migrate range proof pod types

Author: samkim-crypto

zk-sdk-pod/src/lib.rs

@@ -1,6 +1,7 @@
 pub mod encryption;
 pub mod errors;
 pub mod macros;
+pub mod range_proof;
 pub mod sigma_proofs;
 
 /// Byte length of a compressed Ristretto point or scalar in Curve255519

zk-sdk-pod/src/range_proof.rs

@@ -0,0 +1,111 @@
+//! Plain Old Data types for range proofs.
+
+use {
+    crate::{
+        macros::{impl_from_bytes, impl_from_str},
+        RISTRETTO_POINT_LEN, SCALAR_LEN,
+    },
+    base64::{prelude::BASE64_STANDARD, Engine},
+    bytemuck::{Pod, Zeroable},
+    std::fmt,
+};
+
+/// Byte length of a range proof excluding the inner-product proof component
+pub const RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN: usize =
+    5 * RISTRETTO_POINT_LEN + 2 * SCALAR_LEN;
+
+/// Byte length of an inner-product proof for a vector of length 64
+pub const INNER_PRODUCT_PROOF_U64_LEN: usize = 448;
+
+/// Byte length of a range proof for an unsigned 64-bit number
+pub const RANGE_PROOF_U64_LEN: usize =
+    INNER_PRODUCT_PROOF_U64_LEN + RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN; // 672 bytes
+
+/// Byte length of an inner-product proof for a vector of length 128
+pub const INNER_PRODUCT_PROOF_U128_LEN: usize = 512;
+
+/// Byte length of a range proof for an unsigned 128-bit number
+pub const RANGE_PROOF_U128_LEN: usize =
+    INNER_PRODUCT_PROOF_U128_LEN + RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN; // 736 bytes
+
+/// Byte length of an inner-product proof for a vector of length 256
+pub const INNER_PRODUCT_PROOF_U256_LEN: usize = 576;
+
+/// Byte length of a range proof for an unsigned 256-bit number
+pub const RANGE_PROOF_U256_LEN: usize =
+    INNER_PRODUCT_PROOF_U256_LEN + RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN; // 800 bytes
+
+/// The `RangeProof` type as a `Pod` restricted to proofs on 64-bit numbers.
+#[derive(Clone, Copy)]
+#[repr(transparent)]
+pub struct PodRangeProofU64(pub [u8; RANGE_PROOF_U64_LEN]);
+
+const RANGE_PROOF_U64_MAX_BASE64_LEN: usize = 896;
+
+impl fmt::Display for PodRangeProofU64 {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "{}", BASE64_STANDARD.encode(self.0))
+    }
+}
+
+impl_from_str!(
+    TYPE = PodRangeProofU64,
+    BYTES_LEN = RANGE_PROOF_U64_LEN,
+    BASE64_LEN = RANGE_PROOF_U64_MAX_BASE64_LEN
+);
+
+impl_from_bytes!(TYPE = PodRangeProofU64, BYTES_LEN = RANGE_PROOF_U64_LEN);
+
+/// The `RangeProof` type as a `Pod` restricted to proofs on 128-bit numbers.
+#[derive(Clone, Copy)]
+#[repr(transparent)]
+pub struct PodRangeProofU128(pub [u8; RANGE_PROOF_U128_LEN]);
+
+const RANGE_PROOF_U128_MAX_BASE64_LEN: usize = 984;
+
+impl fmt::Display for PodRangeProofU128 {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "{}", BASE64_STANDARD.encode(self.0))
+    }
+}
+
+impl_from_str!(
+    TYPE = PodRangeProofU128,
+    BYTES_LEN = RANGE_PROOF_U128_LEN,
+    BASE64_LEN = RANGE_PROOF_U128_MAX_BASE64_LEN
+);
+
+impl_from_bytes!(TYPE = PodRangeProofU128, BYTES_LEN = RANGE_PROOF_U128_LEN);
+
+/// The `RangeProof` type as a `Pod` restricted to proofs on 256-bit numbers.
+#[derive(Clone, Copy)]
+#[repr(transparent)]
+pub struct PodRangeProofU256(pub [u8; RANGE_PROOF_U256_LEN]);
+
+const RANGE_PROOF_U256_MAX_BASE64_LEN: usize = 1068;
+
+impl fmt::Display for PodRangeProofU256 {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        write!(f, "{}", BASE64_STANDARD.encode(self.0))
+    }
+}
+
+impl_from_str!(
+    TYPE = PodRangeProofU256,
+    BYTES_LEN = RANGE_PROOF_U256_LEN,
+    BASE64_LEN = RANGE_PROOF_U256_MAX_BASE64_LEN
+);
+
+impl_from_bytes!(TYPE = PodRangeProofU256, BYTES_LEN = RANGE_PROOF_U256_LEN);
+
+// The range proof pod types are wrappers for byte arrays, which are both `Pod` and `Zeroable`. However,
+// the marker traits `bytemuck::Pod` and `bytemuck::Zeroable` can only be derived for power-of-two
+// length byte arrays. Directly implement these traits for the range proof pod types.
+unsafe impl Zeroable for PodRangeProofU64 {}
+unsafe impl Pod for PodRangeProofU64 {}
+
+unsafe impl Zeroable for PodRangeProofU128 {}
+unsafe impl Pod for PodRangeProofU128 {}
+
+unsafe impl Zeroable for PodRangeProofU256 {}
+unsafe impl Pod for PodRangeProofU256 {}

zk-sdk/src/pod.rs

@@ -27,38 +27,3 @@ impl From<PodU64> for u64 {
         Self::from_le_bytes(pod.0)
     }
 }
-
-macro_rules! impl_from_str {
-    (TYPE = $type:ident, BYTES_LEN = $bytes_len:expr, BASE64_LEN = $base64_len:expr) => {
-        impl std::str::FromStr for $type {
-            type Err = crate::errors::ParseError;
-
-            fn from_str(s: &str) -> Result<Self, Self::Err> {
-                if s.len() > $base64_len {
-                    return Err(Self::Err::WrongSize);
-                }
-                let mut bytes = [0u8; $bytes_len];
-                let decoded_len = BASE64_STANDARD
-                    .decode_slice(s, &mut bytes)
-                    .map_err(|_| Self::Err::Invalid)?;
-                if decoded_len != $bytes_len {
-                    Err(Self::Err::WrongSize)
-                } else {
-                    Ok($type(bytes))
-                }
-            }
-        }
-    };
-}
-pub(crate) use impl_from_str;
-
-macro_rules! impl_from_bytes {
-    (TYPE = $type:ident, BYTES_LEN = $bytes_len:expr) => {
-        impl std::convert::From<[u8; $bytes_len]> for $type {
-            fn from(bytes: [u8; $bytes_len]) -> Self {
-                Self(bytes)
-            }
-        }
-    };
-}
-pub(crate) use impl_from_bytes;

zk-sdk/src/range_proof/mod.rs

@@ -14,7 +14,6 @@
 
 #![allow(dead_code)]
 
-use crate::{RISTRETTO_POINT_LEN, SCALAR_LEN};
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -25,6 +24,7 @@ use {
             inner_product::InnerProductProof,
         },
         transcript::TranscriptProtocol,
+        UNIT_LEN,
     },
     core::iter,
     curve25519_dalek::traits::MultiscalarMul,
@@ -35,44 +35,24 @@ use {
     },
     merlin::Transcript,
     rand::rngs::OsRng,
+    solana_zk_sdk_pod::range_proof::{PodRangeProofU128, PodRangeProofU256, PodRangeProofU64},
     subtle::{Choice, ConditionallySelectable},
     zeroize::Zeroize,
 };
 
 pub mod errors;
-pub mod pod;
-
 #[cfg(not(target_os = "solana"))]
 pub mod generators;
 #[cfg(not(target_os = "solana"))]
 pub mod inner_product;
 #[cfg(not(target_os = "solana"))]
 pub mod util;
 
-/// Byte length of a range proof excluding the inner-product proof component
-pub const RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN: usize =
-    5 * RISTRETTO_POINT_LEN + 2 * SCALAR_LEN;
-
-/// Byte length of an inner-product proof for a vector of length 64
-pub const INNER_PRODUCT_PROOF_U64_LEN: usize = 448;
-
-/// Byte length of a range proof for an unsigned 64-bit number
-pub const RANGE_PROOF_U64_LEN: usize =
-    INNER_PRODUCT_PROOF_U64_LEN + RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN; // 672 bytes
-
-/// Byte length of an inner-product proof for a vector of length 128
-pub const INNER_PRODUCT_PROOF_U128_LEN: usize = 512;
-
-/// Byte length of a range proof for an unsigned 128-bit number
-pub const RANGE_PROOF_U128_LEN: usize =
-    INNER_PRODUCT_PROOF_U128_LEN + RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN; // 736 bytes
-
-/// Byte length of an inner-product proof for a vector of length 256
-pub const INNER_PRODUCT_PROOF_U256_LEN: usize = 576;
-
-/// Byte length of a range proof for an unsigned 256-bit number
-pub const RANGE_PROOF_U256_LEN: usize =
-    INNER_PRODUCT_PROOF_U256_LEN + RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN; // 800 bytes
+pub use solana_zk_sdk_pod::range_proof::{
+    INNER_PRODUCT_PROOF_U128_LEN, INNER_PRODUCT_PROOF_U256_LEN, INNER_PRODUCT_PROOF_U64_LEN,
+    RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN, RANGE_PROOF_U128_LEN, RANGE_PROOF_U256_LEN,
+    RANGE_PROOF_U64_LEN,
+};
 
 /// A Bulletproofs range proof.
 #[allow(non_snake_case)]
@@ -491,6 +471,102 @@ impl RangeProof {
     }
 }
 
+#[cfg(not(target_os = "solana"))]
+impl TryFrom<PodRangeProofU64> for RangeProof {
+    type Error = RangeProofVerificationError;
+
+    fn try_from(pod_proof: PodRangeProofU64) -> Result<Self, Self::Error> {
+        Self::from_bytes(&pod_proof.0)
+    }
+}
+
+#[cfg(not(target_os = "solana"))]
+impl TryFrom<RangeProof> for PodRangeProofU64 {
+    type Error = RangeProofVerificationError;
+
+    fn try_from(decoded_proof: RangeProof) -> Result<Self, Self::Error> {
+        if decoded_proof.ipp_proof.serialized_size() != INNER_PRODUCT_PROOF_U64_LEN {
+            return Err(RangeProofVerificationError::Deserialization);
+        }
+
+        let mut buf = [0_u8; RANGE_PROOF_U64_LEN];
+        copy_range_proof_modulo_inner_product_proof(&decoded_proof, &mut buf);
+        buf[RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN..RANGE_PROOF_U64_LEN]
+            .copy_from_slice(&decoded_proof.ipp_proof.to_bytes());
+        Ok(PodRangeProofU64(buf))
+    }
+}
+
+#[cfg(not(target_os = "solana"))]
+impl TryFrom<PodRangeProofU128> for RangeProof {
+    type Error = RangeProofVerificationError;
+
+    fn try_from(pod_proof: PodRangeProofU128) -> Result<Self, Self::Error> {
+        Self::from_bytes(&pod_proof.0)
+    }
+}
+
+#[cfg(not(target_os = "solana"))]
+impl TryFrom<RangeProof> for PodRangeProofU128 {
+    type Error = RangeProofVerificationError;
+
+    fn try_from(decoded_proof: RangeProof) -> Result<Self, Self::Error> {
+        if decoded_proof.ipp_proof.serialized_size() != INNER_PRODUCT_PROOF_U128_LEN {
+            return Err(RangeProofVerificationError::Deserialization);
+        }
+
+        let mut buf = [0_u8; RANGE_PROOF_U128_LEN];
+        copy_range_proof_modulo_inner_product_proof(&decoded_proof, &mut buf);
+        buf[RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN..RANGE_PROOF_U128_LEN]
+            .copy_from_slice(&decoded_proof.ipp_proof.to_bytes());
+        Ok(PodRangeProofU128(buf))
+    }
+}
+
+#[cfg(not(target_os = "solana"))]
+impl TryFrom<PodRangeProofU256> for RangeProof {
+    type Error = RangeProofVerificationError;
+
+    fn try_from(pod_proof: PodRangeProofU256) -> Result<Self, Self::Error> {
+        Self::from_bytes(&pod_proof.0)
+    }
+}
+
+#[cfg(not(target_os = "solana"))]
+impl TryFrom<RangeProof> for PodRangeProofU256 {
+    type Error = RangeProofVerificationError;
+
+    fn try_from(decoded_proof: RangeProof) -> Result<Self, Self::Error> {
+        if decoded_proof.ipp_proof.serialized_size() != INNER_PRODUCT_PROOF_U256_LEN {
+            return Err(RangeProofVerificationError::Deserialization);
+        }
+
+        let mut buf = [0_u8; RANGE_PROOF_U256_LEN];
+        copy_range_proof_modulo_inner_product_proof(&decoded_proof, &mut buf);
+        buf[RANGE_PROOF_MODULO_INNER_PRODUCT_PROOF_LEN..RANGE_PROOF_U256_LEN]
+            .copy_from_slice(&decoded_proof.ipp_proof.to_bytes());
+        Ok(PodRangeProofU256(buf))
+    }
+}
+
+#[cfg(not(target_os = "solana"))]
+fn copy_range_proof_modulo_inner_product_proof(proof: &RangeProof, buf: &mut [u8]) {
+    let mut chunks = buf.chunks_mut(UNIT_LEN);
+    chunks.next().unwrap().copy_from_slice(proof.A.as_bytes());
+    chunks.next().unwrap().copy_from_slice(proof.S.as_bytes());
+    chunks.next().unwrap().copy_from_slice(proof.T_1.as_bytes());
+    chunks.next().unwrap().copy_from_slice(proof.T_2.as_bytes());
+    chunks.next().unwrap().copy_from_slice(proof.t_x.as_bytes());
+    chunks
+        .next()
+        .unwrap()
+        .copy_from_slice(proof.t_x_blinding.as_bytes());
+    chunks
+        .next()
+        .unwrap()
+        .copy_from_slice(proof.e_blinding.as_bytes());
+}
+
 /// Computes the `delta(y,z)` term for the verification equation.
 ///
 /// This term is a function of the challenges `y` and `z` and the proof dimensions.
@@ -514,8 +590,7 @@ fn delta(bit_lengths: &[usize], y: &Scalar, z: &Scalar) -> Scalar {
 #[cfg(test)]
 mod tests {
     use {
-        super::*, crate::range_proof::pod::PodRangeProofU128,
-        solana_zk_sdk_pod::encryption::pedersen::PodPedersenCommitment, std::str::FromStr,
+        super::*, solana_zk_sdk_pod::encryption::pedersen::PodPedersenCommitment, std::str::FromStr,
     };
 
     #[test]

zk-sdk/src/sigma_proofs/mod.rs

@@ -35,7 +35,10 @@ pub use solana_zk_sdk_pod::sigma_proofs::{
 
 #[cfg(not(target_os = "solana"))]
 use {
-    crate::{sigma_proofs::errors::SigmaProofVerificationError, RISTRETTO_POINT_LEN, SCALAR_LEN},
+    crate::{
+        sigma_proofs::errors::SigmaProofVerificationError, RISTRETTO_POINT_LEN, SCALAR_LEN,
+        UNIT_LEN,
+    },
     curve25519_dalek::{ristretto::CompressedRistretto, scalar::Scalar},
 };
 

zk-sdk/src/zk_elgamal_proof_program/proof_data/batched_range_proof/batched_range_proof_u128.rs

@@ -1,5 +1,12 @@
 //! The 128-bit batched range proof instruction.
 
+use {
+    crate::zk_elgamal_proof_program::proof_data::{
+        batched_range_proof::BatchedRangeProofContext, ProofType, ZkProofData,
+    },
+    bytemuck_derive::{Pod, Zeroable},
+    solana_zk_sdk_pod::range_proof::PodRangeProofU128,
+};
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -12,15 +19,6 @@ use {
     },
     std::convert::TryInto,
 };
-use {
-    crate::{
-        range_proof::pod::PodRangeProofU128,
-        zk_elgamal_proof_program::proof_data::{
-            batched_range_proof::BatchedRangeProofContext, ProofType, ZkProofData,
-        },
-    },
-    bytemuck_derive::{Pod, Zeroable},
-};
 
 /// The instruction data that is needed for the
 /// `ProofInstruction::VerifyBatchedRangeProofU128` instruction.