Add range proof traits (#17659)

Add BatchedRangeProof trait to aptos-dkg

Author: waamm

crates/aptos-dkg/benches/range_proof.rs

@@ -2,15 +2,15 @@
 // SPDX-License-Identifier: Apache-2.0
 
 use aptos_dkg::{
-    range_proofs::dekart_univariate::{batch_prove, batch_verify, DST},
+    range_proofs::{dekart_univariate::Proof as UnivariateDeKART, traits::BatchedRangeProof},
     utils::test_utils,
 };
 use ark_ec::pairing::Pairing;
 use ark_std::rand::thread_rng;
 use criterion::{criterion_group, criterion_main, Criterion};
 
 /// Generic benchmark function over any pairing curve
-fn bench_range_proof<E: Pairing>(c: &mut Criterion, curve_name: &str) {
+fn bench_range_proof<E: Pairing, B: BatchedRangeProof<E>>(c: &mut Criterion, curve_name: &str) {
     let mut group = c.benchmark_group(format!("range_proof/{}", curve_name));
 
     let ell = std::env::var("L")
@@ -27,14 +27,14 @@ fn bench_range_proof<E: Pairing>(c: &mut Criterion, curve_name: &str) {
         b.iter_with_setup(
             || {
                 let mut rng = thread_rng();
-                let (pp, zz, cc, r) = test_utils::range_proof_random_instance(n, ell, &mut rng);
-                (pp, zz, cc, r)
+                let (pk, _, values, comm, comm_r) =
+                    test_utils::range_proof_random_instance::<_, B, _>(n, ell, &mut rng);
+                (pk, values, comm, comm_r)
             },
-            |(pp, z_vals, com, prover_state)| {
-                let mut fs_t = merlin::Transcript::new(DST);
+            |(pk, values, comm, r)| {
+                let mut fs_t = merlin::Transcript::new(B::DST);
                 let mut rng = thread_rng();
-                let _proof =
-                    batch_prove::<E, _>(&mut rng, &pp, &z_vals, &com, &prover_state, &mut fs_t);
+                let _proof = B::prove(&pk, &values, ell, &comm, &r, &mut fs_t, &mut rng);
             },
         )
     });
@@ -43,23 +43,27 @@ fn bench_range_proof<E: Pairing>(c: &mut Criterion, curve_name: &str) {
         b.iter_with_setup(
             || {
                 let mut rng = thread_rng();
-                let (pp, zz, cc, r) = test_utils::range_proof_random_instance(n, ell, &mut rng);
-                let mut fs_t = merlin::Transcript::new(DST);
-                let proof = batch_prove::<E, _>(&mut rng, &pp, &zz, &cc, &r, &mut fs_t);
-                (pp, cc, proof)
+                let (pk, vk, values, comm, r) =
+                    test_utils::range_proof_random_instance::<_, B, _>(n, ell, &mut rng);
+                let mut fs_t = merlin::Transcript::new(B::DST);
+                let proof = B::prove(&pk, &values, ell, &comm, &r, &mut fs_t, &mut rng);
+                (vk, n, ell, comm, proof)
             },
-            |(pp, com, proof)| {
-                let mut fs_t = merlin::Transcript::new(DST);
-                batch_verify::<E>(&pp, &com, &proof, &mut fs_t).unwrap();
+            |(vk, n, ell, comm, proof)| {
+                let mut fs_t = merlin::Transcript::new(B::DST);
+                proof.verify(&vk, n, ell, &comm, &mut fs_t).unwrap();
             },
         )
     });
 }
 
 // Specialize benchmark for a concrete pairing curve
 fn bench_groups(c: &mut Criterion) {
-    bench_range_proof::<ark_bn254::Bn254>(c, "BN254");
-    bench_range_proof::<ark_bls12_381::Bls12_381>(c, "BLS12-381");
+    use ark_bls12_381::Bls12_381;
+    use ark_bn254::Bn254;
+
+    bench_range_proof::<Bn254, UnivariateDeKART<Bn254>>(c, "BN254");
+    bench_range_proof::<Bls12_381, UnivariateDeKART<Bls12_381>>(c, "BLS12-381");
 }
 
 criterion_group!(

crates/aptos-dkg/src/fiat_shamir.rs

@@ -9,7 +9,7 @@
 
 use crate::{
     pvss::{traits::Transcript, ThresholdConfig},
-    range_proofs::dekart_univariate,
+    range_proofs::traits::BatchedRangeProof,
     utils::random::random_scalar_from_uniform_bytes,
     SCALAR_NUM_BYTES,
 };
@@ -85,15 +85,12 @@ pub trait PVSS<T: Transcript>: ScalarProtocol {
     fn challenge_linear_combination_scalars(&mut self, num_scalars: usize) -> Vec<blstrs::Scalar>;
 }
 
-pub trait RangeProof<E: Pairing> {
+pub trait RangeProof<E: Pairing, B: BatchedRangeProof<E>> {
     fn append_sep(&mut self, dst: &[u8]);
 
-    fn append_vk(&mut self, vk: &(&E::G1, &E::G2, &E::G2, &E::G2));
+    fn append_vk(&mut self, vk: &B::VerificationKey);
 
-    fn append_public_statement(
-        &mut self,
-        public_statement: &(usize, &dekart_univariate::Commitment<E>),
-    );
+    fn append_public_statement(&mut self, public_statement: B::PublicStatement);
 
     fn append_bit_commitments(&mut self, bit_commitments: &(&[E::G1Affine], &[E::G2Affine]));
 
@@ -170,38 +167,23 @@ impl<T: Transcript> PVSS<T> for merlin::Transcript {
 use ark_serialize::CanonicalSerialize;
 
 #[allow(non_snake_case)]
-impl<E: Pairing> RangeProof<E> for merlin::Transcript {
+impl<E: Pairing, B: BatchedRangeProof<E>> RangeProof<E, B> for merlin::Transcript {
     fn append_sep(&mut self, dst: &[u8]) {
         self.append_message(b"dom-sep", dst);
     }
 
-    fn append_vk(&mut self, vk: &(&E::G1, &E::G2, &E::G2, &E::G2)) {
+    fn append_vk(&mut self, vk: &B::VerificationKey) {
         let mut vk_bytes = Vec::new();
-        vk.0.serialize_compressed(&mut vk_bytes) // TODO: change this
-            .expect("vk0 serialization should succeed");
-        vk.1.serialize_compressed(&mut vk_bytes)
-            .expect("vk1 serialization should succeed");
-        vk.2.serialize_compressed(&mut vk_bytes)
-            .expect("vk2 serialization should succeed");
-        vk.3.serialize_compressed(&mut vk_bytes)
-            .expect("vk3 serialization should succeed");
+        vk.serialize_compressed(&mut vk_bytes)
+            .expect("vk serialization should succeed");
         self.append_message(b"vk", vk_bytes.as_slice());
     }
 
-    fn append_public_statement(
-        &mut self,
-        public_statement: &(usize, &dekart_univariate::Commitment<E>),
-    ) {
+    fn append_public_statement(&mut self, public_statement: B::PublicStatement) {
         let mut public_statement_bytes = Vec::new();
         public_statement
-            .0
             .serialize_compressed(&mut public_statement_bytes)
             .expect("public_statement0 serialization should succeed");
-        public_statement
-            .1
-            .serialize_compressed(&mut public_statement_bytes)
-            .expect("public_statement1 serialization should succeed");
-        // TODO: CHANGE THIS STUFF
         self.append_message(b"public-statements", public_statement_bytes.as_slice());
     }