staging_common/
transcript.rs

1use ark_ff::PrimeField;
2use ark_poly::GeneralEvaluationDomain;
3use ark_serialize::CanonicalSerialize;
4use ark_std::{vec, vec::Vec};
5use ark_std::rand::SeedableRng;
6use fflonk::pcs::{PCS, PcsParams};
7use rand_chacha::ChaCha20Rng;
8
9use crate::{ColumnsCommited, ColumnsEvaluated};
10
11pub trait Transcript<F: PrimeField, CS: PCS<F>>: Clone {
12    fn add_protocol_params(&mut self, domain: &GeneralEvaluationDomain<F>, pcs_raw_vk: &<CS::Params as PcsParams>::RVK) {
13        self._add_serializable(b"domain", domain);
14        self._add_serializable(b"pcs_raw_vk", pcs_raw_vk);
15    }
16
17    fn add_precommitted_cols(&mut self, precommitted_cols: &[CS::C; 2]) {
18        self._add_serializable(b"precommitted_cols", precommitted_cols);
19    }
20
21    fn add_instance(&mut self, instance: &impl CanonicalSerialize) {
22        self._add_serializable(b"instance", instance);
23    }
24
25    fn add_committed_cols(&mut self, committed_cols: &impl ColumnsCommited<F, CS::C>) {
26        self._add_serializable(b"committed_cols", committed_cols);
27    }
28
29    // fn get_bitmask_aggregation_challenge(&mut self) -> Fr {
30    //     self._get_128_bit_challenge(b"bitmask_aggregation")
31    // }
32
33    // fn append_2nd_round_register_commitments(&mut self, register_commitments: &impl RegisterCommitments) {
34    //     self._append_serializable(b"2nd_round_register_commitments", register_commitments);
35    // }
36
37    fn get_constraints_aggregation_coeffs(&mut self, n: usize) -> Vec<F> {
38        self._128_bit_coeffs(b"constraints_aggregation", n)
39    }
40
41    fn add_quotient_commitment(&mut self, point: &CS::C) {
42        self._add_serializable(b"quotient", point);
43    }
44
45    fn get_evaluation_point(&mut self) -> F {
46        self._128_bit_point(b"evaluation_point")
47    }
48
49    fn add_evaluations(&mut self, evals: &impl ColumnsEvaluated<F>, r_at_zeta_omega: &F) {
50        self._add_serializable(b"register_evaluations", evals);
51        self._add_serializable(b"shifted_linearization_evaluation", r_at_zeta_omega);
52    }
53
54    fn get_kzg_aggregation_challenges(&mut self, n: usize) -> Vec<F> {
55        self._128_bit_coeffs(b"kzg_aggregation", n)
56    }
57
58    fn _128_bit_point(&mut self, label: &'static [u8]) -> F;
59
60    fn _128_bit_coeffs(&mut self, label: &'static [u8], n: usize) -> Vec<F> {
61        (0..n).map(|_| self._128_bit_point(label)).collect()
62    }
63
64    fn _add_serializable(&mut self, label: &'static [u8], message: &impl CanonicalSerialize);
65
66    fn to_rng(self) -> ChaCha20Rng;
67}
68
69impl<F: PrimeField, CS: PCS<F>> Transcript<F, CS> for merlin::Transcript {
70    fn _128_bit_point(&mut self, label: &'static [u8]) -> F {
71        let mut buf = [0u8; 16];
72        self.challenge_bytes(label, &mut buf);
73        F::from_random_bytes(&buf).unwrap()
74    }
75
76    fn _add_serializable(&mut self, label: &'static [u8], message: &impl CanonicalSerialize) {
77        let mut buf = vec![0; message.uncompressed_size()];
78        message.serialize_uncompressed(&mut buf).unwrap();
79        self.append_message(label, &buf);
80    }
81
82    fn to_rng(mut self) -> ChaCha20Rng {
83        let mut buf = [0u8; 32];
84        self.challenge_bytes(b"transcript_rng", &mut buf);
85        ChaCha20Rng::from_seed(buf)
86    }
87}
staging_common/transcript.rs

staging_common/
transcript.rs
