From 108cb836213818a1869714fc530a397d4c39cdd7 Mon Sep 17 00:00:00 2001 From: Daniel Lubarov Date: Mon, 21 Nov 2022 13:24:46 -0800 Subject: [PATCH 1/3] Domain separator option --- plonky2/src/plonk/circuit_builder.rs | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/plonky2/src/plonk/circuit_builder.rs b/plonky2/src/plonk/circuit_builder.rs index 1667205f..9c899643 100644 --- a/plonky2/src/plonk/circuit_builder.rs +++ b/plonky2/src/plonk/circuit_builder.rs @@ -53,6 +53,11 @@ use crate::util::{log2_ceil, log2_strict, transpose, transpose_poly_values}; pub struct CircuitBuilder, const D: usize> { pub config: CircuitConfig, + /// A domain separator, which is included in the initial Fiat-Shamir seed. This is generally not + /// needed, but can be used to ensure that proofs for one application are not valid for another. + /// Defaults to zero. + domain_separator: Option, + /// The types of gates used in this circuit. gates: HashSet>, @@ -102,6 +107,7 @@ impl, const D: usize> CircuitBuilder { pub fn new(config: CircuitConfig) -> Self { let builder = CircuitBuilder { config, + domain_separator: None, gates: HashSet::new(), gate_instances: Vec::new(), public_inputs: Vec::new(), @@ -145,6 +151,11 @@ impl, const D: usize> CircuitBuilder { ); } + pub fn set_domain_separator(&mut self, separator: F) { + assert!(self.domain_separator.is_none()); + self.domain_separator = Some(separator); + } + pub fn num_gates(&self) -> usize { self.gate_instances.len() } @@ -853,6 +864,7 @@ impl, const D: usize> CircuitBuilder { let circuit_digest_parts = [ constants_sigmas_cap.flatten(), vec![ + self.domain_separator.unwrap_or_default(), F::from_canonical_usize(degree_bits), /* Add other circuit data here */ ], From af1b6680e8a63c30a2f972fc8ef140e057af0e67 Mon Sep 17 00:00:00 2001 From: Daniel Lubarov Date: Tue, 22 Nov 2022 08:02:22 -0800 Subject: [PATCH 2/3] Switch to Vec --- plonky2/src/plonk/circuit_builder.rs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/plonky2/src/plonk/circuit_builder.rs b/plonky2/src/plonk/circuit_builder.rs index 9c899643..c2c13b2c 100644 --- a/plonky2/src/plonk/circuit_builder.rs +++ b/plonky2/src/plonk/circuit_builder.rs @@ -40,7 +40,7 @@ use crate::plonk::circuit_data::{ CircuitConfig, CircuitData, CommonCircuitData, ProverCircuitData, ProverOnlyCircuitData, VerifierCircuitData, VerifierCircuitTarget, VerifierOnlyCircuitData, }; -use crate::plonk::config::{GenericConfig, Hasher}; +use crate::plonk::config::{GenericConfig, GenericHashOut, Hasher}; use crate::plonk::copy_constraint::CopyConstraint; use crate::plonk::permutation_argument::Forest; use crate::plonk::plonk_common::PlonkOracle; @@ -56,7 +56,7 @@ pub struct CircuitBuilder, const D: usize> { /// A domain separator, which is included in the initial Fiat-Shamir seed. This is generally not /// needed, but can be used to ensure that proofs for one application are not valid for another. /// Defaults to zero. - domain_separator: Option, + domain_separator: Option>, /// The types of gates used in this circuit. gates: HashSet>, @@ -151,7 +151,7 @@ impl, const D: usize> CircuitBuilder { ); } - pub fn set_domain_separator(&mut self, separator: F) { + pub fn set_domain_separator(&mut self, separator: Vec) { assert!(self.domain_separator.is_none()); self.domain_separator = Some(separator); } @@ -860,11 +860,13 @@ impl, const D: usize> CircuitBuilder { num_partial_products(self.config.num_routed_wires, quotient_degree_factor); let constants_sigmas_cap = constants_sigmas_commitment.merkle_tree.cap.clone(); + let domain_separator = self.domain_separator.unwrap_or_default(); + let domain_separator_digest = C::Hasher::hash_pad(&domain_separator); // TODO: This should also include an encoding of gate constraints. let circuit_digest_parts = [ constants_sigmas_cap.flatten(), + domain_separator_digest.to_vec(), vec![ - self.domain_separator.unwrap_or_default(), F::from_canonical_usize(degree_bits), /* Add other circuit data here */ ], From 7ec14029c68e42b454181cf019e063e1f8669aff Mon Sep 17 00:00:00 2001 From: Daniel Lubarov Date: Tue, 22 Nov 2022 08:04:01 -0800 Subject: [PATCH 3/3] Fix comment --- plonky2/src/plonk/circuit_builder.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plonky2/src/plonk/circuit_builder.rs b/plonky2/src/plonk/circuit_builder.rs index c2c13b2c..8bd1d994 100644 --- a/plonky2/src/plonk/circuit_builder.rs +++ b/plonky2/src/plonk/circuit_builder.rs @@ -55,7 +55,7 @@ pub struct CircuitBuilder, const D: usize> { /// A domain separator, which is included in the initial Fiat-Shamir seed. This is generally not /// needed, but can be used to ensure that proofs for one application are not valid for another. - /// Defaults to zero. + /// Defaults to the empty vector. domain_separator: Option>, /// The types of gates used in this circuit.