Skip to content

Commit

Permalink
Merge pull request #1 from zac-williamson/main
Browse files Browse the repository at this point in the history 
updated big curve to work with v0.2 bignum
  • Loading branch information
@zac-williamson
zac-williamson authored Jul 24, 2024
2 parents 2126ee1 + 616f880 commit 8582e61
Show file tree
Hide file tree
Showing 5 changed files with 73 additions and 122 deletions.
2 changes: 1 addition & 1 deletion Nargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ authors = [""]
compiler_version = ">=0.32.0"

[dependencies]
bignum = {tag = "v0.1", git = "https://github.com/noir-lang/noir-bignum"}
bignum = {tag = "v0.2", git = "https://github.com/noir-lang/noir-bignum"}
111 changes: 55 additions & 56 deletions src/bigcurve_test.nr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@ use crate::PointTable;
use dep::bignum::fields::bn254Fq::BNParams as BNParams;

type Fq = BigNum<3, BNParams>;

struct BN254Params {
}

impl CurveParamsTrait<BigNum<3, BNParams>> for BN254Params {
fn one() -> [BigNum<3, BNParams>; 2] {
let mut one: Fq = BigNum::new();
Expand Down Expand Up @@ -112,16 +112,16 @@ unconstrained fn get_msm_transcript(
) -> [AffineTranscript<Fq>; 399] {
let s = (CurveJ::msm([P, Q], [scalar1, scalar2]));
let ff = s.1;
println(f"let transcript: AffineTranscript<N, Params> = {ff}");
// println(f"let transcript: AffineTranscript<N, Params> = {ff}");
ff.as_array()
}

unconstrained fn get_transcript(P: BN254J, scalar: ScalarField<64>) -> [AffineTranscript<Fq>; 326] {
let res = P.mul(scalar);
let transcript = res.1;
println(f"let transcript: AffineTranscript<N, Params> = {transcript}");
let ff = transcript.len();
println(f"transcript len = {ff}");
// println(f"let transcript: AffineTranscript<N, Params> = {transcript}");
// let ff = transcript.len();
// println(f"transcript len = {ff}");
transcript.as_array()
}

Expand Down Expand Up @@ -165,7 +165,7 @@ fn test_offset_foo() {
};

let R: BN254 = P.sub(Q);
println(f"R = {R}");
// println(f"R = {R}");
assert(R.is_infinity == true);
}

Expand All @@ -180,7 +180,7 @@ fn test_mul_by_0() {
let transcript = get_transcript(CurveJ::from(P), scalar);

let result = P.mul_with_hint(scalar, transcript);
println(f"RESULT = {result}");
// println(f"RESULT = {result}");
// -2
assert(result.is_infinity == true);
}
Expand All @@ -194,51 +194,51 @@ fn test_mul_a_point_at_infinity() {
let transcript = get_transcript(CurveJ::from(P), scalar);

let result = P.mul_with_hint(scalar, transcript);
println(f"RESULT = {result}");
// println(f"RESULT = {result}");
// -2
assert(result.is_infinity == true);
}

// N.B. cannot test because stack too deep!
#[test]
fn test_linear_expression() {
let One: BN254 = BigCurve::one();
let Two: BN254 = BigCurve {
x: BigNum { limbs: [0x7816a916871ca8d3c208c16d87cfd3, 0x44e72e131a029b85045b68181585d9, 0x0306] },
y: BigNum { limbs: [0xa6a449e3538fc7ff3ebf7a5a18a2c4, 0x738c0e0a7c92e7845f96b2ae9c0a68, 0x15ed] },
is_infinity: false
};

let p_minus_2 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593efffffff; // p - 2
let p_minus_6 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593effffffb; // p - 6
let scalar2: ScalarField<64> = ScalarField::from(p_minus_2);
let scalar6: ScalarField<64> = ScalarField::from(p_minus_6);

let result = BigCurve::evaluate_linear_expression([One], [scalar2], []);
let expected = Two.neg();
assert(result == expected);
}

// N.B. cannot test because stack too deep!
#[test]
fn test_msm() {
let One: BN254 = BigCurve::one();
let Two: BN254 = BigCurve {
x: BigNum { limbs: [0x7816a916871ca8d3c208c16d87cfd3, 0x44e72e131a029b85045b68181585d9, 0x0306] },
y: BigNum { limbs: [0xa6a449e3538fc7ff3ebf7a5a18a2c4, 0x738c0e0a7c92e7845f96b2ae9c0a68, 0x15ed] },
is_infinity: false
};

let p_minus_2 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593efffffff; // p - 2
let p_minus_6 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593effffffb; // p - 6
let scalar2: ScalarField<64> = ScalarField::from(p_minus_2);
let scalar6: ScalarField<64> = ScalarField::from(p_minus_6);

let transcript = get_msm_transcript(CurveJ::from(One), CurveJ::from(Two), scalar6, scalar2);
let result = BigCurve::msm_with_hint([One, Two.neg()], [scalar6, scalar2], transcript);
let expected = Two.neg();
assert(result == expected);
}
// // N.B. cannot test because stack too deep!
// #[test]
// fn test_linear_expression() {
// let One: BN254 = BigCurve::one();
// let Two: BN254 = BigCurve {
// x: BigNum { limbs: [0x7816a916871ca8d3c208c16d87cfd3, 0x44e72e131a029b85045b68181585d9, 0x0306] },
// y: BigNum { limbs: [0xa6a449e3538fc7ff3ebf7a5a18a2c4, 0x738c0e0a7c92e7845f96b2ae9c0a68, 0x15ed] },
// is_infinity: false
// };

// let p_minus_2 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593efffffff; // p - 2
// let p_minus_6 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593effffffb; // p - 6
// let scalar2: ScalarField<64> = ScalarField::from(p_minus_2);
// let scalar6: ScalarField<64> = ScalarField::from(p_minus_6);

// let result = BigCurve::evaluate_linear_expression([One], [scalar2], []);
// let expected = Two.neg();
// assert(result == expected);
// }

// // N.B. cannot test because stack too deep!
// #[test]
// fn test_msm() {
// let One: BN254 = BigCurve::one();
// let Two: BN254 = BigCurve {
// x: BigNum { limbs: [0x7816a916871ca8d3c208c16d87cfd3, 0x44e72e131a029b85045b68181585d9, 0x0306] },
// y: BigNum { limbs: [0xa6a449e3538fc7ff3ebf7a5a18a2c4, 0x738c0e0a7c92e7845f96b2ae9c0a68, 0x15ed] },
// is_infinity: false
// };

// let p_minus_2 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593efffffff; // p - 2
// let p_minus_6 = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593effffffb; // p - 6
// let scalar2: ScalarField<64> = ScalarField::from(p_minus_2);
// let scalar6: ScalarField<64> = ScalarField::from(p_minus_6);

// let transcript = get_msm_transcript(CurveJ::from(One), CurveJ::from(Two), scalar6, scalar2);
// let result = BigCurve::msm_with_hint([One, Two.neg()], [scalar6, scalar2], transcript);
// let expected = Two.neg();
// assert(result == expected);
// }

#[test]
fn test_mul_jac() {
Expand Down Expand Up @@ -485,12 +485,6 @@ fn test_sub() {
assert(result.eq(expected));
}

unconstrained fn compute_inverses(x: [Fq; 8]) -> [Fq; 8] {
let mut fff= x.as_slice();
BigNum::__batch_invert(&mut fff);
fff.as_array()
}

#[test]
fn test_make_table() {
let P: BN254J = CurveJ::one();
Expand All @@ -507,8 +501,7 @@ fn test_make_table() {
inverses[i] = transcript[i].z3;
}

let ff = inverses[0];
inverses = compute_inverses(inverses);
inverses = BigNum::__batch_invert(inverses);

let mut affine_transcript: [AffineTranscript<Fq>; 8] = [AffineTranscript::new(); 8];
for i in 0..8 {
Expand All @@ -525,10 +518,16 @@ fn test_make_table() {
let P_affine: BN254 = BigCurve::one();

let affine_point_table: PointTable<Fq> = PointTable::new_with_hint(P_affine, affine_transcript);

for i in 0..8 {
let point: BN254 = affine_point_table.get(i);
point.validate_on_curve();
}
}

#[test]
fn test_ScalarField_BigNum_conversion() {
assert(BNParams::modulus_bits() == 254);
let expected: Fq = BigNum::__derive_from_seed([1, 2, 3, 4]);
let scalar: ScalarField<64> = ScalarField::from_bignum(expected);
let result: Fq = scalar.into_bignum();
Expand Down
40 changes: 4 additions & 36 deletions src/curve_jac.nr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ impl<BigNum> AffineTranscript<BigNum> where BigNum: BigNumTrait {
}

// tadaa
BigNum::__batch_invert(&mut inverses);
let inverses: [BigNum] = BigNum::__batch_invert_slice(inverses);

for i in 0..j_tx.len() {
let z_inv = inverses[i];
Expand Down Expand Up @@ -243,6 +243,7 @@ impl<BigNum, CurveParams> CurveJ<BigNum, CurveParams> where BigNum: BigNumTrait,
unconstrained fn sub(self, p2: Self) -> (Self, JTranscript<BigNum>) {
self.add(p2.neg())
}

unconstrained fn add(self, p2: Self) -> (Self, JTranscript<BigNum>) {
// TODO: once we have linear expressions as unconstrained fns, replace this with something that has no addmods, submods
let X1 = self.x;
Expand All @@ -259,7 +260,7 @@ impl<BigNum, CurveParams> CurveJ<BigNum, CurveParams> where BigNum: BigNumTrait,
let U2 = X2.__mulmod(Z1Z1);
let S1 = Y1.__mulmod(Z2Z2Z2);
let S2 = Y2.__mulmod(Z1Z1Z1);
let R = S2.__submod(S1);
// let R = S2.__submod(S1);

// x1*z2*z2 == x2*z1*z1 => U2 == U2
let x_equal_predicate = U2.eq(U1);
Expand All @@ -269,11 +270,6 @@ impl<BigNum, CurveParams> CurveJ<BigNum, CurveParams> where BigNum: BigNumTrait,
let double_predicate = x_equal_predicate & y_equal_predicate & !lhs_infinity & !rhs_infinity;
let add_predicate = !x_equal_predicate & !lhs_infinity & !rhs_infinity;
let infinity_predicate = (x_equal_predicate & !y_equal_predicate) | (lhs_infinity & rhs_infinity);
println(f"infinity predicate = {infinity_predicate}");
println(f"double predicate = {double_predicate}");
println(f"add predicate = {add_predicate}");
println(f"lhs infinity = {lhs_infinity}");
println(f"rhs infinity = {rhs_infinity}");
let mut result: (Self, JTranscript<BigNum>) = (CurveJ::new(), JTranscript::new());
if (double_predicate) {
result = self.dbl();
Expand Down Expand Up @@ -506,7 +502,6 @@ impl<BigNum, CurveParams> CurveJ<BigNum, CurveParams> where BigNum: BigNumTrait,
transcript = transcript.push_back(op.1);
accumulator = op.0;

println(f"FINAL ACCUMULATOR = {accumulator}");
let affine_transcript: [AffineTranscript<BigNum>] = AffineTranscript::from_jacobian_transcript(transcript);

(accumulator, affine_transcript)
Expand Down Expand Up @@ -544,13 +539,11 @@ impl<BigNum, CurveParams> CurveJ<BigNum, CurveParams> where BigNum: BigNumTrait,
accumulator = op.0;

for i in 1..Size {
println(f"SizeIt = {i}");
let op = accumulator.incomplete_add(tables[i].get(scalars[i].base4_slices[0]));
transcript = transcript.push_back(op.1);
accumulator = op.0;
}
for i in 1..NScalarSlices {
println(f"ScalarSliceIt = {i}");
for _ in 0..4 {
let op = accumulator.dbl();
accumulator = op.0;
Expand Down Expand Up @@ -644,13 +637,11 @@ impl<BigNum, CurveParams> CurveJ<BigNum, CurveParams> where BigNum: BigNumTrait,
accumulator = op.0;

for i in 1..NMuls {
println(f"SizeIt = {i}");
let op = accumulator.incomplete_add(tables[i].get(scalars[i].base4_slices[0]));
jacobian_transcript.msm_add_transcript[0][i] = op.1;
accumulator = op.0;
}
for i in 1..NScalarSlices {
println(f"ScalarSliceIt = {i}");
for j in 0..4 {
let op = accumulator.dbl();
accumulator = op.0;
Expand Down Expand Up @@ -706,29 +697,6 @@ struct AffineLinearExpressionTranscript<BigNum, CurveParams, let NScalarSlices:
offset_generator_transcript: AffineTranscript<BigNum, CurveParams>
}

// unconstrained fn from_jacobian_transcript(j_tx: [JTranscript<BigNum>]) -> [AffineTranscript<BigNum>] {
// let mut result: [AffineTranscript<BigNum>] = &[];

// let mut inverses: [BigNum] = &[];
// for i in 0..j_tx.len() {
// inverses = inverses.push_back(j_tx[i].z3);
// }

// // tadaa
// BigNum::__batch_invert(&mut inverses);

// for i in 0..j_tx.len() {
// let z_inv = inverses[i];
// let zz = z_inv.__mulmod(z_inv);
// let zzz = zz.__mulmod(z_inv);
// let lambda = j_tx[i].lambda_numerator.__mulmod(z_inv);
// let x3 = j_tx[i].x3.__mulmod(zz);
// let y3 = j_tx[i].y3.__mulmod(zzz);
// result = result.push_back(AffineTranscript { lambda, x3, y3 });
// }
// result
// }

impl<BigNum, CurveParams, let NScalarSlices: u64, let NMuls: u64, let NAdds: u64> AffineLinearExpressionTranscript<BigNum, CurveParams,NScalarSlices,NMuls,NAdds> where BigNum: BigNumTrait, CurveParams: CurveParamsTrait<BigNum> {

unconstrained fn from_jtranscript(jtranscript: LinearExpressionTranscript<BigNum, CurveParams, NScalarSlices, NMuls, NAdds>) -> Self {
Expand Down Expand Up @@ -760,7 +728,7 @@ impl<BigNum, CurveParams, let NScalarSlices: u64, let NMuls: u64, let NAdds: u64
}
inverses = inverses.push_back(jtranscript.offset_generator_transcript.z3);

BigNum::__batch_invert(&mut inverses);
let inverses: [BigNum] = BigNum::__batch_invert_slice(inverses);

let mut result: AffineLinearExpressionTranscript<BigNum, CurveParams,NScalarSlices,NMuls,NAdds> = AffineLinearExpressionTranscript {
table_transcript: [[AffineTranscript::new(); 8]; NMuls],
Expand Down
9 changes: 0 additions & 9 deletions src/lib.nr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,10 +299,6 @@ impl<BigNum, CurveParams> BigCurve<BigNum, CurveParams> where CurveParams: Curve
infinity_out = conditional_select(self.is_infinity, infinity_out, output_is_lhs);
infinity_out = conditional_select(other.is_infinity, infinity_out, output_is_rhs);

println(f"output is lhs = {output_is_lhs}, output is rhs = {output_is_rhs}");
println(f"rhs x vs out x = {x_out}, output is rhs = {x2}");
println(f"infinity out = {infinity_out}");

let result: Self = BigCurve { x: x_out, y: y_out, is_infinity: infinity_out };
result
}
Expand Down Expand Up @@ -404,11 +400,6 @@ impl<BigNum, CurveParams> BigCurve<BigNum, CurveParams> where CurveParams: Curve
infinity_out = conditional_select(true, infinity_out, infinity_predicate);
infinity_out = conditional_select(self.is_infinity, infinity_out, output_is_lhs);
infinity_out = conditional_select(other.is_infinity, infinity_out, output_is_rhs);
println(f"INFINITY PREDICATE = {infinity_predicate}");
println(f"output_is_lhs = {output_is_lhs}");
println(f"output_is_rhs = {output_is_rhs}");

println(f"INFINITY OUT = {infinity_out}");

let result: Self = BigCurve { x: x_out, y: y_out, is_infinity: infinity_out };
result
Expand Down
Loading

0 comments on commit 8582e61

Please sign in to comment.