diff --git a/tfhe-zk-pok/src/curve_api.rs b/tfhe-zk-pok/src/curve_api.rs index 75f3b3ccf..c29d9e828 100644 --- a/tfhe-zk-pok/src/curve_api.rs +++ b/tfhe-zk-pok/src/curve_api.rs @@ -62,7 +62,7 @@ pub trait FieldOps: fn from_u128(n: u128) -> Self; fn from_u64(n: u64) -> Self; fn from_i64(n: i64) -> Self; - fn to_bytes(self) -> impl AsRef<[u8]>; + fn to_le_bytes(self) -> impl AsRef<[u8]>; fn rand(rng: &mut dyn rand::RngCore) -> Self; fn hash(values: &mut [Self], data: &[&[u8]]); fn hash_128bit(values: &mut [Self], data: &[&[u8]]); @@ -130,7 +130,7 @@ pub trait CurveGroupOps: fn mul_scalar(self, scalar: Zp) -> Self; fn multi_mul_scalar(bases: &[Self::Affine], scalars: &[Zp]) -> Self; - fn to_bytes(self) -> impl AsRef<[u8]>; + fn to_le_bytes(self) -> impl AsRef<[u8]>; fn double(self) -> Self; fn normalize(self) -> Self::Affine; } @@ -171,8 +171,8 @@ impl FieldOps for bls12_381::Zp { fn from_i64(n: i64) -> Self { Self::from_i64(n) } - fn to_bytes(self) -> impl AsRef<[u8]> { - self.to_bytes() + fn to_le_bytes(self) -> impl AsRef<[u8]> { + self.to_le_bytes() } fn rand(rng: &mut dyn rand::RngCore) -> Self { Self::rand(rng) @@ -222,8 +222,8 @@ impl CurveGroupOps for bls12_381::G1 { Self::Affine::multi_mul_scalar(bases, scalars) } - fn to_bytes(self) -> impl AsRef<[u8]> { - self.to_bytes() + fn to_le_bytes(self) -> impl AsRef<[u8]> { + self.to_le_bytes() } fn double(self) -> Self { @@ -262,8 +262,8 @@ impl CurveGroupOps for bls12_381::G2 { Self::Affine::multi_mul_scalar(bases, scalars) } - fn to_bytes(self) -> impl AsRef<[u8]> { - self.to_bytes() + fn to_le_bytes(self) -> impl AsRef<[u8]> { + self.to_le_bytes() } fn double(self) -> Self { @@ -303,8 +303,8 @@ impl FieldOps for bls12_446::Zp { fn from_i64(n: i64) -> Self { Self::from_i64(n) } - fn to_bytes(self) -> impl AsRef<[u8]> { - self.to_bytes() + fn to_le_bytes(self) -> impl AsRef<[u8]> { + self.to_le_bytes() } fn rand(rng: &mut dyn rand::RngCore) -> Self { Self::rand(rng) @@ -359,8 +359,8 @@ impl CurveGroupOps for bls12_446::G1 { } } - fn to_bytes(self) -> impl AsRef<[u8]> { - self.to_bytes() + fn to_le_bytes(self) -> impl AsRef<[u8]> { + self.to_le_bytes() } fn double(self) -> Self { @@ -399,8 +399,8 @@ impl CurveGroupOps for bls12_446::G2 { Self::Affine::multi_mul_scalar(bases, scalars) } - fn to_bytes(self) -> impl AsRef<[u8]> { - self.to_bytes() + fn to_le_bytes(self) -> impl AsRef<[u8]> { + self.to_le_bytes() } fn double(self) -> Self { diff --git a/tfhe-zk-pok/src/curve_api/bls12_381.rs b/tfhe-zk-pok/src/curve_api/bls12_381.rs index db579165b..c02b02aef 100644 --- a/tfhe-zk-pok/src/curve_api/bls12_381.rs +++ b/tfhe-zk-pok/src/curve_api/bls12_381.rs @@ -25,7 +25,7 @@ fn mul_zp + Group>(x: T, scalar: Zp) -> T { y } -fn bigint_to_bytes(x: [u64; 6]) -> [u8; 6 * 8] { +fn bigint_to_le_bytes(x: [u64; 6]) -> [u8; 6 * 8] { let mut buf = [0u8; 6 * 8]; for (i, &xi) in x.iter().enumerate() { buf[i * 8..][..8].copy_from_slice(&xi.to_le_bytes()); @@ -114,7 +114,7 @@ mod g1 { }, }; - // Size in number of bytes when the [to_bytes] + // Size in number of bytes when the [to_le_bytes] // function is called. // This is not the size after serialization! pub const BYTE_SIZE: usize = 2 * 6 * 8 + 1; @@ -140,10 +140,10 @@ mod g1 { .sum::() } - pub fn to_bytes(self) -> [u8; Self::BYTE_SIZE] { + pub fn to_le_bytes(self) -> [u8; Self::BYTE_SIZE] { let g = self.inner.into_affine(); - let x = bigint_to_bytes(g.x.0 .0); - let y = bigint_to_bytes(g.y.0 .0); + let x = bigint_to_le_bytes(g.x.0 .0); + let y = bigint_to_le_bytes(g.y.0 .0); let mut buf = [0u8; 2 * 6 * 8 + 1]; buf[..6 * 8].copy_from_slice(&x); buf[6 * 8..][..6 * 8].copy_from_slice(&y); @@ -333,7 +333,7 @@ mod g2 { }, }; - // Size in number of bytes when the [to_bytes] + // Size in number of bytes when the [to_le_bytes] // function is called. // This is not the size after serialization! pub const BYTE_SIZE: usize = 4 * 6 * 8 + 1; @@ -359,12 +359,12 @@ mod g2 { .sum::() } - pub fn to_bytes(self) -> [u8; Self::BYTE_SIZE] { + pub fn to_le_bytes(self) -> [u8; Self::BYTE_SIZE] { let g = self.inner.into_affine(); - let xc0 = bigint_to_bytes(g.x.c0.0 .0); - let xc1 = bigint_to_bytes(g.x.c1.0 .0); - let yc0 = bigint_to_bytes(g.y.c0.0 .0); - let yc1 = bigint_to_bytes(g.y.c1.0 .0); + let xc0 = bigint_to_le_bytes(g.x.c0.0 .0); + let xc1 = bigint_to_le_bytes(g.x.c1.0 .0); + let yc0 = bigint_to_le_bytes(g.y.c0.0 .0); + let yc1 = bigint_to_le_bytes(g.y.c1.0 .0); let mut buf = [0u8; 4 * 6 * 8 + 1]; buf[..6 * 8].copy_from_slice(&xc0); buf[6 * 8..][..6 * 8].copy_from_slice(&xc1); @@ -649,7 +649,7 @@ mod zp { } } - pub fn to_bytes(self) -> [u8; 4 * 8] { + pub fn to_le_bytes(self) -> [u8; 4 * 8] { let buf = [ self.inner.0 .0[0].to_le_bytes(), self.inner.0 .0[1].to_le_bytes(), diff --git a/tfhe-zk-pok/src/curve_api/bls12_446.rs b/tfhe-zk-pok/src/curve_api/bls12_446.rs index a19bcd31d..0cab45355 100644 --- a/tfhe-zk-pok/src/curve_api/bls12_446.rs +++ b/tfhe-zk-pok/src/curve_api/bls12_446.rs @@ -25,7 +25,7 @@ fn mul_zp + Group>(x: T, scalar: Zp) -> T { y } -fn bigint_to_bytes(x: [u64; 7]) -> [u8; 7 * 8] { +fn bigint_to_le_bytes(x: [u64; 7]) -> [u8; 7 * 8] { let mut buf = [0u8; 7 * 8]; for (i, &xi) in x.iter().enumerate() { buf[i * 8..][..8].copy_from_slice(&xi.to_le_bytes()); @@ -114,7 +114,7 @@ mod g1 { }, }; - // Size in number of bytes when the [to_bytes] + // Size in number of bytes when the [to_le_bytes] // function is called. // This is not the size after serialization! pub const BYTE_SIZE: usize = 2 * 7 * 8 + 1; @@ -141,10 +141,10 @@ mod g1 { } } - pub fn to_bytes(self) -> [u8; Self::BYTE_SIZE] { + pub fn to_le_bytes(self) -> [u8; Self::BYTE_SIZE] { let g = self.inner.into_affine(); - let x = bigint_to_bytes(g.x.0 .0); - let y = bigint_to_bytes(g.y.0 .0); + let x = bigint_to_le_bytes(g.x.0 .0); + let y = bigint_to_le_bytes(g.y.0 .0); let mut buf = [0u8; 2 * 7 * 8 + 1]; buf[..7 * 8].copy_from_slice(&x); buf[7 * 8..][..7 * 8].copy_from_slice(&y); @@ -424,7 +424,7 @@ mod g2 { }, }; - // Size in number of bytes when the [to_bytes] + // Size in number of bytes when the [to_le_bytes] // function is called. // This is not the size after serialization! pub const BYTE_SIZE: usize = 4 * 7 * 8 + 1; @@ -450,12 +450,12 @@ mod g2 { .sum::() } - pub fn to_bytes(self) -> [u8; Self::BYTE_SIZE] { + pub fn to_le_bytes(self) -> [u8; Self::BYTE_SIZE] { let g = self.inner.into_affine(); - let xc0 = bigint_to_bytes(g.x.c0.0 .0); - let xc1 = bigint_to_bytes(g.x.c1.0 .0); - let yc0 = bigint_to_bytes(g.y.c0.0 .0); - let yc1 = bigint_to_bytes(g.y.c1.0 .0); + let xc0 = bigint_to_le_bytes(g.x.c0.0 .0); + let xc1 = bigint_to_le_bytes(g.x.c1.0 .0); + let yc0 = bigint_to_le_bytes(g.y.c0.0 .0); + let yc1 = bigint_to_le_bytes(g.y.c1.0 .0); let mut buf = [0u8; 4 * 7 * 8 + 1]; buf[..7 * 8].copy_from_slice(&xc0); buf[7 * 8..][..7 * 8].copy_from_slice(&xc1); @@ -909,7 +909,7 @@ mod zp { } } - pub fn to_bytes(self) -> [u8; 5 * 8] { + pub fn to_le_bytes(self) -> [u8; 5 * 8] { let buf = [ self.inner.0 .0[0].to_le_bytes(), self.inner.0 .0[1].to_le_bytes(), diff --git a/tfhe-zk-pok/src/proofs/binary.rs b/tfhe-zk-pok/src/proofs/binary.rs index 9ba8c3a86..5fc684b6a 100644 --- a/tfhe-zk-pok/src/proofs/binary.rs +++ b/tfhe-zk-pok/src/proofs/binary.rs @@ -102,7 +102,7 @@ pub fn prove( let g_list = &public.0.g_lists.g_list; let mut y = OneBased(vec![G::Zp::ZERO; n]); - G::Zp::hash(&mut y.0, &[&public.0.hash, c_hat.to_bytes().as_ref()]); + G::Zp::hash(&mut y.0, &[&public.0.hash, c_hat.to_le_bytes().as_ref()]); let mut c_y = g.mul_scalar(gamma_y); for j in 1..n + 1 { @@ -110,7 +110,7 @@ pub fn prove( } let y_bytes = &*(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(); let mut t = OneBased(vec![G::Zp::ZERO; n]); G::Zp::hash( @@ -118,8 +118,8 @@ pub fn prove( &[ &public.0.hash_t, y_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); @@ -128,8 +128,8 @@ pub fn prove( &mut delta, &[ &public.0.hash_agg, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_eq, delta_y] = delta; @@ -191,10 +191,10 @@ pub fn verify( let c_y = proof.c_y; let mut y = OneBased(vec![G::Zp::ZERO; n]); - G::Zp::hash(&mut y.0, &[&public.0.hash, c_hat.to_bytes().as_ref()]); + G::Zp::hash(&mut y.0, &[&public.0.hash, c_hat.to_le_bytes().as_ref()]); let y_bytes = &*(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(); let mut t = OneBased(vec![G::Zp::ZERO; n]); G::Zp::hash( @@ -202,8 +202,8 @@ pub fn verify( &[ &public.0.hash_t, y_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); @@ -212,8 +212,8 @@ pub fn verify( &mut delta, &[ &public.0.hash_agg, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_eq, delta_y] = delta; diff --git a/tfhe-zk-pok/src/proofs/pke.rs b/tfhe-zk-pok/src/proofs/pke.rs index 7cb6de390..85e003695 100644 --- a/tfhe-zk-pok/src/proofs/pke.rs +++ b/tfhe-zk-pok/src/proofs/pke.rs @@ -375,7 +375,7 @@ pub fn prove( let mut y = vec![G::Zp::ZERO; n]; G::Zp::hash( &mut y, - &[hash, metadata, x_bytes, c_hat.to_bytes().as_ref()], + &[hash, metadata, x_bytes, c_hat.to_le_bytes().as_ref()], ); let y = OneBased(y); @@ -391,8 +391,8 @@ pub fn prove( hash_lmap, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); @@ -423,11 +423,11 @@ pub fn prove( hash_t, metadata, &(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(), x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let t = OneBased(t); @@ -439,8 +439,8 @@ pub fn prove( hash_agg, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_eq, delta_y] = delta; @@ -518,20 +518,20 @@ pub fn prove( hash_z, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), ], ); @@ -559,24 +559,24 @@ pub fn prove( hash_w, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), - z.to_bytes().as_ref(), - p_h.to_bytes().as_ref(), - p_t.to_bytes().as_ref(), + z.to_le_bytes().as_ref(), + p_h.to_le_bytes().as_ref(), + p_t.to_le_bytes().as_ref(), ], ); @@ -821,7 +821,7 @@ pub fn verify( let mut y = vec![G::Zp::ZERO; n]; G::Zp::hash( &mut y, - &[hash, metadata, x_bytes, c_hat.to_bytes().as_ref()], + &[hash, metadata, x_bytes, c_hat.to_le_bytes().as_ref()], ); let y = OneBased(y); @@ -832,8 +832,8 @@ pub fn verify( hash_lmap, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let theta0 = &theta[..d + k]; @@ -869,11 +869,11 @@ pub fn verify( hash_t, metadata, &(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(), x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let t = OneBased(t); @@ -885,8 +885,8 @@ pub fn verify( hash_agg, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_eq, delta_y] = delta; @@ -900,20 +900,20 @@ pub fn verify( hash_z, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), ], ); @@ -953,24 +953,24 @@ pub fn verify( hash_w, metadata, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), - z.to_bytes().as_ref(), - p_h.to_bytes().as_ref(), - p_t.to_bytes().as_ref(), + z.to_le_bytes().as_ref(), + p_h.to_le_bytes().as_ref(), + p_t.to_le_bytes().as_ref(), ], ); diff --git a/tfhe-zk-pok/src/proofs/pke_v2.rs b/tfhe-zk-pok/src/proofs/pke_v2.rs index cc0b5544a..72c380aea 100644 --- a/tfhe-zk-pok/src/proofs/pke_v2.rs +++ b/tfhe-zk-pok/src/proofs/pke_v2.rs @@ -561,9 +561,9 @@ pub fn prove( hash_R, metadata, x_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ] { hasher.update(data); } @@ -631,15 +631,15 @@ pub fn prove( metadata, x_bytes, R_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), - C_R.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ], ); let phi_bytes = &*phi .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let m = m_bound; @@ -670,19 +670,19 @@ pub fn prove( hash_xi, metadata, x_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, phi_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ], ); let xi_bytes = &*xi .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut y = vec![G::Zp::ZERO; D + 128 * m]; @@ -695,16 +695,16 @@ pub fn prove( R_bytes, phi_bytes, xi_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ], ); let y_bytes = &*y .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); assert_eq!(y.len(), w_bin.len()); @@ -727,18 +727,18 @@ pub fn prove( y_bytes, phi_bytes, xi_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let t_bytes = &*t .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut theta = vec![G::Zp::ZERO; d + k]; @@ -752,18 +752,18 @@ pub fn prove( t_bytes, phi_bytes, xi_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let theta_bytes = &*theta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut a_theta = vec![G::Zp::ZERO; D]; @@ -788,18 +788,18 @@ pub fn prove( phi_bytes, xi_bytes, theta_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let w_bytes = &*w .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut delta = [G::Zp::ZERO; 7]; @@ -815,19 +815,19 @@ pub fn prove( xi_bytes, theta_bytes, w_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let [delta_r, delta_dec, delta_eq, delta_y, delta_theta, delta_e, delta_l] = delta; let delta_bytes = &*delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut poly_0_lhs = vec![G::Zp::ZERO; 1 + n]; @@ -1170,8 +1170,8 @@ pub fn prove( ComputeLoad::Verify => (None, None), }; - let C_hat_h3_bytes = C_hat_h3.map(G::G2::to_bytes); - let C_hat_w_bytes = C_hat_w.map(G::G2::to_bytes); + let C_hat_h3_bytes = C_hat_h3.map(G::G2::to_le_bytes); + let C_hat_w_bytes = C_hat_w.map(G::G2::to_le_bytes); let C_hat_h3_bytes = C_hat_h3_bytes.as_ref().map(|x| x.as_ref()).unwrap_or(&[]); let C_hat_w_bytes = C_hat_w_bytes.as_ref().map(|x| x.as_ref()).unwrap_or(&[]); @@ -1190,16 +1190,16 @@ pub fn prove( x_bytes, theta_bytes, delta_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), - C_h1.to_bytes().as_ref(), - C_h2.to_bytes().as_ref(), - C_hat_t.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), + C_h1.to_le_bytes().as_ref(), + C_h2.to_le_bytes().as_ref(), + C_hat_t.to_le_bytes().as_ref(), C_hat_h3_bytes, C_hat_w_bytes, ], @@ -1323,22 +1323,22 @@ pub fn prove( xi_bytes, theta_bytes, delta_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), - C_h1.to_bytes().as_ref(), - C_h2.to_bytes().as_ref(), - C_hat_t.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), + C_h1.to_le_bytes().as_ref(), + C_h2.to_le_bytes().as_ref(), + C_hat_t.to_le_bytes().as_ref(), C_hat_h3_bytes, C_hat_w_bytes, - z.to_bytes().as_ref(), - p_h1.to_bytes().as_ref(), - p_h2.to_bytes().as_ref(), - p_t.to_bytes().as_ref(), + z.to_le_bytes().as_ref(), + p_h1.to_le_bytes().as_ref(), + p_h2.to_le_bytes().as_ref(), + p_t.to_le_bytes().as_ref(), ], ); @@ -1558,8 +1558,8 @@ pub fn verify( return Err(()); } - let C_hat_h3_bytes = C_hat_h3.map(G::G2::to_bytes); - let C_hat_w_bytes = C_hat_w.map(G::G2::to_bytes); + let C_hat_h3_bytes = C_hat_h3.map(G::G2::to_le_bytes); + let C_hat_w_bytes = C_hat_w.map(G::G2::to_le_bytes); let C_hat_h3_bytes = C_hat_h3_bytes.as_ref().map(|x| x.as_ref()).unwrap_or(&[]); let C_hat_w_bytes = C_hat_w_bytes.as_ref().map(|x| x.as_ref()).unwrap_or(&[]); @@ -1596,9 +1596,9 @@ pub fn verify( hash_R, metadata, x_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ] { hasher.update(data); } @@ -1634,15 +1634,15 @@ pub fn verify( metadata, x_bytes, R_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), - C_R.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ], ); let phi_bytes = &*phi .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut xi = vec![G::Zp::ZERO; 128]; @@ -1652,18 +1652,18 @@ pub fn verify( hash_xi, metadata, x_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, phi_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ], ); let xi_bytes = &*xi .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut y = vec![G::Zp::ZERO; D + 128 * m]; @@ -1676,16 +1676,16 @@ pub fn verify( R_bytes, phi_bytes, xi_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), ], ); let y_bytes = &*y .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut t = vec![G::Zp::ZERO; n]; @@ -1698,18 +1698,18 @@ pub fn verify( y_bytes, phi_bytes, xi_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let t_bytes = &*t .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut theta = vec![G::Zp::ZERO; d + k]; @@ -1723,18 +1723,18 @@ pub fn verify( t_bytes, phi_bytes, xi_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let theta_bytes = &*theta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut w = vec![G::Zp::ZERO; n]; @@ -1749,18 +1749,18 @@ pub fn verify( phi_bytes, xi_bytes, theta_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let w_bytes = &*w .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let mut a_theta = vec![G::Zp::ZERO; D]; @@ -1786,19 +1786,19 @@ pub fn verify( xi_bytes, theta_bytes, w_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), ], ); let [delta_r, delta_dec, delta_eq, delta_y, delta_theta, delta_e, delta_l] = delta; let delta_bytes = &*delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(); let g = G::G1::GENERATOR; @@ -1880,16 +1880,16 @@ pub fn verify( x_bytes, theta_bytes, delta_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), - C_h1.to_bytes().as_ref(), - C_h2.to_bytes().as_ref(), - C_hat_t.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), + C_h1.to_le_bytes().as_ref(), + C_h2.to_le_bytes().as_ref(), + C_hat_t.to_le_bytes().as_ref(), C_hat_h3_bytes, C_hat_w_bytes, ], @@ -2019,22 +2019,22 @@ pub fn verify( xi_bytes, theta_bytes, delta_bytes, - C_hat_e.to_bytes().as_ref(), - C_e.to_bytes().as_ref(), + C_hat_e.to_le_bytes().as_ref(), + C_e.to_le_bytes().as_ref(), R_bytes, - C_R.to_bytes().as_ref(), - C_hat_bin.to_bytes().as_ref(), - C_r_tilde.to_bytes().as_ref(), - C_y.to_bytes().as_ref(), - C_h1.to_bytes().as_ref(), - C_h2.to_bytes().as_ref(), - C_hat_t.to_bytes().as_ref(), + C_R.to_le_bytes().as_ref(), + C_hat_bin.to_le_bytes().as_ref(), + C_r_tilde.to_le_bytes().as_ref(), + C_y.to_le_bytes().as_ref(), + C_h1.to_le_bytes().as_ref(), + C_h2.to_le_bytes().as_ref(), + C_hat_t.to_le_bytes().as_ref(), C_hat_h3_bytes, C_hat_w_bytes, - z.to_bytes().as_ref(), - p_h1.to_bytes().as_ref(), - p_h2.to_bytes().as_ref(), - p_t.to_bytes().as_ref(), + z.to_le_bytes().as_ref(), + p_h1.to_le_bytes().as_ref(), + p_h2.to_le_bytes().as_ref(), + p_t.to_le_bytes().as_ref(), ], ); let chi2 = chi * chi; diff --git a/tfhe-zk-pok/src/proofs/range.rs b/tfhe-zk-pok/src/proofs/range.rs index 565cf41a4..d6fd4d43a 100644 --- a/tfhe-zk-pok/src/proofs/range.rs +++ b/tfhe-zk-pok/src/proofs/range.rs @@ -145,7 +145,11 @@ pub fn prove( let mut y = vec![G::Zp::ZERO; n]; G::Zp::hash( &mut y, - &[hash, v_hat.to_bytes().as_ref(), c_hat.to_bytes().as_ref()], + &[ + hash, + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + ], ); let y = OneBased(y); let mut c_y = g.mul_scalar(gamma_y); @@ -154,7 +158,7 @@ pub fn prove( } let y_bytes = &*(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(); let mut t = vec![G::Zp::ZERO; n]; @@ -163,9 +167,9 @@ pub fn prove( &[ hash_t, y_bytes, - v_hat.to_bytes().as_ref(), - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let t = OneBased(t); @@ -222,9 +226,9 @@ pub fn prove( &[ hash_s, &i.to_le_bytes(), - v_hat.to_bytes().as_ref(), - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); } @@ -244,9 +248,9 @@ pub fn prove( &mut delta, &[ hash_agg, - v_hat.to_bytes().as_ref(), - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_x, delta_eq, delta_y, delta_v] = delta; @@ -289,12 +293,16 @@ pub fn verify( let mut y = vec![G::Zp::ZERO; n]; G::Zp::hash( &mut y, - &[hash, v_hat.to_bytes().as_ref(), c_hat.to_bytes().as_ref()], + &[ + hash, + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + ], ); let y = OneBased(y); let y_bytes = &*(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(); let mut t = vec![G::Zp::ZERO; n]; @@ -303,9 +311,9 @@ pub fn verify( &[ hash_t, y_bytes, - v_hat.to_bytes().as_ref(), - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let t = OneBased(t); @@ -315,9 +323,9 @@ pub fn verify( &mut delta, &[ hash_agg, - v_hat.to_bytes().as_ref(), - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_x, delta_eq, delta_y, delta_v] = delta; @@ -329,9 +337,9 @@ pub fn verify( &[ hash_s, &i.to_le_bytes(), - v_hat.to_bytes().as_ref(), - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + v_hat.to_le_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); } diff --git a/tfhe-zk-pok/src/proofs/rlwe.rs b/tfhe-zk-pok/src/proofs/rlwe.rs index d81274c9f..8ca9b9046 100644 --- a/tfhe-zk-pok/src/proofs/rlwe.rs +++ b/tfhe-zk-pok/src/proofs/rlwe.rs @@ -329,7 +329,7 @@ pub fn prove( .collect::>(); let mut y = vec![G::Zp::ZERO; n]; - G::Zp::hash(&mut y, &[hash, x_bytes, c_hat.to_bytes().as_ref()]); + G::Zp::hash(&mut y, &[hash, x_bytes, c_hat.to_le_bytes().as_ref()]); let y = OneBased(y); let scalars = (n + 1 - big_d..n + 1) @@ -343,11 +343,11 @@ pub fn prove( &[ hash_t, &(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(), x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let t = OneBased(t); @@ -358,8 +358,8 @@ pub fn prove( &[ hash_lmap, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let theta = (0..big_n * d + 1).map(|k| theta_bar[k]).collect::>(); @@ -442,8 +442,8 @@ pub fn prove( &[ hash_agg, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_eq, delta_y] = delta; @@ -510,20 +510,20 @@ pub fn prove( &[ hash_z, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), ], ); @@ -550,24 +550,24 @@ pub fn prove( &[ hash_w, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), - z.to_bytes().as_ref(), - p_h.to_bytes().as_ref(), - p_t.to_bytes().as_ref(), + z.to_le_bytes().as_ref(), + p_h.to_le_bytes().as_ref(), + p_t.to_le_bytes().as_ref(), ], ); @@ -676,14 +676,14 @@ pub fn verify( &[ hash_agg, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let [delta_eq, delta_y] = delta; let mut y = vec![G::Zp::ZERO; n]; - G::Zp::hash(&mut y, &[hash, x_bytes, c_hat.to_bytes().as_ref()]); + G::Zp::hash(&mut y, &[hash, x_bytes, c_hat.to_le_bytes().as_ref()]); let y = OneBased(y); let mut t = vec![G::Zp::ZERO; n]; @@ -692,11 +692,11 @@ pub fn verify( &[ hash_t, &(1..n + 1) - .flat_map(|i| y[i].to_bytes().as_ref().to_vec()) + .flat_map(|i| y[i].to_le_bytes().as_ref().to_vec()) .collect::>(), x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let t = OneBased(t); @@ -707,8 +707,8 @@ pub fn verify( &[ hash_lmap, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), ], ); let theta = (0..big_n * d + 1).map(|k| theta_bar[k]).collect::>(); @@ -792,20 +792,20 @@ pub fn verify( &[ hash_z, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), ], ); @@ -844,24 +844,24 @@ pub fn verify( &[ hash_w, x_bytes, - c_hat.to_bytes().as_ref(), - c_y.to_bytes().as_ref(), - pi.to_bytes().as_ref(), - c_h.to_bytes().as_ref(), - c_hat_t.to_bytes().as_ref(), + c_hat.to_le_bytes().as_ref(), + c_y.to_le_bytes().as_ref(), + pi.to_le_bytes().as_ref(), + c_h.to_le_bytes().as_ref(), + c_hat_t.to_le_bytes().as_ref(), &y.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &t.0.iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), &delta .iter() - .flat_map(|x| x.to_bytes().as_ref().to_vec()) + .flat_map(|x| x.to_le_bytes().as_ref().to_vec()) .collect::>(), - z.to_bytes().as_ref(), - p_h.to_bytes().as_ref(), - p_t.to_bytes().as_ref(), + z.to_le_bytes().as_ref(), + p_h.to_le_bytes().as_ref(), + p_t.to_le_bytes().as_ref(), ], );