zcash
diff --git a/‎src/circuit/gadget/ecc/chip.rs
+3-19 b/‎src/circuit/gadget/ecc/chip.rs
+3-19
diff --git a/‎src/circuit/gadget/ecc/chip/add.rs
+7-7 b/‎src/circuit/gadget/ecc/chip/add.rs
+7-7
diff --git a/‎src/circuit/gadget/ecc/chip/add_incomplete.rs
+7-7 b/‎src/circuit/gadget/ecc/chip/add_incomplete.rs
+7-7
diff --git a/‎src/circuit/gadget/ecc/chip/mul.rs
+9-9 b/‎src/circuit/gadget/ecc/chip/mul.rs
+9-9
diff --git a/‎src/circuit/gadget/ecc/chip/mul/complete.rs
+5-5 b/‎src/circuit/gadget/ecc/chip/mul/complete.rs
+5-5
diff --git a/‎src/circuit/gadget/ecc/chip/mul/incomplete.rs
+13-20 b/‎src/circuit/gadget/ecc/chip/mul/incomplete.rs
+13-20
diff --git a/‎src/circuit/gadget/ecc/chip/mul_fixed.rs
+7-7 b/‎src/circuit/gadget/ecc/chip/mul_fixed.rs
+7-7
@@ -1,10 +1,11 @@
 use super::EccInstructions;
+use crate::circuit::gadget::utilities::{copy, CellValue, Var};
 use crate::constants::{self, OrchardFixedBasesFull, ValueCommitV};
 use arrayvec::ArrayVec;
 use ff::Field;
 use halo2::{
     arithmetic::CurveAffine,
-    circuit::{Cell, Chip, Layouter},
+    circuit::{Chip, Layouter},
     plonk::{Advice, Column, ConstraintSystem, Error, Fixed, Permutation, Selector},
 };
 use std::marker::PhantomData;
@@ -13,26 +14,9 @@ pub(super) mod add;
 pub(super) mod add_incomplete;
 pub(super) mod mul;
 pub(super) mod mul_fixed;
-pub(super) mod util;
 pub(super) mod witness_point;
 pub(super) mod witness_scalar_fixed;
 
-/// A structure containing a cell and its assigned value.
-#[derive(Clone, Debug)]
-pub struct CellValue<T> {
-    /// The cell of this `CellValue`
-    pub cell: Cell,
-    /// The value assigned to this `CellValue`
-    pub value: Option<T>,
-}
-
-impl<T> CellValue<T> {
-    /// Construct a `CellValue`.
-    pub fn new(cell: Cell, value: Option<T>) -> Self {
-        CellValue { cell, value }
-    }
-}
-
 /// A curve point represented in affine (x, y) coordinates. Each coordinate is
 /// assigned to a cell.
 #[derive(Clone, Debug)]
@@ -46,7 +30,7 @@ pub struct EccPoint<C: CurveAffine> {
 impl<C: CurveAffine> EccPoint<C> {
     /// Returns the value of this curve point, if known.
     pub fn point(&self) -> Option<C> {
-        match (self.x.value, self.y.value) {
+        match (self.x.value(), self.y.value()) {
             (Some(x), Some(y)) => {
                 if x == C::Base::zero() && y == C::Base::zero() {
                     Some(C::identity())
 
@@ -1,4 +1,4 @@
-use super::{util, CellValue, EccConfig, EccPoint};
+use super::{copy, CellValue, EccConfig, EccPoint, Var};
 use ff::Field;
 use halo2::{
     arithmetic::{CurveAffine, FieldExt},
@@ -206,15 +206,15 @@ impl Config {
         self.q_add.enable(region, offset)?;
 
         // Copy point `p` into `x_p`, `y_p` columns
-        util::assign_and_constrain(region, || "x_p", self.x_p, offset, &p.x, &self.perm)?;
-        util::assign_and_constrain(region, || "y_p", self.y_p, offset, &p.y, &self.perm)?;
+        copy(region, || "x_p", self.x_p, offset, &p.x, &self.perm)?;
+        copy(region, || "y_p", self.y_p, offset, &p.y, &self.perm)?;
 
         // Copy point `q` into `x_qr`, `y_qr` columns
-        util::assign_and_constrain(region, || "x_q", self.x_qr, offset, &q.x, &self.perm)?;
-        util::assign_and_constrain(region, || "y_q", self.y_qr, offset, &q.y, &self.perm)?;
+        copy(region, || "x_q", self.x_qr, offset, &q.x, &self.perm)?;
+        copy(region, || "y_q", self.y_qr, offset, &q.y, &self.perm)?;
 
-        let (x_p, y_p) = (p.x.value, p.y.value);
-        let (x_q, y_q) = (q.x.value, q.y.value);
+        let (x_p, y_p) = (p.x.value(), p.y.value());
+        let (x_q, y_q) = (q.x.value(), q.y.value());
 
         // inv0(x) evaluates to 0 if x = 0, and 1/x otherwise.
 
 
@@ -1,4 +1,4 @@
-use super::{util, CellValue, EccConfig, EccPoint};
+use super::{copy, CellValue, EccConfig, EccPoint, Var};
 use ff::Field;
 use group::Curve;
 use halo2::{
@@ -76,8 +76,8 @@ impl Config {
         self.q_add_incomplete.enable(region, offset)?;
 
         // Handle exceptional cases
-        let (x_p, y_p) = (p.x.value, p.y.value);
-        let (x_q, y_q) = (q.x.value, q.y.value);
+        let (x_p, y_p) = (p.x.value(), p.y.value());
+        let (x_q, y_q) = (q.x.value(), q.y.value());
         x_p.zip(y_p)
             .zip(x_q)
             .zip(y_q)
@@ -97,12 +97,12 @@ impl Config {
             .transpose()?;
 
         // Copy point `p` into `x_p`, `y_p` columns
-        util::assign_and_constrain(region, || "x_p", self.x_p, offset, &p.x, &self.perm)?;
-        util::assign_and_constrain(region, || "y_p", self.y_p, offset, &p.y, &self.perm)?;
+        copy(region, || "x_p", self.x_p, offset, &p.x, &self.perm)?;
+        copy(region, || "y_p", self.y_p, offset, &p.y, &self.perm)?;
 
         // Copy point `q` into `x_qr`, `y_qr` columns
-        util::assign_and_constrain(region, || "x_q", self.x_qr, offset, &q.x, &self.perm)?;
-        util::assign_and_constrain(region, || "y_q", self.y_qr, offset, &q.y, &self.perm)?;
+        copy(region, || "x_q", self.x_qr, offset, &q.x, &self.perm)?;
+        copy(region, || "y_q", self.y_qr, offset, &q.y, &self.perm)?;
 
         // Compute the sum `P + Q = R`
         let r = {
 
@@ -1,4 +1,4 @@
-use super::{add, util, CellValue, EccConfig, EccPoint};
+use super::{add, copy, CellValue, EccConfig, EccPoint, Var};
 use crate::constants::NUM_COMPLETE_BITS;
 use std::ops::{Deref, Range};
 
@@ -113,7 +113,7 @@ impl<C: CurveAffine> Config<C> {
         let offset = offset + 1;
 
         // Decompose the scalar bitwise (big-endian bit order).
-        let bits = decompose_for_scalar_mul::<C>(scalar.value);
+        let bits = decompose_for_scalar_mul::<C>(scalar.value());
 
         // Initialize the running sum for scalar decomposition to zero
         let z_val = C::Base::zero();
@@ -131,7 +131,7 @@ impl<C: CurveAffine> Config<C> {
             offset,
             &base,
             bits_incomplete_hi,
-            (X(acc.x.clone()), Y(acc.y.value), Z(z)),
+            (X(acc.x.clone()), Y(acc.y.value()), Z(z)),
         )?;
 
         // Double-and-add (incomplete addition) for the `lo` half of the scalar decomposition
@@ -164,7 +164,7 @@ impl<C: CurveAffine> Config<C> {
         };
 
         // Initialize `z` running sum for complete addition
-        util::assign_and_constrain(
+        copy(
             region,
             || "Initialize `z` running sum for complete addition",
             self.z_complete,
@@ -182,7 +182,7 @@ impl<C: CurveAffine> Config<C> {
             // Bits used in complete addition. k_{3} to k_{1} inclusive
             // The LSB k_{0} is handled separately.
             let bits_complete = &bits[complete_range::<C>()];
-            complete_config.assign_region(region, offset, bits_complete, base, acc, z.value)?
+            complete_config.assign_region(region, offset, bits_complete, base, acc, z.value())?
         };
 
         let offset = offset + complete_len::<C>() * 2;
@@ -198,7 +198,7 @@ impl<C: CurveAffine> Config<C> {
 
             let base = base.point();
             let scalar = scalar
-                .value
+                .value()
                 .map(|scalar| C::Scalar::from_bytes(&scalar.to_bytes()).unwrap());
             let real_mul = base.zip(scalar).map(|(base, scalar)| base * scalar);
             let result = result.point();
@@ -241,7 +241,7 @@ impl<C: CurveAffine> Config<C> {
         // is in deriving diversified addresses `[ivk] g_d`,  and `ivk` is guaranteed
         // to be in the base field of the curve. (See non-normative notes in
         // https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents.)
-        util::assign_and_constrain(
+        copy(
             region,
             || "original scalar",
             self.scalar,
@@ -254,7 +254,7 @@ impl<C: CurveAffine> Config<C> {
         // If `lsb` is 0, return `Acc + (-P)`. If `lsb` is 1, simply return `Acc + 0`.
         let x_p = if let Some(lsb) = lsb {
             if !lsb {
-                base.x.value
+                base.x.value()
             } else {
                 Some(C::Base::zero())
             }
@@ -263,7 +263,7 @@ impl<C: CurveAffine> Config<C> {
         };
         let y_p = if let Some(lsb) = lsb {
             if !lsb {
-                base.y.value.map(|y_p| -y_p)
+                base.y.value().map(|y_p| -y_p)
             } else {
                 Some(C::Base::zero())
             }
 
@@ -1,4 +1,4 @@
-use super::super::{add, util, CellValue, EccPoint};
+use super::super::{add, copy, CellValue, EccPoint, Var};
 use super::complete_len;
 use ff::Field;
 
@@ -102,7 +102,7 @@ impl<C: CurveAffine> Config<C> {
             )?;
 
             // Assign `x_p` for complete addition
-            let x_p = base.x.value;
+            let x_p = base.x.value();
             let x_p_cell = region.assign_advice(
                 || "x_p",
                 self.add_config.x_p,
@@ -112,7 +112,7 @@ impl<C: CurveAffine> Config<C> {
 
             // Assign `y_p` for complete addition.
             // If the bit is set, use `y`; if the bit is not set, use `-y`
-            let y_p = base.y.value;
+            let y_p = base.y.value();
             let y_p = y_p
                 .zip(k.as_ref())
                 .map(|(y_p, k)| if !k { -y_p } else { y_p });
@@ -134,15 +134,15 @@ impl<C: CurveAffine> Config<C> {
                 .assign_region(&p, &acc, row + offset, region)?;
 
             // Copy acc from `x_a`, `y_a` over to `x_p`, `y_p` on the next row
-            let acc_x = util::assign_and_constrain(
+            let acc_x = copy(
                 region,
                 || "copy acc x_a",
                 self.add_config.x_p,
                 row + offset + 1,
                 &acc.x,
                 &self.perm,
             )?;
-            let acc_y = util::assign_and_constrain(
+            let acc_y = copy(
                 region,
                 || "copy acc y_a",
                 self.add_config.y_p,
 
@@ -1,4 +1,4 @@
-use super::super::{util, CellValue, EccConfig, EccPoint};
+use super::super::{copy, CellValue, EccConfig, EccPoint, Var};
 use super::{incomplete_hi_len, incomplete_lo_len, X, Y, Z};
 use ff::Field;
 use halo2::{
@@ -161,8 +161,8 @@ impl<C: CurveAffine> Config<C> {
         assert_eq!(bits.len(), self.num_bits);
 
         // Handle exceptional cases
-        let (x_p, y_p) = (base.x.value, base.y.value);
-        let (x_a, y_a) = (acc.0.value, acc.1 .0);
+        let (x_p, y_p) = (base.x.value(), base.y.value());
+        let (x_a, y_a) = (acc.0.value(), acc.1 .0);
         x_p.zip(y_p)
             .zip(x_a)
             .zip(y_a)
@@ -186,24 +186,17 @@ impl<C: CurveAffine> Config<C> {
         }
 
         // Initialise the running `z` sum for the scalar bits.
-        let mut z = util::assign_and_constrain(
-            region,
-            || "starting z",
-            self.z,
-            offset,
-            &acc.2,
-            &self.perm,
-        )?;
+        let mut z = copy(region, || "starting z", self.z, offset, &acc.2, &self.perm)?;
 
         // Increase offset by 1; we used row 0 for initializing `z`.
         let offset = offset + 1;
 
         // Define `x_p`, `y_p`
-        let x_p = base.x.value;
-        let y_p = base.y.value;
+        let x_p = base.x.value();
+        let y_p = base.y.value();
 
         // Initialise acc
-        let mut x_a = util::assign_and_constrain(
+        let mut x_a = copy(
             region,
             || "starting x_a",
             self.x_a,
@@ -217,7 +210,7 @@ impl<C: CurveAffine> Config<C> {
         for (row, k) in bits.iter().enumerate() {
             // z_{i} = 2 * z_{i+1} + k_i
             let z_val = z
-                .value
+                .value()
                 .zip(k.as_ref())
                 .map(|(z_val, k)| C::Base::from_u64(2) * z_val + C::Base::from_u64(*k as u64));
             let z_cell = region.assign_advice(
@@ -250,7 +243,7 @@ impl<C: CurveAffine> Config<C> {
             // Compute and assign λ1⋅(x_A − x_P) = y_A − y_P
             let lambda1 = y_a
                 .zip(y_p)
-                .zip(x_a.value)
+                .zip(x_a.value())
                 .zip(x_p)
                 .map(|(((y_a, y_p), x_a), x_p)| (y_a - y_p) * (x_a - x_p).invert().unwrap());
             region.assign_advice(
@@ -262,15 +255,15 @@ impl<C: CurveAffine> Config<C> {
 
             // x_R = λ1^2 - x_A - x_P
             let x_r = lambda1
-                .zip(x_a.value)
+                .zip(x_a.value())
                 .zip(x_p)
                 .map(|((lambda1, x_a), x_p)| lambda1 * lambda1 - x_a - x_p);
 
             // λ2 = (2(y_A) / (x_A - x_R)) - λ1
             let lambda2 =
                 lambda1
                     .zip(y_a)
-                    .zip(x_a.value)
+                    .zip(x_a.value())
                     .zip(x_r)
                     .map(|(((lambda1, y_a), x_a), x_r)| {
                         C::Base::from_u64(2) * y_a * (x_a - x_r).invert().unwrap() - lambda1
@@ -284,11 +277,11 @@ impl<C: CurveAffine> Config<C> {
 
             // Compute and assign `x_a` for the next row
             let x_a_new = lambda2
-                .zip(x_a.value)
+                .zip(x_a.value())
                 .zip(x_r)
                 .map(|((lambda2, x_a), x_r)| lambda2 * lambda2 - x_a - x_r);
             y_a = lambda2
-                .zip(x_a.value)
+                .zip(x_a.value())
                 .zip(x_a_new)
                 .zip(y_a)
                 .map(|(((lambda2, x_a), x_a_new), y_a)| lambda2 * (x_a - x_a_new) - y_a);
 
@@ -1,6 +1,6 @@
 use super::{
-    add, add_incomplete, util, witness_point, CellValue, EccConfig, EccPoint, EccScalarFixed,
-    EccScalarFixedShort,
+    add, add_incomplete, copy, witness_point, CellValue, EccConfig, EccPoint, EccScalarFixed,
+    EccScalarFixedShort, Var,
 };
 use crate::constants::{
     self,
@@ -281,7 +281,7 @@ impl<C: CurveAffine, const NUM_WINDOWS: usize> Config<C, NUM_WINDOWS> {
     ) -> Result<(), Error> {
         // Copy the scalar decomposition (`k`-bit windows)
         for (window_idx, window) in scalar.windows().iter().enumerate() {
-            util::assign_and_constrain(
+            copy(
                 region,
                 || format!("k[{:?}]", window),
                 self.window,
@@ -320,15 +320,15 @@ impl<C: CurveAffine, const NUM_WINDOWS: usize> Config<C, NUM_WINDOWS> {
         }
 
         // Copy `m0` into `x_qr`, `y_qr` cells on row 1
-        let x = util::assign_and_constrain(
+        let x = copy(
             region,
             || "initialize acc x",
             self.add_incomplete_config.x_qr,
             offset + 1,
             &m0.x,
             &self.perm,
         )?;
-        let y = util::assign_and_constrain(
+        let y = copy(
             region,
             || "initialize acc y",
             self.add_incomplete_config.y_qr,
@@ -465,7 +465,7 @@ impl<C: CurveAffine> ScalarFixed<C> {
         self.windows()
             .iter()
             .map(|bits| {
-                bits.value
+                bits.value()
                     .map(|value| C::Scalar::from_bytes(&value.to_bytes()).unwrap())
             })
             .collect::<Vec<_>>()
@@ -477,7 +477,7 @@ impl<C: CurveAffine> ScalarFixed<C> {
     fn windows_usize(&self) -> Vec<Option<usize>> {
         self.windows()
             .iter()
-            .map(|bits| bits.value.map(|value| value.to_bytes()[0] as usize))
+            .map(|bits| bits.value().map(|value| value.to_bytes()[0] as usize))
             .collect::<Vec<_>>()
     }
 }