fix: Remove u field from LCCCS & hold z

privacy-scaling-explorations · Jul 20, 2023 · 31c3929 · 31c3929
1 parent db13e50
commit 31c3929
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 24 deletions.
diff --git a/src/ccs/lcccs.rs b/src/ccs/lcccs.rs
@@ -36,7 +36,6 @@ use std::sync::Arc;
 #[serde(bound = "")]
 pub struct LCCCS<G: Group> {
   pub(crate) w_comm: Commitment<G>,
-  pub(crate) u: G::Scalar,
   pub(crate) v: Vec<G::Scalar>,
   // Random evaluation point for the v_i
   pub r_x: Vec<G::Scalar>,
@@ -61,13 +60,7 @@ impl<G: Group> LCCCS<G> {
     let r_x: Vec<G::Scalar> = (0..ccs.s).map(|_| G::Scalar::random(&mut rng)).collect();
     let v = ccs.compute_v_j(&z, &r_x, ccs_m_mle);
 
-    Self {
-      w_comm,
-      u: G::Scalar::ONE,
-      v,
-      r_x,
-      z,
-    }
+    Self { w_comm, v, r_x, z }
   }
 
   /// Checks if the CCS instance is satisfiable given a witness and its shape

diff --git a/src/ccs/multifolding.rs b/src/ccs/multifolding.rs
@@ -169,15 +169,13 @@ impl<G: Group> Multifolding<G> {
   }
 
   // XXX: Add some docs
-  pub fn fold(
-    &mut self,
-    cccs2: CCCSInstance<G>,
-    sigmas: &[G::Scalar],
-    thetas: &[G::Scalar],
-    r_x_prime: Vec<G::Scalar>,
-    rho: G::Scalar,
-  ) {
-    let folded_u = self.lcccs.u + rho;
+  pub fn fold<R: RngCore>(&mut self, mut rng: &mut R, cccs2: CCCSInstance<G>, rho: G::Scalar) {
+    // Compute r_x_prime from a given randomnes.
+    let r_x_prime = vec![G::Scalar::random(&mut rng); self.ccs.s];
+    // Compute sigmas an thetas to fold `v`s.
+    let (sigmas, thetas) = self.compute_sigmas_and_thetas(&cccs2.z, &r_x_prime);
+
+    // Compute sigmas an thetas based on r_x_prime.
     let folded_v: Vec<G::Scalar> = sigmas
       .iter()
       .zip(
@@ -190,14 +188,16 @@ impl<G: Group> Multifolding<G> {
       .collect();
 
     self.lcccs.w_comm += cccs2.w_comm.mul(rho);
-    self.lcccs.u = folded_u;
+    // XXX: Mutably modify.
     self.lcccs.v = folded_v;
     self.lcccs.r_x = r_x_prime;
     self.fold_z(cccs2, rho);
   }
 
   // XXX: Add docs
   fn fold_z(&mut self, cccs: CCCSInstance<G>, rho: G::Scalar) {
+    // Update u first.
+    self.lcccs.z[0] += rho;
     self.lcccs.z[1..]
       .iter_mut()
       .zip(cccs.z[1..].iter().map(|x_i| *x_i * rho))
@@ -352,6 +352,8 @@ mod tests {
 
   #[test]
   fn test_lcccs_fold() {
+    let mut rng = OsRng;
+
     let z1 = CCS::<Ep>::get_test_z(3);
     let z2 = CCS::<Ep>::get_test_z(4);
 
@@ -363,21 +365,17 @@ mod tests {
     assert!(ccs.is_sat(&ck, &ccs_instance_1, &ccs_witness_1).is_ok());
     assert!(ccs.is_sat(&ck, &ccs_instance_2, &ccs_witness_2).is_ok());
 
-    let mut rng = OsRng;
-    let r_x_prime: Vec<Fq> = (0..ccs.s).map(|_| Fq::random(&mut rng)).collect();
-
     let cccs = CCCSInstance::new(&ccs, &mles, z2, &ck);
     assert!(cccs.is_sat(&ccs, &mles, &ck).is_ok());
 
     // Generate a new multifolding instance
     let mut nimfs = Multifolding::init(&mut rng, ccs, mles, z1);
     assert!(nimfs.is_sat().is_ok());
-    let (sigmas, thetas) = nimfs.compute_sigmas_and_thetas(&cccs.z, &r_x_prime);
 
     let rho = Fq::random(&mut rng);
-    nimfs.fold(cccs, &sigmas, &thetas, r_x_prime, rho);
+    nimfs.fold(&mut rng, cccs, rho);
 
-    // check lcccs relation
+    // check folding correct stuff still alows the NIMFS to be satisfied correctly.
     assert!(nimfs.is_sat().is_ok());
   }
 }