Merge branch 'main' into new-hint-64

CHANGELOG.md

@@ -11,13 +11,52 @@
        ids.b_lsb = ids.b & 1
     %}
 
+* Implement hint for `starkware.cairo.common.cairo_keccak.keccak._block_permutation` as described by whitelist `starknet/security/whitelists/cairo_keccak.json` [#1046](https://github.com/lambdaclass/cairo-rs/pull/1046)
+
+    `BuiltinHintProcessor` now supports the following hint:
+
+    ```python
+    %{
+        from starkware.cairo.common.cairo_keccak.keccak_utils import keccak_func
+        _keccak_state_size_felts = int(ids.KECCAK_STATE_SIZE_FELTS)
+        assert 0 <= _keccak_state_size_felts < 100
+        output_values = keccak_func(memory.get_range(
+            ids.keccak_ptr_start, _keccak_state_size_felts))
+        segments.write_arg(ids.output, output_values)
+    %}
+    ```
+
+* Implement hint on cairo_blake2s whitelist [#1040](https://github.com/lambdaclass/cairo-rs/pull/1040)
+
+    `BuiltinHintProcessor` now supports the following hint:
+
+    ```python
+    %{
+        from starkware.cairo.common.cairo_blake2s.blake2s_utils import IV, blake2s_compress
+
+        _blake2s_input_chunk_size_felts = int(ids.BLAKE2S_INPUT_CHUNK_SIZE_FELTS)
+        assert 0 <= _blake2s_input_chunk_size_felts < 100
+
+        new_state = blake2s_compress(
+            message=memory.get_range(ids.blake2s_start, _blake2s_input_chunk_size_felts),
+            h=[IV[0] ^ 0x01010020] + IV[1:],
+            t0=ids.n_bytes,
+            t1=0,
+            f0=0xffffffff,
+            f1=0,
+        )
+
+        segments.write_arg(ids.output, new_state)
+    %}
+    ```
+
 * Implement hint on cairo_blake2s whitelist [#1039](https://github.com/lambdaclass/cairo-rs/pull/1039)
 
     `BuiltinHintProcessor` now supports the following hint:
 
     ```python
 
-        %{
+    %{
         # Add dummy pairs of input and output.
         from starkware.cairo.common.cairo_blake2s.blake2s_utils import IV, blake2s_compress
 
@@ -135,6 +174,19 @@
 
     ```
 
+* Add missing hint on vrf.json lib [#1054](https://github.com/lambdaclass/cairo-rs/pull/1054):
+
+    `BuiltinHintProcessor` now supports the following hint:
+
+    ```python
+        from starkware.cairo.common.cairo_secp.secp_utils import pack
+        SECP_P = 2**255-19
+
+        y = pack(ids.point.y, PRIME) % SECP_P
+        # The modulo operation in python always returns a nonnegative number.
+        value = (-y) % SECP_P
+    ```
+
 * Implement hint on ec_recover.json whitelist [#1032](https://github.com/lambdaclass/cairo-rs/pull/1032):
 
     `BuiltinHintProcessor` now supports the following hint:
@@ -190,7 +242,24 @@
 * Optimizations for hash builtin [#1029](https://github.com/lambdaclass/cairo-rs/pull/1029):
   * Track the verified addresses by offset in a `Vec<bool>` rather than storing the address in a `Vec<Relocatable>`
 
-* Add missing hint on vrf.json lib [#1035](https://github.com/lambdaclass/cairo-rs/pull/1035):
+* Add missing hint on vrf.json whitelist [#1056](https://github.com/lambdaclass/cairo-rs/pull/1056):
+
+    `BuiltinHintProcessor` now supports the following hint:
+
+    ```python
+    %{
+        from starkware.python.math_utils import ec_double_slope
+        from starkware.cairo.common.cairo_secp.secp_utils import pack
+        SECP_P = 2**255-19
+
+        # Compute the slope.
+        x = pack(ids.point.x, PRIME)
+        y = pack(ids.point.y, PRIME)
+        value = slope = ec_double_slope(point=(x, y), alpha=42204101795669822316448953119945047945709099015225996174933988943478124189485, p=SECP_P)
+    %}
+    ```
+
+* Add missing hint on vrf.json whitelist [#1035](https://github.com/lambdaclass/cairo-rs/pull/1035):
 
     `BuiltinHintProcessor` now supports the following hint:
 
@@ -208,7 +277,7 @@
     %}
     ```
 
-* Add missing hint on vrf.json lib [#1035](https://github.com/lambdaclass/cairo-rs/pull/1035):
+* Add missing hint on vrf.json whitelist [#1035](https://github.com/lambdaclass/cairo-rs/pull/1035):
 
     `BuiltinHintProcessor` now supports the following hint:
 
@@ -223,7 +292,7 @@
     %}
     ```
 
-* Add missing hint on vrf.json lib [#1000](https://github.com/lambdaclass/cairo-rs/pull/1000):
+* Add missing hint on vrf.json whitelist [#1000](https://github.com/lambdaclass/cairo-rs/pull/1000):
 
     `BuiltinHintProcessor` now supports the following hint:
 
@@ -376,6 +445,15 @@
         %}
     ```
 
+* Add missing hint on vrf.json lib [#1050](https://github.com/lambdaclass/cairo-rs/pull/1050):
+
+    `BuiltinHintProcessor` now supports the following hint:
+
+    ```python
+        sum_low = ids.a.low + ids.b.low
+        ids.carry_low = 1 if sum_low >= ids.SHIFT else 0
+    ```
+
 * Add missing hint on uint256_improvements lib [#1016](https://github.com/lambdaclass/cairo-rs/pull/1016):
 
     `BuiltinHintProcessor` now supports the following hint:
@@ -442,7 +520,7 @@
 
     _Note: this hint is similar to the one in #983, but with some trailing whitespace removed_
 
-* Add missing hint on vrf.json lib [#1030](https://github.com/lambdaclass/cairo-rs/pull/1030):
+* Add missing hint on vrf.json whitelist [#1030](https://github.com/lambdaclass/cairo-rs/pull/1030):
 
     `BuiltinHintProcessor` now supports the following hint:
 
@@ -1052,4 +1130,4 @@
         * `pub fn from_vm_error(runner: &CairoRunner, error: VirtualMachineError, pc: usize) -> Self` is now `pub fn from_vm_error(runner: &CairoRunner, vm: &VirtualMachine, error: VirtualMachineError) -> Self`
         * `pub fn get_location(pc: &usize, runner: &CairoRunner) -> Option<Location>` is now `pub fn get_location(pc: usize, runner: &CairoRunner) -> Option<Location>`
         * `pub fn decode_instruction(encoded_instr: i64, mut imm: Option<BigInt>) -> Result<instruction::Instruction, VirtualMachineError>` is now `pub fn decode_instruction(encoded_instr: i64, mut imm: Option<&BigInt>) -> Result<instruction::Instruction, VirtualMachineError>`
-        * `VmExcepion` field's string format now mirror their cairo-lang conterparts.
+        * `VmException` fields' string format now mirrors their cairo-lang counterparts.

cairo_programs/_keccak_alternative_hint.cairo

@@ -11,15 +11,15 @@ from starkware.cairo.common.cairo_builtins import BitwiseBuiltin
 from starkware.cairo.common.alloc import alloc
 from starkware.cairo.common.serialize import serialize_word
 
-func _keccak{range_check_ptr, bitwise_ptr: BitwiseBuiltin*, keccak_ptr: felt*}(
+func _keccak_0_10_3{range_check_ptr, bitwise_ptr: BitwiseBuiltin*, keccak_ptr: felt*}(
     inputs: felt*, n_bytes: felt, state: felt*
 ) -> (output: felt*) {
     alloc_locals;
     if (nondet %{ ids.n_bytes >= ids.KECCAK_FULL_RATE_IN_BYTES %} != 0) {
         _prepare_block(inputs=inputs, n_bytes=KECCAK_FULL_RATE_IN_BYTES, state=state);
-        _block_permutation();
+        _block_permutation_0_10_3();
 
-        return _keccak(
+        return _keccak_0_10_3(
             inputs=inputs + KECCAK_FULL_RATE_IN_WORDS,
             n_bytes=n_bytes - KECCAK_FULL_RATE_IN_BYTES,
             state=keccak_ptr - KECCAK_STATE_SIZE_FELTS,
@@ -29,12 +29,12 @@ func _keccak{range_check_ptr, bitwise_ptr: BitwiseBuiltin*, keccak_ptr: felt*}(
     assert_nn_le(n_bytes, KECCAK_FULL_RATE_IN_BYTES - 1);
 
     _prepare_block(inputs=inputs, n_bytes=n_bytes, state=state);
-    _block_permutation();
+    _block_permutation_0_10_3();
 
     return (output=keccak_ptr - KECCAK_STATE_SIZE_FELTS);
 }
 
-func _block_permutation{keccak_ptr: felt*}() {
+func _block_permutation_0_10_3{keccak_ptr: felt*}() {
     %{
         from starkware.cairo.common.cairo_keccak.keccak_utils import keccak_func
         _keccak_state_size_felts = int(ids.KECCAK_STATE_SIZE_FELTS)
@@ -49,17 +49,7 @@ func _block_permutation{keccak_ptr: felt*}() {
     return ();
 }
 
-func fill_array(array: felt*, base: felt, array_length: felt, iterator: felt) {
-    if (iterator == array_length) {
-        return ();
-    }
-
-    assert array[iterator] = base;
-
-    return fill_array(array, base, array_length, iterator + 1);
-}
-
-func main{output_ptr: felt*, range_check_ptr, bitwise_ptr: BitwiseBuiltin*}() {
+func run_0_10_3{output_ptr: felt*, range_check_ptr, bitwise_ptr: BitwiseBuiltin*}() {
     alloc_locals;
 
     let (output: felt*) = alloc();
@@ -75,7 +65,7 @@ func main{output_ptr: felt*, range_check_ptr, bitwise_ptr: BitwiseBuiltin*}() {
 
     let n_bytes = 24;
 
-    let (res: felt*) = _keccak{keccak_ptr=keccak_output}(
+    let (res: felt*) = _keccak_0_10_3{keccak_ptr=keccak_output}(
         inputs=inputs_start, n_bytes=n_bytes, state=state_start
     );
 
@@ -86,3 +76,59 @@ func main{output_ptr: felt*, range_check_ptr, bitwise_ptr: BitwiseBuiltin*}() {
 
     return ();
 }
+
+func _block_permutation_cairo_keccak{output_ptr: felt*, keccak_ptr: felt*}() {
+    alloc_locals;
+    let output = output_ptr;
+    let keccak_ptr_start = keccak_ptr - KECCAK_STATE_SIZE_FELTS;
+    %{
+        from starkware.cairo.common.cairo_keccak.keccak_utils import keccak_func
+        _keccak_state_size_felts = int(ids.KECCAK_STATE_SIZE_FELTS)
+        assert 0 <= _keccak_state_size_felts < 100
+        output_values = keccak_func(memory.get_range(
+            ids.keccak_ptr_start, _keccak_state_size_felts))
+        segments.write_arg(ids.output, output_values)
+    %}
+    let keccak_ptr = keccak_ptr + KECCAK_STATE_SIZE_FELTS;
+
+    return ();
+}
+
+func run_cairo_keccak{output_ptr: felt*, range_check_ptr, bitwise_ptr: BitwiseBuiltin*}() {
+    alloc_locals;
+
+    let (output: felt*) = alloc();
+    let keccak_output = output;
+
+    let (inputs: felt*) = alloc();
+    let inputs_start = inputs;
+    fill_array(inputs, 9, 3, 0);
+
+    let (state: felt*) = alloc();
+    let state_start = state;
+    fill_array(state, 5, 25, 0);
+
+    let n_bytes = 24;
+
+    _prepare_block{keccak_ptr=output_ptr}(inputs=inputs, n_bytes=n_bytes, state=state);
+    _block_permutation_cairo_keccak{keccak_ptr=output_ptr}();
+
+    return ();
+}
+
+func fill_array(array: felt*, base: felt, array_length: felt, iterator: felt) {
+    if (iterator == array_length) {
+        return ();
+    }
+
+    assert array[iterator] = base;
+
+    return fill_array(array, base, array_length, iterator + 1);
+}
+
+func main{output_ptr: felt*, range_check_ptr, bitwise_ptr: BitwiseBuiltin*}() {
+    run_0_10_3();
+    run_cairo_keccak();
+
+    return ();
+}

cairo_programs/compute_doubling_slope_v2.cairo

@@ -0,0 +1,100 @@
+
+from starkware.cairo.common.cairo_secp.bigint import (
+    BigInt3,
+    UnreducedBigInt3,
+    nondet_bigint3,
+)
+
+from cairo_programs.compute_slope_v2 import verify_zero
+
+const BASE = 2 ** 86;
+const SECP_REM = 19;
+
+struct EcPoint {
+    x: BigInt3,
+    y: BigInt3,
+}
+
+func unreduced_mul(a: BigInt3, b: BigInt3) -> (res_low: UnreducedBigInt3) {
+    // The result of the product is:
+    //   sum_{i, j} a.d_i * b.d_j * BASE**(i + j)
+    // Since we are computing it mod secp256k1_prime, we replace the term
+    //   a.d_i * b.d_j * BASE**(i + j)
+    // where i + j >= 3 with
+    //   a.d_i * b.d_j * BASE**(i + j - 3) * 4 * SECP_REM
+    // since BASE ** 3 = 4 * SECP_REM (mod secp256k1_prime).
+    return (
+        UnreducedBigInt3(
+        d0=a.d0 * b.d0 + (a.d1 * b.d2 + a.d2 * b.d1) * (8 * SECP_REM),
+        d1=a.d0 * b.d1 + a.d1 * b.d0 + (a.d2 * b.d2) * (8 * SECP_REM),
+        d2=a.d0 * b.d2 + a.d1 * b.d1 + a.d2 * b.d0),
+    );
+}
+
+// Computes the square of a big integer, given in BigInt3 representation, modulo the
+// secp256k1 prime.
+//
+// Has the same guarantees as in unreduced_mul(a, a).
+func unreduced_sqr(a: BigInt3) -> (res_low: UnreducedBigInt3) {
+    tempvar twice_d0 = a.d0 * 2;
+    return (
+        UnreducedBigInt3(
+        d0=a.d0 * a.d0 + (a.d1 * a.d2) * (2 * 8 * SECP_REM),
+        d1=twice_d0 * a.d1 + (a.d2 * a.d2) * (8 * SECP_REM),
+        d2=twice_d0 * a.d2 + a.d1 * a.d1),
+    );
+}
+
+
+// Computes the slope of the elliptic curve at a given point.
+// The slope is used to compute point + point.
+//
+// Arguments:
+//   point - the point to operate on.
+//
+// Returns:
+//   slope - the slope of the curve at point, in BigInt3 representation.
+//
+// Assumption: point != 0.
+
+func compute_doubling_slope{range_check_ptr}(point: EcPoint) -> (slope: BigInt3) {
+    alloc_locals;
+    // Note that y cannot be zero: assume that it is, then point = -point, so 2 * point = 0, which
+    // contradicts the fact that the size of the curve is odd.
+    %{
+        from starkware.python.math_utils import ec_double_slope
+        from starkware.cairo.common.cairo_secp.secp_utils import pack
+        SECP_P = 2**255-19
+
+        # Compute the slope.
+        x = pack(ids.point.x, PRIME)
+        y = pack(ids.point.y, PRIME)
+        value = slope = ec_double_slope(point=(x, y), alpha=42204101795669822316448953119945047945709099015225996174933988943478124189485, p=SECP_P)
+    %}
+    let (slope: BigInt3) = nondet_bigint3();
+    // let alpha = Uint256(
+    //     143186476941636880901214103594843510573, 124026708105846590725274683684370988502
+    // );
+    let (x_sqr: UnreducedBigInt3) = unreduced_sqr(point.x);
+    let (slope_y: UnreducedBigInt3) = unreduced_mul(slope, point.y);
+    let to_assert = UnreducedBigInt3(
+        d0=3 * x_sqr.d0 - 2 * slope_y.d0 + 44933163489768861888943917,
+        d1=3 * x_sqr.d1 - 2 * slope_y.d1 + 5088459194227531129123890,
+        d2=3 * x_sqr.d2 - 2 * slope_y.d2 + 7050102118787810395887998,
+    );
+    // let to_assert256 = bigint_to_uint256(to_assert);
+    // %{ print_u_256_info(ids.to_assert256, 'to_assert') %}
+
+    verify_zero(to_assert);
+
+    return (slope=slope);
+}
+
+
+func main{range_check_ptr}() {
+    let point_1 = EcPoint(BigInt3(512, 2412, 133), BigInt3(64, 0, 6546));
+
+    let (slope) = compute_doubling_slope(point_1);
+    assert slope = BigInt3(50745345459537348646984154, 66221251087242098185359002 ,8063180118678125382645462);
+    return ();
+    }