|
|
@@ -21,15 +21,14 @@
|
|
|
|
|
|
use super::codegen::CodeGen;
|
|
|
use super::pedersen::{
|
|
|
- recognize_linscalar, recognize_pedersen_assignment, recognize_pubscalar, unique_random_scalars,
|
|
|
- LinScalar, PedersenAssignment,
|
|
|
+ convert_commitment, convert_randomness, recognize_linscalar, recognize_pedersen_assignment,
|
|
|
+ recognize_pubscalar, unique_random_scalars, LinScalar, PedersenAssignment,
|
|
|
};
|
|
|
use super::sigma::combiners::*;
|
|
|
-use super::sigma::types::{const_i128_tokens, expr_type_tokens, VarDict};
|
|
|
+use super::sigma::types::{expr_type_tokens, VarDict};
|
|
|
use super::syntax::taggedvardict_to_vardict;
|
|
|
use super::transform::paren_if_needed;
|
|
|
use super::{TaggedIdent, TaggedPoint, TaggedVarDict};
|
|
|
-use proc_macro2::TokenStream;
|
|
|
use quote::{format_ident, quote};
|
|
|
use std::collections::HashMap;
|
|
|
use syn::{parse_quote, Error, Expr, Ident, Result};
|
|
|
@@ -187,89 +186,6 @@ fn parse(vars: &TaggedVarDict, vardict: &VarDict, expr: &Expr) -> Option<RangeSt
|
|
|
None
|
|
|
}
|
|
|
|
|
|
-/// Output code to convert a commitment given by a
|
|
|
-/// [`PedersenAssignment`] into one for a different [`LinScalar`] of the
|
|
|
-/// same variable.
|
|
|
-pub fn convert_commitment(
|
|
|
- output_commitment: &Ident,
|
|
|
- ped_assign: &PedersenAssignment,
|
|
|
- new_linscalar: &LinScalar,
|
|
|
- vardict: &VarDict,
|
|
|
-) -> Result<TokenStream> {
|
|
|
- let orig_commitment = &ped_assign.id;
|
|
|
- let ped_assign_linscalar = &ped_assign.pedersen.var_term.coeff;
|
|
|
- let generator = &ped_assign.pedersen.var_term.id;
|
|
|
- let mut generated_code = quote! { #orig_commitment };
|
|
|
- // Subtract the pub_scalar_expr in ped_assign_linscalar (if present)
|
|
|
- // times the generator
|
|
|
- if let Some(ref pse) = ped_assign_linscalar.pub_scalar_expr {
|
|
|
- let ppse_tokens = expr_type_tokens(vardict, &paren_if_needed(pse.clone()))?.1;
|
|
|
- generated_code = quote! {
|
|
|
- ( #generated_code - #ppse_tokens * #generator )
|
|
|
- };
|
|
|
- }
|
|
|
- // Divide by the coeff in ped_assign_linscalar, if present (noting
|
|
|
- // it also cannot be 0, so will have an inverse)
|
|
|
- if ped_assign_linscalar.coeff != 1 {
|
|
|
- let coeff_tokens = const_i128_tokens(ped_assign_linscalar.coeff);
|
|
|
- generated_code = quote! {
|
|
|
- <Scalar as Field>::invert(&#coeff_tokens).unwrap() * #generated_code
|
|
|
- };
|
|
|
- }
|
|
|
- // Now multiply by the coeff in new_linscalar, if present
|
|
|
- if new_linscalar.coeff != 1 {
|
|
|
- let coeff_tokens = const_i128_tokens(new_linscalar.coeff);
|
|
|
- generated_code = quote! {
|
|
|
- #coeff_tokens * #generated_code
|
|
|
- };
|
|
|
- }
|
|
|
- // And add the pub_scalar_expr in new_linscalar (if present) times
|
|
|
- // the generator
|
|
|
- if let Some(ref pse) = new_linscalar.pub_scalar_expr {
|
|
|
- let ppse_tokens = expr_type_tokens(vardict, &paren_if_needed(pse.clone()))?.1;
|
|
|
- generated_code = quote! {
|
|
|
- #generated_code + #ppse_tokens * #generator
|
|
|
- };
|
|
|
- }
|
|
|
-
|
|
|
- Ok(quote! { let #output_commitment = #generated_code; })
|
|
|
-}
|
|
|
-
|
|
|
-/// Output code to convert the randomness given by a
|
|
|
-/// [`PedersenAssignment`] into that resulting from the conversion in
|
|
|
-/// [`convert_commitment`].
|
|
|
-pub fn convert_randomness(
|
|
|
- output_randomness: &Ident,
|
|
|
- ped_assign: &PedersenAssignment,
|
|
|
- new_linscalar: &LinScalar,
|
|
|
- vardict: &VarDict,
|
|
|
-) -> Result<TokenStream> {
|
|
|
- let ped_assign_linscalar = &ped_assign.pedersen.var_term.coeff;
|
|
|
- // Start with the LinScalar in ped_assign.pedersen.rand_term
|
|
|
- let mut generated_code = expr_type_tokens(
|
|
|
- vardict,
|
|
|
- &paren_if_needed(ped_assign.pedersen.rand_term.coeff.to_expr()),
|
|
|
- )?
|
|
|
- .1;
|
|
|
- // Divide by the coeff in ped_assign_linscalar, if present (noting
|
|
|
- // it also cannot be 0, so will have an inverse)
|
|
|
- if ped_assign_linscalar.coeff != 1 {
|
|
|
- let coeff_tokens = const_i128_tokens(ped_assign_linscalar.coeff);
|
|
|
- generated_code = quote! {
|
|
|
- <Scalar as Field>::invert(&#coeff_tokens).unwrap() * #generated_code
|
|
|
- };
|
|
|
- }
|
|
|
- // Now multiply by the coeff in new_linscalar, if present
|
|
|
- if new_linscalar.coeff != 1 {
|
|
|
- let coeff_tokens = const_i128_tokens(new_linscalar.coeff);
|
|
|
- generated_code = quote! {
|
|
|
- #coeff_tokens * #generated_code
|
|
|
- };
|
|
|
- }
|
|
|
-
|
|
|
- Ok(quote! { let #output_randomness = #generated_code; })
|
|
|
-}
|
|
|
-
|
|
|
/// Look for, and transform, range statements specified in the
|
|
|
/// [`StatementTree`] into basic statements about linear combinations of
|
|
|
/// `Point`s.
|
|
|
@@ -696,7 +612,6 @@ pub fn transform(
|
|
|
mod tests {
|
|
|
use super::super::syntax::taggedvardict_from_strs;
|
|
|
use super::*;
|
|
|
- use std::collections::HashSet;
|
|
|
|
|
|
fn parse_tester(vars: (&[&str], &[&str]), expr: Expr, expect: Option<RangeStatement>) {
|
|
|
let taggedvardict = taggedvardict_from_strs(vars);
|
|
|
@@ -859,158 +774,4 @@ mod tests {
|
|
|
}),
|
|
|
);
|
|
|
}
|
|
|
-
|
|
|
- fn convert_commitment_randomness_tester(
|
|
|
- vars: (&[&str], &[&str]),
|
|
|
- randoms: &[&str],
|
|
|
- ped_assign_expr: Expr,
|
|
|
- lin_scalar_expr: Expr,
|
|
|
- expect_commitment: TokenStream,
|
|
|
- expect_randomness: TokenStream,
|
|
|
- ) {
|
|
|
- let taggedvardict = taggedvardict_from_strs(vars);
|
|
|
- let vardict = taggedvardict_to_vardict(&taggedvardict);
|
|
|
- let mut randoms_hash = HashSet::new();
|
|
|
- for r in randoms {
|
|
|
- randoms_hash.insert(r.to_string());
|
|
|
- }
|
|
|
- let output_commitment = format_ident! { "out" };
|
|
|
- let output_randomness = format_ident! { "out_rand" };
|
|
|
- let ped_assign = recognize_pedersen_assignment(
|
|
|
- &taggedvardict,
|
|
|
- &randoms_hash,
|
|
|
- &vardict,
|
|
|
- &ped_assign_expr,
|
|
|
- )
|
|
|
- .unwrap();
|
|
|
- let lin_scalar = recognize_linscalar(&taggedvardict, &vardict, &lin_scalar_expr).unwrap();
|
|
|
- assert_eq!(
|
|
|
- convert_commitment(&output_commitment, &ped_assign, &lin_scalar, &vardict)
|
|
|
- .unwrap()
|
|
|
- .to_string(),
|
|
|
- expect_commitment.to_string()
|
|
|
- );
|
|
|
- assert_eq!(
|
|
|
- convert_randomness(&output_randomness, &ped_assign, &lin_scalar, &vardict)
|
|
|
- .unwrap()
|
|
|
- .to_string(),
|
|
|
- expect_randomness.to_string()
|
|
|
- );
|
|
|
- }
|
|
|
-
|
|
|
- #[test]
|
|
|
- fn convert_commitment_randomness_test() {
|
|
|
- let vars = (
|
|
|
- [
|
|
|
- "x", "y", "z", "pub a", "pub b", "pub c", "rand r", "rand s", "rand t",
|
|
|
- ]
|
|
|
- .as_slice(),
|
|
|
- ["C", "cind A", "cind B"].as_slice(),
|
|
|
- );
|
|
|
- let randoms = ["r", "s", "t"].as_slice();
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = x*A + r*B },
|
|
|
- parse_quote! { x },
|
|
|
- quote! { let out = C; },
|
|
|
- quote! { let out_rand = r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = x*A + r*B },
|
|
|
- parse_quote! { 2 * x },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) * C; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) * r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = x*A + r*B },
|
|
|
- parse_quote! { 2 * x + 12 },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) * C +
|
|
|
- Scalar::from_u128(12u128) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) * r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = x*A + r*B },
|
|
|
- parse_quote! { 2 * x + 12 + a },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) * C +
|
|
|
- (Scalar::from_u128(12u128) + a) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) * r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = 3*x*A + r*B },
|
|
|
- parse_quote! { 2 * x + 12 + a },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128)).unwrap() * C +
|
|
|
- (Scalar::from_u128(12u128) + a) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128)).unwrap() * r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = -3*x*A + r*B },
|
|
|
- parse_quote! { 2 * x + 12 + a },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() * C +
|
|
|
- (Scalar::from_u128(12u128) + a) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() * r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = (-3*x+4+b)*A + r*B },
|
|
|
- parse_quote! { 2 * x + 12 + a },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() *
|
|
|
- (C - (Scalar::from_u128(4u128) + b) * A) +
|
|
|
- (Scalar::from_u128(12u128) + a) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() * r; },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = (-3*x+4+b)*A + 2*r*B },
|
|
|
- parse_quote! { 2 * x + 12 + a },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() *
|
|
|
- (C - (Scalar::from_u128(4u128) + b) * A) +
|
|
|
- (Scalar::from_u128(12u128) + a) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() *
|
|
|
- (r * Scalar::from_u128(2u128)); },
|
|
|
- );
|
|
|
-
|
|
|
- convert_commitment_randomness_tester(
|
|
|
- vars,
|
|
|
- &randoms,
|
|
|
- parse_quote! { C = (-3*x+4+b)*A + (2*r+c-3)*B },
|
|
|
- parse_quote! { 2 * x + 12 + a },
|
|
|
- quote! { let out = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() *
|
|
|
- (C - (Scalar::from_u128(4u128) + b) * A) +
|
|
|
- (Scalar::from_u128(12u128) + a) * A; },
|
|
|
- quote! { let out_rand = Scalar::from_u128(2u128) *
|
|
|
- <Scalar as Field>::invert(&Scalar::from_u128(3u128).neg()).unwrap() *
|
|
|
- (r * Scalar::from_u128(2u128) +
|
|
|
- (c + (Scalar::from_u128(3u128).neg()))); },
|
|
|
- );
|
|
|
- }
|
|
|
}
|
