axiom-crypto · jonathanpwang · Aug 14, 2024 · Aug 14, 2024 · Aug 14, 2024 · Aug 14, 2024
diff --git a/halo2-base/Cargo.toml b/halo2-base/Cargo.toml
@@ -24,9 +24,12 @@ getset = "0.1.2"
 ark-std = { version = "0.3.0", features = ["print-trace"], optional = true }
 
 # Use Axiom's custom halo2 monorepo for faster proving when feature = "halo2-axiom" is on
-halo2_proofs_axiom = { version = "0.4", package = "halo2-axiom", optional = true }
+halo2_proofs_axiom = { version = "0.5.0-rc.1", package = "halo2-axiom", optional = true }
 # Use PSE halo2 and halo2curves for compatibility when feature = "halo2-pse" is on
-halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2.git", tag = "v0.3.0", features = ["circuit-params", "derive_serde"], optional = true }
+halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2.git", tag = "v0.3.0", features = [
+    "circuit-params",
+    "derive_serde",
+], optional = true }
 
 # This is Scroll's audited poseidon circuit. We only use it for the Native Poseidon spec. We do not use the halo2 circuit at all (and it wouldn't even work because the halo2_proofs tag is not compatbile).
 # We forked it to upgrade to ff v0.13 and removed the circuit module
@@ -49,7 +52,7 @@ env_logger = "0.10.0"
 proptest = "1.1.0"
 # native poseidon for testing
 pse-poseidon = { git = "https://github.com/axiom-crypto/pse-poseidon.git" }
-clap = "=4.4" # fix clap version to prevent requiring rustc 1.74
+clap = "=4.4"                                                               # fix clap version to prevent requiring rustc 1.74
 clap_builder = "=4.4"
 clap_lex = "=0.6.0"
 
@@ -62,7 +65,10 @@ mimalloc = { version = "0.1", default-features = false, optional = true }
 [features]
 default = ["halo2-axiom", "display", "test-utils"]
 asm = ["halo2_proofs_axiom?/asm"]
-dev-graph = ["halo2_proofs?/dev-graph", "plotters"] # only works with halo2-pse for now
+dev-graph = [
+    "halo2_proofs?/dev-graph",
+    "plotters",
+] # only works with halo2-pse for now
 halo2-pse = ["halo2_proofs/circuit-params"]
 halo2-axiom = ["halo2_proofs_axiom"]
 display = []

diff --git a/halo2-base/src/gates/flex_gate/mod.rs b/halo2-base/src/gates/flex_gate/mod.rs
@@ -33,6 +33,7 @@ pub(super) const MAX_PHASE: usize = 3;
 /// * `a = value[0], b = value[1], c = value[2], d = value[3]`
 /// * `q = q_enable[0]`
 /// * `q` is either 0 or 1 so this is just a simple selector
+///
 /// We chose `a + b * c` instead of `a * b + c` to allow "chaining" of gates, i.e., the output of one gate because `a` in the next gate.
 ///
 /// A configuration for a basic gate chip describing the selector, and advice column values.
@@ -137,7 +138,7 @@ impl<F: ScalarField> FlexGateConfig<F> {
         Self {
             basic_gates,
             constants,
-            /// Warning: this needs to be updated if you create more advice columns after this `FlexGateConfig` is created
+            // Warning: this needs to be updated if you create more advice columns after this `FlexGateConfig` is created
             max_rows: (1 << params.k) - meta.minimum_rows(),
         }
     }

diff --git a/halo2-base/src/poseidon/hasher/mod.rs b/halo2-base/src/poseidon/hasher/mod.rs
@@ -147,6 +147,7 @@ impl<F: ScalarField, const T: usize, const RATE: usize> PoseidonHasher<F, T, RAT
     /// Assumes `len` is within [usize] and `len <= inputs.len()`.
     /// * inputs: An right-padded array of [AssignedValue]. Constraints on paddings are not required.
     /// * len: Length of `inputs`.
+    ///
     /// Return hash of `inputs`.
     pub fn hash_var_len_array(
         &self,
@@ -211,6 +212,7 @@ impl<F: ScalarField, const T: usize, const RATE: usize> PoseidonHasher<F, T, RAT
     /// Constrains and returns hash of a witness array.
     ///
     /// * inputs: An array of [AssignedValue].
+    ///
     /// Return hash of `inputs`.
     pub fn hash_fix_len_array(
         &self,

diff --git a/halo2-base/src/poseidon/hasher/tests/mod.rs b/halo2-base/src/poseidon/hasher/tests/mod.rs
@@ -11,7 +11,7 @@ mod state;
 fn test_mds() {
     let spec = OptimizedPoseidonSpec::<Fr, 3, 2>::new::<8, 57, 0>();
 
-    let mds = vec![
+    let mds = [
         vec![
             "7511745149465107256748700652201246547602992235352608707588321460060273774987",
             "10370080108974718697676803824769673834027675643658433702224577712625900127200",

diff --git a/halo2-base/src/virtual_region/copy_constraints.rs b/halo2-base/src/virtual_region/copy_constraints.rs
@@ -145,7 +145,7 @@ impl<F: Field + Ord> VirtualRegionManager<F> for SharedCopyConstraintManager<F>
         let mut fixed_col = 0;
         let mut fixed_offset = 0;
         for (c, _) in manager.constant_equalities.iter() {
-            if manager.assigned_constants.get(c).is_none() {
+            if !manager.assigned_constants.contains_key(c) {
                 // this will panic if you run out of rows
                 let cell = raw_assign_fixed(region, config[fixed_col], fixed_offset, *c);
                 manager.assigned_constants.insert(*c, cell);

diff --git a/halo2-base/src/virtual_region/lookups.rs b/halo2-base/src/virtual_region/lookups.rs
@@ -25,9 +25,9 @@ pub mod basic;
 /// If we have a lookup argument that uses `ADVICE_COLS` advice columns and `TABLE_COLS` table columns, where
 /// the table is either fixed or dynamic (advice), then we want to dynamically allocate chunks of `ADVICE_COLS` columns
 /// that have the lookup into the table **always on** so that:
-/// - every time we want to lookup [_; ADVICE_COLS] values, we copy them over to a row in the special
+///     - every time we want to lookup [_; ADVICE_COLS] values, we copy them over to a row in the special
 /// lookup-enabled advice columns.
-/// - note that just for assignment, we don't need to know anything about the table itself.
+///     - note that just for assignment, we don't need to know anything about the table itself.
 /// Note: the manager does not need to know the value of `TABLE_COLS`.
 ///
 /// We want this manager to be CPU thread safe, while ensuring that the resulting circuit is

diff --git a/halo2-ecc/src/bn254/final_exp.rs b/halo2-ecc/src/bn254/final_exp.rs
@@ -123,6 +123,7 @@ impl<'chip, F: BigPrimeField> Fp12Chip<'chip, F> {
 
     /// Input:
     /// * `compression = [g2, g3, g4, g5]` where g_i are proper elements of Fp2
+    ///
     /// Output:
     /// * `Decompress(compression) = g0 + g2 w + g4 w^2 + g1 w^3 + g3 w^4 + g5 w^5` where
     /// * All elements of output are proper elements of Fp2 and:
@@ -132,7 +133,7 @@ impl<'chip, F: BigPrimeField> Fp12Chip<'chip, F> {
     ///         g0 = (2 g1^2 + g2 * g5 - 3 g3*g4) * c + 1
     ///     if g2 = 0:
     ///         g1 = (2 g4 * g5)/g3
-    ///         g0 = (2 g1^2 - 3 g3 * g4) * c + 1    
+    ///         g0 = (2 g1^2 - 3 g3 * g4) * c + 1
     pub fn cyclotomic_decompress(
         &self,
         ctx: &mut Context<F>,

diff --git a/halo2-ecc/src/ecc/mod.rs b/halo2-ecc/src/ecc/mod.rs
@@ -250,14 +250,14 @@ pub fn ec_sub_unequal<F: BigPrimeField, FC: FieldChip<F>>(
 ///
 /// Assumptions
 /// # Neither P or Q is the point at infinity
-pub fn ec_sub_strict<F: BigPrimeField, FC: FieldChip<F>>(
+pub fn ec_sub_strict<F: BigPrimeField, FC>(
     chip: &FC,
     ctx: &mut Context<F>,
     P: impl Into<EcPoint<F, FC::FieldPoint>>,
     Q: impl Into<EcPoint<F, FC::FieldPoint>>,
 ) -> EcPoint<F, FC::FieldPoint>
 where
-    FC: Selectable<F, FC::FieldPoint>,
+    FC: FieldChip<F> + Selectable<F, FC::FieldPoint>,
 {
     let mut P = P.into();
     let Q = Q.into();

diff --git a/halo2-ecc/src/secp256k1/tests/ecdsa_tests.rs b/halo2-ecc/src/secp256k1/tests/ecdsa_tests.rs
@@ -28,14 +28,18 @@ fn custom_parameters_ecdsa(sk: u64, msg_hash: u64, k: u64) -> ECDSAInput {
 }
 
 #[test]
-#[should_panic(expected = "assertion failed: `(left == right)`")]
+#[should_panic(
+    expected = "assertion `left == right` failed\n  left: 0x0000000000000000000000000000000000000000000000000000000000000000\n right: 0x0000000000000000000000000000000000000000000000000000000000000001"
+)]
 fn test_ecdsa_msg_hash_zero() {
     let input = custom_parameters_ecdsa(random::<u64>(), 0, random::<u64>());
     run_test(input);
 }
 
 #[test]
-#[should_panic(expected = "assertion failed: `(left == right)`")]
+#[should_panic(
+    expected = "assertion `left == right` failed\n  left: 0x0000000000000000000000000000000000000000000000000000000000000000\n right: 0x0000000000000000000000000000000000000000000000000000000000000001"
+)]
 fn test_ecdsa_private_key_zero() {
     let input = custom_parameters_ecdsa(0, random::<u64>(), random::<u64>());
     run_test(input);

diff --git a/hashes/zkevm/src/keccak/component/circuit/tests/shard.rs b/hashes/zkevm/src/keccak/component/circuit/tests/shard.rs
@@ -175,7 +175,7 @@ fn test_prove_shard_circuit_commit() {
     circuit.set_base_circuit_break_points(break_points);
 
     let circuit_outputs = multi_inputs_to_circuit_outputs::<Fr>(&inputs, circuit_params.capacity());
-    let instances = vec![vec![calculate_circuit_outputs_commit(&circuit_outputs)]];
+    let instances = [vec![calculate_circuit_outputs_commit(&circuit_outputs)]];
 
     let proof = gen_proof_with_instances(
         &params,

diff --git a/hashes/zkevm/src/keccak/vanilla/keccak_packed_multi.rs b/hashes/zkevm/src/keccak/vanilla/keccak_packed_multi.rs
@@ -49,6 +49,7 @@ pub(crate) struct AbsorbData<F: PrimeField> {
     pub(crate) result: F,
 }
 
+#[allow(dead_code)]
 /// SqueezeData
 #[derive(Clone, Default, Debug, PartialEq)]
 pub(crate) struct SqueezeData<F: PrimeField> {

diff --git a/hashes/zkevm/src/keccak/vanilla/tests.rs b/hashes/zkevm/src/keccak/vanilla/tests.rs
@@ -36,7 +36,7 @@ pub struct KeccakCircuit<F: Field> {
     _marker: PhantomData<F>,
 }
 
-#[cfg(any(feature = "test", test))]
+#[cfg(test)]
 impl<F: Field> Circuit<F> for KeccakCircuit<F> {
     type Config = KeccakCircuitConfig<F>;
     type FloorPlanner = SimpleFloorPlanner;

diff --git a/hashes/zkevm/src/sha256/vanilla/columns.rs b/hashes/zkevm/src/sha256/vanilla/columns.rs
@@ -16,6 +16,7 @@ pub struct ShaTable {
     /// a SHA256 input block ([SHA256_NUM_ROWS] = 72 rows): If offset is in
     /// Encoded input:
     /// - [NUM_START_ROWS]..[NUM_START_ROWS] + [NUM_WORDS_TO_ABSORB]: Raw SHA256 word([NUM_BYTES_PER_WORD] bytes) of inputs
+    ///
     /// SHA256 hash of input in hi-lo format:
     /// - [SHA256_NUM_ROWS] - 2: output.hi()
     /// - [SHA256_NUM_ROWS] - 1: output.lo()

diff --git a/hashes/zkevm/src/sha256/vanilla/witness.rs b/hashes/zkevm/src/sha256/vanilla/witness.rs
@@ -43,6 +43,7 @@ struct AssignedShaTableRow<'v, F: Field> {
     /// This cell contains different IO data depending on the `offset` of the row within
     /// a SHA256 input block ([SHA256_NUM_ROWS] = 72 rows):
     /// - When `q_input` is true (offset in [NUM_START_ROWS]..[NUM_START_ROWS] + [NUM_WORDS_TO_ABSORB]): Raw SHA256 word([NUM_BYTES_PER_WORD] bytes) of inputs. u32 input word, little-endian.
+    ///
     /// SHA256 hash of input in hi-lo format:
     /// - When offset is [SHA256_NUM_ROWS] - 2: output.hi()
     /// - When `q_squeeze` (offset equals [SHA256_NUM_ROWS] - 1): output.lo()

diff --git a/rust-toolchain b/rust-toolchain
@@ -1 +1 @@
-nightly-2023-08-12
+nightly-2024-07-25