removed hashing

2026-01-07 08:13:11 +00:00 · 2022-01-27 14:54:10 -08:00 · 2022-01-27 14:54:10 -08:00 · 493f516fac
commit 493f516fac
parent 82e2872f5e
2 changed files with 12 additions and 84 deletions
--- a/plonky2/src/curve/ecdsa.rs
+++ b/plonky2/src/curve/ecdsa.rs
@ -1,11 +1,5 @@
-use itertools::{unfold, Itertools};
-use num::BigUint;
-
-use crate::curve::curve_types::{base_to_scalar, AffinePoint, Curve, CurveScalar};
+use crate::curve::curve_types::{AffinePoint, base_to_scalar, Curve, CurveScalar};
 use crate::field::field_types::Field;
-use crate::hash::hash_types::RichField;
-use crate::hash::hashing::{hash_n_to_m, PlonkyPermutation};
-use crate::hash::poseidon::PoseidonPermutation;

 pub struct ECDSASignature<C: Curve> {
    pub r: C::ScalarField,
@ -15,59 +9,25 @@ pub struct ECDSASignature<C: Curve> {
 pub struct ECDSASecretKey<C: Curve>(pub C::ScalarField);
 pub struct ECDSAPublicKey<C: Curve>(pub AffinePoint<C>);

-pub fn hash_to_bits<F: RichField, P: PlonkyPermutation<F>>(x: F, num_bits: usize) -> Vec<bool> {
-    let hashed = hash_n_to_m::<F, P>(&vec![x], 1, true)[0];
-
-    let mut val = hashed.to_canonical_u64();
-    unfold((), move |_| {
-        let ret = val % 2 != 0;
-        val /= 2;
-        Some(ret)
-    })
-    .take(num_bits)
-    .collect()
-}
-
-pub fn hash_to_scalar<F: RichField, C: Curve, P: PlonkyPermutation<F>>(
-    x: F,
-    num_bits: usize,
-) -> C::ScalarField {
-    let h_bits = hash_to_bits::<F, P>(x, num_bits);
-    let h_vals: Vec<_> = h_bits
-        .iter()
-        .chunks(32)
-        .into_iter()
-        .map(|chunk| {
-            chunk
-                .enumerate()
-                .fold(0u32, |acc, (pow, &bit)| acc + (bit as u32) * (2 << pow))
-        })
-        .collect();
-    C::ScalarField::from_biguint(BigUint::new(h_vals))
-}
-
-pub fn sign_message<F: RichField, C: Curve>(msg: F, sk: ECDSASecretKey<C>) -> ECDSASignature<C> {
-    let h = hash_to_scalar::<F, C, PoseidonPermutation>(msg, 256);
-
+pub fn sign_message<C: Curve>(msg: C::ScalarField, sk: ECDSASecretKey<C>) -> ECDSASignature<C> {
    let k = C::ScalarField::rand();
    let rr = (CurveScalar(k) * C::GENERATOR_PROJECTIVE).to_affine();
    let r = base_to_scalar::<C>(rr.x);
-    let s = k.inverse() * (h + r * sk.0);
+
+    let s = k.inverse() * (msg + r * sk.0);

    ECDSASignature { r, s }
 }

-pub fn verify_message<F: RichField, C: Curve>(
-    msg: F,
+pub fn verify_message<C: Curve>(
+    msg: C::ScalarField,
    sig: ECDSASignature<C>,
    pk: ECDSAPublicKey<C>,
 ) -> bool {
    let ECDSASignature { r, s } = sig;

-    let h = hash_to_scalar::<F, C, PoseidonPermutation>(msg, 256);
-
    let c = s.inverse();
-    let u1 = h * c;
+    let u1 = msg * c;
    let u2 = r * c;

    let g = C::GENERATOR_PROJECTIVE;
@ -84,15 +44,13 @@ mod tests {
    use crate::curve::ecdsa::{sign_message, verify_message, ECDSAPublicKey, ECDSASecretKey};
    use crate::curve::secp256k1::Secp256K1;
    use crate::field::field_types::Field;
-    use crate::field::goldilocks_field::GoldilocksField;
    use crate::field::secp256k1_scalar::Secp256K1Scalar;

    #[test]
    fn test_ecdsa_native() {
-        type F = GoldilocksField;
        type C = Secp256K1;

-        let msg = F::rand();
+        let msg = Secp256K1Scalar::rand();
        let sk = ECDSASecretKey(Secp256K1Scalar::rand());
        let pk = ECDSAPublicKey((CurveScalar(sk.0) * C::GENERATOR_PROJECTIVE).to_affine());

--- a/plonky2/src/gadgets/ecdsa.rs
+++ b/plonky2/src/gadgets/ecdsa.rs
@ -20,46 +20,16 @@ pub struct ECDSASignatureTarget<C: Curve> {
 }

 impl<F: RichField + Extendable<D>, const D: usize> CircuitBuilder<F, D> {
-    pub fn hash_to_bits(&mut self, x: Target, num_bits: usize) -> Vec<BoolTarget> {
-        let inputs = vec![x];
-        let hashed = self.hash_n_to_m::<PoseidonHash>(inputs, 1, true)[0];
-        self.split_le(hashed, num_bits)
-    }
-
-    pub fn hash_to_scalar<C: Curve>(
-        &mut self,
-        x: Target,
-        num_bits: usize,
-    ) -> NonNativeTarget<C::ScalarField> {
-        let h_bits = self.hash_to_bits(x, num_bits);
-
-        let two = self.two();
-        let mut rev_bits = h_bits.iter().rev();
-        let mut sum = rev_bits.next().unwrap().target;
-        for &bit in rev_bits {
-            sum = self.mul_add(two, sum, bit.target);
-        }
-        let limbs = vec![U32Target(sum)];
-        let value = BigUintTarget { limbs };
-
-        NonNativeTarget {
-            value,
-            _phantom: PhantomData,
-        }
-    }
-
    pub fn verify_message<C: Curve>(
        &mut self,
-        msg: Target,
+        msg: NonNativeTarget<C::ScalarField>,
        sig: ECDSASignatureTarget<C>,
        pk: ECDSAPublicKeyTarget<C>,
    ) {
        let ECDSASignatureTarget { r, s } = sig;

-        let h = self.hash_to_scalar::<C>(msg, 256);
-
        let c = self.inv_nonnative(&s);
-        let u1 = self.mul_nonnative(&h, &c);
+        let u1 = self.mul_nonnative(&msg, &c);
        let u2 = self.mul_nonnative(&r, &c);

        let g = self.constant_affine_point(C::GENERATOR_AFFINE);
@ -105,8 +75,8 @@ mod tests {
        let pw = PartialWitness::new();
        let mut builder = CircuitBuilder::<F, D>::new(config);

-        let msg = F::rand();
-        let msg_target = builder.constant(msg);
+        let msg = Secp256K1Scalar::rand();
+        let msg_target = builder.constant_nonnative(msg);

        let sk = ECDSASecretKey::<Curve>(Secp256K1Scalar::rand());
        let pk = ECDSAPublicKey((CurveScalar(sk.0) * Curve::GENERATOR_PROJECTIVE).to_affine());