pass tests

halo2_backend/src/plonk/prover.rs

@@ -59,7 +59,7 @@ impl<
     > ProverV2Single<'a, 'params, Scheme, P, E, R, T>
 {
     /// Create a new prover object
-    pub fn new(
+    pub fn new_with_engine(
         engine: &impl MsmAccel<Scheme::Curve>,
         params: &'params Scheme::ParamsProver,
         pk: &'a ProvingKey<Scheme::Curve>,
@@ -72,7 +72,7 @@ impl<
     where
         Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
     {
-        Ok(Self(ProverV2::new(
+        Ok(Self(ProverV2::new_with_engine(
             engine,
             params,
             pk,
@@ -82,6 +82,21 @@ impl<
         )?))
     }
 
+    pub fn new(
+        params: &'params Scheme::ParamsProver,
+        pk: &'a ProvingKey<Scheme::Curve>,
+        // TODO: If this was a vector the usage would be simpler
+        // https://github.com/privacy-scaling-explorations/halo2/issues/265
+        instance: &[&[Scheme::Scalar]],
+        rng: R,
+        transcript: &'a mut T,
+    ) -> Result<Self, Error>
+    where
+        Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
+    {
+        Self::new_with_engine(&H2cEngine::new(), params, pk, instance, rng, transcript)
+    }
+
     /// Commit the `witness` at `phase` and return the challenges after `phase`.
     pub fn commit_phase(
         &mut self,
@@ -105,13 +120,15 @@ impl<
 
     /// Finalizes the proof creation.
     /// TODO: change to "ZalEngine" which will contain MsmAccel and FftAccel trait accelerators
-    pub fn create_proof_with_engine(self, engine: &impl MsmAccel<Scheme::Curve>) -> Result<(), Error>
+    pub fn create_proof_with_engine(
+        self,
+        engine: &impl MsmAccel<Scheme::Curve>,
+    ) -> Result<(), Error>
     where
         Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
     {
         self.0.create_proof_with_engine(engine)
     }
-
 }
 
 /// The prover object used to create proofs interactively by passing the witnesses to commit at
@@ -152,7 +169,7 @@ impl<
     > ProverV2<'a, 'params, Scheme, P, E, R, T>
 {
     /// Create a new prover object
-    pub fn new(
+    pub fn new_with_engine(
         engine: &impl MsmAccel<Scheme::Curve>,
         params: &'params Scheme::ParamsProver,
         pk: &'a ProvingKey<Scheme::Curve>,
@@ -431,7 +448,10 @@ impl<
     }
 
     /// Finalizes the proof creation.
-    pub fn create_proof_with_engine(mut self, engine: &impl MsmAccel<Scheme::Curve>) -> Result<(), Error>
+    pub fn create_proof_with_engine(
+        mut self,
+        engine: &impl MsmAccel<Scheme::Curve>,
+    ) -> Result<(), Error>
     where
         Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
     {
@@ -523,7 +543,15 @@ impl<
                 lookups
                     .into_iter()
                     .map(|lookup| {
-                        lookup.commit_product(engine, pk, params, beta, gamma, &mut rng, self.transcript)
+                        lookup.commit_product(
+                            engine,
+                            pk,
+                            params,
+                            beta,
+                            gamma,
+                            &mut rng,
+                            self.transcript,
+                        )
                     })
                     .collect::<Result<Vec<_>, _>>()
             })
@@ -558,7 +586,8 @@ impl<
             .collect::<Result<Vec<_>, _>>()?;
 
         // Commit to the vanishing argument's random polynomial for blinding h(x_3)
-        let vanishing = vanishing::Argument::commit(engine, params, domain, &mut rng, self.transcript)?;
+        let vanishing =
+            vanishing::Argument::commit(engine, params, domain, &mut rng, self.transcript)?;
 
         // Obtain challenge for keeping all separate gates linearly independent
         let y: ChallengeY<_> = self.transcript.squeeze_challenge_scalar();
@@ -604,7 +633,8 @@ impl<
         );
 
         // Construct the vanishing argument's h(X) commitments
-        let vanishing = vanishing.construct(engine, params, domain, h_poly, &mut rng, self.transcript)?;
+        let vanishing =
+            vanishing.construct(engine, params, domain, h_poly, &mut rng, self.transcript)?;
 
         let x: ChallengeX<_> = self.transcript.squeeze_challenge_scalar();
         let xn = x.pow([params.n()]);
@@ -744,18 +774,33 @@ impl<
 
         let prover = P::new(params);
         prover
-            .create_proof(engine, rng, self.transcript, instances)
+            .create_proof_with_engine(engine, rng, self.transcript, instances)
             .map_err(|_| Error::ConstraintSystemFailure)?;
 
         Ok(())
     }
 
+    /// Create a new prover object
+    pub fn new(
+        params: &'params Scheme::ParamsProver,
+        pk: &'a ProvingKey<Scheme::Curve>,
+        // TODO: If this was a vector the usage would be simpler.
+        // https://github.com/privacy-scaling-explorations/halo2/issues/265
+        instances: &[&[&[Scheme::Scalar]]],
+        rng: R,
+        transcript: &'a mut T,
+    ) -> Result<Self, Error>
+    where
+        Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
+    {
+        Self::new_with_engine(&H2cEngine::new(), params, pk, instances, rng, transcript)
+    }
+
     /// Finalizes the proof creation.
-    pub fn create_proof(mut self) -> Result<(), Error>
+    pub fn create_proof(self) -> Result<(), Error>
     where
         Scheme::Scalar: WithSmallOrderMulGroup<3> + FromUniformBytes<64>,
     {
         self.create_proof_with_engine(&H2cEngine::new())
     }
-
 }

halo2_backend/src/plonk/shuffle/prover.rs

@@ -190,7 +190,9 @@ where
     }
 
     let product_blind = Blind(C::Scalar::random(rng));
-    let product_commitment = params.commit_lagrange(engine, &z, product_blind).to_affine();
+    let product_commitment = params
+        .commit_lagrange(engine, &z, product_blind)
+        .to_affine();
     let z = pk.vk.domain.lagrange_to_coeff(z);
 
     // Hash product commitment

halo2_backend/src/poly/commitment.rs

@@ -6,7 +6,10 @@ use super::{
 use crate::poly::Error;
 use crate::transcript::{EncodedChallenge, TranscriptRead, TranscriptWrite};
 use halo2_middleware::ff::Field;
-use halo2curves::{zal::MsmAccel, CurveAffine};
+use halo2curves::{
+    zal::{H2cEngine, MsmAccel},
+    CurveAffine,
+};
 use rand_core::RngCore;
 use std::{
     fmt::Debug,
@@ -137,7 +140,7 @@ pub trait Prover<'params, Scheme: CommitmentScheme> {
     fn new(params: &'params Scheme::ParamsProver) -> Self;
 
     /// Create a multi-opening proof
-    fn create_proof<
+    fn create_proof_with_engine<
         'com,
         E: EncodedChallenge<Scheme::Curve>,
         T: TranscriptWrite<Scheme::Curve, E>,
@@ -153,6 +156,26 @@ pub trait Prover<'params, Scheme: CommitmentScheme> {
     where
         I: IntoIterator<Item = ProverQuery<'com, Scheme::Curve>> + Clone,
         R: RngCore;
+
+    /// Create a multi-opening proof
+    fn create_proof<
+        'com,
+        E: EncodedChallenge<Scheme::Curve>,
+        T: TranscriptWrite<Scheme::Curve, E>,
+        R,
+        I,
+    >(
+        &self,
+        rng: R,
+        transcript: &mut T,
+        queries: I,
+    ) -> io::Result<()>
+    where
+        I: IntoIterator<Item = ProverQuery<'com, Scheme::Curve>> + Clone,
+        R: RngCore,
+    {
+        self.create_proof_with_engine(&H2cEngine::new(), rng, transcript, queries)
+    }
 }
 
 /// Common multi-open verifier interface for various commitment schemes

halo2_backend/src/poly/ipa/commitment.rs

@@ -16,7 +16,7 @@ use std::marker::PhantomData;
 mod prover;
 mod verifier;
 
-pub use prover::create_proof;
+pub use prover::create_proof_with_engine;
 pub use verifier::verify_proof;
 
 use std::io;
@@ -238,7 +238,7 @@ impl<'params, C: CurveAffine> ParamsProver<'params, C> for ParamsIPA<C> {
 mod test {
     use crate::poly::commitment::ParamsProver;
     use crate::poly::commitment::{Blind, Params, MSM};
-    use crate::poly::ipa::commitment::{create_proof, verify_proof, ParamsIPA};
+    use crate::poly::ipa::commitment::{create_proof_with_engine, verify_proof, ParamsIPA};
     use crate::poly::ipa::msm::MSMIPA;
 
     use group::Curve;
@@ -350,7 +350,8 @@ mod test {
         transcript.write_scalar(v).unwrap();
 
         let (proof, ch_prover) = {
-            create_proof(&engine, &params, rng, &mut transcript, &px, blind, *x).unwrap();
+            create_proof_with_engine(&engine, &params, rng, &mut transcript, &px, blind, *x)
+                .unwrap();
             let ch_prover = transcript.squeeze_challenge();
             (transcript.finalize(), ch_prover)
         };

halo2_backend/src/poly/ipa/commitment/prover.rs

@@ -3,9 +3,7 @@ use halo2curves::zal::MsmAccel;
 use rand_core::RngCore;
 
 use super::ParamsIPA;
-use crate::arithmetic::{
-    compute_inner_product, eval_polynomial, parallelize, CurveAffine,
-};
+use crate::arithmetic::{compute_inner_product, eval_polynomial, parallelize, CurveAffine};
 
 use crate::poly::commitment::ParamsProver;
 use crate::poly::{commitment::Blind, Coeff, Polynomial};
@@ -27,7 +25,7 @@ use std::io::{self};
 /// opening v, and the point x. It's probably also nice for the transcript
 /// to have seen the elliptic curve description and the URS, if you want to
 /// be rigorous.
-pub fn create_proof<
+pub fn create_proof_with_engine<
     C: CurveAffine,
     E: EncodedChallenge<C>,
     R: RngCore,

halo2_backend/src/poly/ipa/multiopen/prover.rs

@@ -28,7 +28,7 @@ impl<'params, C: CurveAffine> Prover<'params, IPACommitmentScheme<C>> for Prover
     }
 
     /// Create a multi-opening proof
-    fn create_proof<'com, Z: EncodedChallenge<C>, T: TranscriptWrite<C, Z>, R, I>(
+    fn create_proof_with_engine<'com, Z: EncodedChallenge<C>, T: TranscriptWrite<C, Z>, R, I>(
         &self,
         engine: &impl MsmAccel<C>,
         mut rng: R,
@@ -122,7 +122,7 @@ impl<'params, C: CurveAffine> Prover<'params, IPACommitmentScheme<C>> for Prover
             },
         );
 
-        commitment::create_proof(
+        commitment::create_proof_with_engine(
             engine,
             self.params,
             rng,

halo2_backend/src/poly/kzg/commitment.rs

@@ -302,7 +302,12 @@ where
         MSMKZG::new()
     }
 
-    fn commit_lagrange(&self, engine: &impl MsmAccel<E::G1Affine>, poly: &Polynomial<E::Fr, LagrangeCoeff>, _: Blind<E::Fr>) -> E::G1 {
+    fn commit_lagrange(
+        &self,
+        engine: &impl MsmAccel<E::G1Affine>,
+        poly: &Polynomial<E::Fr, LagrangeCoeff>,
+        _: Blind<E::Fr>,
+    ) -> E::G1 {
         let mut scalars = Vec::with_capacity(poly.len());
         scalars.extend(poly.iter());
         let bases = &self.g_lagrange;
@@ -346,7 +351,12 @@ where
         Self::setup(k, OsRng)
     }
 
-    fn commit(&self, engine: &impl MsmAccel<E::G1Affine>, poly: &Polynomial<E::Fr, Coeff>, _: Blind<E::Fr>) -> E::G1 {
+    fn commit(
+        &self,
+        engine: &impl MsmAccel<E::G1Affine>,
+        poly: &Polynomial<E::Fr, Coeff>,
+        _: Blind<E::Fr>,
+    ) -> E::G1 {
         let mut scalars = Vec::with_capacity(poly.len());
         scalars.extend(poly.iter());
         let bases = &self.g;

halo2_backend/src/poly/kzg/msm.rs

@@ -1,15 +1,12 @@
 use std::fmt::Debug;
 
 use super::commitment::ParamsKZG;
-use crate::{
-    arithmetic::parallelize,
-    poly::commitment::MSM,
-};
+use crate::{arithmetic::parallelize, poly::commitment::MSM};
 use group::{Curve, Group};
 use halo2curves::{
     pairing::{Engine, MillerLoopResult, MultiMillerLoop},
-    CurveAffine, CurveExt,
     zal::MsmAccel,
+    CurveAffine, CurveExt,
 };
 
 /// A multiscalar multiplication in the polynomial commitment scheme

halo2_backend/src/poly/kzg/multiopen/gwc/prover.rs

@@ -9,8 +9,8 @@ use crate::poly::{commitment::Blind, Polynomial};
 use crate::transcript::{EncodedChallenge, TranscriptWrite};
 
 use group::Curve;
-use halo2curves::{pairing::Engine, zal::MsmAccel};
 use halo2curves::CurveExt;
+use halo2curves::{pairing::Engine, zal::MsmAccel};
 use rand_core::RngCore;
 use std::fmt::Debug;
 use std::io;
@@ -36,7 +36,7 @@ where
     }
 
     /// Create a multi-opening proof
-    fn create_proof<
+    fn create_proof_with_engine<
         'com,
         Ch: EncodedChallenge<E::G1Affine>,
         T: TranscriptWrite<E::G1Affine, Ch>,

halo2_backend/src/poly/kzg/multiopen/shplonk/prover.rs

@@ -16,8 +16,8 @@ use crate::multicore::{IntoParallelIterator, ParallelIterator};
 use group::Curve;
 use halo2_middleware::ff::Field;
 use halo2curves::pairing::Engine;
-use halo2curves::CurveExt;
 use halo2curves::zal::MsmAccel;
+use halo2curves::CurveExt;
 use rand_core::RngCore;
 use std::fmt::Debug;
 use std::io;
@@ -118,7 +118,7 @@ where
     }
 
     /// Create a multi-opening proof
-    fn create_proof<
+    fn create_proof_with_engine<
         'com,
         Ch: EncodedChallenge<E::G1Affine>,
         T: TranscriptWrite<E::G1Affine, Ch>,

halo2_backend/src/poly/multiopen_test.rs

@@ -297,7 +297,7 @@ mod test {
 
         let prover = P::new(params);
         prover
-            .create_proof(engine, &mut OsRng, &mut transcript, queries)
+            .create_proof(&mut OsRng, &mut transcript, queries)
             .unwrap();
 
         transcript.finalize()

halo2_proofs/examples/serialization.rs

@@ -24,7 +24,6 @@ use halo2_proofs::{
     SerdeFormat,
 };
 use halo2curves::bn256::{Bn256, Fr, G1Affine};
-use halo2curves::zal::H2cEngine;
 use rand_core::OsRng;
 
 #[derive(Clone, Copy)]
@@ -130,7 +129,6 @@ impl Circuit<Fr> for StandardPlonk {
 }
 
 fn main() {
-    let engine = H2cEngine::new();
     let k = 4;
     let circuit = StandardPlonk(Fr::random(OsRng));
     let params = ParamsKZG::<Bn256>::setup(k, OsRng);
@@ -165,7 +163,6 @@ fn main() {
         Blake2bWrite<Vec<u8>, G1Affine, Challenge255<_>>,
         _,
     >(
-        &engine,
         &params,
         &pk,
         &[circuit],