From e236703db82c1c461c1cdaa468c104abbdb711aa Mon Sep 17 00:00:00 2001 From: Song Xuyang Date: Thu, 23 Nov 2023 18:22:04 +0800 Subject: [PATCH] rename nonce in resource encryption to encrypt_nonce --- .../circuit/resource_encryption_circuit.rs | 12 +++++------ .../src/circuit/vp_examples/receiver_vp.rs | 18 ++++++++-------- taiga_halo2/src/circuit/vp_examples/token.rs | 2 +- taiga_halo2/src/resource_encryption.rs | 21 ++++++++++--------- 4 files changed, 27 insertions(+), 26 deletions(-) diff --git a/taiga_halo2/src/circuit/resource_encryption_circuit.rs b/taiga_halo2/src/circuit/resource_encryption_circuit.rs index 152b2969..c7e06a65 100644 --- a/taiga_halo2/src/circuit/resource_encryption_circuit.rs +++ b/taiga_halo2/src/circuit/resource_encryption_circuit.rs @@ -30,7 +30,7 @@ pub fn resource_encryption_gadget( poseidon_config: PoseidonConfig, add_chip: AddChip, ecc_chip: EccChip, - nonce: AssignedCell, + encrypt_nonce: AssignedCell, sender_sk: AssignedCell, rcv_pk: NonIdentityPoint>, message: &mut Vec>, @@ -55,16 +55,16 @@ pub fn resource_encryption_gadget( let sender_pk = generator.mul(layouter.namespace(|| "sender_sk * generator"), sender_sk)?; let (secret_key, _) = rcv_pk.mul(layouter.namespace(|| "sender_sk * rcv_pk"), sk)?; - // length_nonce = length * 2^128 + nonce + // length_nonce = length * 2^128 + encrypt_nonce let length_var = assign_free_constant( layouter.namespace(|| "constant zero"), advice, pallas::Base::from(message.len() as u64) * pallas::Base::from_u128(1 << 64).square(), )?; let length_nonce = add_chip.add( - layouter.namespace(|| "length_nonce = length || nonce"), + layouter.namespace(|| "length_nonce = length || encrypt_nonce"), &length_var, - &nonce, + &encrypt_nonce, )?; // Init poseidon sponge state @@ -109,8 +109,8 @@ pub fn resource_encryption_gadget( .for_each(|s| cipher.push(s.clone().into())); } - // Add nonce - cipher.push(nonce); + // Add encrypt_nonce + cipher.push(encrypt_nonce); // Compute MAC state = as PoseidonInstructions< diff --git a/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs b/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs index d1366e2e..9f7f7152 100644 --- a/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs +++ b/taiga_halo2/src/circuit/vp_examples/receiver_vp.rs @@ -48,7 +48,7 @@ pub struct ReceiverValidityPredicateCircuit { pub input_resources: [Resource; NUM_RESOURCE], pub output_resources: [Resource; NUM_RESOURCE], pub vp_vk: pallas::Base, - pub nonce: pallas::Base, + pub encrypt_nonce: pallas::Base, pub sk: pallas::Base, pub rcv_pk: pallas::Point, pub auth_vp_vk: pallas::Base, @@ -61,7 +61,7 @@ impl Default for ReceiverValidityPredicateCircuit { input_resources: [(); NUM_RESOURCE].map(|_| Resource::default()), output_resources: [(); NUM_RESOURCE].map(|_| Resource::default()), vp_vk: pallas::Base::zero(), - nonce: pallas::Base::zero(), + encrypt_nonce: pallas::Base::zero(), sk: pallas::Base::zero(), rcv_pk: pallas::Point::generator(), auth_vp_vk: pallas::Base::zero(), @@ -77,10 +77,10 @@ impl ValidityPredicateCircuit for ReceiverValidityPredicateCircuit { mut layouter: impl Layouter, basic_variables: BasicValidityPredicateVariables, ) -> Result<(), Error> { - let nonce = assign_free_advice( - layouter.namespace(|| "witness nonce"), + let encrypt_nonce = assign_free_advice( + layouter.namespace(|| "witness encrypt_nonce"), config.advices[0], - Value::known(self.nonce), + Value::known(self.encrypt_nonce), )?; let sk = assign_free_advice( @@ -198,7 +198,7 @@ impl ValidityPredicateCircuit for ReceiverValidityPredicateCircuit { config.poseidon_config, add_chip, ecc_chip, - nonce, + encrypt_nonce, sk, rcv_pk, &mut message, @@ -254,7 +254,7 @@ impl ValidityPredicateCircuit for ReceiverValidityPredicateCircuit { ]; let plaintext = ResourcePlaintext::padding(&message); let key = SecretKey::from_dh_exchange(&self.rcv_pk, &mod_r_p(self.sk)); - let cipher = ResourceCiphertext::encrypt(&plaintext, &key, &self.nonce); + let cipher = ResourceCiphertext::encrypt(&plaintext, &key, &self.encrypt_nonce); cipher.inner().iter().for_each(|&c| public_inputs.push(c)); let generator = GENERATOR.to_curve(); @@ -285,7 +285,7 @@ fn test_halo2_receiver_vp_circuit() { let (circuit, rcv_sk) = { let input_resources = [(); NUM_RESOURCE].map(|_| random_resource(&mut rng)); let mut output_resources = [(); NUM_RESOURCE].map(|_| random_resource(&mut rng)); - let nonce = pallas::Base::from_u128(23333u128); + let encrypt_nonce = pallas::Base::from_u128(23333u128); let sk = pallas::Base::random(&mut rng); let rcv_sk = pallas::Base::random(&mut rng); let generator = GENERATOR.to_curve(); @@ -304,7 +304,7 @@ fn test_halo2_receiver_vp_circuit() { input_resources, output_resources, vp_vk: *COMPRESSED_RECEIVER_VK, - nonce, + encrypt_nonce, sk, rcv_pk, auth_vp_vk: *COMPRESSED_TOKEN_AUTH_VK, diff --git a/taiga_halo2/src/circuit/vp_examples/token.rs b/taiga_halo2/src/circuit/vp_examples/token.rs index af16e3f2..63d83958 100644 --- a/taiga_halo2/src/circuit/vp_examples/token.rs +++ b/taiga_halo2/src/circuit/vp_examples/token.rs @@ -241,7 +241,7 @@ impl TokenResource { input_resources, output_resources, vp_vk: *COMPRESSED_RECEIVER_VK, - nonce: pallas::Base::from_u128(rng.gen()), + encrypt_nonce: pallas::Base::from_u128(rng.gen()), sk: pallas::Base::random(&mut rng), rcv_pk: auth.pk, auth_vp_vk: *COMPRESSED_TOKEN_AUTH_VK, diff --git a/taiga_halo2/src/resource_encryption.rs b/taiga_halo2/src/resource_encryption.rs index f6848453..7e49a710 100644 --- a/taiga_halo2/src/resource_encryption.rs +++ b/taiga_halo2/src/resource_encryption.rs @@ -25,11 +25,11 @@ impl ResourceCiphertext { pub fn encrypt( message: &ResourcePlaintext, secret_key: &SecretKey, - nonce: &pallas::Base, + encrypt_nonce: &pallas::Base, ) -> Self { // Init poseidon sponge state let mut poseidon_sponge = - Self::poseidon_sponge_init(message.inner().len(), secret_key, nonce); + Self::poseidon_sponge_init(message.inner().len(), secret_key, encrypt_nonce); // Encrypt let mut cipher = vec![]; @@ -45,8 +45,8 @@ impl ResourceCiphertext { } } - // Add nonce - cipher.push(*nonce); + // Add encrypt_nonce + cipher.push(*encrypt_nonce); // Compute the MAC poseidon::permute::<_, poseidon::P128Pow5T3, POSEIDON_WIDTH, POSEIDON_RATE>( @@ -61,9 +61,10 @@ impl ResourceCiphertext { pub fn decrypt(&self, secret_key: &SecretKey) -> Option> { let cipher_len = self.0.len(); let mac = self.0[cipher_len - 1]; - let nonce = self.0[cipher_len - 2]; + let encrypt_nonce = self.0[cipher_len - 2]; // Init poseidon sponge state - let mut poseidon_sponge = Self::poseidon_sponge_init(cipher_len - 2, secret_key, &nonce); + let mut poseidon_sponge = + Self::poseidon_sponge_init(cipher_len - 2, secret_key, &encrypt_nonce); // Decrypt let mut msg = vec![]; @@ -96,7 +97,7 @@ impl ResourceCiphertext { fn poseidon_sponge_init( message_len: usize, secret_key: &SecretKey, - nonce: &pallas::Base, + encrypt_nonce: &pallas::Base, ) -> poseidon::Sponge< pallas::Base, poseidon::P128Pow5T3, @@ -105,7 +106,7 @@ impl ResourceCiphertext { POSEIDON_RATE, > { let key_coord = secret_key.get_coordinates(); - let length_nonce = nonce + let length_nonce = encrypt_nonce + pallas::Base::from(message_len as u64) * pallas::Base::from_u128(1 << 64).square(); let state = [key_coord.0, key_coord.1, length_nonce]; poseidon::Sponge::<_, poseidon::P128Pow5T3, _, POSEIDON_WIDTH, POSEIDON_RATE>::init(state) @@ -183,10 +184,10 @@ fn test_halo2_resource_encryption() { pallas::Base::one(), ]; let plaintext = ResourcePlaintext::padding(&message.to_vec()); - let nonce = pallas::Base::from_u128(23333u128); + let encrypt_nonce = pallas::Base::from_u128(23333u128); // Encryption - let cipher = ResourceCiphertext::encrypt(&plaintext, &key, &nonce); + let cipher = ResourceCiphertext::encrypt(&plaintext, &key, &encrypt_nonce); // Decryption let decryption = cipher.decrypt(&key).unwrap();