From 2bd6adee2d3c8d56d02b1a11bfba6d6936e7c61a Mon Sep 17 00:00:00 2001 From: Charlie Lye Date: Fri, 25 Oct 2024 11:30:51 +0000 Subject: [PATCH 01/18] Make test names unique. Now some fail. --- src/tests/runtime_bignum_test.nr | 47 +++++++++++++++++++++----------- 1 file changed, 31 insertions(+), 16 deletions(-) diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index a97f4ccd..d3dd35a9 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -208,10 +208,25 @@ impl BigNumParamsGetter<18, 2048> for Test2048Params { **/ comptime fn make_test(f: StructDefinition, N: Quoted, MOD_BITS: Quoted, typ: Quoted) -> Quoted { let k = f.name(); + let test_add = f"{typ}_{N}_{MOD_BITS}_test_add".quoted_contents(); + let test_sub = f"{typ}_{N}_{MOD_BITS}_test_sub".quoted_contents(); + let test_sub_modulus_limit = f"{typ}_{N}_{MOD_BITS}_test_sub_modulus_limit".quoted_contents(); + let test_sub_modulus_underflow = f"{typ}_{N}_{MOD_BITS}_test_sub_modulus_underflow".quoted_contents(); + let test_add_modulus_limit = f"{typ}_{N}_{MOD_BITS}_test_add_modulus_limit".quoted_contents(); + let test_add_modulus_overflow = f"{typ}_{N}_{MOD_BITS}_test_add_modulus_overflow".quoted_contents(); + let test_mul = f"{typ}_{N}_{MOD_BITS}_test_mul".quoted_contents(); + let test_quadratic_expression = f"{typ}_{N}_{MOD_BITS}_test_quadratic_expression".quoted_contents(); + let assert_is_not_equal = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal".quoted_contents(); + let assert_is_not_equal_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_fail".quoted_contents(); + let assert_is_not_equal_overloaded_lhs_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_lhs_fail".quoted_contents(); + let assert_is_not_equal_overloaded_rhs_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_rhs_fail".quoted_contents(); + let assert_is_not_equal_overloaded_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_fail".quoted_contents(); + let test_derive = f"{typ}_{N}_{MOD_BITS}_test_derive".quoted_contents(); + let test_eq = f"{typ}_{N}_{MOD_BITS}_test_eq".quoted_contents(); quote { impl $k { #[test] -fn test_add() { +fn $test_add() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; @@ -237,7 +252,7 @@ fn test_add() { } #[test] -fn test_sub() { +fn $test_sub() { let params = $typ ::get_params(); // 0 - 1 should equal p - 1 @@ -253,7 +268,7 @@ fn test_sub() { #[test] -fn test_sub_modulus_limit() { +fn $test_sub_modulus_limit() { let params = $typ ::get_params(); // if we underflow, maximum result should be ... // 0 - 1 = o-1 @@ -268,7 +283,7 @@ fn test_sub_modulus_limit() { #[test(should_fail_with = "call to assert_max_bit_size")] -fn test_sub_modulus_underflow() { +fn $test_sub_modulus_underflow() { let params = $typ ::get_params(); // 0 - (p + 1) is smaller than p and should produce unsatisfiable constraints @@ -283,7 +298,7 @@ fn test_sub_modulus_underflow() { } #[test] -fn test_add_modulus_limit() { +fn $test_add_modulus_limit() { let params = $typ ::get_params(); // p + 2^{modulus_bits()} - 1 should be the maximum allowed value fed into an add operation @@ -303,14 +318,14 @@ fn test_add_modulus_limit() { } #[test(should_fail_with = "call to assert_max_bit_size")] -fn test_add_modulus_overflow() { +fn $test_add_modulus_overflow() { let params = $typ ::get_params(); let p : U60Repr<$N, 2> = U60Repr::from(params.modulus); let one = unsafe{ U60Repr::one() }; let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum { limbs: U60Repr::into(p + one), params }; - + let mut two_pow_modulus_bits_minus_one: U60Repr<$N, 2> = unsafe{ one.shl($MOD_BITS) - one }; let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum { limbs: U60Repr::into(two_pow_modulus_bits_minus_one), params }; @@ -320,7 +335,7 @@ fn test_add_modulus_overflow() { } #[test] -fn test_mul() { +fn $test_mul() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { @@ -336,7 +351,7 @@ fn test_mul() { } #[test] -fn test_quadratic_expression() { +fn $test_quadratic_expression() { let params = $typ ::get_params(); for i in 0..32 { @@ -384,7 +399,7 @@ fn test_quadratic_expression() { } #[test] -fn assert_is_not_equal() { +fn $assert_is_not_equal() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { @@ -398,7 +413,7 @@ fn assert_is_not_equal() { } #[test(should_fail_with = "asssert_is_not_equal fail")] -fn assert_is_not_equal_fail() { +fn $assert_is_not_equal_fail() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { @@ -412,7 +427,7 @@ fn assert_is_not_equal_fail() { } #[test(should_fail_with = "asssert_is_not_equal fail")] -fn assert_is_not_equal_overloaded_lhs_fail() { +fn $assert_is_not_equal_overloaded_lhs_fail() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { @@ -432,7 +447,7 @@ fn assert_is_not_equal_overloaded_lhs_fail() { } #[test(should_fail_with = "asssert_is_not_equal fail")] -fn assert_is_not_equal_overloaded_rhs_fail() { +fn $assert_is_not_equal_overloaded_rhs_fail() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { @@ -452,7 +467,7 @@ fn assert_is_not_equal_overloaded_rhs_fail() { } #[test(should_fail_with = "asssert_is_not_equal fail")] -fn assert_is_not_equal_overloaded_fail() { +fn $assert_is_not_equal_overloaded_fail() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { @@ -475,7 +490,7 @@ fn assert_is_not_equal_overloaded_fail() { } #[test] -fn test_derive() +fn $test_derive() { let params = $typ ::get_params(); @@ -487,7 +502,7 @@ fn test_derive() } #[test] -fn test_eq() { +fn $test_eq() { let params = $typ ::get_params(); let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe { From 47a8700a7f453205e584dc91022e25ddcb6680ed Mon Sep 17 00:00:00 2001 From: Khashayar Barooti Date: Mon, 28 Oct 2024 17:52:27 +0000 Subject: [PATCH 02/18] fixing the failing tests --- .vscode/launch.json | 15 +++++++++++++++ src/fns/constrained_ops.nr | 24 ++++++++++++++++++++---- src/fns/unconstrained_ops.nr | 7 ++++--- src/runtime_bignum.nr | 2 ++ src/tests/runtime_bignum_test.nr | 31 +++++++++++++++++++++++-------- 5 files changed, 64 insertions(+), 15 deletions(-) create mode 100644 .vscode/launch.json diff --git a/.vscode/launch.json b/.vscode/launch.json new file mode 100644 index 00000000..ff05fe57 --- /dev/null +++ b/.vscode/launch.json @@ -0,0 +1,15 @@ +{ + // Use IntelliSense to learn about possible attributes. + // Hover to view descriptions of existing attributes. + // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 + "version": "0.2.0", + "configurations": [ + { + "type": "noir", + "request": "launch", + "name": "Noir binary package", + "projectFolder": "${workspaceFolder}", + "proverName": "Prover" + } + ] +} \ No newline at end of file diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index b6c6d211..6c4e31ab 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -38,12 +38,13 @@ pub(crate) fn derive_from_seed, seed: [u8; SeedBytes], ) -> [Field; N] { + // assert(params.MOD_BITS == MOD_BITS); let mut rolling_seed: [u8; SeedBytes + 1] = [0; SeedBytes + 1]; for i in 0..SeedBytes { rolling_seed[i] = seed[i]; assert_eq(rolling_seed[i], seed[i]); } - + //the seed is getting passed around ok I checked let mut hash_buffer: [u8; N * 2 * 15] = [0; N * 2 * 15]; let mut rolling_hash_fields: [Field; (SeedBytes / 31) + 1] = [0; (SeedBytes / 31) + 1]; @@ -59,10 +60,11 @@ pub(crate) fn derive_from_seed( **/ pub(crate) fn validate_in_range(limbs: [Field; N]) { for i in 0..(N - 1) { - limbs[i].assert_max_bit_size::<120>(); + // limbs[i].assert_max_bit_size::<120>(); + assert(limbs[i].lt(2.pow_32(120)),"call to assert_max_bit_size 2"); } - limbs[N - 1].assert_max_bit_size::(); + // println("the bit size in the constrained function is"); + // println(MOD_BITS - ((N - 1) * 120)); + // println("the limbs in the constrained function are"); + // println(limbs); + // assert_constant(limbs[N-1]); + // limbs[N - 1].assert_max_bit_size::(); + // println("barabim barabum"); + // println(limbs[N-1]); + assert(limbs[N-1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field) ),"call to assert_max_bit_size"); + + // println("this should not show up"); + } /** diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index b72f913b..da35f9d2 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -49,11 +49,10 @@ pub(crate) unconstrained fn __derive_from_seed RuntimeBigNumTrait for RuntimeB seed: [u8; SeedBytes], ) -> Self { let limbs = unsafe { __derive_from_seed::<_, MOD_BITS, _>(params, seed) }; + println("the unconstrained call to derive:"); + println(limbs); Self { limbs, params } } diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index d3dd35a9..8ff3960b 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -228,19 +228,29 @@ impl $k { #[test] fn $test_add() { let params = $typ ::get_params(); - - let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; - let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [4, 5, 6, 7]) }; - + + // let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; + // println("the derivation is happening"); + // let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [4, 5, 6, 7]) }; + // println("the derivation is happening here too"); + let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); + let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); + // let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - + a.validate_in_range(); + println("a's range validation is working"); a.validate_in_field(); + println("a's field validation is working"); b.validate_in_range(); + println("b's range validation is working"); b.validate_in_field(); - + println("b's field validation is working"); + println("addition 1"); let mut c = a + b; + println("addition 2"); c = c + c; + println("addition 3"); let d = (a + b) * (one + one); assert(c == d); @@ -312,8 +322,10 @@ fn $test_add_modulus_limit() { let two_pow_modulus_bits_minus_one: U60Repr<$N, 2> = unsafe{ one.shl($MOD_BITS) - one }; let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum { limbs: U60Repr::into(two_pow_modulus_bits_minus_one), params }; - + // println!("the test made it here{:?}", a); let result = a + b; + // println("the last limb of b in the add test is"); + // println(b.limbs); assert(result == b); } @@ -329,7 +341,6 @@ fn $test_add_modulus_overflow() { let mut two_pow_modulus_bits_minus_one: U60Repr<$N, 2> = unsafe{ one.shl($MOD_BITS) - one }; let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum { limbs: U60Repr::into(two_pow_modulus_bits_minus_one), params }; - let result = a + b; assert(result == b); } @@ -498,6 +509,10 @@ fn $test_derive() let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe { RuntimeBigNum::__derive_from_seed(params, "hello".as_bytes()) }; + // println("value of a {:?}"); + // println(a.limbs); + // println("value of b {:?}"); + // println(b.limbs); assert(a == b); } From 39fbdbb15614d48c5d01d0ecdbc47f2bb11816aa Mon Sep 17 00:00:00 2001 From: Khashayar Barooti Date: Thu, 31 Oct 2024 18:03:39 +0000 Subject: [PATCH 03/18] temporarily fixed the tests failing with --force-brillig tests --- src/fns/constrained_ops.nr | 38 ++++++++++++----- src/fns/unconstrained_helpers.nr | 28 ++++++++++--- src/fns/unconstrained_ops.nr | 38 +++++++++++++---- src/runtime_bignum.nr | 4 +- src/tests/bignum_test.nr | 10 ++++- src/tests/runtime_bignum_test.nr | 40 +++++++++--------- src/tests/test.sage | 71 ++++++++++++++++++++++++++++++++ 7 files changed, 183 insertions(+), 46 deletions(-) create mode 100644 src/tests/test.sage diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 6c4e31ab..22a25f25 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -60,10 +60,13 @@ pub(crate) fn derive_from_seed(bigfield_rhs_limbs); let mut result: [Field; N] = [0; N]; @@ -138,7 +143,6 @@ pub(crate) fn derive_from_seed( **/ pub(crate) fn validate_in_range(limbs: [Field; N]) { for i in 0..(N - 1) { + // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant // limbs[i].assert_max_bit_size::<120>(); assert(limbs[i].lt(2.pow_32(120)),"call to assert_max_bit_size 2"); } - // println("the bit size in the constrained function is"); - // println(MOD_BITS - ((N - 1) * 120)); - // println("the limbs in the constrained function are"); - // println(limbs); - // assert_constant(limbs[N-1]); + // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant // limbs[N - 1].assert_max_bit_size::(); - // println("barabim barabum"); - // println(limbs[N-1]); assert(limbs[N-1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field) ),"call to assert_max_bit_size"); - // println("this should not show up"); } @@ -281,8 +279,13 @@ pub(crate) fn validate_gt(lhs: [Field; N], rhs: [ // so we do... p - x - r = 0 and there might be borrow flags // a - b = r // p + a - b - r = 0 + // for the test, with --force-brillig this outputs + // the result is + // [0x00, 0x00, 0x800] + // and without the flag + // [0x00, 0x00, 0x00] + // the issue is happening here. the result is not being set correctly when the --force-brillig flag is used let (result, carry_flags, borrow_flags) = unsafe { __validate_gt_remainder(lhs, rhs) }; - validate_in_range::<_, MOD_BITS>(result); let borrow_shift = 0x1000000000000000000000000000000; @@ -293,16 +296,21 @@ pub(crate) fn validate_gt(lhs: [Field; N], rhs: [ + (borrow_flags[0] as Field * borrow_shift) - (carry_flags[0] as Field * carry_shift); assert(result_limb == 0); + for i in 1..N - 1 { let result_limb = lhs[i] - rhs[i] + addend[i] - result[i] - borrow_flags[i - 1] as Field + carry_flags[i - 1] as Field + ((borrow_flags[i] as Field - carry_flags[i] as Field) * borrow_shift); assert(result_limb == 0); + } + let result_limb = lhs[N - 1] - rhs[N - 1] + addend[N - 1] - result[N - 1] - borrow_flags[N - 2] as Field + carry_flags[N - 2] as Field; + // println("the result limb is"); + // println(result_limb); assert(result_limb == 0); } @@ -458,7 +466,11 @@ pub(crate) fn udiv_mod( divisor: [Field; N], ) -> ([Field; N], [Field; N]) { let (quotient, remainder) = unsafe { __udiv_mod(numerator, divisor) }; - + + // println("the quotient is"); + // println(quotient); + // println("the remainder is"); + // println(remainder); // self / divisor = quotient rounded // quotient * divisor + remainder - self = 0 evaluate_quadratic_expression( @@ -472,6 +484,10 @@ pub(crate) fn udiv_mod( ); // we need (remainder < divisor) // implies (divisor - remainder > 0) + // println("the divisor is"); + // println(divisor); + // // println("the remainder is"); + // println(remainder); validate_gt::<_, MOD_BITS>(divisor, remainder); (quotient, remainder) } diff --git a/src/fns/unconstrained_helpers.nr b/src/fns/unconstrained_helpers.nr index 694971e5..28988ac8 100644 --- a/src/fns/unconstrained_helpers.nr +++ b/src/fns/unconstrained_helpers.nr @@ -29,7 +29,7 @@ pub(crate) unconstrained fn __validate_in_field_compute_borrow_flags( +pub(crate) unconstrained fn __validate_gt_remainder( lhs: [Field; N], rhs: [Field; N], ) -> ([Field; N], [bool; N], [bool; N]) { @@ -48,6 +48,8 @@ pub(crate) unconstrained fn __validate_gt_remainder= 0x1000000000000000) as u64; @@ -68,7 +70,8 @@ pub(crate) unconstrained fn __validate_gt_remainder( modulus: [Field; N], modulus_u60: U60Repr, ) -> ([Field; N], [Field; N]) { + // for each i in 0..(N + N), adds x[i] * redc_param[j] to mulout[i + j] for each j in 0..N let mut mulout: [Field; 3 * N] = [0; 3 * N]; for i in 0..(N + N) { for j in 0..N { mulout[i + j] += x[i] * redc_param[j]; } } + mulout = split_bits::__normalize_limbs(mulout, 3 * N - 2); let mulout_u60: U60Repr = U60Repr::new(mulout); @@ -230,6 +235,8 @@ pub(crate) unconstrained fn __barrett_reduction( // NOTE: very niche edge case error that we need to be aware of: // N must be large enough to cover the modulus *plus* BARRETT_REDUCTION_OVERFLOW_BITS // i.e. a 359-bit prime needs (I think) 4 limbs to represent or we may overflow when calling __barrett_reduction + + let mut quotient_u60 = mulout_u60.shr((k + k + BARRETT_REDUCTION_OVERFLOW_BITS)); // N.B. we assume that the shifted quotient cannot exceed 2 times original bit size. @@ -259,17 +266,28 @@ pub(crate) unconstrained fn __barrett_reduction( } let quotient_mul_modulus_u60: U60Repr = U60Repr::new(quotient_mul_modulus_normalized); + // convert the input into U60Repr let x_u60: U60Repr = U60Repr::new(x); let mut remainder_u60 = x_u60 - quotient_mul_modulus_u60; - + // barrett reduction is quircky so might need to remove a few modulus_u60 from the remainder if (remainder_u60.gte(modulus_u60)) { remainder_u60 = remainder_u60 - modulus_u60; quotient_u60.increment(); } else {} - + if (remainder_u60.gte(modulus_u60)) { + remainder_u60 = remainder_u60 - modulus_u60; + quotient_u60.increment(); + + } + if (remainder_u60.gte(modulus_u60)) { + remainder_u60 = remainder_u60 - modulus_u60; + quotient_u60.increment(); + } + let q: [Field; N] = U60Repr::into(quotient_u60); let r: [Field; N] = U60Repr::into(remainder_u60); - + + // assert(modulus[N-1].lt(r[N-1]), "barrett reduction failed"); (q, r) } diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index da35f9d2..dac01bbc 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -33,12 +33,24 @@ pub(crate) unconstrained fn __one() -> [Field; N] { limbs } +/** + * @brief Deterministically derives a big_num from a seed value + * + * @description Takes a seed byte array and generates a big_num in the range [0, modulus-1]. + * @param params The BigNum parameters containing modulus and reduction info + * @param seed Input seed bytes to derive from + * @returns [Field; N] An array of field elements derived from the seed (the limbs of the big_num) + */ pub(crate) unconstrained fn __derive_from_seed( params: P, seed: [u8; SeedBytes], ) -> [Field; N] { + + // Pack seed bytes into Field elements, 31 bytes at a time let mut rolling_hash_fields: [Field; (SeedBytes / 31) + 1] = [0; (SeedBytes / 31) + 1]; let mut seed_ptr = 0; + // creates rolling hash fields, it itterates through each 31 bytes of the seed + // and sums them up to create a single field element out of each 31 byte chunck for i in 0..(SeedBytes / 31) + 1 { let mut packed: Field = 0; for _ in 0..31 { @@ -50,15 +62,21 @@ pub(crate) unconstrained fn __derive_from_seed(limbs: [Field; N]) -> bool { for i in 0..N { result = result & (limbs[i] == 0); } + result } @@ -223,7 +247,7 @@ pub(crate) unconstrained fn __div( * 2. numerator % divisor = remainder * 3. divisor * quotient + remainder = numerator **/ -pub(crate) unconstrained fn __udiv_mod( +pub(crate) unconstrained fn __udiv_mod( numerator: [Field; N], divisor: [Field; N], ) -> ([Field; N], [Field; N]) { diff --git a/src/runtime_bignum.nr b/src/runtime_bignum.nr index b36f1e4d..63e1457b 100644 --- a/src/runtime_bignum.nr +++ b/src/runtime_bignum.nr @@ -154,8 +154,8 @@ impl RuntimeBigNumTrait for RuntimeB seed: [u8; SeedBytes], ) -> Self { let limbs = unsafe { __derive_from_seed::<_, MOD_BITS, _>(params, seed) }; - println("the unconstrained call to derive:"); - println(limbs); + // println("the unconstrained call to derive:"); + // println(limbs); Self { limbs, params } } diff --git a/src/tests/bignum_test.nr b/src/tests/bignum_test.nr index 9449ddc3..7387aae6 100644 --- a/src/tests/bignum_test.nr +++ b/src/tests/bignum_test.nr @@ -624,10 +624,18 @@ type U256 = BN256; fn test_udiv_mod_U256() { let a: U256 = unsafe { BigNum::__derive_from_seed([1, 2, 3, 4]) }; let b: U256 = BigNum::from_array([12, 0, 0]); - + // println("a is "); + // println(a.limbs); + // println("b is "); + // println(b.limbs); + let (q, r) = a.udiv_mod(b); // let qb = q.__mul(b); + // println("q is "); + // println(q.limbs); + // println("r is "); + // println(r.limbs); let product = unsafe { q.__mul(b).__add(r) }; assert(product == a); } diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index 8ff3960b..f172fbbf 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -229,28 +229,21 @@ impl $k { fn $test_add() { let params = $typ ::get_params(); - // let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; - // println("the derivation is happening"); - // let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [4, 5, 6, 7]) }; - // println("the derivation is happening here too"); - let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); + let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; + let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [4, 5, 6, 7]) }; + // let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); + // let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); // let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - a.validate_in_range(); - println("a's range validation is working"); a.validate_in_field(); - println("a's field validation is working"); b.validate_in_range(); - println("b's range validation is working"); b.validate_in_field(); - println("b's field validation is working"); - println("addition 1"); + let mut c = a + b; - println("addition 2"); + c = c + c; - println("addition 3"); + let d = (a + b) * (one + one); assert(c == d); @@ -505,14 +498,21 @@ fn $test_derive() { let params = $typ ::get_params(); - let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::derive_from_seed(params, "hello".as_bytes()); + // let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::derive_from_seed(params, "hello".as_bytes()); + let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::derive_from_seed(params, [1, 2, 3, 4]); + let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe { - RuntimeBigNum::__derive_from_seed(params, "hello".as_bytes()) + // RuntimeBigNum::__derive_from_seed(params, "hello".as_bytes()) + RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; - // println("value of a {:?}"); - // println(a.limbs); - // println("value of b {:?}"); - // println(b.limbs); + // let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); + // println("the limbs of 1"); + // println(one.limbs); + // println("the value of a is"); + // println(a.limbs); + // println("the value of b is"); + // println(b.limbs); + assert(a == b); } diff --git a/src/tests/test.sage b/src/tests/test.sage new file mode 100644 index 00000000..41327e6d --- /dev/null +++ b/src/tests/test.sage @@ -0,0 +1,71 @@ +# sage file for +a = [0xac8f3bf3e82de4824c69e37615d9d0, 0xdec7cb5187e95beb13d672363f120d, 0xd67c320641ec0448932ee6a0602908, 0x01ae3a] + +modulus = [0x0b5d44300000008508c00000000001, 0xd9f300f5138f1ef3622fba09480017, 0x4617c510eac63b05c06ca1493b1a22, 0x013e3c] + +a = [0x950dacccffd9f25bfedc3b1c8fb250, 0x5c14ad28aaf9bc0408af6c977184bb, 0xc3739ec96a4185a3801203b8f6b9b2, 0x017231] + +b = [0xbc692fd9e5af7b9117e1e0cf64db6f, 0x7cd01a05d660e1736aadcd130a6517, 0xf5205dcdbd5fb252b9b2396381625b, 0x022f29] + +reduction_param = [0xd687789c42a591f9fd58c5e4daffcc, 0x0de6776b1a06af2d488d85a6d02d0e, 0xd0cc4060e976c3ca0582ef4f73bbad, 0x261508] + +to_reduce = ["0xec0ca0c0adce359af6fcea1a7ab2dc", "0xdd52c4aa3fde93685d3f7cc285de32", "0x75d80e5e132a6f8954a8cdd6c76fea", "0x8414f97f24248c26ecdda05c41c720", "0xfdcc89c595cf1ebab8e5ea8e4680ef", "0x3ede37060164892256a1b291460dd7", "0x85ea3de302", "0x00"] + +for i in range(4): + a_as_int *= 2^120 + a_as_int += a[i] + b_as_int += b[3-i] * 2^(120 * (3-i)) + modulus_as_int *= 2^120 + modulus_as_int += modulus[i] + reduction_param_as_int *= 2^120 + reduction_param_as_int += reduction_param[i] +print(modulus_as_int.is_prime() ) +print("a is:" , a_as_int) +print("b is :",b_as_int) +print("modulus is:" , modulus_as_int) +print("modulus should be:", int("0x01ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001",16)) +print(a_as_int % modulus_as_int) +print(b_as_int % modulus_as_int) +print(a_as_int % modulus_as_int == b_as_int % modulus_as_int) +print("reduction param is", reduction_param_as_int) +p = 21888242871839275222246405745257275088548364400416034343698204186575808495617 +mod_bits = 377 +print("reduction param should be", 2^(mod_bits * 2 + 4)) +print(a == b) + + +the divisor is +[0x0c, 0x00, 0x00] +the remainder is +[0x00, 0x00, 0x00] +the result limb is + +the divisor is +[0x0c, 0x00, 0x00] +the remainder is +[0x00, 0x00, 0x00] +# with the flag +the last limb is +0x00 +0x00 +the result is +0x0800 +the borrow flags are +false +the carry flags are +false +the result limb is +0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593effff801 + +# without the flag +the last limb is +0x00 +0x00 +the result is +0x00 +the borrow flags are +false +the carry flags are +false +the result limb is +0x00 From ffbc92eb9292817d884ef529e29795e958b9f7c2 Mon Sep 17 00:00:00 2001 From: Khashayar Barooti Date: Thu, 31 Oct 2024 18:04:28 +0000 Subject: [PATCH 04/18] fmt --- src/bignum.nr | 13 +++--- src/fields/U1024.nr | 2 +- src/fields/U2048.nr | 2 +- src/fields/U256.nr | 2 +- src/fields/U384.nr | 2 +- src/fields/U4096.nr | 2 +- src/fields/U512.nr | 2 +- src/fields/U768.nr | 2 +- src/fields/U8192.nr | 2 +- src/fields/bls12_377Fq.nr | 2 +- src/fields/bls12_377Fr.nr | 2 +- src/fields/bls12_381Fq.nr | 2 +- src/fields/bls12_381Fr.nr | 2 +- src/fields/bn254Fq.nr | 2 +- src/fields/ed25519Fq.nr | 2 +- src/fields/ed25519Fr.nr | 2 +- src/fields/mnt4_753Fq.nr | 2 +- src/fields/mnt4_753Fr.nr | 2 +- src/fields/mnt6_753Fq.nr | 2 +- src/fields/mnt6_753Fr.nr | 2 +- src/fields/pallasFq.nr | 2 +- src/fields/pallasFr.nr | 2 +- src/fields/secp256k1Fq.nr | 2 +- src/fields/secp256k1Fr.nr | 2 +- src/fields/secp256r1Fq.nr | 2 +- src/fields/secp256r1Fr.nr | 2 +- src/fields/secp384r1Fq.nr | 2 +- src/fields/secp384r1Fr.nr | 2 +- src/fields/vestaFq.nr | 2 +- src/fields/vestaFr.nr | 2 +- src/fns/constrained_ops.nr | 36 ++++++++-------- src/fns/expressions.nr | 2 +- src/fns/unconstrained_helpers.nr | 11 ++--- src/fns/unconstrained_ops.nr | 33 ++++++--------- src/runtime_bignum.nr | 19 +++++---- src/tests/bignum_test.nr | 3 +- src/tests/runtime_bignum_test.nr | 33 +++++++++------ src/tests/test.sage | 71 -------------------------------- src/utils/u60_representation.nr | 2 +- 39 files changed, 105 insertions(+), 176 deletions(-) delete mode 100644 src/tests/test.sage diff --git a/src/bignum.nr b/src/bignum.nr index aaad1c8a..5b9fe7c9 100644 --- a/src/bignum.nr +++ b/src/bignum.nr @@ -4,14 +4,15 @@ use crate::params::BigNumParamsGetter; use crate::fns::{ constrained_ops::{ - derive_from_seed, conditional_select, assert_is_not_equal, eq, validate_in_field, - validate_in_range, neg, add, sub, mul, div, udiv_mod, udiv, umod, + add, assert_is_not_equal, conditional_select, derive_from_seed, div, eq, mul, neg, sub, + udiv, udiv_mod, umod, validate_in_field, validate_in_range, }, - unconstrained_ops::{ - __derive_from_seed, __eq, __is_zero, __neg, __add, __sub, __mul, __div, __udiv_mod, - __invmod, __pow, __batch_invert, __batch_invert_slice, __tonelli_shanks_sqrt, - }, expressions::{__compute_quadratic_expression, evaluate_quadratic_expression}, + expressions::{__compute_quadratic_expression, evaluate_quadratic_expression}, serialization::{from_be_bytes, to_le_bytes}, + unconstrained_ops::{ + __add, __batch_invert, __batch_invert_slice, __derive_from_seed, __div, __eq, __invmod, + __is_zero, __mul, __neg, __pow, __sub, __tonelli_shanks_sqrt, __udiv_mod, + }, }; pub struct BigNum { diff --git a/src/fields/U1024.nr b/src/fields/U1024.nr index 5f8f438a..c0593a1c 100644 --- a/src/fields/U1024.nr +++ b/src/fields/U1024.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U1024Params {} diff --git a/src/fields/U2048.nr b/src/fields/U2048.nr index 6c689179..bbd9cc06 100644 --- a/src/fields/U2048.nr +++ b/src/fields/U2048.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U2048Params {} diff --git a/src/fields/U256.nr b/src/fields/U256.nr index e542d4a5..eea35dd4 100644 --- a/src/fields/U256.nr +++ b/src/fields/U256.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U256Params {} diff --git a/src/fields/U384.nr b/src/fields/U384.nr index 572fbe67..be29a735 100644 --- a/src/fields/U384.nr +++ b/src/fields/U384.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U384_Params {} diff --git a/src/fields/U4096.nr b/src/fields/U4096.nr index d63124c7..cfa0fae8 100644 --- a/src/fields/U4096.nr +++ b/src/fields/U4096.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U4096Params {} diff --git a/src/fields/U512.nr b/src/fields/U512.nr index 50277773..148ed672 100644 --- a/src/fields/U512.nr +++ b/src/fields/U512.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U512Params {} diff --git a/src/fields/U768.nr b/src/fields/U768.nr index c9e0cb44..37564fdd 100644 --- a/src/fields/U768.nr +++ b/src/fields/U768.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U768Params {} diff --git a/src/fields/U8192.nr b/src/fields/U8192.nr index a70b3917..ce7f8faa 100644 --- a/src/fields/U8192.nr +++ b/src/fields/U8192.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct U8192Params {} diff --git a/src/fields/bls12_377Fq.nr b/src/fields/bls12_377Fq.nr index 81a6cc98..9a4db96e 100644 --- a/src/fields/bls12_377Fq.nr +++ b/src/fields/bls12_377Fq.nr @@ -16,8 +16,8 @@ //! * G1 curve equation: y^2 = x^3 + 1 //! * G2 curve equation: y^2 = x^3 + B, where //! * B = Fq2(0, 155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906) -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct BLS12_377_Fq_Params {} diff --git a/src/fields/bls12_377Fr.nr b/src/fields/bls12_377Fr.nr index 123b8139..ee4577e9 100644 --- a/src/fields/bls12_377Fr.nr +++ b/src/fields/bls12_377Fr.nr @@ -17,8 +17,8 @@ //! * G2 curve equation: y^2 = x^3 + B, where //! * B = Fq2(0, 155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906) -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct BLS12_377_Fr_Params {} diff --git a/src/fields/bls12_381Fq.nr b/src/fields/bls12_381Fq.nr index f2ef2e65..223c99e9 100644 --- a/src/fields/bls12_381Fq.nr +++ b/src/fields/bls12_381Fq.nr @@ -14,8 +14,8 @@ //! * valuation(r - 1, 2) = 32 //! * G1 curve equation: y^2 = x^3 + 4 //! * G2 curve equation: y^2 = x^3 + Fq2(4, 4) -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct BLS12_381_Fq_Params {} diff --git a/src/fields/bls12_381Fr.nr b/src/fields/bls12_381Fr.nr index 2635d62b..0d68c228 100644 --- a/src/fields/bls12_381Fr.nr +++ b/src/fields/bls12_381Fr.nr @@ -14,8 +14,8 @@ //! * valuation(r - 1, 2) = 32 //! * G1 curve equation: y^2 = x^3 + 4 //! * G2 curve equation: y^2 = x^3 + Fq2(4, 4) -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct BLS12_381_Fr_Params {} diff --git a/src/fields/bn254Fq.nr b/src/fields/bn254Fq.nr index d1fd56e9..43cbc3a7 100644 --- a/src/fields/bn254Fq.nr +++ b/src/fields/bn254Fq.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct BN254_Fq_Params {} diff --git a/src/fields/ed25519Fq.nr b/src/fields/ed25519Fq.nr index 0a19b9a0..a09315da 100644 --- a/src/fields/ed25519Fq.nr +++ b/src/fields/ed25519Fq.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct ED25519_Fq_Params {} diff --git a/src/fields/ed25519Fr.nr b/src/fields/ed25519Fr.nr index cdc2005f..dea885af 100644 --- a/src/fields/ed25519Fr.nr +++ b/src/fields/ed25519Fr.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct ED25519_Fr_Params {} diff --git a/src/fields/mnt4_753Fq.nr b/src/fields/mnt4_753Fq.nr index 849a7532..f185c8cf 100644 --- a/src/fields/mnt4_753Fq.nr +++ b/src/fields/mnt4_753Fq.nr @@ -19,8 +19,8 @@ //! * B = Fq2(0, b * NON_RESIDUE) //! * NON_RESIDUE = 13 is the quadratic non-residue used to conpub struct the //! extension field Fq2 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct MNT4_753_Fq_Params {} diff --git a/src/fields/mnt4_753Fr.nr b/src/fields/mnt4_753Fr.nr index 21982f9f..8264432e 100644 --- a/src/fields/mnt4_753Fr.nr +++ b/src/fields/mnt4_753Fr.nr @@ -19,8 +19,8 @@ //! * B = Fq2(0, b * NON_RESIDUE) //! * NON_RESIDUE = 13 is the quadratic non-residue used to conpub struct the //! extension field Fq2 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct MNT4_753_Fr_Params {} diff --git a/src/fields/mnt6_753Fq.nr b/src/fields/mnt6_753Fq.nr index 421a36b4..8a9358f7 100644 --- a/src/fields/mnt6_753Fq.nr +++ b/src/fields/mnt6_753Fq.nr @@ -19,8 +19,8 @@ //! * B = Fq3(b * NON_RESIDUE, 0, 0) //! * NON_RESIDUE = 11 is the cubic non-residue used to conpub struct the //! extension field Fq3 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct MNT6_753_Fq_Params {} diff --git a/src/fields/mnt6_753Fr.nr b/src/fields/mnt6_753Fr.nr index 24110720..5148148f 100644 --- a/src/fields/mnt6_753Fr.nr +++ b/src/fields/mnt6_753Fr.nr @@ -19,8 +19,8 @@ //! * B = Fq3(b * NON_RESIDUE, 0, 0) //! * NON_RESIDUE = 11 is the cubic non-residue used to conpub struct the //! extension field Fq3 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct MNT6_753_Fr_Params {} diff --git a/src/fields/pallasFq.nr b/src/fields/pallasFq.nr index a5f6a1a8..06423031 100644 --- a/src/fields/pallasFq.nr +++ b/src/fields/pallasFq.nr @@ -13,8 +13,8 @@ //! * Curve equation: y^2 = x^3 + 5 //! * Valuation(q - 1, 2) = 32 //! * Valuation(r - 1, 2) = 32 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Pallas_Fq_Params {} diff --git a/src/fields/pallasFr.nr b/src/fields/pallasFr.nr index 502b0da2..ad0e71e6 100644 --- a/src/fields/pallasFr.nr +++ b/src/fields/pallasFr.nr @@ -13,8 +13,8 @@ //! * Curve equation: y^2 = x^3 + 5 //! * Valuation(q - 1, 2) = 32 //! * Valuation(r - 1, 2) = 32 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Pallas_Fr_Params {} diff --git a/src/fields/secp256k1Fq.nr b/src/fields/secp256k1Fq.nr index 463ea901..1634337c 100644 --- a/src/fields/secp256k1Fq.nr +++ b/src/fields/secp256k1Fq.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Secp256k1_Fq_Params {} diff --git a/src/fields/secp256k1Fr.nr b/src/fields/secp256k1Fr.nr index 9b137928..48382e45 100644 --- a/src/fields/secp256k1Fr.nr +++ b/src/fields/secp256k1Fr.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Secp256k1_Fr_Params {} diff --git a/src/fields/secp256r1Fq.nr b/src/fields/secp256r1Fq.nr index 4d4ebaee..6f661aa6 100644 --- a/src/fields/secp256r1Fq.nr +++ b/src/fields/secp256r1Fq.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Secp256r1_Fq_Params {} diff --git a/src/fields/secp256r1Fr.nr b/src/fields/secp256r1Fr.nr index 8db71855..11f7ce7f 100644 --- a/src/fields/secp256r1Fr.nr +++ b/src/fields/secp256r1Fr.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Secp256r1_Fr_Params {} diff --git a/src/fields/secp384r1Fq.nr b/src/fields/secp384r1Fq.nr index 599aeec8..d70b6645 100644 --- a/src/fields/secp384r1Fq.nr +++ b/src/fields/secp384r1Fq.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Secp384r1_Fq_Params {} diff --git a/src/fields/secp384r1Fr.nr b/src/fields/secp384r1Fr.nr index 6755694e..b31c552f 100644 --- a/src/fields/secp384r1Fr.nr +++ b/src/fields/secp384r1Fr.nr @@ -1,5 +1,5 @@ -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Secp384r1_Fr_Params {} diff --git a/src/fields/vestaFq.nr b/src/fields/vestaFq.nr index 56a309b1..e16c3f08 100644 --- a/src/fields/vestaFq.nr +++ b/src/fields/vestaFq.nr @@ -14,8 +14,8 @@ //! * Curve equation: y^2 = x^3 + 5 //! * Valuation(q - 1, 2) = 32 //! * Valuation(r - 1, 2) = 32 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Vesta_Fq_Params {} diff --git a/src/fields/vestaFr.nr b/src/fields/vestaFr.nr index 438b2ff3..4e7d5d5a 100644 --- a/src/fields/vestaFr.nr +++ b/src/fields/vestaFr.nr @@ -14,8 +14,8 @@ //! * Curve equation: y^2 = x^3 + 5 //! * Valuation(q - 1, 2) = 32 //! * Valuation(r - 1, 2) = 32 -use crate::params::BigNumParamsGetter; use crate::params::BigNumParams; +use crate::params::BigNumParamsGetter; use crate::utils::u60_representation::U60Repr; pub struct Vesta_Fr_Params {} diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 22a25f25..0f04a85a 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -1,10 +1,12 @@ use crate::params::BigNumParams as P; use crate::fns::{ + expressions::evaluate_quadratic_expression, unconstrained_helpers::{ - __validate_in_field_compute_borrow_flags, __validate_gt_remainder, __neg_with_flags, - __add_with_flags, __sub_with_flags, - }, unconstrained_ops::{__mul, __div, __udiv_mod}, expressions::evaluate_quadratic_expression, + __add_with_flags, __neg_with_flags, __sub_with_flags, __validate_gt_remainder, + __validate_in_field_compute_borrow_flags, + }, + unconstrained_ops::{__div, __mul, __udiv_mod}, }; /** @@ -38,7 +40,7 @@ pub(crate) fn derive_from_seed, seed: [u8; SeedBytes], ) -> [Field; N] { - // assert(params.MOD_BITS == MOD_BITS); + // assert(params.MOD_BITS == MOD_BITS); let mut rolling_seed: [u8; SeedBytes + 1] = [0; SeedBytes + 1]; for i in 0..SeedBytes { rolling_seed[i] = seed[i]; @@ -60,7 +62,7 @@ pub(crate) fn derive_from_seed(limbs: [Field; N] for i in 0..(N - 1) { // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant // limbs[i].assert_max_bit_size::<120>(); - assert(limbs[i].lt(2.pow_32(120)),"call to assert_max_bit_size 2"); + assert(limbs[i].lt(2.pow_32(120)), "call to assert_max_bit_size 2"); } - // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant + // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant // limbs[N - 1].assert_max_bit_size::(); - assert(limbs[N-1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field) ),"call to assert_max_bit_size"); - - + assert( + limbs[N - 1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field)), + "call to assert_max_bit_size", + ); } /** @@ -279,9 +282,9 @@ pub(crate) fn validate_gt(lhs: [Field; N], rhs: [ // so we do... p - x - r = 0 and there might be borrow flags // a - b = r // p + a - b - r = 0 - // for the test, with --force-brillig this outputs + // for the test, with --force-brillig this outputs // the result is - // [0x00, 0x00, 0x800] + // [0x00, 0x00, 0x800] // and without the flag // [0x00, 0x00, 0x00] // the issue is happening here. the result is not being set correctly when the --force-brillig flag is used @@ -296,15 +299,14 @@ pub(crate) fn validate_gt(lhs: [Field; N], rhs: [ + (borrow_flags[0] as Field * borrow_shift) - (carry_flags[0] as Field * carry_shift); assert(result_limb == 0); - + for i in 1..N - 1 { let result_limb = lhs[i] - rhs[i] + addend[i] - result[i] - borrow_flags[i - 1] as Field + carry_flags[i - 1] as Field + ((borrow_flags[i] as Field - carry_flags[i] as Field) * borrow_shift); assert(result_limb == 0); - } - + let result_limb = lhs[N - 1] - rhs[N - 1] + addend[N - 1] - result[N - 1] - borrow_flags[N - 2] as Field @@ -466,7 +468,7 @@ pub(crate) fn udiv_mod( divisor: [Field; N], ) -> ([Field; N], [Field; N]) { let (quotient, remainder) = unsafe { __udiv_mod(numerator, divisor) }; - + // println("the quotient is"); // println(quotient); // println("the remainder is"); @@ -487,7 +489,7 @@ pub(crate) fn udiv_mod( // println("the divisor is"); // println(divisor); // // println("the remainder is"); - // println(remainder); + // println(remainder); validate_gt::<_, MOD_BITS>(divisor, remainder); (quotient, remainder) } diff --git a/src/fns/expressions.nr b/src/fns/expressions.nr index 38b2abfb..b66b1586 100644 --- a/src/fns/expressions.nr +++ b/src/fns/expressions.nr @@ -1,9 +1,9 @@ use crate::utils::split_bits; -use crate::params::BigNumParams as P; use crate::fns::{ constrained_ops::validate_quotient_in_range, unconstrained_helpers::__barrett_reduction, }; +use crate::params::BigNumParams as P; /** * In this file: diff --git a/src/fns/unconstrained_helpers.nr b/src/fns/unconstrained_helpers.nr index 28988ac8..fced655b 100644 --- a/src/fns/unconstrained_helpers.nr +++ b/src/fns/unconstrained_helpers.nr @@ -1,8 +1,8 @@ -use crate::utils::u60_representation::U60Repr; use crate::utils::split_bits; +use crate::utils::u60_representation::U60Repr; +use crate::fns::unconstrained_ops::{__add, __eq, __mul, __neg, __one, __pow}; use crate::params::BigNumParams as P; -use crate::fns::unconstrained_ops::{__one, __eq, __neg, __add, __mul, __pow}; /** * In this file: @@ -235,8 +235,6 @@ pub(crate) unconstrained fn __barrett_reduction( // NOTE: very niche edge case error that we need to be aware of: // N must be large enough to cover the modulus *plus* BARRETT_REDUCTION_OVERFLOW_BITS // i.e. a 359-bit prime needs (I think) 4 limbs to represent or we may overflow when calling __barrett_reduction - - let mut quotient_u60 = mulout_u60.shr((k + k + BARRETT_REDUCTION_OVERFLOW_BITS)); // N.B. we assume that the shifted quotient cannot exceed 2 times original bit size. @@ -277,16 +275,15 @@ pub(crate) unconstrained fn __barrett_reduction( if (remainder_u60.gte(modulus_u60)) { remainder_u60 = remainder_u60 - modulus_u60; quotient_u60.increment(); - } if (remainder_u60.gte(modulus_u60)) { remainder_u60 = remainder_u60 - modulus_u60; quotient_u60.increment(); } - + let q: [Field; N] = U60Repr::into(quotient_u60); let r: [Field; N] = U60Repr::into(remainder_u60); - + // assert(modulus[N-1].lt(r[N-1]), "barrett reduction failed"); (q, r) } diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index dac01bbc..71c61bbe 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -1,11 +1,11 @@ -use crate::utils::u60_representation::U60Repr; use crate::utils::split_bits; +use crate::utils::u60_representation::U60Repr; -use crate::params::BigNumParams as P; use crate::fns::unconstrained_helpers::{ - __barrett_reduction, __primitive_root_log_size, __multiplicative_generator, + __barrett_reduction, __multiplicative_generator, __primitive_root_log_size, __tonelli_shanks_sqrt_inner_loop_check, }; +use crate::params::BigNumParams as P; /** * In this file: @@ -45,12 +45,11 @@ pub(crate) unconstrained fn __derive_from_seed, seed: [u8; SeedBytes], ) -> [Field; N] { - // Pack seed bytes into Field elements, 31 bytes at a time let mut rolling_hash_fields: [Field; (SeedBytes / 31) + 1] = [0; (SeedBytes / 31) + 1]; let mut seed_ptr = 0; // creates rolling hash fields, it itterates through each 31 bytes of the seed - // and sums them up to create a single field element out of each 31 byte chunck + // and sums them up to create a single field element out of each 31 byte chunck for i in 0..(SeedBytes / 31) + 1 { let mut packed: Field = 0; for _ in 0..31 { @@ -61,22 +60,20 @@ pub(crate) unconstrained fn __derive_from_seed { @@ -154,8 +155,8 @@ impl RuntimeBigNumTrait for RuntimeB seed: [u8; SeedBytes], ) -> Self { let limbs = unsafe { __derive_from_seed::<_, MOD_BITS, _>(params, seed) }; - // println("the unconstrained call to derive:"); - // println(limbs); + // println("the unconstrained call to derive:"); + // println(limbs); Self { limbs, params } } diff --git a/src/tests/bignum_test.nr b/src/tests/bignum_test.nr index 7387aae6..c3d6d365 100644 --- a/src/tests/bignum_test.nr +++ b/src/tests/bignum_test.nr @@ -6,9 +6,9 @@ use crate::bignum::BigNumTrait; use crate::params::BigNumParams; use crate::params::BigNumParamsGetter; +use crate::fields::bls12_381Fq::BLS12_381_Fq_Params; use crate::fields::bn254Fq::BN254_Fq_Params; use crate::fields::U256::U256Params; -use crate::fields::bls12_381Fq::BLS12_381_Fq_Params; struct Test2048Params {} @@ -628,7 +628,6 @@ fn test_udiv_mod_U256() { // println(a.limbs); // println("b is "); // println(b.limbs); - let (q, r) = a.udiv_mod(b); // let qb = q.__mul(b); diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index f172fbbf..73120a1d 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -1,13 +1,13 @@ -use crate::utils::u60_representation::U60Repr; -use crate::runtime_bignum::RuntimeBigNum; use crate::params::{BigNumParams, BigNumParamsGetter}; +use crate::runtime_bignum::RuntimeBigNum; +use crate::utils::u60_representation::U60Repr; -use crate::fields::bn254Fq::BN254_Fq_Params; -use crate::fields::secp256k1Fq::Secp256k1_Fq_Params; -use crate::fields::bls12_381Fq::BLS12_381_Fq_Params; -use crate::fields::bls12_381Fr::BLS12_381_Fr_Params; use crate::fields::bls12_377Fq::BLS12_377_Fq_Params; use crate::fields::bls12_377Fr::BLS12_377_Fr_Params; +use crate::fields::bls12_381Fq::BLS12_381_Fq_Params; +use crate::fields::bls12_381Fr::BLS12_381_Fr_Params; +use crate::fields::bn254Fq::BN254_Fq_Params; +use crate::fields::secp256k1Fq::Secp256k1_Fq_Params; global TEST_2048_PARAMS: BigNumParams<18, 2048> = BigNumParams { has_multiplicative_inverse: false, @@ -211,16 +211,23 @@ comptime fn make_test(f: StructDefinition, N: Quoted, MOD_BITS: Quoted, typ: Quo let test_add = f"{typ}_{N}_{MOD_BITS}_test_add".quoted_contents(); let test_sub = f"{typ}_{N}_{MOD_BITS}_test_sub".quoted_contents(); let test_sub_modulus_limit = f"{typ}_{N}_{MOD_BITS}_test_sub_modulus_limit".quoted_contents(); - let test_sub_modulus_underflow = f"{typ}_{N}_{MOD_BITS}_test_sub_modulus_underflow".quoted_contents(); + let test_sub_modulus_underflow = + f"{typ}_{N}_{MOD_BITS}_test_sub_modulus_underflow".quoted_contents(); let test_add_modulus_limit = f"{typ}_{N}_{MOD_BITS}_test_add_modulus_limit".quoted_contents(); - let test_add_modulus_overflow = f"{typ}_{N}_{MOD_BITS}_test_add_modulus_overflow".quoted_contents(); + let test_add_modulus_overflow = + f"{typ}_{N}_{MOD_BITS}_test_add_modulus_overflow".quoted_contents(); let test_mul = f"{typ}_{N}_{MOD_BITS}_test_mul".quoted_contents(); - let test_quadratic_expression = f"{typ}_{N}_{MOD_BITS}_test_quadratic_expression".quoted_contents(); + let test_quadratic_expression = + f"{typ}_{N}_{MOD_BITS}_test_quadratic_expression".quoted_contents(); let assert_is_not_equal = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal".quoted_contents(); - let assert_is_not_equal_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_fail".quoted_contents(); - let assert_is_not_equal_overloaded_lhs_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_lhs_fail".quoted_contents(); - let assert_is_not_equal_overloaded_rhs_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_rhs_fail".quoted_contents(); - let assert_is_not_equal_overloaded_fail = f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_fail".quoted_contents(); + let assert_is_not_equal_fail = + f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_fail".quoted_contents(); + let assert_is_not_equal_overloaded_lhs_fail = + f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_lhs_fail".quoted_contents(); + let assert_is_not_equal_overloaded_rhs_fail = + f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_rhs_fail".quoted_contents(); + let assert_is_not_equal_overloaded_fail = + f"{typ}_{N}_{MOD_BITS}_assert_is_not_equal_overloaded_fail".quoted_contents(); let test_derive = f"{typ}_{N}_{MOD_BITS}_test_derive".quoted_contents(); let test_eq = f"{typ}_{N}_{MOD_BITS}_test_eq".quoted_contents(); quote { diff --git a/src/tests/test.sage b/src/tests/test.sage deleted file mode 100644 index 41327e6d..00000000 --- a/src/tests/test.sage +++ /dev/null @@ -1,71 +0,0 @@ -# sage file for -a = [0xac8f3bf3e82de4824c69e37615d9d0, 0xdec7cb5187e95beb13d672363f120d, 0xd67c320641ec0448932ee6a0602908, 0x01ae3a] - -modulus = [0x0b5d44300000008508c00000000001, 0xd9f300f5138f1ef3622fba09480017, 0x4617c510eac63b05c06ca1493b1a22, 0x013e3c] - -a = [0x950dacccffd9f25bfedc3b1c8fb250, 0x5c14ad28aaf9bc0408af6c977184bb, 0xc3739ec96a4185a3801203b8f6b9b2, 0x017231] - -b = [0xbc692fd9e5af7b9117e1e0cf64db6f, 0x7cd01a05d660e1736aadcd130a6517, 0xf5205dcdbd5fb252b9b2396381625b, 0x022f29] - -reduction_param = [0xd687789c42a591f9fd58c5e4daffcc, 0x0de6776b1a06af2d488d85a6d02d0e, 0xd0cc4060e976c3ca0582ef4f73bbad, 0x261508] - -to_reduce = ["0xec0ca0c0adce359af6fcea1a7ab2dc", "0xdd52c4aa3fde93685d3f7cc285de32", "0x75d80e5e132a6f8954a8cdd6c76fea", "0x8414f97f24248c26ecdda05c41c720", "0xfdcc89c595cf1ebab8e5ea8e4680ef", "0x3ede37060164892256a1b291460dd7", "0x85ea3de302", "0x00"] - -for i in range(4): - a_as_int *= 2^120 - a_as_int += a[i] - b_as_int += b[3-i] * 2^(120 * (3-i)) - modulus_as_int *= 2^120 - modulus_as_int += modulus[i] - reduction_param_as_int *= 2^120 - reduction_param_as_int += reduction_param[i] -print(modulus_as_int.is_prime() ) -print("a is:" , a_as_int) -print("b is :",b_as_int) -print("modulus is:" , modulus_as_int) -print("modulus should be:", int("0x01ae3a4617c510eac63b05c06ca1493b1a22d9f300f5138f1ef3622fba094800170b5d44300000008508c00000000001",16)) -print(a_as_int % modulus_as_int) -print(b_as_int % modulus_as_int) -print(a_as_int % modulus_as_int == b_as_int % modulus_as_int) -print("reduction param is", reduction_param_as_int) -p = 21888242871839275222246405745257275088548364400416034343698204186575808495617 -mod_bits = 377 -print("reduction param should be", 2^(mod_bits * 2 + 4)) -print(a == b) - - -the divisor is -[0x0c, 0x00, 0x00] -the remainder is -[0x00, 0x00, 0x00] -the result limb is - -the divisor is -[0x0c, 0x00, 0x00] -the remainder is -[0x00, 0x00, 0x00] -# with the flag -the last limb is -0x00 -0x00 -the result is -0x0800 -the borrow flags are -false -the carry flags are -false -the result limb is -0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593effff801 - -# without the flag -the last limb is -0x00 -0x00 -the result is -0x00 -the borrow flags are -false -the carry flags are -false -the result limb is -0x00 diff --git a/src/utils/u60_representation.nr b/src/utils/u60_representation.nr index ea4c9b50..ae0dc172 100644 --- a/src/utils/u60_representation.nr +++ b/src/utils/u60_representation.nr @@ -1,5 +1,5 @@ -use crate::utils::split_bits; use crate::utils::msb::get_msb64; +use crate::utils::split_bits; /** * @brief U60Repr represents a BigNum element as a sequence of 60-bit unsigned integers. From 31761afef58ba6473dc402fb01cf023bd5c32dc5 Mon Sep 17 00:00:00 2001 From: Tom French Date: Fri, 1 Nov 2024 17:11:49 +0000 Subject: [PATCH 05/18] fmt --- src/bignum.nr | 3 +-- src/fns/constrained_ops.nr | 3 +-- src/runtime_bignum.nr | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/src/bignum.nr b/src/bignum.nr index 5b9fe7c9..787d0ed0 100644 --- a/src/bignum.nr +++ b/src/bignum.nr @@ -6,8 +6,7 @@ use crate::fns::{ constrained_ops::{ add, assert_is_not_equal, conditional_select, derive_from_seed, div, eq, mul, neg, sub, udiv, udiv_mod, umod, validate_in_field, validate_in_range, - }, - expressions::{__compute_quadratic_expression, evaluate_quadratic_expression}, + }, expressions::{__compute_quadratic_expression, evaluate_quadratic_expression}, serialization::{from_be_bytes, to_le_bytes}, unconstrained_ops::{ __add, __batch_invert, __batch_invert_slice, __derive_from_seed, __div, __eq, __invmod, diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 0f04a85a..e7b39e52 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -5,8 +5,7 @@ use crate::fns::{ unconstrained_helpers::{ __add_with_flags, __neg_with_flags, __sub_with_flags, __validate_gt_remainder, __validate_in_field_compute_borrow_flags, - }, - unconstrained_ops::{__div, __mul, __udiv_mod}, + }, unconstrained_ops::{__div, __mul, __udiv_mod}, }; /** diff --git a/src/runtime_bignum.nr b/src/runtime_bignum.nr index c0803afa..5e9509cc 100644 --- a/src/runtime_bignum.nr +++ b/src/runtime_bignum.nr @@ -7,8 +7,7 @@ use crate::fns::{ constrained_ops::{ add, assert_is_not_equal, conditional_select, derive_from_seed, div, eq, mul, neg, sub, udiv, udiv_mod, umod, validate_in_field, validate_in_range, - }, - expressions::{__compute_quadratic_expression, evaluate_quadratic_expression}, + }, expressions::{__compute_quadratic_expression, evaluate_quadratic_expression}, serialization::{from_be_bytes, to_le_bytes}, unconstrained_ops::{ __add, __batch_invert, __batch_invert_slice, __derive_from_seed, __div, __eq, __invmod, From e835d6ce873e41b66830ef9ad802194070e6cee0 Mon Sep 17 00:00:00 2001 From: Tom French Date: Fri, 1 Nov 2024 17:14:00 +0000 Subject: [PATCH 06/18] . --- src/runtime_bignum.nr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime_bignum.nr b/src/runtime_bignum.nr index bd860291..6c7ed47c 100644 --- a/src/runtime_bignum.nr +++ b/src/runtime_bignum.nr @@ -1,5 +1,5 @@ -use crate::utils::map::map; use crate::params::BigNumParams; +use crate::utils::map::map; use crate::fns::{ constrained_ops::{ From 1b094955f034b02440ef5c840f7cd6402b31b416 Mon Sep 17 00:00:00 2001 From: Khashayar Barooti Date: Wed, 6 Nov 2024 17:51:28 +0000 Subject: [PATCH 07/18] nuked unconstrained derive --- src/fns/constrained_ops.nr | 17 +----- src/fns/unconstrained_helpers.nr | 6 +- src/fns/unconstrained_ops.nr | 95 ++------------------------------ src/runtime_bignum.nr | 2 - src/tests/bignum_test.nr | 8 --- src/tests/runtime_bignum_test.nr | 10 ---- 6 files changed, 9 insertions(+), 129 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index e7b39e52..050f905c 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -66,10 +66,8 @@ pub(crate) fn derive_from_seed(bigfield_rhs_limbs); let mut result: [Field; N] = [0; N]; @@ -310,8 +306,6 @@ pub(crate) fn validate_gt(lhs: [Field; N], rhs: [ - result[N - 1] - borrow_flags[N - 2] as Field + carry_flags[N - 2] as Field; - // println("the result limb is"); - // println(result_limb); assert(result_limb == 0); } @@ -468,10 +462,7 @@ pub(crate) fn udiv_mod( ) -> ([Field; N], [Field; N]) { let (quotient, remainder) = unsafe { __udiv_mod(numerator, divisor) }; - // println("the quotient is"); - // println(quotient); - // println("the remainder is"); - // println(remainder); + // self / divisor = quotient rounded // quotient * divisor + remainder - self = 0 evaluate_quadratic_expression( @@ -485,10 +476,6 @@ pub(crate) fn udiv_mod( ); // we need (remainder < divisor) // implies (divisor - remainder > 0) - // println("the divisor is"); - // println(divisor); - // // println("the remainder is"); - // println(remainder); validate_gt::<_, MOD_BITS>(divisor, remainder); (quotient, remainder) } diff --git a/src/fns/unconstrained_helpers.nr b/src/fns/unconstrained_helpers.nr index fced655b..c6b4ea48 100644 --- a/src/fns/unconstrained_helpers.nr +++ b/src/fns/unconstrained_helpers.nr @@ -48,8 +48,6 @@ pub(crate) unconstrained fn __validate_gt_remainder( let mut borrow_in: u64 = 0; let mut borrow_flags: [bool; N] = [false; N]; let mut carry_flags: [bool; N] = [false; N]; - // println("the addend limb is"); - println(addend_u60.limbs); for i in 0..2 * N { let mut add_term: u64 = a_u60.limbs[i] + addend_u60.limbs[i] + carry_in; carry = (add_term >= 0x1000000000000000) as u64; @@ -70,8 +68,6 @@ pub(crate) unconstrained fn __validate_gt_remainder( borrow_flags[i / 2] = borrow as bool; } } - // println("the result u60 is"); - // println(result_u60); let result = U60Repr::into(result_u60); (result, carry_flags, borrow_flags) } @@ -219,7 +215,7 @@ pub(crate) unconstrained fn __barrett_reduction( } } - mulout = split_bits::__normalize_limbs(mulout, 3 * N - 2); + mulout = split_bits::__normalize_limbs(mulout, 3 * N - 1); let mulout_u60: U60Repr = U60Repr::new(mulout); // When we apply the barrett reduction, the maximum value of the output will be diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index 71c61bbe..be92653f 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -1,6 +1,6 @@ use crate::utils::split_bits; use crate::utils::u60_representation::U60Repr; - +use crate::fns::constrained_ops::derive_from_seed; use crate::fns::unconstrained_helpers::{ __barrett_reduction, __multiplicative_generator, __primitive_root_log_size, __tonelli_shanks_sqrt_inner_loop_check, @@ -42,94 +42,11 @@ pub(crate) unconstrained fn __one() -> [Field; N] { * @returns [Field; N] An array of field elements derived from the seed (the limbs of the big_num) */ pub(crate) unconstrained fn __derive_from_seed( - params: P, - seed: [u8; SeedBytes], -) -> [Field; N] { - // Pack seed bytes into Field elements, 31 bytes at a time - let mut rolling_hash_fields: [Field; (SeedBytes / 31) + 1] = [0; (SeedBytes / 31) + 1]; - let mut seed_ptr = 0; - // creates rolling hash fields, it itterates through each 31 bytes of the seed - // and sums them up to create a single field element out of each 31 byte chunck - for i in 0..(SeedBytes / 31) + 1 { - let mut packed: Field = 0; - for _ in 0..31 { - if (seed_ptr < SeedBytes) { - packed *= 256; - packed += seed[seed_ptr] as Field; - seed_ptr += 1; - } - } - rolling_hash_fields[i] = packed; - } - - // Get initial hash value using Poseidon2 and stores it as the first coordinate of the rolling hash - let compressed = - std::hash::poseidon2::Poseidon2::hash(rolling_hash_fields, (SeedBytes / 31) + 1); - let mut rolling_hash: [Field; 2] = [compressed, 0]; - - // Array to store values before final reduction - let mut to_reduce: [Field; 2 * N] = [0; 2 * N]; - - let mut double_modulus_bits = MOD_BITS * 2; - let mut double_modulus_bytes = - (double_modulus_bits) / 8 + (double_modulus_bits % 8 != 0) as u32; - - let mut last_limb_bytes = double_modulus_bytes % 15; - if (last_limb_bytes == 0) { - last_limb_bytes = 15; - } - let mut last_limb_bits = double_modulus_bits % 8; - if (last_limb_bits == 0) { - last_limb_bits = 8; - } - - // Generate randomness for all but last limb - for i in 0..(N - 1) { - let hash = std::hash::poseidon2::Poseidon2::hash(rolling_hash, 2); - let hash: [u8; 30] = hash.to_le_bytes(); - let mut lo: Field = 0; - let mut hi: Field = 0; - for j in 0..15 { - hi *= 256; - lo *= 256; - - if (i < 2 * N - 2) { - lo += hash[j + 15] as Field; - hi += hash[j] as Field; - } - } - to_reduce[2 * i] = lo; - to_reduce[2 * i + 1] = hi; - rolling_hash[1] += 1; - } - - { - let hash = std::hash::poseidon2::Poseidon2::hash(rolling_hash, 2); - let hash: [u8; 30] = hash.to_le_bytes(); - let mut hi: Field = 0; - for j in 0..(last_limb_bytes - 1) { - hi *= 256; - hi += hash[j] as Field; - } - hi *= 256; - let last_byte = hash[last_limb_bytes - 1]; - let mask = (1 as u64 << (last_limb_bits) as u8) - 1; - let last_bits = last_byte as u64 & mask; - hi += last_bits as Field; - to_reduce[2 * N - 2] = hi; - } - - // Perform Barrett reduction to get final result in correct range - let (_, remainder) = __barrett_reduction( - to_reduce, - params.redc_param, - MOD_BITS, - params.modulus, - params.modulus_u60_x4, - ); - - let result = remainder; - result + params: P, + seed: [u8; SeedBytes], + ) -> [Field; N] { + let out = derive_from_seed::(params, seed); + out } pub(crate) unconstrained fn __eq(lhs: [Field; N], rhs: [Field; N]) -> bool { diff --git a/src/runtime_bignum.nr b/src/runtime_bignum.nr index 6c7ed47c..3e64566b 100644 --- a/src/runtime_bignum.nr +++ b/src/runtime_bignum.nr @@ -152,8 +152,6 @@ impl RuntimeBigNumTrait for RuntimeB seed: [u8; SeedBytes], ) -> Self { let limbs = unsafe { __derive_from_seed::<_, MOD_BITS, _>(params, seed) }; - // println("the unconstrained call to derive:"); - // println(limbs); Self { limbs, params } } diff --git a/src/tests/bignum_test.nr b/src/tests/bignum_test.nr index c3d6d365..46b936c6 100644 --- a/src/tests/bignum_test.nr +++ b/src/tests/bignum_test.nr @@ -624,17 +624,9 @@ type U256 = BN256; fn test_udiv_mod_U256() { let a: U256 = unsafe { BigNum::__derive_from_seed([1, 2, 3, 4]) }; let b: U256 = BigNum::from_array([12, 0, 0]); - // println("a is "); - // println(a.limbs); - // println("b is "); - // println(b.limbs); let (q, r) = a.udiv_mod(b); // let qb = q.__mul(b); - // println("q is "); - // println(q.limbs); - // println("r is "); - // println(r.limbs); let product = unsafe { q.__mul(b).__add(r) }; assert(product == a); } diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index 73120a1d..1aa3569e 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -322,10 +322,7 @@ fn $test_add_modulus_limit() { let two_pow_modulus_bits_minus_one: U60Repr<$N, 2> = unsafe{ one.shl($MOD_BITS) - one }; let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum { limbs: U60Repr::into(two_pow_modulus_bits_minus_one), params }; - // println!("the test made it here{:?}", a); let result = a + b; - // println("the last limb of b in the add test is"); - // println(b.limbs); assert(result == b); } @@ -507,18 +504,11 @@ fn $test_derive() // let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::derive_from_seed(params, "hello".as_bytes()); let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::derive_from_seed(params, [1, 2, 3, 4]); - let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe { // RuntimeBigNum::__derive_from_seed(params, "hello".as_bytes()) RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; // let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - // println("the limbs of 1"); - // println(one.limbs); - // println("the value of a is"); - // println(a.limbs); - // println("the value of b is"); - // println(b.limbs); assert(a == b); } From a247db2ca31c0759806cc7ab4422b56984770728 Mon Sep 17 00:00:00 2001 From: Khashayar Barooti Date: Thu, 7 Nov 2024 10:23:54 +0000 Subject: [PATCH 08/18] fmt --- src/fns/constrained_ops.nr | 1 - src/fns/unconstrained_ops.nr | 12 ++++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 050f905c..7c24c559 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -462,7 +462,6 @@ pub(crate) fn udiv_mod( ) -> ([Field; N], [Field; N]) { let (quotient, remainder) = unsafe { __udiv_mod(numerator, divisor) }; - // self / divisor = quotient rounded // quotient * divisor + remainder - self = 0 evaluate_quadratic_expression( diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index be92653f..f8494aec 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -1,6 +1,6 @@ use crate::utils::split_bits; use crate::utils::u60_representation::U60Repr; -use crate::fns::constrained_ops::derive_from_seed; +use crate::fns::constrained_ops::derive_from_seed; use crate::fns::unconstrained_helpers::{ __barrett_reduction, __multiplicative_generator, __primitive_root_log_size, __tonelli_shanks_sqrt_inner_loop_check, @@ -42,11 +42,11 @@ pub(crate) unconstrained fn __one() -> [Field; N] { * @returns [Field; N] An array of field elements derived from the seed (the limbs of the big_num) */ pub(crate) unconstrained fn __derive_from_seed( - params: P, - seed: [u8; SeedBytes], - ) -> [Field; N] { - let out = derive_from_seed::(params, seed); - out + params: P, + seed: [u8; SeedBytes], +) -> [Field; N] { + let out = derive_from_seed::(params, seed); + out } pub(crate) unconstrained fn __eq(lhs: [Field; N], rhs: [Field; N]) -> bool { From 59363d0131ed485b0d10d0f51f9c517d8611066f Mon Sep 17 00:00:00 2001 From: kashbrti Date: Thu, 7 Nov 2024 12:25:29 +0000 Subject: [PATCH 09/18] Update .gitignore --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 1de56593..f99b23da 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -target \ No newline at end of file +target +.vscode/launch.json From d2cff3fe847e4ad4e86e2bf91c06a53fc4c3d6d0 Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 7 Nov 2024 13:03:54 +0000 Subject: [PATCH 10/18] chore: remove unwanted file --- .vscode/launch.json | 15 --------------- 1 file changed, 15 deletions(-) delete mode 100644 .vscode/launch.json diff --git a/.vscode/launch.json b/.vscode/launch.json deleted file mode 100644 index ff05fe57..00000000 --- a/.vscode/launch.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - // Use IntelliSense to learn about possible attributes. - // Hover to view descriptions of existing attributes. - // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 - "version": "0.2.0", - "configurations": [ - { - "type": "noir", - "request": "launch", - "name": "Noir binary package", - "projectFolder": "${workspaceFolder}", - "proverName": "Prover" - } - ] -} \ No newline at end of file From 609e4a9842f591e9da3c7a7d41448b6eb050286c Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 7 Nov 2024 13:06:54 +0000 Subject: [PATCH 11/18] chore: remove temporary comments --- src/fns/constrained_ops.nr | 15 ++++----------- src/fns/unconstrained_helpers.nr | 1 - 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 7c24c559..0549532a 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -5,7 +5,8 @@ use crate::fns::{ unconstrained_helpers::{ __add_with_flags, __neg_with_flags, __sub_with_flags, __validate_gt_remainder, __validate_in_field_compute_borrow_flags, - }, unconstrained_ops::{__div, __mul, __udiv_mod}, + }, + unconstrained_ops::{__div, __mul, __udiv_mod}, }; /** @@ -39,13 +40,12 @@ pub(crate) fn derive_from_seed, seed: [u8; SeedBytes], ) -> [Field; N] { - // assert(params.MOD_BITS == MOD_BITS); let mut rolling_seed: [u8; SeedBytes + 1] = [0; SeedBytes + 1]; for i in 0..SeedBytes { rolling_seed[i] = seed[i]; assert_eq(rolling_seed[i], seed[i]); } - //the seed is getting passed around ok I checked + let mut hash_buffer: [u8; N * 2 * 15] = [0; N * 2 * 15]; let mut rolling_hash_fields: [Field; (SeedBytes / 31) + 1] = [0; (SeedBytes / 31) + 1]; @@ -62,11 +62,10 @@ pub(crate) fn derive_from_seed(lhs: [Field; N], rhs: [ // so we do... p - x - r = 0 and there might be borrow flags // a - b = r // p + a - b - r = 0 - // for the test, with --force-brillig this outputs - // the result is - // [0x00, 0x00, 0x800] - // and without the flag - // [0x00, 0x00, 0x00] - // the issue is happening here. the result is not being set correctly when the --force-brillig flag is used let (result, carry_flags, borrow_flags) = unsafe { __validate_gt_remainder(lhs, rhs) }; validate_in_range::<_, MOD_BITS>(result); diff --git a/src/fns/unconstrained_helpers.nr b/src/fns/unconstrained_helpers.nr index c6b4ea48..0809e4bf 100644 --- a/src/fns/unconstrained_helpers.nr +++ b/src/fns/unconstrained_helpers.nr @@ -280,7 +280,6 @@ pub(crate) unconstrained fn __barrett_reduction( let q: [Field; N] = U60Repr::into(quotient_u60); let r: [Field; N] = U60Repr::into(remainder_u60); - // assert(modulus[N-1].lt(r[N-1]), "barrett reduction failed"); (q, r) } From 0136a2626cdbe835bd8552cd2429cbeb9841ddaa Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Thu, 7 Nov 2024 13:10:10 +0000 Subject: [PATCH 12/18] Update src/fns/unconstrained_ops.nr --- src/fns/unconstrained_ops.nr | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index f8494aec..53dcc688 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -33,14 +33,19 @@ pub(crate) unconstrained fn __one() -> [Field; N] { limbs } -/** - * @brief Deterministically derives a big_num from a seed value - * - * @description Takes a seed byte array and generates a big_num in the range [0, modulus-1]. - * @param params The BigNum parameters containing modulus and reduction info - * @param seed Input seed bytes to derive from - * @returns [Field; N] An array of field elements derived from the seed (the limbs of the big_num) - */ + +/// Deterministically derives a big_num from a seed value. +/// +/// Takes a seed byte array and generates a big_num in the range [0, modulus-1]. +/// +/// ## Value Parameters +/// +/// - `params`: The BigNum parameters containing modulus and reduction info +/// - `seed`: Input seed bytes to derive from. +/// +/// ## Returns +/// +/// An array of field elements derived from the seed (the limbs of the big_num) pub(crate) unconstrained fn __derive_from_seed( params: P, seed: [u8; SeedBytes], From 6b88c3fd8a62ee95057f61fde3a17e820e5089e5 Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 7 Nov 2024 13:19:05 +0000 Subject: [PATCH 13/18] . --- src/fns/constrained_ops.nr | 17 ++++++++--------- src/fns/unconstrained_ops.nr | 5 ++--- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 0549532a..4caf7a46 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -5,8 +5,7 @@ use crate::fns::{ unconstrained_helpers::{ __add_with_flags, __neg_with_flags, __sub_with_flags, __validate_gt_remainder, __validate_in_field_compute_borrow_flags, - }, - unconstrained_ops::{__div, __mul, __udiv_mod}, + }, unconstrained_ops::{__div, __mul, __udiv_mod}, }; /** @@ -239,15 +238,15 @@ pub(crate) fn validate_in_field( pub(crate) fn validate_in_range(limbs: [Field; N]) { for i in 0..(N - 1) { // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant - // limbs[i].assert_max_bit_size::<120>(); - assert(limbs[i].lt(2.pow_32(120)), "call to assert_max_bit_size 2"); + limbs[i].assert_max_bit_size::<120>(); + // assert(limbs[i].lt(2.pow_32(120)), "call to assert_max_bit_size 2"); } // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant - // limbs[N - 1].assert_max_bit_size::(); - assert( - limbs[N - 1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field)), - "call to assert_max_bit_size", - ); + limbs[N - 1].assert_max_bit_size::(); + // assert( + // limbs[N - 1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field)), + // "call to assert_max_bit_size", + // ); } /** diff --git a/src/fns/unconstrained_ops.nr b/src/fns/unconstrained_ops.nr index 53dcc688..68e12df0 100644 --- a/src/fns/unconstrained_ops.nr +++ b/src/fns/unconstrained_ops.nr @@ -1,11 +1,11 @@ -use crate::utils::split_bits; -use crate::utils::u60_representation::U60Repr; use crate::fns::constrained_ops::derive_from_seed; use crate::fns::unconstrained_helpers::{ __barrett_reduction, __multiplicative_generator, __primitive_root_log_size, __tonelli_shanks_sqrt_inner_loop_check, }; use crate::params::BigNumParams as P; +use crate::utils::split_bits; +use crate::utils::u60_representation::U60Repr; /** * In this file: @@ -33,7 +33,6 @@ pub(crate) unconstrained fn __one() -> [Field; N] { limbs } - /// Deterministically derives a big_num from a seed value. /// /// Takes a seed byte array and generates a big_num in the range [0, modulus-1]. From a93daea3417c93b0181423235684ce3a63b19884 Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 7 Nov 2024 13:21:52 +0000 Subject: [PATCH 14/18] revert accidental change --- src/fns/constrained_ops.nr | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 4caf7a46..0549532a 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -5,7 +5,8 @@ use crate::fns::{ unconstrained_helpers::{ __add_with_flags, __neg_with_flags, __sub_with_flags, __validate_gt_remainder, __validate_in_field_compute_borrow_flags, - }, unconstrained_ops::{__div, __mul, __udiv_mod}, + }, + unconstrained_ops::{__div, __mul, __udiv_mod}, }; /** @@ -238,15 +239,15 @@ pub(crate) fn validate_in_field( pub(crate) fn validate_in_range(limbs: [Field; N]) { for i in 0..(N - 1) { // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant - limbs[i].assert_max_bit_size::<120>(); - // assert(limbs[i].lt(2.pow_32(120)), "call to assert_max_bit_size 2"); + // limbs[i].assert_max_bit_size::<120>(); + assert(limbs[i].lt(2.pow_32(120)), "call to assert_max_bit_size 2"); } // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant - limbs[N - 1].assert_max_bit_size::(); - // assert( - // limbs[N - 1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field)), - // "call to assert_max_bit_size", - // ); + // limbs[N - 1].assert_max_bit_size::(); + assert( + limbs[N - 1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field)), + "call to assert_max_bit_size", + ); } /** From 2b7dae0945db671cc0bc5b6ca23587b8ae9e9bde Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 7 Nov 2024 13:23:04 +0000 Subject: [PATCH 15/18] fmt --- src/fns/constrained_ops.nr | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 0549532a..56dcb3f4 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -5,8 +5,7 @@ use crate::fns::{ unconstrained_helpers::{ __add_with_flags, __neg_with_flags, __sub_with_flags, __validate_gt_remainder, __validate_in_field_compute_borrow_flags, - }, - unconstrained_ops::{__div, __mul, __udiv_mod}, + }, unconstrained_ops::{__div, __mul, __udiv_mod}, }; /** From 32917633c68d2638be73087980754e793cc73ca3 Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Thu, 7 Nov 2024 13:24:03 +0000 Subject: [PATCH 16/18] Update src/tests/runtime_bignum_test.nr --- src/tests/runtime_bignum_test.nr | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index 579c39e0..5e5bf974 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -509,9 +509,7 @@ fn $test_derive() // RuntimeBigNum::__derive_from_seed(params, "hello".as_bytes()) RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; - // let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - - assert(a == b); + assert_eq(a, b); } #[test] From 709669a6fe0f68eb042ffb385b280a11aee9e54d Mon Sep 17 00:00:00 2001 From: Tom French <15848336+TomAFrench@users.noreply.github.com> Date: Thu, 7 Nov 2024 13:25:35 +0000 Subject: [PATCH 17/18] Apply suggestions from code review --- src/tests/runtime_bignum_test.nr | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/tests/runtime_bignum_test.nr b/src/tests/runtime_bignum_test.nr index 5e5bf974..7c3c8f5e 100644 --- a/src/tests/runtime_bignum_test.nr +++ b/src/tests/runtime_bignum_test.nr @@ -239,15 +239,11 @@ fn $test_add() { let a: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [1, 2, 3, 4]) }; let b: RuntimeBigNum<$N, $MOD_BITS> = unsafe{ RuntimeBigNum::__derive_from_seed(params, [4, 5, 6, 7]) }; - // let a: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - // let b: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); - // let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); let one: RuntimeBigNum<$N, $MOD_BITS> = RuntimeBigNum::one(params); a.validate_in_range(); a.validate_in_field(); b.validate_in_range(); b.validate_in_field(); - let mut c = a + b; c = c + c; From 945deb406401c5c033cbda93fd6cccc37cc4c735 Mon Sep 17 00:00:00 2001 From: Tom French Date: Thu, 7 Nov 2024 15:00:47 +0000 Subject: [PATCH 18/18] chore: revert hack --- src/fns/constrained_ops.nr | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/src/fns/constrained_ops.nr b/src/fns/constrained_ops.nr index 56dcb3f4..758e23dc 100644 --- a/src/fns/constrained_ops.nr +++ b/src/fns/constrained_ops.nr @@ -237,16 +237,9 @@ pub(crate) fn validate_in_field( **/ pub(crate) fn validate_in_range(limbs: [Field; N]) { for i in 0..(N - 1) { - // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant - // limbs[i].assert_max_bit_size::<120>(); - assert(limbs[i].lt(2.pow_32(120)), "call to assert_max_bit_size 2"); + limbs[i].assert_max_bit_size::<120>(); } - // this is a hack, the assert_max_bit_size is not working when limbs[i] is not a constant - // limbs[N - 1].assert_max_bit_size::(); - assert( - limbs[N - 1].lt(2.pow_32((MOD_BITS as Field) - ((N - 1) * 120) as Field)), - "call to assert_max_bit_size", - ); + limbs[N - 1].assert_max_bit_size::(); } /**