeField,
+        M::Fr: PrimeField,
         MOS: Clone + Debug,
     {
         type DecidingKey = KzgDecidingKey<M>;
@@ -113,7 +113,7 @@ mod evm {
     impl<M, MOS> AccumulationDecider<M::G1Affine, Rc<EvmLoader>> for KzgAs<M, MOS>
     where
         M: MultiMillerLoop,
-        M::Scalar: PrimeField<Repr = [u8; 0x20]>,
+        M::Fr: PrimeField<Repr = [u8; 0x20]>,
         MOS: Clone + Debug,
     {
         type DecidingKey = KzgDecidingKey<M>;

diff --git a/snark-verifier/src/pcs/kzg/multiopen/bdfg21.rs b/snark-verifier/src/pcs/kzg/multiopen/bdfg21.rs
@@ -27,7 +27,7 @@ pub struct Bdfg21;
 impl<M, L> PolynomialCommitmentScheme<M::G1Affine, L> for KzgAs<M, Bdfg21>
 where
     M: MultiMillerLoop,
-    M::Scalar: PrimeField + Ord,
+    M::Fr: PrimeField + Ord,
     L: Loader<M::G1Affine>,
 {
     type VerifyingKey = KzgSuccinctVerifyingKey<M::G1Affine>;
@@ -36,7 +36,7 @@ where
 
     fn read_proof<T>(
         _: &KzgSuccinctVerifyingKey<M::G1Affine>,
-        _: &[Query<M::Scalar>],
+        _: &[Query<M::Fr>],
         transcript: &mut T,
     ) -> Result<Bdfg21Proof<M::G1Affine, L>, Error>
     where
@@ -49,7 +49,7 @@ where
         svk: &KzgSuccinctVerifyingKey<M::G1Affine>,
         commitments: &[Msm<M::G1Affine, L>],
         z: &L::LoadedScalar,
-        queries: &[Query<M::Scalar, L::LoadedScalar>],
+        queries: &[Query<M::Fr, L::LoadedScalar>],
         proof: &Bdfg21Proof<M::G1Affine, L>,
     ) -> Result<Self::Output, Error> {
         let sets = query_sets(queries);
@@ -370,11 +370,11 @@ where
 impl<M> CostEstimation<M::G1Affine> for KzgAs<M, Bdfg21>
 where
     M: MultiMillerLoop,
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
 {
-    type Input = Vec<Query<M::Scalar>>;
+    type Input = Vec<Query<M::Fr>>;
 
-    fn estimate_cost(_: &Vec<Query<M::Scalar>>) -> Cost {
+    fn estimate_cost(_: &Vec<Query<M::Fr>>) -> Cost {
         Cost {
             num_commitment: 2,
             num_msm: 2,

diff --git a/snark-verifier/src/pcs/kzg/multiopen/gwc19.rs b/snark-verifier/src/pcs/kzg/multiopen/gwc19.rs
@@ -23,7 +23,7 @@ pub struct Gwc19;
 impl<M, L> PolynomialCommitmentScheme<M::G1Affine, L> for KzgAs<M, Gwc19>
 where
     M: MultiMillerLoop,
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
     L: Loader<M::G1Affine>,
 {
     type VerifyingKey = KzgSuccinctVerifyingKey<M::G1Affine>;
@@ -32,7 +32,7 @@ where
 
     fn read_proof<T>(
         _: &Self::VerifyingKey,
-        queries: &[Query<M::Scalar>],
+        queries: &[Query<M::Fr>],
         transcript: &mut T,
     ) -> Result<Self::Proof, Error>
     where
@@ -45,7 +45,7 @@ where
         svk: &Self::VerifyingKey,
         commitments: &[Msm<M::G1Affine, L>],
         z: &L::LoadedScalar,
-        queries: &[Query<M::Scalar, L::LoadedScalar>],
+        queries: &[Query<M::Fr, L::LoadedScalar>],
         proof: &Self::Proof,
     ) -> Result<Self::Output, Error> {
         let sets = query_sets(queries);
@@ -161,11 +161,11 @@ where
 impl<M> CostEstimation<M::G1Affine> for KzgAs<M, Gwc19>
 where
     M: MultiMillerLoop,
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
 {
-    type Input = Vec<Query<M::Scalar>>;
+    type Input = Vec<Query<M::Fr>>;
 
-    fn estimate_cost(queries: &Vec<Query<M::Scalar>>) -> Cost {
+    fn estimate_cost(queries: &Vec<Query<M::Fr>>) -> Cost {
         let num_w = query_sets(queries).len();
         Cost {
             num_commitment: num_w,

diff --git a/snark-verifier/src/system/halo2/test/kzg.rs b/snark-verifier/src/system/halo2/test/kzg.rs
@@ -21,15 +21,15 @@ pub const BITS: usize = 68;
 
 pub fn setup<M: MultiMillerLoop>(k: u32) -> ParamsKZG<M>
 where
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
 {
     ParamsKZG::<M>::setup(k, ChaCha20Rng::from_seed(Default::default()))
 }
 
 pub fn main_gate_with_range_with_mock_kzg_accumulator<M: MultiMillerLoop>(
-) -> MainGateWithRange<M::Scalar>
+) -> MainGateWithRange<M::Fr>
 where
-    M::Scalar: PrimeField,
+    M::Fr: PrimeField,
     M::G1Affine: SerdeObject,
     M::G2Affine: SerdeObject,
 {

diff --git a/snark-verifier/src/util/arithmetic.rs b/snark-verifier/src/util/arithmetic.rs
@@ -14,6 +14,7 @@ pub use halo2_curves::{
     ff::{BatchInvert, Field, FromUniformBytes, PrimeField, WithSmallOrderMulGroup},
     group::{prime::PrimeCurveAffine, Curve, Group, GroupEncoding},
     pairing::MillerLoopResult,
+    pairing::PairingCurveAffine,
     Coordinates, CurveAffine, CurveExt,
 };