From 3e15751fd1385478a28b3bf59192f4aae9c1b946 Mon Sep 17 00:00:00 2001
From: Sean Bowe <ewillbefull@gmail.com>
Date: Mon, 5 Mar 2018 09:37:13 -0700
Subject: [PATCH] Allocate the note value directly in little-endian bit order.

---
 src/circuit/boolean.rs | 34 +++++++++++++++++-----------------
 src/circuit/mod.rs     | 20 ++++++--------------
 2 files changed, 23 insertions(+), 31 deletions(-)

diff --git a/src/circuit/boolean.rs b/src/circuit/boolean.rs
index 18bb4d0..9209773 100644
--- a/src/circuit/boolean.rs
+++ b/src/circuit/boolean.rs
@@ -271,16 +271,16 @@ impl AllocatedBit {
     }
 }
 
-pub fn u64_into_allocated_bits_be<E: Engine, CS: ConstraintSystem<E>>(
+pub fn u64_into_boolean_vec_le<E: Engine, CS: ConstraintSystem<E>>(
     mut cs: CS,
     value: Option<u64>
-) -> Result<Vec<AllocatedBit>, SynthesisError>
+) -> Result<Vec<Boolean>, SynthesisError>
 {
     let values = match value {
         Some(ref value) => {
             let mut tmp = Vec::with_capacity(64);
 
-            for i in (0..64).rev() {
+            for i in 0..64 {
                 tmp.push(Some(*value >> i & 1 == 1));
             }
 
@@ -292,10 +292,10 @@ pub fn u64_into_allocated_bits_be<E: Engine, CS: ConstraintSystem<E>>(
     };
 
     let bits = values.into_iter().enumerate().map(|(i, b)| {
-        AllocatedBit::alloc(
+        Ok(Boolean::from(AllocatedBit::alloc(
             cs.namespace(|| format!("bit {}", i)),
             b
-        )
+        )?))
     }).collect::<Result<Vec<_>, SynthesisError>>()?;
 
     Ok(bits)
@@ -513,7 +513,7 @@ mod test {
         AllocatedBit,
         Boolean,
         field_into_allocated_bits_be,
-        u64_into_allocated_bits_be
+        u64_into_boolean_vec_le
     };
 
     #[test]
@@ -982,24 +982,24 @@ mod test {
     }
 
     #[test]
-    fn test_u64_into_allocated_bits_be() {
+    fn test_u64_into_boolean_vec_le() {
         let mut cs = TestConstraintSystem::<Bls12>::new();
 
-        let bits = u64_into_allocated_bits_be(&mut cs, Some(17234652694787248421)).unwrap();
+        let bits = u64_into_boolean_vec_le(&mut cs, Some(17234652694787248421)).unwrap();
 
         assert!(cs.is_satisfied());
 
         assert_eq!(bits.len(), 64);
 
-        assert_eq!(bits[0].value.unwrap(), true);
-        assert_eq!(bits[1].value.unwrap(), true);
-        assert_eq!(bits[2].value.unwrap(), true);
-        assert_eq!(bits[3].value.unwrap(), false);
-        assert_eq!(bits[4].value.unwrap(), true);
-        assert_eq!(bits[5].value.unwrap(), true);
-        assert_eq!(bits[20].value.unwrap(), true);
-        assert_eq!(bits[21].value.unwrap(), false);
-        assert_eq!(bits[22].value.unwrap(), false);
+        assert_eq!(bits[63 - 0].get_value().unwrap(), true);
+        assert_eq!(bits[63 - 1].get_value().unwrap(), true);
+        assert_eq!(bits[63 - 2].get_value().unwrap(), true);
+        assert_eq!(bits[63 - 3].get_value().unwrap(), false);
+        assert_eq!(bits[63 - 4].get_value().unwrap(), true);
+        assert_eq!(bits[63 - 5].get_value().unwrap(), true);
+        assert_eq!(bits[63 - 20].get_value().unwrap(), true);
+        assert_eq!(bits[63 - 21].get_value().unwrap(), false);
+        assert_eq!(bits[63 - 22].get_value().unwrap(), false);
     }
 
     #[test]
diff --git a/src/circuit/mod.rs b/src/circuit/mod.rs
index d16c48c..093aa9d 100644
--- a/src/circuit/mod.rs
+++ b/src/circuit/mod.rs
@@ -67,14 +67,10 @@ impl<'a, E: JubjubEngine> Circuit<E> for Spend<'a, E> {
     fn synthesize<CS: ConstraintSystem<E>>(self, cs: &mut CS) -> Result<(), SynthesisError>
     {
         // Booleanize the value into little-endian bit order
-        let value_bits = boolean::u64_into_allocated_bits_be(
+        let value_bits = boolean::u64_into_boolean_vec_le(
             cs.namespace(|| "value"),
             self.value
-        )?
-        .into_iter()
-        .rev() // Little endian bit order
-        .map(|e| boolean::Boolean::from(e))
-        .collect::<Vec<_>>();
+        )?;
 
         {
             let gv = ecc::fixed_base_multiplication(
@@ -348,14 +344,10 @@ impl<'a, E: JubjubEngine> Circuit<E> for Output<'a, E> {
     fn synthesize<CS: ConstraintSystem<E>>(self, cs: &mut CS) -> Result<(), SynthesisError>
     {
         // Booleanize the value into little-endian bit order
-        let value_bits = boolean::u64_into_allocated_bits_be(
+        let value_bits = boolean::u64_into_boolean_vec_le(
             cs.namespace(|| "value"),
             self.value
-        )?
-        .into_iter()
-        .rev() // Little endian bit order
-        .map(|e| boolean::Boolean::from(e))
-        .collect::<Vec<_>>();
+        )?;
 
         {
             let gv = ecc::fixed_base_multiplication(
@@ -560,7 +552,7 @@ fn test_input_circuit_with_bls12_381() {
 
         assert!(cs.is_satisfied());
         assert_eq!(cs.num_constraints(), 97379);
-        assert_eq!(cs.hash(), "4d8e71c91a621e41599ea488ee89f035c892a260a595d3c85a20a82daa2d1654");
+        assert_eq!(cs.hash(), "a3ac418bbbe38d08295995c8cdcaebd6902fcfa9e4f7212c9742ed033c1edec3");
     }
 }
 
@@ -598,6 +590,6 @@ fn test_output_circuit_with_bls12_381() {
 
         assert!(cs.is_satisfied());
         assert_eq!(cs.num_constraints(), 7827);
-        assert_eq!(cs.hash(), "225a2df7e21b9af8b436ffb9dadd645e4df843a5151c7481b0553422d5eaa793");
+        assert_eq!(cs.hash(), "b74e3ee749e1cbc405b5b4a1de3b11119084afda9b6f5e3a6865cbcc5c35e3d4");
     }
 }