Smash out monero-bulletproofs

Removes usage of dalek-ff-group/multiexp for curve25519-dalek. Makes compiling in the generators an optional feature. Adds a structured batch verifier which should be notably more performant. Documentation and clean up still necessary.
2025-12-12 22:19:26 +00:00 · 2024-06-15 17:00:11 -04:00
parent 798ffc9b28
commit f7c13fd1ca
32 changed files with 716 additions and 502 deletions
--- a/coins/monero/ringct/bulletproofs/src/plus/point_vector.rs
+++ b/coins/monero/ringct/bulletproofs/src/plus/point_vector.rs
@@ -0,0 +1,48 @@
+use core::ops::{Index, IndexMut};
+use std_shims::vec::Vec;
+
+use zeroize::{Zeroize, ZeroizeOnDrop};
+
+use curve25519_dalek::edwards::EdwardsPoint;
+
+#[cfg(test)]
+use crate::{core::multiexp, plus::ScalarVector};
+
+#[derive(Clone, PartialEq, Eq, Debug, Zeroize, ZeroizeOnDrop)]
+pub(crate) struct PointVector(pub(crate) Vec<EdwardsPoint>);
+
+impl Index<usize> for PointVector {
+  type Output = EdwardsPoint;
+  fn index(&self, index: usize) -> &EdwardsPoint {
+    &self.0[index]
+  }
+}
+
+impl IndexMut<usize> for PointVector {
+  fn index_mut(&mut self, index: usize) -> &mut EdwardsPoint {
+    &mut self.0[index]
+  }
+}
+
+impl PointVector {
+  #[cfg(test)]
+  pub(crate) fn multiexp(&self, vector: &ScalarVector) -> EdwardsPoint {
+    debug_assert_eq!(self.len(), vector.len());
+    let mut res = Vec::with_capacity(self.len());
+    for (point, scalar) in self.0.iter().copied().zip(vector.0.iter().copied()) {
+      res.push((scalar, point));
+    }
+    multiexp(&res)
+  }
+
+  pub(crate) fn len(&self) -> usize {
+    self.0.len()
+  }
+
+  pub(crate) fn split(mut self) -> (Self, Self) {
+    debug_assert!(self.len() > 1);
+    let r = self.0.split_off(self.0.len() / 2);
+    debug_assert_eq!(self.len(), r.len());
+    (self, PointVector(r))
+  }
+}