diff --git a/src/zk.rs b/src/zk.rs
index 697963b4bd447551131bcffc87f6683fdee99a6d..4dc20c24b81ffd28949f32e18a225ad2cda56414 100644
--- a/src/zk.rs
+++ b/src/zk.rs
@@ -1,5 +1,5 @@
//! a replacement of Arkworks' KZG10 module
-use ark_ec::{scalar_mul::fixed_base::FixedBase, CurveGroup, VariableBaseMSM};
+use ark_ec::CurveGroup;
use ark_ff::PrimeField;
use ark_poly::DenseUVPolynomial;
use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
@@ -44,27 +44,22 @@ pub fn setup<F: PrimeField, G: CurveGroup<ScalarField = F>>(
}
let setup_time = start_timer!(|| format!("setup with degree {}", max_degree));
- let beta = F::rand(rng);
+ let beta = G::ScalarField::rand(rng);
let g = G::rand(rng);
- let mut powers_of_beta = vec![F::one()];
+ let mut powers_of_beta = vec![G::ScalarField::one()];
let mut cur = beta;
for _ in 0..max_degree {
powers_of_beta.push(cur);
cur *= β
}
- let window_size = FixedBase::get_mul_window_size(max_degree + 1);
- let scalar_bits = F::MODULUS_BIT_SIZE as usize;
-
- let g_time = start_timer!(|| "Generating powers of G");
- let g_table = FixedBase::get_window_table(scalar_bits, window_size, g);
- let powers_of_g = FixedBase::msm::<G>(scalar_bits, window_size, &g_table, &powers_of_beta);
- end_timer!(g_time);
-
- let powers_of_g: Vec<G::Affine> = G::normalize_batch(&powers_of_g);
-
+ let powers_of_g = powers_of_beta
+ .iter()
+ .map(|p| g.mul(p).into_affine())
+ .collect();
end_timer!(setup_time);
+
Ok(Powers(powers_of_g))
}
@@ -80,26 +75,6 @@ fn check_degree_is_too_large(degree: usize, num_powers: usize) -> Result<(), Kom
}
}
-fn skip_leading_zeros_and_convert_to_bigints<F: PrimeField, P: DenseUVPolynomial<F>>(
- p: &P,
-) -> (usize, Vec<F::BigInt>) {
- let mut num_leading_zeros = 0;
- while num_leading_zeros < p.coeffs().len() && p.coeffs()[num_leading_zeros].is_zero() {
- num_leading_zeros += 1;
- }
- let coeffs = convert_to_bigints(&p.coeffs()[num_leading_zeros..]);
- (num_leading_zeros, coeffs)
-}
-
-fn convert_to_bigints<F: PrimeField>(p: &[F]) -> Vec<F::BigInt> {
- let to_bigint_time = start_timer!(|| "Converting polynomial coeffs to bigints");
- let coeffs = ark_std::cfg_iter!(p)
- .map(|s| s.into_bigint())
- .collect::<Vec<_>>();
- end_timer!(to_bigint_time);
- coeffs
-}
-
/// compute a commitment of a polynomial on a trusted setup
pub fn commit<F, G, P>(
powers: &Powers<F, G>,
@@ -114,19 +89,16 @@ where
let commit_time =
start_timer!(|| format!("Committing to polynomial of degree {}", polynomial.degree(),));
-
- let (num_leading_zeros, plain_coeffs) = skip_leading_zeros_and_convert_to_bigints(polynomial);
-
- let msm_time = start_timer!(|| "MSM to compute commitment to plaintext poly");
- let commitment = <G as VariableBaseMSM>::msm_bigint(
- &powers.0[num_leading_zeros..],
- // FIXME: this is far from satisfying
- &plain_coeffs.into_iter().collect::<Vec<_>>(),
- );
- end_timer!(msm_time);
-
+ let commitment: G::Affine = powers
+ .0
+ .iter()
+ .zip(polynomial.coeffs().iter())
+ .map(|(p, c)| (*p * c).into_affine())
+ // NOTE: yup, G::Affine is not Sum
+ .fold(G::zero().into_affine(), |acc, x| (acc + x).into_affine());
end_timer!(commit_time);
- Ok(Commitment(commitment.into()))
+
+ Ok(Commitment(commitment))
}
/// compute the commitments of a set of polynomials