TE conditional addition gadget #44
Conversation
swasilyev
changed the title
| where | ||
| F: FftField, | ||
| { | ||
| // Populates the acc column starting from the supplied seed (as 0 doesn't have an affine SW representation). |
There was a problem hiding this comment.
TODO: update comment
| let mut c1 = b * (x3 * (y1 * y2 + C::COEFF_A * x1 * x2) - (x1 * y1 + x2 * y2)) | ||
| + (F::one() - b) * (x3 - x1); | ||
|
|
||
| //b (y_3 (x_1 y_2 - x_2 y_1) - x_1 y_1 + x_2 y_2) + (1 - b) (y_3 - y_1) = 0 | ||
| let mut c2 = | ||
| b * (y3 * (x1 * y2 - x2 * y1) - (x1 * y1 - x2 * y2)) + (F::one() - b) * (y3 - y1); |
There was a problem hiding this comment.
Nitpick. You might consider organizing these in the same structured manner as you did for the sw cond add.
| @@ -12,28 +12,28 @@ use crate::piop::params::PiopParams; | |||
| use crate::piop::{FixedColumnsCommitted, PiopVerifier, VerifierKey}; | |||
| use crate::RingProof; | |||
|
|
|||
| pub struct RingVerifier<F, CS, Curve, T> | |||
| pub struct RingVerifier<F, CS, Jubjub, T> | |||
There was a problem hiding this comment.
Why you decided to rename Curve to Jubjub?
Isn't "Jubjub" the specific name of the curve whose base field is the prime field of BLS12-381?
But you library is not limited to that specific use case, e.g. in ark-ec-vrfs I'm going to use this lib for all the possible curves defined by arkworks.
Just for my understanding, is Jubjub the "de-facto" standard name used for curves defined over the prime field of another pairing friendly curve? If not, maybe is worth to be more "abstract" about the generic name
There was a problem hiding this comment.
Yes, jubjub is a specific curve, but it's common (i think) to call a jubjub any TE curve on top a pairing-friendly curve (babyjubjub on bn254, bandersnatch, etc). So given it specializes to TE, i thought Jubjub is better because we have 2 curves.
A reincarnation of #36
uses te::Affine vs sw::Affine to distinguish the impl