Add basefield arithmetics

darth-cy · darth-cy · commit de67fc9c6075 · 2024-12-02T16:36:28.000-05:00
diff --git a/spartan_parallel/src/dense_mlpoly.rs b/spartan_parallel/src/dense_mlpoly.rs
@@ -443,7 +443,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut R_list: Vec<Vec<S>> = Vec::new();
     let mut Zc_list: Vec<S> = Vec::new();
 
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     for i in 0..r_list.len() {
       let eq = EqPolynomial::new(r_list[i].to_vec());
@@ -516,7 +516,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut R_list: Vec<Vec<S>> = Vec::new();
     let mut Zc_list: Vec<S> = Vec::new();
 
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     for i in 0..r_list.len() {
       let eq = EqPolynomial::new(r_list[i].to_vec());
@@ -570,7 +570,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut R_list: Vec<Vec<S>> = Vec::new();
 
     // generate coefficient for RLC
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     let zero = S::field_zero();
     for i in 0..poly_list.len() {
@@ -658,7 +658,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut R_list: Vec<Vec<S>> = Vec::new();
 
     // generate coefficient for RLC
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     let zero = S::field_zero();
 
@@ -724,7 +724,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut R_list = Vec::new();
 
     // generate coefficient for RLC
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     let zero = S::field_zero();
     for i in 0..poly_list.len() {
@@ -822,7 +822,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut R_list = Vec::new();
 
     // generate coefficient for RLC
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     let zero = S::field_zero();
 
@@ -917,7 +917,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
 
     // compute the vector underneath L*Z
     // compute vector-matrix product between L and Z viewed as a matrix
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
     let mut LZ_comb = vec![zero; R_size];
     let mut Zr_comb = zero;
@@ -995,7 +995,7 @@ impl<S: SpartanExtensionField> PolyEvalProof<S> {
     let mut L_map: HashMap<usize, Vec<S>> = HashMap::new();
 
     // compute a weighted sum of commitments and L
-    let c_base = transcript.challenge_scalar(b"challenge_c");
+    let c_base: S = transcript.challenge_scalar(b"challenge_c");
     let mut c = S::field_one();
 
     for i in 0..poly_size.len() {
diff --git a/spartan_parallel/src/nizk/mod.rs b/spartan_parallel/src/nizk/mod.rs
@@ -36,7 +36,7 @@ impl<S: SpartanExtensionField> KnowledgeProof<S> {
     let t1 = random_tape.random_scalar(b"t1");
     let t2 = random_tape.random_scalar(b"t2");
 
-    let c = transcript.challenge_scalar(b"c");
+    let c: S = transcript.challenge_scalar(b"c");
 
     let z1 = *x * c + t1;
     let z2 = *r * c + t2;
diff --git a/spartan_parallel/src/product_tree.rs b/spartan_parallel/src/product_tree.rs
@@ -399,7 +399,7 @@ impl<S: SpartanExtensionField> ProductCircuitEvalProofBatched<S> {
       }
 
       // produce random coefficients, one for each instance
-      let coeff_vec =
+      let coeff_vec: Vec<S> =
         transcript.challenge_vector(b"rand_coeffs_next_layer", claims_to_verify.len());
 
       // produce a joint claim
diff --git a/spartan_parallel/src/scalar/fp.rs b/spartan_parallel/src/scalar/fp.rs
@@ -17,6 +17,7 @@ pub struct Scalar(Goldilocks);
 
 impl SpartanExtensionField for Scalar {
   type InnerType = Goldilocks;
+  type BaseField = Self;
 
   fn inner(&self) -> &Goldilocks {
     &self.0
@@ -30,6 +31,11 @@ impl SpartanExtensionField for Scalar {
     Goldilocks::ONE.into()
   }
 
+  /// Build a self from a base element; pad ext with 0s.
+  fn from_base(b: &Self::BaseField) -> Self {
+    *b
+  }
+
   fn random<Rng: RngCore + CryptoRng>(rng: &mut Rng) -> Self {
     Goldilocks::random(rng).into()
   }
diff --git a/spartan_parallel/src/scalar/fp2.rs b/spartan_parallel/src/scalar/fp2.rs
@@ -9,6 +9,7 @@ use rand::{CryptoRng, RngCore};
 use serde::{Deserialize, Serialize};
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption};
 use zeroize::Zeroize;
+use crate::scalar::Scalar;
 
 /// Field wrapper around ext2 Goldilocks
 #[derive(Clone, Copy, Eq, Serialize, Deserialize, Hash, Debug)]
@@ -20,8 +21,38 @@ impl From<GoldilocksExt2> for ScalarExt2 {
   }
 }
 
+impl Mul<Scalar> for ScalarExt2 {
+  type Output = ScalarExt2;
+
+  #[inline]
+  fn mul(self, rhs: Scalar) -> Self::Output {
+      (self.inner() * &rhs.inner()).into()
+  }
+}
+impl<'a> Mul<&'a Scalar> for ScalarExt2 {
+  type Output = Self;
+
+  #[inline]
+  fn mul(mut self, rhs: &'a Scalar) -> Self::Output {
+      self *= rhs;
+      self
+  }
+}
+impl MulAssign<&Scalar> for ScalarExt2 {
+  #[inline]
+  fn mul_assign(&mut self, rhs: &Scalar) {
+      self.0 *= rhs.inner();
+  }
+}
+impl MulAssign<Scalar> for ScalarExt2 {
+  #[inline]
+  fn mul_assign(&mut self, rhs: Scalar) {
+      self.mul_assign(&rhs)
+  }
+}
 impl SpartanExtensionField for ScalarExt2 {
   type InnerType = GoldilocksExt2;
+  type BaseField = Scalar;
 
   fn inner(&self) -> &GoldilocksExt2 {
     &self.0
@@ -35,6 +66,11 @@ impl SpartanExtensionField for ScalarExt2 {
     GoldilocksExt2::ONE.into()
   }
 
+  /// Build a self from a base element; pad ext with 0s.
+  fn from_base(b: &Self::BaseField) -> Self {
+    GoldilocksExt2::from_base(b.inner()).into()
+}
+
   fn random<Rng: RngCore + CryptoRng>(rng: &mut Rng) -> Self {
     GoldilocksExt2::random(rng).into()
   }
@@ -136,7 +172,6 @@ impl ScalarExt2 {
     Self(GoldilocksExt2::ONE)
   }
 }
-
 impl<'a, 'b> Add<&'b ScalarExt2> for &'a ScalarExt2 {
   type Output = ScalarExt2;
 
diff --git a/spartan_parallel/src/scalar/mod.rs b/spartan_parallel/src/scalar/mod.rs
@@ -13,7 +13,7 @@ use std::{
   cmp::Eq,
   hash::Hash,
   iter::{Product, Sum},
-  ops::{Add, Mul, Neg, Sub},
+  ops::{Add, Mul, Neg, Sub, MulAssign},
 };
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption};
 use zeroize::Zeroize;
@@ -42,10 +42,15 @@ pub trait SpartanExtensionField:
   + Hash
   + From<Self::InnerType>
   + fmt::Debug
+  + Mul<Self::BaseField>
+  + MulAssign<Self::BaseField>
 {
   /// Inner Goldilocks extension field
   type InnerType: ExtensionField + Field;
 
+  /// Basefield for conserving computational resources
+  type BaseField: SpartanExtensionField;
+
   /// Return inner Goldilocks field element
   fn inner(&self) -> &Self::InnerType;
 
@@ -55,6 +60,9 @@ pub trait SpartanExtensionField:
   /// Return the multiplicative identity
   fn field_one() -> Self;
 
+  /// Build a self from a base element; pad ext with 0s.
+  fn from_base(b: &Self::BaseField) -> Self;
+
   /// Sample field element
   fn random<Rng: RngCore + CryptoRng>(rng: &mut Rng) -> Self;
 

Original file line number	Diff line number	Diff line change
`@@ -399,7 +399,7 @@ impl<S: SpartanExtensionField> ProductCircuitEvalProofBatched<S> {`
`399`	`399`	`}`
`400`	`400`
`401`	`401`	`// produce random coefficients, one for each instance`
`402`		`- let coeff_vec =`
	`402`	`+ let coeff_vec: Vec<S> =`
`403`	`403`	`transcript.challenge_vector(b"rand_coeffs_next_layer", claims_to_verify.len());`
`404`	`404`
`405`	`405`	`// produce a joint claim`