Merge pull request #5 from jsign/jsign-gt-morearguments

Complete Curdleproof migration to generic group backend

Author: jsign

common/rand.go

@@ -114,8 +114,17 @@ func (r *Rand) GeneratePermutation(n int) ([]uint32, error) {
 
 // Experimental
 func (r *Rand) GetGt() (bls12381.GT, error) {
+	var byts [48 * 12]byte
+	for i := 0; i < 6; i++ {
+		a, err := r.GetG1Affine()
+		if err != nil {
+			return bls12381.GT{}, nil
+		}
+		abytes := a.RawBytes()
+		copy(byts[i*(48*2):], abytes[:])
+	}
 	var randElem bls12381.GT
-	if _, err := randElem.SetRandom(); err != nil {
+	if err := randElem.SetBytes(byts[:]); err != nil {
 		return bls12381.GT{}, fmt.Errorf("get random GT: %s", err)
 	}
 

common/util.go

@@ -2,7 +2,6 @@ package common
 
 import (
 	"errors"
-	"fmt"
 	"math/big"
 	"runtime"
 
@@ -42,51 +41,6 @@ func Permute[T any](vs []T, perm []uint32) []T {
 	return ret
 }
 
-func ShufflePermuteCommit(
-	crsGs []bls12381.G1Affine,
-	crsHs []bls12381.G1Affine,
-	Rs []bls12381.G1Affine,
-	Ss []bls12381.G1Affine,
-	perm []uint32,
-	k fr.Element,
-	rand *Rand,
-) ([]bls12381.G1Affine, []bls12381.G1Affine, bls12381.G1Jac, []fr.Element, error) {
-	biK := FrToBigInt(&k)
-	Ts := make([]bls12381.G1Affine, len(Rs))
-	for i := range Ts {
-		Ts[i].ScalarMultiplication(&Rs[i], biK)
-	}
-
-	Us := make([]bls12381.G1Affine, len(Ss))
-	for i := range Us {
-		Us[i].ScalarMultiplication(&Ss[i], biK)
-	}
-
-	Ts = Permute(Ts, perm)
-	Us = Permute(Us, perm)
-
-	rangeFrs := make([]fr.Element, len(crsGs))
-	for i := range perm {
-		rangeFrs[i] = fr.NewElement(uint64(i))
-	}
-
-	permRangeFrs := Permute(rangeFrs, perm)
-	var M, M2 bls12381.G1Jac
-	if _, err := M.MultiExp(crsGs, permRangeFrs, MultiExpConf); err != nil {
-		return nil, nil, bls12381.G1Jac{}, nil, fmt.Errorf("calculating M_1: %s", err)
-	}
-	rs_m, err := rand.GetFrs(N_BLINDERS)
-	if err != nil {
-		return nil, nil, bls12381.G1Jac{}, nil, fmt.Errorf("getting rs_m: %s", err)
-	}
-	if _, err := M2.MultiExp(crsHs, rs_m, MultiExpConf); err != nil {
-		return nil, nil, bls12381.G1Jac{}, nil, fmt.Errorf("calculating M_2: %s", err)
-	}
-	M.AddAssign(&M2)
-
-	return Ts, Us, M, rs_m, nil
-}
-
 func DecodeAffineSliceToJac(d *bls12381.Decoder, out *[]bls12381.G1Jac) error {
 	var affs []bls12381.G1Affine
 	if err := d.Decode(&affs); err != nil {

crs.go

@@ -3,48 +3,62 @@ package curdleproof
 import (
 	"fmt"
 
-	bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381"
 	"github.com/jsign/curdleproofs/common"
+	"github.com/jsign/curdleproofs/group"
 )
 
 type CRS struct {
-	Gs   []bls12381.G1Affine
-	Hs   []bls12381.G1Affine
-	H    bls12381.G1Jac
-	Gt   bls12381.G1Jac
-	Gu   bls12381.G1Jac
-	Gsum bls12381.G1Affine
-	Hsum bls12381.G1Affine
+	Gs   []group.Element
+	Hs   []group.Element
+	H    group.Element
+	Gt   group.Element
+	Gu   group.Element
+	Gsum group.Element
+	Hsum group.Element
 }
 
-func GenerateCRS(size int, rand *common.Rand) (CRS, error) {
-	gs, err := rand.GetG1Affines(size)
+// TODO: Clean up API if generic backend is used.
+func GenerateCRS(size int, g group.Group, genRandGroupElement func() (group.Element, error)) (CRS, error) {
+	var err error
+	gs := make([]group.Element, size)
+	for i := range gs {
+		gs[i], err = genRandGroupElement()
+		if err != nil {
+			return CRS{}, fmt.Errorf("gen gs: %s", err)
+		}
+	}
 	if err != nil {
 		return CRS{}, fmt.Errorf("gen gs: %s", err)
 	}
-	hs, err := rand.GetG1Affines(common.N_BLINDERS)
+	hs := make([]group.Element, common.N_BLINDERS)
+	for i := range hs {
+		hs[i], err = genRandGroupElement()
+		if err != nil {
+			return CRS{}, fmt.Errorf("gen hs: %s", err)
+		}
+	}
 	if err != nil {
 		return CRS{}, fmt.Errorf("gen hs: %s", err)
 	}
-	h, err := rand.GetG1Jac()
+	h, err := genRandGroupElement()
 	if err != nil {
 		return CRS{}, fmt.Errorf("gen h: %s", err)
 	}
-	gt, err := rand.GetG1Jac()
+	gt, err := genRandGroupElement()
 	if err != nil {
 		return CRS{}, fmt.Errorf("gen gt: %s", err)
 	}
-	gu, err := rand.GetG1Jac()
+	gu, err := genRandGroupElement()
 	if err != nil {
 		return CRS{}, fmt.Errorf("gen gu: %s", err)
 	}
-	var gsum bls12381.G1Affine
+	gsum := g.CreateElement()
 	for _, g := range gs {
-		gsum.Add(&gsum, &g)
+		gsum.Add(gsum, g)
 	}
-	var hsum bls12381.G1Affine
+	hsum := g.CreateElement()
 	for _, h := range hs {
-		hsum.Add(&hsum, &h)
+		hsum.Add(hsum, h)
 	}
 
 	return CRS{