@@ -39,7 +39,6 @@ pub struct SignatureVerifyTarget {
3939 msg : ValueTarget ,
4040 // proof of the SignatureInternalCircuit (=signature::Signature.0)
4141 proof : ProofWithPublicInputsTarget < D > ,
42- dummy_proof : ProofWithPublicInputsTarget < D > ,
4342}
4443
4544impl SignatureVerifyGadget {
@@ -73,42 +72,46 @@ impl SignatureVerifyGadget {
7372
7473 let proof_targ = builder. add_virtual_proof_with_pis ( & common_data) ;
7574
76- // connect the {pk, msg, s} with the proof_targ.public_inputs
75+ let dummy_pi = DUMMY_PUBLIC_INPUTS . clone ( ) ;
76+
77+ let pk_targ_dummy =
78+ builder. constant_value ( Value ( dummy_pi[ ..VALUE_SIZE ] . try_into ( ) . unwrap ( ) ) ) ;
79+ let msg_targ_dummy = builder. constant_value ( Value (
80+ dummy_pi[ VALUE_SIZE ..VALUE_SIZE * 2 ] . try_into ( ) . unwrap ( ) ,
81+ ) ) ;
82+ let s_targ_dummy =
83+ builder. constant_value ( Value ( dummy_pi[ VALUE_SIZE * 2 ..] . try_into ( ) . unwrap ( ) ) ) ;
84+
85+ // connect the {pk, msg, s} with the proof_targ.public_inputs conditionally
86+ let pk_targ_connect = builder. select_value ( selector, pk_targ, pk_targ_dummy) ;
87+ let msg_targ_connect = builder. select_value ( selector, msg_targ, msg_targ_dummy) ;
88+ let s_targ_connect = builder. select_value (
89+ selector,
90+ ValueTarget {
91+ elements : s_targ. elements ,
92+ } ,
93+ s_targ_dummy,
94+ ) ;
7795 for i in 0 ..VALUE_SIZE {
78- builder. connect ( pk_targ . elements [ i] , proof_targ. public_inputs [ i] ) ;
96+ builder. connect ( pk_targ_connect . elements [ i] , proof_targ. public_inputs [ i] ) ;
7997 builder. connect (
80- msg_targ . elements [ i] ,
98+ msg_targ_connect . elements [ i] ,
8199 proof_targ. public_inputs [ VALUE_SIZE + i] ,
82100 ) ;
83101 builder. connect (
84- s_targ . elements [ i] ,
102+ s_targ_connect . elements [ i] ,
85103 proof_targ. public_inputs [ ( 2 * VALUE_SIZE ) + i] ,
86104 ) ;
87105 }
88106
89- // NOTE: we would use the `conditional_verify_proof_or_dummy` method,
90- // but since we're using the `standard_recursion_zk_config` (with zk),
91- // internally it fails to generate the `dummy_circuit`, which mentions
92- // that degree calculation could be off if zk is enabled. So we use
93- // `conditional_verify_proof` feeding in our own dummy_proof
94- // (signature::DUMMY_PROOF).
95- let dummy_proof_targ = builder. add_virtual_proof_with_pis ( & common_data) ;
96- builder. conditionally_verify_proof :: < C > (
97- selector,
98- & proof_targ,
99- & verifier_data_targ,
100- & dummy_proof_targ,
101- & verifier_data_targ,
102- & common_data,
103- ) ;
107+ builder. verify_proof :: < C > ( & proof_targ, & verifier_data_targ, & common_data) ;
104108
105109 Ok ( SignatureVerifyTarget {
106110 verifier_data_targ,
107111 selector,
108112 pk : pk_targ,
109113 msg : msg_targ,
110114 proof : proof_targ,
111- dummy_proof : dummy_proof_targ,
112115 } )
113116 }
114117}
@@ -131,21 +134,23 @@ impl SignatureVerifyTarget {
131134 let s = Value ( PoseidonHash :: hash_no_pad ( & [ pk. 0 . 0 , msg. 0 ] . concat ( ) ) . elements ) ;
132135 let public_inputs: Vec < F > = [ pk. 0 . 0 , msg. 0 , s. 0 ] . concat ( ) ;
133136
134- pw. set_proof_with_pis_target (
135- & self . proof ,
136- & ProofWithPublicInputs {
137- proof : signature. 0 ,
138- public_inputs,
139- } ,
140- ) ?;
141-
142- pw. set_proof_with_pis_target (
143- & self . dummy_proof ,
144- & ProofWithPublicInputs {
145- proof : DUMMY_SIGNATURE . 0 . clone ( ) ,
146- public_inputs : DUMMY_PUBLIC_INPUTS . clone ( ) ,
147- } ,
148- ) ?;
137+ if selector {
138+ pw. set_proof_with_pis_target (
139+ & self . proof ,
140+ & ProofWithPublicInputs {
141+ proof : signature. 0 ,
142+ public_inputs,
143+ } ,
144+ ) ?;
145+ } else {
146+ pw. set_proof_with_pis_target (
147+ & self . proof ,
148+ & ProofWithPublicInputs {
149+ proof : DUMMY_SIGNATURE . 0 . clone ( ) ,
150+ public_inputs : DUMMY_PUBLIC_INPUTS . clone ( ) ,
151+ } ,
152+ ) ?;
153+ }
149154
150155 pw. set_verifier_data_target (
151156 & self . verifier_data_targ ,
0 commit comments