Revert "refactor: improve visibilities (#65)"

This reverts commit f25d18a.

Author: srinathsetty

Cargo.toml

@@ -11,8 +11,9 @@ license-file = "LICENSE"
 keywords = ["zkSNARKs", "cryptography", "proofs"]
 
 [dependencies]
-curve25519-dalek = { version = "4.1.1", features = [
+curve25519-dalek = { version = "3.2.0", features = [
     "serde",
+    "u64_backend",
     "alloc",
 ], default-features = false }
 merlin = { version = "3.0.0", default-features = false }
@@ -57,8 +58,9 @@ harness = false
 required-features = ["std"]
 
 [features]
-default = ["std"]
+default = ["std", "simd_backend"]
 std = [
+    "curve25519-dalek/std",
     "digest/std",
     "merlin/std",
     "rand/std",
@@ -70,5 +72,6 @@ std = [
     "itertools/use_std",
     "flate2/rust_backend",
 ]
+simd_backend = ["curve25519-dalek/simd_backend"]
 multicore = ["rayon"]
 profile = ["colored"]

src/commitments.rs

@@ -1,6 +1,7 @@
 use super::group::{GroupElement, VartimeMultiscalarMul, GROUP_BASEPOINT_COMPRESSED};
 use super::scalar::Scalar;
-use digest::{ExtendableOutput, Input, XofReader};
+use digest::XofReader;
+use digest::{ExtendableOutput, Input};
 use sha3::Shake256;
 
 #[derive(Debug)]

src/r1csinstance.rs

@@ -110,24 +110,21 @@ impl R1CSInstance {
     let num_poly_vars_x = num_cons.log_2();
     let num_poly_vars_y = (2 * num_vars).log_2();
 
-    let mat_A = A
-      .iter()
-      .map(|(row, col, val)| SparseMatEntry::new(*row, *col, *val))
+    let mat_A = (0..A.len())
+      .map(|i| SparseMatEntry::new(A[i].0, A[i].1, A[i].2))
       .collect::<Vec<SparseMatEntry>>();
-    let mat_B = B
-      .iter()
-      .map(|(row, col, val)| SparseMatEntry::new(*row, *col, *val))
+    let mat_B = (0..B.len())
+      .map(|i| SparseMatEntry::new(B[i].0, B[i].1, B[i].2))
       .collect::<Vec<SparseMatEntry>>();
-    let mat_C = C
-      .iter()
-      .map(|(row, col, val)| SparseMatEntry::new(*row, *col, *val))
+    let mat_C = (0..C.len())
+      .map(|i| SparseMatEntry::new(C[i].0, C[i].1, C[i].2))
       .collect::<Vec<SparseMatEntry>>();
 
     let poly_A = SparseMatPolynomial::new(num_poly_vars_x, num_poly_vars_y, mat_A);
     let poly_B = SparseMatPolynomial::new(num_poly_vars_x, num_poly_vars_y, mat_B);
     let poly_C = SparseMatPolynomial::new(num_poly_vars_x, num_poly_vars_y, mat_C);
 
-    Self {
+    R1CSInstance {
       num_cons,
       num_vars,
       num_inputs,
@@ -260,7 +257,11 @@ impl R1CSInstance {
     assert_eq!(Az.len(), self.num_cons);
     assert_eq!(Bz.len(), self.num_cons);
     assert_eq!(Cz.len(), self.num_cons);
-    (0..self.num_cons).all(|i| Az[i] * Bz[i] == Cz[i])
+    let res: usize = (0..self.num_cons)
+      .map(|i| usize::from(Az[i] * Bz[i] != Cz[i]))
+      .sum();
+
+    res == 0
   }
 
   pub fn multiply_vec(

src/sparse_mlpoly.rs

@@ -51,14 +51,18 @@ impl Derefs {
   pub fn new(row_ops_val: Vec<DensePolynomial>, col_ops_val: Vec<DensePolynomial>) -> Self {
     assert_eq!(row_ops_val.len(), col_ops_val.len());
 
-    // combine all polynomials into a single polynomial (used below to produce a single commitment)
-    let comb = DensePolynomial::merge(row_ops_val.iter().chain(col_ops_val.iter()));
+    let derefs = {
+      // combine all polynomials into a single polynomial (used below to produce a single commitment)
+      let comb = DensePolynomial::merge(row_ops_val.iter().chain(col_ops_val.iter()));
+
+      Derefs {
+        row_ops_val,
+        col_ops_val,
+        comb,
+      }
+    };
 
-    Derefs {
-      row_ops_val,
-      col_ops_val,
-      comb,
-    }
+    derefs
   }
 
   pub fn commit(&self, gens: &PolyCommitmentGens) -> DerefsCommitment {
@@ -339,7 +343,7 @@ impl AppendToTranscript for SparseMatPolyCommitment {
 
 impl SparseMatPolynomial {
   pub fn new(num_vars_x: usize, num_vars_y: usize, M: Vec<SparseMatEntry>) -> Self {
-    Self {
+    SparseMatPolynomial {
       num_vars_x,
       num_vars_y,
       M,
@@ -373,9 +377,8 @@ impl SparseMatPolynomial {
       assert_eq!(sparse_polys[i].num_vars_y, sparse_polys[0].num_vars_y);
     }
 
-    let N = sparse_polys
-      .iter()
-      .map(|sparse_poly| sparse_poly.get_num_nz_entries())
+    let N = (0..sparse_polys.len())
+      .map(|i| sparse_polys[i].get_num_nz_entries())
       .max()
       .unwrap();
 
@@ -427,10 +430,13 @@ impl SparseMatPolynomial {
     assert_eq!(self.num_vars_x.pow2(), eval_table_rx.len());
     assert_eq!(self.num_vars_y.pow2(), eval_table_ry.len());
 
-    self
-      .M
-      .iter()
-      .map(|SparseMatEntry { row, col, val }| eval_table_rx[*row] * eval_table_ry[*col] * val)
+    (0..self.M.len())
+      .map(|i| {
+        let row = self.M[i].row;
+        let col = self.M[i].col;
+        let val = &self.M[i].val;
+        eval_table_rx[row] * eval_table_ry[col] * val
+      })
       .sum()
   }
 
@@ -442,22 +448,25 @@ impl SparseMatPolynomial {
     let eval_table_rx = EqPolynomial::new(rx.to_vec()).evals();
     let eval_table_ry = EqPolynomial::new(ry.to_vec()).evals();
 
-    polys
-      .iter()
-      .map(|poly| poly.evaluate_with_tables(&eval_table_rx, &eval_table_ry))
+    (0..polys.len())
+      .map(|i| polys[i].evaluate_with_tables(&eval_table_rx, &eval_table_ry))
       .collect::<Vec<Scalar>>()
   }
 
   pub fn multiply_vec(&self, num_rows: usize, num_cols: usize, z: &[Scalar]) -> Vec<Scalar> {
     assert_eq!(z.len(), num_cols);
 
-    self.M.iter().fold(
-      vec![Scalar::zero(); num_rows],
-      |mut Mz, SparseMatEntry { row, col, val }| {
-        Mz[*row] += val * z[*col];
+    (0..self.M.len())
+      .map(|i| {
+        let row = self.M[i].row;
+        let col = self.M[i].col;
+        let val = &self.M[i].val;
+        (row, val * z[col])
+      })
+      .fold(vec![Scalar::zero(); num_rows], |mut Mz, (r, v)| {
+        Mz[r] += v;
         Mz
-      },
-    )
+      })
   }
 
   pub fn compute_eval_table_sparse(
@@ -468,13 +477,13 @@ impl SparseMatPolynomial {
   ) -> Vec<Scalar> {
     assert_eq!(rx.len(), num_rows);
 
-    self.M.iter().fold(
-      vec![Scalar::zero(); num_cols],
-      |mut M_evals, SparseMatEntry { row, col, val }| {
-        M_evals[*col] += rx[*row] * val;
-        M_evals
-      },
-    )
+    let mut M_evals: Vec<Scalar> = vec![Scalar::zero(); num_cols];
+
+    for i in 0..self.M.len() {
+      let entry = &self.M[i];
+      M_evals[entry.col] += rx[entry.row] * entry.val;
+    }
+    M_evals
   }
 
   pub fn multi_commit(
@@ -697,18 +706,18 @@ impl HashLayerProof {
     let (rand_mem, rand_ops) = rand;
 
     // decommit ops-addr at rand_ops
-    let eval_ops_addr_vec = addr_timestamps
-      .ops_addr
-      .iter()
-      .map(|addr| addr.evaluate(rand_ops))
-      .collect();
+    let mut eval_ops_addr_vec: Vec<Scalar> = Vec::new();
+    for i in 0..addr_timestamps.ops_addr.len() {
+      let eval_ops_addr = addr_timestamps.ops_addr[i].evaluate(rand_ops);
+      eval_ops_addr_vec.push(eval_ops_addr);
+    }
 
     // decommit read_ts at rand_ops
-    let eval_read_ts_vec = addr_timestamps
-      .read_ts
-      .iter()
-      .map(|addr| addr.evaluate(rand_ops))
-      .collect();
+    let mut eval_read_ts_vec: Vec<Scalar> = Vec::new();
+    for i in 0..addr_timestamps.read_ts.len() {
+      let eval_read_ts = addr_timestamps.read_ts[i].evaluate(rand_ops);
+      eval_read_ts_vec.push(eval_read_ts);
+    }
 
     // decommit audit-ts at rand_mem
     let eval_audit_ts = addr_timestamps.audit_ts.evaluate(rand_mem);
@@ -729,15 +738,11 @@ impl HashLayerProof {
     let (rand_mem, rand_ops) = rand;
 
     // decommit derefs at rand_ops
-    let eval_row_ops_val = derefs
-      .row_ops_val
-      .iter()
-      .map(|row| row.evaluate(rand_ops))
+    let eval_row_ops_val = (0..derefs.row_ops_val.len())
+      .map(|i| derefs.row_ops_val[i].evaluate(rand_ops))
       .collect::<Vec<Scalar>>();
-    let eval_col_ops_val = derefs
-      .col_ops_val
-      .iter()
-      .map(|col| col.evaluate(rand_ops))
+    let eval_col_ops_val = (0..derefs.col_ops_val.len())
+      .map(|i| derefs.col_ops_val[i].evaluate(rand_ops))
       .collect::<Vec<Scalar>>();
     let proof_derefs = DerefsEvalProof::prove(
       derefs,
@@ -1576,9 +1581,15 @@ impl SparsePolynomial {
 
   fn compute_chi(a: &[bool], r: &[Scalar]) -> Scalar {
     assert_eq!(a.len(), r.len());
-    a.iter().zip(r.iter()).fold(Scalar::one(), |sum, (a, r)| {
-      sum * if *a { *r } else { Scalar::one() - r }
-    })
+    let mut chi_i = Scalar::one();
+    for j in 0..r.len() {
+      if a[j] {
+        chi_i *= r[j];
+      } else {
+        chi_i *= Scalar::one() - r[j];
+      }
+    }
+    chi_i
   }
 
   // Takes O(n log n). TODO: do this in O(n) where n is the number of entries in Z
@@ -1609,15 +1620,15 @@ mod tests {
     let num_vars_x: usize = num_rows.log_2();
     let num_vars_y: usize = num_cols.log_2();
 
-    let M = (0..num_nz_entries)
-      .map(|_i| {
-        SparseMatEntry::new(
-          (csprng.next_u64() % (num_rows as u64)) as usize,
-          (csprng.next_u64() % (num_cols as u64)) as usize,
-          Scalar::random(&mut csprng),
-        )
-      })
-      .collect();
+    let mut M: Vec<SparseMatEntry> = Vec::new();
+
+    for _i in 0..num_nz_entries {
+      M.push(SparseMatEntry::new(
+        (csprng.next_u64() % (num_rows as u64)) as usize,
+        (csprng.next_u64() % (num_cols as u64)) as usize,
+        Scalar::random(&mut csprng),
+      ));
+    }
 
     let poly_M = SparseMatPolynomial::new(num_vars_x, num_vars_y, M);
     let gens = SparseMatPolyCommitmentGens::new(