diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2cefaeb..ec05635 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,7 +16,7 @@ jobs: strategy: fail-fast: false matrix: - toolchain: [nightly, 0.36.0] + toolchain: [nightly, 0.37.0] steps: - name: Checkout sources uses: actions/checkout@v4 @@ -28,6 +28,8 @@ jobs: - name: Run Noir tests run: nargo test + env: + RAYON_NUM_THREADS: 1 format: runs-on: ubuntu-latest @@ -38,7 +40,7 @@ jobs: - name: Install Nargo uses: noir-lang/noirup@v0.1.3 with: - toolchain: 0.36.0 + toolchain: 0.37.0 - name: Run formatter run: nargo fmt --check diff --git a/Nargo.toml b/Nargo.toml index 9c488c9..49104f0 100644 --- a/Nargo.toml +++ b/Nargo.toml @@ -2,8 +2,8 @@ name = "noir_bigcurve" type = "lib" authors = [""] -compiler_version = ">=0.36.0" +compiler_version = ">=0.37.0" [dependencies] -bignum = {tag = "v0.4.1", git = "https://github.com/noir-lang/noir-bignum"} +bignum = {tag = "v0.4.2", git = "https://github.com/noir-lang/noir-bignum"} sort = {tag = "v0.2.0", git = "https://github.com/noir-lang/noir_sort"} diff --git a/src/bigcurve_test.nr b/src/bigcurve_test.nr index 8c01ad7..0661310 100644 --- a/src/bigcurve_test.nr +++ b/src/bigcurve_test.nr @@ -1,14 +1,25 @@ use dep::bignum::BigNum; +use dep::bignum::fields::bn254Fq::BN254_Fq_Params; use crate::BigCurve; - use crate::curve_jac; -use crate::curve_jac::JTranscript; use crate::curve_jac::AffineTranscript; use crate::curve_jac::CurveJ; -use crate::scalar_field::ScalarField; +use crate::curve_jac::JTranscript; +use crate::curves::bls12_377::{BLS12_377, BLS12_377Fr, BLS12_377Scalar}; +use crate::curves::bls12_381::{BLS12_381, BLS12_381Fr, BLS12_381Scalar}; +use crate::curves::bn254::{BN254, BN254Params, BN254Scalar}; +use crate::curves::mnt4_753::{MNT4_753, MNT4_753Fr, MNT4_753Scalar}; +use crate::curves::mnt6_753::{MNT6_753, MNT6_753Fr, MNT6_753Scalar}; +use crate::curves::pallas::{Pallas, PallasFr, PallasScalar}; +use crate::curves::secp256k1::{Secp256k1, Secp256k1Fr, Secp256k1Scalar}; +use crate::curves::secp256r1::{Secp256r1, Secp256r1Fr, Secp256r1Scalar}; +use crate::curves::secp384r1::{Secp384r1, Secp384r1Fr, Secp384r1Scalar}; +use crate::curves::vesta::{Vesta, VestaFr, VestaScalar}; use crate::PointTable; -use crate::curves::bn254::{BN254, BN254Scalar, BN254Params}; +use crate::scalar_field::ScalarField; +use super::curves::mnt6_753::MNT6_753Fq; + type Fq = BigNum<3, 254, BN254_Fq_Params>; type BN254J = CurveJ; @@ -446,113 +457,512 @@ fn test_make_table() { } } -use dep::bignum::fields::bn254Fq::BN254_Fq_Params; +#[test] +fn test_bls12_377_offset_generators() { + let one = BLS12_377::one(); + let negone = BLS12_377Fr::one().neg(); + let scalar = BLS12_377Scalar::from_bignum(negone); + let final = one.mul(scalar); -use crate::curves::vesta::{Vesta, VestaFr, VestaScalar}; -use crate::curves::pallas::{Pallas, PallasFr, PallasScalar}; -use crate::curves::bls12_377::{BLS12_377, BLS12_377Fr, BLS12_377Scalar}; -use crate::curves::bls12_381::{BLS12_381, BLS12_381Fr, BLS12_381Scalar}; -use crate::curves::secp256k1::{Secp256k1, Secp256k1Fr, Secp256k1Scalar}; -use crate::curves::secp256r1::{Secp256r1, Secp256r1Fr, Secp256r1Scalar}; -use crate::curves::secp384r1::{Secp384r1, Secp384r1Fr, Secp384r1Scalar}; -use crate::curves::mnt4_753::{MNT4_753, MNT4_753Fr, MNT4_753Scalar}; -use crate::curves::mnt6_753::{MNT6_753, MNT6_753Fr, MNT6_753Scalar}; + assert(final.eq(one.neg())); +} -//comptime fn -comptime fn make_test( - f: StructDefinition, - Curve: Quoted, - Fr: Quoted, - ScalarType: Quoted, -) -> Quoted { - let k = f.name(); - let mut offset_generator_test: Quoted = quote {}; - // hacky workaround because we don't have a defined BN254Fr BigNum instance (assumption is the circuit field is BN254 :o) - if (!Curve.eq(quote {BN254})) { - offset_generator_test = quote {#[test] -fn test_offset_generators() { - let one: $Curve = BigCurve::one(); - let negone: $Fr = BigNum::one().neg(); - let scalar: $ScalarType = ScalarField::from_bignum(negone); +#[test] +fn test_bls12_381_offset_generators() { + let one = BLS12_381::one(); + let negone = BLS12_381Fr::one().neg(); + let scalar = BLS12_381Scalar::from_bignum(negone); let final = one.mul(scalar); + assert(final.eq(one.neg())); -}}; - } else { - offset_generator_test = quote {#[test] -fn test_offset_generators() { - let one: $Curve = BigCurve::one(); - let scalar: $ScalarType = ScalarField::from(-1); +} + +#[test] +fn test_bn254_offset_generators() { + let one = BN254::one(); + let scalar = BN254Scalar::from(-1); let final = one.mul(scalar); + assert(final.eq(one.neg())); -}}; - } - quote { -impl $k { -$offset_generator_test +} #[test] - fn test_num_scalar_slices_in_scalar_field() { - let x: $Fr = BigNum::new(); - let max_wnaf_bits: u32 = x.modulus_bits() + 1; +fn test_mnt4_753_offset_generators() { + let one = MNT4_753::one(); + let negone = MNT4_753Fr::one().neg(); + let scalar = MNT4_753Scalar::from_bignum(negone); + let final = one.mul(scalar); - let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; - let scalar: $ScalarType = ScalarField::zero(); - let expected = scalar.len(); - assert(scalar_slices == expected); + assert(final.eq(one.neg())); +} - } +#[test] +fn test_mnt6_753_offset_generators() { + let one = MNT6_753::one(); + let negone = MNT6_753Fr::one().neg(); + let scalar = MNT6_753Scalar::from_bignum(negone); + let final = one.mul(scalar); + + assert(final.eq(one.neg())); +} + +#[test] +fn test_pallas_offset_generators() { + let one = Pallas::one(); + let negone = PallasFr::one().neg(); + let scalar = PallasScalar::from_bignum(negone); + let final = one.mul(scalar); + + assert(final.eq(one.neg())); +} + +#[test] +fn test_secp256k1_offset_generators() { + let one = Secp256k1::one(); + let negone = Secp256k1Fr::one().neg(); + let scalar = Secp256k1Scalar::from_bignum(negone); + let final = one.mul(scalar); + + assert(final.eq(one.neg())); +} + +#[test] +fn test_secp256r1_offset_generators() { + let one = Secp256r1::one(); + let negone = Secp256r1Fr::one().neg(); + let scalar = Secp256r1Scalar::from_bignum(negone); + let final = one.mul(scalar); + + assert(final.eq(one.neg())); +} + +#[test] +fn test_secp384r1_offset_generators() { + let one = Secp384r1::one(); + let negone = Secp384r1Fr::one().neg(); + let scalar = Secp384r1Scalar::from_bignum(negone); + let final = one.mul(scalar); + + assert(final.eq(one.neg())); +} + +#[test] +fn test_vesta_offset_generators() { + let one = Vesta::one(); + let negone = VestaFr::one().neg(); + let scalar = VestaScalar::from_bignum(negone); + let final = one.mul(scalar); + + assert(final.eq(one.neg())); +} + +#[test] +fn test_bls12_377_num_scalar_slices_in_scalar_field() { + let x = BLS12_377Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = BLS12_377Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_bls12_381_num_scalar_slices_in_scalar_field() { + let x = BLS12_381Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = BLS12_381Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_bn254_num_scalar_slices_in_scalar_field() { + let x = BigNum::<3, 254, BN254_Fq_Params>::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = BN254Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_mnt4_753_num_scalar_slices_in_scalar_field() { + let x = MNT4_753Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = MNT4_753Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_mnt6_753_num_scalar_slices_in_scalar_field() { + let x = MNT6_753Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = MNT6_753Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_pallas_num_scalar_slices_in_scalar_field() { + let x = PallasFr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = PallasScalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_secp256k1_num_scalar_slices_in_scalar_field() { + let x = Secp256k1Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = Secp256k1Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_secp256r1_num_scalar_slices_in_scalar_field() { + let x = Secp256r1Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = Secp256r1Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_secp384r1_num_scalar_slices_in_scalar_field() { + let x = Secp384r1Fr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = Secp384r1Scalar::zero(); + + assert(scalar_slices == scalar.len()); +} + +#[test] +fn test_vesta_num_scalar_slices_in_scalar_field() { + let x = VestaFr::new(); + let max_wnaf_bits = x.modulus_bits() + 1; + let scalar_slices = (max_wnaf_bits / 4) + (max_wnaf_bits % 4 != 0) as u32; + let scalar = VestaScalar::zero(); + + assert(scalar_slices == scalar.len()); +} +#[test] +fn test_bls12_377_hash_to_curve() { + let r = BLS12_377::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} + +#[test] +fn test_bls12_381_hash_to_curve() { + let r = BLS12_381::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} + +#[test] +fn test_bn254_hash_to_curve() { + let r = BN254::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} + +#[test] +fn test_mnt4_753_hash_to_curve() { + let r = MNT4_753::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} #[test] -fn test_hash_to_curve() { +fn test_mnt6_753_hash_to_curve() { + let r = MNT6_753::hash_to_curve("hello world".as_bytes()); - let r: $Curve = BigCurve::hash_to_curve("hello world".as_bytes()); r.validate_on_curve(); } +#[test] +fn test_pallas_hash_to_curve() { + let r = Pallas::hash_to_curve("hello world".as_bytes()); + r.validate_on_curve(); +} #[test] -fn test_msm() { +fn test_secp256k1_hash_to_curve() { + let r = Secp256k1::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} + +#[test] +fn test_secp256r1_hash_to_curve() { + let r = Secp256r1::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} - // (p-4)[X] + (p-5)[-X] = [X] - let mut four: $Fr = BigNum::new(); +#[test] +fn test_secp384r1_hash_to_curve() { + let r = Secp384r1::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} + +#[test] +fn test_vesta_hash_to_curve() { + let r = Vesta::hash_to_curve("hello world".as_bytes()); + + r.validate_on_curve(); +} + +#[test] +fn test_bls12_377_msm() { + let mut four = BLS12_377Fr::new(); four.limbs[0] = 4; - let p_minus_4_fr: $Fr = BigNum::modulus() - four; - let p_minus_4: $ScalarType = ScalarField::from_bignum(p_minus_4_fr); + let p_minus_4_fr = BLS12_377Fr::modulus() - four; + let p_minus_4 = BLS12_377Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - BLS12_377Fr::one(); + let p_minus_5 = BLS12_377Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = BLS12_377::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = BLS12_377::evaluate_linear_expression(points, scalars, [BLS12_377::one().neg()]); + + assert(result.is_infinity); +} + +#[test] +fn test_bls12_381_msm() { + let mut four = BLS12_381Fr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = BLS12_381Fr::modulus() - four; + let p_minus_4 = BLS12_381Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - BLS12_381Fr::one(); + let p_minus_5 = BLS12_381Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = BLS12_381::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = BLS12_381::evaluate_linear_expression(points, scalars, [BLS12_381::one().neg()]); + + assert(result.is_infinity); +} + +#[test] +fn test_bn254_msm() { + let mut four = BigNum::<3, 254, BN254_Fq_Params>::new(); + four.limbs[0] = 4; + let p_minus_4_fr = BigNum::modulus() - four; + let p_minus_4 = BN254Scalar::from_bignum(p_minus_4_fr); let p_minus_5_fr = p_minus_4_fr - BigNum::one(); - let p_minus_5: $ScalarType = ScalarField::from_bignum(p_minus_5_fr); + let p_minus_5 = BN254Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = BN254::one(); + let b = a.neg(); + let mut points = [a, b]; - let mut scalars: [$ScalarType; 2] = [p_minus_4, p_minus_5]; + let result = BN254::evaluate_linear_expression(points, scalars, [BN254::one().neg()]); - let A: $Curve = BigCurve::one(); - let B = A.neg(); - let mut points: [$Curve; 2] = [A, B]; - // -4.[1] -5.[-1] + [1] = [0] - let result: $Curve = BigCurve::evaluate_linear_expression(points, scalars, [BigCurve::one().neg()]); assert(result.is_infinity); } + +#[test] +fn test_mnt4_753_msm() { + let mut four = MNT4_753Fr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = MNT4_753Fr::modulus() - four; + let p_minus_4 = MNT4_753Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - MNT4_753Fr::one(); + let p_minus_5 = MNT4_753Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = MNT4_753::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = MNT4_753::evaluate_linear_expression(points, scalars, [MNT4_753::one().neg()]); + + assert(result.is_infinity); +} + +#[test] +fn test_mnt6_753_msm() { + let mut four = MNT6_753Fr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = MNT6_753Fr::modulus() - four; + let p_minus_4 = MNT6_753Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - MNT6_753Fr::one(); + let p_minus_5 = MNT6_753Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = MNT6_753::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = MNT6_753::evaluate_linear_expression(points, scalars, [MNT6_753::one().neg()]); + + assert(result.is_infinity); +} + +#[test] +fn test_pallas_msm() { + let mut four = PallasFr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = PallasFr::modulus() - four; + let p_minus_4 = PallasScalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - PallasFr::one(); + let p_minus_5 = PallasScalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = Pallas::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = Pallas::evaluate_linear_expression(points, scalars, [Pallas::one().neg()]); + + assert(result.is_infinity); +} + +#[test] +fn test_secp256k1_msm() { + let mut four = Secp256k1Fr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = Secp256k1Fr::modulus() - four; + let p_minus_4 = Secp256k1Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - Secp256k1Fr::one(); + let p_minus_5 = Secp256k1Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = Secp256k1::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = Secp256k1::evaluate_linear_expression(points, scalars, [Secp256k1::one().neg()]); + + assert(result.is_infinity); +} + +#[test] +fn test_secp256r1_msm() { + let mut four = Secp256r1Fr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = Secp256r1Fr::modulus() - four; + let p_minus_4 = Secp256r1Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - Secp256r1Fr::one(); + let p_minus_5 = Secp256r1Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = Secp256r1::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = Secp256r1::evaluate_linear_expression(points, scalars, [Secp256r1::one().neg()]); + + assert(result.is_infinity); } + +#[test] +fn test_secp384r1_msm() { + let mut four = Secp384r1Fr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = Secp384r1Fr::modulus() - four; + let p_minus_4 = Secp384r1Scalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - Secp384r1Fr::one(); + let p_minus_5 = Secp384r1Scalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = Secp384r1::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = Secp384r1::evaluate_linear_expression(points, scalars, [Secp384r1::one().neg()]); + + assert(result.is_infinity); } + +#[test] +fn test_vesta_msm() { + let mut four = VestaFr::new(); + four.limbs[0] = 4; + let p_minus_4_fr = VestaFr::modulus() - four; + let p_minus_4 = VestaScalar::from_bignum(p_minus_4_fr); + let p_minus_5_fr = p_minus_4_fr - VestaFr::one(); + let p_minus_5 = VestaScalar::from_bignum(p_minus_5_fr); + let mut scalars = [p_minus_4, p_minus_5]; + let a = Vesta::one(); + let b = a.neg(); + let mut points = [a, b]; + + let result = Vesta::evaluate_linear_expression(points, scalars, [Vesta::one().neg()]); + + assert(result.is_infinity); } -#[make_test(quote{BN254}, quote{BigNum<3, 254, BN254_Fq_Params>}, quote{BN254Scalar})] -pub struct BN254GenTests {} -#[make_test(quote{Vesta}, quote{VestaFr}, quote{VestaScalar})] -pub struct VestaGenTests {} -#[make_test(quote{Pallas}, quote{PallasFr}, quote{PallasScalar})] -pub struct PallasGenTests {} -#[make_test(quote{BLS12_377}, quote{BLS12_377Fr}, quote{BLS12_377Scalar})] -pub struct BLS377GenTests {} -#[make_test(quote{BLS12_381}, quote{BLS12_381Fr}, quote{BLS12_381Scalar})] -pub struct BLS381GenTests {} -#[make_test(quote{Secp256k1}, quote{Secp256k1Fr}, quote{Secp256k1Scalar})] -pub struct Secp256k1GenTests {} -#[make_test(quote{Secp256r1}, quote{Secp256r1Fr}, quote{Secp256r1Scalar})] -pub struct Secp256r1GenTests {} -#[make_test(quote{Secp384r1}, quote{Secp384r1Fr}, quote{Secp384r1Scalar})] -pub struct Secp384r1GenTests {} -#[make_test(quote{MNT4_753}, quote{MNT4_753Fr}, quote{MNT4_753Scalar})] -pub struct MNT4GenTests {} -#[make_test(quote{MNT6_753}, quote{MNT6_753Fr}, quote{MNT6_753Scalar})] -pub struct MNT6GenTests {} +#[test] +fn test_bigcurve_sub_with_hint() { + let accumulator: MNT6_753 = BigCurve { + x: BigNum { + limbs: [ + 0x5b6ad7b65e3a86239c2efbdb300b8d, + 0x7d06f1a94609f8e4eb48c998d1571d, + 0x95a74f11f2fb5be7544da5c184e38d, + 0x600f8f2fdcd5e802342ebe03c3787f, + 0xc3fa8f3f017c7aed50e1a14b78f3b3, + 0xe7f3b2638fa13f65670c15eb006e99, + 0x016389a6fb, + ], + }, + y: BigNum { + limbs: [ + 0x42eb137506b02f7665ebbe0211b768, + 0x814148c3996475176b11c4db1d356a, + 0xf97e6cd350259b5456471a2237553f, + 0x5c822035f3f7c21fc2e6f9aac5945a, + 0xa319d0923fc0ac9db23b819dcb7371, + 0xa4186459f74d57db479c998a5db03a, + 0x7f824db1, + ], + }, + is_infinity: false, + }; + let offset_generator: MNT6_753 = BigCurve { + x: BigNum { + limbs: [ + 0x5b6ad7b65e3a86239c2efbdb300b8d, + 0x7d06f1a94609f8e4eb48c998d1571d, + 0x95a74f11f2fb5be7544da5c184e38d, + 0x600f8f2fdcd5e802342ebe03c3787f, + 0xc3fa8f3f017c7aed50e1a14b78f3b3, + 0xe7f3b2638fa13f65670c15eb006e99, + 0x016389a6fb, + ], + }, + y: BigNum { + limbs: [ + 0x42eb137506b02f7665ebbe0211b768, + 0x814148c3996475176b11c4db1d356a, + 0xf97e6cd350259b5456471a2237553f, + 0x5c822035f3f7c21fc2e6f9aac5945a, + 0xa319d0923fc0ac9db23b819dcb7371, + 0xa4186459f74d57db479c998a5db03a, + 0x7f824db1, + ], + }, + is_infinity: false, + }; + let transcript: AffineTranscript = AffineTranscript { + lambda: BigNum { limbs: [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] }, + x3: BigNum { limbs: [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] }, + y3: BigNum { limbs: [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00] }, + }; + let result = accumulator.sub_with_hint(offset_generator, transcript); + assert(result.is_infinity); +} diff --git a/src/curve_jac.nr b/src/curve_jac.nr index 865a453..6a4034d 100644 --- a/src/curve_jac.nr +++ b/src/curve_jac.nr @@ -1,9 +1,9 @@ use dep::bignum::BigNum; use dep::bignum::BigNumTrait; -use crate::scalar_field::ScalarField; -use crate::CurveParamsTrait; use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; /** * @brief CurveJ represents a Short Weierstrass elliptic curve using Jacobian coordinates. * representation in Jacobian form is X, Y, Z diff --git a/src/curves/bls12_377.nr b/src/curves/bls12_377.nr index c99038e..17ae51b 100644 --- a/src/curves/bls12_377.nr +++ b/src/curves/bls12_377.nr @@ -1,11 +1,11 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::bls12_377Fq::BLS12_377_Fq_Params; use dep::bignum::fields::bls12_377Fr::BLS12_377_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; -global BLS12_377_SCALAR_SLICES = 64; +global BLS12_377_SCALAR_SLICES: u32 = 64; pub struct BLS12_377_Params {} impl CurveParamsTrait> for BLS12_377_Params { fn a() -> BigNum<4, 377, BLS12_377_Fq_Params> { @@ -83,12 +83,12 @@ pub type BLS12_377Fr = BigNum<3, 253, BLS12_377_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::bls12_377::BLS12_377_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::bls12_377Fr::BLS12_377_Fr_Params; #[test] - fn test_bits() { + fn test_bls12_377_bits() { let x: BigNum<3, 253, BLS12_377_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/bls12_381.nr b/src/curves/bls12_381.nr index 1a876f0..7e88b44 100644 --- a/src/curves/bls12_381.nr +++ b/src/curves/bls12_381.nr @@ -1,11 +1,11 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::bls12_381Fq::BLS12_381_Fq_Params; use dep::bignum::fields::bls12_381Fr::BLS12_381_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; -global BLS12_381_SCALAR_SLICES = 64; +global BLS12_381_SCALAR_SLICES: u32 = 64; pub struct BLS12_381_Params {} impl CurveParamsTrait> for BLS12_381_Params { fn a() -> BigNum<4, 381, BLS12_381_Fq_Params> { @@ -83,12 +83,12 @@ pub type BLS12_381Fr = BigNum<3, 255, BLS12_381_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::bls12_381::BLS12_381_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::bls12_381Fr::BLS12_381_Fr_Params; #[test] - fn test_bits() { + fn test_bls12_381_bits() { let x: BigNum<3, 255, BLS12_381_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/bn254.nr b/src/curves/bn254.nr index 040f51a..e0dc178 100644 --- a/src/curves/bn254.nr +++ b/src/curves/bn254.nr @@ -1,8 +1,8 @@ -use dep::bignum::BigNum; -use dep::bignum::fields::bn254Fq::BN254_Fq_Params; -use crate::CurveParamsTrait; use crate::BigCurve; +use crate::CurveParamsTrait; use crate::scalar_field::ScalarField; +use dep::bignum::BigNum; +use dep::bignum::fields::bn254Fq::BN254_Fq_Params; pub struct BN254Params {} impl CurveParamsTrait> for BN254Params { @@ -37,7 +37,7 @@ impl CurveParamsTrait> for BN254Params { } } -global BN254_SCALAR_SLICES = 64; +global BN254_SCALAR_SLICES: u32 = 64; pub type BN254 = BigCurve, BN254Params>; pub type BN254Scalar = ScalarField; pub type BN254Fq = BigNum<3, 254, BN254_Fq_Params>; @@ -47,7 +47,7 @@ pub type BN254Fq = BigNum<3, 254, BN254_Fq_Params>; // use dep::bignum::BigNum; // use crate::curves::secp256r1::SECP256r1_SCALAR_SLICES; // #[test] -// fn test_bits() { +// fn test_bn254_bits() { // let x: BigNum<3, 254, BN254_Fq_Params> = BigNum::new(); // let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/mnt4_753.nr b/src/curves/mnt4_753.nr index 6740318..c7bfd51 100644 --- a/src/curves/mnt4_753.nr +++ b/src/curves/mnt4_753.nr @@ -1,11 +1,11 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::mnt4_753Fq::MNT4_753_Fq_Params; use dep::bignum::fields::mnt4_753Fr::MNT4_753_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; -global MNT4_753_SCALAR_SLICES = 189; +global MNT4_753_SCALAR_SLICES: u32 = 189; pub struct MNT4_753_Params {} impl CurveParamsTrait> for MNT4_753_Params { fn a() -> BigNum<7, 753, MNT4_753_Fq_Params> { @@ -111,12 +111,12 @@ pub type MNT4_753Fr = BigNum<7, 753, MNT4_753_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::mnt4_753::MNT4_753_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::mnt4_753Fr::MNT4_753_Fr_Params; #[test] - fn test_bits() { + fn test_mnt4_753_bits() { let x: BigNum<7, 753, MNT4_753_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/mnt6_753.nr b/src/curves/mnt6_753.nr index e8fe010..bdfc356 100644 --- a/src/curves/mnt6_753.nr +++ b/src/curves/mnt6_753.nr @@ -1,11 +1,11 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::mnt6_753Fq::MNT6_753_Fq_Params; use dep::bignum::fields::mnt6_753Fr::MNT6_753_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; -global MNT6_753_SCALAR_SLICES = 189; +global MNT6_753_SCALAR_SLICES: u32 = 189; pub struct MNT6_753_Params {} impl CurveParamsTrait> for MNT6_753_Params { fn a() -> BigNum<7, 753, MNT6_753_Fq_Params> { @@ -111,12 +111,12 @@ pub type MNT6_753Fr = BigNum<7, 753, MNT6_753_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::mnt6_753::MNT6_753_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::mnt6_753Fr::MNT6_753_Fr_Params; #[test] - fn test_bits() { + fn test_mnt6_753_bits() { let x: BigNum<7, 753, MNT6_753_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/pallas.nr b/src/curves/pallas.nr index 36ae60f..255888e 100644 --- a/src/curves/pallas.nr +++ b/src/curves/pallas.nr @@ -1,11 +1,11 @@ -use dep::bignum::BigNum; -use dep::bignum::fields::pallasFr::Pallas_Fr_Params; -use dep::bignum::fields::pallasFq::Pallas_Fq_Params; use crate::BigCurve; -use crate::scalar_field::ScalarField; use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; +use dep::bignum::BigNum; +use dep::bignum::fields::pallasFq::Pallas_Fq_Params; +use dep::bignum::fields::pallasFr::Pallas_Fr_Params; -global PALLAS_SCALAR_SLICES = 64; +global PALLAS_SCALAR_SLICES: u32 = 64; pub struct Pallas_Params {} impl CurveParamsTrait> for Pallas_Params { @@ -50,12 +50,12 @@ pub type PallasFr = BigNum<3, 255, Pallas_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::pallas::PALLAS_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::pallasFr::Pallas_Fr_Params; #[test] - fn test_bits() { + fn test_pallas_bits() { let x: BigNum<3, 255, Pallas_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/secp256k1.nr b/src/curves/secp256k1.nr index d286775..4e4f18b 100644 --- a/src/curves/secp256k1.nr +++ b/src/curves/secp256k1.nr @@ -1,11 +1,11 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::secp256k1Fq::Secp256k1_Fq_Params; use dep::bignum::fields::secp256k1Fr::Secp256k1_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; -global SECP256k1_SCALAR_SLICES = 65; +global SECP256k1_SCALAR_SLICES: u32 = 65; pub struct Secp256k1_Params {} impl CurveParamsTrait> for Secp256k1_Params { fn a() -> BigNum<3, 256, Secp256k1_Fq_Params> { @@ -52,12 +52,12 @@ pub type Secp256k1Fq = BigNum<3, 256, Secp256k1_Fq_Params>; pub type Secp256k1Fr = BigNum<3, 256, Secp256k1_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::secp256k1::SECP256k1_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::secp256k1Fr::Secp256k1_Fr_Params; #[test] - fn test_bits() { + fn test_secp256k1_bits() { let x: BigNum<3, 256, Secp256k1_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/secp256r1.nr b/src/curves/secp256r1.nr index 2fd0476..c4a9ba6 100644 --- a/src/curves/secp256r1.nr +++ b/src/curves/secp256r1.nr @@ -1,9 +1,9 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::secp256r1Fq::Secp256r1_Fq_Params; use dep::bignum::fields::secp256r1Fr::Secp256r1_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; pub struct Secp256r1_Params {} impl CurveParamsTrait> for Secp256r1_Params { @@ -55,12 +55,12 @@ pub type Secp256r1Fr = BigNum<3, 256, Secp256r1_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::secp256r1::SECP256r1_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::secp256r1Fr::Secp256r1_Fr_Params; #[test] - fn test_bits() { + fn test_secp256r1_bits() { let x: BigNum<3, 256, Secp256r1_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/secp384r1.nr b/src/curves/secp384r1.nr index 02c0689..d02e8f8 100644 --- a/src/curves/secp384r1.nr +++ b/src/curves/secp384r1.nr @@ -1,9 +1,9 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::secp384r1Fq::Secp384r1_Fq_Params; use dep::bignum::fields::secp384r1Fr::Secp384r1_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; pub struct Secp384r1_Params {} impl CurveParamsTrait> for Secp384r1_Params { @@ -89,7 +89,7 @@ impl CurveParamsTrait> for Secp384r1_Params } } -pub global SECP384r1_SCALAR_SLICES = 97; +pub global SECP384r1_SCALAR_SLICES: u32 = 97; pub type Secp384r1 = BigCurve, Secp384r1_Params>; pub type Secp384r1Scalar = ScalarField; pub type Secp384r1Fq = BigNum<4, 384, Secp384r1_Fq_Params>; @@ -97,13 +97,13 @@ pub type Secp384r1Fr = BigNum<4, 384, Secp384r1_Fr_Params>; mod test { - use dep::bignum::BigNum; - use crate::scalar_field::ScalarField; use crate::curves::secp384r1::Secp384r1Scalar; + use crate::scalar_field::ScalarField; + use dep::bignum::BigNum; use dep::bignum::fields::secp384r1Fr::Secp384r1_Fr_Params; #[test] - fn test_bits() { + fn test_secp384r1_bits() { let x: BigNum<4, 384, Secp384r1_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/curves/vesta.nr b/src/curves/vesta.nr index 3252a13..e6ee71a 100644 --- a/src/curves/vesta.nr +++ b/src/curves/vesta.nr @@ -1,9 +1,9 @@ +use crate::BigCurve; +use crate::CurveParamsTrait; +use crate::scalar_field::ScalarField; use dep::bignum::BigNum; use dep::bignum::fields::vestaFq::Vesta_Fq_Params; use dep::bignum::fields::vestaFr::Vesta_Fr_Params; -use crate::CurveParamsTrait; -use crate::BigCurve; -use crate::scalar_field::ScalarField; pub struct Vesta_Params {} impl CurveParamsTrait> for Vesta_Params { @@ -41,7 +41,7 @@ impl CurveParamsTrait> for Vesta_Params { } } -pub global VESTA_SCALAR_SLICES = 64; +pub global VESTA_SCALAR_SLICES: u32 = 64; pub type Vesta = BigCurve, Vesta_Params>; pub type VestaScalar = ScalarField; pub type VestaFq = BigNum<3, 255, Vesta_Fq_Params>; @@ -49,12 +49,12 @@ pub type VestaFr = BigNum<3, 255, Vesta_Fr_Params>; mod test { - use dep::bignum::BigNum; use crate::curves::vesta::VESTA_SCALAR_SLICES; + use dep::bignum::BigNum; use dep::bignum::fields::vestaFr::Vesta_Fr_Params; #[test] - fn test_bits() { + fn test_vesta_bits() { let x: BigNum<3, 255, Vesta_Fr_Params> = BigNum::new(); let max_wnaf_bits: u32 = x.modulus_bits() + 1; diff --git a/src/lib.nr b/src/lib.nr index 6b44c17..81463f0 100644 --- a/src/lib.nr +++ b/src/lib.nr @@ -8,9 +8,9 @@ pub(crate) mod curves; use dep::bignum::BigNum; use dep::bignum::BigNumTrait; -use crate::scalar_field::ScalarField; use crate::curve_jac::AffineTranscript; use crate::curve_jac::CurveJ; +use crate::scalar_field::ScalarField; use crate::utils::hash_to_curve::hash_to_curve; use dep::sort::sort_advanced; @@ -445,7 +445,7 @@ where let mut a_term = BigNum::conditional_select( CurveParams::a(), BigNum::new(), - x_equal_predicate & !y_equal_predicate & !self.is_infinity & !other.is_infinity, + x_equal_predicate & y_equal_predicate & !self.is_infinity & !other.is_infinity, ); BigNum::evaluate_quadratic_expression( @@ -552,8 +552,9 @@ where let mut a_term = BigNum::conditional_select( CurveParams::a(), BigNum::new(), - x_equal_predicate & !y_equal_predicate & !self.is_infinity & !other.is_infinity, + x_equal_predicate & y_equal_predicate & !self.is_infinity & !other.is_infinity, ); + BigNum::evaluate_quadratic_expression( [[lambda], [product_2_lhs_t0]], [[true], [false]], @@ -566,8 +567,6 @@ where [false], ); - // x3 = lambda * lambda - x2 - x1 - // if double, then x2 = x1 so we good BigNum::evaluate_quadratic_expression( [[lambda]], [[false]], diff --git a/src/test_data.nr b/src/test_data.nr index ce983c5..cc0c06b 100644 --- a/src/test_data.nr +++ b/src/test_data.nr @@ -1,6 +1,6 @@ -use dep::bignum::fields::bn254Fq::BN254_Fq_Params; -use dep::bignum::BigNum; use crate::curve_jac::AffineTranscript; +use dep::bignum::BigNum; +use dep::bignum::fields::bn254Fq::BN254_Fq_Params; // addition transcrpt for p - 2 pub fn get_transcript() -> [AffineTranscript>; 326] { diff --git a/src/utils/derive_offset_generators.nr b/src/utils/derive_offset_generators.nr index 6b23415..5c00359 100644 --- a/src/utils/derive_offset_generators.nr +++ b/src/utils/derive_offset_generators.nr @@ -1,20 +1,20 @@ -use crate::CurveParamsTrait; use crate::BigCurve; use crate::curve_jac::CurveJ; +use crate::CurveParamsTrait; -use dep::bignum::BigNumTrait; use dep::bignum::BigNum; +use dep::bignum::BigNumTrait; use dep::bignum::fields::bls12_377Fq::BLS12_377_Fq_Params; use dep::bignum::fields::bls12_381Fq::BLS12_381_Fq_Params; -use dep::bignum::fields::secp256k1Fq::Secp256k1_Fq_Params; -use dep::bignum::fields::secp256r1Fq::Secp256r1_Fq_Params; -use dep::bignum::fields::secp384r1Fq::Secp384r1_Fq_Params; +use dep::bignum::fields::bn254Fq::BN254_Fq_Params; +use dep::bignum::fields::ed25519Fq::ED25519_Fq_Params; use dep::bignum::fields::mnt4_753Fq::MNT4_753_Fq_Params; use dep::bignum::fields::mnt6_753Fq::MNT6_753_Fq_Params; use dep::bignum::fields::pallasFq::Pallas_Fq_Params; +use dep::bignum::fields::secp256k1Fq::Secp256k1_Fq_Params; +use dep::bignum::fields::secp256r1Fq::Secp256r1_Fq_Params; +use dep::bignum::fields::secp384r1Fq::Secp384r1_Fq_Params; use dep::bignum::fields::vestaFq::Vesta_Fq_Params; -use dep::bignum::fields::ed25519Fq::ED25519_Fq_Params; -use dep::bignum::fields::bn254Fq::BN254_Fq_Params; type BLS377BN = BigNum<4, 377, BLS12_377_Fq_Params>; type BLS381BN = BigNum<4, 381, BLS12_381_Fq_Params>;