Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mastic clean up #1187

Merged
merged 6 commits into from
Jan 16, 2025
Merged

Mastic clean up #1187

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
808ade2
mastic: Remove `verify_key` from tests that don't use it
cjpatton Jan 6, 2025
2c1ca00
mastic: De-duplicate agg share length computation
cjpatton Jan 6, 2025
e422a67
vidpf: Improve `VidpfPublicShare::encoded_len()`
cjpatton Jan 6, 2025
4edaa85
vidpf: Move `eval_prefix_tree_with_siblings()` to `impl<W: VidpfValue>`
cjpatton Jan 6, 2025
a378910
vdaf: Remove `domain_separation_tag()` from `Vdaf` trait
cjpatton Jan 6, 2025
871ef1c
vidpf: Rename `weight_parameter` to `weight_len`
cjpatton Jan 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 0 additions & 12 deletions src/vdaf.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,18 +197,6 @@ pub trait Vdaf: Clone + Debug {
/// The number of Aggregators. The Client generates as many input shares as there are
/// Aggregators.
fn num_aggregators(&self) -> usize;

/// Generate the domain separation tag for this VDAF. The output is used for domain separation
/// by the XOF.
fn domain_separation_tag(&self, usage: u16) -> [u8; 8] {
// Prefix is 8 bytes and defined by the spec. Copy these values in
let mut dst = [0; 8];
dst[0] = VERSION;
dst[1] = 0; // algorithm class
dst[2..6].clone_from_slice(self.algorithm_id().to_be_bytes().as_slice());
dst[6..8].clone_from_slice(usage.to_be_bytes().as_slice());
dst
}
}

/// The Client's role in the execution of a VDAF.
Expand Down
53 changes: 12 additions & 41 deletions src/vdaf/mastic.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,11 @@ where
bits,
})
}

fn agg_share_len(&self, agg_param: &MasticAggregationParam) -> usize {
// The aggregate share consists of the counter and truncated weight for each candidate prefix.
(1 + self.szk.typ.output_len()) * agg_param.level_and_prefixes.prefixes().len()
}
}

/// Mastic aggregation parameter.
Expand Down Expand Up @@ -158,7 +163,7 @@ where
mastic: &Mastic<T, P, SEED_SIZE>,
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
VidpfPublicShare::decode_with_param(&(mastic.bits, mastic.vidpf.weight_parameter), bytes)
VidpfPublicShare::decode_with_param(&(mastic.bits, mastic.vidpf.weight_len), bytes)
}
}

Expand Down Expand Up @@ -252,8 +257,7 @@ where
(mastic, agg_param): &(&Mastic<T, P, SEED_SIZE>, &MasticAggregationParam),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
let len = (1 + mastic.szk.typ.output_len()) * agg_param.level_and_prefixes.prefixes().len();
decode_fieldvec(len, bytes).map(AggregateShare)
decode_fieldvec(mastic.agg_share_len(agg_param), bytes).map(AggregateShare)
}
}

Expand All @@ -268,8 +272,7 @@ where
(mastic, agg_param): &(&Mastic<T, P, SEED_SIZE>, &MasticAggregationParam),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
let len = (1 + mastic.szk.typ.output_len()) * agg_param.level_and_prefixes.prefixes().len();
decode_fieldvec(len, bytes).map(OutputShare)
decode_fieldvec(mastic.agg_share_len(agg_param), bytes).map(OutputShare)
}
}

Expand Down Expand Up @@ -425,10 +428,10 @@ impl<'a, T: Type, P: Xof<SEED_SIZE>, const SEED_SIZE: usize>
for MasticPrepareState<T::Field, SEED_SIZE>
{
fn decode_with_param(
(mastic, agg_param): &(&Mastic<T, P, SEED_SIZE>, &MasticAggregationParam),
decoder @ (mastic, agg_param): &(&Mastic<T, P, SEED_SIZE>, &MasticAggregationParam),
bytes: &mut Cursor<&[u8]>,
) -> Result<Self, CodecError> {
let output_shares = MasticOutputShare::decode_with_param(&(*mastic, *agg_param), bytes)?;
let output_shares = MasticOutputShare::decode_with_param(decoder, bytes)?;
let szk_query_state = (mastic.szk.typ.joint_rand_len() > 0
&& agg_param.require_weight_check)
.then(|| Seed::decode(bytes))
Expand Down Expand Up @@ -774,14 +777,7 @@ where
output_shares: M,
) -> Result<MasticAggregateShare<T::Field>, VdafError> {
let mut agg_share =
MasticAggregateShare::<T::Field>::from(vec![
T::Field::zero();
(1 + self.szk.typ.output_len())
* agg_param
.level_and_prefixes
.prefixes()
.len()
]);
MasticAggregateShare::from(vec![T::Field::zero(); self.agg_share_len(agg_param)]);
for output_share in output_shares.into_iter() {
agg_share.accumulate(&output_share)?;
}
Expand All @@ -803,10 +799,7 @@ where
let num_prefixes = agg_param.level_and_prefixes.prefixes().len();

let AggregateShare(agg) = agg_shares.into_iter().try_fold(
AggregateShare(vec![
T::Field::zero();
num_prefixes * (1 + self.szk.typ.output_len())
]),
AggregateShare(vec![T::Field::zero(); self.agg_share_len(agg_param)]),
|mut agg, agg_share| {
agg.merge(&agg_share)?;
Result::<_, VdafError>::Ok(agg)
Expand Down Expand Up @@ -866,8 +859,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let inputs = [
Expand Down Expand Up @@ -947,8 +938,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand Down Expand Up @@ -1000,8 +989,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sum_typ, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand All @@ -1023,8 +1010,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let inputs = [
Expand Down Expand Up @@ -1102,8 +1087,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);
let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);

Expand All @@ -1122,8 +1105,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, count, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand All @@ -1144,8 +1125,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let inputs = [
Expand Down Expand Up @@ -1234,8 +1213,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand Down Expand Up @@ -1265,8 +1242,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand Down Expand Up @@ -1298,8 +1273,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand All @@ -1323,8 +1296,6 @@ mod tests {
let mastic = Mastic::<_, XofTurboShake128, 32>::new(algorithm_id, sumvec, 32).unwrap();

let mut nonce = [0u8; 16];
let mut verify_key = [0u8; 16];
thread_rng().fill(&mut verify_key[..]);
thread_rng().fill(&mut nonce[..]);

let first_input = VidpfInput::from_bytes(&[15u8, 0u8, 1u8, 4u8][..]);
Expand Down
14 changes: 13 additions & 1 deletion src/vdaf/poplar1.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ use crate::{
prng::Prng,
vdaf::{
xof::{Seed, Xof, XofTurboShake128},
Aggregatable, Aggregator, Client, Collector, PrepareTransition, Vdaf, VdafError,
Aggregatable, Aggregator, Client, Collector, PrepareTransition, Vdaf, VdafError, VERSION,
},
};
use rand_core::RngCore;
Expand Down Expand Up @@ -862,6 +862,18 @@ impl<P: Xof<SEED_SIZE>, const SEED_SIZE: usize> Vdaf for Poplar1<P, SEED_SIZE> {
}

impl<P: Xof<SEED_SIZE>, const SEED_SIZE: usize> Poplar1<P, SEED_SIZE> {
/// Generate the domain separation tag for this VDAF. The output is used for domain separation
/// by the XOF.
fn domain_separation_tag(&self, usage: u16) -> [u8; 8] {
// Prefix is 8 bytes and defined by the spec. Copy these values in
let mut dst = [0; 8];
dst[0] = VERSION;
dst[1] = 0; // algorithm class
dst[2..6].clone_from_slice(self.algorithm_id().to_be_bytes().as_slice());
dst[6..8].clone_from_slice(usage.to_be_bytes().as_slice());
dst
}

fn shard_with_random(
&self,
ctx: &[u8],
Expand Down
14 changes: 13 additions & 1 deletion src/vdaf/prio3.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ use crate::prng::Prng;
use crate::vdaf::xof::{IntoFieldVec, Seed, Xof};
use crate::vdaf::{
Aggregatable, AggregateShare, Aggregator, Client, Collector, OutputShare, PrepareTransition,
Share, ShareDecodingParameter, Vdaf, VdafError,
Share, ShareDecodingParameter, Vdaf, VdafError, VERSION,
};
#[cfg(feature = "experimental")]
use fixed::traits::Fixed;
Expand Down Expand Up @@ -548,6 +548,18 @@ where
.into_field_vec(self.typ.query_rand_len() * self.num_proofs())
}

/// Generate the domain separation tag for this VDAF. The output is used for domain separation
/// by the XOF.
fn domain_separation_tag(&self, usage: u16) -> [u8; 8] {
// Prefix is 8 bytes and defined by the spec. Copy these values in
let mut dst = [0; 8];
dst[0] = VERSION;
dst[1] = 0; // algorithm class
dst[2..6].clone_from_slice(self.algorithm_id().to_be_bytes().as_slice());
dst[6..8].clone_from_slice(usage.to_be_bytes().as_slice());
dst
}

fn random_size(&self) -> usize {
if self.typ.joint_rand_len() == 0 {
// One seed per helper (share, proof) pair, plus one seed for proving randomness
Expand Down
Loading
Loading