added some commented to lead proof

2026-01-09 22:57:59 -05:00 · 2022-08-01 22:04:39 +02:00
parent 39c9f3871b
commit 95a048ab23
2 changed files with 28 additions and 47 deletions
--- a/src/blockchain/epoch.rs
+++ b/src/blockchain/epoch.rs
@@ -174,11 +174,12 @@ impl Epoch {
            //random sampling of the same size of prf,
            //pseudo random sampling that is the size of pederson commitment
            // coin slot number
-            //TODO (fix) need to be multiplied by the ep
+
+            //TODO this has to be absolute path
            let c_sl = pallas::Base::from(u64::try_from(i).unwrap());
            //
-            //TODO (fix)
-            let c_tau = pallas::Base::from(u64::try_from(i).unwrap()); // let's assume it's sl for simplicity
+            //let's assume it's sl for simplicity
+            let c_tau = pallas::Base::from(u64::try_from(i).unwrap());
            //
            let c_root_sk: MerkleNode = root_sks[i];

@@ -187,7 +188,6 @@ impl Epoch {
                c_root_sk.inner(),
            ];
            let c_pk : pallas::Base = poseidon::Hash::<_, poseidon::P128Pow5T3, poseidon::ConstantLength<2>, 3, 2>::init().hash(coin_pk_msg);
-            //let c_pk = pedersen_commitment_base(c_tau, mod_r_p(c_root_sk.inner()));

            let c_seed = pallas::Base::from(seeds[i]);
            let sn_msg = [
@@ -197,15 +197,6 @@ impl Epoch {
            let c_sn : pallas::Base = poseidon::Hash::<_, poseidon::P128Pow5T3, poseidon::ConstantLength<2>, 3, 2>::init().hash(coin_pk_msg);


-            //let lead_coin_msg = [
-              //  c_pk.clone(),
-
-                //c_v,
-                // *c_seed_pt.x(), //TODO(fix) will be c_seed(base) only after calculating c_seed as hash
-                //*c_seed_pt.y(),
-            //];
-            //let lead_coin_msg_hash : pallas::Scalar = poseidon::Hash::<_, poseidon::P128Pow5T3, poseidon::ConstantLength<1>, 3, 2>::init().hash(lead_coin_msg);
-
            let coin_commit_msg = c_pk*c_v*c_seed;
            let c_cm: pallas::Point = pedersen_commitment_scalar(mod_r_p(coin_commit_msg), c_cm1_blind);
            let c_cm_coordinates = c_cm.to_affine().coordinates().unwrap();
@@ -225,25 +216,10 @@ impl Epoch {
            let c_seed2_pt_x = c_seed2.clone();
            let c_seed2_pt_y = c_seed2.clone();

-            //let lead_coin_msg = [
-                //c_pk_pt_y.clone(),
-                //c_pk_pt_x.clone(),
-                //c_v,
-                //c_seed,
-            //pallas::Base::one(),
-            //];
-            //let lead_coin_msg_hash : pallas::Base = poseidon::Hash::<_, poseidon::P128Pow5T3, poseidon::ConstantLength<1>, 3, 2>::init().hash(lead_coin_msg);
            let coin2_commit_msg = c_pk*c_seed2_pt_x*c_seed2_pt_y*c_v;
            let c_cm2 = pedersen_commitment_base(coin2_commit_msg, c_cm2_blind);

            let c_root_sk = root_sks[i];
-
-            let c_root_sk_bytes: [u8; 32] = c_root_sk.inner().to_repr();
-            let mut c_root_sk_base_bytes: [u8; 32] = [0; 32];
-            //TODO (fix) using only first 24, use the whole root
-            c_root_sk_base_bytes[..23].copy_from_slice(&c_root_sk_bytes[..23]);
-            let _c_root_sk_base = pallas::Base::from_repr(c_root_sk_base_bytes);
-
            let c_path_sk = path_sks[i];

            // election seeds
--- a/src/zk/circuit/lead_contract.rs
+++ b/src/zk/circuit/lead_contract.rs
@@ -438,7 +438,9 @@ impl Circuit<pallas::Base> for LeadContract {
        )?;


-
+        // ================================================
+        // coin2 commiment H=COMMIT(pk||V||nonce2||r2)
+        // ================================================
        let coin2_hash_cm = ar_chip.mul(
            layouter.namespace(|| ""),
            &coin_pk_commit,
@@ -484,6 +486,9 @@ impl Circuit<pallas::Base> for LeadContract {
            LEAD_COIN_COMMIT2_Y_OFFSET,
        )?;

+
+        // ===========================
+        // path is valid path to cm1
        // ===========================
        let path : Value<[pallas::Base;MERKLE_DEPTH_ORCHARD]> = self.path.map(|typed_path| gen_const_array(|i| typed_path[i].inner()));

@@ -514,10 +519,10 @@ impl Circuit<pallas::Base> for LeadContract {
            LEAD_COIN_COMMIT_PATH_OFFSET,
        )?;

-        //let _node = MerkleNode::from_bytes(&self.root_sk.unwrap().to_repr()).unwrap();
-        //let serialized = serde_json::to_string(&node).unwrap();
-        //println!("root_sk: {}", serialized);

+        //================================
+        // y as COMIT(root_sk*nonce, mau_y)
+        //================================
        let y_commit_exp = ar_chip.mul(
        layouter.namespace(|| ""),
            &_root_sk.clone(),
@@ -550,7 +555,7 @@ impl Circuit<pallas::Base> for LeadContract {
        let y_commit_base = y_commit.inner().x();

        // ============================
-        // constraint rho
+        // constraint rho as COMIT(root_sk*nonce, mau_rho)
        // ============================
        let (com, _) = {
            let rho_commit_v = ValueCommitV;
@@ -572,7 +577,7 @@ impl Circuit<pallas::Base> for LeadContract {
        };
        let _rho_commit = com.add(layouter.namespace(|| "nonce commit"), &blind)?;

-        // that the coin value never get past it.
+        //used for fine tuning the leader election frequency
        let scalar = self.load_private(
            layouter.namespace(|| "load scalar "),
            config.advices[0],
@@ -585,21 +590,21 @@ impl Circuit<pallas::Base> for LeadContract {
            config.advices[0],
            Value::known(pallas::Base::one()), // note! this parameter to be tuned.
        )?;
-        //let ord = ar_chip.mul(layouter.namespace(|| ""), &scalar, &c)?;

-        //let target = ar_chip.mul(layouter.namespace(|| "calculate target"), &ord, &coin_value.clone())?;
-        //eb_chip.decompose(layouter.namespace(|| "target range check"), target.clone())?;
-        //eb_chip.decompose(layouter.namespace(|| "y_commit  range check"), y_commit_base.clone())?;
-
-        //let (helper, is_gt) = greater_than_chip.greater_than(
-        //  layouter.namespace(|| "t>y"),
-        //target.into(),
-        //            y_commit_base.into(),
-        //      )?;
-        //eb_chip.decompose(layouter.namespace(|| "helper range check"), helper.0)?;
-
-        //layouter.constrain_instance(is_gt.0.cell(), config.primary, LEAD_THRESHOLD_OFFSET)?
+        /*
+        let ord = ar_chip.mul(layouter.namespace(|| ""), &scalar, &c)?;
+        let target = ar_chip.mul(layouter.namespace(|| "calculate target"), &ord, &coin_value.clone())?;
+        eb_chip.decompose(layouter.namespace(|| "target range check"), target.clone())?;
+        eb_chip.decompose(layouter.namespace(|| "y_commit  range check"), y_commit_base.clone())?;

+        let (helper, is_gt) = greater_than_chip.greater_than(
+            layouter.namespace(|| "t>y"),
+            target.into(),
+                    y_commit_base.into(),
+        )?;
+        eb_chip.decompose(layouter.namespace(|| "helper range check"), helper.0)?;
+        layouter.constrain_instance(is_gt.0.cell(), config.primary, LEAD_THRESHOLD_OFFSET)?
+        */
        Ok(())
    }
 }