From 69795b82969a250e02bee12e8a0a71a710ca2e55 Mon Sep 17 00:00:00 2001
From: David Rusu <davidrusu.me@gmail.com>
Date: Fri, 28 Jun 2024 00:54:21 +0000
Subject: [PATCH] cl: pre-compute balance unit point outside stark

---
 cl/src/balance.rs    | 14 +++++---------
 cl/src/bundle.rs     | 13 +++++++------
 cl/src/input.rs      |  2 +-
 cl/src/note.rs       |  2 +-
 cl/src/partial_tx.rs | 10 +++++-----
 goas/Cargo.toml      |  2 +-
 6 files changed, 20 insertions(+), 23 deletions(-)

diff --git a/cl/src/balance.rs b/cl/src/balance.rs
index 54791eb..63747e8 100644
--- a/cl/src/balance.rs
+++ b/cl/src/balance.rs
@@ -20,7 +20,7 @@ pub struct Balance(pub AffinePoint);
 #[derive(Debug, PartialEq, Eq, Clone, Serialize, Deserialize)]
 pub struct BalanceWitness {
     pub value: u64,
-    pub unit: String,
+    pub unit: AffinePoint,
     pub blinding: Scalar,
 }
 
@@ -34,7 +34,7 @@ impl BalanceWitness {
     pub fn new(value: u64, unit: impl Into<String>, blinding: Scalar) -> Self {
         Self {
             value,
-            unit: unit.into(),
+            unit: unit_point(&unit.into()).into(),
             blinding,
         }
     }
@@ -44,11 +44,7 @@ impl BalanceWitness {
     }
 
     pub fn commit(&self) -> Balance {
-        Balance(balance(self.value, &self.unit, self.blinding).into())
-    }
-
-    pub fn unit_point(&self) -> ProjectivePoint {
-        unit_point(&self.unit)
+        Balance(balance(self.value, self.unit.into(), self.blinding).into())
     }
 }
 
@@ -56,9 +52,9 @@ pub fn unit_point(unit: &str) -> ProjectivePoint {
     crate::crypto::hash_to_curve(unit.as_bytes())
 }
 
-pub fn balance(value: u64, unit: &str, blinding: Scalar) -> ProjectivePoint {
+pub fn balance(value: u64, unit: ProjectivePoint, blinding: Scalar) -> ProjectivePoint {
     let value_scalar = Scalar::from(value);
-    unit_point(unit) * value_scalar + *PEDERSON_COMMITMENT_BLINDING_POINT * blinding
+    unit * value_scalar + *PEDERSON_COMMITMENT_BLINDING_POINT * blinding
 }
 
 // mod serde_scalar {
diff --git a/cl/src/bundle.rs b/cl/src/bundle.rs
index 4edcdb2..d4d8b76 100644
--- a/cl/src/bundle.rs
+++ b/cl/src/bundle.rs
@@ -36,7 +36,7 @@ impl Bundle {
     }
 
     pub fn is_balanced(&self, balance_blinding_witness: Scalar) -> bool {
-        self.balance() == crate::balance::balance(0, "", balance_blinding_witness)
+        self.balance() == crate::balance::balance(0, ProjectivePoint::GENERATOR, balance_blinding_witness)
     }
 
     pub fn prove(
@@ -65,7 +65,7 @@ impl Bundle {
             return Err(Error::ProofFailed);
         }
 
-        if self.balance() != crate::balance::balance(0, "", w.balance_blinding) {
+        if self.balance() != crate::balance::balance(0, ProjectivePoint::GENERATOR, w.balance_blinding) {
             return Err(Error::ProofFailed);
         }
 
@@ -91,6 +91,7 @@ mod test {
     use crate::{
         input::InputWitness, note::NoteWitness, nullifier::NullifierSecret, output::OutputWitness,
         partial_tx::PartialTxWitness, test_util::seed_rng,
+        crypto::hash_to_curve,
     };
 
     use super::*;
@@ -127,9 +128,9 @@ mod test {
         assert!(!bundle.is_balanced(bundle_witness.balance_blinding));
         assert_eq!(
             bundle.balance(),
-            crate::balance::balance(4840, "CRV", crv_4840_out.note.balance.blinding)
-                - (crate::balance::balance(10, "NMO", nmo_10_in.note.balance.blinding)
-                    + crate::balance::balance(23, "ETH", eth_23_in.note.balance.blinding))
+            crate::balance::balance(4840, hash_to_curve(b"CRV"), crv_4840_out.note.balance.blinding)
+                - (crate::balance::balance(10, hash_to_curve(b"NMO"), nmo_10_in.note.balance.blinding)
+                    + crate::balance::balance(23, hash_to_curve(b"ETH"), eth_23_in.note.balance.blinding))
         );
 
         let crv_4840_in =
@@ -162,7 +163,7 @@ mod test {
 
         assert_eq!(
             bundle.balance(),
-            crate::balance::balance(0, "", witness.balance_blinding)
+            crate::balance::balance(0, ProjectivePoint::GENERATOR, witness.balance_blinding)
         );
 
         assert!(bundle.is_balanced(witness.balance_blinding));
diff --git a/cl/src/input.rs b/cl/src/input.rs
index 92530c6..fb21fe7 100644
--- a/cl/src/input.rs
+++ b/cl/src/input.rs
@@ -10,7 +10,7 @@ use crate::{
     partial_tx::PtxRoot,
 };
 use rand_core::RngCore;
-use risc0_groth16::{PublicInputsJson, Verifier};
+// use risc0_groth16::{PublicInputsJson, Verifier};
 use serde::{Deserialize, Serialize};
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
diff --git a/cl/src/note.rs b/cl/src/note.rs
index 98d2a42..d9cd2bc 100644
--- a/cl/src/note.rs
+++ b/cl/src/note.rs
@@ -41,7 +41,7 @@ impl NoteWitness {
 
         // COMMIT TO BALANCE
         hasher.update(self.balance.value.to_le_bytes());
-        hasher.update(self.balance.unit_point().to_bytes());
+        hasher.update(self.balance.unit.to_bytes());
         // Important! we don't commit to the balance blinding factor as that may make the notes linkable.
 
         // COMMIT TO STATE
diff --git a/cl/src/partial_tx.rs b/cl/src/partial_tx.rs
index 9dcecd5..95cf669 100644
--- a/cl/src/partial_tx.rs
+++ b/cl/src/partial_tx.rs
@@ -1,7 +1,7 @@
 use std::collections::BTreeSet;
 
 use rand_core::RngCore;
-use risc0_groth16::ProofJson;
+// use risc0_groth16::ProofJson;
 use serde::{Deserialize, Serialize};
 use k256::ProjectivePoint;
 use k256::elliptic_curve::group::prime::PrimeCurveAffine;
@@ -169,7 +169,7 @@ impl PartialTx {
 #[cfg(test)]
 mod test {
 
-    use crate::{note::NoteWitness, nullifier::NullifierSecret, test_util::seed_rng};
+    use crate::{note::NoteWitness, nullifier::NullifierSecret, test_util::seed_rng, crypto::hash_to_curve};
 
     use super::*;
 
@@ -222,9 +222,9 @@ mod test {
 
         assert_eq!(
             ptx.balance(),
-            crate::balance::balance(4840, "CRV", crv_4840.note.balance.blinding)
-                - (crate::balance::balance(10, "NMO", nmo_10.note.balance.blinding)
-                    + crate::balance::balance(23, "ETH", eth_23.note.balance.blinding))
+            crate::balance::balance(4840, hash_to_curve(b"CRV"), crv_4840.note.balance.blinding)
+                - (crate::balance::balance(10, hash_to_curve(b"NMO"), nmo_10.note.balance.blinding)
+                    + crate::balance::balance(23, hash_to_curve(b"ETH"), eth_23.note.balance.blinding))
         );
     }
 }
diff --git a/goas/Cargo.toml b/goas/Cargo.toml
index 662a95a..b192d63 100644
--- a/goas/Cargo.toml
+++ b/goas/Cargo.toml
@@ -13,6 +13,6 @@ lto = true
 [patch.crates-io]
 # Placing these patch statement in the workspace Cargo.toml will add RISC Zero SHA-256 and bigint
 # multiplication accelerator support for all downstream usages of the following crates.
-# sha2 = { git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.6-risczero.0" }
+sha2 = { git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.8-risczero.0" }
 k256 = { git = "https://github.com/risc0/RustCrypto-elliptic-curves", tag = "k256/v0.13.3-risczero.0"  }
 crypto-bigint = { git = "https://github.com/risc0/RustCrypto-crypto-bigint", tag = "v0.5.2-risczero.0" }