Add QuickSilver with io

Cargo.toml

@@ -17,6 +17,8 @@ members = [
     "crates/clmul",
     "crates/mpz-ole-core",
     "crates/mpz-ole",
+    "crates/mpz-zk-core",
+    "crates/mpz-zk",
 ]
 resolver = "2"
 
@@ -43,6 +45,8 @@ mpz-ole = { path = "crates/mpz-ole" }
 mpz-ole-core = { path = "crates/mpz-ole-core" }
 clmul = { path = "crates/clmul" }
 matrix-transpose = { path = "crates/matrix-transpose" }
+mpz-zk-core = { path = "crates/mpz-zk-core" }
+mpz-zk = { path = "crates/mpz-zk" }
 
 tlsn-utils = { git = "https://github.com/tlsnotary/tlsn-utils", rev = "6e0be94" }
 tlsn-utils-aio = { git = "https://github.com/tlsnotary/tlsn-utils", rev = "6e0be94" }

crates/mpz-common/src/ideal.rs

@@ -18,7 +18,7 @@ struct Buffer {
 }
 
 /// The ideal functionality from the perspective of Alice.
-#[derive(Debug)]
+#[derive(Debug, Default)]
 pub struct Alice<F> {
     f: Arc<Mutex<F>>,
     buffer: Arc<Mutex<Buffer>>,
@@ -35,7 +35,7 @@ impl<F> Clone for Alice<F> {
 
 impl<F> Alice<F> {
     /// Returns a lock to the ideal functionality.
-    pub fn get_mut(&mut self) -> MutexGuard<'_, F> {
+    pub fn lock(&self) -> MutexGuard<'_, F> {
         self.f.lock().unwrap()
     }
 
@@ -79,7 +79,7 @@ impl<F> Alice<F> {
 }
 
 /// The ideal functionality from the perspective of Bob.
-#[derive(Debug)]
+#[derive(Debug, Default)]
 pub struct Bob<F> {
     f: Arc<Mutex<F>>,
     buffer: Arc<Mutex<Buffer>>,
@@ -96,7 +96,7 @@ impl<F> Clone for Bob<F> {
 
 impl<F> Bob<F> {
     /// Returns a lock to the ideal functionality.
-    pub fn get_mut(&mut self) -> MutexGuard<'_, F> {
+    pub fn lock(&self) -> MutexGuard<'_, F> {
         self.f.lock().unwrap()
     }
 

crates/mpz-core/src/block.rs

@@ -7,6 +7,7 @@ use generic_array::{typenum::consts::U16, GenericArray};
 use itybity::{BitIterable, BitLength, GetBit, Lsb0, Msb0};
 use rand::{distributions::Standard, prelude::Distribution, CryptoRng, Rng};
 use serde::{Deserialize, Serialize};
+use std::iter::successors;
 
 /// A block of 128 bits
 #[repr(transparent)]
@@ -22,6 +23,11 @@ impl Block {
     pub const ONE: Self = Self([1u8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);
     /// A block with all bits set to 1
     pub const ONES: Self = Self([0xff; 16]);
+    /// A block with all 1 bits excect the lsb.
+    pub const MINIS_ONE: Block = Self([
+        0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+        0xff,
+    ]);
     /// A length 2 array of zero and one blocks
     pub const SELECT_MASK: [Self; 2] = [Self::ZERO, Self::ONES];
 
@@ -123,6 +129,15 @@ impl Block {
         bytemuck::cast([x[1], x[0]])
     }
 
+    /// Generate the powers of the seed.
+    /// Starting with seed.
+    #[inline(always)]
+    pub fn powers(seed: Self, size: usize) -> Vec<Self> {
+        successors(Some(seed), |pow| Some(pow.gfmul(seed)))
+            .take(size)
+            .collect()
+    }
+
     /// Converts a block to a [`GenericArray<u8, U16>`](cipher::generic_array::GenericArray)
     /// from the [`generic-array`](https://docs.rs/generic-array/latest/generic_array/) crate.
     #[allow(dead_code)]

crates/mpz-core/src/ggm_tree.rs

@@ -32,33 +32,35 @@ impl GgmTree {
         assert_eq!(k0.len(), self.depth);
         assert_eq!(k1.len(), self.depth);
         let mut buf = [Block::ZERO; 8];
-        self.tkprp.expand_1to2(tree, seed);
-        k0[0] = tree[0];
-        k1[0] = tree[1];
+        if self.depth > 1 {
+            self.tkprp.expand_1to2(tree, seed);
+            k0[0] = tree[0];
+            k1[0] = tree[1];
 
-        self.tkprp.expand_2to4(&mut buf, tree);
-        k0[1] = buf[0] ^ buf[2];
-        k1[1] = buf[1] ^ buf[3];
-        tree[0..4].copy_from_slice(&buf[0..4]);
-
-        for h in 2..self.depth {
-            k0[h] = Block::ZERO;
-            k1[h] = Block::ZERO;
-
-            // How many nodes there are in this layer
-            let sz = 1 << h;
-            for i in (0..=sz - 4).rev().step_by(4) {
-                self.tkprp.expand_4to8(&mut buf, &tree[i..]);
-                k0[h] ^= buf[0];
-                k0[h] ^= buf[2];
-                k0[h] ^= buf[4];
-                k0[h] ^= buf[6];
-                k1[h] ^= buf[1];
-                k1[h] ^= buf[3];
-                k1[h] ^= buf[5];
-                k1[h] ^= buf[7];
+            self.tkprp.expand_2to4(&mut buf, tree);
+            k0[1] = buf[0] ^ buf[2];
+            k1[1] = buf[1] ^ buf[3];
+            tree[0..4].copy_from_slice(&buf[0..4]);
 
-                tree[2 * i..2 * i + 8].copy_from_slice(&buf);
+            for h in 2..self.depth {
+                k0[h] = Block::ZERO;
+                k1[h] = Block::ZERO;
+
+                // How many nodes there are in this layer
+                let sz = 1 << h;
+                for i in (0..=sz - 4).rev().step_by(4) {
+                    self.tkprp.expand_4to8(&mut buf, &tree[i..]);
+                    k0[h] ^= buf[0];
+                    k0[h] ^= buf[2];
+                    k0[h] ^= buf[4];
+                    k0[h] ^= buf[6];
+                    k1[h] ^= buf[1];
+                    k1[h] ^= buf[3];
+                    k1[h] ^= buf[5];
+                    k1[h] ^= buf[7];
+
+                    tree[2 * i..2 * i + 8].copy_from_slice(&buf);
+                }
             }
         }
     }

crates/mpz-ot-core/src/chou_orlandi/receiver.rs

@@ -153,7 +153,7 @@ impl Receiver<state::Setup> {
         let SenderPayload { id, payload } = payload;
 
         // Check that the transfer id matches
-        let expected_id = current_id.next();
+        let expected_id = current_id.next_id();
         if id != expected_id {
             return Err(ReceiverError::IdMismatch(expected_id, id));
         }

crates/mpz-ot-core/src/chou_orlandi/sender.rs

@@ -139,7 +139,7 @@ impl Sender<state::Setup> {
         } = receiver_payload;
 
         // Check that the transfer id matches
-        let expected_id = current_id.next();
+        let expected_id = current_id.next_id();
         if id != expected_id {
             return Err(SenderError::IdMismatch(expected_id, id));
         }

crates/mpz-ot-core/src/ferret/mod.rs

@@ -1,7 +1,4 @@
 //! An implementation of the [`Ferret`](https://eprint.iacr.org/2020/924.pdf) protocol.
-
-use mpz_core::lpn::LpnParameters;
-
 pub mod cuckoo;
 pub mod error;
 pub mod mpcot;
@@ -19,44 +16,29 @@ pub const CUCKOO_HASH_NUM: usize = 3;
 /// Trial numbers in Cuckoo hash insertion.
 pub const CUCKOO_TRIAL_NUM: usize = 100;
 
-/// LPN parameters with regular noise.
-/// Derived from https://github.com/emp-toolkit/emp-ot/blob/master/emp-ot/ferret/constants.h
-pub const LPN_PARAMETERS_REGULAR: LpnParameters = LpnParameters {
-    n: 10180608,
-    k: 124000,
-    t: 4971,
-};
-
-/// LPN parameters with uniform noise.
-/// Derived from Table 2.
-pub const LPN_PARAMETERS_UNIFORM: LpnParameters = LpnParameters {
-    n: 10616092,
-    k: 588160,
-    t: 1324,
-};
-
 /// The type of Lpn parameters.
-#[derive(Debug)]
+#[derive(Debug, Clone, Copy, Default)]
 pub enum LpnType {
     /// Uniform error distribution.
     Uniform,
     /// Regular error distribution.
+    #[default]
     Regular,
 }
 
 #[cfg(test)]
 mod tests {
     use super::*;
 
-    use msgs::LpnMatrixSeed;
     use receiver::Receiver;
     use sender::Sender;
 
-    use crate::ideal::{cot::IdealCOT, mpcot::IdealMpcot};
-    use crate::test::assert_cot;
-    use crate::{MPCOTReceiverOutput, MPCOTSenderOutput, RCOTReceiverOutput, RCOTSenderOutput};
+    use crate::{
+        ideal::{cot::IdealCOT, mpcot::IdealMpcot},
+        test::assert_cot,
+        MPCOTReceiverOutput, MPCOTSenderOutput, RCOTReceiverOutput, RCOTSenderOutput,
+    };
     use mpz_core::{lpn::LpnParameters, prg::Prg};
-    use rand::SeedableRng;
 
     const LPN_PARAMETERS_TEST: LpnParameters = LpnParameters {
         n: 9600,
@@ -66,7 +48,7 @@ mod tests {
 
     #[test]
     fn ferret_test() {
-        let mut prg = Prg::from_seed([1u8; 16].into());
+        let mut prg = Prg::new();
         let delta = prg.random_block();
         let mut ideal_cot = IdealCOT::default();
         let mut ideal_mpcot = IdealMpcot::default();
@@ -101,18 +83,8 @@ mod tests {
             )
             .unwrap();
 
-        let LpnMatrixSeed {
-            seed: lpn_matrix_seed,
-        } = seed;
-
         let mut sender = sender
-            .setup(
-                delta,
-                LPN_PARAMETERS_TEST,
-                LpnType::Regular,
-                lpn_matrix_seed,
-                &v,
-            )
+            .setup(delta, LPN_PARAMETERS_TEST, LpnType::Regular, seed, &v)
             .unwrap();
 
         // extend once
@@ -122,8 +94,15 @@ mod tests {
         let (MPCOTSenderOutput { s, .. }, MPCOTReceiverOutput { r, .. }) =
             ideal_mpcot.extend(&query.0, query.1);
 
-        let msgs = sender.extend(&s).unwrap();
-        let (choices, received) = receiver.extend(&r).unwrap();
+        sender.extend(s).unwrap();
+        receiver.extend(r).unwrap();
+
+        let RCOTSenderOutput { msgs, .. } = sender.consume(2).unwrap();
+        let RCOTReceiverOutput {
+            choices,
+            msgs: received,
+            ..
+        } = receiver.consume(2).unwrap();
 
         assert_cot(delta, &choices, &msgs, &received);
 
@@ -134,8 +113,15 @@ mod tests {
         let (MPCOTSenderOutput { s, .. }, MPCOTReceiverOutput { r, .. }) =
             ideal_mpcot.extend(&query.0, query.1);
 
-        let msgs = sender.extend(&s).unwrap();
-        let (choices, received) = receiver.extend(&r).unwrap();
+        sender.extend(s).unwrap();
+        receiver.extend(r).unwrap();
+
+        let RCOTSenderOutput { msgs, .. } = sender.consume(sender.remaining()).unwrap();
+        let RCOTReceiverOutput {
+            choices,
+            msgs: received,
+            ..
+        } = receiver.consume(receiver.remaining()).unwrap();
 
         assert_cot(delta, &choices, &msgs, &received);
     }

crates/mpz-ot-core/src/ferret/mpcot/mod.rs

@@ -16,11 +16,10 @@ mod tests {
     use crate::ideal::spcot::IdealSpcot;
     use crate::{SPCOTReceiverOutput, SPCOTSenderOutput};
     use mpz_core::prg::Prg;
-    use rand::SeedableRng;
 
     #[test]
     fn mpcot_general_test() {
-        let mut prg = Prg::from_seed([1u8; 16].into());
+        let mut prg = Prg::new();
         let delta = prg.random_block();
         let mut ideal_spcot = IdealSpcot::new_with_delta(delta);
 
@@ -96,7 +95,7 @@ mod tests {
 
     #[test]
     fn mpcot_regular_test() {
-        let mut prg = Prg::from_seed([2u8; 16].into());
+        let mut prg = Prg::new();
         let delta = prg.random_block();
         let mut ideal_spcot = IdealSpcot::new_with_delta(delta);