rename rho to nonce

taiga_halo2/benches/action_proof.rs

@@ -22,7 +22,7 @@ fn bench_action_proof(name: &str, c: &mut Criterion) {
     let mut rng = OsRng;
     let action_info = {
         let input_resource = {
-            let rho = Nullifier::from(pallas::Base::random(&mut rng));
+            let nonce = Nullifier::from(pallas::Base::random(&mut rng));
             let nk = NullifierKeyContainer::from_key(pallas::Base::random(&mut rng));
             let kind = {
                 let logic = pallas::Base::random(&mut rng);
@@ -38,13 +38,13 @@ fn bench_action_proof(name: &str, c: &mut Criterion) {
                 quantity,
                 nk_container: nk,
                 is_merkle_checked: true,
-                psi: rseed.get_psi(&rho),
-                rcm: rseed.get_rcm(&rho),
-                rho,
+                psi: rseed.get_psi(&nonce),
+                rcm: rseed.get_rcm(&nonce),
+                nonce,
             }
         };
         let mut output_resource = {
-            let rho = input_resource.get_nf().unwrap();
+            let nonce = input_resource.get_nf().unwrap();
             let nk_com = NullifierKeyContainer::from_commitment(pallas::Base::random(&mut rng));
             let kind = {
                 let logic = pallas::Base::random(&mut rng);
@@ -60,9 +60,9 @@ fn bench_action_proof(name: &str, c: &mut Criterion) {
                 quantity,
                 nk_container: nk_com,
                 is_merkle_checked: true,
-                psi: rseed.get_psi(&rho),
-                rcm: rseed.get_rcm(&rho),
-                rho,
+                psi: rseed.get_psi(&nonce),
+                rcm: rseed.get_rcm(&nonce),
+                nonce,
             }
         };
         let input_merkle_path = MerklePath::random(&mut rng, TAIGA_COMMITMENT_TREE_DEPTH);

taiga_halo2/benches/vp_proof.rs

@@ -18,7 +18,7 @@ fn bench_vp_proof(name: &str, c: &mut Criterion) {
 
     let vp_circuit = {
         let input_resources = [(); NUM_RESOURCE].map(|_| {
-            let rho = Nullifier::from(pallas::Base::random(&mut rng));
+            let nonce = Nullifier::from(pallas::Base::random(&mut rng));
             let nk = NullifierKeyContainer::from_key(pallas::Base::random(&mut rng));
             let kind = {
                 let logic = pallas::Base::random(&mut rng);
@@ -34,15 +34,15 @@ fn bench_vp_proof(name: &str, c: &mut Criterion) {
                 quantity,
                 nk_container: nk,
                 is_merkle_checked: true,
-                psi: rseed.get_psi(&rho),
-                rcm: rseed.get_rcm(&rho),
-                rho,
+                psi: rseed.get_psi(&nonce),
+                rcm: rseed.get_rcm(&nonce),
+                nonce,
             }
         });
         let output_resources = input_resources
             .iter()
             .map(|input| {
-                let rho = input.get_nf().unwrap();
+                let nonce = input.get_nf().unwrap();
                 let nk_com = NullifierKeyContainer::from_commitment(pallas::Base::random(&mut rng));
                 let kind = {
                     let logic = pallas::Base::random(&mut rng);
@@ -58,9 +58,9 @@ fn bench_vp_proof(name: &str, c: &mut Criterion) {
                     quantity,
                     nk_container: nk_com,
                     is_merkle_checked: true,
-                    psi: rseed.get_psi(&rho),
-                    rcm: rseed.get_rcm(&rho),
-                    rho,
+                    psi: rseed.get_psi(&nonce),
+                    rcm: rseed.get_rcm(&nonce),
+                    nonce,
                 }
             })
             .collect::<Vec<_>>();

taiga_halo2/src/action.rs

@@ -120,7 +120,7 @@ impl BorshDeserialize for ActionPublicInputs {
 impl ActionInfo {
     // The dummy input resource must provide a valid custom_anchor, but a random merkle path
     // The normal input resource only needs to provide a valid merkle path. The anchor will be calculated from the resource and path.
-    // The rho of output_resource will be reset to the nullifier of input_resource
+    // The nonce of output_resource will be set to the nullifier of input_resource
     pub fn new<R: RngCore>(
         input_resource: Resource,
         input_merkle_path: MerklePath,
@@ -133,7 +133,7 @@ impl ActionInfo {
             None => input_resource.calculate_root(&input_merkle_path),
         };
 
-        output_resource.set_rho(&input_resource, &mut rng);
+        output_resource.set_nonce(&input_resource, &mut rng);
 
         Self {
             input_resource,
@@ -180,8 +180,8 @@ impl ActionInfo {
     pub fn build(&self) -> (ActionPublicInputs, ActionCircuit) {
         let nf = self.get_input_resource_nullifer();
         assert_eq!(
-            nf, self.output_resource.rho,
-            "The nf of input resource should be equal to the rho of output resource"
+            nf, self.output_resource.nonce,
+            "The nf of input resource must be equal to the nonce of output resource"
         );
 
         let cm = self.get_output_resource_cm();

taiga_halo2/src/circuit/integrity.rs

@@ -26,11 +26,11 @@ pub fn nullifier_circuit(
     mut layouter: impl Layouter<pallas::Base>,
     poseidon_config: PoseidonConfig<pallas::Base, 3, 2>,
     nk: AssignedCell<pallas::Base, pallas::Base>,
-    rho: AssignedCell<pallas::Base, pallas::Base>,
+    nonce: AssignedCell<pallas::Base, pallas::Base>,
     psi: AssignedCell<pallas::Base, pallas::Base>,
     cm: AssignedCell<pallas::Base, pallas::Base>,
 ) -> Result<AssignedCell<pallas::Base, pallas::Base>, Error> {
-    let poseidon_message = [nk, rho, psi, cm];
+    let poseidon_message = [nk, nonce, psi, cm];
     poseidon_hash_gadget(
         poseidon_config,
         layouter.namespace(|| "derive nullifier"),
@@ -97,11 +97,11 @@ pub fn check_input_resource(
         input_resource.quantity,
     )?;
 
-    // Witness rho
-    let rho = assign_free_advice(
-        layouter.namespace(|| "witness rho"),
+    // Witness nonce
+    let nonce = assign_free_advice(
+        layouter.namespace(|| "witness nonce"),
         advices[0],
-        Value::known(input_resource.rho.inner()),
+        Value::known(input_resource.nonce.inner()),
     )?;
 
     // Witness psi
@@ -134,7 +134,7 @@ pub fn check_input_resource(
         label.clone(),
         value.clone(),
         nk_com.clone(),
-        rho.clone(),
+        nonce.clone(),
         psi.clone(),
         quantity.clone(),
         is_merkle_checked.clone(),
@@ -146,7 +146,7 @@ pub fn check_input_resource(
         layouter.namespace(|| "Generate nullifier"),
         resource_commit_chip.get_poseidon_config(),
         nk_var,
-        rho.clone(),
+        nonce.clone(),
         psi.clone(),
         cm.clone(),
     )?;
@@ -160,7 +160,7 @@ pub fn check_input_resource(
         label,
         is_merkle_checked,
         value,
-        rho,
+        nonce,
         nk_com,
         psi,
         rcm,
@@ -264,7 +264,7 @@ pub fn check_output_resource(
         quantity,
         is_merkle_checked,
         value,
-        rho: old_nf,
+        nonce: old_nf,
         nk_com,
         psi,
         rcm,
@@ -434,7 +434,7 @@ fn test_halo2_nullifier_circuit() {
     #[derive(Default)]
     struct MyCircuit {
         nk: NullifierKeyContainer,
-        rho: pallas::Base,
+        nonce: pallas::Base,
         psi: pallas::Base,
         cm: ResourceCommitment,
     }
@@ -503,11 +503,11 @@ fn test_halo2_nullifier_circuit() {
                 Value::known(self.nk.get_nk().unwrap()),
             )?;
 
-            // Witness rho
-            let rho = assign_free_advice(
-                layouter.namespace(|| "witness rho"),
+            // Witness nonce
+            let nonce = assign_free_advice(
+                layouter.namespace(|| "witness nonce"),
                 advices[0],
-                Value::known(self.rho),
+                Value::known(self.nonce),
             )?;
 
             // Witness psi
@@ -528,13 +528,13 @@ fn test_halo2_nullifier_circuit() {
                 layouter.namespace(|| "nullifier"),
                 poseidon_config,
                 nk,
-                rho,
+                nonce,
                 psi,
                 cm,
             )?;
 
             let expect_nf = {
-                let nf = Nullifier::derive(&self.nk, &self.rho, &self.psi, &self.cm)
+                let nf = Nullifier::derive(&self.nk, &self.nonce, &self.psi, &self.cm)
                     .unwrap()
                     .inner();
                 assign_free_advice(
@@ -554,7 +554,7 @@ fn test_halo2_nullifier_circuit() {
     let mut rng = OsRng;
     let circuit = MyCircuit {
         nk: NullifierKeyContainer::random_key(&mut rng),
-        rho: pallas::Base::random(&mut rng),
+        nonce: pallas::Base::random(&mut rng),
         psi: pallas::Base::random(&mut rng),
         cm: ResourceCommitment::default(),
     };

taiga_halo2/src/circuit/resource_commitment.rs

@@ -147,7 +147,7 @@ pub fn resource_commit(
     label: AssignedCell<pallas::Base, pallas::Base>,
     value: AssignedCell<pallas::Base, pallas::Base>,
     nk_com: AssignedCell<pallas::Base, pallas::Base>,
-    rho: AssignedCell<pallas::Base, pallas::Base>,
+    nonce: AssignedCell<pallas::Base, pallas::Base>,
     psi: AssignedCell<pallas::Base, pallas::Base>,
     quantity: AssignedCell<pallas::Base, pallas::Base>,
     is_merkle_checked: AssignedCell<pallas::Base, pallas::Base>,
@@ -165,7 +165,7 @@ pub fn resource_commit(
         label,
         value,
         nk_com,
-        rho,
+        nonce,
         psi,
         compose_is_merkle_checked_and_quantity,
         rcm,

taiga_halo2/src/circuit/vp_circuit.rs

@@ -481,7 +481,7 @@ pub trait ValidityPredicateCircuit: Circuit<pallas::Base> + ValidityPredicateVer
             let old_nf = assign_free_advice(
                 layouter.namespace(|| "old nf"),
                 config.advices[0],
-                Value::known(output_resources[i].rho.inner()),
+                Value::known(output_resources[i].nonce.inner()),
             )?;
             output_resource_variables.push(check_output_resource(
                 layouter.namespace(|| "check output resource"),
@@ -573,7 +573,7 @@ pub struct ResourceVariables {
     pub quantity: AssignedCell<pallas::Base, pallas::Base>,
     pub is_merkle_checked: AssignedCell<pallas::Base, pallas::Base>,
     pub value: AssignedCell<pallas::Base, pallas::Base>,
-    pub rho: AssignedCell<pallas::Base, pallas::Base>,
+    pub nonce: AssignedCell<pallas::Base, pallas::Base>,
     pub nk_com: AssignedCell<pallas::Base, pallas::Base>,
     pub psi: AssignedCell<pallas::Base, pallas::Base>,
     pub rcm: AssignedCell<pallas::Base, pallas::Base>,
@@ -694,10 +694,10 @@ impl BasicValidityPredicateVariables {
         )
     }
 
-    pub fn get_rho_searchable_pairs(&self) -> [ResourceSearchableVariablePair; NUM_RESOURCE * 2] {
+    pub fn get_nonce_searchable_pairs(&self) -> [ResourceSearchableVariablePair; NUM_RESOURCE * 2] {
         self.get_variable_searchable_pairs(
-            |variables| variables.resource_variables.rho.clone(),
-            |variables| variables.resource_variables.rho.clone(),
+            |variables| variables.resource_variables.nonce.clone(),
+            |variables| variables.resource_variables.nonce.clone(),
         )
     }
 

taiga_halo2/src/circuit/vp_examples/cascade_intent.rs

@@ -155,14 +155,14 @@ pub fn create_intent_resource<R: RngCore>(
 ) -> Resource {
     let label = CascadeIntentValidityPredicateCircuit::encode_label(cascade_resource_cm);
     let rseed = RandomSeed::random(&mut rng);
-    let rho = Nullifier::random(&mut rng);
+    let nonce = Nullifier::random(&mut rng);
     Resource::new_input_resource(
         *COMPRESSED_CASCADE_INTENT_VK,
         label,
         pallas::Base::zero(),
         1u64,
         nk,
-        rho,
+        nonce,
         false,
         rseed,
     )

taiga_halo2/src/circuit/vp_examples/or_relation_intent.rs

@@ -291,14 +291,14 @@ pub fn create_intent_resource<R: RngCore>(
         receiver_value,
     );
     let rseed = RandomSeed::random(&mut rng);
-    let rho = Nullifier::random(&mut rng);
+    let nonce = Nullifier::random(&mut rng);
     Resource::new_input_resource(
         *COMPRESSED_OR_RELATION_INTENT_VK,
         label,
         pallas::Base::zero(),
         1u64,
         nk,
-        rho,
+        nonce,
         false,
         rseed,
     )

taiga_halo2/src/circuit/vp_examples/receiver_vp.rs

@@ -158,11 +158,11 @@ impl ValidityPredicateCircuit for ReceiverValidityPredicateCircuit {
             &basic_variables.get_quantity_searchable_pairs(),
         )?;
 
-        let rho = get_owned_resource_variable(
+        let nonce = get_owned_resource_variable(
             config.get_owned_resource_variable_config,
-            layouter.namespace(|| "get owned resource rho"),
+            layouter.namespace(|| "get owned resource nonce"),
             &owned_resource_id,
-            &basic_variables.get_rho_searchable_pairs(),
+            &basic_variables.get_nonce_searchable_pairs(),
         )?;
 
         let nk_com = get_owned_resource_variable(
@@ -186,7 +186,7 @@ impl ValidityPredicateCircuit for ReceiverValidityPredicateCircuit {
             &basic_variables.get_rcm_searchable_pairs(),
         )?;
 
-        let mut message = vec![logic, label, value, quantity, rho, nk_com, psi, rcm];
+        let mut message = vec![logic, label, value, quantity, nonce, nk_com, psi, rcm];
 
         let add_chip = AddChip::<pallas::Base>::construct(config.add_config.clone(), ());
 
@@ -247,7 +247,7 @@ impl ValidityPredicateCircuit for ReceiverValidityPredicateCircuit {
             target_resource.kind.label,
             target_resource.value,
             pallas::Base::from(target_resource.quantity),
-            target_resource.rho.inner(),
+            target_resource.nonce.inner(),
             target_resource.get_nk_commitment(),
             target_resource.psi,
             target_resource.rcm,
@@ -330,7 +330,7 @@ fn test_halo2_receiver_vp_circuit() {
         de_cipher[3],
         pallas::Base::from(circuit.output_resources[0].quantity)
     );
-    assert_eq!(de_cipher[4], circuit.output_resources[0].rho.inner());
+    assert_eq!(de_cipher[4], circuit.output_resources[0].nonce.inner());
     assert_eq!(
         de_cipher[5],
         circuit.output_resources[0].get_nk_commitment()

taiga_halo2/src/circuit/vp_examples/token.rs

@@ -101,14 +101,14 @@ impl Token {
         let label = self.encode_name();
         let value = auth.to_value();
         let rseed = RandomSeed::random(&mut rng);
-        let rho = Nullifier::random(&mut rng);
+        let nonce = Nullifier::random(&mut rng);
         let resource = Resource::new_input_resource(
             *COMPRESSED_TOKEN_VK,
             label,
             value,
             self.quantity(),
             nk,
-            rho,
+            nonce,
             true,
             rseed,
         );

taiga_halo2/src/nullifier.rs

@@ -35,17 +35,17 @@ pub enum NullifierKeyContainer {
 }
 
 impl Nullifier {
-    // nf = poseidon_hash(nk || \rho || \psi || resource_cm), in which resource_cm is a field element
+    // nf = poseidon_hash(nk || nonce || \psi || resource_cm), in which resource_cm is a field element
     pub fn derive(
         nk: &NullifierKeyContainer,
-        rho: &pallas::Base,
+        nonce: &pallas::Base,
         psi: &pallas::Base,
         cm: &ResourceCommitment,
     ) -> Option<Self> {
         match nk {
             NullifierKeyContainer::Commitment(_) => None,
             NullifierKeyContainer::Key(key) => {
-                let nf = Nullifier(poseidon_hash_n([*key, *rho, *psi, cm.inner()]));
+                let nf = Nullifier(poseidon_hash_n([*key, *nonce, *psi, cm.inner()]));
                 Some(nf)
             }
         }