feat!: crates refactor (#556)

* Middle of refactor

* MIddle of refactor

* merkle tree clean

* merkle tree clean

* gadgets for rescue and mt

* commitment

* rescue gadgets move

* move vdf

* refactor

* move signature

* move pcs

* move vid

* move bench & fix build error

* finalizing

* fixed all tests

* fix doctest

* remove unused deps from jf-primitives

* update scripts & github actions

* documents

* scripts & PR template

* fix failed test

* move curve_cofactor

* addressing comments

* move AEAD

* elgamal crate

* vrf crate

* update scripts

* comments and test fixes

* fix test

* CODEOWNERS

* use `test-srs` in plonk bench

* update README

* fix README

* break `jf-traits` crate

* change PR template

* fix test

.github/pull_request_template.md

@@ -1,20 +1,37 @@
-<!---
-Credit: Arkworks project https://github.com/arkworks-rs/
--->
-
 <!-- < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < ☺
 v                               ✰  Thanks for creating a PR! ✰
 v    Before hitting that submit button please review the checkboxes.
 v    If a checkbox is n/a - please still include it but + a little note why
 ☺ > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >  -->
 
-## Description
+closes: #XXXX
+<!-- If there is no issue number make sure to describe clearly *why* this PR is necessary. -->
 
-<!-- Add a description of the changes that this PR introduces and the files that
-are the most critical to review.
--->
+### This PR: 
+<!-- Describe what this PR adds to this repo and why -->
+<!-- E.g. -->
+<!-- * Implements feature 1 -->
+<!-- * Fixes bug 3 -->
 
-closes: #XXXX
+### This PR does not:
+<!-- Describe what is out of scope for this PR, if applicable. Leave this section blank if it's not applicable -->
+<!-- This section helps avoid the reviewer having to needlessly point out missing parts -->
+<!-- * Implement feature 3 because that feature is blocked by Issue 4 -->
+<!-- * Implement xyz because that is tracked in issue #123. -->
+<!-- * Address xzy for which I opened issue #456 -->
+
+### Key places to review:
+<!-- Describe key places for reviewers to pay close attention to -->
+<!-- * file.rs, `add_integers` function -->
+
+<!-- ### How to test this PR:  --> 
+<!-- Optional, uncomment the above line if this is relevant to your PR -->
+<!-- If your PR is fully tested through CI there is no need to add this section -->
+<!-- * E.g. `just test` -->
+
+<!-- ### Things tested -->
+<!-- Anything that was manually tested (that it is not tested in CI). -->
+<!-- E.g. building/running of docker containers. Changes to docker demo, ... -->
 
 ---
 
@@ -26,5 +43,5 @@ write a little note why.
 - [ ] Linked to GitHub issue with discussion and accepted design OR have an explanation in the PR that describes this work.
 - [ ] Wrote unit tests
 - [ ] Updated relevant documentation in the code
-- [ ] Added a relevant changelog entry to the `Pending` section in `CHANGELOG.md`
+- [ ] Added relevant changelog entries to the `CHANGELOG.md` of touched crates.
 - [ ] Re-reviewed `Files changed` in the GitHub PR explorer

.github/workflows/build.yml

@@ -62,19 +62,19 @@ jobs:
           token: ${{ github.token }}
 
       - name: Check Bench
-        run: cargo bench --features test-srs --no-run
+        run: cargo bench --features "test-srs bls schnorr gadgets" --no-run
 
       - name: Check all tests and binaries compilation
         run: |
           cargo check --workspace --tests --lib --bins
-          cargo check --workspace --features 'std parallel test-srs test-apis'
+          cargo check --workspace --features 'std parallel test-srs test-apis bls schnorr gadgets'
 
       - name: Check no_std support and WASM compilation
         env:
           RUSTFLAGS: '-C target-cpu=generic --cfg curve25519_dalek_backend="u32"'
         run: |
-          cargo check --no-default-features
-          cargo build --target wasm32-unknown-unknown --no-default-features
+          cargo check --no-default-features --features "bls schnorr gadgets"
+          cargo build --target wasm32-unknown-unknown --no-default-features --features "bls schnorr gadgets"
 
       - name: Test
         run: bash ./scripts/run_tests.sh

CODEOWNERS

@@ -0,0 +1,47 @@
+# Default owners and repository maintainers:
+* @alxiong @mrain
+
+# Owner of `jf-utils` crate
+/utilities/ @alxiong @mrain
+
+# Owner of `jf-relation` crate
+/relation/ @alxiong @mrain
+
+# Owner of `jf-prf` crate
+/prf/ @alxiong @mrain
+
+# Owner of `jf-crhf` crate
+/crhf/ @alxiong @mrain
+
+# Owner of `jf-commitment` crate
+/commitment/ @alxiong @mrain
+
+# Owner of `jf-merkle-tree` crate
+/merkle-tree/ @mrain
+
+# Owner of `jf-pcs` crate
+/pcs/ @alxiong
+
+# Owner of `jf-rescue` crate
+/rescue/ @philippecamacho
+
+# Owner of `jf-vdf` crate
+/vdf/ @mrain
+
+# Owner of `jf-vid` crate
+/vid/ @ggutoski @akonring
+
+# Owner of `jf-signature` crate
+/signature/ @alxiong @mrain
+
+# Owner of `jf-aead` crate
+/aead/ @alxiong
+
+# Owner of `jf-elgamal` crate
+/elgamal/ @alxiong @mrain
+
+# Owner of `jf-vrf` crate
+/vrf/ @alxiong @mrain
+
+# Owner of `jf-plonk` crate
+/plonk/ @alxiong @mrain

Cargo.toml

@@ -1,5 +1,5 @@
 [workspace]
-members = ["plonk", "primitives", "relation", "utilities"]
+members = ["aead", "commitment", "crhf", "elgamal", "merkle_tree", "pcs", "plonk", "prf", "relation", "rescue", "signature", "utilities", "vdf", "vid", "vrf"]
 resolver = "2"
 
 [workspace.package]
@@ -23,8 +23,8 @@ ark-poly = { version = "0.4.0", default-features = false }
 ark-serialize = { version = "0.4.0", default-features = false }
 ark-std = { version = "0.4.0", default-features = false }
 derivative = { version = "2", features = ["use_core"] }
-digest = { version = "0.10", default-features = false }
-displaydoc = { version = "0.2.3", default-features = false }
+digest = { version = "0.10.1", default-features = false, features = [ "alloc" ] }
+displaydoc = { version = "0.2", default-features = false }
 hashbrown = "0.14.3"
 merlin = { version = "3.0.0", default-features = false }
 num-bigint = { version = "0.4", default-features = false }

README.md

@@ -12,6 +12,29 @@
 
 For general discussions on Jellyfish PLONK, please join our [Discord channel](https://discord.gg/GJa4gznGfU).
 
+## Crates
+
+### Helper
+- ['jf-utils'](utilities): utilities and helper functions.
+
+### Primitives
+- ['jf-prf'](prf): trait definitions for pesudorandom function (PRF).
+- ['jf-crhf'](crhf): trait definitions for collision-resistant hash function (CRHF).
+- ['jf-commitment'](commitment): trait definitions for cryptographic commitment scheme.
+- ['jf-rescue'](rescue): Rescue hash function, and its subsequent PRF, CRHF, commitment scheme implementations.
+- ['jf-elgamal'](elgamal): a Rescue-based ElGamal encryption scheme implementation.
+- ['jf-signature'](signature): signature scheme trait definition, and BLS/Schnorr signature scheme implementations.
+- ['jf-vrf'](vrf): verifiable random function trait definition and BLS-based implementation.
+- ['jf-aead'](aead): authenticated encryption with associated data (AEAD) implementation.
+- ['jf-merkle-tree'](merkle_tree): various (vanilla, sparse, namespaced) Merkle tree trait definitions and implementations.
+- ['jf-pcs'](pcs): polynomial commitment scheme (PCS) trait definitions and univariate/multilinear KZG-PCS implementations.
+- ['jf-vdf'](vdf): verifiable delay function (VDF) trait definitions and (non-verifiable) MinRoot implementation.
+- ['jf-vid'](vid): verifiable information dispersal (VID) trait definition and implementation.
+
+### Plonk
+- ['jf-relation'](relation): Jellyfish constraint system for PLONK.
+- ['jf-plonk'](plonk): KZG-PCS based TurboPlonk and UltraPlonk implementations.
+
 ## Development environment setup
 
 We recommend the following tools:

aead/CHANGELOG.md

@@ -0,0 +1,9 @@
+# CHANGELOG
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## 0.1.0
+
+- Initial release.
+- AEAD wrapper for `crypto_kx`.

aead/Cargo.toml

@@ -0,0 +1,32 @@
+[package]
+name = "jf-aead"
+version = "0.1.0"
+description = "Authenticated encryption with associated data (AEAD)."
+authors = { workspace = true }
+edition = { workspace = true }
+license = { workspace = true }
+rust-version = { workspace = true }
+homepage = { workspace = true }
+documentation = { workspace = true }
+repository = { workspace = true }
+
+[dependencies]
+ark-serialize = { workspace = true }
+ark-std = { workspace = true }
+chacha20poly1305 = { version = "0.10.1", default-features = false, features = [
+        "alloc",
+        "rand_core",
+] }
+crypto_kx = { version = "0.2.1", features = ["serde"] }
+derivative = { workspace = true }
+displaydoc = { workspace = true }
+serde = { workspace = true }
+
+[dev-dependencies]
+bincode = "1.3"
+jf-utils = { path = "../utilities" }
+rand_chacha = { workspace = true }
+
+[features]
+default = []
+std = ["ark-serialize/std", "ark-std/std", "chacha20poly1305/std"]

primitives/src/aead.rs → aead/src/lib.rs

@@ -10,7 +10,17 @@
 //! We only provide an ultra-thin wrapper for stable APIs for jellyfish users,
 //! independent of RustCrypto's upstream changes.
 
-use crate::errors::PrimitivesError;
+#![cfg_attr(not(feature = "std"), no_std)]
+// Temporarily allow warning for nightly compilation with [`displaydoc`].
+#![allow(warnings)]
+#![deny(missing_docs)]
+#[cfg(test)]
+extern crate std;
+
+#[cfg(any(not(feature = "std"), target_has_atomic = "ptr"))]
+#[doc(hidden)]
+extern crate alloc;
+
 use ark_serialize::*;
 use ark_std::{
     fmt, format,
@@ -22,6 +32,8 @@ use chacha20poly1305::{
     aead::{Aead, AeadCore, Payload},
     KeyInit, XChaCha20Poly1305, XNonce,
 };
+use derivative::Derivative;
+use displaydoc::Display;
 use serde::{Deserialize, Deserializer, Serialize};
 
 #[derive(Clone, Eq, Derivative, Serialize, Deserialize)]
@@ -60,6 +72,13 @@ impl fmt::Debug for EncKey {
     }
 }
 
+/// AEAD Error.
+// This type is deliberately opaque as in `crypto_kx`.
+#[derive(Clone, Copy, Debug, Eq, Hash, Ord, PartialEq, PartialOrd, Display)]
+pub struct AEADError;
+
+impl ark_std::error::Error for AEADError {}
+
 impl EncKey {
     /// Encrypt a message with authenticated associated data which is an
     /// optional bytestring which is not encrypted, but is authenticated
@@ -72,7 +91,7 @@ impl EncKey {
         mut rng: impl RngCore + CryptoRng,
         message: &[u8],
         aad: &[u8],
-    ) -> Result<Ciphertext, PrimitivesError> {
+    ) -> Result<Ciphertext, AEADError> {
         // generate an ephemeral key pair as the virtual sender to derive the crypto box
         let ephemeral_keypair = crypto_kx::Keypair::generate(&mut rng);
         // `crypto_kx` generates a pair of shared secrets, see <https://libsodium.gitbook.io/doc/key_exchange>
@@ -85,7 +104,7 @@ impl EncKey {
         // encrypt the message and associated data using crypto box
         let ct = cipher
             .encrypt(&nonce, Payload { msg: message, aad })
-            .map_err(|e| PrimitivesError::InternalError(format!("{e:?}")))?;
+            .map_err(|_| AEADError)?;
 
         Ok(Ciphertext {
             nonce: Nonce(nonce),
@@ -162,7 +181,7 @@ impl KeyPair {
     /// Decrypt a ciphertext with authenticated associated data provided.
     /// If the associated data is different that that used during encryption,
     /// then decryption will fail.
-    pub fn decrypt(&self, ciphertext: &Ciphertext, aad: &[u8]) -> Result<Vec<u8>, PrimitivesError> {
+    pub fn decrypt(&self, ciphertext: &Ciphertext, aad: &[u8]) -> Result<Vec<u8>, AEADError> {
         let shared_secret = crypto_kx::Keypair::from(self.dec_key.0.clone())
             .session_keys_from(&ciphertext.ephemeral_pk.0)
             .rx;
@@ -175,7 +194,7 @@ impl KeyPair {
                     aad,
                 },
             )
-            .map_err(|e| PrimitivesError::FailedDecryption(format!("{e:?}")))?;
+            .map_err(|_| AEADError)?;
         Ok(plaintext)
     }
 }
@@ -371,7 +390,7 @@ mod test {
     use rand_chacha::ChaCha20Rng;
 
     #[test]
-    fn test_aead_encryption() -> Result<(), PrimitivesError> {
+    fn test_aead_encryption() -> Result<(), AEADError> {
         let mut rng = ChaCha20Rng::from_seed([0u8; 32]);
         let keypair1 = KeyPair::generate(&mut rng);
         let keypair2 = KeyPair::generate(&mut rng);

commitment/Cargo.toml

@@ -0,0 +1,14 @@
+[package]
+name = "jf-commitment"
+version = "0.1.0"
+description = "Commitment scheme"
+authors = { workspace = true }
+edition = { workspace = true }
+license = { workspace = true }
+rust-version = { workspace = true }
+homepage = { workspace = true }
+documentation = { workspace = true }
+repository = { workspace = true }
+
+[dependencies]
+ark-std = { workspace = true }

commitment/src/lib.rs

@@ -0,0 +1,41 @@
+// Copyright (c) 2022 Espresso Systems (espressosys.com)
+// This file is part of the Jellyfish library.
+
+// You should have received a copy of the MIT License
+// along with the Jellyfish library. If not, see <https://mit-license.org/>.
+//! Trait definition for cryptographic commitment scheme
+#![no_std]
+
+use ark_std::{borrow::Borrow, fmt::Debug, hash::Hash, UniformRand};
+
+/// A glorified [`bool`] that leverages compile lints to encourage the caller to
+/// use the result.
+///
+/// Intended as the return type for verification of proofs, signatures, etc.
+/// Recommended for use in the nested [`Result`] pattern: see <https://sled.rs/errors>.
+type VerificationResult = Result<(), ()>;
+
+pub trait CommitmentScheme {
+    /// Input to the commitment
+    type Input;
+    /// The type of output commitment value
+    type Output: Clone + Debug + PartialEq + Eq + Hash;
+    /// The type of the hiding/blinding factor
+    type Randomness: Clone + Debug + PartialEq + Eq + UniformRand;
+    /// Error type
+    type Error: ark_std::error::Error;
+
+    /// Commit algorithm that takes `input` and blinding randomness `r`
+    /// (optional for hiding commitment schemes), outputs a commitment.
+    fn commit<T: Borrow<Self::Input>>(
+        input: T,
+        r: Option<&Self::Randomness>,
+    ) -> Result<Self::Output, Self::Error>;
+
+    /// Verify algorithm that output `Ok` if accepted, or `Err` if rejected.
+    fn verify<T: Borrow<Self::Input>>(
+        input: T,
+        r: Option<&Self::Randomness>,
+        comm: &Self::Output,
+    ) -> Result<VerificationResult, Self::Error>;
+}

crhf/Cargo.toml

@@ -0,0 +1,15 @@
+[package]
+name = "jf-crhf"
+version = "0.1.0"
+description = "Collision-resistant hash function (CRHF)"
+authors = { workspace = true }
+edition = { workspace = true }
+license = { workspace = true }
+rust-version = { workspace = true }
+homepage = { workspace = true }
+documentation = { workspace = true }
+repository = { workspace = true }
+
+[dependencies]
+ark-serialize = { workspace = true }
+ark-std = { workspace = true }