Let Radix2Domain::offset to be FpVar instead of F (#65)

* restructure code

* done

* add changelog

* add the changelog to mark this as a breaking change

* add the CHANGELOG

* tweak

* add `EqGadget`

* rename generate_interpolate_cache to generate_interpolation_cache

* address the comment

Co-authored-by: weikeng <[email protected]>

Author: tsunrise

CHANGELOG.md

@@ -2,29 +2,35 @@
 
 ### Breaking changes
 
-- #60 Rename `AllocatedBit` to `AllocatedBool` for consistency with the `Boolean` variable.
-You can update downstream usage with `grep -rl 'AllocatedBit' . | xargs env LANG=C env LC_CTYPE=C sed -i '' 's/AllocatedBit/AllocatedBool/g'`.
+- [\#60](https://github.com/arkworks-rs/r1cs-std/pull/60) Rename `AllocatedBit` to `AllocatedBool` for consistency with the `Boolean` variable.
+  You can update downstream usage with `grep -rl 'AllocatedBit' . | xargs env LANG=C env LC_CTYPE=C sed -i '' 's/AllocatedBit/AllocatedBool/g'`.
+- [\#65](https://github.com/arkworks-rs/r1cs-std/pull/65) Rename `Radix2Domain` in `r1cs-std` to `Radix2DomainVar`.
 
 ### Features
 
-- [\#53](https://github.com/arkworks-rs/r1cs-std/pull/53) Add univariate evaluation domain and lagrange interpolation. 
+- [\#53](https://github.com/arkworks-rs/r1cs-std/pull/53) Add univariate evaluation domain and Lagrange interpolation. 
 
 ### Improvements
 
+- [\#65](https://github.com/arkworks-rs/r1cs-std/pull/65) Add support for non-constant coset offset in `Radix2DomainVar`.
+
 ### Bug Fixes
 
 
 ## v0.2.0
 
 ### Breaking changes
+
 - [\#12](https://github.com/arkworks-rs/r1cs-std/pull/12) Make the output of the `ToBitsGadget` impl for `FpVar` fixed-size
 - [\#48](https://github.com/arkworks-rs/r1cs-std/pull/48) Add `Clone` trait bound to `CondSelectGadget`.
 
 ### Features
+
 - [\#21](https://github.com/arkworks-rs/r1cs-std/pull/21) Add `UInt128`
 - [\#50](https://github.com/arkworks-rs/r1cs-std/pull/50) Add `DensePolynomialVar`
 
 ### Improvements
+
 - [\#5](https://github.com/arkworks-rs/r1cs-std/pull/5) Speedup BLS-12 pairing
 - [\#13](https://github.com/arkworks-rs/r1cs-std/pull/13) Add `ToConstraintFieldGadget` to `ProjectiveVar`
 - [\#15](https://github.com/arkworks-rs/r1cs-std/pull/15), #16 Allow `cs` to be `None` when converting a Montgomery point into a Twisted Edwards point
@@ -38,6 +44,7 @@ You can update downstream usage with `grep -rl 'AllocatedBit' . | xargs env LANG
 - [\#46](https://github.com/arkworks-rs/r1cs-std/pull/46) Add mux gadget as an auto-impl in `CondSelectGadget` to support random access of an array
 
 ### Bug fixes
+
 - [\#8](https://github.com/arkworks-rs/r1cs-std/pull/8) Fix bug in `three_bit_cond_neg_lookup` when using a constant lookup bit
 - [\#9](https://github.com/arkworks-rs/r1cs-std/pull/9) Fix bug in `short_weierstrass::ProjectiveVar::to_affine`
 - [\#29](https://github.com/arkworks-rs/r1cs-std/pull/29) Fix `to_non_unique_bytes` for `BLS12::G1Prepared`

src/poly/domain/mod.rs

@@ -1,4 +1,5 @@
 use crate::boolean::Boolean;
+use crate::eq::EqGadget;
 use crate::fields::fp::FpVar;
 use crate::fields::FieldVar;
 use ark_ff::PrimeField;
@@ -7,23 +8,33 @@ use ark_std::vec::Vec;
 
 pub mod vanishing_poly;
 
-#[derive(Copy, Clone, Hash, Eq, PartialEq, Debug)]
+#[derive(Clone, Debug)]
 /// Defines an evaluation domain over a prime field. The domain is a coset of size `1<<dim`.
 ///
 /// Native code corresponds to `ark-poly::univariate::domain::radix2`, but `ark-poly` only supports
 /// subgroup for now.
 ///
 /// TODO: support cosets in `ark-poly`.
-pub struct Radix2Domain<F: PrimeField> {
+pub struct Radix2DomainVar<F: PrimeField> {
     /// generator of subgroup g
     pub gen: F,
     /// index of the quotient group (i.e. the `offset`)
-    pub offset: F,
+    pub offset: FpVar<F>,
     /// dimension of evaluation domain
     pub dim: u64,
 }
 
-impl<F: PrimeField> Radix2Domain<F> {
+impl<F: PrimeField> EqGadget<F> for Radix2DomainVar<F> {
+    fn is_eq(&self, other: &Self) -> Result<Boolean<F>, SynthesisError> {
+        if self.gen != other.gen || self.dim != other.dim {
+            Ok(Boolean::constant(false))
+        } else {
+            self.offset.is_eq(&other.offset)
+        }
+    }
+}
+
+impl<F: PrimeField> Radix2DomainVar<F> {
     /// order of the domain
     pub fn order(&self) -> usize {
         1 << self.dim
@@ -40,6 +51,11 @@ impl<F: PrimeField> Radix2Domain<F> {
         result
     }
 
+    /// Size of the domain
+    pub fn size(&self) -> u64 {
+        1 << self.dim
+    }
+
     /// For domain `h<g>` with dimension `n`, `position` represented by `query_pos` in big endian form,
     /// returns `h*g^{position}<g^{n-query_pos.len()}>`
     pub fn query_position_to_coset(
@@ -64,7 +80,7 @@ impl<F: PrimeField> Radix2Domain<F> {
             first_point_in_coset += &term;
         }
 
-        first_point_in_coset *= &FpVar::Constant(self.offset);
+        first_point_in_coset *= &self.offset;
 
         coset.push(first_point_in_coset);
         for i in 1..(1 << (coset_dim as usize)) {

src/poly/evaluations/univariate/lagrange_interpolator.rs

@@ -98,8 +98,11 @@ impl<F: PrimeField> LagrangeInterpolator<F> {
 
 #[cfg(test)]
 mod tests {
-    use crate::poly::domain::Radix2Domain;
+    use crate::fields::fp::FpVar;
+    use crate::fields::FieldVar;
+    use crate::poly::domain::Radix2DomainVar;
     use crate::poly::evaluations::univariate::lagrange_interpolator::LagrangeInterpolator;
+    use crate::R1CSVar;
     use ark_ff::{FftField, Field, One};
     use ark_poly::univariate::DensePolynomial;
     use ark_poly::{Polynomial, UVPolynomial};
@@ -112,21 +115,25 @@ mod tests {
         let poly = DensePolynomial::rand(15, &mut rng);
         let gen = Fr::get_root_of_unity(1 << 4).unwrap();
         assert_eq!(gen.pow(&[1 << 4]), Fr::one());
-        let domain = Radix2Domain {
+        let domain = Radix2DomainVar {
             gen,
-            offset: Fr::multiplicative_generator(),
+            offset: FpVar::constant(Fr::multiplicative_generator()),
             dim: 4, // 2^4 = 16
         };
         // generate evaluations of `poly` on this domain
-        let mut coset_point = domain.offset;
+        let mut coset_point = domain.offset.value().unwrap();
         let mut oracle_evals = Vec::new();
         for _ in 0..(1 << 4) {
             oracle_evals.push(poly.evaluate(&coset_point));
             coset_point *= gen;
         }
 
-        let interpolator =
-            LagrangeInterpolator::new(domain.offset, domain.gen, domain.dim, oracle_evals);
+        let interpolator = LagrangeInterpolator::new(
+            domain.offset.value().unwrap(),
+            domain.gen,
+            domain.dim,
+            oracle_evals,
+        );
 
         // the point to evaluate at
         let interpolate_point = Fr::rand(&mut rng);