fix(storage-proofs): encoding_proof: remove redundant storage

dignifiedquire · web-flow · commit 3940978de139 · 2019-10-10T19:09:10.000+02:00
diff --git a/storage-proofs/src/circuit/stacked/column.rs b/storage-proofs/src/circuit/stacked/column.rs
@@ -33,6 +33,12 @@ impl Column {
         }
     }
 
+    pub fn get_node_at_layer(&self, layer: usize) -> &Option<Fr> {
+        assert!(layer > 0, "layer must be greater than 0");
+        let row_index = layer - 1;
+        &self.rows[row_index]
+    }
+
     pub fn hash<CS: ConstraintSystem<Bls12>>(
         self,
         mut cs: CS,
diff --git a/storage-proofs/src/circuit/stacked/column_proof.rs b/storage-proofs/src/circuit/stacked/column_proof.rs
@@ -1,7 +1,7 @@
 use bellperson::{ConstraintSystem, SynthesisError};
 use fil_sapling_crypto::circuit::num;
 use fil_sapling_crypto::jubjub::JubjubEngine;
-use paired::bls12_381::Bls12;
+use paired::bls12_381::{Bls12, Fr};
 
 use crate::circuit::{
     constraint,
@@ -25,6 +25,10 @@ impl<H: Hasher> ColumnProof<H> {
         }
     }
 
+    pub fn get_node_at_layer(&self, layer: usize) -> &Option<Fr> {
+        self.column.get_node_at_layer(layer)
+    }
+
     pub fn synthesize<CS: ConstraintSystem<Bls12>>(
         self,
         mut cs: CS,
diff --git a/storage-proofs/src/circuit/stacked/encoding_proof.rs b/storage-proofs/src/circuit/stacked/encoding_proof.rs
@@ -11,42 +11,20 @@ use crate::stacked::{EncodingProof as VanillaEncodingProof, PublicParams};
 #[derive(Debug, Clone)]
 pub struct EncodingProof {
     node: Option<u64>,
-    encoded_node: Option<Fr>,
-    // The inner `Option` is for the circuit, the outer to determine if
-    // if we need to encode sth.
-    #[allow(clippy::option_option)]
-    decoded_node: Option<Option<Fr>>,
     parents: Vec<Option<Fr>>,
 }
 
 impl EncodingProof {
     /// Create an empty proof, used in `blank_circuit`s.
-    pub fn empty<H: Hasher>(params: &PublicParams<H>) -> Self {
-        EncodingProof {
-            node: None,
-            encoded_node: None,
-            decoded_node: None,
-            parents: vec![None; params.graph.degree()],
-        }
-    }
-
-    /// Create an empty proof, used in `blank_circuit`s.
-    pub fn empty_base<H: Hasher>(params: &PublicParams<H>) -> Self {
-        EncodingProof {
-            node: None,
-            encoded_node: None,
-            decoded_node: None,
-            parents: vec![None; params.graph.base_graph().degree()],
-        }
-    }
-
-    /// Create an empty proof, used in `blank_circuit`s.
-    pub fn empty_with_decoded<H: Hasher>(params: &PublicParams<H>) -> Self {
+    pub fn empty<H: Hasher>(params: &PublicParams<H>, layer: usize) -> Self {
+        let degree = if layer == 1 {
+            params.graph.base_graph().degree()
+        } else {
+            params.graph.degree()
+        };
         EncodingProof {
             node: None,
-            encoded_node: None,
-            decoded_node: Some(None),
-            parents: vec![None; params.graph.degree()],
+            parents: vec![None; degree],
         }
     }
 
@@ -91,18 +69,38 @@ impl EncodingProof {
         )
     }
 
-    pub fn synthesize<CS: ConstraintSystem<Bls12>>(
+    pub fn synthesize_key<CS: ConstraintSystem<Bls12>>(
         self,
         mut cs: CS,
         params: &<Bls12 as JubjubEngine>::Params,
         replica_id: &[Boolean],
+        exp_encoded_node: &num::AllocatedNum<Bls12>,
     ) -> Result<(), SynthesisError> {
-        let EncodingProof {
+        let EncodingProof { node, parents } = self;
+
+        let key = Self::create_key(
+            cs.namespace(|| "create_key"),
+            params,
+            replica_id,
             node,
             parents,
-            encoded_node,
-            decoded_node,
-        } = self;
+        )?;
+
+        // enforce equality
+        constraint::equal(&mut cs, || "equality_key", &exp_encoded_node, &key);
+
+        Ok(())
+    }
+
+    pub fn synthesize_decoded<CS: ConstraintSystem<Bls12>>(
+        self,
+        mut cs: CS,
+        params: &<Bls12 as JubjubEngine>::Params,
+        replica_id: &[Boolean],
+        exp_encoded_node: &num::AllocatedNum<Bls12>,
+        decoded_node: &num::AllocatedNum<Bls12>,
+    ) -> Result<(), SynthesisError> {
+        let EncodingProof { node, parents } = self;
 
         let key = Self::create_key(
             cs.namespace(|| "create_key"),
@@ -112,44 +110,26 @@ impl EncodingProof {
             parents,
         )?;
 
-        let encoded_node = num::AllocatedNum::alloc(cs.namespace(|| "encoded_num"), || {
-            encoded_node
-                .map(Into::into)
-                .ok_or_else(|| SynthesisError::AssignmentMissing)
-        })?;
-
-        let encoded_node_new = if let Some(decoded_node) = decoded_node {
-            let decoded_num = num::AllocatedNum::alloc(cs.namespace(|| "decoded_num"), || {
-                decoded_node
-                    .map(Into::into)
-                    .ok_or_else(|| SynthesisError::AssignmentMissing)
-            })?;
-            encode(cs.namespace(|| "encode"), &key, &decoded_num)?
-        } else {
-            key
-        };
+        let encoded_node = encode(cs.namespace(|| "encode"), &key, decoded_node)?;
 
         // enforce equality
-        constraint::equal(&mut cs, || "equality", &encoded_node_new, &encoded_node);
+        constraint::equal(
+            &mut cs,
+            || "equality_encoded_node",
+            &exp_encoded_node,
+            &encoded_node,
+        );
 
         Ok(())
     }
 }
 
 impl<H: Hasher> From<VanillaEncodingProof<H>> for EncodingProof {
     fn from(vanilla_proof: VanillaEncodingProof<H>) -> Self {
-        let VanillaEncodingProof {
-            parents,
-            decoded_node,
-            encoded_node,
-            node,
-            ..
-        } = vanilla_proof;
+        let VanillaEncodingProof { parents, node, .. } = vanilla_proof;
 
         EncodingProof {
             node: Some(node),
-            encoded_node: Some(encoded_node.into_fr()),
-            decoded_node: decoded_node.map(|n| Some(n.into_fr())),
             parents: parents.into_iter().map(|p| Some(p.into())).collect(),
         }
     }
diff --git a/storage-proofs/src/circuit/stacked/params.rs b/storage-proofs/src/circuit/stacked/params.rs
@@ -36,17 +36,8 @@ impl<H: Hasher> Proof<H> {
                 continue;
             }
 
-            if layer == 1 {
-                // first layer has no expansion parents
-                encoding_proofs.push(EncodingProof::empty_base(params));
-            } else if layer == layers {
-                // last layer has a decoded node
-                encoding_proofs.push(EncodingProof::empty_with_decoded(params));
-            } else {
-                encoding_proofs.push(EncodingProof::empty(params));
-            }
+            encoding_proofs.push(EncodingProof::empty(params, layer));
         }
-
         Proof {
             comm_d_proof: InclusionPath::empty(&params.graph),
             comm_r_last_proof: InclusionPath::empty(&params.graph),
@@ -61,6 +52,7 @@ impl<H: Hasher> Proof<H> {
         self,
         mut cs: CS,
         params: &<Bls12 as JubjubEngine>::Params,
+        layers: usize,
         comm_d: &num::AllocatedNum<Bls12>,
         comm_c: &num::AllocatedNum<Bls12>,
         comm_r_last: &num::AllocatedNum<Bls12>,
@@ -82,21 +74,44 @@ impl<H: Hasher> Proof<H> {
             comm_d_leaf.clone(),
         )?;
 
+        let comm_r_last_data_leaf =
+            comm_r_last_proof.alloc_value(cs.namespace(|| "comm_r_last_data_leaf"))?;
+
         // verify encodings
-        for (layer, proof) in encoding_proofs.into_iter().enumerate() {
-            proof.synthesize(
-                cs.namespace(|| format!("encoding_proof_{}", layer)),
-                params,
-                replica_id,
-            )?;
+        for (i, proof) in encoding_proofs.into_iter().enumerate() {
+            let layer = i + 1;
+
+            if layer == layers {
+                proof.synthesize_decoded(
+                    cs.namespace(|| format!("encoding_proof_{}", layer)),
+                    params,
+                    replica_id,
+                    &comm_r_last_data_leaf,
+                    &comm_d_leaf,
+                )?;
+            } else {
+                let raw = replica_column_proof.c_x.get_node_at_layer(layer);
+                let encoded_node = num::AllocatedNum::alloc(
+                    cs.namespace(|| format!("enc_node_{}", layer)),
+                    || {
+                        raw.map(Into::into)
+                            .ok_or_else(|| SynthesisError::AssignmentMissing)
+                    },
+                )?;
+
+                proof.synthesize_key(
+                    cs.namespace(|| format!("encoding_proof_{}", layer)),
+                    params,
+                    replica_id,
+                    &encoded_node,
+                )?;
+            }
         }
 
         // verify replica column openings
         replica_column_proof.synthesize(cs.namespace(|| "replica_column_proof"), params, comm_c)?;
 
         // verify final replica layer
-        let comm_r_last_data_leaf =
-            comm_r_last_proof.alloc_value(cs.namespace(|| "comm_r_last_data_leaf"))?;
         comm_r_last_proof.synthesize(
             cs.namespace(|| "comm_r_last_data_inclusion"),
             params,
diff --git a/storage-proofs/src/circuit/stacked/proof.rs b/storage-proofs/src/circuit/stacked/proof.rs
@@ -173,6 +173,7 @@ impl<'a, H: Hasher> Circuit<Bls12> for StackedCircuit<'a, Bls12, H> {
             proof.synthesize(
                 &mut cs.namespace(|| format!("challenge_{}", i)),
                 &self.params,
+                public_params.layer_challenges.layers(),
                 &comm_d_num,
                 &comm_c_num,
                 &comm_r_last_num,
diff --git a/storage-proofs/src/stacked/encoding_proof.rs b/storage-proofs/src/stacked/encoding_proof.rs
@@ -1,45 +1,25 @@
 use std::marker::PhantomData;
 
 use blake2s_simd::Params as Blake2s;
-use serde::de::Deserialize;
-use serde::ser::Serialize;
 
 use crate::fr32::bytes_into_fr_repr_safe;
 use crate::hasher::Hasher;
-use crate::merkle::IncludedNode;
 use crate::stacked::encode::encode;
 use crate::util::NODE_SIZE;
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct EncodingProof<H: Hasher> {
-    #[serde(bound(
-        serialize = "IncludedNode<H>: Serialize",
-        deserialize = "IncludedNode<H>: Deserialize<'de>"
-    ))]
-    pub(crate) encoded_node: IncludedNode<H>,
-    #[serde(bound(
-        serialize = "IncludedNode<H>: Serialize",
-        deserialize = "IncludedNode<H>: Deserialize<'de>"
-    ))]
-    pub(crate) decoded_node: Option<IncludedNode<H>>,
     pub(crate) parents: Vec<H::Domain>,
     pub(crate) node: u64,
     #[serde(skip)]
     _h: PhantomData<H>,
 }
 
 impl<H: Hasher> EncodingProof<H> {
-    pub fn new(
-        node: u64,
-        parents: Vec<H::Domain>,
-        encoded_node: IncludedNode<H>,
-        decoded_node: Option<IncludedNode<H>>,
-    ) -> Self {
+    pub fn new(node: u64, parents: Vec<H::Domain>) -> Self {
         EncodingProof {
             node,
             parents,
-            encoded_node,
-            decoded_node,
             _h: PhantomData,
         }
     }
@@ -60,16 +40,20 @@ impl<H: Hasher> EncodingProof<H> {
         bytes_into_fr_repr_safe(hasher.finalize().as_ref()).into()
     }
 
-    pub fn verify(&self, replica_id: &H::Domain) -> bool {
+    pub fn verify(
+        &self,
+        replica_id: &H::Domain,
+        exp_encoded_node: &H::Domain,
+        decoded_node: Option<&H::Domain>,
+    ) -> bool {
         let key = self.create_key(replica_id);
 
-        let encoded_node = if let Some(ref decoded_node) = self.decoded_node {
-            encode(key, **decoded_node)
+        let encoded_node = if let Some(decoded_node) = decoded_node {
+            encode(key, *decoded_node)
         } else {
             key
         };
 
-        let exp_encoded_node: &H::Domain = &self.encoded_node;
         check_eq!(exp_encoded_node, &encoded_node);
 
         true
diff --git a/storage-proofs/src/stacked/params.rs b/storage-proofs/src/stacked/params.rs
@@ -230,10 +230,23 @@ impl<H: Hasher> Proof<H> {
                 layer,
                 expect_challenge
             );
+
+            let (encoded_node, decoded_node) = if layer == layer_challenges.layers() {
+                (
+                    self.comm_r_last_proof.leaf(),
+                    Some(self.comm_d_proofs.leaf()),
+                )
+            } else {
+                (
+                    self.replica_column_proofs.c_x.get_node_at_layer(layer),
+                    None,
+                )
+            };
+
             if expect_challenge {
                 check!(self.encoding_proofs.get(layer - 1).is_some());
                 let encoding_proof = &self.encoding_proofs[layer - 1];
-                check!(encoding_proof.verify(replica_id));
+                check!(encoding_proof.verify(replica_id, encoded_node, decoded_node));
             } else {
                 check!(self.encoding_proofs.get(layer - 1).is_none());
             }
diff --git a/storage-proofs/src/stacked/proof.rs b/storage-proofs/src/stacked/proof.rs

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,12 @@ impl Column {`
`33`	`33`	`}`
`34`	`34`	`}`
`35`	`35`
	`36`	`+ pub fn get_node_at_layer(&self, layer: usize) -> &Option<Fr> {`
	`37`	`+ assert!(layer > 0, "layer must be greater than 0");`
	`38`	`+ let row_index = layer - 1;`
	`39`	`+ &self.rows[row_index]`
	`40`	`+ }`
	`41`	`+`
`36`	`42`	`pub fn hash<CS: ConstraintSystem<Bls12>>(`
`37`	`43`	`self,`
`38`	`44`	`mut cs: CS,`