Merge remote-tracking branch 'upstream/master' into vec-allocator

* upstream/master: (29 commits)
  Fix some clippy lints (arkworks-rs#570)
  Correct tag name & complete command suggestion (arkworks-rs#569)
  Open a "release-PR" against a `releases` branch (arkworks-rs#566)
  Allow to overwrite default impl of `msm` in TwistedEdwards form (arkworks-rs#567)
  Remove poly-benches. (arkworks-rs#558)
  DO NOT MERGE YET. Release 0.4 (arkworks-rs#512)
  otherwise downstream users that have not migrated will not see warning (arkworks-rs#563)
  use `into_bigint()` in `Debug` for `Fp<P, N>` (arkworks-rs#562)
  Add `frobenius_map_in_place` (arkworks-rs#557)
  Fix test_sw_properties for some cofactor groups (arkworks-rs#555)
  Move h2c tests to test-templates (arkworks-rs#554)
  impl `CanonicalSerialize/Deserialize` for `BigUint` (arkworks-rs#551)
  Fix MontFp issue in fields with 64 * k bits (arkworks-rs#550)
  Fix tests for Modulus plus one div four (arkworks-rs#552)
  fix (arkworks-rs#547)
  Rename all `*Parameters` to `*Config` (arkworks-rs#545)
  Fix doc-comment on `SWUMap` and CamelCase `(CO)DOMAIN`
  Small cleanups in hash-to-curve (arkworks-rs#544)
  Allow to overwrite the default implementation of `msm` (arkworks-rs#528)
  Move `multi_miller_loop` and `final_exponentiation` into `BW6Config` (arkworks-rs#542)
  ...

Author: andrewmilson

.github/release-pr-template.ejs

@@ -0,0 +1,13 @@
+This is a release PR for version **<%= version.actual %>**<%
+    if (version.actual != version.desired) {
+%> (performing a <%= version.desired %> bump).<%
+    } else {
+%>.<%
+    }
+%>
+
+You will still need to manually publish the cargo crate:
+
+```
+$ make VERSION=<%= version.actual %> release
+```

.github/workflows/ci.yml

@@ -110,13 +110,14 @@ jobs:
 
       - name: Test assembly on nightly
         env:
-          RUSTFLAGS: -C target-cpu=native
+          RUSTFLAGS: -C target-cpu=native -Z macro-backtrace
         uses: actions-rs/cargo@v1
         with:
             command: test
             args: "--workspace \
                    --package ark-test-curves \
-                   --all-features"
+                   --all-features
+                   "
         if: matrix.rust == 'nightly'
 
   test_assembly:

.github/workflows/release_pr.yml

@@ -0,0 +1,35 @@
+name: Open a release PR
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: Version to release
+        required: true
+        type: choice
+        # Currently only alpha and patch releases are supported by this workflow, due to https://github.com/rust-lang/cargo/issues/4242
+        options: 
+          - alpha
+          - patch
+      base_branch:
+        description: Branch to target
+        required: true
+        type: string
+        default: 'releases'
+
+jobs:
+  make-release-pr:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install cargo-release
+        uses: taiki-e/install-action@v1
+        with:
+          tool: cargo-release
+
+      - uses: actions/checkout@v3
+      - uses: cargo-bins/release-pr@v2
+        with:
+          pr-template-file: .github/release-pr-template.ejs
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          version: ${{ inputs.version }}
+          crate-release-all: true
+          base-branch: ${{ inputs.base_branch }} 

CHANGELOG.md

@@ -4,6 +4,16 @@
 
 ### Breaking changes
 
+### Features
+
+### Improvements
+
+### Bugfixes
+
+## v0.4.0
+
+### Breaking changes
+
 - [\#300](https://github.com/arkworks-rs/algebra/pull/300) (`ark-ec`) Change the implementation of `Hash` trait of `GroupProjective` to use the affine coordinates.
 - [\#302](https://github.com/arkworks-rs/algebra/pull/302) (`ark-ff`) Rename `find_wnaf` to `find_naf`.
 - [\#310](https://github.com/arkworks-rs/algebra/pull/310) (`ark-ec`, `ark-ff`) Remove unnecessary internal `PhantomData`.
@@ -31,7 +41,7 @@
 - [\#386](https://github.com/arkworks-rs/algebra/pull/386) (`ark-ff`) Remove `PrimeField::GENERATOR`, since it already exists on `FftField`.
 - [\#393](https://github.com/arkworks-rs/algebra/pull/393) (`ark-ec`, `ark-ff`) Rename `FpXParams` to `FpXConfig` and `FpXParamsWrapper` to `FpXConfigWrapper`.
 - [\#396](https://github.com/arkworks-rs/algebra/pull/396) (`ark-ec`) Remove `mul_bits` feature, and remove default implementations of `mul` and `mul_by_cofactor_to_projective`.
-- [\#408](https://github.com/arkworks-rs/algebra/pull/408) (`ark-ff`) Change the output of `Display` formatting for BigInt & Fp from hex to decimal.
+- [\#408](https://github.com/arkworks-rs/algebra/pull/408) (`ark-ff`) Change the output of `Display` formatting for `BigInt` and `Fp` from hex to decimal.
 - [\#412](https://github.com/arkworks-rs/algebra/pull/412) (`ark-poly`) Rename UV/MVPolynomial to DenseUV/MVPolynomial.
 - [\#417](https://github.com/arkworks-rs/algebra/pull/417) (`ark-ff`) Remove `ToBytes` and `FromBytes`.
 - [\#418](https://github.com/arkworks-rs/algebra/pull/418) (`ark-ff`) Add `sums_of_products` to `Field` and `Fp`
@@ -90,7 +100,7 @@
             - `miller_loop` → `multi_miller_loop`
             - `pairing` → `multi_pairing`
         - Change method signatures:
-            - `product_of_pairings` -> `multi_pairing`
+            - `product_of_pairings` → `multi_pairing`
                 - take two references to element iterators instead of an iterator of tuples.
             - `miller_loop` and `multi_miller_loop` now
                 - take two iterators over `impl Into<G1Prepared>` and `impl Into<G2Prepared>` as input, and
@@ -136,6 +146,20 @@
     - Splits the contents of `ff/src/fields/mod.rs` into smaller files for easier management.
     - Moves `BitIterator` out of `ark_ff::fields` and into `ark_ff` directly.
     - Adds `impl<'a, 'b> Add/Sub/Mul/Div<&'a F> for &'b F`
+- [\#517](https://github.com/arkworks-rs/algebra/pull/517) (`ark-ec`) Move the definition of the isogeny map of WB hash-to-curve to a separate struct
+- [\#519](https://github.com/arkworks-rs/algebra/pull/519) (`ark-ec`) Refactor variable-base MSM to be checked by default, returning a `Result` if the lengths of the bases and scalars do not match.
+- [\#545](https://github.com/arkworks-rs/algebra/pull/545) (`ark-ec`, `ark-ff`) Rename all `*Parameters` or `*Params` to `*Config`, including:
+    - `SWUParams` → `SWUConfig`
+    - `WBParams` → `WBConfig`
+    - `Bls12Parameters` → `Bls12Config`
+    - `G1Parameters` → `G1Config`
+    - `G2Parameters` → `G2Config`
+    - `BnParameters` → `BnConfig`
+    - `BW6Parameters` → `BW6Config`
+    - `MNT4Parameters` → `MNT4Config`
+    - `MNT6Parameters` → `MNT6Config`
+    - `GLVParameters` → `GLVConfig`
+- [\#557](https://github.com/arkworks-rs/algebra/pull/557) (`ark-ff`) Change `frobenius_map` to return the result, instead of mutating the input. Add `frobenius_map_in_place` for the old behavior.
 
 ### Features
 
@@ -160,6 +184,8 @@
     - Add constructor `new_coset`.
     - Add convenience method `get_coset`.
     - Add methods `coset_offset`, `coset_offset_inv` and `coset_offset_pow_size`.
+- [\#539](https://github.com/arkworks-rs/algebra/pull/539) (`ark-ec`) Implement wNAF-based MSM, resulting in 5-10% speedups.
+- [\#528](https://github.com/arkworks-rs/algebra/pull/528) (`ark-ec`) Allow to overwrite the default implementation of the `msm` function provided by the `VariableBaseMSM` trait by a specialized version in `SWCurveConfig`.
 
 ### Improvements
 
@@ -169,6 +195,8 @@
 - [\#352](https://github.com/arkworks-rs/algebra/pull/352) (`ark-ff`) Update `QuadExtField::sqrt` for better performance.
 - [\#357](https://github.com/arkworks-rs/algebra/pull/357) (`ark-poly`) Speedup division by vanishing polynomials for dense polynomials.
 - [\#445](https://github.com/arkworks-rs/algebra/pull/445) (`ark-ec`) Use 2-NAF for ate pairing in MNT4/6 curves.
+- [\#509](https://github.com/arkworks-rs/algebra/pull/509) (`ark-ff`, `ark-ff-macros`) Support prime fields with (64 * k)-bit modulus.
+- [\#567](https://github.com/arkworks-rs/algebra/pull/567) (`ark-ec`) Allow to overwrite the default implementation of the `msm` function for TwistedEdwards form provided by the `VariableBaseMSM` trait by a specialized version in `TECurveConfig`.
 
 ### Bugfixes
 
@@ -178,6 +206,8 @@
 - [\#394](https://github.com/arkworks-rs/algebra/pull/394) (`ark-ff`, `ark-serialize`) Remove `EmptyFlags` construction checks.
 - [\#442](https://github.com/arkworks-rs/algebra/pull/442) (`ark-ff`) Fix deserialization for modulo with 64 shaving bits.
 - [\#460](https://github.com/arkworks-rs/algebra/pull/460) (`ark-ec`) Fix a corner case for ate pairing in BLS12 and BW6 models.
+- [\#521](https://github.com/arkworks-rs/algebra/pull/521) (`ark-poly`) Change `DensePolynomial::evaluate_over_domain` to not truncate terms higher than the size of the domain.
+- [\#526](https://github.com/arkworks-rs/algebra/pull/526) (`ark-ff`) Fix squaring for `Fp128`.
 
 ## v0.3.0
 

Cargo.toml

@@ -12,7 +12,6 @@ members = [
     "bench-templates",
 
     "poly",
-    "poly-benches",
     "test-curves",
     "test-templates",
 ]
@@ -42,6 +41,5 @@ incremental = true
 debug-assertions = true
 debug = true
 
-# To be removed in the new release.
-[patch.crates-io]
-ark-std = { git = "https://github.com/arkworks-rs/std"}
+[workspace.metadata.release]
+dependent-version = "fix"

bench-templates/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ark-algebra-bench-templates"
-version = "0.3.0"
+version = "0.4.0-alpha.6"
 authors = [ "arkworks contributors" ]
 description = "A benchmark library for finite fields and elliptic curves"
 homepage = "https://arkworks.rs"
@@ -16,10 +16,10 @@ edition = "2021"
 
 [dependencies]
 criterion = { version = "0.4.0", features = [ "html_reports" ] }
-ark-std = { version = "^0.3.0", default-features = false }
-ark-ec = { version = "^0.3.0", path = "../ec", default-features = false }
-ark-ff = { version = "^0.3.0", path = "../ff", default-features = false }
-ark-serialize = { version = "^0.3.0", path = "../serialize", default-features = false }
+ark-std = { version = "0.4.0-alpha", default-features = false }
+ark-ec = { version = "0.4.0-alpha", path = "../ec", default-features = false }
+ark-ff = { version = "0.4.0-alpha", path = "../ff", default-features = false }
+ark-serialize = { version = "0.4.0-alpha", path = "../serialize", default-features = false }
 paste = { version = "1.0" }
 
 [features]

ec/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ark-ec"
-version = "0.3.0"
+version = "0.4.0-alpha.6"
 authors = [ "arkworks contributors" ]
 description = "A library for elliptic curves and pairings"
 homepage = "https://arkworks.rs"
@@ -14,10 +14,10 @@ edition = "2021"
 rust-version = "1.57"
 
 [dependencies]
-ark-std = { version = "^0.3.0", default-features = false }
-ark-serialize = { version = "^0.3.0", path = "../serialize", default-features = false }
-ark-ff = { version = "^0.3.0", path = "../ff", default-features = false }
-ark-poly = { version = "^0.3.0", path = "../poly", default-features = false }
+ark-std = { version = "0.4.0-alpha", default-features = false }
+ark-serialize = { version = "0.4.0-alpha", path = "../serialize", default-features = false }
+ark-ff = { version = "0.4.0-alpha", path = "../ff", default-features = false }
+ark-poly = { version = "0.4.0-alpha", path = "../poly", default-features = false }
 derivative = { version = "2", features = ["use_core"] }
 num-traits = { version = "0.2", default-features = false }
 rayon = { version = "1", optional = true }
@@ -26,7 +26,7 @@ hashbrown = "0.13.1"
 itertools = { version = "0.10", default-features = false }
 
 [dev-dependencies]
-ark-test-curves = { version = "^0.3.0", path = "../test-curves", default-features = false, features = ["bls12_381_curve"] }
+ark-test-curves = { version = "0.4.0-alpha", path = "../test-curves", default-features = false, features = ["bls12_381_curve"] }
 sha2 = { version = "0.10", default-features = false }
 libtest-mimic = "0.6.0"
 serde = "1.0.110"

ec/README.md

@@ -74,8 +74,8 @@ let s2 = ScalarField::rand(&mut rng);
 //
 // The `VariableBaseMSM` trait allows specializing the input group element representation to allow 
 // for more efficient implementations.
-let result = G::msm(&[a, b], &[s1, s2]);
-assert_eq!(result, a * s1 + b * s2);
+let r = G::msm(&[a, b], &[s1, s2]).unwrap();
+assert_eq!(r, a * s1 + b * s2);
 ```
 
 ### Elliptic curve groups

ec/src/hashing/curve_maps/swu/mod.rs

@@ -13,7 +13,7 @@ use crate::{
 /// y^2 = x^3 + a*x + b where ab != 0. From [\[WB2019\]]
 ///
 /// - [\[WB2019\]] <https://eprint.iacr.org/2019/403>
-pub trait SWUParams: SWCurveConfig {
+pub trait SWUConfig: SWCurveConfig {
     /// An element of the base field that is not a square root see \[WB2019, Section 4\].
     /// It is also convenient to have $g(b/ZETA * a)$ to be square. In general
     /// we use a `ZETA` with low absolute value coefficients when they are
@@ -22,9 +22,7 @@ pub trait SWUParams: SWCurveConfig {
 }
 
 /// Represents the SWU hash-to-curve map defined by `P`.
-pub struct SWUMap<P: SWUParams> {
-    curve_params: PhantomData<fn() -> P>,
-}
+pub struct SWUMap<P: SWUConfig>(PhantomData<fn() -> P>);
 
 /// Trait defining a parity method on the Field elements based on [\[1\]] Section 4.1
 ///
@@ -36,7 +34,7 @@ pub fn parity<F: Field>(element: &F) -> bool {
         .map_or(false, |x| x.into_bigint().is_odd())
 }
 
-impl<P: SWUParams> MapToCurve<Projective<P>> for SWUMap<P> {
+impl<P: SWUConfig> MapToCurve<Projective<P>> for SWUMap<P> {
     /// Constructs a new map if `P` represents a valid map.
     fn new() -> Result<Self, HashToCurveError> {
         // Verifying that ZETA is a non-square
@@ -51,9 +49,7 @@ impl<P: SWUParams> MapToCurve<Projective<P>> for SWUMap<P> {
             return Err(HashToCurveError::MapToCurveError("Simplified SWU requires a * b != 0 in the short Weierstrass form of y^2 = x^3 + a*x + b ".to_string()));
         }
 
-        Ok(SWUMap {
-            curve_params: PhantomData,
-        })
+        Ok(SWUMap(PhantomData))
     }
 
     /// Map an arbitrary base field element to a curve point.
@@ -175,9 +171,9 @@ mod test {
 
     const F127_ONE: F127 = MontFp!("1");
 
-    struct TestSWUMapToCurveParams;
+    struct TestSWUMapToCurveConfig;
 
-    impl CurveConfig for TestSWUMapToCurveParams {
+    impl CurveConfig for TestSWUMapToCurveConfig {
         const COFACTOR: &'static [u64] = &[1];
 
     #[rustfmt::skip]
@@ -186,6 +182,7 @@ mod test {
         type BaseField = F127;
         type ScalarField = F127;
     }
+
     /// just because not defining another field
     ///
     /// from itertools import product
@@ -200,19 +197,18 @@ mod test {
     ///         pass
     ///
     /// y^2 = x^3 + x + 63
-    impl SWCurveConfig for TestSWUMapToCurveParams {
+    impl SWCurveConfig for TestSWUMapToCurveConfig {
         /// COEFF_A = 1
         const COEFF_A: F127 = F127_ONE;
 
-        /// COEFF_B = 1
-    #[rustfmt::skip]
+        /// COEFF_B = 63
         const COEFF_B: F127 = MontFp!("63");
 
         /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
         const GENERATOR: Affine<Self> = Affine::new_unchecked(MontFp!("62"), MontFp!("70"));
     }
 
-    impl SWUParams for TestSWUMapToCurveParams {
+    impl SWUConfig for TestSWUMapToCurveConfig {
         const ZETA: F127 = MontFp!("-1");
     }
 
@@ -241,9 +237,9 @@ mod test {
     #[test]
     fn hash_arbitary_string_to_curve_swu() {
         let test_swu_to_curve_hasher = MapToCurveBasedHasher::<
-            Projective<TestSWUMapToCurveParams>,
+            Projective<TestSWUMapToCurveConfig>,
             DefaultFieldHasher<Sha256, 128>,
-            SWUMap<TestSWUMapToCurveParams>,
+            SWUMap<TestSWUMapToCurveConfig>,
         >::new(&[1])
         .unwrap();
 
@@ -260,9 +256,9 @@ mod test {
     /// elements should be mapped to curve successfully. everything can be mapped
     #[test]
     fn map_field_to_curve_swu() {
-        let test_map_to_curve = SWUMap::<TestSWUMapToCurveParams>::new().unwrap();
+        let test_map_to_curve = SWUMap::<TestSWUMapToCurveConfig>::new().unwrap();
 
-        let mut map_range: Vec<Affine<TestSWUMapToCurveParams>> = vec![];
+        let mut map_range: Vec<Affine<TestSWUMapToCurveConfig>> = vec![];
         for current_field_element in 0..127 {
             map_range.push(
                 test_map_to_curve