Merge branch 'master' into bw6-optimization

.github/workflows/ci.yml

@@ -163,13 +163,6 @@ jobs:
         uses: actions/checkout@v2
 
       - name: Install Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          target: thumbv6m-none-eabi
-          override: true
-
-      - name: Install Rust ARM64
         uses: actions-rs/toolchain@v1
         with:
           toolchain: stable
@@ -192,17 +185,17 @@ jobs:
                   --exclude ark-algebra-test-templates \
                   --exclude ark-algebra-bench-templates \
                   --exclude ark-poly-benches \
-                  --target thumbv6m-none-eabi"
+                  --target aarch64-unknown-none"
 
       - name: build
         uses: actions-rs/cargo@v1
         with:
             command: build
-            args: "--examples --workspace \
+            args: "--workspace \
                   --exclude ark-algebra-test-templates \
                   --exclude ark-algebra-bench-templates \
                   --exclude ark-poly-benches \
-                  --target thumbv6m-none-eabi"
+                  --target aarch64-unknown-none"
 
   test_against_curves:
     name: Test against curves

CHANGELOG.md

@@ -2,15 +2,40 @@
 
 ## Pending
 
-- (`ark-poly`) Reduce the number of field multiplications performed by `SparseMultilinearExtension::evaluate` and `DenseMultilinearExtension::evaluate`
+### Breaking changes
+
+- [\#577](https://github.com/arkworks-rs/algebra/pull/577) (`ark-ff`, `ark-ec`) Add `AdditiveGroup`, a trait for additive groups (equipped with scalar field).
+- [\#593](https://github.com/arkworks-rs/algebra/pull/593) (`ark-ec`) Change `AffineRepr::xy()` to return owned values.
+- [\#633](https://github.com/arkworks-rs/algebra/pull/633) (`ark-ec`) Generic pairing implementation for the curves from the BW6 family.
+
+### Features
+
+### Improvements
+
+### Bugfixes
+
+## v0.4.2
+
+### Breaking changes
+
+### Features
+
+### Improvements
+
+### Bugfixes
+
 - [\#610](https://github.com/arkworks-rs/algebra/pull/610) (`ark-ec`) Fix panic in `final_exponentiation` step for MNT4/6 curves if inverse does not exist.
 
+## v0.4.1
+
 ### Breaking changes
 
 ### Features
 
 ### Improvements
 
+- [\#603](https://github.com/arkworks-rs/algebra/pull/603) (`ark-poly`) Reduce the number of field multiplications performed by `SparseMultilinearExtension::evaluate` and `DenseMultilinearExtension::evaluate`
+
 ### Bugfixes
 
 ## v0.4.0

Cargo.toml

@@ -16,6 +16,8 @@ members = [
     "test-templates",
 ]
 
+resolver = "2"
+
 [profile.release]
 opt-level = 3
 lto = "thin"

README.md

@@ -23,7 +23,7 @@ This repository contains several Rust crates:
 * [`ark-poly`](poly): Interfaces for univariate, multivariate, and multilinear polynomials, and FFTs over finite fields
 * [`ark-serialize`](serialize): Efficient interfaces for serialization and point compression for finite fields and elliptic curves
 
-In addition, the [`curves`](https://github.com/arkworks-rs/curves) repository contains concrete implementations of popular elliptic curves; see [here](https://github.com/arkworks-rs/curves/README.md) for details.
+In addition, the [`curves`](https://github.com/arkworks-rs/curves) repository contains concrete implementations of popular elliptic curves; see [here](https://github.com/arkworks-rs/curves/blob/master/README.md) for details.
 
 ## Build guide
 

bench-templates/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ark-algebra-bench-templates"
-version = "0.4.0"
+version = "0.4.2"
 authors = [ "arkworks contributors" ]
 description = "A benchmark library for finite fields and elliptic curves"
 homepage = "https://arkworks.rs"
@@ -9,7 +9,7 @@ documentation = "https://docs.rs/algebra/"
 keywords = ["cryptography", "finite-fields", "elliptic-curves", "pairing"]
 categories = ["cryptography"]
 include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"]
-license = "MIT/Apache-2.0"
+license = "MIT OR Apache-2.0"
 edition = "2021"
 rust-version = "1.63"
 
@@ -18,9 +18,9 @@ rust-version = "1.63"
 [dependencies]
 criterion = { version = "0.4.0", features = [ "html_reports" ] }
 ark-std = { version = "0.4.0", default-features = false }
-ark-ec = { version = "0.4.0", path = "../ec", default-features = false }
-ark-ff = { version = "0.4.0", path = "../ff", default-features = false }
-ark-serialize = { version = "0.4.0", path = "../serialize", default-features = false }
+ark-ec = { version = "0.4.2", path = "../ec", default-features = false }
+ark-ff = { version = "0.4.2", path = "../ff", default-features = false }
+ark-serialize = { version = "0.4.2", path = "../serialize", default-features = false }
 paste = { version = "1.0" }
 
 [features]

bench-templates/src/macros/ec.rs

@@ -3,10 +3,10 @@ macro_rules! ec_bench {
     ($curve_name:expr, $Group:ident) => {
         $crate::paste! {
             mod [<$Group:lower>] {
-                use ark_ec::Group;
+                use ark_ec::PrimeGroup;
                 use super::*;
 
-                type Scalar = <$Group as Group>::ScalarField;
+                type Scalar = <$Group as PrimeGroup>::ScalarField;
                 fn rand(c: &mut $crate::criterion::Criterion) {
                     let name = format!("{}::{}", $curve_name, stringify!($Group));
                     use ark_std::UniformRand;
@@ -18,11 +18,12 @@ macro_rules! ec_bench {
                 }
 
                 fn arithmetic(c: &mut $crate::criterion::Criterion) {
-                    use ark_ec::{CurveGroup, Group};
+                    use ark_ff::AdditiveGroup;
+                    use ark_ec::{CurveGroup, PrimeGroup};
                     use ark_std::UniformRand;
                     let name = format!("{}::{}", $curve_name, stringify!($Group));
 
-                    type Scalar = <$Group as Group>::ScalarField;
+                    type Scalar = <$Group as PrimeGroup>::ScalarField;
                     const SAMPLES: usize = 1000;
                     let mut rng = ark_std::test_rng();
                     let mut arithmetic =
@@ -214,8 +215,10 @@ macro_rules! ec_bench {
                     let name = format!("{}::{}", $curve_name, stringify!($Group));
                     let mut rng = ark_std::test_rng();
 
-                    let g = <$Group>::rand(&mut rng).into_affine();
-                    let v: Vec<_> = (0..SAMPLES).map(|_| g).collect();
+                    let v: Vec<_> = (0..SAMPLES)
+                        .map(|_| <$Group>::rand(&mut rng))
+                        .collect();
+                    let v = <$Group>::normalize_batch(&v);
                     let scalars: Vec<_> = (0..SAMPLES)
                         .map(|_| Scalar::rand(&mut rng).into_bigint())
                         .collect();

bench-templates/src/macros/field.rs

@@ -63,6 +63,8 @@ macro_rules! f_bench {
 macro_rules! field_common {
     ($bench_group_name:expr, $F:ident) => {
         fn arithmetic(c: &mut $crate::criterion::Criterion) {
+            use ark_ff::AdditiveGroup;
+
             let name = format!("{}::{}", $bench_group_name, stringify!($F));
             const SAMPLES: usize = 1000;
             let mut rng = ark_std::test_rng();

ec/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ark-ec"
-version = "0.4.0"
+version = "0.4.2"
 authors = [ "arkworks contributors" ]
 description = "A library for elliptic curves and pairings"
 homepage = "https://arkworks.rs"
@@ -9,24 +9,25 @@ documentation = "https://docs.rs/ark-ec/"
 keywords = ["cryptography", "elliptic-curves", "pairing"]
 categories = ["cryptography"]
 include = ["Cargo.toml", "src", "doc", "README.md", "LICENSE-APACHE", "LICENSE-MIT"]
-license = "MIT/Apache-2.0"
+license = "MIT OR Apache-2.0"
 edition = "2021"
 rust-version = "1.63"
 
 [dependencies]
 ark-std = { version = "0.4.0", default-features = false }
-ark-serialize = { version = "0.4.0", path = "../serialize", default-features = false }
-ark-ff = { version = "0.4.0", path = "../ff", default-features = false }
-ark-poly = { version = "0.4.0", path = "../poly", default-features = false }
+ark-serialize = { version = "0.4.2", path = "../serialize", default-features = false }
+ark-ff = { version = "0.4.2", path = "../ff", default-features = false }
+ark-poly = { version = "0.4.2", path = "../poly", default-features = false }
 derivative = { version = "2", features = ["use_core"] }
 num-traits = { version = "0.2", default-features = false }
 rayon = { version = "1", optional = true }
 zeroize = { version = "1", default-features = false, features = ["zeroize_derive"] }
-hashbrown = "0.13.1"
-itertools = { version = "0.10", default-features = false }
+hashbrown = "0.14.0"
+itertools = { version = "0.11", default-features = false }
+num-bigint = { version = "0.4.3", default-features = false }
 
 [dev-dependencies]
-ark-test-curves = { version = "0.4.0", path = "../test-curves", default-features = false, features = ["bls12_381_curve"] }
+ark-test-curves = { version = "0.4.2", path = "../test-curves", default-features = false, features = ["bls12_381_curve"] }
 sha2 = { version = "0.10", default-features = false }
 libtest-mimic = "0.6.0"
 serde = "1.0.110"

ec/README.md

@@ -7,16 +7,16 @@
 </p>
 
 `ark-ec` defines traits and algorithms for working with different kinds of additive groups, with a focus on groups arising from elliptic curves. It further provides concrete instantiations of these traits for various elliptic curve models, including popular families of pairing-friendly curves such as the BLS12 family of curves.
-Implementations of particular curves using these curve models can be found in [`arkworks-rs/curves`](https://github.com/arkworks-rs/curves/README.md).
+Implementations of particular curves using these curve models can be found in [`arkworks-rs/curves`](https://github.com/arkworks-rs/curves/blob/master/README.md).
 
 ## Usage
 
 ### The `Group` trait
 
-Many cryptographic protocols use as core building-blocks prime-order groups. The [`Group`](https://github.com/arkworks-rs/algebra/blob/master/ec/src/lib.rs) trait is an abstraction that represents elements of such abelian prime-order groups. It provides methods for performing common operations on group elements:
+Many cryptographic protocols use as core building-blocks prime-order groups. The [`PrimeGroup`](https://github.com/arkworks-rs/algebra/blob/master/ec/src/lib.rs) trait is an abstraction that represents elements of such abelian prime-order groups. It provides methods for performing common operations on group elements:
 
 ```rust
-use ark_ec::Group;
+use ark_ec::{AdditiveGroup, PrimeGroup};
 use ark_ff::{PrimeField, Field};
 // We'll use the BLS12-381 G1 curve for this example.
 // This group has a prime order `r`, and is associated with a prime field `Fr`.
@@ -49,12 +49,12 @@ assert_eq!(f, c);
 
 ## Scalar multiplication
 
-While the `Group` trait already produces scalar multiplication routines, in many cases one can take advantage of
+While the `PrimeGroup` trait already produces scalar multiplication routines, in many cases one can take advantage of
 the group structure to perform scalar multiplication more efficiently. To allow such specialization, `ark-ec` provides
 the `ScalarMul` and `VariableBaseMSM` traits. The latter trait computes an "inner product" between a vector of scalars `s` and a vector of group elements `g`. That is, it computes `s.iter().zip(g).map(|(s, g)| g * s).sum()`.
 
 ```rust
-use ark_ec::{Group, VariableBaseMSM};
+use ark_ec::{PrimeGroup, VariableBaseMSM};
 use ark_ff::{PrimeField, Field};
 // We'll use the BLS12-381 G1 curve for this example.
 // This group has a prime order `r`, and is associated with a prime field `Fr`.
@@ -72,7 +72,7 @@ let s2 = ScalarField::rand(&mut rng);
 // Note that we're using the `GAffine` type here, as opposed to `G`.
 // This is because MSMs are more efficient when the group elements are in affine form. (See below for why.)
 //
-// The `VariableBaseMSM` trait allows specializing the input group element representation to allow 
+// The `VariableBaseMSM` trait allows specializing the input group element representation to allow
 // for more efficient implementations.
 let r = G::msm(&[a, b], &[s1, s2]).unwrap();
 assert_eq!(r, a * s1 + b * s2);
@@ -90,7 +90,7 @@ but is slower for most arithmetic operations. Let's explore how and when to use
 these:
 
 ```rust
-use ark_ec::{AffineRepr, Group, CurveGroup, VariableBaseMSM};
+use ark_ec::{AdditiveGroup, AffineRepr, PrimeGroup, CurveGroup, VariableBaseMSM};
 use ark_ff::{PrimeField, Field};
 use ark_test_curves::bls12_381::{G1Projective as G, G1Affine as GAffine, Fr as ScalarField};
 use ark_std::{Zero, UniformRand};
@@ -105,9 +105,9 @@ assert_eq!(a_aff, a);
 // We can also convert back to the `CurveGroup` representation:
 assert_eq!(a, a_aff.into_group());
 
-// As a general rule, most group operations are slower when elements 
-// are represented as `AffineRepr`. However, adding an `AffineRepr` 
-// point to a `CurveGroup` one is usually slightly more efficient than 
+// As a general rule, most group operations are slower when elements
+// are represented as `AffineRepr`. However, adding an `AffineRepr`
+// point to a `CurveGroup` one is usually slightly more efficient than
 // adding two `CurveGroup` points.
 let d = a + a_aff;
 assert_eq!(d, a.double());

ec/src/hashing/curve_maps/wb/mod.rs

@@ -53,10 +53,10 @@ where
                 let y_num = DensePolynomial::from_coefficients_slice(self.y_map_numerator);
                 let y_den = DensePolynomial::from_coefficients_slice(self.y_map_denominator);
 
-                let mut v: [BaseField<Domain>; 2] = [x_den.evaluate(x), y_den.evaluate(x)];
+                let mut v: [BaseField<Domain>; 2] = [x_den.evaluate(&x), y_den.evaluate(&x)];
                 batch_inversion(&mut v);
-                let img_x = x_num.evaluate(x) * v[0];
-                let img_y = (y_num.evaluate(x) * y) * v[1];
+                let img_x = x_num.evaluate(&x) * v[0];
+                let img_y = (y_num.evaluate(&x) * y) * v[1];
                 Ok(Affine::<Codomain>::new_unchecked(img_x, img_y))
             },
             None => Ok(Affine::identity()),

ec/src/hashing/map_to_curve_hasher.rs

@@ -1,4 +1,7 @@
-use crate::{hashing::*, AffineRepr, CurveGroup};
+use crate::{
+    hashing::{HashToCurve, HashToCurveError},
+    AffineRepr, CurveGroup,
+};
 use ark_ff::field_hashers::HashToField;
 use ark_std::marker::PhantomData;
 
@@ -42,10 +45,10 @@ where
         })
     }
 
-    // Produce a hash of the message, using the hash to field and map to curve
-    // traits. This uses the IETF hash to curve's specification for Random
-    // oracle encoding (hash_to_curve) defined by combining these components.
-    // See https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-09#section-3
+    /// Produce a hash of the message, using the hash to field and map to curve
+    /// traits. This uses the IETF hash to curve's specification for Random
+    /// oracle encoding (hash_to_curve) defined by combining these components.
+    /// See <https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-09#section-3>
     fn hash(&self, msg: &[u8]) -> Result<T::Affine, HashToCurveError> {
         // IETF spec of hash_to_curve, from hash_to_field and map_to_curve
         // sub-components