Refactor Merkle tree (#30)

Author: tsunrise

src/commitment/pedersen/mod.rs

@@ -9,7 +9,7 @@ use ark_std::UniformRand;
 use super::CommitmentScheme;
 
 pub use crate::crh::pedersen::Window;
-use crate::crh::{pedersen, FixedLengthCRH};
+use crate::crh::{pedersen, CRH};
 
 #[cfg(feature = "r1cs")]
 pub mod constraints;

src/crh/bowe_hopwood/constraints.rs

@@ -4,7 +4,7 @@ use crate::{
     crh::{
         bowe_hopwood::{Parameters, CHUNK_SIZE, CRH},
         pedersen::Window,
-        FixedLengthCRHGadget,
+        CRHGadget as CRGGadgetTrait,
     },
     Vec,
 };
@@ -37,7 +37,7 @@ where
     _base_field: PhantomData<F>,
 }
 
-impl<P, F, W> FixedLengthCRHGadget<CRH<P, W>, ConstraintF<P>> for CRHGadget<P, F>
+impl<P, F, W> CRGGadgetTrait<CRH<P, W>, ConstraintF<P>> for CRHGadget<P, F>
 where
     for<'a> &'a F: FieldOpsBounds<'a, P::BaseField, F>,
     F: FieldVar<P::BaseField, ConstraintF<P>>,
@@ -108,24 +108,22 @@ where
 mod test {
     use ark_std::rand::Rng;
 
-    use crate::crh::{
-        bowe_hopwood::{constraints::CRHGadget, CRH},
-        pedersen::Window as PedersenWindow,
-        FixedLengthCRH, FixedLengthCRHGadget,
-    };
+    use crate::crh::bowe_hopwood;
+    use crate::crh::pedersen;
+    use crate::{CRHGadget, CRH};
     use ark_ec::ProjectiveCurve;
     use ark_ed_on_bls12_381::{constraints::FqVar, EdwardsParameters, Fq as Fr};
     use ark_r1cs_std::{alloc::AllocVar, uint8::UInt8, R1CSVar};
     use ark_relations::r1cs::{ConstraintSystem, ConstraintSystemRef};
     use ark_std::test_rng;
 
-    type TestCRH = CRH<EdwardsParameters, Window>;
-    type TestCRHGadget = CRHGadget<EdwardsParameters, FqVar>;
+    type TestCRH = bowe_hopwood::CRH<EdwardsParameters, Window>;
+    type TestCRHGadget = bowe_hopwood::constraints::CRHGadget<EdwardsParameters, FqVar>;
 
     #[derive(Clone, PartialEq, Eq, Hash)]
     pub(super) struct Window;
 
-    impl PedersenWindow for Window {
+    impl pedersen::Window for Window {
         const WINDOW_SIZE: usize = 63;
         const NUM_WINDOWS: usize = 8;
     }
@@ -155,12 +153,11 @@ mod test {
         let parameters = TestCRH::setup(rng).unwrap();
         let primitive_result = TestCRH::evaluate(&parameters, &input).unwrap();
 
-        let parameters_var =
-            <TestCRHGadget as FixedLengthCRHGadget<TestCRH, Fr>>::ParametersVar::new_witness(
-                ark_relations::ns!(cs, "parameters_var"),
-                || Ok(&parameters),
-            )
-            .unwrap();
+        let parameters_var = <TestCRHGadget as CRHGadget<TestCRH, Fr>>::ParametersVar::new_witness(
+            ark_relations::ns!(cs, "parameters_var"),
+            || Ok(&parameters),
+        )
+        .unwrap();
         println!(
             "number of constraints for input + params: {}",
             cs.num_constraints()

src/crh/bowe_hopwood/mod.rs

@@ -8,7 +8,7 @@ use ark_std::{
 use rayon::prelude::*;
 
 use super::pedersen;
-use crate::crh::FixedLengthCRH;
+use crate::crh::CRH as CRHTrait;
 use ark_ec::{
     twisted_edwards_extended::GroupProjective as TEProjective, ProjectiveCurve, TEModelParameters,
 };
@@ -50,7 +50,7 @@ impl<P: TEModelParameters, W: pedersen::Window> CRH<P, W> {
     }
 }
 
-impl<P: TEModelParameters, W: pedersen::Window> FixedLengthCRH for CRH<P, W> {
+impl<P: TEModelParameters, W: pedersen::Window> CRHTrait for CRH<P, W> {
     const INPUT_SIZE_BITS: usize = pedersen::CRH::<TEProjective<P>, W>::INPUT_SIZE_BITS;
     type Output = TEProjective<P>;
     type Parameters = Parameters<P>;
@@ -172,8 +172,8 @@ impl<P: TEModelParameters> Debug for Parameters<P> {
 #[cfg(test)]
 mod test {
     use crate::{
-        crh::{bowe_hopwood::CRH, pedersen::Window},
-        FixedLengthCRH,
+        crh::{bowe_hopwood, pedersen::Window},
+        CRH,
     };
     use ark_ed_on_bls12_381::EdwardsParameters;
     use ark_std::test_rng;
@@ -188,9 +188,11 @@ mod test {
         }
 
         let rng = &mut test_rng();
-        let params = <CRH<EdwardsParameters, TestWindow> as FixedLengthCRH>::setup(rng).unwrap();
-        let _ =
-            <CRH<EdwardsParameters, TestWindow> as FixedLengthCRH>::evaluate(&params, &[1, 2, 3])
-                .unwrap();
+        let params = <bowe_hopwood::CRH<EdwardsParameters, TestWindow> as CRH>::setup(rng).unwrap();
+        let _ = <bowe_hopwood::CRH<EdwardsParameters, TestWindow> as CRH>::evaluate(
+            &params,
+            &[1, 2, 3],
+        )
+        .unwrap();
     }
 }

src/crh/constraints.rs

@@ -1,12 +1,12 @@
 use ark_ff::Field;
 use core::fmt::Debug;
 
-use crate::crh::FixedLengthCRH;
+use crate::crh::{TwoToOneCRH, CRH};
 use ark_relations::r1cs::SynthesisError;
 
 use ark_r1cs_std::prelude::*;
 
-pub trait FixedLengthCRHGadget<H: FixedLengthCRH, ConstraintF: Field>: Sized {
+pub trait CRHGadget<H: CRH, ConstraintF: Field>: Sized {
     type OutputVar: EqGadget<ConstraintF>
         + ToBytesGadget<ConstraintF>
         + CondSelectGadget<ConstraintF>
@@ -23,3 +23,22 @@ pub trait FixedLengthCRHGadget<H: FixedLengthCRH, ConstraintF: Field>: Sized {
         input: &[UInt8<ConstraintF>],
     ) -> Result<Self::OutputVar, SynthesisError>;
 }
+
+pub trait TwoToOneCRHGadget<H: TwoToOneCRH, ConstraintF: Field>: Sized {
+    type OutputVar: EqGadget<ConstraintF>
+        + ToBytesGadget<ConstraintF>
+        + CondSelectGadget<ConstraintF>
+        + AllocVar<H::Output, ConstraintF>
+        + R1CSVar<ConstraintF>
+        + Debug
+        + Clone
+        + Sized;
+
+    type ParametersVar: AllocVar<H::Parameters, ConstraintF> + Clone;
+
+    fn evaluate(
+        parameters: &Self::ParametersVar,
+        left_input: &[UInt8<ConstraintF>],
+        right_input: &[UInt8<ConstraintF>],
+    ) -> Result<Self::OutputVar, SynthesisError>;
+}

src/crh/injective_map/constraints.rs

@@ -3,7 +3,7 @@ use core::{fmt::Debug, marker::PhantomData};
 use crate::crh::{
     injective_map::{InjectiveMap, PedersenCRHCompressor, TECompressor},
     pedersen::{constraints as ped_constraints, Window},
-    FixedLengthCRHGadget,
+    CRHGadget,
 };
 
 use ark_ec::{
@@ -72,7 +72,7 @@ where
     _crh: ped_constraints::CRHGadget<C, GG, W>,
 }
 
-impl<C, I, GG, IG, W> FixedLengthCRHGadget<PedersenCRHCompressor<C, I, W>, ConstraintF<C>>
+impl<C, I, GG, IG, W> CRHGadget<PedersenCRHCompressor<C, I, W>, ConstraintF<C>>
     for PedersenCRHCompressorGadget<C, I, W, GG, IG>
 where
     C: ProjectiveCurve,

src/crh/injective_map/mod.rs

@@ -3,7 +3,7 @@ use ark_ff::bytes::ToBytes;
 use ark_std::rand::Rng;
 use ark_std::{fmt::Debug, hash::Hash, marker::PhantomData};
 
-use super::{pedersen, FixedLengthCRH};
+use super::{pedersen, CRH};
 use ark_ec::{
     models::{ModelParameters, TEModelParameters},
     twisted_edwards_extended::{GroupAffine as TEAffine, GroupProjective as TEProjective},
@@ -36,7 +36,7 @@ pub struct PedersenCRHCompressor<C: ProjectiveCurve, I: InjectiveMap<C>, W: pede
     _crh: pedersen::CRH<C, W>,
 }
 
-impl<C: ProjectiveCurve, I: InjectiveMap<C>, W: pedersen::Window> FixedLengthCRH
+impl<C: ProjectiveCurve, I: InjectiveMap<C>, W: pedersen::Window> CRH
     for PedersenCRHCompressor<C, I, W>
 {
     const INPUT_SIZE_BITS: usize = pedersen::CRH::<C, W>::INPUT_SIZE_BITS;

src/crh/mod.rs

@@ -14,7 +14,9 @@ pub mod constraints;
 #[cfg(feature = "r1cs")]
 pub use constraints::*;
 
-pub trait FixedLengthCRH {
+/// Interface to CRH. Note that in this release, while all implementations of `CRH` have fixed length,
+/// variable length CRH may also implement this trait in future.
+pub trait CRH {
     const INPUT_SIZE_BITS: usize;
 
     type Output: ToBytes + Clone + Eq + core::fmt::Debug + Hash + Default;
@@ -23,3 +25,26 @@ pub trait FixedLengthCRH {
     fn setup<R: Rng>(r: &mut R) -> Result<Self::Parameters, Error>;
     fn evaluate(parameters: &Self::Parameters, input: &[u8]) -> Result<Self::Output, Error>;
 }
+
+pub trait TwoToOneCRH {
+    /// The bit size of the left input.
+    const LEFT_INPUT_SIZE_BITS: usize;
+    /// The bit size of the right input.
+    const RIGHT_INPUT_SIZE_BITS: usize;
+
+    type Output: ToBytes + Clone + Eq + core::fmt::Debug + Hash + Default;
+    type Parameters: Clone + Default;
+
+    fn setup<R: Rng>(r: &mut R) -> Result<Self::Parameters, Error>;
+    /// Evaluates this CRH on the left and right inputs.
+    ///
+    /// # Panics
+    ///
+    /// If `left_input.len() != Self::LEFT_INPUT_SIZE_BITS`, or if
+    /// `right_input.len() != Self::RIGHT_INPUT_SIZE_BITS`, then this method panics.
+    fn evaluate(
+        parameters: &Self::Parameters,
+        left_input: &[u8],
+        right_input: &[u8],
+    ) -> Result<Self::Output, Error>;
+}

src/crh/pedersen/constraints.rs

@@ -1,7 +1,7 @@
 use crate::{
     crh::{
         pedersen::{Parameters, Window, CRH},
-        FixedLengthCRHGadget,
+        CRHGadget as CRHGadgetTrait,
     },
     Vec,
 };
@@ -10,6 +10,7 @@ use ark_ff::Field;
 use ark_r1cs_std::prelude::*;
 use ark_relations::r1cs::{Namespace, SynthesisError};
 
+use crate::crh::TwoToOneCRHGadget;
 use core::{borrow::Borrow, marker::PhantomData};
 
 #[derive(Derivative)]
@@ -36,7 +37,7 @@ where
     _window: PhantomData<*const W>,
 }
 
-impl<C, GG, W> FixedLengthCRHGadget<CRH<C, W>, ConstraintF<C>> for CRHGadget<C, GG, W>
+impl<C, GG, W> CRHGadgetTrait<CRH<C, W>, ConstraintF<C>> for CRHGadget<C, GG, W>
 where
     C: ProjectiveCurve,
     GG: CurveVar<C, ConstraintF<C>>,
@@ -74,6 +75,33 @@ where
     }
 }
 
+impl<C, GG, W> TwoToOneCRHGadget<CRH<C, W>, ConstraintF<C>> for CRHGadget<C, GG, W>
+where
+    C: ProjectiveCurve,
+    GG: CurveVar<C, ConstraintF<C>>,
+    W: Window,
+    for<'a> &'a GG: GroupOpsBounds<'a, C, GG>,
+{
+    type OutputVar = GG;
+    type ParametersVar = CRHParametersVar<C, GG>;
+
+    #[tracing::instrument(target = "r1cs", skip(parameters))]
+    fn evaluate(
+        parameters: &Self::ParametersVar,
+        left_input: &[UInt8<ConstraintF<C>>],
+        right_input: &[UInt8<ConstraintF<C>>],
+    ) -> Result<Self::OutputVar, SynthesisError> {
+        // assume equality of left and right length
+        assert_eq!(left_input.len(), right_input.len());
+        let chained_input: Vec<_> = left_input
+            .to_vec()
+            .into_iter()
+            .chain(right_input.to_vec().into_iter())
+            .collect();
+        <Self as CRHGadgetTrait<_, _>>::evaluate(parameters, &chained_input)
+    }
+}
+
 impl<C, GG> AllocVar<Parameters<C>, ConstraintF<C>> for CRHParametersVar<C, GG>
 where
     C: ProjectiveCurve,
@@ -96,14 +124,15 @@ where
 
 #[cfg(test)]
 mod test {
-    use crate::crh::{pedersen, pedersen::constraints::*, FixedLengthCRH, FixedLengthCRHGadget};
+    use crate::crh::{pedersen, CRHGadget, TwoToOneCRH, TwoToOneCRHGadget, CRH};
     use ark_ed_on_bls12_381::{constraints::EdwardsVar, EdwardsProjective as JubJub, Fq as Fr};
+    use ark_r1cs_std::prelude::*;
     use ark_relations::r1cs::{ConstraintSystem, ConstraintSystemRef};
     use ark_std::rand::Rng;
     use ark_std::test_rng;
 
     type TestCRH = pedersen::CRH<JubJub, Window>;
-    type TestCRHGadget = CRHGadget<JubJub, EdwardsVar, Window>;
+    type TestCRHGadget = pedersen::constraints::CRHGadget<JubJub, EdwardsVar, Window>;
 
     #[derive(Clone, PartialEq, Eq, Hash)]
     pub(super) struct Window;
@@ -113,11 +142,12 @@ mod test {
         const NUM_WINDOWS: usize = 8;
     }
 
-    fn generate_input<R: Rng>(
+    fn generate_u8_input<R: Rng>(
         cs: ConstraintSystemRef<Fr>,
+        size: usize,
         rng: &mut R,
-    ) -> ([u8; 128], Vec<UInt8<Fr>>) {
-        let mut input = [1u8; 128];
+    ) -> (Vec<u8>, Vec<UInt8<Fr>>) {
+        let mut input = vec![1u8; size];
         rng.fill_bytes(&mut input);
 
         let mut input_bytes = vec![];
@@ -132,16 +162,48 @@ mod test {
         let rng = &mut test_rng();
         let cs = ConstraintSystem::<Fr>::new_ref();
 
-        let (input, input_var) = generate_input(cs.clone(), rng);
+        let (input, input_var) = generate_u8_input(cs.clone(), 128, rng);
+
+        let parameters = <TestCRH as CRH>::setup(rng).unwrap();
+        let primitive_result = <TestCRH as CRH>::evaluate(&parameters, &input).unwrap();
 
-        let parameters = TestCRH::setup(rng).unwrap();
-        let primitive_result = TestCRH::evaluate(&parameters, &input).unwrap();
+        let parameters_var = pedersen::constraints::CRHParametersVar::new_constant(
+            ark_relations::ns!(cs, "CRH Parameters"),
+            &parameters,
+        )
+        .unwrap();
 
-        let parameters_var =
-            CRHParametersVar::new_constant(ark_relations::ns!(cs, "CRH Parameters"), &parameters)
-                .unwrap();
+        let result_var =
+            <TestCRHGadget as CRHGadget<_, _>>::evaluate(&parameters_var, &input_var).unwrap();
+
+        let primitive_result = primitive_result;
+        assert_eq!(primitive_result, result_var.value().unwrap());
+        assert!(cs.is_satisfied().unwrap());
+    }
+
+    #[test]
+    fn test_naive_two_to_one_equality() {
+        let rng = &mut test_rng();
+        let cs = ConstraintSystem::<Fr>::new_ref();
 
-        let result_var = TestCRHGadget::evaluate(&parameters_var, &input_var).unwrap();
+        let (left_input, left_input_var) = generate_u8_input(cs.clone(), 64, rng);
+        let (right_input, right_input_var) = generate_u8_input(cs.clone(), 64, rng);
+        let parameters = <TestCRH as TwoToOneCRH>::setup(rng).unwrap();
+        let primitive_result =
+            <TestCRH as TwoToOneCRH>::evaluate(&parameters, &left_input, &right_input).unwrap();
+
+        let parameters_var = pedersen::constraints::CRHParametersVar::new_constant(
+            ark_relations::ns!(cs, "CRH Parameters"),
+            &parameters,
+        )
+        .unwrap();
+
+        let result_var = <TestCRHGadget as TwoToOneCRHGadget<_, _>>::evaluate(
+            &parameters_var,
+            &left_input_var,
+            &right_input_var,
+        )
+        .unwrap();
 
         let primitive_result = primitive_result;
         assert_eq!(primitive_result, result_var.value().unwrap());