arkworks-rs · mmagician · Feb 5, 2024 · Feb 6, 2024 · Feb 6, 2024 · Feb 6, 2024
@@ -1,4 +1,5 @@
 use crate::{Polynomial, String, Vec};
+use ark_crypto_primitives::sponge::Absorb;
 use ark_ff::{Field, PrimeField, ToConstraintField};
 use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
 use ark_std::rand::RngCore;
@@ -55,7 +56,7 @@ pub trait PCPreparedVerifierKey<Unprepared: PCVerifierKey> {
 
 /// Defines the minimal interface of commitments for any polynomial
 /// commitment scheme.
-pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize {
+pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize + Absorb {
     /// Outputs a non-hiding commitment to the zero polynomial.
     fn empty() -> Self;
 
@@ -185,6 +186,16 @@ pub struct LabeledCommitment<C: PCCommitment> {
     degree_bound: Option<usize>,
 }
 
+impl<C: PCCommitment> Absorb for LabeledCommitment<C> {
+    fn to_sponge_bytes(&self, dest: &mut Vec<u8>) {
+        self.commitment.to_sponge_bytes(dest)
+    }
+
+    fn to_sponge_field_elements<F: PrimeField>(&self, dest: &mut Vec<F>) {
+        self.commitment.to_sponge_field_elements(dest)
+    }
+}
+
 impl<F: Field, C: PCCommitment + ToConstraintField<F>> ToConstraintField<F>
     for LabeledCommitment<C>
 {

@@ -1,5 +1,6 @@
 use crate::*;
 use crate::{PCCommitterKey, PCVerifierKey, Vec};
+use ark_crypto_primitives::sponge::Absorb;
 use ark_ec::AffineRepr;
 use ark_ff::{Field, UniformRand, Zero};
 use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
@@ -84,7 +85,7 @@ impl<G: AffineRepr> PCPreparedVerifierKey<VerifierKey<G>> for PreparedVerifierKe
 }
 
 /// Commitment to a polynomial that optionally enforces a degree bound.
-#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
+#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)]
 #[derivative(
     Default(bound = ""),
     Hash(bound = ""),
@@ -94,7 +95,7 @@ impl<G: AffineRepr> PCPreparedVerifierKey<VerifierKey<G>> for PreparedVerifierKe
     PartialEq(bound = ""),
     Eq(bound = "")
 )]
-pub struct Commitment<G: AffineRepr> {
+pub struct Commitment<G: AffineRepr + Absorb> {
     /// A Pedersen commitment to the polynomial.
     pub comm: G,
 
@@ -104,7 +105,7 @@ pub struct Commitment<G: AffineRepr> {
     pub shifted_comm: Option<G>,
 }
 
-impl<G: AffineRepr> PCCommitment for Commitment<G> {
+impl<G: AffineRepr + Absorb> PCCommitment for Commitment<G> {
     #[inline]
     fn empty() -> Self {
         Commitment {
@@ -121,7 +122,7 @@ impl<G: AffineRepr> PCCommitment for Commitment<G> {
 /// Nothing to do to prepare this commitment (for now).
 pub type PreparedCommitment<E> = Commitment<E>;
 
-impl<G: AffineRepr> PCPreparedCommitment<Commitment<G>> for PreparedCommitment<G> {
+impl<G: AffineRepr + Absorb> PCPreparedCommitment<Commitment<G>> for PreparedCommitment<G> {
     /// prepare `PreparedCommitment` from `Commitment`
     fn prepare(vk: &Commitment<G>) -> Self {
         vk.clone()

@@ -15,7 +15,7 @@ pub use data_structures::*;
 #[cfg(feature = "parallel")]
 use rayon::prelude::*;
 
-use ark_crypto_primitives::sponge::CryptographicSponge;
+use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
 use digest::Digest;
 
 /// A polynomial commitment scheme based on the hardness of the
@@ -45,7 +45,7 @@ pub struct InnerProductArgPC<
 
 impl<G, D, P, S> InnerProductArgPC<G, D, P, S>
 where
-    G: AffineRepr,
+    G: AffineRepr + Absorb,
     G::Group: VariableBaseMSM<MulBase = G>,
     D: Digest,
     P: DenseUVPolynomial<G::ScalarField>,
@@ -337,7 +337,7 @@ where
 
 impl<G, D, P, S> PolynomialCommitment<G::ScalarField, P, S> for InnerProductArgPC<G, D, P, S>
 where
-    G: AffineRepr,
+    G: AffineRepr + Absorb,
     G::Group: VariableBaseMSM<MulBase = G>,
     D: Digest,
     P: DenseUVPolynomial<G::ScalarField, Point = G::ScalarField>,

@@ -1,4 +1,5 @@
 use crate::*;
+use ark_crypto_primitives::sponge::Absorb;
 use ark_ec::pairing::Pairing;
 use ark_ec::AdditiveGroup;
 use ark_ec::AffineRepr;
@@ -314,7 +315,7 @@ impl<E: Pairing> PreparedVerifierKey<E> {
 }
 
 /// `Commitment` commits to a polynomial. It is output by `KZG10::commit`.
-#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
+#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)]
 #[derivative(
     Default(bound = ""),
     Hash(bound = ""),
@@ -324,12 +325,19 @@ impl<E: Pairing> PreparedVerifierKey<E> {
     PartialEq(bound = ""),
     Eq(bound = "")
 )]
-pub struct Commitment<E: Pairing>(
+pub struct Commitment<E>(
     /// The commitment is a group element.
     pub E::G1Affine,
-);
+)
+where
+    E: Pairing,
+    E::G1Affine: Absorb;
 
-impl<E: Pairing> PCCommitment for Commitment<E> {
+impl<E> PCCommitment for Commitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     #[inline]
     fn empty() -> Self {
         Commitment(E::G1Affine::zero())
@@ -340,16 +348,21 @@ impl<E: Pairing> PCCommitment for Commitment<E> {
     }
 }
 
-impl<E: Pairing> ToConstraintField<<E::TargetField as Field>::BasePrimeField> for Commitment<E>
+impl<E> ToConstraintField<<E::TargetField as Field>::BasePrimeField> for Commitment<E>
 where
-    E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField>,
+    E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField> + Absorb,
+    E: Pairing,
 {
     fn to_field_elements(&self) -> Option<Vec<<E::TargetField as Field>::BasePrimeField>> {
         self.0.to_field_elements()
     }
 }
 
-impl<'a, E: Pairing> AddAssign<(E::ScalarField, &'a Commitment<E>)> for Commitment<E> {
+impl<'a, E> AddAssign<(E::ScalarField, &'a Commitment<E>)> for Commitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     #[inline]
     fn add_assign(&mut self, (f, other): (E::ScalarField, &'a Commitment<E>)) {
         let mut other = other.0 * f;
@@ -373,7 +386,11 @@ pub struct PreparedCommitment<E: Pairing>(
     pub Vec<E::G1Affine>,
 );
 
-impl<E: Pairing> PreparedCommitment<E> {
+impl<E> PreparedCommitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     /// prepare `PreparedCommitment` from `Commitment`
     pub fn prepare(comm: &Commitment<E>) -> Self {
         let mut prepared_comm = Vec::<E::G1Affine>::new();

@@ -6,6 +6,7 @@
 //! This construction achieves extractability in the algebraic group model (AGM).
 
 use crate::{BTreeMap, Error, LabeledPolynomial, PCCommitmentState, ToString, Vec};
+use ark_crypto_primitives::sponge::Absorb;
 use ark_ec::AffineRepr;
 use ark_ec::{pairing::Pairing, CurveGroup};
 use ark_ec::{scalar_mul::ScalarMul, VariableBaseMSM};
@@ -32,6 +33,7 @@ pub struct KZG10<E: Pairing, P: DenseUVPolynomial<E::ScalarField>> {
 impl<E, P> KZG10<E, P>
 where
     E: Pairing,
+    E::G1Affine: Absorb,
     P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
     for<'a, 'b> &'a P: Div<&'b P, Output = P>,
 {
@@ -548,6 +550,7 @@ mod tests {
     fn end_to_end_test_template<E, P>() -> Result<(), Error>
     where
         E: Pairing,
+        E::G1Affine: Absorb,
         P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
         for<'a, 'b> &'a P: Div<&'b P, Output = P>,
     {
@@ -579,6 +582,7 @@ mod tests {
     fn linear_polynomial_test_template<E, P>() -> Result<(), Error>
     where
         E: Pairing,
+        E::G1Affine: Absorb,
         P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
         for<'a, 'b> &'a P: Div<&'b P, Output = P>,
     {
@@ -607,6 +611,7 @@ mod tests {
     fn batch_check_test_template<E, P>() -> Result<(), Error>
     where
         E: Pairing,
+        E::G1Affine: Absorb,
         P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
         for<'a, 'b> &'a P: Div<&'b P, Output = P>,
     {

@@ -2,6 +2,7 @@ use crate::{
     DenseUVPolynomial, PCCommitment, PCCommitmentState, PCCommitterKey, PCPreparedCommitment,
     PCPreparedVerifierKey, PCVerifierKey, Vec,
 };
+use ark_crypto_primitives::sponge::Absorb;
 use ark_ec::pairing::Pairing;
 use ark_ec::AdditiveGroup;
 use ark_ff::{Field, PrimeField, ToConstraintField};
@@ -213,7 +214,7 @@ impl<E: Pairing> PCPreparedVerifierKey<VerifierKey<E>> for PreparedVerifierKey<E
 }
 
 /// Commitment to a polynomial that optionally enforces a degree bound.
-#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)]
+#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)]
 #[derivative(
     Default(bound = ""),
     Hash(bound = ""),
@@ -223,7 +224,11 @@ impl<E: Pairing> PCPreparedVerifierKey<VerifierKey<E>> for PreparedVerifierKey<E
     PartialEq(bound = ""),
     Eq(bound = "")
 )]
-pub struct Commitment<E: Pairing> {
+pub struct Commitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     /// A KZG10 commitment to the polynomial.
     pub comm: kzg10::Commitment<E>,
 
@@ -235,7 +240,7 @@ pub struct Commitment<E: Pairing> {
 
 impl<E: Pairing> ToConstraintField<<E::TargetField as Field>::BasePrimeField> for Commitment<E>
 where
-    E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField>,
+    E::G1Affine: ToConstraintField<<E::TargetField as Field>::BasePrimeField> + Absorb,
 {
     fn to_field_elements(&self) -> Option<Vec<<E::TargetField as Field>::BasePrimeField>> {
         let mut res = Vec::new();
@@ -249,7 +254,11 @@ where
     }
 }
 
-impl<E: Pairing> PCCommitment for Commitment<E> {
+impl<E> PCCommitment for Commitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     #[inline]
     fn empty() -> Self {
         Self {
@@ -272,12 +281,20 @@ impl<E: Pairing> PCCommitment for Commitment<E> {
     PartialEq(bound = ""),
     Eq(bound = "")
 )]
-pub struct PreparedCommitment<E: Pairing> {
+pub struct PreparedCommitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     pub(crate) prepared_comm: kzg10::PreparedCommitment<E>,
     pub(crate) shifted_comm: Option<kzg10::Commitment<E>>,
 }
 
-impl<E: Pairing> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E> {
+impl<E> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     /// Prepare commitment to a polynomial that optionally enforces a degree bound.
     fn prepare(comm: &Commitment<E>) -> Self {
         let prepared_comm = kzg10::PreparedCommitment::<E>::prepare(&comm.comm);

@@ -12,7 +12,7 @@ use ark_std::rand::RngCore;
 use ark_std::{marker::PhantomData, ops::Div, vec};
 
 mod data_structures;
-use ark_crypto_primitives::sponge::CryptographicSponge;
+use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
 pub use data_structures::*;
 
 /// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement, batching,
@@ -57,6 +57,7 @@ pub(crate) fn shift_polynomial<E: Pairing, P: DenseUVPolynomial<E::ScalarField>>
 impl<E, P, S> PolynomialCommitment<E::ScalarField, P, S> for MarlinKZG10<E, P, S>
 where
     E: Pairing,
+    E::G1Affine: Absorb,
     P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
     S: CryptographicSponge,
     for<'a, 'b> &'a P: Div<&'b P, Output = P>,

@@ -24,7 +24,7 @@ pub use data_structures::*;
 mod combinations;
 use combinations::*;
 
-use ark_crypto_primitives::sponge::CryptographicSponge;
+use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
 #[cfg(feature = "parallel")]
 use rayon::prelude::*;
 
@@ -146,6 +146,7 @@ impl<E: Pairing, P: DenseMVPolynomial<E::ScalarField>, S: CryptographicSponge>
 impl<E, P, S> PolynomialCommitment<E::ScalarField, P, S> for MarlinPST13<E, P, S>
 where
     E: Pairing,
+    E::G1Affine: Absorb,
     P: DenseMVPolynomial<E::ScalarField> + Sync,
     S: CryptographicSponge,
     P::Point: Index<usize, Output = E::ScalarField>,

@@ -4,7 +4,7 @@ use crate::{BTreeMap, BTreeSet, Debug, RngCore, String, ToString, Vec};
 use crate::{BatchLCProof, LabeledPolynomial, LinearCombination};
 use crate::{Evaluations, LabeledCommitment, QuerySet};
 use crate::{PCCommitmentState, Polynomial, PolynomialCommitment};
-use ark_crypto_primitives::sponge::CryptographicSponge;
+use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
 use ark_ec::pairing::Pairing;
 use ark_ec::AffineRepr;
 use ark_ec::CurveGroup;
@@ -44,6 +44,7 @@ where
 impl<E, S, P, PC> Marlin<E, S, P, PC>
 where
     E: Pairing,
+    E::G1Affine: Absorb,
     S: CryptographicSponge,
     P: Polynomial<E::ScalarField>,
     PC: PolynomialCommitment<E::ScalarField, P, S>,

@@ -2,6 +2,7 @@ use crate::kzg10;
 use crate::{
     BTreeMap, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, PCVerifierKey, Vec,
 };
+use ark_crypto_primitives::sponge::Absorb;
 use ark_ec::pairing::Pairing;
 use ark_ec::AdditiveGroup;
 use ark_serialize::{
@@ -21,7 +22,11 @@ pub type Commitment<E> = kzg10::Commitment<E>;
 /// `PreparedCommitment` is the prepared commitment for the KZG10 scheme.
 pub type PreparedCommitment<E> = kzg10::PreparedCommitment<E>;
 
-impl<E: Pairing> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E> {
+impl<E> PCPreparedCommitment<Commitment<E>> for PreparedCommitment<E>
+where
+    E: Pairing,
+    E::G1Affine: Absorb,
+{
     /// prepare `PreparedCommitment` from `Commitment`
     fn prepare(comm: &Commitment<E>) -> Self {
         let mut prepared_comm = Vec::<E::G1Affine>::new();

@@ -12,7 +12,7 @@ use ark_std::rand::RngCore;
 use ark_std::{convert::TryInto, marker::PhantomData, ops::Div, ops::Mul, vec};
 
 mod data_structures;
-use ark_crypto_primitives::sponge::CryptographicSponge;
+use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge};
 pub use data_structures::*;
 
 /// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement and
@@ -34,6 +34,7 @@ pub struct SonicKZG10<E: Pairing, P: DenseUVPolynomial<E::ScalarField>, S: Crypt
 impl<E, P, S> SonicKZG10<E, P, S>
 where
     E: Pairing,
+    E::G1Affine: Absorb,
     P: DenseUVPolynomial<E::ScalarField>,
     S: CryptographicSponge,
 {
@@ -137,6 +138,7 @@ where
 impl<E, P, S> PolynomialCommitment<E::ScalarField, P, S> for SonicKZG10<E, P, S>
 where
     E: Pairing,
+    E::G1Affine: Absorb,
     P: DenseUVPolynomial<E::ScalarField, Point = E::ScalarField>,
     S: CryptographicSponge,
     for<'a, 'b> &'a P: Div<&'b P, Output = P>,