bug: end_to_end() test fails

pluto · May 17, 2024 · 2e6bfb5 · 2e6bfb5
1 parent 3f1ba2d
commit 2e6bfb5
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 24 deletions.
diff --git a/src/curve/mod.rs b/src/curve/mod.rs
@@ -112,8 +112,6 @@ impl<C: EllipticCurve> Neg for AffinePoint<C> {
   }
 }
 
-// TODO: This should likely use a `Self::ScalarField` instead of `u32`.
-/// Scalar multiplication on the rhs: P*(u32)
 /// This is the niave implementation of scalar multiplication
 /// There is a faster way to do this but this is simpler to reason about for now
 #[allow(clippy::suspicious_arithmetic_impl)]
@@ -138,19 +136,20 @@ impl<C: EllipticCurve> Sub for AffinePoint<C> {
   fn sub(self, rhs: Self) -> Self::Output { self + -rhs }
 }
 
-#[allow(clippy::suspicious_arithmetic_impl)]
 impl<C: EllipticCurve> Mul<PlutoScalarField> for AffinePoint<C> {
   type Output = AffinePoint<C>;
 
   fn mul(self, scalar: PlutoScalarField) -> Self::Output { scalar.value as u32 * self }
 }
 
-/// Scalar multiplication on the Lhs (u32)*P
 #[allow(clippy::suspicious_arithmetic_impl)]
 impl<C: EllipticCurve> std::ops::Mul<AffinePoint<C>> for u32 {
   type Output = AffinePoint<C>;
 
   fn mul(self, val: AffinePoint<C>) -> Self::Output {
+    if self == 0 {
+      return AffinePoint::Infinity;
+    }
     let mut out = val;
     for _ in 1..self {
       out += val;

diff --git a/src/kzg/setup.rs b/src/kzg/setup.rs
@@ -77,30 +77,16 @@ pub fn check(
   g1_srs: Vec<AffinePoint<PlutoExtendedCurve>>,
   g2_srs: Vec<AffinePoint<PlutoExtendedCurve>>,
 ) -> bool {
-  // let p_gen =
-  // AffinePoint::<PlutoExtendedCurve>::from(AffinePoint::<PlutoBaseCurve>::generator());
-  // let cube_root_of_unity = PlutoBaseFieldExtension::primitive_root_of_unity(3);
-  // let q_gen = if let AffinePoint::<PlutoBaseCurve>::Point(x, y) =
-  //   AffinePoint::<PlutoBaseCurve>::generator()
-  // {
-  //   AffinePoint::<PlutoExtendedCurve>::new(
-  //     cube_root_of_unity * PlutoBaseFieldExtension::from(x),
-  //     PlutoBaseFieldExtension::from(y),
-  //   )
-  // } else {
-  //   panic!("Generator is not a point");
-  // };
-
   let g1 = *g1_srs.first().expect("has g1 srs");
   let g2 = *g2_srs.first().expect("has g2 srs");
 
   let lhs = pairing::<PlutoExtendedCurve, 17>(
-    q.into(),
+    q,
     g2 - AffinePoint::<PlutoExtendedCurve>::generator() * point,
   );
 
   let rhs = pairing::<PlutoExtendedCurve, 17>(
-    (p - g1 * value).into(),
+    p - g1 * value,
     AffinePoint::<PlutoExtendedCurve>::generator(),
   );
   println!("lhs {:?}", lhs);

diff --git a/src/kzg/tests.rs b/src/kzg/tests.rs
@@ -157,6 +157,9 @@ fn opening() {
   );
 }
 
+// lhs GaloisField { coeffs: [PrimeField { value: 2 }, PrimeField { value: 94 }] }
+// rhs GaloisField { coeffs: [PrimeField { value: 59 }, PrimeField { value: 49 }] }
+
 #[test]
 fn end_to_end() {
   let (g1srs, g2srs) = setup();
@@ -170,15 +173,37 @@ fn end_to_end() {
   ];
   let poly = Polynomial::<Monomial, PlutoScalarField>::new(coefficients.clone());
   let eval_point = PlutoScalarField::new(4);
+  dbg!(eval_point);
   let eval_result = poly.evaluate(eval_point);
-  println!("eval_result {:?}", eval_result);
+  dbg!(eval_result);
 
-  let p_commit = commit(poly.coefficients.clone(), g1srs.clone());
   // p_commit = inf
+  let p_commit = commit(poly.coefficients.clone(), g1srs.clone());
   assert_eq!(p_commit, AffinePoint::<PlutoExtendedCurve>::Infinity);
-  let q_commit = open(poly.coefficients, eval_point, g1srs.clone());
+
   // q_commit = (26, 50)
-  println!("q_commit {:?}", q_commit);
+  let q_commit = open(poly.coefficients, eval_point, g1srs.clone());
+  assert_eq!(
+    q_commit,
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(26usize),
+      PlutoBaseFieldExtension::from(45usize),
+    )
+  );
+
+  // Both `p_commit` and `q_commit` are in the same group so this is good.
+
+  // We can look at `g1srs` and see it is in `G1` and `g2srs` is in `G2`
+  dbg!(g1srs.first().unwrap());
+  for i in 0..17 {
+    println!("{}: {:?}", i, *g1srs.first().unwrap() * i);
+  }
+  assert_eq!(*g1srs.first().unwrap() * 17u32, AffinePoint::<PlutoExtendedCurve>::Infinity);
+  dbg!(g2srs.first().unwrap());
+  for i in 0..17 {
+    println!("{}: {:?}", i, *g2srs.first().unwrap() * i);
+  }
+  assert_eq!(*g2srs.first().unwrap() * 17u32, AffinePoint::<PlutoExtendedCurve>::Infinity);
 
   let valid = check(p_commit, q_commit, eval_point, eval_result, g1srs.clone(), g2srs.clone());