Determine max endoscaling bitstring based on curve used

- Since MAX_BITSTRING_LENGTH is determined entirely by the curve used
  (and is specified by the curve's CurveEndoscale trait) it can be
  removed as a generic of EndoscaleChip

- Previously, MAX_BITSTRING_LENGTH was hard-coded to 248 during
  instantiation instead of relying on the curve's constant (this was
  likely due to a limitation of the Rust compiler that disallows using
  constant expressions as const generics). This is now fixed.

- We update comments and instantiations to use this new API

halo2_gadgets/benches/endoscale.rs

@@ -43,7 +43,7 @@ impl<
 where
     C::Base: PrimeFieldBits,
 {
-    type Config = (EndoscaleConfig<C, K, 248>, Column<Advice>);
+    type Config = (EndoscaleConfig<C, K>, Column<Advice>);
     type FloorPlanner = SimpleFloorPlanner;
 
     #[cfg(feature = "circuit-params")]
@@ -142,7 +142,7 @@ impl<
 where
     C::Base: PrimeFieldBits,
 {
-    type Config = EndoscaleConfig<C, K, 248>;
+    type Config = EndoscaleConfig<C, K>;
     type FloorPlanner = SimpleFloorPlanner;
 
     #[cfg(feature = "circuit-params")]

halo2_gadgets/examples/endoscaling_demo.rs

@@ -252,10 +252,9 @@ struct ChallengeMultiplicationConfig {
     /// - First parameter is the curve that the base point used in Alg 1 is on.
     /// - Second parameter is the window size used to decompose the challenge into a bitstring in
     ///   Alg 2.
-    /// - Third parameter is the maximum length allowed for a bitstring used in Alg 2.
     ///
-    /// In this example, we don't use Alg 2, so we can set the second and third parameters to 0.
-    endoscale_config: EndoscaleConfig<pallas::Affine, 0, 0>,
+    /// In this example, we don't use Alg 2, so we can set the second parameter to 0.
+    endoscale_config: EndoscaleConfig<pallas::Affine, 0>,
 }
 
 impl Circuit<pallas::Base> for ChallengeMultiplicationCircuit {

halo2_gadgets/src/endoscale/chip.rs

@@ -39,7 +39,7 @@ pub enum Bitstring<F: PrimeFieldBits, const K: usize> {
 
 /// Config used in processing endoscalars.
 #[derive(Clone, Debug)]
-pub struct EndoscaleConfig<C: CurveAffine, const K: usize, const MAX_BITSTRING_LENGTH: usize>
+pub struct EndoscaleConfig<C: CurveAffine, const K: usize>
 where
     C::Base: PrimeFieldBits,
 {
@@ -51,24 +51,24 @@ where
     ///
     /// That is, given a bitstring, this computes the scalar value that, when scalar-multiplied
     /// by a curve point, provides the same result as endoscaling with the bitstring.
-    alg_2: Alg2Config<C, K, MAX_BITSTRING_LENGTH>,
+    alg_2: Alg2Config<C, K>,
 }
 
 /// Chip implementing [`EndoscaleInstructions`]
 #[derive(Debug)]
-pub struct EndoscaleChip<C: CurveAffine, const K: usize, const MAX_BITSTRING_LENGTH: usize>
+pub struct EndoscaleChip<C: CurveAffine, const K: usize>
 where
     C::Base: PrimeFieldBits,
 {
-    config: EndoscaleConfig<C, K, MAX_BITSTRING_LENGTH>,
+    config: EndoscaleConfig<C, K>,
 }
 
-impl<C: CurveAffine + CurveEndoscale, const K: usize, const N: usize> EndoscaleChip<C, K, N>
+impl<C: CurveAffine + CurveEndoscale, const K: usize> EndoscaleChip<C, K>
 where
     C::Base: PrimeFieldBits,
 {
     /// Construct chip from inner config
-    pub fn construct(config: EndoscaleConfig<C, K, N>) -> Self {
+    pub fn construct(config: EndoscaleConfig<C, K>) -> Self {
         Self { config }
     }
 
@@ -82,7 +82,7 @@ where
         // Running sum column shared across alg_1 and alg_2
         running_sum: Column<Advice>,
         endoscalars: Column<Instance>,
-    ) -> EndoscaleConfig<C, K, N> {
+    ) -> EndoscaleConfig<C, K> {
         let running_sum_pairs = {
             let q_pairs = meta.selector();
             RunningSumConfig::configure(meta, q_pairs, running_sum)
@@ -126,13 +126,12 @@ where
         self.config.alg_1()
     }
 
-    fn alg_2(&self) -> &Alg2Config<C, K, N> {
+    fn alg_2(&self) -> &Alg2Config<C, K> {
         self.config.alg_2()
     }
 }
 
-impl<C: CurveAffine, const K: usize, const MAX_BITSTRING_LENGTH: usize>
-    EndoscaleConfig<C, K, MAX_BITSTRING_LENGTH>
+impl<C: CurveAffine, const K: usize> EndoscaleConfig<C, K>
 where
     C::Base: PrimeFieldBits,
 {
@@ -142,7 +141,7 @@ where
     }
 
     /// Get the config for algorithm 2 .
-    pub fn alg_2(&self) -> &Alg2Config<C, K, MAX_BITSTRING_LENGTH> {
+    pub fn alg_2(&self) -> &Alg2Config<C, K> {
         &self.alg_2
     }
 }
@@ -173,12 +172,11 @@ impl CurveEndoscale for pluto_eris::ErisAffine {
     const MAX_BITSTRING_LENGTH: usize = 442;
 }
 
-impl<C: CurveAffine + CurveEndoscale, const K: usize, const N: usize> Chip<C::Base>
-    for EndoscaleChip<C, K, N>
+impl<C: CurveAffine + CurveEndoscale, const K: usize> Chip<C::Base> for EndoscaleChip<C, K>
 where
     C::Base: PrimeFieldBits,
 {
-    type Config = EndoscaleConfig<C, K, N>;
+    type Config = EndoscaleConfig<C, K>;
     type Loaded = ();
 
     fn config(&self) -> &Self::Config {
@@ -190,8 +188,8 @@ where
     }
 }
 
-impl<C: CurveAffine + CurveEndoscale, const K: usize, const N: usize> EndoscaleInstructions<C>
-    for EndoscaleChip<C, K, N>
+impl<C: CurveAffine + CurveEndoscale, const K: usize> EndoscaleInstructions<C>
+    for EndoscaleChip<C, K>
 where
     C::Base: PrimeFieldBits,
 {
@@ -363,7 +361,7 @@ mod tests {
     where
         C::Base: PrimeFieldBits,
     {
-        type Config = (EndoscaleConfig<C, K, 248>, Column<Advice>);
+        type Config = (EndoscaleConfig<C, K>, Column<Advice>);
         type FloorPlanner = SimpleFloorPlanner;
 
         #[cfg(feature = "circuit-params")]
@@ -463,7 +461,7 @@ mod tests {
     where
         C::Base: PrimeFieldBits,
     {
-        type Config = EndoscaleConfig<C, K, 248>;
+        type Config = EndoscaleConfig<C, K>;
         type FloorPlanner = SimpleFloorPlanner;
 
         #[cfg(feature = "circuit-params")]

halo2_gadgets/src/endoscale/chip/alg_2.rs

@@ -18,6 +18,8 @@ use crate::utilities::{
 };
 use std::marker::PhantomData;
 
+use super::CurveEndoscale;
+
 #[derive(Clone, Debug)]
 pub struct Bitstring<F: PrimeFieldBits, const K: usize> {
     running_sum: RunningSum<F, K>,
@@ -86,7 +88,7 @@ impl<F: WithSmallOrderMulGroup<3>, const K: usize> TableConfig<F, K> {
 
 /// Config used in Algorithm 2 (endoscaling in the field).
 #[derive(Clone, Debug)]
-pub struct Alg2Config<C: CurveAffine, const K: usize, const MAX_BITSTRING_LENGTH: usize>
+pub struct Alg2Config<C: CurveAffine, const K: usize>
 where
     C::Base: PrimeFieldBits,
 {
@@ -114,8 +116,7 @@ where
     pow2_config: pow2_range_check::Config<C::Base, K>,
 }
 
-impl<C: CurveAffine, const K: usize, const MAX_BITSTRING_LENGTH: usize>
-    Alg2Config<C, K, MAX_BITSTRING_LENGTH>
+impl<C: CurveAffine + CurveEndoscale, const K: usize> Alg2Config<C, K>
 where
     C::Base: PrimeFieldBits,
 {
@@ -271,7 +272,7 @@ where
         let pad_len = bitstring.pad_len;
         let num_bits = bitstring.running_sum.num_bits() - pad_len;
         // num_bits must be an even number not greater than MAX_BITSTRING_LENGTH.
-        assert!(num_bits <= MAX_BITSTRING_LENGTH);
+        assert!(num_bits <= C::MAX_BITSTRING_LENGTH);
 
         // The bitstring will be broken into K-bit chunks with the first chunk
         // being a padded k_prime-bit partial chunk

halo2_gadgets/src/recursive_chip.rs

@@ -89,7 +89,7 @@ type C = pasta::pallas::Affine; // Limitation of `EccChip` (will be generalized
 const K: usize = 0; // We won't be using Algorithm 2 yet, so no reason to have this table
 const MAX_BITSTRING_LENGTH: usize = <C as CurveEndoscale>::MAX_BITSTRING_LENGTH;
 
-type Endo = EndoscaleChip<C, K, MAX_BITSTRING_LENGTH>;
+type Endo = EndoscaleChip<C, K>;
 type P = Pow5Chip<<C as CurveAffine>::Base, { P128Pow5T3::WIDTH }, { P128Pow5T3::RATE }>;
 type TR<FP, P, D, const L: usize, R> =
     TranscriptReaderChip<C, EccChip<C, FP>, TranscriptChipP128Pow5T3<C, P, D, L>, R>;