Arbitrary number of variables and contraints (#34)

elefthei · srinathsetty · web-flow · commit 7bbc366e5d4e · 2021-04-22T10:27:54.000-07:00
* This commit makes adding an arbitrary number of variables and inputs possible and removes the
  implementation leaking to the interface for

  num_inps + 1 &lt;= num_vars, num_vars: a power of 2, num_cons: a power of 2, but not 1.

  1. When creating a new R1CS Instance throught the public interface,
     it is required # constraints and # of vars be a power of 2. I remove
     that requirement by padding with dummy constraints and vars until the nearest
     power of 2.
  2. The sumcheck protocol in src/sumcheck.rs does not work for 1 constraint, even
     though 1 is a power of 2. I have to pad to a minimum of two constraints.
  3. Added a test in src/r1csproof.rs called test_padded_constraints.

* Move test to src/lib.rs

* Remove padding metadata

* remove unused use

* Simplify padding to power of 2

* run cargo fmt

* Fix indexing bug

* Rayon is optional, depending on 'multicore' feature

* Update rust toolchain

* cargo fmt

* cleaner to track num_vars_padded and num_cons_padded

* cleanup

* further cleanup

* Cleanup &amp; comments

* small fixes

* adjust code for padding constraints

* fix a bug with pad call

* add comment about num_nz_entries

* extend padding to NIZK methods

extend padding to NIZK methods

Co-authored-by: Lef Ioannidis &lt;elefthei@seas.upenn.edu&gt;
Co-authored-by: Srinath Setty &lt;srinath@microsoft.com&gt;
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -14,7 +14,7 @@ jobs:
     steps:
     - uses: actions/checkout@v2
     - name: Install
-      run: rustup default nightly-2021-01-03
+      run: rustup default nightly-2021-01-31
     - name: Build
       run: cargo build --verbose
     - name: Run tests
diff --git a/Cargo.toml b/Cargo.toml
@@ -17,7 +17,7 @@ rand = "0.7.3"
 digest = "0.8.1"
 sha3 = "0.8.2"
 byteorder = "1.3.4"
-rayon = "1.3.0"
+rayon = { version = "1.3.0", optional = true }
 serde = { version = "1.0.106", features = ["derive"] }
 bincode = "1.2.1"
 subtle = { version = "^2.2.3", default-features = false }
@@ -52,5 +52,5 @@ name = "nizk"
 harness = false
 
 [features]
-multicore = []
+multicore = ["rayon"]
 profile = []
diff --git a/README.md b/README.md
@@ -82,7 +82,7 @@ Here is another example to use the NIZK variant of the Spartan proof system:
     let num_inputs = 10;
 
     // produce public parameters
-    let gens = NIZKGens::new(num_cons, num_vars);
+    let gens = NIZKGens::new(num_cons, num_vars, num_inputs);
 
     // ask the library to produce a synthentic R1CS instance
     let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
@@ -102,6 +102,7 @@ Here is another example to use the NIZK variant of the Spartan proof system:
 
 Finally, we provide an example that specifies a custom R1CS instance instead of using a synthetic instance
 ```rust
+#![allow(non_snake_case)]
 # extern crate curve25519_dalek;
 # extern crate libspartan;
 # extern crate merlin;
@@ -163,9 +164,9 @@ Finally, we provide an example that specifies a custom R1CS instance instead of
 
   // parameters of the R1CS instance rounded to the nearest power of two
   let num_cons = 4;
-  let num_vars = 8;
+  let num_vars = 5;
   let num_inputs = 2;
-  let num_non_zero_entries = 8;
+  let num_non_zero_entries = 5;
 
   // We will encode the above constraints into three matrices, where
   // the coefficients in the matrix are in the little-endian byte order
diff --git a/benches/nizk.rs b/benches/nizk.rs
@@ -24,7 +24,7 @@ fn nizk_prove_benchmark(c: &mut Criterion) {
 
     let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
 
-    let gens = NIZKGens::new(num_cons, num_vars);
+    let gens = NIZKGens::new(num_cons, num_vars, num_inputs);
 
     let name = format!("NIZK_prove_{}", num_vars);
     group.bench_function(&name, move |b| {
@@ -54,7 +54,7 @@ fn nizk_verify_benchmark(c: &mut Criterion) {
     let num_inputs = 10;
     let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
 
-    let gens = NIZKGens::new(num_cons, num_vars);
+    let gens = NIZKGens::new(num_cons, num_vars, num_inputs);
 
     // produce a proof of satisfiability
     let mut prover_transcript = Transcript::new(b"example");
diff --git a/profiler/nizk.rs b/profiler/nizk.rs
@@ -27,7 +27,7 @@ pub fn main() {
     let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
 
     // produce public generators
-    let gens = NIZKGens::new(num_cons, num_vars);
+    let gens = NIZKGens::new(num_cons, num_vars, num_inputs);
 
     // produce a proof of satisfiability
     let mut prover_transcript = Transcript::new(b"nizk_example");
diff --git a/src/dense_mlpoly.rs b/src/dense_mlpoly.rs
@@ -149,7 +149,7 @@ impl DensePolynomial {
     assert_eq!(L_size * R_size, self.Z.len());
     let C = (0..L_size)
       .into_par_iter()
-      .map(|&i| {
+      .map(|i| {
         self.Z[R_size * i..R_size * (i + 1)]
           .commit(&blinds[i], gens)
           .compress()
diff --git a/src/lib.rs b/src/lib.rs
