From 6f66fd3f9d959fa04bcbcf1e10c9bdc2ed80c7f8 Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Tue, 20 Feb 2018 16:11:48 -0700 Subject: [PATCH] Express x and y coordinates from lookup as linear combinations. --- src/circuit/lookup.rs | 22 ++++++++++++---------- src/circuit/pedersen_hash.rs | 2 +- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/src/circuit/lookup.rs b/src/circuit/lookup.rs index e433cd0..e002609 100644 --- a/src/circuit/lookup.rs +++ b/src/circuit/lookup.rs @@ -169,24 +169,26 @@ pub fn lookup3_xy_with_conditional_negation( synth::(2, coords.iter().map(|c| &c.0), &mut x_coeffs); synth::(2, coords.iter().map(|c| &c.1), &mut y_coeffs); + let precomp = Boolean::and(cs.namespace(|| "precomp"), &bits[0], &bits[1])?; + cs.enforce( || "x-coordinate lookup", - |lc| lc + (x_coeffs[0b01], one) - + &bits[1].lc::(one, x_coeffs[0b11]), - |lc| lc + &bits[0].lc::(one, E::Fr::one()), + |lc| lc + (x_coeffs[0b00], one) + + &bits[0].lc::(one, x_coeffs[0b01]) + + &bits[1].lc::(one, x_coeffs[0b10]) + + &precomp.lc::(one, x_coeffs[0b11]), + |lc| lc + one, |lc| lc + res_x.get_variable() - - (x_coeffs[0b00], one) - - &bits[1].lc::(one, x_coeffs[0b10]) ); cs.enforce( || "y-coordinate lookup", - |lc| lc + (y_coeffs[0b01], one) - + &bits[1].lc::(one, y_coeffs[0b11]), - |lc| lc + &bits[0].lc::(one, E::Fr::one()), + |lc| lc + (y_coeffs[0b00], one) + + &bits[0].lc::(one, y_coeffs[0b01]) + + &bits[1].lc::(one, y_coeffs[0b10]) + + &precomp.lc::(one, y_coeffs[0b11]), + |lc| lc + one, |lc| lc + res_y.get_variable() - - (y_coeffs[0b00], one) - - &bits[1].lc::(one, y_coeffs[0b10]) ); let final_y = res_y.conditionally_negate(&mut cs, &bits[2])?; diff --git a/src/circuit/pedersen_hash.rs b/src/circuit/pedersen_hash.rs index 55f9cfb..68aab98 100644 --- a/src/circuit/pedersen_hash.rs +++ b/src/circuit/pedersen_hash.rs @@ -155,7 +155,7 @@ mod test { ).unwrap(); assert!(cs.is_satisfied()); - assert_eq!(cs.num_constraints(), 1551); + assert_eq!(cs.num_constraints(), 1721); } #[test]