From 31c392927b3bfa3569a43f5ed78c4f7df127dcef Mon Sep 17 00:00:00 2001
From: CPerezz <c.perezbaro@gmail.com>
Date: Thu, 20 Jul 2023 08:40:22 +0200
Subject: [PATCH] fix: Remove `u` field from LCCCS & hold `z`

---
 src/ccs/lcccs.rs        |  9 +--------
 src/ccs/multifolding.rs | 30 ++++++++++++++----------------
 2 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/src/ccs/lcccs.rs b/src/ccs/lcccs.rs
index c14f91d44..eef4b9d2b 100644
--- a/src/ccs/lcccs.rs
+++ b/src/ccs/lcccs.rs
@@ -36,7 +36,6 @@ use std::sync::Arc;
 #[serde(bound = "")]
 pub struct LCCCS<G: Group> {
   pub(crate) w_comm: Commitment<G>,
-  pub(crate) u: G::Scalar,
   pub(crate) v: Vec<G::Scalar>,
   // Random evaluation point for the v_i
   pub r_x: Vec<G::Scalar>,
@@ -61,13 +60,7 @@ impl<G: Group> LCCCS<G> {
     let r_x: Vec<G::Scalar> = (0..ccs.s).map(|_| G::Scalar::random(&mut rng)).collect();
     let v = ccs.compute_v_j(&z, &r_x, ccs_m_mle);
 
-    Self {
-      w_comm,
-      u: G::Scalar::ONE,
-      v,
-      r_x,
-      z,
-    }
+    Self { w_comm, v, r_x, z }
   }
 
   /// Checks if the CCS instance is satisfiable given a witness and its shape
diff --git a/src/ccs/multifolding.rs b/src/ccs/multifolding.rs
index 0de4cee15..3873c8c8a 100644
--- a/src/ccs/multifolding.rs
+++ b/src/ccs/multifolding.rs
@@ -169,15 +169,13 @@ impl<G: Group> Multifolding<G> {
   }
 
   // XXX: Add some docs
-  pub fn fold(
-    &mut self,
-    cccs2: CCCSInstance<G>,
-    sigmas: &[G::Scalar],
-    thetas: &[G::Scalar],
-    r_x_prime: Vec<G::Scalar>,
-    rho: G::Scalar,
-  ) {
-    let folded_u = self.lcccs.u + rho;
+  pub fn fold<R: RngCore>(&mut self, mut rng: &mut R, cccs2: CCCSInstance<G>, rho: G::Scalar) {
+    // Compute r_x_prime from a given randomnes.
+    let r_x_prime = vec![G::Scalar::random(&mut rng); self.ccs.s];
+    // Compute sigmas an thetas to fold `v`s.
+    let (sigmas, thetas) = self.compute_sigmas_and_thetas(&cccs2.z, &r_x_prime);
+
+    // Compute sigmas an thetas based on r_x_prime.
     let folded_v: Vec<G::Scalar> = sigmas
       .iter()
       .zip(
@@ -190,7 +188,7 @@ impl<G: Group> Multifolding<G> {
       .collect();
 
     self.lcccs.w_comm += cccs2.w_comm.mul(rho);
-    self.lcccs.u = folded_u;
+    // XXX: Mutably modify.
     self.lcccs.v = folded_v;
     self.lcccs.r_x = r_x_prime;
     self.fold_z(cccs2, rho);
@@ -198,6 +196,8 @@ impl<G: Group> Multifolding<G> {
 
   // XXX: Add docs
   fn fold_z(&mut self, cccs: CCCSInstance<G>, rho: G::Scalar) {
+    // Update u first.
+    self.lcccs.z[0] += rho;
     self.lcccs.z[1..]
       .iter_mut()
       .zip(cccs.z[1..].iter().map(|x_i| *x_i * rho))
@@ -352,6 +352,8 @@ mod tests {
 
   #[test]
   fn test_lcccs_fold() {
+    let mut rng = OsRng;
+
     let z1 = CCS::<Ep>::get_test_z(3);
     let z2 = CCS::<Ep>::get_test_z(4);
 
@@ -363,21 +365,17 @@ mod tests {
     assert!(ccs.is_sat(&ck, &ccs_instance_1, &ccs_witness_1).is_ok());
     assert!(ccs.is_sat(&ck, &ccs_instance_2, &ccs_witness_2).is_ok());
 
-    let mut rng = OsRng;
-    let r_x_prime: Vec<Fq> = (0..ccs.s).map(|_| Fq::random(&mut rng)).collect();
-
     let cccs = CCCSInstance::new(&ccs, &mles, z2, &ck);
     assert!(cccs.is_sat(&ccs, &mles, &ck).is_ok());
 
     // Generate a new multifolding instance
     let mut nimfs = Multifolding::init(&mut rng, ccs, mles, z1);
     assert!(nimfs.is_sat().is_ok());
-    let (sigmas, thetas) = nimfs.compute_sigmas_and_thetas(&cccs.z, &r_x_prime);
 
     let rho = Fq::random(&mut rng);
-    nimfs.fold(cccs, &sigmas, &thetas, r_x_prime, rho);
+    nimfs.fold(&mut rng, cccs, rho);
 
-    // check lcccs relation
+    // check folding correct stuff still alows the NIMFS to be satisfied correctly.
     assert!(nimfs.is_sat().is_ok());
   }
 }