From c46b79118066111fab83e197e2ef16933d6020a6 Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Fri, 27 Oct 2023 23:13:51 +0800 Subject: [PATCH 1/6] refactor shielded ptx building --- .vscode/settings.json | 3 + .../cascaded_partial_transactions.rs | 217 +++++++++++------- .../partial_fulfillment_token_swap.rs | 203 +++++++++------- taiga_halo2/examples/tx_examples/token.rs | 105 +++++---- .../tx_examples/token_swap_with_intent.rs | 210 ++++++++++------- taiga_halo2/src/action.rs | 18 +- taiga_halo2/src/circuit/vp_examples/token.rs | 24 +- taiga_halo2/src/note.rs | 133 ++++------- taiga_halo2/src/shielded_ptx.rs | 119 +++++----- 9 files changed, 557 insertions(+), 475 deletions(-) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..4d9636b5 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "rust-analyzer.showUnlinkedFileNotification": false +} \ No newline at end of file diff --git a/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs b/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs index f8ef030e..2f0b9bed 100644 --- a/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs +++ b/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs @@ -5,6 +5,7 @@ use halo2_proofs::arithmetic::Field; use pasta_curves::pallas; use rand::{CryptoRng, RngCore}; use taiga_halo2::{ + action::ActionInfo, circuit::vp_examples::{ cascade_intent::{create_intent_note, CascadeIntentValidityPredicateCircuit}, signature_verification::COMPRESSED_TOKEN_AUTH_VK, @@ -12,7 +13,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{InputNoteProvingInfo, OutputNoteProvingInfo}, + note::{NoteValidityPredicates, RandomSeed}, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, @@ -71,106 +72,160 @@ pub fn create_transaction(mut rng: R) -> Transaction { // Alice consumes 1 "BTC" and 2 "ETH". // Alice creates a cascade intent note and 1 "BTC" to Bob. let ptx_1 = { - let input_notes = [*input_note_1.note(), *input_note_2.note()]; - let output_notes = [*output_note_1.note(), cascade_intent_note]; - // Create the input note proving info - let input_note_1_proving_info = input_note_1.generate_input_token_note_proving_info( - &mut rng, - alice_auth, - alice_auth_sk, - merkle_path.clone(), - input_notes, - output_notes, - ); - let input_note_2_proving_info = input_note_2.generate_input_token_note_proving_info( - &mut rng, - alice_auth, - alice_auth_sk, - merkle_path.clone(), - input_notes, - output_notes, - ); - - // Create the output note proving info - let output_note_1_proving_info = output_note_1.generate_output_token_note_proving_info( - &mut rng, - bob_auth, - input_notes, - output_notes, - ); - - let intent_note_proving_info = { - let intent_vp = CascadeIntentValidityPredicateCircuit { - owned_note_pub_id: cascade_intent_note.commitment().inner(), + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let anchor_1 = input_note_1.calculate_root(&merkle_path); + let action_1 = ActionInfo::new( + *input_note_1.note(), + merkle_path.clone(), + anchor_1, + *output_note_1.note(), + rseed_1, + ); + + let rseed_2 = RandomSeed::random(&mut rng); + let anchor_2 = input_note_2.calculate_root(&merkle_path); + let action_2 = ActionInfo::new( + *input_note_2.note(), + merkle_path.clone(), + anchor_2, + cascade_intent_note, + rseed_2, + ); + vec![action_1, action_2] + }; + + // Create VPs + let (input_vps, output_vps) = { + let input_notes = [*input_note_1.note(), *input_note_2.note()]; + let output_notes = [*output_note_1.note(), cascade_intent_note]; + + // Create the input note_1 vps + let input_note_1_vps = input_note_1.generate_input_token_vps( + &mut rng, + alice_auth, + alice_auth_sk, + input_notes, + output_notes, + ); + + // Create the input note_2 vps + let input_note_2_vps = input_note_2.generate_input_token_vps( + &mut rng, + alice_auth, + alice_auth_sk, input_notes, output_notes, - cascade_note_cm: cascade_intent_note.get_app_data_static(), + ); + + // Create the output note_1 vps + let output_note_1_vps = output_note_1.generate_output_token_vps( + &mut rng, + bob_auth, + input_notes, + output_notes, + ); + + // Create intent vps + let intent_vps = { + let intent_vp = CascadeIntentValidityPredicateCircuit { + owned_note_pub_id: cascade_intent_note.commitment().inner(), + input_notes, + output_notes, + cascade_note_cm: cascade_intent_note.get_app_data_static(), + }; + + NoteValidityPredicates::new(Box::new(intent_vp), vec![]) }; - OutputNoteProvingInfo::new(cascade_intent_note, Box::new(intent_vp), vec![]) + ( + vec![input_note_1_vps, input_note_2_vps], + vec![output_note_1_vps, intent_vps], + ) }; // Create shielded partial tx - ShieldedPartialTransaction::build( - [input_note_1_proving_info, input_note_2_proving_info], - [output_note_1_proving_info, intent_note_proving_info], - vec![], - &mut rng, - ) + ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng).unwrap() }; // The second partial transaction: // Alice consumes the intent note and 3 "XAN"; // Alice creates 2 "ETH" and 3 "XAN" to Bob let ptx_2 = { - let input_notes = [cascade_intent_note, *input_note_3.note()]; - let output_notes = [*output_note_2.note(), *output_note_3.note()]; - // Create the input note proving info - let intent_note_proving_info = { - let intent_vp = CascadeIntentValidityPredicateCircuit { - owned_note_pub_id: cascade_intent_note.get_nf().unwrap().inner(), + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let action_1 = ActionInfo::new( + cascade_intent_note, + merkle_path.clone(), + anchor, + *output_note_2.note(), + rseed_1, + ); + + let rseed_2 = RandomSeed::random(&mut rng); + let anchor_2 = input_note_3.calculate_root(&merkle_path); + let action_2 = ActionInfo::new( + *input_note_3.note(), + merkle_path, + anchor_2, + *output_note_3.note(), + rseed_2, + ); + vec![action_1, action_2] + }; + + // Create VPs + let (input_vps, output_vps) = { + let input_notes = [cascade_intent_note, *input_note_3.note()]; + let output_notes = [*output_note_2.note(), *output_note_3.note()]; + + // Create intent vps + let intent_vps = { + let intent_vp = CascadeIntentValidityPredicateCircuit { + owned_note_pub_id: cascade_intent_note.get_nf().unwrap().inner(), + input_notes, + output_notes, + cascade_note_cm: cascade_intent_note.get_app_data_static(), + }; + + NoteValidityPredicates::new(Box::new(intent_vp), vec![]) + }; + + // Create input note_3 vps + let input_note_3_vps = input_note_3.generate_input_token_vps( + &mut rng, + alice_auth, + alice_auth_sk, input_notes, output_notes, - cascade_note_cm: cascade_intent_note.get_app_data_static(), - }; + ); - InputNoteProvingInfo::new( - cascade_intent_note, - merkle_path.clone(), - Some(anchor), - Box::new(intent_vp), - vec![], + // Create output note_2 vps + let output_note_2_vps = output_note_2.generate_output_token_vps( + &mut rng, + bob_auth, + input_notes, + output_notes, + ); + + // Create output note_3 vps + let output_note_3_vps = output_note_3.generate_output_token_vps( + &mut rng, + bob_auth, + input_notes, + output_notes, + ); + + ( + vec![intent_vps, input_note_3_vps], + vec![output_note_2_vps, output_note_3_vps], ) }; - let input_note_3_proving_info = input_note_3.generate_input_token_note_proving_info( - &mut rng, - alice_auth, - alice_auth_sk, - merkle_path, - input_notes, - output_notes, - ); - // Create the output note proving info - let output_note_2_proving_info = output_note_2.generate_output_token_note_proving_info( - &mut rng, - bob_auth, - input_notes, - output_notes, - ); - let output_note_3_proving_info = output_note_3.generate_output_token_note_proving_info( - &mut rng, - bob_auth, - input_notes, - output_notes, - ); // Create shielded partial tx - ShieldedPartialTransaction::build( - [intent_note_proving_info, input_note_3_proving_info], - [output_note_2_proving_info, output_note_3_proving_info], - vec![], - &mut rng, - ) + ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng).unwrap() }; // Create the final transaction diff --git a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs index 0bfbc74e..cf68746c 100644 --- a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs +++ b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs @@ -9,6 +9,7 @@ use halo2_proofs::arithmetic::Field; use pasta_curves::{group::Curve, pallas}; use rand::{CryptoRng, RngCore}; use taiga_halo2::{ + action::ActionInfo, circuit::vp_examples::{ partial_fulfillment_intent::{PartialFulfillmentIntentValidityPredicateCircuit, Swap}, signature_verification::COMPRESSED_TOKEN_AUTH_VK, @@ -16,7 +17,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{InputNoteProvingInfo, Note, OutputNoteProvingInfo}, + note::{Note, NoteValidityPredicates, RandomSeed}, nullifier::NullifierKeyContainer, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, @@ -42,54 +43,77 @@ pub fn create_token_intent_ptx( let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - // Fetch a valid anchor for dummy notes - let anchor = Anchor::from(pallas::Base::random(&mut rng)); - - // Create the input note proving info - let input_note_proving_info = swap.sell.generate_input_token_note_proving_info( - &mut rng, - input_auth, - input_auth_sk, - merkle_path.clone(), - input_notes, - output_notes, - ); + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let anchor_1 = swap.sell.calculate_root(&merkle_path); + let action_1 = ActionInfo::new( + *swap.sell.note(), + merkle_path.clone(), + anchor_1, + intent_note, + rseed_1, + ); + + // Fetch a valid anchor for dummy notes + let anchor_2 = Anchor::from(pallas::Base::random(&mut rng)); + let rseed_2 = RandomSeed::random(&mut rng); + let action_2 = ActionInfo::new( + padding_input_note, + merkle_path, + anchor_2, + padding_output_note, + rseed_2, + ); + vec![action_1, action_2] + }; - // Create the intent note proving info - let intent_note_proving_info = { - let intent_vp = PartialFulfillmentIntentValidityPredicateCircuit { - owned_note_pub_id: intent_note.commitment().inner(), + // Create VPs + let (input_vps, output_vps) = { + // Create the input token vps + let input_token_vps = swap.sell.generate_input_token_vps( + &mut rng, + input_auth, + input_auth_sk, input_notes, output_notes, - swap: swap.clone(), + ); + + // Create the intent vps + let intent_vps = { + let intent_vp = PartialFulfillmentIntentValidityPredicateCircuit { + owned_note_pub_id: intent_note.commitment().inner(), + input_notes, + output_notes, + swap: swap.clone(), + }; + + NoteValidityPredicates::new(Box::new(intent_vp), vec![]) }; - OutputNoteProvingInfo::new(intent_note, Box::new(intent_vp), vec![]) - }; + // Create the padding input vps + let padding_input_vps = NoteValidityPredicates::create_input_padding_note_vps( + &padding_input_note, + input_notes, + output_notes, + ); - // Create the padding input note proving info - let padding_input_note_proving_info = InputNoteProvingInfo::create_padding_note_proving_info( - padding_input_note, - merkle_path, - anchor, - input_notes, - output_notes, - ); + // Create the padding output vps + let padding_output_vps = NoteValidityPredicates::create_output_padding_note_vps( + &padding_output_note, + input_notes, + output_notes, + ); - // Create the padding output note proving info - let padding_output_note_proving_info = OutputNoteProvingInfo::create_padding_note_proving_info( - padding_output_note, - input_notes, - output_notes, - ); + ( + vec![input_token_vps, padding_input_vps], + vec![intent_vps, padding_output_vps], + ) + }; // Create shielded partial tx - let ptx = ShieldedPartialTransaction::build( - [input_note_proving_info, padding_input_note_proving_info], - [intent_note_proving_info, padding_output_note_proving_info], - vec![], - &mut rng, - ); + let ptx = ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng) + .unwrap(); (ptx, swap, intent_note) } @@ -113,54 +137,71 @@ pub fn consume_token_intent_ptx( // Fetch a valid anchor for dummy notes let anchor = Anchor::from(pallas::Base::random(&mut rng)); - // Create the intent note proving info - let intent_note_proving_info = { - let intent_vp = PartialFulfillmentIntentValidityPredicateCircuit { - owned_note_pub_id: intent_note.get_nf().unwrap().inner(), - input_notes, - output_notes, - swap: swap.clone(), - }; - - InputNoteProvingInfo::new( + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let action_1 = ActionInfo::new( intent_note, merkle_path.clone(), - Some(anchor), - Box::new(intent_vp), - vec![], - ) + anchor, + bought_note, + rseed_1, + ); + + let rseed_2 = RandomSeed::random(&mut rng); + let action_2 = ActionInfo::new( + padding_input_note, + merkle_path, + anchor, + returned_note, + rseed_2, + ); + vec![action_1, action_2] }; - // Create the output note proving info - let bought_note_proving_info = TokenNote { - token_name: swap.buy.name().clone(), - note: bought_note, - } - .generate_output_token_note_proving_info(&mut rng, output_auth, input_notes, output_notes); - - // Create the padding input note proving info - let padding_input_note_proving_info = InputNoteProvingInfo::create_padding_note_proving_info( - padding_input_note, - merkle_path, - anchor, - input_notes, - output_notes, - ); + // Create VPs + let (input_vps, output_vps) = { + // Create intent vps + let intent_vps = { + let intent_vp = PartialFulfillmentIntentValidityPredicateCircuit { + owned_note_pub_id: intent_note.get_nf().unwrap().inner(), + input_notes, + output_notes, + swap: swap.clone(), + }; + + NoteValidityPredicates::new(Box::new(intent_vp), vec![]) + }; - // Create the returned note proving info - let returned_note_proving_info = TokenNote { - token_name: swap.sell.token_name().clone(), - note: returned_note, - } - .generate_output_token_note_proving_info(&mut rng, output_auth, input_notes, output_notes); + // Create bought_note_vps + let bought_note_vps = TokenNote { + token_name: swap.buy.name().clone(), + note: bought_note, + } + .generate_output_token_vps(&mut rng, output_auth, input_notes, output_notes); + + // Create the padding input vps + let padding_input_vps = NoteValidityPredicates::create_input_padding_note_vps( + &padding_input_note, + input_notes, + output_notes, + ); + + // Create returned_note_vps + let returned_note_vps = TokenNote { + token_name: swap.sell.token_name().clone(), + note: returned_note, + } + .generate_output_token_vps(&mut rng, output_auth, input_notes, output_notes); + + ( + vec![intent_vps, padding_input_vps], + vec![bought_note_vps, returned_note_vps], + ) + }; // Create shielded partial tx - ShieldedPartialTransaction::build( - [intent_note_proving_info, padding_input_note_proving_info], - [bought_note_proving_info, returned_note_proving_info], - vec![], - &mut rng, - ) + ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng).unwrap() } pub fn create_token_swap_transaction(mut rng: R) -> Transaction { diff --git a/taiga_halo2/examples/tx_examples/token.rs b/taiga_halo2/examples/tx_examples/token.rs index 79b8fb97..48440c0f 100644 --- a/taiga_halo2/examples/tx_examples/token.rs +++ b/taiga_halo2/examples/tx_examples/token.rs @@ -4,13 +4,14 @@ use pasta_curves::pallas; use rand::RngCore; use taiga_halo2::{ + action::ActionInfo, circuit::vp_examples::{ signature_verification::COMPRESSED_TOKEN_AUTH_VK, token::{Token, TokenAuthorization}, }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{InputNoteProvingInfo, Note, OutputNoteProvingInfo}, + note::{Note, NoteValidityPredicates, RandomSeed}, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, }; @@ -48,48 +49,66 @@ pub fn create_token_swap_ptx( // Generate proving info let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - // Fetch a valid anchor for padding input notes - let anchor = Anchor::from(pallas::Base::random(&mut rng)); - - // Create the input note proving info - let input_note_proving_info = input_note.generate_input_token_note_proving_info( - &mut rng, - input_auth, - input_auth_sk, - merkle_path.clone(), - input_notes, - output_notes, - ); - - // Create the output note proving info - let output_note_proving_info = output_note.generate_output_token_note_proving_info( - &mut rng, - output_auth, - input_notes, - output_notes, - ); - - // Create the padding input note proving info - let padding_input_note_proving_info = InputNoteProvingInfo::create_padding_note_proving_info( - padding_input_note, - merkle_path, - anchor, - input_notes, - output_notes, - ); - - // Create the padding output note proving info - let padding_output_note_proving_info = OutputNoteProvingInfo::create_padding_note_proving_info( - padding_output_note, - input_notes, - output_notes, - ); + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let anchor_1 = input_note.calculate_root(&merkle_path); + let action_1 = ActionInfo::new( + *input_note.note(), + merkle_path.clone(), + anchor_1, + *output_note.note(), + rseed_1, + ); + + // Fetch a valid anchor for padding input notes + let anchor_2 = Anchor::from(pallas::Base::random(&mut rng)); + let rseed_2 = RandomSeed::random(&mut rng); + let action_2 = ActionInfo::new( + padding_input_note, + merkle_path, + anchor_2, + padding_output_note, + rseed_2, + ); + vec![action_1, action_2] + }; + + // Create VPs + let (input_vps, output_vps) = { + // Create the input token vps + let input_token_vps = input_note.generate_input_token_vps( + &mut rng, + input_auth, + input_auth_sk, + input_notes, + output_notes, + ); + + // Create the output token vps + let output_token_vps = + output_note.generate_output_token_vps(&mut rng, output_auth, input_notes, output_notes); + + // Create the padding input vps + let padding_input_vps = NoteValidityPredicates::create_input_padding_note_vps( + &padding_input_note, + input_notes, + output_notes, + ); + + // Create the padding output vps + let padding_output_vps = NoteValidityPredicates::create_output_padding_note_vps( + &padding_output_note, + input_notes, + output_notes, + ); + + ( + vec![input_token_vps, padding_input_vps], + vec![output_token_vps, padding_output_vps], + ) + }; // Create shielded partial tx - ShieldedPartialTransaction::build( - [input_note_proving_info, padding_input_note_proving_info], - [output_note_proving_info, padding_output_note_proving_info], - vec![], - &mut rng, - ) + ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng).unwrap() } diff --git a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs index 507cb92f..06a98fe4 100644 --- a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs +++ b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs @@ -9,6 +9,7 @@ use halo2_proofs::arithmetic::Field; use pasta_curves::{group::Curve, pallas}; use rand::{CryptoRng, RngCore}; use taiga_halo2::{ + action::ActionInfo, circuit::vp_examples::{ or_relation_intent::{create_intent_note, OrRelationIntentValidityPredicateCircuit}, signature_verification::COMPRESSED_TOKEN_AUTH_VK, @@ -16,7 +17,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{InputNoteProvingInfo, Note, OutputNoteProvingInfo}, + note::{Note, NoteValidityPredicates, RandomSeed}, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, @@ -59,62 +60,86 @@ pub fn create_token_intent_ptx( let padding_input_note = Note::random_padding_input_note(&mut rng); let padding_input_note_nf = padding_input_note.get_nf().unwrap(); let padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); - // Fetch a valid anchor for padding input notes - let anchor = Anchor::from(pallas::Base::random(&mut rng)); let input_notes = [*input_note.note(), padding_input_note]; let output_notes = [intent_note, padding_output_note]; let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - // Create the input note proving info - let input_note_proving_info = input_note.generate_input_token_note_proving_info( - &mut rng, - input_auth, - input_auth_sk, - merkle_path.clone(), - input_notes, - output_notes, - ); + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let anchor_1 = input_note.calculate_root(&merkle_path); + let action_1 = ActionInfo::new( + *input_note.note(), + merkle_path.clone(), + anchor_1, + intent_note, + rseed_1, + ); - // Create the intent note proving info - let intent_note_proving_info = { - let intent_vp = OrRelationIntentValidityPredicateCircuit { - owned_note_pub_id: intent_note.commitment().inner(), + // Fetch a valid anchor for padding input notes + let anchor_2 = Anchor::from(pallas::Base::random(&mut rng)); + let rseed_2 = RandomSeed::random(&mut rng); + let action_2 = ActionInfo::new( + padding_input_note, + merkle_path, + anchor_2, + padding_output_note, + rseed_2, + ); + vec![action_1, action_2] + }; + + // Create VPs + let (input_vps, output_vps) = { + // Create the input note vps + let input_note_vps = input_note.generate_input_token_vps( + &mut rng, + input_auth, + input_auth_sk, input_notes, output_notes, - token_1, - token_2, - receiver_nk_com: input_note_nk_com, - receiver_app_data_dynamic: input_note.app_data_dynamic, + ); + + // Create the intent note proving info + let intent_note_vps = { + let intent_vp = OrRelationIntentValidityPredicateCircuit { + owned_note_pub_id: intent_note.commitment().inner(), + input_notes, + output_notes, + token_1, + token_2, + receiver_nk_com: input_note_nk_com, + receiver_app_data_dynamic: input_note.app_data_dynamic, + }; + + NoteValidityPredicates::new(Box::new(intent_vp), vec![]) }; - OutputNoteProvingInfo::new(intent_note, Box::new(intent_vp), vec![]) - }; + // Create the padding input vps + let padding_input_vps = NoteValidityPredicates::create_input_padding_note_vps( + &padding_input_note, + input_notes, + output_notes, + ); - // Create the padding input note proving info - let padding_input_note_proving_info = InputNoteProvingInfo::create_padding_note_proving_info( - padding_input_note, - merkle_path, - anchor, - input_notes, - output_notes, - ); + // Create the padding output vps + let padding_output_vps = NoteValidityPredicates::create_output_padding_note_vps( + &padding_output_note, + input_notes, + output_notes, + ); - // Create the padding output note proving info - let padding_output_note_proving_info = OutputNoteProvingInfo::create_padding_note_proving_info( - padding_output_note, - input_notes, - output_notes, - ); + ( + vec![input_note_vps, padding_input_vps], + vec![intent_note_vps, padding_output_vps], + ) + }; // Create shielded partial tx - let ptx = ShieldedPartialTransaction::build( - [input_note_proving_info, padding_input_note_proving_info], - [intent_note_proving_info, padding_output_note_proving_info], - vec![], - &mut rng, - ); + let ptx = ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng) + .unwrap(); ( ptx, @@ -171,58 +196,71 @@ pub fn consume_token_intent_ptx( // Fetch a valid anchor for dummy notes let anchor = Anchor::from(pallas::Base::random(&mut rng)); - // Create the intent note proving info - let intent_note_proving_info = { - let intent_vp = OrRelationIntentValidityPredicateCircuit { - owned_note_pub_id: input_note_nf.inner(), - input_notes, - output_notes, - token_1, - token_2, - receiver_nk_com, - receiver_app_data_dynamic, - }; - - InputNoteProvingInfo::new( + // Create action pairs + let actions = { + let rseed_1 = RandomSeed::random(&mut rng); + let action_1 = ActionInfo::new( intent_note, merkle_path.clone(), - Some(anchor), - Box::new(intent_vp), - vec![], - ) + anchor, + *output_note.note(), + rseed_1, + ); + + let rseed_2 = RandomSeed::random(&mut rng); + let action_2 = ActionInfo::new( + padding_input_note, + merkle_path, + anchor, + padding_output_note, + rseed_2, + ); + vec![action_1, action_2] }; - // Create the output note proving info - let output_note_proving_info = output_note.generate_output_token_note_proving_info( - &mut rng, - output_auth, - input_notes, - output_notes, - ); + // Create VPs + let (input_vps, output_vps) = { + // Create intent vps + let intent_vps = { + let intent_vp = OrRelationIntentValidityPredicateCircuit { + owned_note_pub_id: input_note_nf.inner(), + input_notes, + output_notes, + token_1, + token_2, + receiver_nk_com, + receiver_app_data_dynamic, + }; + + NoteValidityPredicates::new(Box::new(intent_vp), vec![]) + }; - // Create the padding input note proving info - let padding_input_note_proving_info = InputNoteProvingInfo::create_padding_note_proving_info( - padding_input_note, - merkle_path, - anchor, - input_notes, - output_notes, - ); + // Create the output token vps + let output_token_vps = + output_note.generate_output_token_vps(&mut rng, output_auth, input_notes, output_notes); - // Create the padding output note proving info - let padding_output_note_proving_info = OutputNoteProvingInfo::create_padding_note_proving_info( - padding_output_note, - input_notes, - output_notes, - ); + // Create the padding input vps + let padding_input_vps = NoteValidityPredicates::create_input_padding_note_vps( + &padding_input_note, + input_notes, + output_notes, + ); + + // Create the padding output vps + let padding_output_vps = NoteValidityPredicates::create_output_padding_note_vps( + &padding_output_note, + input_notes, + output_notes, + ); + + ( + vec![intent_vps, padding_input_vps], + vec![output_token_vps, padding_output_vps], + ) + }; // Create shielded partial tx - ShieldedPartialTransaction::build( - [intent_note_proving_info, padding_input_note_proving_info], - [output_note_proving_info, padding_output_note_proving_info], - vec![], - &mut rng, - ) + ShieldedPartialTransaction::build(actions, input_vps, output_vps, vec![], &mut rng).unwrap() } pub fn create_token_swap_intent_transaction(mut rng: R) -> Transaction { diff --git a/taiga_halo2/src/action.rs b/taiga_halo2/src/action.rs index c27a9578..005d15fb 100644 --- a/taiga_halo2/src/action.rs +++ b/taiga_halo2/src/action.rs @@ -2,13 +2,12 @@ use crate::{ circuit::action_circuit::ActionCircuit, constant::{PRF_EXPAND_INPUT_VP_CM_R, PRF_EXPAND_OUTPUT_VP_CM_R}, merkle_tree::{Anchor, MerklePath}, - note::{InputNoteProvingInfo, Note, NoteCommitment, OutputNoteProvingInfo, RandomSeed}, + note::{Note, NoteCommitment, RandomSeed}, nullifier::Nullifier, value_commitment::ValueCommitment, vp_commitment::ValidityPredicateCommitment, }; use pasta_curves::pallas; -use rand::RngCore; #[cfg(feature = "nif")] use rustler::NifStruct; @@ -132,21 +131,6 @@ impl ActionInfo { } } - pub fn from_proving_info( - input: InputNoteProvingInfo, - output: OutputNoteProvingInfo, - mut rng: R, - ) -> Self { - let rseed = RandomSeed::random(&mut rng); - Self { - input_note: input.note, - input_merkle_path: input.merkle_path, - input_anchor: input.anchor, - output_note: output.note, - rseed, - } - } - // Get the randomness of value commitment pub fn get_rcv(&self) -> pallas::Scalar { self.rseed.get_rcv() diff --git a/taiga_halo2/src/circuit/vp_examples/token.rs b/taiga_halo2/src/circuit/vp_examples/token.rs index dead3b84..f33277a3 100644 --- a/taiga_halo2/src/circuit/vp_examples/token.rs +++ b/taiga_halo2/src/circuit/vp_examples/token.rs @@ -20,8 +20,7 @@ use crate::{ VP_CIRCUIT_FIRST_DYNAMIC_VP_CM_2, VP_CIRCUIT_SECOND_DYNAMIC_VP_CM_1, VP_CIRCUIT_SECOND_DYNAMIC_VP_CM_2, }, - merkle_tree::MerklePath, - note::{InputNoteProvingInfo, Note, OutputNoteProvingInfo, RandomSeed}, + note::{Note, NoteValidityPredicates, RandomSeed}, nullifier::{Nullifier, NullifierKeyContainer}, proof::Proof, utils::poseidon_hash_n, @@ -151,16 +150,14 @@ impl TokenNote { &self.note } - #[allow(clippy::too_many_arguments)] - pub fn generate_input_token_note_proving_info( + pub fn generate_input_token_vps( &self, mut rng: R, auth: TokenAuthorization, auth_sk: pallas::Scalar, - merkle_path: MerklePath, input_notes: [Note; NUM_NOTE], output_notes: [Note; NUM_NOTE], - ) -> InputNoteProvingInfo { + ) -> NoteValidityPredicates { let TokenNote { token_name, note } = self; // token VP let nf = note.get_nf().unwrap().inner(); @@ -185,23 +182,16 @@ impl TokenNote { *COMPRESSED_RECEIVER_VK, ); - // input note proving info - InputNoteProvingInfo::new( - *note, - merkle_path, - None, - Box::new(token_vp), - vec![Box::new(token_auth_vp)], - ) + NoteValidityPredicates::new(Box::new(token_vp), vec![Box::new(token_auth_vp)]) } - pub fn generate_output_token_note_proving_info( + pub fn generate_output_token_vps( &self, mut rng: R, auth: TokenAuthorization, input_notes: [Note; NUM_NOTE], output_notes: [Note; NUM_NOTE], - ) -> OutputNoteProvingInfo { + ) -> NoteValidityPredicates { let TokenNote { token_name, note } = self; let owned_note_pub_id = note.commitment().inner(); @@ -228,7 +218,7 @@ impl TokenNote { auth_vp_vk: *COMPRESSED_TOKEN_AUTH_VK, }; - OutputNoteProvingInfo::new(*note, Box::new(token_vp), vec![Box::new(receiver_vp)]) + NoteValidityPredicates::new(Box::new(token_vp), vec![Box::new(receiver_vp)]) } } diff --git a/taiga_halo2/src/note.rs b/taiga_halo2/src/note.rs index 8d1d68e9..4d393424 100644 --- a/taiga_halo2/src/note.rs +++ b/taiga_halo2/src/note.rs @@ -9,6 +9,7 @@ use crate::{ }, merkle_tree::{Anchor, MerklePath, Node}, nullifier::{Nullifier, NullifierKeyContainer}, + shielded_ptx::NoteVPVerifyingInfoSet, utils::{poseidon_hash_n, poseidon_to_curve}, }; use blake2b_simd::Params as Blake2bParams; @@ -122,18 +123,9 @@ pub struct NoteType { #[derive(Copy, Clone, Debug, Default)] pub struct RandomSeed([u8; 32]); +/// NoteValidityPredicates includes one application(static) VP and a few dynamic VPs. #[derive(Clone)] -pub struct InputNoteProvingInfo { - pub note: Note, - pub merkle_path: MerklePath, - pub anchor: Anchor, - application_vp: Box, - dynamic_vps: Vec>, -} - -#[derive(Clone)] -pub struct OutputNoteProvingInfo { - pub note: Note, +pub struct NoteValidityPredicates { application_vp: Box, dynamic_vps: Vec>, } @@ -490,96 +482,71 @@ impl RandomSeed { } } -impl InputNoteProvingInfo { +impl NoteValidityPredicates { pub fn new( - note: Note, - merkle_path: MerklePath, - // If no custom anchor is provided then the standard one is calculated from the note and path. - custom_anchor: Option, application_vp: Box, dynamic_vps: Vec>, ) -> Self { - let anchor = match custom_anchor { - Some(anchor) => anchor, - None => note.calculate_root(&merkle_path), - }; Self { - note, - merkle_path, - anchor, application_vp, dynamic_vps, } } - pub fn get_application_vp(&self) -> Box { - self.application_vp.clone() - } + // Generate vp proofs + pub fn build(&self) -> NoteVPVerifyingInfoSet { + let app_vp_verifying_info = self.application_vp.get_verifying_info(); + + let app_dynamic_vp_verifying_info = self + .dynamic_vps + .iter() + .map(|verifying_info| verifying_info.get_verifying_info()) + .collect(); - pub fn get_dynamic_vps(&self) -> Vec> { - self.dynamic_vps.clone() + NoteVPVerifyingInfoSet::new(app_vp_verifying_info, app_dynamic_vp_verifying_info) } - pub fn create_padding_note_proving_info( - padding_note: Note, - merkle_path: MerklePath, - anchor: Anchor, + // Create an input padding note vps + pub fn create_input_padding_note_vps( + note: &Note, input_notes: [Note; NUM_NOTE], - output_notes: [Note; NUM_NOTE], + outputs_notes: [Note; NUM_NOTE], ) -> Self { - let trivail_vp = Box::new(TrivialValidityPredicateCircuit { - owned_note_pub_id: padding_note.get_nf().unwrap().inner(), + let note_id = note.get_nf().unwrap().inner(); + let application_vp = Box::new(TrivialValidityPredicateCircuit::new( + note_id, input_notes, - output_notes, - }); - InputNoteProvingInfo::new(padding_note, merkle_path, Some(anchor), trivail_vp, vec![]) - } -} - -impl OutputNoteProvingInfo { - pub fn new( - note: Note, - application_vp: Box, - dynamic_vps: Vec>, - ) -> Self { + outputs_notes, + )); Self { - note, application_vp, - dynamic_vps, + dynamic_vps: vec![], } } - pub fn get_application_vp(&self) -> Box { - self.application_vp.clone() - } - - pub fn get_dynamic_vps(&self) -> Vec> { - self.dynamic_vps.clone() - } - - pub fn create_padding_note_proving_info( - padding_note: Note, + // Create an output padding note vps + pub fn create_output_padding_note_vps( + note: &Note, input_notes: [Note; NUM_NOTE], - output_notes: [Note; NUM_NOTE], + outputs_notes: [Note; NUM_NOTE], ) -> Self { - let trivail_vp = Box::new(TrivialValidityPredicateCircuit { - owned_note_pub_id: padding_note.commitment().inner(), + let note_id = note.commitment().inner(); + let application_vp = Box::new(TrivialValidityPredicateCircuit::new( + note_id, input_notes, - output_notes, - }); - OutputNoteProvingInfo::new(padding_note, trivail_vp, vec![]) + outputs_notes, + )); + Self { + application_vp, + dynamic_vps: vec![], + } } } #[cfg(test)] pub mod tests { - use super::{InputNoteProvingInfo, Note, NoteType, OutputNoteProvingInfo, RandomSeed}; - use crate::{ - circuit::vp_examples::tests::random_trivial_vp_circuit, - constant::TAIGA_COMMITMENT_TREE_DEPTH, - merkle_tree::MerklePath, - nullifier::{tests::*, Nullifier, NullifierKeyContainer}, - }; + use super::{Note, NoteType, RandomSeed}; + use crate::nullifier::{tests::*, Nullifier, NullifierKeyContainer}; use halo2_proofs::arithmetic::Field; use pasta_curves::pallas; use rand::{Rng, RngCore}; @@ -622,28 +589,6 @@ pub mod tests { } } - pub fn random_input_proving_info(mut rng: R) -> InputNoteProvingInfo { - let note = random_input_note(&mut rng); - let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let application_vp = Box::new(random_trivial_vp_circuit(&mut rng)); - let dynamic_vps = vec![]; - InputNoteProvingInfo::new(note, merkle_path, None, application_vp, dynamic_vps) - } - - pub fn random_output_proving_info( - mut rng: R, - rho: Nullifier, - ) -> OutputNoteProvingInfo { - let note = random_output_note(&mut rng, rho); - let application_vp = Box::new(random_trivial_vp_circuit(&mut rng)); - let dynamic_vps = vec![]; - OutputNoteProvingInfo { - note, - application_vp, - dynamic_vps, - } - } - #[cfg(feature = "borsh")] #[test] fn note_borsh_serialization_test() { diff --git a/taiga_halo2/src/shielded_ptx.rs b/taiga_halo2/src/shielded_ptx.rs index 1027b01d..6ca20fdf 100644 --- a/taiga_halo2/src/shielded_ptx.rs +++ b/taiga_halo2/src/shielded_ptx.rs @@ -7,7 +7,7 @@ use crate::constant::{ use crate::error::TransactionError; use crate::executable::Executable; use crate::merkle_tree::Anchor; -use crate::note::{InputNoteProvingInfo, NoteCommitment, OutputNoteProvingInfo}; +use crate::note::{NoteCommitment, NoteValidityPredicates}; use crate::nullifier::Nullifier; use crate::proof::Proof; use crate::value_commitment::ValueCommitment; @@ -91,7 +91,7 @@ impl ShieldedPartialTransaction { .collect(); let mut rcv_sum = pallas::Scalar::zero(); let actions: Vec = actions - .into_iter() + .iter() .map(|action_info| { rcv_sum += action_info.get_rcv(); ActionVerifyingInfo::create(action_info, &mut rng).unwrap() @@ -108,47 +108,41 @@ impl ShieldedPartialTransaction { } pub fn build( - input_info: [InputNoteProvingInfo; NUM_NOTE], - output_info: [OutputNoteProvingInfo; NUM_NOTE], + action_pairs: Vec, + input_note_vps: Vec, + output_note_vps: Vec, hints: Vec, mut rng: R, - ) -> Self { - let inputs: Vec = input_info + ) -> Result { + // Generate action proofs + let mut rcv_sum = pallas::Scalar::zero(); + let actions: Vec = action_pairs .iter() - .map(|input_note| { - NoteVPVerifyingInfoSet::build( - input_note.get_application_vp(), - input_note.get_dynamic_vps(), - ) + .map(|action_info| { + rcv_sum += action_info.get_rcv(); + ActionVerifyingInfo::create(action_info, &mut rng).unwrap() }) .collect(); - let outputs: Vec = output_info + + // Generate input vp proofs + let inputs: Vec = input_note_vps .iter() - .map(|output_note| { - NoteVPVerifyingInfoSet::build( - output_note.get_application_vp(), - output_note.get_dynamic_vps(), - ) - }) + .map(|input_note_vp| input_note_vp.build()) .collect(); - let mut rcv_sum = pallas::Scalar::zero(); - let actions: Vec = input_info - .into_iter() - .zip(output_info) - .map(|(input, output)| { - let action_info = ActionInfo::from_proving_info(input, output, &mut rng); - rcv_sum += action_info.get_rcv(); - ActionVerifyingInfo::create(action_info, &mut rng).unwrap() - }) + + // Generate output vp proofs + let outputs: Vec = output_note_vps + .iter() + .map(|output_note_vp| output_note_vp.build()) .collect(); - Self { + Ok(Self { actions: actions.try_into().unwrap(), inputs: inputs.try_into().unwrap(), outputs: outputs.try_into().unwrap(), binding_sig_r: rcv_sum, hints, - } + }) } // verify zk proof @@ -377,7 +371,7 @@ impl<'a> Decoder<'a> for ShieldedPartialTransaction { } impl ActionVerifyingInfo { - pub fn create(action_info: ActionInfo, mut rng: R) -> Result { + pub fn create(action_info: &ActionInfo, mut rng: R) -> Result { let (action_instance, circuit) = action_info.build(); let params = SETUP_PARAMS_MAP.get(&ACTION_CIRCUIT_PARAMS_SIZE).unwrap(); let action_proof = Proof::create( @@ -386,8 +380,7 @@ impl ActionVerifyingInfo { circuit, &[&action_instance.to_instance()], &mut rng, - ) - .unwrap(); + )?; Ok(Self { action_proof, action_instance, @@ -417,6 +410,7 @@ impl NoteVPVerifyingInfoSet { } } + // TODO: remove it. pub fn build( application_vp: Box, dynamic_vps: Vec>, @@ -470,11 +464,12 @@ impl NoteVPVerifyingInfoSet { #[cfg(test)] pub mod testing { use crate::{ + action::ActionInfo, circuit::vp_circuit::{ValidityPredicate, ValidityPredicateVerifyingInfo}, circuit::vp_examples::TrivialValidityPredicateCircuit, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::MerklePath, - note::{InputNoteProvingInfo, Note, OutputNoteProvingInfo, RandomSeed}, + note::{Note, NoteValidityPredicates, RandomSeed}, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, utils::poseidon_hash, @@ -538,6 +533,19 @@ pub mod testing { ) }; + // Construct action pair + let merkle_path_1 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); + let anchor_1 = input_note_1.calculate_root(&merkle_path_1); + let rseed_1 = RandomSeed::random(&mut rng); + let action_1 = ActionInfo::new( + input_note_1, + merkle_path_1, + anchor_1, + output_note_1, + rseed_1, + ); + + // Generate notes let input_note_2 = { let app_data_static = pallas::Base::one(); let app_data_dynamic = pallas::Base::zero(); @@ -577,8 +585,18 @@ pub mod testing { ) }; - // Generate note info - let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); + // Construct action pair + let merkle_path_2 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); + let anchor_2 = input_note_2.calculate_root(&merkle_path_2); + let rseed_2 = RandomSeed::random(&mut rng); + let action_2 = ActionInfo::new( + input_note_2, + merkle_path_2, + anchor_2, + output_note_2, + rseed_2, + ); + // Create vp circuit and fill the note info let mut trivial_vp_circuit = TrivialValidityPredicateCircuit { owned_note_pub_id: input_note_1.get_nf().unwrap().inner(), @@ -589,41 +607,30 @@ pub mod testing { let trivial_app_logic_1: Box = Box::new(trivial_vp_circuit.clone()); let trivial_app_logic_2 = Box::new(trivial_vp_circuit.clone()); let trivial_dynamic_vps = vec![trivial_app_logic_1, trivial_app_logic_2]; - let input_note_proving_info_1 = InputNoteProvingInfo::new( - input_note_1, - merkle_path.clone(), - None, - input_application_vp_1, - trivial_dynamic_vps.clone(), - ); + let input_note_1_vps = + NoteValidityPredicates::new(input_application_vp_1, trivial_dynamic_vps); + // The following notes use empty logic vps and use app_data_dynamic with pallas::Base::zero() by default. trivial_vp_circuit.owned_note_pub_id = input_note_2.get_nf().unwrap().inner(); let input_application_vp_2 = Box::new(trivial_vp_circuit.clone()); - let dynamic_vps = vec![]; - let input_note_proving_info_2 = InputNoteProvingInfo::new( - input_note_2, - merkle_path, - None, - input_application_vp_2, - dynamic_vps.clone(), - ); + let input_note_2_vps = NoteValidityPredicates::new(input_application_vp_2, vec![]); trivial_vp_circuit.owned_note_pub_id = output_note_1.commitment().inner(); let output_application_vp_1 = Box::new(trivial_vp_circuit.clone()); - let output_note_proving_info_1 = - OutputNoteProvingInfo::new(output_note_1, output_application_vp_1, dynamic_vps.clone()); + let output_note_1_vps = NoteValidityPredicates::new(output_application_vp_1, vec![]); trivial_vp_circuit.owned_note_pub_id = output_note_2.commitment().inner(); let output_application_vp_2 = Box::new(trivial_vp_circuit); - let output_note_proving_info_2 = - OutputNoteProvingInfo::new(output_note_2, output_application_vp_2, dynamic_vps); + let output_note_2_vps = NoteValidityPredicates::new(output_application_vp_2, vec![]); // Create shielded partial tx ShieldedPartialTransaction::build( - [input_note_proving_info_1, input_note_proving_info_2], - [output_note_proving_info_1, output_note_proving_info_2], + vec![action_1, action_2], + vec![input_note_1_vps, input_note_2_vps], + vec![output_note_1_vps, output_note_2_vps], vec![], &mut rng, ) + .unwrap() } } From a13288ea6867366fef0d32b50c32728ac42cf979 Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Mon, 30 Oct 2023 20:27:21 +0800 Subject: [PATCH 2/6] generate the rseed of action inside of the new function and improve the anchor calculation --- taiga_halo2/benches/action_proof.rs | 3 +-- .../cascaded_partial_transactions.rs | 25 +++++++---------- .../partial_fulfillment_token_swap.rs | 25 +++++++---------- taiga_halo2/examples/tx_examples/token.rs | 15 +++++------ .../tx_examples/token_swap_with_intent.rs | 25 +++++++---------- taiga_halo2/src/action.rs | 27 +++++++++---------- taiga_halo2/src/shielded_ptx.rs | 20 ++------------ taiga_halo2/src/taiga_api.rs | 25 +++-------------- 8 files changed, 54 insertions(+), 111 deletions(-) diff --git a/taiga_halo2/benches/action_proof.rs b/taiga_halo2/benches/action_proof.rs index 9cf5ef64..be9efd2e 100644 --- a/taiga_halo2/benches/action_proof.rs +++ b/taiga_halo2/benches/action_proof.rs @@ -67,8 +67,7 @@ fn bench_action_proof(name: &str, c: &mut Criterion) { }; let input_merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); let anchor = input_note.calculate_root(&input_merkle_path); - let rseed = RandomSeed::random(&mut rng); - ActionInfo::new(input_note, input_merkle_path, anchor, output_note, rseed) + ActionInfo::new(input_note, input_merkle_path, anchor, output_note, &mut rng) }; let (action, action_circuit) = action_info.build(); let params = SETUP_PARAMS_MAP.get(&ACTION_CIRCUIT_PARAMS_SIZE).unwrap(); diff --git a/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs b/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs index 2f0b9bed..e0e16aaf 100644 --- a/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs +++ b/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs @@ -13,7 +13,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{NoteValidityPredicates, RandomSeed}, + note::NoteValidityPredicates, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, @@ -74,24 +74,20 @@ pub fn create_transaction(mut rng: R) -> Transaction { let ptx_1 = { // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); - let anchor_1 = input_note_1.calculate_root(&merkle_path); let action_1 = ActionInfo::new( *input_note_1.note(), merkle_path.clone(), - anchor_1, + None, *output_note_1.note(), - rseed_1, + &mut rng, ); - let rseed_2 = RandomSeed::random(&mut rng); - let anchor_2 = input_note_2.calculate_root(&merkle_path); let action_2 = ActionInfo::new( *input_note_2.note(), merkle_path.clone(), - anchor_2, + None, cascade_intent_note, - rseed_2, + &mut rng, ); vec![action_1, action_2] }; @@ -155,23 +151,20 @@ pub fn create_transaction(mut rng: R) -> Transaction { let ptx_2 = { // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); let action_1 = ActionInfo::new( cascade_intent_note, merkle_path.clone(), - anchor, + Some(anchor), *output_note_2.note(), - rseed_1, + &mut rng, ); - let rseed_2 = RandomSeed::random(&mut rng); - let anchor_2 = input_note_3.calculate_root(&merkle_path); let action_2 = ActionInfo::new( *input_note_3.note(), merkle_path, - anchor_2, + None, *output_note_3.note(), - rseed_2, + &mut rng, ); vec![action_1, action_2] }; diff --git a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs index cf68746c..000657af 100644 --- a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs +++ b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs @@ -17,7 +17,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{Note, NoteValidityPredicates, RandomSeed}, + note::{Note, NoteValidityPredicates}, nullifier::NullifierKeyContainer, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, @@ -45,25 +45,22 @@ pub fn create_token_intent_ptx( // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); - let anchor_1 = swap.sell.calculate_root(&merkle_path); let action_1 = ActionInfo::new( *swap.sell.note(), merkle_path.clone(), - anchor_1, + None, intent_note, - rseed_1, + &mut rng, ); // Fetch a valid anchor for dummy notes - let anchor_2 = Anchor::from(pallas::Base::random(&mut rng)); - let rseed_2 = RandomSeed::random(&mut rng); + let anchor = Anchor::from(pallas::Base::random(&mut rng)); let action_2 = ActionInfo::new( padding_input_note, merkle_path, - anchor_2, + Some(anchor), padding_output_note, - rseed_2, + &mut rng, ); vec![action_1, action_2] }; @@ -139,22 +136,20 @@ pub fn consume_token_intent_ptx( // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); let action_1 = ActionInfo::new( intent_note, merkle_path.clone(), - anchor, + Some(anchor), bought_note, - rseed_1, + &mut rng, ); - let rseed_2 = RandomSeed::random(&mut rng); let action_2 = ActionInfo::new( padding_input_note, merkle_path, - anchor, + Some(anchor), returned_note, - rseed_2, + &mut rng, ); vec![action_1, action_2] }; diff --git a/taiga_halo2/examples/tx_examples/token.rs b/taiga_halo2/examples/tx_examples/token.rs index 48440c0f..cbb09e59 100644 --- a/taiga_halo2/examples/tx_examples/token.rs +++ b/taiga_halo2/examples/tx_examples/token.rs @@ -11,7 +11,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{Note, NoteValidityPredicates, RandomSeed}, + note::{Note, NoteValidityPredicates}, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, }; @@ -51,25 +51,22 @@ pub fn create_token_swap_ptx( // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); - let anchor_1 = input_note.calculate_root(&merkle_path); let action_1 = ActionInfo::new( *input_note.note(), merkle_path.clone(), - anchor_1, + None, *output_note.note(), - rseed_1, + &mut rng, ); // Fetch a valid anchor for padding input notes - let anchor_2 = Anchor::from(pallas::Base::random(&mut rng)); - let rseed_2 = RandomSeed::random(&mut rng); + let anchor = Anchor::from(pallas::Base::random(&mut rng)); let action_2 = ActionInfo::new( padding_input_note, merkle_path, - anchor_2, + Some(anchor), padding_output_note, - rseed_2, + &mut rng, ); vec![action_1, action_2] }; diff --git a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs index 06a98fe4..867f7818 100644 --- a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs +++ b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs @@ -17,7 +17,7 @@ use taiga_halo2::{ }, constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, - note::{Note, NoteValidityPredicates, RandomSeed}, + note::{Note, NoteValidityPredicates}, nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, @@ -68,25 +68,22 @@ pub fn create_token_intent_ptx( // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); - let anchor_1 = input_note.calculate_root(&merkle_path); let action_1 = ActionInfo::new( *input_note.note(), merkle_path.clone(), - anchor_1, + None, intent_note, - rseed_1, + &mut rng, ); // Fetch a valid anchor for padding input notes - let anchor_2 = Anchor::from(pallas::Base::random(&mut rng)); - let rseed_2 = RandomSeed::random(&mut rng); + let anchor = Anchor::from(pallas::Base::random(&mut rng)); let action_2 = ActionInfo::new( padding_input_note, merkle_path, - anchor_2, + Some(anchor), padding_output_note, - rseed_2, + &mut rng, ); vec![action_1, action_2] }; @@ -198,22 +195,20 @@ pub fn consume_token_intent_ptx( // Create action pairs let actions = { - let rseed_1 = RandomSeed::random(&mut rng); let action_1 = ActionInfo::new( intent_note, merkle_path.clone(), - anchor, + Some(anchor), *output_note.note(), - rseed_1, + &mut rng, ); - let rseed_2 = RandomSeed::random(&mut rng); let action_2 = ActionInfo::new( padding_input_note, merkle_path, - anchor, + Some(anchor), padding_output_note, - rseed_2, + &mut rng, ); vec![action_1, action_2] }; diff --git a/taiga_halo2/src/action.rs b/taiga_halo2/src/action.rs index 005d15fb..2c778840 100644 --- a/taiga_halo2/src/action.rs +++ b/taiga_halo2/src/action.rs @@ -8,6 +8,7 @@ use crate::{ vp_commitment::ValidityPredicateCommitment, }; use pasta_curves::pallas; +use rand::RngCore; #[cfg(feature = "nif")] use rustler::NifStruct; @@ -115,19 +116,26 @@ impl BorshDeserialize for ActionPublicInputs { } impl ActionInfo { - pub fn new( + // The dummy input note must provide a valid custom_anchor, but a random merkle path + // The normal input note only needs to provide a valid merkle path. The anchor will be calculated from the note and path. + pub fn new( input_note: Note, input_merkle_path: MerklePath, - input_anchor: Anchor, + custom_anchor: Option, output_note: Note, - rseed: RandomSeed, + mut rng: R, ) -> Self { + let input_anchor = match custom_anchor { + Some(anchor) => anchor, + None => input_note.calculate_root(&input_merkle_path), + }; + Self { input_note, input_merkle_path, input_anchor, output_note, - rseed, + rseed: RandomSeed::random(&mut rng), } } @@ -194,21 +202,12 @@ pub mod tests { use crate::constant::TAIGA_COMMITMENT_TREE_DEPTH; use crate::merkle_tree::MerklePath; use crate::note::tests::{random_input_note, random_output_note}; - use crate::note::RandomSeed; use rand::RngCore; pub fn random_action_info(mut rng: R) -> ActionInfo { let input_note = random_input_note(&mut rng); let output_note = random_output_note(&mut rng, input_note.get_nf().unwrap()); let input_merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let input_anchor = input_note.calculate_root(&input_merkle_path); - let rseed = RandomSeed::random(&mut rng); - ActionInfo::new( - input_note, - input_merkle_path, - input_anchor, - output_note, - rseed, - ) + ActionInfo::new(input_note, input_merkle_path, None, output_note, &mut rng) } } diff --git a/taiga_halo2/src/shielded_ptx.rs b/taiga_halo2/src/shielded_ptx.rs index 6ca20fdf..3e8f36a0 100644 --- a/taiga_halo2/src/shielded_ptx.rs +++ b/taiga_halo2/src/shielded_ptx.rs @@ -535,15 +535,7 @@ pub mod testing { // Construct action pair let merkle_path_1 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let anchor_1 = input_note_1.calculate_root(&merkle_path_1); - let rseed_1 = RandomSeed::random(&mut rng); - let action_1 = ActionInfo::new( - input_note_1, - merkle_path_1, - anchor_1, - output_note_1, - rseed_1, - ); + let action_1 = ActionInfo::new(input_note_1, merkle_path_1, None, output_note_1, &mut rng); // Generate notes let input_note_2 = { @@ -587,15 +579,7 @@ pub mod testing { // Construct action pair let merkle_path_2 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let anchor_2 = input_note_2.calculate_root(&merkle_path_2); - let rseed_2 = RandomSeed::random(&mut rng); - let action_2 = ActionInfo::new( - input_note_2, - merkle_path_2, - anchor_2, - output_note_2, - rseed_2, - ); + let action_2 = ActionInfo::new(input_note_2, merkle_path_2, None, output_note_2, &mut rng); // Create vp circuit and fill the note info let mut trivial_vp_circuit = TrivialValidityPredicateCircuit { diff --git a/taiga_halo2/src/taiga_api.rs b/taiga_halo2/src/taiga_api.rs index bb27fe62..afc4adae 100644 --- a/taiga_halo2/src/taiga_api.rs +++ b/taiga_halo2/src/taiga_api.rs @@ -265,10 +265,7 @@ pub mod tests { use crate::circuit::vp_examples::TrivialValidityPredicateCircuit; use crate::constant::TAIGA_COMMITMENT_TREE_DEPTH; use crate::merkle_tree::MerklePath; - use crate::note::{ - tests::{random_input_note, random_output_note}, - RandomSeed, - }; + use crate::note::tests::{random_input_note, random_output_note}; let mut rng = OsRng; @@ -277,29 +274,13 @@ pub mod tests { let input_note_1_nf = input_note_1.get_nf().unwrap(); let output_note_1 = random_output_note(&mut rng, input_note_1_nf); let merkle_path_1 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let anchor_1 = input_note_1.calculate_root(&merkle_path_1); - let rseed_1 = RandomSeed::random(&mut rng); - let action_1 = ActionInfo::new( - input_note_1, - merkle_path_1, - anchor_1, - output_note_1, - rseed_1, - ); + let action_1 = ActionInfo::new(input_note_1, merkle_path_1, None, output_note_1, &mut rng); let input_note_2 = random_input_note(&mut rng); let input_note_2_nf = input_note_2.get_nf().unwrap(); let output_note_2 = random_output_note(&mut rng, input_note_2_nf); let merkle_path_2 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let anchor_2 = input_note_2.calculate_root(&merkle_path_2); - let rseed_2 = RandomSeed::random(&mut rng); - let action_2 = ActionInfo::new( - input_note_2, - merkle_path_2, - anchor_2, - output_note_2, - rseed_2, - ); + let action_2 = ActionInfo::new(input_note_2, merkle_path_2, None, output_note_2, &mut rng); // construct applications let input_note_1_app = { From 2f3e1cde5bb4852a4d7828f1de2d2363aea2cd50 Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Wed, 1 Nov 2023 20:18:43 +0800 Subject: [PATCH 3/6] automatically reset the rho of output note when constructing the Action --- taiga_halo2/benches/action_proof.rs | 11 +++- .../cascaded_partial_transactions.rs | 52 ++++++----------- .../partial_fulfillment_token_swap.rs | 27 +++++---- taiga_halo2/examples/tx_examples/token.rs | 23 +++----- .../tx_examples/token_swap_with_intent.rs | 58 +++++++------------ .../tx_examples/token_swap_without_intent.rs | 12 ++-- taiga_halo2/src/action.rs | 17 ++++-- .../src/circuit/vp_examples/cascade_intent.rs | 13 ++--- .../circuit/vp_examples/or_relation_intent.rs | 12 ++-- .../partial_fulfillment_intent/swap.rs | 23 +++----- taiga_halo2/src/circuit/vp_examples/token.rs | 34 +++++++++-- taiga_halo2/src/note.rs | 37 +++++++++++- taiga_halo2/src/shielded_ptx.rs | 46 ++++++++------- taiga_halo2/src/taiga_api.rs | 40 +++++++------ 14 files changed, 217 insertions(+), 188 deletions(-) diff --git a/taiga_halo2/benches/action_proof.rs b/taiga_halo2/benches/action_proof.rs index be9efd2e..fa1dfc88 100644 --- a/taiga_halo2/benches/action_proof.rs +++ b/taiga_halo2/benches/action_proof.rs @@ -43,7 +43,7 @@ fn bench_action_proof(name: &str, c: &mut Criterion) { rho, } }; - let output_note = { + let mut output_note = { let rho = input_note.get_nf().unwrap(); let nk_com = NullifierKeyContainer::from_commitment(pallas::Base::random(&mut rng)); let note_type = { @@ -66,8 +66,13 @@ fn bench_action_proof(name: &str, c: &mut Criterion) { } }; let input_merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let anchor = input_note.calculate_root(&input_merkle_path); - ActionInfo::new(input_note, input_merkle_path, anchor, output_note, &mut rng) + ActionInfo::new( + input_note, + input_merkle_path, + None, + &mut output_note, + &mut rng, + ) }; let (action, action_circuit) = action_info.build(); let params = SETUP_PARAMS_MAP.get(&ACTION_CIRCUIT_PARAMS_SIZE).unwrap(); diff --git a/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs b/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs index e0e16aaf..a1138d54 100644 --- a/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs +++ b/taiga_halo2/examples/tx_examples/cascaded_partial_transactions.rs @@ -14,7 +14,6 @@ use taiga_halo2::{ constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, note::NoteValidityPredicates, - nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, }; @@ -22,46 +21,29 @@ use taiga_halo2::{ pub fn create_transaction(mut rng: R) -> Transaction { let alice_auth_sk = pallas::Scalar::random(&mut rng); let alice_auth = TokenAuthorization::from_sk_vk(&alice_auth_sk, &COMPRESSED_TOKEN_AUTH_VK); - let alice_nk = NullifierKeyContainer::random_key(&mut rng); + let alice_nk = pallas::Base::random(&mut rng); let bob_auth = TokenAuthorization::random(&mut rng); - let bob_nk_com = NullifierKeyContainer::random_commitment(&mut rng); + let bob_nk_com = pallas::Base::random(&mut rng); - let rho = Nullifier::from(pallas::Base::random(&mut rng)); let input_token_1 = Token::new("btc".to_string(), 1u64); - let input_note_1 = input_token_1.create_random_token_note(&mut rng, rho, alice_nk, &alice_auth); + let input_note_1 = + input_token_1.create_random_input_token_note(&mut rng, alice_nk, &alice_auth); let output_token_1 = Token::new("btc".to_string(), 1u64); - let output_note_1 = output_token_1.create_random_token_note( - &mut rng, - input_note_1.get_nf().unwrap(), - bob_nk_com, - &bob_auth, - ); + let mut output_note_1 = output_token_1.create_random_output_token_note(bob_nk_com, &bob_auth); let input_token_2 = Token::new("eth".to_string(), 2u64); - let input_note_2 = input_token_2.create_random_token_note(&mut rng, rho, alice_nk, &alice_auth); + let input_note_2 = + input_token_2.create_random_input_token_note(&mut rng, alice_nk, &alice_auth); let input_token_3 = Token::new("xan".to_string(), 3u64); - let input_note_3 = input_token_3.create_random_token_note(&mut rng, rho, alice_nk, &alice_auth); - let cascade_intent_note = create_intent_note( - &mut rng, - input_note_3.commitment().inner(), - input_note_2.get_nf().unwrap(), - alice_nk, - ); + let input_note_3 = + input_token_3.create_random_input_token_note(&mut rng, alice_nk, &alice_auth); + let mut cascade_intent_note = + create_intent_note(&mut rng, input_note_3.commitment().inner(), alice_nk); let output_token_2 = Token::new("eth".to_string(), 2u64); - let output_note_2 = output_token_2.create_random_token_note( - &mut rng, - cascade_intent_note.get_nf().unwrap(), - bob_nk_com, - &bob_auth, - ); + let mut output_note_2 = output_token_2.create_random_output_token_note(bob_nk_com, &bob_auth); let output_token_3 = Token::new("xan".to_string(), 3u64); - let output_note_3 = output_token_3.create_random_token_note( - &mut rng, - input_note_3.get_nf().unwrap(), - bob_nk_com, - &bob_auth, - ); + let mut output_note_3 = output_token_3.create_random_output_token_note(bob_nk_com, &bob_auth); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); @@ -78,7 +60,7 @@ pub fn create_transaction(mut rng: R) -> Transaction { *input_note_1.note(), merkle_path.clone(), None, - *output_note_1.note(), + &mut output_note_1.note, &mut rng, ); @@ -86,7 +68,7 @@ pub fn create_transaction(mut rng: R) -> Transaction { *input_note_2.note(), merkle_path.clone(), None, - cascade_intent_note, + &mut cascade_intent_note, &mut rng, ); vec![action_1, action_2] @@ -155,7 +137,7 @@ pub fn create_transaction(mut rng: R) -> Transaction { cascade_intent_note, merkle_path.clone(), Some(anchor), - *output_note_2.note(), + &mut output_note_2.note, &mut rng, ); @@ -163,7 +145,7 @@ pub fn create_transaction(mut rng: R) -> Transaction { *input_note_3.note(), merkle_path, None, - *output_note_3.note(), + &mut output_note_3.note, &mut rng, ); vec![action_1, action_2] diff --git a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs index 000657af..ff2d3a87 100644 --- a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs +++ b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs @@ -31,16 +31,12 @@ pub fn create_token_intent_ptx( ) -> (ShieldedPartialTransaction, Swap, Note) { let input_auth = TokenAuthorization::from_sk_vk(&input_auth_sk, &COMPRESSED_TOKEN_AUTH_VK); let swap = Swap::random(&mut rng, sell, buy, input_auth); - let intent_note = swap.create_intent_note(&mut rng); + let mut intent_note = swap.create_intent_note(&mut rng); // padding the zero notes let padding_input_note = Note::random_padding_input_note(&mut rng); let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); - - let input_notes = [*swap.sell.note(), padding_input_note]; - let output_notes = [intent_note, padding_output_note]; - + let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); // Create action pairs @@ -49,7 +45,7 @@ pub fn create_token_intent_ptx( *swap.sell.note(), merkle_path.clone(), None, - intent_note, + &mut intent_note, &mut rng, ); @@ -59,7 +55,7 @@ pub fn create_token_intent_ptx( padding_input_note, merkle_path, Some(anchor), - padding_output_note, + &mut padding_output_note, &mut rng, ); vec![action_1, action_2] @@ -67,6 +63,8 @@ pub fn create_token_intent_ptx( // Create VPs let (input_vps, output_vps) = { + let input_notes = [*swap.sell.note(), padding_input_note]; + let output_notes = [intent_note, padding_output_note]; // Create the input token vps let input_token_vps = swap.sell.generate_input_token_vps( &mut rng, @@ -123,9 +121,9 @@ pub fn consume_token_intent_ptx( offer: Token, output_auth_pk: pallas::Point, ) -> ShieldedPartialTransaction { - let (input_notes, output_notes) = swap.fill(&mut rng, intent_note, offer); + let (input_notes, [mut bought_note, mut returned_note]) = + swap.fill(&mut rng, intent_note, offer); let [intent_note, padding_input_note] = input_notes; - let [bought_note, returned_note] = output_notes; // output notes let output_auth = TokenAuthorization::new(output_auth_pk, *COMPRESSED_TOKEN_AUTH_VK); @@ -140,7 +138,7 @@ pub fn consume_token_intent_ptx( intent_note, merkle_path.clone(), Some(anchor), - bought_note, + &mut bought_note, &mut rng, ); @@ -148,7 +146,7 @@ pub fn consume_token_intent_ptx( padding_input_note, merkle_path, Some(anchor), - returned_note, + &mut returned_note, &mut rng, ); vec![action_1, action_2] @@ -156,6 +154,7 @@ pub fn consume_token_intent_ptx( // Create VPs let (input_vps, output_vps) = { + let output_notes = [bought_note, returned_note]; // Create intent vps let intent_vps = { let intent_vp = PartialFulfillmentIntentValidityPredicateCircuit { @@ -223,10 +222,10 @@ pub fn create_token_swap_transaction(mut rng: R) -> Tran &mut rng, offer.clone(), bob_auth_sk, - bob_nk, + bob_nk.get_nk().unwrap(), returned, bob_auth_pk, - bob_nk.to_commitment(), + bob_nk.get_commitment(), ); // Solver/Bob creates the partial transaction to consume the intent note diff --git a/taiga_halo2/examples/tx_examples/token.rs b/taiga_halo2/examples/tx_examples/token.rs index cbb09e59..b4f38e1e 100644 --- a/taiga_halo2/examples/tx_examples/token.rs +++ b/taiga_halo2/examples/tx_examples/token.rs @@ -12,7 +12,6 @@ use taiga_halo2::{ constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, note::{Note, NoteValidityPredicates}, - nullifier::{Nullifier, NullifierKeyContainer}, shielded_ptx::ShieldedPartialTransaction, }; @@ -21,30 +20,24 @@ pub fn create_token_swap_ptx( mut rng: R, input_token: Token, input_auth_sk: pallas::Scalar, - input_nk: NullifierKeyContainer, // NullifierKeyContainer::Key + input_nk: pallas::Base, output_token: Token, output_auth_pk: pallas::Point, - output_nk_com: NullifierKeyContainer, // NullifierKeyContainer::Commitment + output_nk_com: pallas::Base, ) -> ShieldedPartialTransaction { let input_auth = TokenAuthorization::from_sk_vk(&input_auth_sk, &COMPRESSED_TOKEN_AUTH_VK); // input note - let rho = Nullifier::from(pallas::Base::random(&mut rng)); - let input_note = input_token.create_random_token_note(&mut rng, rho, input_nk, &input_auth); + let input_note = input_token.create_random_input_token_note(&mut rng, input_nk, &input_auth); // output note - let input_note_nf = input_note.get_nf().unwrap(); let output_auth = TokenAuthorization::new(output_auth_pk, *COMPRESSED_TOKEN_AUTH_VK); - let output_note = - output_token.create_random_token_note(&mut rng, input_note_nf, output_nk_com, &output_auth); + let mut output_note = output_token.create_random_output_token_note(output_nk_com, &output_auth); // padding the zero notes let padding_input_note = Note::random_padding_input_note(&mut rng); let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); - - let input_notes = [*input_note.note(), padding_input_note]; - let output_notes = [*output_note.note(), padding_output_note]; + let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); // Generate proving info let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); @@ -55,7 +48,7 @@ pub fn create_token_swap_ptx( *input_note.note(), merkle_path.clone(), None, - *output_note.note(), + &mut output_note.note, &mut rng, ); @@ -65,7 +58,7 @@ pub fn create_token_swap_ptx( padding_input_note, merkle_path, Some(anchor), - padding_output_note, + &mut padding_output_note, &mut rng, ); vec![action_1, action_2] @@ -73,6 +66,8 @@ pub fn create_token_swap_ptx( // Create VPs let (input_vps, output_vps) = { + let input_notes = [*input_note.note(), padding_input_note]; + let output_notes = [*output_note.note(), padding_output_note]; // Create the input token vps let input_token_vps = input_note.generate_input_token_vps( &mut rng, diff --git a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs index 867f7818..69fc5c39 100644 --- a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs +++ b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs @@ -18,7 +18,7 @@ use taiga_halo2::{ constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::{Anchor, MerklePath}, note::{Note, NoteValidityPredicates}, - nullifier::{Nullifier, NullifierKeyContainer}, + nullifier::NullifierKeyContainer, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, }; @@ -29,40 +29,33 @@ pub fn create_token_intent_ptx( token_2: Token, input_token: Token, input_auth_sk: pallas::Scalar, - input_nk: NullifierKeyContainer, // NullifierKeyContainer::Key + input_nk: pallas::Base, ) -> ( ShieldedPartialTransaction, - NullifierKeyContainer, pallas::Base, pallas::Base, - Nullifier, + pallas::Base, ) { let input_auth = TokenAuthorization::from_sk_vk(&input_auth_sk, &COMPRESSED_TOKEN_AUTH_VK); // input note - let rho = Nullifier::from(pallas::Base::random(&mut rng)); - let input_note = input_token.create_random_token_note(&mut rng, rho, input_nk, &input_auth); + let input_note = input_token.create_random_input_token_note(&mut rng, input_nk, &input_auth); // output intent note - let input_note_nf = input_note.get_nf().unwrap(); let input_note_nk_com = input_note.get_nk_commitment(); - let intent_note = create_intent_note( + let mut intent_note = create_intent_note( &mut rng, &token_1, &token_2, input_note_nk_com, input_note.app_data_dynamic, - input_note_nf, input_nk, ); // padding the zero notes let padding_input_note = Note::random_padding_input_note(&mut rng); let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); - - let input_notes = [*input_note.note(), padding_input_note]; - let output_notes = [intent_note, padding_output_note]; + let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); @@ -72,7 +65,7 @@ pub fn create_token_intent_ptx( *input_note.note(), merkle_path.clone(), None, - intent_note, + &mut intent_note, &mut rng, ); @@ -82,7 +75,7 @@ pub fn create_token_intent_ptx( padding_input_note, merkle_path, Some(anchor), - padding_output_note, + &mut padding_output_note, &mut rng, ); vec![action_1, action_2] @@ -90,6 +83,8 @@ pub fn create_token_intent_ptx( // Create VPs let (input_vps, output_vps) = { + let input_notes = [*input_note.note(), padding_input_note]; + let output_notes = [intent_note, padding_output_note]; // Create the input note vps let input_note_vps = input_note.generate_input_token_vps( &mut rng, @@ -143,7 +138,6 @@ pub fn create_token_intent_ptx( input_nk, input_note_nk_com, input_note.app_data_dynamic, - rho, ) } @@ -152,8 +146,7 @@ pub fn consume_token_intent_ptx( mut rng: R, token_1: Token, token_2: Token, - input_rho: Nullifier, - input_nk: NullifierKeyContainer, // NullifierKeyContainer::Key + input_nk: pallas::Base, receiver_nk_com: pallas::Base, receiver_app_data_dynamic: pallas::Base, output_token: Token, @@ -166,27 +159,19 @@ pub fn consume_token_intent_ptx( &token_2, receiver_nk_com, receiver_app_data_dynamic, - input_rho, input_nk, ); // output note let input_note_nf = intent_note.get_nf().unwrap(); let output_auth = TokenAuthorization::new(output_auth_pk, *COMPRESSED_TOKEN_AUTH_VK); - let output_note = output_token.create_random_token_note( - &mut rng, - input_note_nf, - input_nk.to_commitment(), - &output_auth, - ); + let output_nk_com = NullifierKeyContainer::from_key(input_nk).get_commitment(); + let mut output_note = output_token.create_random_output_token_note(output_nk_com, &output_auth); // padding the zero notes let padding_input_note = Note::random_padding_input_note(&mut rng); let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); - - let input_notes = [intent_note, padding_input_note]; - let output_notes = [*output_note.note(), padding_output_note]; + let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); @@ -199,7 +184,7 @@ pub fn consume_token_intent_ptx( intent_note, merkle_path.clone(), Some(anchor), - *output_note.note(), + &mut output_note.note, &mut rng, ); @@ -207,7 +192,7 @@ pub fn consume_token_intent_ptx( padding_input_note, merkle_path, Some(anchor), - padding_output_note, + &mut padding_output_note, &mut rng, ); vec![action_1, action_2] @@ -215,6 +200,8 @@ pub fn consume_token_intent_ptx( // Create VPs let (input_vps, output_vps) = { + let input_notes = [intent_note, padding_input_note]; + let output_notes = [*output_note.note(), padding_output_note]; // Create intent vps let intent_vps = { let intent_vp = OrRelationIntentValidityPredicateCircuit { @@ -264,11 +251,11 @@ pub fn create_token_swap_intent_transaction(mut rng: R) // Alice creates the partial transaction with 5 BTC input and intent output let alice_auth_sk = pallas::Scalar::random(&mut rng); let alice_auth_pk = generator * alice_auth_sk; - let alice_nk = NullifierKeyContainer::random_key(&mut rng); + let alice_nk = pallas::Base::random(&mut rng); let token_1 = Token::new("dolphin".to_string(), 1u64); let token_2 = Token::new("monkey".to_string(), 2u64); let btc_token = Token::new("btc".to_string(), 5u64); - let (alice_ptx, intent_nk, receiver_nk_com, receiver_app_data_dynamic, intent_rho) = + let (alice_ptx, intent_nk, receiver_nk_com, receiver_app_data_dynamic) = create_token_intent_ptx( &mut rng, token_1.clone(), @@ -287,10 +274,10 @@ pub fn create_token_swap_intent_transaction(mut rng: R) &mut rng, token_1.clone(), bob_auth_sk, - bob_nk, + bob_nk.get_nk().unwrap(), btc_token, bob_auth_pk, - bob_nk.to_commitment(), + bob_nk.get_commitment(), ); // Solver/Bob creates the partial transaction to consume the intent note @@ -299,7 +286,6 @@ pub fn create_token_swap_intent_transaction(mut rng: R) &mut rng, token_1.clone(), token_2, - intent_rho, intent_nk, receiver_nk_com, receiver_app_data_dynamic, diff --git a/taiga_halo2/examples/tx_examples/token_swap_without_intent.rs b/taiga_halo2/examples/tx_examples/token_swap_without_intent.rs index c23a1819..90e34fbf 100644 --- a/taiga_halo2/examples/tx_examples/token_swap_without_intent.rs +++ b/taiga_halo2/examples/tx_examples/token_swap_without_intent.rs @@ -30,10 +30,10 @@ pub fn create_token_swap_transaction(mut rng: R) -> Tran &mut rng, btc_token.clone(), alice_auth_sk, - alice_nk, + alice_nk.get_nk().unwrap(), eth_token.clone(), alice_auth_pk, - alice_nk.to_commitment(), + alice_nk.get_commitment(), ); // Bob creates the partial transaction @@ -45,10 +45,10 @@ pub fn create_token_swap_transaction(mut rng: R) -> Tran &mut rng, eth_token, bob_auth_sk, - bob_nk, + bob_nk.get_nk().unwrap(), xan_token.clone(), bob_auth_pk, - bob_nk.to_commitment(), + bob_nk.get_commitment(), ); // Carol creates the partial transaction @@ -60,10 +60,10 @@ pub fn create_token_swap_transaction(mut rng: R) -> Tran &mut rng, xan_token, carol_auth_sk, - carol_nk, + carol_nk.get_nk().unwrap(), btc_token, carol_auth_pk, - carol_nk.to_commitment(), + carol_nk.get_commitment(), ); // Solver creates the final transaction diff --git a/taiga_halo2/src/action.rs b/taiga_halo2/src/action.rs index 2c778840..e5210e04 100644 --- a/taiga_halo2/src/action.rs +++ b/taiga_halo2/src/action.rs @@ -118,11 +118,12 @@ impl BorshDeserialize for ActionPublicInputs { impl ActionInfo { // The dummy input note must provide a valid custom_anchor, but a random merkle path // The normal input note only needs to provide a valid merkle path. The anchor will be calculated from the note and path. + // The rho of output_note will be reset to the nullifier of input_note pub fn new( input_note: Note, input_merkle_path: MerklePath, custom_anchor: Option, - output_note: Note, + output_note: &mut Note, mut rng: R, ) -> Self { let input_anchor = match custom_anchor { @@ -130,11 +131,13 @@ impl ActionInfo { None => input_note.calculate_root(&input_merkle_path), }; + output_note.reset_rho(&input_note, &mut rng); + Self { input_note, input_merkle_path, input_anchor, - output_note, + output_note: *output_note, rseed: RandomSeed::random(&mut rng), } } @@ -206,8 +209,14 @@ pub mod tests { pub fn random_action_info(mut rng: R) -> ActionInfo { let input_note = random_input_note(&mut rng); - let output_note = random_output_note(&mut rng, input_note.get_nf().unwrap()); + let mut output_note = random_output_note(&mut rng, input_note.get_nf().unwrap()); let input_merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - ActionInfo::new(input_note, input_merkle_path, None, output_note, &mut rng) + ActionInfo::new( + input_note, + input_merkle_path, + None, + &mut output_note, + &mut rng, + ) } } diff --git a/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs b/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs index 6c6fa9d0..3c14b625 100644 --- a/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs +++ b/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs @@ -18,7 +18,7 @@ use crate::{ }, constant::{NUM_NOTE, SETUP_PARAMS_MAP}, note::{Note, RandomSeed}, - nullifier::{Nullifier, NullifierKeyContainer}, + nullifier::Nullifier, proof::Proof, vp_commitment::ValidityPredicateCommitment, vp_vk::ValidityPredicateVerifyingKey, @@ -150,13 +150,13 @@ vp_verifying_info_impl!(CascadeIntentValidityPredicateCircuit); pub fn create_intent_note( mut rng: R, cascade_note_cm: pallas::Base, - rho: Nullifier, - nk: NullifierKeyContainer, + nk: pallas::Base, ) -> Note { let app_data_static = CascadeIntentValidityPredicateCircuit::encode_app_data_static(cascade_note_cm); let rseed = RandomSeed::random(&mut rng); - Note::new( + let rho = Nullifier::random(&mut rng); + Note::new_input_note( *COMPRESSED_CASCADE_INTENT_VK, app_data_static, pallas::Base::zero(), @@ -180,9 +180,8 @@ fn test_halo2_cascade_intent_vp_circuit() { let circuit = { let cascade_input_note = random_input_note(&mut rng); let cascade_note_cm = cascade_input_note.commitment().inner(); - let rho = Nullifier::from(pallas::Base::random(&mut rng)); - let nk = NullifierKeyContainer::random_key(&mut rng); - let intent_note = create_intent_note(&mut rng, cascade_note_cm, rho, nk); + let nk = pallas::Base::random(&mut rng); + let intent_note = create_intent_note(&mut rng, cascade_note_cm, nk); let input_notes = [intent_note, cascade_input_note]; let output_notes = input_notes .iter() diff --git a/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs b/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs index 4320540b..51fa52b3 100644 --- a/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs +++ b/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs @@ -18,7 +18,7 @@ use crate::{ }, constant::{NUM_NOTE, SETUP_PARAMS_MAP}, note::{Note, RandomSeed}, - nullifier::{Nullifier, NullifierKeyContainer}, + nullifier::Nullifier, proof::Proof, utils::poseidon_hash_n, vp_commitment::ValidityPredicateCommitment, @@ -280,8 +280,7 @@ pub fn create_intent_note( token_2: &Token, receiver_nk_com: pallas::Base, receiver_app_data_dynamic: pallas::Base, - rho: Nullifier, - nk: NullifierKeyContainer, + nk: pallas::Base, ) -> Note { let app_data_static = OrRelationIntentValidityPredicateCircuit::encode_app_data_static( token_1, @@ -290,7 +289,8 @@ pub fn create_intent_note( receiver_app_data_dynamic, ); let rseed = RandomSeed::random(&mut rng); - Note::new( + let rho = Nullifier::random(&mut rng); + Note::new_input_note( *COMPRESSED_OR_RELATION_INTENT_VK, app_data_static, pallas::Base::zero(), @@ -325,8 +325,7 @@ fn test_halo2_or_relation_intent_vp_circuit() { output_notes[0].note_type.app_data_static = token_1.encode_name(); output_notes[0].value = token_1.value(); - let rho = Nullifier::from(pallas::Base::random(&mut rng)); - let nk = NullifierKeyContainer::random_key(&mut rng); + let nk = pallas::Base::random(&mut rng); let nk_com = output_notes[0].get_nk_commitment(); let intent_note = create_intent_note( &mut rng, @@ -334,7 +333,6 @@ fn test_halo2_or_relation_intent_vp_circuit() { &token_2, nk_com, output_notes[0].app_data_dynamic, - rho, nk, ); let padding_input_note = Note::random_padding_input_note(&mut rng); diff --git a/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs b/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs index 1f8e82ae..29589eef 100644 --- a/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs +++ b/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs @@ -6,9 +6,9 @@ use crate::{ }, constant::NUM_NOTE, note::{Note, RandomSeed}, - nullifier::{Nullifier, NullifierKeyContainer}, utils::poseidon_hash_n, }; +use halo2_proofs::arithmetic::Field; use halo2_proofs::{ circuit::{Layouter, Value}, plonk::{Advice, Column, Error}, @@ -33,9 +33,8 @@ impl Swap { assert_eq!(buy.value() % sell.value(), 0); let sell = { - let rho = Nullifier::random(&mut rng); - let nk = NullifierKeyContainer::random_key(&mut rng); - sell.create_random_token_note(&mut rng, rho, nk, &auth) + let nk = pallas::Base::random(&mut rng); + sell.create_random_input_token_note(&mut rng, nk, &auth) }; Swap { sell, buy, auth } @@ -56,10 +55,8 @@ impl Swap { let ratio = self.buy.value() / self.sell.value; assert_eq!(offer.value() % ratio, 0); - let offer_note = offer.create_random_token_note( - &mut rng, - intent_note.get_nf().unwrap(), - self.sell.note().nk_container, + let offer_note = offer.create_random_output_token_note( + self.sell.note().nk_container.get_commitment(), &self.auth, ); @@ -71,10 +68,8 @@ impl Swap { let returned_token = Token::new(self.sell.token_name().inner().to_string(), returned_value); *returned_token - .create_random_token_note( - &mut rng, - input_padding_note.get_nf().unwrap(), - self.sell.note().nk_container, + .create_random_output_token_note( + self.sell.note().nk_container.get_commitment(), &self.auth, ) .note() @@ -104,12 +99,12 @@ impl Swap { pub fn create_intent_note(&self, mut rng: R) -> Note { let rseed = RandomSeed::random(&mut rng); - Note::new( + Note::new_input_note( *COMPRESSED_PARTIAL_FULFILLMENT_INTENT_VK, self.encode_app_data_static(), pallas::Base::zero(), 1u64, - self.sell.note().nk_container, + self.sell.note().nk_container.get_nk().unwrap(), self.sell.note().get_nf().unwrap(), false, rseed, diff --git a/taiga_halo2/src/circuit/vp_examples/token.rs b/taiga_halo2/src/circuit/vp_examples/token.rs index f33277a3..1b5d8f85 100644 --- a/taiga_halo2/src/circuit/vp_examples/token.rs +++ b/taiga_halo2/src/circuit/vp_examples/token.rs @@ -21,7 +21,7 @@ use crate::{ VP_CIRCUIT_SECOND_DYNAMIC_VP_CM_2, }, note::{Note, NoteValidityPredicates, RandomSeed}, - nullifier::{Nullifier, NullifierKeyContainer}, + nullifier::Nullifier, proof::Proof, utils::poseidon_hash_n, vp_commitment::ValidityPredicateCommitment, @@ -91,22 +91,22 @@ impl Token { pallas::Base::from(self.value) } - pub fn create_random_token_note( + pub fn create_random_input_token_note( &self, mut rng: R, - rho: Nullifier, - nk_container: NullifierKeyContainer, + nk: pallas::Base, auth: &TokenAuthorization, ) -> TokenNote { let app_data_static = self.encode_name(); let app_data_dynamic = auth.to_app_data_dynamic(); let rseed = RandomSeed::random(&mut rng); - let note = Note::new( + let rho = Nullifier::random(&mut rng); + let note = Note::new_input_note( *COMPRESSED_TOKEN_VK, app_data_static, app_data_dynamic, self.value(), - nk_container, + nk, rho, true, rseed, @@ -117,6 +117,28 @@ impl Token { note, } } + + pub fn create_random_output_token_note( + &self, + nk_com: pallas::Base, + auth: &TokenAuthorization, + ) -> TokenNote { + let app_data_static = self.encode_name(); + let app_data_dynamic = auth.to_app_data_dynamic(); + let note = Note::new_output_note( + *COMPRESSED_TOKEN_VK, + app_data_static, + app_data_dynamic, + self.value(), + nk_com, + true, + ); + + TokenNote { + token_name: self.name().clone(), + note, + } + } } #[derive(Clone, Debug, Default)] diff --git a/taiga_halo2/src/note.rs b/taiga_halo2/src/note.rs index 4d393424..bca7a861 100644 --- a/taiga_halo2/src/note.rs +++ b/taiga_halo2/src/note.rs @@ -132,12 +132,12 @@ pub struct NoteValidityPredicates { impl Note { #[allow(clippy::too_many_arguments)] - pub fn new( + pub fn new_input_note( app_vk: pallas::Base, app_data_static: pallas::Base, app_data_dynamic: pallas::Base, value: u64, - nk_container: NullifierKeyContainer, + nk: pallas::Base, rho: Nullifier, is_merkle_checked: bool, rseed: RandomSeed, @@ -147,7 +147,7 @@ impl Note { note_type, app_data_dynamic, value, - nk_container, + nk_container: NullifierKeyContainer::Key(nk), is_merkle_checked, psi: rseed.get_psi(&rho), rcm: rseed.get_rcm(&rho), @@ -155,6 +155,29 @@ impl Note { } } + // The rho, psi, and rcm are not specified until the action is constructed. + #[allow(clippy::too_many_arguments)] + pub fn new_output_note( + app_vk: pallas::Base, + app_data_static: pallas::Base, + app_data_dynamic: pallas::Base, + value: u64, + nk_com: pallas::Base, + is_merkle_checked: bool, + ) -> Self { + let note_type = NoteType::new(app_vk, app_data_static); + Self { + note_type, + app_data_dynamic, + value, + nk_container: NullifierKeyContainer::Commitment(nk_com), + is_merkle_checked, + psi: pallas::Base::default(), + rcm: pallas::Base::default(), + rho: Nullifier::default(), + } + } + #[allow(clippy::too_many_arguments)] pub fn from_full( app_vk: pallas::Base, @@ -276,6 +299,14 @@ impl Note { let cm_node = Node::from(self); path.root(cm_node) } + + pub fn reset_rho(&mut self, input_note: &Note, mut rng: R) { + let rseed = RandomSeed::random(&mut rng); + + self.rho = input_note.get_nf().unwrap(); + self.psi = rseed.get_psi(&self.rho); + self.rcm = rseed.get_rcm(&self.rho); + } } #[cfg(feature = "borsh")] diff --git a/taiga_halo2/src/shielded_ptx.rs b/taiga_halo2/src/shielded_ptx.rs index 3e8f36a0..79392e2f 100644 --- a/taiga_halo2/src/shielded_ptx.rs +++ b/taiga_halo2/src/shielded_ptx.rs @@ -470,7 +470,7 @@ pub mod testing { constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::MerklePath, note::{Note, NoteValidityPredicates, RandomSeed}, - nullifier::{Nullifier, NullifierKeyContainer}, + nullifier::Nullifier, shielded_ptx::ShieldedPartialTransaction, utils::poseidon_hash, }; @@ -497,10 +497,10 @@ pub mod testing { let app_data_dynamic = poseidon_hash(app_dynamic_vp_vk[0], app_dynamic_vp_vk[1]); let rho = Nullifier::from(pallas::Base::random(&mut rng)); let value = 5000u64; - let nk = NullifierKeyContainer::random_key(&mut rng); + let nk = pallas::Base::random(&mut rng); let rseed = RandomSeed::random(&mut rng); let is_merkle_checked = true; - Note::new( + Note::new_input_note( compressed_trivial_vp_vk, app_data_static, app_data_dynamic, @@ -511,31 +511,33 @@ pub mod testing { rseed, ) }; - let output_note_1 = { + let mut output_note_1 = { let app_data_static = pallas::Base::zero(); // TODO: add real application dynamic VPs and encode them to app_data_dynamic later. // If the dynamic VP is not used, set app_data_dynamic pallas::Base::zero() by default. let app_data_dynamic = pallas::Base::zero(); - let rho = input_note_1.get_nf().unwrap(); let value = 5000u64; - let nk_com = NullifierKeyContainer::random_commitment(&mut rng); - let rseed = RandomSeed::random(&mut rng); + let nk_com = pallas::Base::random(&mut rng); let is_merkle_checked = true; - Note::new( + Note::new_output_note( compressed_trivial_vp_vk, app_data_static, app_data_dynamic, value, nk_com, - rho, is_merkle_checked, - rseed, ) }; // Construct action pair let merkle_path_1 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let action_1 = ActionInfo::new(input_note_1, merkle_path_1, None, output_note_1, &mut rng); + let action_1 = ActionInfo::new( + input_note_1, + merkle_path_1, + None, + &mut output_note_1, + &mut rng, + ); // Generate notes let input_note_2 = { @@ -543,10 +545,10 @@ pub mod testing { let app_data_dynamic = pallas::Base::zero(); let rho = Nullifier::from(pallas::Base::random(&mut rng)); let value = 10u64; - let nk = NullifierKeyContainer::random_key(&mut rng); + let nk = pallas::Base::random(&mut rng); let rseed = RandomSeed::random(&mut rng); let is_merkle_checked = true; - Note::new( + Note::new_input_note( compressed_trivial_vp_vk, app_data_static, app_data_dynamic, @@ -557,29 +559,31 @@ pub mod testing { rseed, ) }; - let output_note_2 = { + let mut output_note_2 = { let app_data_static = pallas::Base::one(); let app_data_dynamic = pallas::Base::zero(); - let rho = input_note_2.get_nf().unwrap(); let value = 10u64; - let nk_com = NullifierKeyContainer::random_commitment(&mut rng); - let rseed = RandomSeed::random(&mut rng); + let nk_com = pallas::Base::random(&mut rng); let is_merkle_checked = true; - Note::new( + Note::new_output_note( compressed_trivial_vp_vk, app_data_static, app_data_dynamic, value, nk_com, - rho, is_merkle_checked, - rseed, ) }; // Construct action pair let merkle_path_2 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let action_2 = ActionInfo::new(input_note_2, merkle_path_2, None, output_note_2, &mut rng); + let action_2 = ActionInfo::new( + input_note_2, + merkle_path_2, + None, + &mut output_note_2, + &mut rng, + ); // Create vp circuit and fill the note info let mut trivial_vp_circuit = TrivialValidityPredicateCircuit { diff --git a/taiga_halo2/src/taiga_api.rs b/taiga_halo2/src/taiga_api.rs index afc4adae..e1b40b3b 100644 --- a/taiga_halo2/src/taiga_api.rs +++ b/taiga_halo2/src/taiga_api.rs @@ -5,7 +5,7 @@ use crate::{ }; use crate::{ note::{Note, RandomSeed}, - nullifier::{Nullifier, NullifierKeyContainer}, + nullifier::Nullifier, shielded_ptx::ShieldedPartialTransaction, transaction::{ShieldedPartialTxBundle, Transaction, TransparentPartialTxBundle}, }; @@ -37,15 +37,14 @@ pub fn create_input_note( is_merkle_checked: bool, ) -> Note { let rng = OsRng; - let nk_container = NullifierKeyContainer::from_key(nk); - let rho = Nullifier::default(); + let rho = Nullifier::random(rng); let rseed = RandomSeed::random(rng); - Note::new( + Note::new_input_note( app_vk, app_data_static, app_data_dynamic, value, - nk_container, + nk, rho, is_merkle_checked, rseed, @@ -60,22 +59,15 @@ pub fn create_output_note( value: u64, // The owner of output note has the nullifer key and exposes the nullifier_key commitment to output creator. nk_com: pallas::Base, - // TODO: remove the input_nf, and get it at run time. - input_nf: Nullifier, is_merkle_checked: bool, ) -> Note { - let rng = OsRng; - let nk_container = NullifierKeyContainer::from_commitment(nk_com); - let rseed = RandomSeed::random(rng); - Note::new( + Note::new_output_note( app_vk, app_data_static, app_data_dynamic, value, - nk_container, - input_nf, + nk_com, is_merkle_checked, - rseed, ) } @@ -272,15 +264,27 @@ pub mod tests { // construct notes let input_note_1 = random_input_note(&mut rng); let input_note_1_nf = input_note_1.get_nf().unwrap(); - let output_note_1 = random_output_note(&mut rng, input_note_1_nf); + let mut output_note_1 = random_output_note(&mut rng, input_note_1_nf); let merkle_path_1 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let action_1 = ActionInfo::new(input_note_1, merkle_path_1, None, output_note_1, &mut rng); + let action_1 = ActionInfo::new( + input_note_1, + merkle_path_1, + None, + &mut output_note_1, + &mut rng, + ); let input_note_2 = random_input_note(&mut rng); let input_note_2_nf = input_note_2.get_nf().unwrap(); - let output_note_2 = random_output_note(&mut rng, input_note_2_nf); + let mut output_note_2 = random_output_note(&mut rng, input_note_2_nf); let merkle_path_2 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); - let action_2 = ActionInfo::new(input_note_2, merkle_path_2, None, output_note_2, &mut rng); + let action_2 = ActionInfo::new( + input_note_2, + merkle_path_2, + None, + &mut output_note_2, + &mut rng, + ); // construct applications let input_note_1_app = { From 09c9430fab294e2b892ab1331c214a272a8e01e0 Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Wed, 1 Nov 2023 22:02:42 +0800 Subject: [PATCH 4/6] simplify the random and padding note creation --- .vscode/settings.json | 3 - .../partial_fulfillment_token_swap.rs | 5 +- taiga_halo2/examples/tx_examples/token.rs | 5 +- .../tx_examples/token_swap_with_intent.rs | 10 ++-- taiga_halo2/src/action.rs | 6 +- taiga_halo2/src/circuit/vp_examples.rs | 18 ++---- .../src/circuit/vp_examples/cascade_intent.rs | 11 ++-- .../src/circuit/vp_examples/field_addition.rs | 11 ++-- .../circuit/vp_examples/or_relation_intent.rs | 12 +--- .../vp_examples/partial_fulfillment_intent.rs | 7 +-- .../partial_fulfillment_intent/swap.rs | 4 +- .../src/circuit/vp_examples/receiver_vp.rs | 14 ++--- .../vp_examples/signature_verification.rs | 11 ++-- taiga_halo2/src/circuit/vp_examples/token.rs | 11 ++-- taiga_halo2/src/note.rs | 55 ++++--------------- taiga_halo2/src/taiga_api.rs | 20 +++---- taiga_halo2/src/transparent_ptx.rs | 49 ++++++++++++----- 17 files changed, 96 insertions(+), 156 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 4d9636b5..00000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "rust-analyzer.showUnlinkedFileNotification": false -} \ No newline at end of file diff --git a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs index ff2d3a87..c841d990 100644 --- a/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs +++ b/taiga_halo2/examples/tx_examples/partial_fulfillment_token_swap.rs @@ -34,9 +34,8 @@ pub fn create_token_intent_ptx( let mut intent_note = swap.create_intent_note(&mut rng); // padding the zero notes - let padding_input_note = Note::random_padding_input_note(&mut rng); - let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); + let padding_input_note = Note::random_padding_note(&mut rng); + let mut padding_output_note = Note::random_padding_note(&mut rng); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); // Create action pairs diff --git a/taiga_halo2/examples/tx_examples/token.rs b/taiga_halo2/examples/tx_examples/token.rs index b4f38e1e..5a0cdba3 100644 --- a/taiga_halo2/examples/tx_examples/token.rs +++ b/taiga_halo2/examples/tx_examples/token.rs @@ -35,9 +35,8 @@ pub fn create_token_swap_ptx( let mut output_note = output_token.create_random_output_token_note(output_nk_com, &output_auth); // padding the zero notes - let padding_input_note = Note::random_padding_input_note(&mut rng); - let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); + let padding_input_note = Note::random_padding_note(&mut rng); + let mut padding_output_note = Note::random_padding_note(&mut rng); // Generate proving info let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); diff --git a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs index 69fc5c39..099f21b5 100644 --- a/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs +++ b/taiga_halo2/examples/tx_examples/token_swap_with_intent.rs @@ -53,9 +53,8 @@ pub fn create_token_intent_ptx( ); // padding the zero notes - let padding_input_note = Note::random_padding_input_note(&mut rng); - let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); + let padding_input_note = Note::random_padding_note(&mut rng); + let mut padding_output_note = Note::random_padding_note(&mut rng); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); @@ -169,9 +168,8 @@ pub fn consume_token_intent_ptx( let mut output_note = output_token.create_random_output_token_note(output_nk_com, &output_auth); // padding the zero notes - let padding_input_note = Note::random_padding_input_note(&mut rng); - let padding_input_note_nf = padding_input_note.get_nf().unwrap(); - let mut padding_output_note = Note::random_padding_output_note(&mut rng, padding_input_note_nf); + let padding_input_note = Note::random_padding_note(&mut rng); + let mut padding_output_note = Note::random_padding_note(&mut rng); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); diff --git a/taiga_halo2/src/action.rs b/taiga_halo2/src/action.rs index e5210e04..0888fec5 100644 --- a/taiga_halo2/src/action.rs +++ b/taiga_halo2/src/action.rs @@ -204,12 +204,12 @@ pub mod tests { use super::ActionInfo; use crate::constant::TAIGA_COMMITMENT_TREE_DEPTH; use crate::merkle_tree::MerklePath; - use crate::note::tests::{random_input_note, random_output_note}; + use crate::note::tests::random_note; use rand::RngCore; pub fn random_action_info(mut rng: R) -> ActionInfo { - let input_note = random_input_note(&mut rng); - let mut output_note = random_output_note(&mut rng, input_note.get_nf().unwrap()); + let input_note = random_note(&mut rng); + let mut output_note = random_note(&mut rng); let input_merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); ActionInfo::new( input_note, diff --git a/taiga_halo2/src/circuit/vp_examples.rs b/taiga_halo2/src/circuit/vp_examples.rs index b63dadcb..764591fc 100644 --- a/taiga_halo2/src/circuit/vp_examples.rs +++ b/taiga_halo2/src/circuit/vp_examples.rs @@ -240,25 +240,15 @@ impl ValidityPredicateVerifyingInfo for TrivialValidityPredicateCircuit { #[cfg(test)] pub mod tests { use super::TrivialValidityPredicateCircuit; - use crate::{ - constant::NUM_NOTE, - note::tests::{random_input_note, random_output_note}, - }; + use crate::{constant::NUM_NOTE, note::tests::random_note}; use ff::Field; use pasta_curves::pallas; use rand::RngCore; pub fn random_trivial_vp_circuit(mut rng: R) -> TrivialValidityPredicateCircuit { let owned_note_pub_id = pallas::Base::random(&mut rng); - let input_notes = [(); NUM_NOTE].map(|_| random_input_note(&mut rng)); - let output_notes = input_notes - .iter() - .map(|input| random_output_note(&mut rng, input.get_nf().unwrap())) - .collect::>(); - TrivialValidityPredicateCircuit::new( - owned_note_pub_id, - input_notes, - output_notes.try_into().unwrap(), - ) + let input_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); + let output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); + TrivialValidityPredicateCircuit::new(owned_note_pub_id, input_notes, output_notes) } #[test] diff --git a/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs b/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs index 3c14b625..686aec0a 100644 --- a/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs +++ b/taiga_halo2/src/circuit/vp_examples/cascade_intent.rs @@ -171,27 +171,24 @@ pub fn create_intent_note( #[test] fn test_halo2_cascade_intent_vp_circuit() { use crate::constant::VP_CIRCUIT_PARAMS_SIZE; - use crate::note::tests::{random_input_note, random_output_note}; + use crate::note::tests::random_note; use halo2_proofs::arithmetic::Field; use halo2_proofs::dev::MockProver; use rand::rngs::OsRng; let mut rng = OsRng; let circuit = { - let cascade_input_note = random_input_note(&mut rng); + let cascade_input_note = random_note(&mut rng); let cascade_note_cm = cascade_input_note.commitment().inner(); let nk = pallas::Base::random(&mut rng); let intent_note = create_intent_note(&mut rng, cascade_note_cm, nk); let input_notes = [intent_note, cascade_input_note]; - let output_notes = input_notes - .iter() - .map(|input| random_output_note(&mut rng, input.get_nf().unwrap())) - .collect::>(); + let output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); CascadeIntentValidityPredicateCircuit { owned_note_pub_id: input_notes[0].get_nf().unwrap().inner(), input_notes, - output_notes: output_notes.try_into().unwrap(), + output_notes, cascade_note_cm, } }; diff --git a/taiga_halo2/src/circuit/vp_examples/field_addition.rs b/taiga_halo2/src/circuit/vp_examples/field_addition.rs index d021cfed..90b77b2d 100644 --- a/taiga_halo2/src/circuit/vp_examples/field_addition.rs +++ b/taiga_halo2/src/circuit/vp_examples/field_addition.rs @@ -110,25 +110,22 @@ vp_verifying_info_impl!(FieldAdditionValidityPredicateCircuit); #[test] fn test_halo2_addition_vp_circuit() { use crate::constant::VP_CIRCUIT_PARAMS_SIZE; - use crate::note::tests::{random_input_note, random_output_note}; + use crate::note::tests::random_note; use halo2_proofs::arithmetic::Field; use halo2_proofs::dev::MockProver; use rand::rngs::OsRng; let mut rng = OsRng; let circuit = { - let input_notes = [(); NUM_NOTE].map(|_| random_input_note(&mut rng)); - let output_notes = input_notes - .iter() - .map(|input| random_output_note(&mut rng, input.get_nf().unwrap())) - .collect::>(); + let input_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); + let output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); let a = pallas::Base::random(&mut rng); let b = pallas::Base::random(&mut rng); let owned_note_pub_id = pallas::Base::random(&mut rng); FieldAdditionValidityPredicateCircuit { owned_note_pub_id, input_notes, - output_notes: output_notes.try_into().unwrap(), + output_notes, a, b, } diff --git a/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs b/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs index 51fa52b3..efbdb533 100644 --- a/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs +++ b/taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs @@ -305,20 +305,14 @@ pub fn create_intent_note( #[test] fn test_halo2_or_relation_intent_vp_circuit() { use crate::constant::VP_CIRCUIT_PARAMS_SIZE; - use crate::{ - circuit::vp_examples::token::COMPRESSED_TOKEN_VK, note::tests::random_output_note, - nullifier::tests::random_nullifier, - }; + use crate::{circuit::vp_examples::token::COMPRESSED_TOKEN_VK, note::tests::random_note}; use halo2_proofs::arithmetic::Field; use halo2_proofs::dev::MockProver; use rand::rngs::OsRng; let mut rng = OsRng; let circuit = { - let mut output_notes = [(); NUM_NOTE].map(|_| { - let padding_rho = random_nullifier(&mut rng); - random_output_note(&mut rng, padding_rho) - }); + let mut output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); let token_1 = Token::new("token1".to_string(), 1u64); let token_2 = Token::new("token2".to_string(), 2u64); output_notes[0].note_type.app_vk = *COMPRESSED_TOKEN_VK; @@ -335,7 +329,7 @@ fn test_halo2_or_relation_intent_vp_circuit() { output_notes[0].app_data_dynamic, nk, ); - let padding_input_note = Note::random_padding_input_note(&mut rng); + let padding_input_note = Note::random_padding_note(&mut rng); let input_notes = [intent_note, padding_input_note]; OrRelationIntentValidityPredicateCircuit { owned_note_pub_id: input_notes[0].get_nf().unwrap().inner(), diff --git a/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent.rs b/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent.rs index 682c0bcf..b1700a9d 100644 --- a/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent.rs +++ b/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent.rs @@ -206,8 +206,6 @@ mod tests { #[test] fn create_intent() { - use crate::nullifier::Nullifier; - let mut rng = OsRng; let sell = Token::new("token1".to_string(), 2u64); let buy = Token::new("token2".to_string(), 4u64); @@ -215,9 +213,8 @@ mod tests { let swap = swap(&mut rng, sell, buy); let intent_note = swap.create_intent_note(&mut rng); - let input_padding_note = Note::random_padding_input_note(&mut rng); - let nf = Nullifier::random(&mut rng); - let output_padding_note = Note::random_padding_output_note(&mut rng, nf); + let input_padding_note = Note::random_padding_note(&mut rng); + let output_padding_note = Note::random_padding_note(&mut rng); let input_notes = [*swap.sell.note(), input_padding_note]; let output_notes = [intent_note, output_padding_note]; diff --git a/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs b/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs index 29589eef..40db7c9a 100644 --- a/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs +++ b/taiga_halo2/src/circuit/vp_examples/partial_fulfillment_intent/swap.rs @@ -60,7 +60,7 @@ impl Swap { &self.auth, ); - let input_padding_note = Note::random_padding_input_note(&mut rng); + let input_padding_note = Note::random_padding_note(&mut rng); let returned_note = if offer.value() < self.buy.value() { let filled_value = offer.value() / ratio; @@ -74,7 +74,7 @@ impl Swap { ) .note() } else { - Note::random_padding_output_note(&mut rng, input_padding_note.get_nf().unwrap()) + Note::random_padding_note(&mut rng) }; let input_notes = [intent_note, input_padding_note]; diff --git a/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs b/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs index 7c5afd1a..7990344d 100644 --- a/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs +++ b/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs @@ -285,21 +285,15 @@ vp_verifying_info_impl!(ReceiverValidityPredicateCircuit); #[test] fn test_halo2_receiver_vp_circuit() { use crate::constant::VP_CIRCUIT_PARAMS_SIZE; - use crate::{ - note::tests::{random_input_note, random_output_note}, - utils::poseidon_hash_n, - }; + use crate::{note::tests::random_note, utils::poseidon_hash_n}; use ff::{Field, PrimeField}; use halo2_proofs::dev::MockProver; use rand::rngs::OsRng; let mut rng = OsRng; let (circuit, rcv_sk) = { - let input_notes = [(); NUM_NOTE].map(|_| random_input_note(&mut rng)); - let mut output_notes = input_notes - .iter() - .map(|input| random_output_note(&mut rng, input.get_nf().unwrap())) - .collect::>(); + let input_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); + let mut output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); let nonce = pallas::Base::from_u128(23333u128); let sk = pallas::Base::random(&mut rng); let rcv_sk = pallas::Base::random(&mut rng); @@ -317,7 +311,7 @@ fn test_halo2_receiver_vp_circuit() { ReceiverValidityPredicateCircuit { owned_note_pub_id, input_notes, - output_notes: output_notes.try_into().unwrap(), + output_notes, vp_vk: *COMPRESSED_RECEIVER_VK, nonce, sk, diff --git a/taiga_halo2/src/circuit/vp_examples/signature_verification.rs b/taiga_halo2/src/circuit/vp_examples/signature_verification.rs index 0677cc77..004a9509 100644 --- a/taiga_halo2/src/circuit/vp_examples/signature_verification.rs +++ b/taiga_halo2/src/circuit/vp_examples/signature_verification.rs @@ -295,17 +295,14 @@ fn test_halo2_sig_verification_vp_circuit() { receiver_vp::COMPRESSED_RECEIVER_VK, token::TokenAuthorization, }; use crate::constant::VP_CIRCUIT_PARAMS_SIZE; - use crate::note::tests::{random_input_note, random_output_note}; + use crate::note::tests::random_note; use halo2_proofs::dev::MockProver; use rand::rngs::OsRng; let mut rng = OsRng; let circuit = { - let mut input_notes = [(); NUM_NOTE].map(|_| random_input_note(&mut rng)); - let output_notes = input_notes - .iter() - .map(|input| random_output_note(&mut rng, input.get_nf().unwrap())) - .collect::>(); + let mut input_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); + let output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); let sk = pallas::Scalar::random(&mut rng); let auth_vk = pallas::Base::random(&mut rng); let auth = TokenAuthorization::from_sk_vk(&sk, &auth_vk); @@ -315,7 +312,7 @@ fn test_halo2_sig_verification_vp_circuit() { &mut rng, owned_note_pub_id, input_notes, - output_notes.try_into().unwrap(), + output_notes, auth_vk, sk, *COMPRESSED_RECEIVER_VK, diff --git a/taiga_halo2/src/circuit/vp_examples/token.rs b/taiga_halo2/src/circuit/vp_examples/token.rs index 1b5d8f85..59ec34bb 100644 --- a/taiga_halo2/src/circuit/vp_examples/token.rs +++ b/taiga_halo2/src/circuit/vp_examples/token.rs @@ -533,17 +533,14 @@ impl TokenAuthorization { #[test] fn test_halo2_token_vp_circuit() { use crate::constant::VP_CIRCUIT_PARAMS_SIZE; - use crate::note::tests::{random_input_note, random_output_note}; + use crate::note::tests::random_note; use halo2_proofs::dev::MockProver; use rand::rngs::OsRng; let mut rng = OsRng; let circuit = { - let mut input_notes = [(); NUM_NOTE].map(|_| random_input_note(&mut rng)); - let output_notes = input_notes - .iter() - .map(|input| random_output_note(&mut rng, input.get_nf().unwrap())) - .collect::>(); + let mut input_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); + let output_notes = [(); NUM_NOTE].map(|_| random_note(&mut rng)); let token_name = TokenName("Token_name".to_string()); let auth = TokenAuthorization::random(&mut rng); input_notes[0].note_type.app_data_static = token_name.encode(); @@ -551,7 +548,7 @@ fn test_halo2_token_vp_circuit() { TokenValidityPredicateCircuit { owned_note_pub_id: input_notes[0].get_nf().unwrap().inner(), input_notes, - output_notes: output_notes.try_into().unwrap(), + output_notes, token_name, auth, receiver_vp_vk: *COMPRESSED_RECEIVER_VK, diff --git a/taiga_halo2/src/note.rs b/taiga_halo2/src/note.rs index bca7a861..b6538f56 100644 --- a/taiga_halo2/src/note.rs +++ b/taiga_halo2/src/note.rs @@ -203,7 +203,7 @@ impl Note { } } - pub fn random_padding_input_note(mut rng: R) -> Self { + pub fn random_padding_note(mut rng: R) -> Self { let app_vk = *COMPRESSED_TRIVIAL_VP_VK; let app_data_static = pallas::Base::random(&mut rng); let note_type = NoteType::new(app_vk, app_data_static); @@ -223,25 +223,6 @@ impl Note { } } - pub fn random_padding_output_note(mut rng: R, rho: Nullifier) -> Self { - let app_vk = *COMPRESSED_TRIVIAL_VP_VK; - let app_data_static = pallas::Base::random(&mut rng); - let note_type = NoteType::new(app_vk, app_data_static); - let app_data_dynamic = pallas::Base::random(&mut rng); - let nk_com = NullifierKeyContainer::from_commitment(pallas::Base::random(&mut rng)); - let rseed = RandomSeed::random(&mut rng); - Note { - note_type, - app_data_dynamic, - value: 0, - nk_container: nk_com, - rho, - psi: rseed.get_psi(&rho), - rcm: rseed.get_rcm(&rho), - is_merkle_checked: false, - } - } - // note_commitment = poseidon_hash(app_vk || app_data_static || app_data_dynamic || nk_commitment || rho || psi || is_merkle_checked || value || rcm) pub fn commitment(&self) -> NoteCommitment { let ret = poseidon_hash_n([ @@ -577,7 +558,7 @@ impl NoteValidityPredicates { #[cfg(test)] pub mod tests { use super::{Note, NoteType, RandomSeed}; - use crate::nullifier::{tests::*, Nullifier, NullifierKeyContainer}; + use crate::nullifier::tests::*; use halo2_proofs::arithmetic::Field; use pasta_curves::pallas; use rand::{Rng, RngCore}; @@ -588,31 +569,14 @@ pub mod tests { NoteType::new(app_vk, app_data_static) } - pub fn random_input_note(mut rng: R) -> Note { + pub fn random_note(mut rng: R) -> Note { let rho = random_nullifier(&mut rng); - let nk = random_nullifier_key(&mut rng); - random_note_from_parts(&mut rng, rho, nk) - } - - pub fn random_output_note(mut rng: R, rho: Nullifier) -> Note { - let nk_com = random_nullifier_key_commitment(&mut rng); - random_note_from_parts(&mut rng, rho, nk_com) - } - - fn random_note_from_parts( - mut rng: R, - rho: Nullifier, - nk_container: NullifierKeyContainer, - ) -> Note { - let note_type = random_note_type(&mut rng); - let app_data_dynamic = pallas::Base::random(&mut rng); - let value: u64 = rng.gen(); let rseed = RandomSeed::random(&mut rng); Note { - note_type, - app_data_dynamic, - value, - nk_container, + note_type: random_note_type(&mut rng), + app_data_dynamic: pallas::Base::random(&mut rng), + value: rng.gen(), + nk_container: random_nullifier_key(&mut rng), is_merkle_checked: true, psi: rseed.get_psi(&rho), rcm: rseed.get_rcm(&rho), @@ -629,7 +593,7 @@ pub mod tests { use crate::note::NoteCommitment; let mut rng = OsRng; - let input_note = random_input_note(&mut rng); + let input_note = random_note(&mut rng); { // BorshSerialize let borsh = borsh::to_vec(&input_note).unwrap(); @@ -638,8 +602,9 @@ pub mod tests { assert_eq!(input_note, de_note); } - let output_note = random_output_note(&mut rng, input_note.rho); + let mut output_note = input_note; { + output_note.nk_container = random_nullifier_key_commitment(&mut rng); // BorshSerialize let borsh = borsh::to_vec(&output_note).unwrap(); // BorshDeserialize diff --git a/taiga_halo2/src/taiga_api.rs b/taiga_halo2/src/taiga_api.rs index e1b40b3b..a75ce5c0 100644 --- a/taiga_halo2/src/taiga_api.rs +++ b/taiga_halo2/src/taiga_api.rs @@ -227,15 +227,14 @@ pub fn verify_shielded_partial_transaction(ptx_bytes: Vec) -> Result<(), Tra #[cfg(feature = "borsh")] pub mod tests { use crate::{ - note::tests::{random_input_note, random_output_note}, - taiga_api::*, + note::tests::random_note, nullifier::tests::random_nullifier_key_commitment, taiga_api::*, }; use rand::rngs::OsRng; #[test] fn note_borsh_serialization_api_test() { let mut rng = OsRng; - let input_note = random_input_note(&mut rng); + let input_note = random_note(&mut rng); { let bytes = note_serialize(&input_note).unwrap(); let de_input_note = note_deserialize(bytes).unwrap(); @@ -243,28 +242,29 @@ pub mod tests { } { - let output_note = random_output_note(&mut rng, input_note.rho); + let mut output_note = input_note; + output_note.nk_container = random_nullifier_key_commitment(&mut rng); let bytes = note_serialize(&output_note).unwrap(); let de_output_note = note_deserialize(bytes).unwrap(); assert_eq!(output_note, de_output_note); } } - #[ignore] + // #[ignore] #[test] fn ptx_example_test() { use crate::action::ActionInfo; use crate::circuit::vp_examples::TrivialValidityPredicateCircuit; use crate::constant::TAIGA_COMMITMENT_TREE_DEPTH; use crate::merkle_tree::MerklePath; - use crate::note::tests::{random_input_note, random_output_note}; + use crate::note::tests::random_note; let mut rng = OsRng; // construct notes - let input_note_1 = random_input_note(&mut rng); + let input_note_1 = random_note(&mut rng); let input_note_1_nf = input_note_1.get_nf().unwrap(); - let mut output_note_1 = random_output_note(&mut rng, input_note_1_nf); + let mut output_note_1 = random_note(&mut rng); let merkle_path_1 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); let action_1 = ActionInfo::new( input_note_1, @@ -274,9 +274,9 @@ pub mod tests { &mut rng, ); - let input_note_2 = random_input_note(&mut rng); + let input_note_2 = random_note(&mut rng); let input_note_2_nf = input_note_2.get_nf().unwrap(); - let mut output_note_2 = random_output_note(&mut rng, input_note_2_nf); + let mut output_note_2 = random_note(&mut rng); let merkle_path_2 = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); let action_2 = ActionInfo::new( input_note_2, diff --git a/taiga_halo2/src/transparent_ptx.rs b/taiga_halo2/src/transparent_ptx.rs index bb05089c..b8523eb3 100644 --- a/taiga_halo2/src/transparent_ptx.rs +++ b/taiga_halo2/src/transparent_ptx.rs @@ -12,14 +12,34 @@ use serde; #[cfg(feature = "borsh")] use borsh::{BorshDeserialize, BorshSerialize}; +use rand::RngCore; #[derive(Debug, Clone)] #[cfg_attr(feature = "borsh", derive(BorshSerialize, BorshDeserialize))] #[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))] pub struct TransparentPartialTransaction { - pub inputs: Vec, - pub outputs: Vec, - pub hints: Vec, + inputs: Vec, + outputs: Vec, + hints: Vec, +} + +impl TransparentPartialTransaction { + pub fn new( + inputs: Vec, + mut outputs: Vec, + hints: Vec, + mut rng: R, + ) -> Self { + outputs + .iter_mut() + .zip(inputs.iter()) + .for_each(|(output, input)| output.note.reset_rho(&input.note, &mut rng)); + Self { + inputs, + outputs, + hints, + } + } } impl Executable for TransparentPartialTransaction { @@ -102,9 +122,7 @@ pub struct OutputResource { #[cfg(test)] pub mod testing { use crate::{ - constant::TAIGA_COMMITMENT_TREE_DEPTH, - merkle_tree::MerklePath, - note::tests::{random_input_note, random_output_note}, + constant::TAIGA_COMMITMENT_TREE_DEPTH, merkle_tree::MerklePath, note::tests::random_note, transparent_ptx::*, }; use rand::rngs::OsRng; @@ -113,7 +131,7 @@ pub mod testing { pub fn create_transparent_ptx() -> TransparentPartialTransaction { let mut rng = OsRng; let input_resource_1 = { - let note = random_input_note(&mut rng); + let note = random_note(&mut rng); let merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH); InputResource { note, @@ -121,7 +139,7 @@ pub mod testing { } }; let output_resource_1 = { - let mut note = random_output_note(&mut rng, input_resource_1.note.rho); + let mut note = random_note(&mut rng); // Adjust the random note to keep the balance note.note_type = input_resource_1.note.note_type; note.value = input_resource_1.note.value; @@ -129,7 +147,7 @@ pub mod testing { }; let input_resource_2 = { - let mut note = random_input_note(&mut rng); + let mut note = random_note(&mut rng); note.is_merkle_checked = false; InputResource { note, @@ -137,17 +155,18 @@ pub mod testing { } }; let output_resource_2 = { - let mut note = random_output_note(&mut rng, input_resource_2.note.rho); + let mut note = random_note(&mut rng); // Adjust the random note to keep the balance note.note_type = input_resource_2.note.note_type; note.value = input_resource_2.note.value; OutputResource { note } }; - TransparentPartialTransaction { - inputs: vec![input_resource_1, input_resource_2], - outputs: vec![output_resource_1, output_resource_2], - hints: vec![], - } + TransparentPartialTransaction::new( + vec![input_resource_1, input_resource_2], + vec![output_resource_1, output_resource_2], + vec![], + &mut rng, + ) } } From c26b83bbeb0b7a8ed124331a79f65d5754977ad6 Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Fri, 3 Nov 2023 18:26:38 +0800 Subject: [PATCH 5/6] fix typo --- taiga_halo2/src/note.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/taiga_halo2/src/note.rs b/taiga_halo2/src/note.rs index b6538f56..ae2bea31 100644 --- a/taiga_halo2/src/note.rs +++ b/taiga_halo2/src/note.rs @@ -522,13 +522,13 @@ impl NoteValidityPredicates { pub fn create_input_padding_note_vps( note: &Note, input_notes: [Note; NUM_NOTE], - outputs_notes: [Note; NUM_NOTE], + output_notes: [Note; NUM_NOTE], ) -> Self { let note_id = note.get_nf().unwrap().inner(); let application_vp = Box::new(TrivialValidityPredicateCircuit::new( note_id, input_notes, - outputs_notes, + output_notes, )); Self { application_vp, @@ -540,13 +540,13 @@ impl NoteValidityPredicates { pub fn create_output_padding_note_vps( note: &Note, input_notes: [Note; NUM_NOTE], - outputs_notes: [Note; NUM_NOTE], + output_notes: [Note; NUM_NOTE], ) -> Self { let note_id = note.commitment().inner(); let application_vp = Box::new(TrivialValidityPredicateCircuit::new( note_id, input_notes, - outputs_notes, + output_notes, )); Self { application_vp, From 63f06023e3a1156d2809d5f455388606b3e320d8 Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Tue, 7 Nov 2023 20:51:19 +0800 Subject: [PATCH 6/6] rename reset_rho to set_rho --- taiga_halo2/src/action.rs | 2 +- taiga_halo2/src/note.rs | 2 +- taiga_halo2/src/transparent_ptx.rs | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/taiga_halo2/src/action.rs b/taiga_halo2/src/action.rs index 0888fec5..56f34217 100644 --- a/taiga_halo2/src/action.rs +++ b/taiga_halo2/src/action.rs @@ -131,7 +131,7 @@ impl ActionInfo { None => input_note.calculate_root(&input_merkle_path), }; - output_note.reset_rho(&input_note, &mut rng); + output_note.set_rho(&input_note, &mut rng); Self { input_note, diff --git a/taiga_halo2/src/note.rs b/taiga_halo2/src/note.rs index ae2bea31..33dfccd4 100644 --- a/taiga_halo2/src/note.rs +++ b/taiga_halo2/src/note.rs @@ -281,7 +281,7 @@ impl Note { path.root(cm_node) } - pub fn reset_rho(&mut self, input_note: &Note, mut rng: R) { + pub fn set_rho(&mut self, input_note: &Note, mut rng: R) { let rseed = RandomSeed::random(&mut rng); self.rho = input_note.get_nf().unwrap(); diff --git a/taiga_halo2/src/transparent_ptx.rs b/taiga_halo2/src/transparent_ptx.rs index b8523eb3..026daf6e 100644 --- a/taiga_halo2/src/transparent_ptx.rs +++ b/taiga_halo2/src/transparent_ptx.rs @@ -33,7 +33,7 @@ impl TransparentPartialTransaction { outputs .iter_mut() .zip(inputs.iter()) - .for_each(|(output, input)| output.note.reset_rho(&input.note, &mut rng)); + .for_each(|(output, input)| output.note.set_rho(&input.note, &mut rng)); Self { inputs, outputs,