Update to ark-* 0.4

ait-crypto · Jul 31, 2024 · 1abdb82 · 1abdb82
1 parent 80da2ad
commit 1abdb82
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 43 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -11,11 +11,11 @@ rayon = "1"
 sha2 = { version = "0.10", default-features = false, features = ["std"] }
 sha3 = { version = "0.10", default-features = false, features = ["std", "asm"] }
 thiserror = "1"
-groth-sahai = { git = "https://github.com/jdwhite48/groth-sahai-rs", rev = "73b617e2e3d9a267d3f1d7fc37993372057e9dc8" }
-ark-bls12-381 = { version = "0.3" }
-ark-ec = { version = "0.3", default-features = false }
-ark-ff = { version = "0.3", default-features = false }
-ark-serialize = { version = "0.3", default-features = false }
+groth-sahai = { git = "https://github.com/jdwhite48/groth-sahai-rs", rev = "f7633272ac9ab55949a77265a9f2cee4970b9f70" }
+ark-bls12-381 = { version = "0.4" }
+ark-ec = { version = "0.4", default-features = false }
+ark-ff = { version = "0.4", default-features = false }
+ark-serialize = { version = "0.4", default-features = false }
 rand_chacha = { version = "0.3" }
 
 [dev-dependencies]

diff --git a/src/atact.rs b/src/atact.rs
@@ -1,11 +1,11 @@
-use ark_ff::{Field, One, UniformRand};
+use ark_ff::{Field, UniformRand, Zero};
 use ark_serialize::CanonicalSerialize;
 use rayon::iter::{IntoParallelIterator, ParallelIterator};
 use sha3::digest::{ExtendableOutput, Update, XofReader};
 use thiserror::Error;
 
 use crate::{
-    bls381_helpers::{pairing_product, Scalar},
+    bls381_helpers::{multi_pairing, Scalar},
     lagrange::Lagrange,
     pedersen::{Commitment, Proof2PK},
     tsw::{self, PublicKey, SecretKey, Signature},
@@ -345,8 +345,8 @@ pub fn verify(
         .map(|k| &token_proof.ss[k] * pp.lagrange_tprime.eval_j_0(k))
         .sum();
     let sk_prod = -sk_prod.0;
-    if !pairing_product(&[(&token.s.0, &token_proof.pk_prime.0), (&sk_prod, &pp.pk.0)]).is_one()
-        || !pairing_product(&[(&token_proof.pk_prime.0, &token.s.0), (&pp.pk.0, &sk_prod)]).is_one()
+    if !multi_pairing(&[(&token.s.0, &token_proof.pk_prime.0), (&sk_prod, &pp.pk.0)]).is_zero()
+        || !multi_pairing(&[(&token_proof.pk_prime.0, &token.s.0), (&pp.pk.0, &sk_prod)]).is_zero()
     {
         return Err(AtACTError::InvalidToken);
     }

diff --git a/src/bls381_helpers.rs b/src/bls381_helpers.rs
@@ -5,18 +5,18 @@ use std::{
 };
 
 use ark_bls12_381::Bls12_381;
-use ark_ec::PairingEngine;
+use ark_ec::pairing::{Pairing, PairingOutput};
 use ark_ff::{UniformRand, Zero};
 use rand::{RngCore, SeedableRng};
 use rand_chacha::ChaCha20Rng;
 use sha2::Digest;
 
-pub type G1Affine = <Bls12_381 as PairingEngine>::G1Affine;
-pub type G1Projective = <Bls12_381 as PairingEngine>::G1Projective;
-pub type G2Affine = <Bls12_381 as PairingEngine>::G2Affine;
-pub type G2Projective = <Bls12_381 as PairingEngine>::G2Projective;
-pub type Gt = <Bls12_381 as PairingEngine>::Fqk;
-pub type Scalar = <Bls12_381 as PairingEngine>::Fr;
+pub type G1Affine = <Bls12_381 as Pairing>::G1Affine;
+pub type G1Projective = <Bls12_381 as Pairing>::G1;
+pub type G2Affine = <Bls12_381 as Pairing>::G2Affine;
+pub type G2Projective = <Bls12_381 as Pairing>::G2;
+pub type Gt = PairingOutput<Bls12_381>;
+pub type Scalar = <Bls12_381 as Pairing>::ScalarField;
 
 #[inline]
 fn hash_with_domain_separation_1(msg: &[u8], domain_separator: &[u8]) -> G1Projective {
@@ -59,21 +59,10 @@ pub fn pairing(lhs: &G1G2, rhs: &G1G2) -> Gt {
 }
 
 #[inline]
-pub fn pairing_product(elements: &[(&G1G2, &G1G2)]) -> Gt {
-    type G1Prepared = <Bls12_381 as PairingEngine>::G1Prepared;
-    type G2Prepared = <Bls12_381 as PairingEngine>::G2Prepared;
-
-    Bls12_381::product_of_pairings(
-        elements
-            .iter()
-            .map(|(lhs, rhs)| {
-                (
-                    G1Prepared::from(G1Affine::from(lhs.0)),
-                    G2Prepared::from(G2Affine::from(rhs.1)),
-                )
-            })
-            .collect::<Vec<_>>()
-            .iter(),
+pub fn multi_pairing(elements: &[(&G1G2, &G1G2)]) -> Gt {
+    Bls12_381::multi_pairing(
+        elements.iter().map(|(lhs, _rhs)| G1Affine::from(lhs.0)),
+        elements.iter().map(|(_lhs, rhs)| G2Affine::from(rhs.1)),
     )
 }
 
@@ -250,12 +239,12 @@ mod test {
         let rhs1 = G1G2(G1Projective::rand(&mut rng), G2Projective::rand(&mut rng));
         let rhs2 = G1G2(G1Projective::rand(&mut rng), G2Projective::rand(&mut rng));
 
-        let check = pairing(&lhs1, &rhs1) * pairing(&lhs2, &rhs2);
-        let pp = pairing_product(&[(&lhs1, &rhs1), (&lhs2, &rhs2)]);
+        let check = pairing(&lhs1, &rhs1) + pairing(&lhs2, &rhs2);
+        let pp = multi_pairing(&[(&lhs1, &rhs1), (&lhs2, &rhs2)]);
         assert_eq!(check, pp);
 
-        let check = pairing(&lhs1, &rhs1) / pairing(&lhs2, &rhs2);
-        let pp = pairing_product(&[(&lhs1, &rhs1), (&-lhs2, &rhs2)]);
+        let check = pairing(&lhs1, &rhs1) - pairing(&lhs2, &rhs2);
+        let pp = multi_pairing(&[(&lhs1, &rhs1), (&-lhs2, &rhs2)]);
         assert_eq!(check, pp);
     }
 }

diff --git a/src/s3id.rs b/src/s3id.rs
@@ -8,7 +8,7 @@ use crate::{
     atact::{self, AtACTError, Token},
     bls381_helpers::{
         gs::{CProof, CRS, PPE},
-        hash_with_domain_separation, pairing_product, Gt, Scalar, G1G2,
+        hash_with_domain_separation, multi_pairing, Gt, Scalar, G1G2,
     },
     pedersen::{
         self, get_parameters, Commitment, MultiBasePublicParameters, Opening, ProofMultiIndex,
@@ -264,7 +264,7 @@ pub fn appcred(
     let g1_1_vars = vec![zeta.0 .0.into()];
     let g2_2_vars = vec![zeta.0 .1.into()];
 
-    let target = pairing_product(&[(&zeta.0, &pp2.g), (&pp2.g, &zeta.0)]);
+    let target = multi_pairing(&[(&zeta.0, &pp2.g), (&pp2.g, &zeta.0)]);
 
     // this is limitation of the GS implementation, we can only do one equation
     // where both variables in G1 and G2 are used; hence we prove the product of
@@ -312,7 +312,7 @@ pub fn verifycred(
     let tau = &cred.tau;
     let check = h + &tau.0;
 
-    let target = pairing_product(&[(&check, &pk.0), (&pk.0, &check)]);
+    let target = multi_pairing(&[(&check, &pk.0), (&pk.0, &check)]);
 
     let equ_1 = setup_ppe(target);
     if equ_1.verify(&pi.gs_pi_1, &pp.crs) {

diff --git a/src/tsw.rs b/src/tsw.rs
@@ -4,12 +4,12 @@ use std::{
     ops::{Add, Index, Mul, Sub},
 };
 
-use ark_ff::{Field, One, UniformRand};
+use ark_ff::{Field, UniformRand, Zero};
 use rand::thread_rng;
 use thiserror::Error;
 
 use crate::{
-    bls381_helpers::{hash_usize, pairing_product, Scalar, G1G2},
+    bls381_helpers::{hash_usize, multi_pairing, Scalar, G1G2},
     lagrange::Lagrange,
     pedersen::{get_parameters, Commitment},
 };
@@ -129,8 +129,8 @@ impl PublicKey {
 
         let check = -(&pp[index] + &commitment.0);
 
-        if pairing_product(&[(&check, &self.0), (&signature.0, &pedersen_pp.g)]).is_one()
-            && pairing_product(&[(&self.0, &check), (&pedersen_pp.g, &signature.0)]).is_one()
+        if multi_pairing(&[(&check, &self.0), (&signature.0, &pedersen_pp.g)]).is_zero()
+            && multi_pairing(&[(&self.0, &check), (&pedersen_pp.g, &signature.0)]).is_zero()
         {
             Ok(())
         } else {
@@ -155,7 +155,7 @@ impl Signature {
 impl PublicKey {
     pub fn is_valid(&self) -> bool {
         let pp = get_parameters();
-        pairing_product(&[(&-&self.0, &pp.g), (&pp.g, &self.0)]).is_one()
+        multi_pairing(&[(&-&self.0, &pp.g), (&pp.g, &self.0)]).is_zero()
     }
 }