blind all polynomials

dusk-network · Dec 20, 2021 · ca6b124 · ca6b124
1 parent 8e59782
commit ca6b124
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 33 deletions.
diff --git a/src/proof_system/prover.rs b/src/proof_system/prover.rs
@@ -161,7 +161,7 @@ impl Prover {
             // we declare and randomly select a blinding scalar
             // TODO: implement randomness
             //let blinding_scalar = util::random_scalar(&mut rand_core::OsRng);
-            let blinding_scalar = BlsScalar::one(); // TO BE RANDOM!
+            let blinding_scalar = BlsScalar::from(1234); // TO BE RANDOM!
             w_vec_i[i] = w_vec_i[i] - blinding_scalar; // modify the first elements of the vector
             w_vec_i.push(blinding_scalar); // append last elements at the end of
                                            // the vector
@@ -209,14 +209,10 @@ impl Prover {
 
         // Wires are now in evaluation form, convert them to coefficients so
         // that we may commit to them
-        let a_w_poly =
-            Polynomial::from_coefficients_vec(domain.ifft(a_w_scalar));
-        let b_w_poly =
-            Polynomial::from_coefficients_vec(domain.ifft(b_w_scalar));
-        let c_w_poly =
-            Polynomial::from_coefficients_vec(domain.ifft(c_w_scalar));
-        let d_w_poly =
-            Polynomial::from_coefficients_vec(domain.ifft(d_w_scalar));
+        let a_w_poly = Prover::blind_poly(&a_w_scalar, 1, &domain);
+        let b_w_poly = Prover::blind_poly(&b_w_scalar, 1, &domain);
+        let c_w_poly = Prover::blind_poly(&c_w_scalar, 1, &domain);
+        let d_w_poly = Prover::blind_poly(&d_w_scalar, 1, &domain);
 
         // Commit to wire polynomials
         // ([a(x)]_1, [b(x)]_1, [c(x)]_1, [d(x)]_1)
@@ -290,9 +286,7 @@ impl Prover {
         );
 
         // Compute long query poly
-        let f_poly = Polynomial::from_coefficients_vec(
-            domain.ifft(&compressed_f_multiset.0),
-        );
+        let f_poly = Prover::blind_poly(&compressed_f_multiset.0, 1, &domain);
 
         // Commit to query polynomial
         let f_poly_commit = commit_key.commit(&f_poly)?;
@@ -309,8 +303,8 @@ impl Prover {
         let (h_1, h_2) = s.halve_alternating();
 
         // Compute h polys
-        let h_1_poly = Polynomial::from_coefficients_vec(domain.ifft(&h_1.0));
-        let h_2_poly = Polynomial::from_coefficients_vec(domain.ifft(&h_2.0));
+        let h_1_poly = Prover::blind_poly(&h_1.0, 2, &domain);
+        let h_2_poly = Prover::blind_poly(&h_2.0, 1, &domain);
 
         // Commit to h polys
         let h_1_poly_commit = commit_key.commit(&h_1_poly).unwrap();
@@ -328,20 +322,22 @@ impl Prover {
         let delta = transcript.challenge_scalar(b"delta");
         let epsilon = transcript.challenge_scalar(b"epsilon");
 
-        let z_1_vec = domain.ifft(&self.cs.perm.compute_permutation_vec(
+        let z_1_poly = Prover::blind_poly(
+            &self.cs.perm.compute_permutation_vec(
+                &domain,
+                [a_w_scalar, b_w_scalar, c_w_scalar, d_w_scalar],
+                &beta,
+                &gamma,
+                [
+                    &prover_key.permutation.s_sigma_1.0,
+                    &prover_key.permutation.s_sigma_2.0,
+                    &prover_key.permutation.s_sigma_3.0,
+                    &prover_key.permutation.s_sigma_4.0,
+                ],
+            ),
+            2,
             &domain,
-            [a_w_scalar, b_w_scalar, c_w_scalar, d_w_scalar],
-            &beta,
-            &gamma,
-            [
-                &prover_key.permutation.s_sigma_1.0,
-                &prover_key.permutation.s_sigma_2.0,
-                &prover_key.permutation.s_sigma_3.0,
-                &prover_key.permutation.s_sigma_4.0,
-            ],
-        ));
-
-        let z_1_poly = Polynomial::from_coefficients_slice(&z_1_vec);
+        );
 
         // Commit to permutation polynomial
         let z_1_poly_commit = commit_key.commit(&z_1_poly)?;
@@ -350,18 +346,19 @@ impl Prover {
         transcript.append_commitment(b"z_1", &z_1_poly_commit);
 
         // Compute lookup permutation poly
-        let z_2_vec =
-            domain.ifft(&self.cs.perm.compute_lookup_permutation_vec(
+        let z_2_poly = Prover::blind_poly(
+            &self.cs.perm.compute_lookup_permutation_vec(
                 &domain,
                 &compressed_f_multiset.0,
                 &compressed_t_multiset.0,
                 &h_1.0,
                 &h_2.0,
                 &delta,
                 &epsilon,
-            ));
-
-        let z_2_poly = Polynomial::from_coefficients_slice(&z_2_vec);
+            ),
+            2,
+            &domain,
+        );
 
         // Commit to permutation polynomial
         let z_2_poly_commit = commit_key.commit(&z_2_poly)?;

diff --git a/src/proof_system/quotient_poly.rs b/src/proof_system/quotient_poly.rs
@@ -69,7 +69,7 @@ pub(crate) fn compute(
 
     let mut h_1_eval_8n = domain_8n.coset_fft(h_1_poly);
     let mut h_2_eval_8n = domain_8n.coset_fft(h_2_poly);
-    
+
     let mut a_w_eval_8n = domain_8n.coset_fft(a_w_poly);
     let mut b_w_eval_8n = domain_8n.coset_fft(b_w_poly);
     let c_w_eval_8n = domain_8n.coset_fft(c_w_poly);