From 82c80dc6980675b9fd61d17e9cfb921914ffe608 Mon Sep 17 00:00:00 2001
From: Davide Galassi <davxy@datawok.net>
Date: Mon, 16 Sep 2024 11:29:26 +0200
Subject: [PATCH] Generate padding point using ChaCha20Rng directly

---
 ring/Cargo.toml         |  7 +++----
 ring/src/lib.rs         | 12 ------------
 ring/src/piop/params.rs |  8 +++++++-
 3 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/ring/Cargo.toml b/ring/Cargo.toml
index 8479c0d..7e1a947 100644
--- a/ring/Cargo.toml
+++ b/ring/Cargo.toml
@@ -18,6 +18,7 @@ rayon = { workspace = true, optional = true }
 common = { path = "../common", default-features = false }
 blake2 = { version = "0.10", default-features = false }
 arrayvec = { version = "0.7", default-features = false }
+rand_chacha = { version = "0.3", default-features = false }
 ark-transcript = { git = "https://github.com/w3f/ring-vrf", default-features = false }
 
 [dev-dependencies]
@@ -25,7 +26,7 @@ ark-bls12-381 = { version = "0.4", default-features = false, features = ["curve"
 ark-ed-on-bls12-381-bandersnatch = { version = "0.4", default-features = false }
 
 [features]
-default = []
+default = [ "std" ]
 std = [
   "ark-std/std",
   "ark-ff/std",
@@ -49,6 +50,4 @@ print-trace = [
   "ark-std/print-trace",
   "common/print-trace"
 ]
-asm = [
-  "fflonk/asm"
-]
+asm = [ "fflonk/asm" ]
diff --git a/ring/src/lib.rs b/ring/src/lib.rs
index e0bc2f0..88f7d04 100644
--- a/ring/src/lib.rs
+++ b/ring/src/lib.rs
@@ -1,10 +1,8 @@
 #![cfg_attr(not(feature = "std"), no_std)]
 
-use ark_ec::AffineRepr;
 use ark_ec::short_weierstrass::{Affine, SWCurveConfig};
 use ark_ff::{One, PrimeField, Zero};
 use ark_serialize::CanonicalSerialize;
-use ark_std::rand;
 use ark_std::rand::RngCore;
 use fflonk::pcs::PCS;
 
@@ -37,16 +35,6 @@ pub fn find_complement_point<Curve: SWCurveConfig>() -> Affine<Curve> {
     }
 }
 
-// TODO: switch to better hash to curve when available
-pub fn hash_to_curve<A: AffineRepr>(message: &[u8]) -> A {
-    use blake2::Digest;
-    use ark_std::rand::SeedableRng;
-
-    let seed = blake2::Blake2s::digest(message);
-    let rng = &mut rand::rngs::StdRng::from_seed(seed.into());
-    A::rand(rng)
-}
-
 #[derive(Clone)]
 pub struct ArkTranscript(ark_transcript::Transcript);
 
diff --git a/ring/src/piop/params.rs b/ring/src/piop/params.rs
index 134a3ec..33802e9 100644
--- a/ring/src/piop/params.rs
+++ b/ring/src/piop/params.rs
@@ -32,7 +32,13 @@ pub struct PiopParams<F: PrimeField, Curve: SWCurveConfig<BaseField=F>> {
 
 impl<F: PrimeField, Curve: SWCurveConfig<BaseField=F>> PiopParams<F, Curve> {
     pub fn setup(domain: Domain<F>, h: Affine<Curve>, seed: Affine<Curve>) -> Self {
-        let padding_point = crate::hash_to_curve::<Affine<Curve>>(b"w3f/ring-proof/common/padding");
+        let padding_point = {
+            use ark_std::{rand::SeedableRng, UniformRand};
+            use blake2::Digest;
+            let seed = blake2::Blake2s::digest(b"w3f/ring-proof/common/padding");
+            Affine::<Curve>::rand(&mut rand_chacha::ChaCha20Rng::from_seed(seed.into()))
+        };
+        
         let scalar_bitlen = Curve::ScalarField::MODULUS_BIT_SIZE as usize;
         // 1 accounts for the last cells of the points and bits columns that remain unconstrained
         let keyset_part_size = domain.capacity - scalar_bitlen - 1;