Generate padding point using ChaCha20Rng directly

w3f · Sep 16, 2024 · 82c80dc · 82c80dc
1 parent 31658d1
commit 82c80dc
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 17 deletions.
diff --git a/ring/Cargo.toml b/ring/Cargo.toml
@@ -18,14 +18,15 @@ rayon = { workspace = true, optional = true }
 common = { path = "../common", default-features = false }
 blake2 = { version = "0.10", default-features = false }
 arrayvec = { version = "0.7", default-features = false }
+rand_chacha = { version = "0.3", default-features = false }
 ark-transcript = { git = "https://github.com/w3f/ring-vrf", default-features = false }
 
 [dev-dependencies]
 ark-bls12-381 = { version = "0.4", default-features = false, features = ["curve"] }
 ark-ed-on-bls12-381-bandersnatch = { version = "0.4", default-features = false }
 
 [features]
-default = []
+default = [ "std" ]
 std = [
   "ark-std/std",
   "ark-ff/std",
@@ -49,6 +50,4 @@ print-trace = [
   "ark-std/print-trace",
   "common/print-trace"
 ]
-asm = [
-  "fflonk/asm"
-]
+asm = [ "fflonk/asm" ]
diff --git a/ring/src/lib.rs b/ring/src/lib.rs
@@ -1,10 +1,8 @@
 #![cfg_attr(not(feature = "std"), no_std)]
 
-use ark_ec::AffineRepr;
 use ark_ec::short_weierstrass::{Affine, SWCurveConfig};
 use ark_ff::{One, PrimeField, Zero};
 use ark_serialize::CanonicalSerialize;
-use ark_std::rand;
 use ark_std::rand::RngCore;
 use fflonk::pcs::PCS;
 
@@ -37,16 +35,6 @@ pub fn find_complement_point<Curve: SWCurveConfig>() -> Affine<Curve> {
     }
 }
 
-// TODO: switch to better hash to curve when available
-pub fn hash_to_curve<A: AffineRepr>(message: &[u8]) -> A {
-    use blake2::Digest;
-    use ark_std::rand::SeedableRng;
-
-    let seed = blake2::Blake2s::digest(message);
-    let rng = &mut rand::rngs::StdRng::from_seed(seed.into());
-    A::rand(rng)
-}
-
 #[derive(Clone)]
 pub struct ArkTranscript(ark_transcript::Transcript);
 

diff --git a/ring/src/piop/params.rs b/ring/src/piop/params.rs
@@ -32,7 +32,13 @@ pub struct PiopParams<F: PrimeField, Curve: SWCurveConfig<BaseField=F>> {
 
 impl<F: PrimeField, Curve: SWCurveConfig<BaseField=F>> PiopParams<F, Curve> {
     pub fn setup(domain: Domain<F>, h: Affine<Curve>, seed: Affine<Curve>) -> Self {
-        let padding_point = crate::hash_to_curve::<Affine<Curve>>(b"w3f/ring-proof/common/padding");
+        let padding_point = {
+            use ark_std::{rand::SeedableRng, UniformRand};
+            use blake2::Digest;
+            let seed = blake2::Blake2s::digest(b"w3f/ring-proof/common/padding");
+            Affine::<Curve>::rand(&mut rand_chacha::ChaCha20Rng::from_seed(seed.into()))
+        };
+
         let scalar_bitlen = Curve::ScalarField::MODULUS_BIT_SIZE as usize;
         // 1 accounts for the last cells of the points and bits columns that remain unconstrained
         let keyset_part_size = domain.capacity - scalar_bitlen - 1;