diff --git a/constantine/curves/bls12_377_frobenius.nim b/constantine/curves/bls12_377_frobenius.nim index cea96a9..cbe7dea 100644 --- a/constantine/curves/bls12_377_frobenius.nim +++ b/constantine/curves/bls12_377_frobenius.nim @@ -17,7 +17,7 @@ import # c = (SNR^((p-1)/6)^coef). # Then for frobenius(2): c * conjugate(c) # And for frobenius(3): c² * conjugate(c) -const FrobMapConst_BLS12_377* = [ +const BLS12_377_FrobeniusMapCoefficients* = [ # frobenius(1) [Fp2[BLS12_377].fromHex( # SNR^((p-1)/6)^0 "0x1", @@ -98,22 +98,22 @@ const FrobMapConst_BLS12_377* = [ # ----------------------------------------------------------------- # BLS12_377 is a D-Twist: SNR^((p-1)/6) -const FrobPsiConst_BLS12_377_psi1_coef1* = Fp2[BLS12_377].fromHex( +const BLS12_377_FrobeniusPsi_psi1_coef1* = Fp2[BLS12_377].fromHex( "0x9a9975399c019633c1e30682567f915c8a45e0f94ebc8ec681bf34a3aa559db57668e558eb0188e938a9d1104f2031", "0x0" ) # SNR^((p-1)/3) -const FrobPsiConst_BLS12_377_psi1_coef2* = Fp2[BLS12_377].fromHex( +const BLS12_377_FrobeniusPsi_psi1_coef2* = Fp2[BLS12_377].fromHex( "0x9b3af05dd14f6ec619aaf7d34594aabc5ed1347970dec00452217cc900000008508c00000000002", "0x0" ) # SNR^((p-1)/2) -const FrobPsiConst_BLS12_377_psi1_coef3* = Fp2[BLS12_377].fromHex( +const BLS12_377_FrobeniusPsi_psi1_coef3* = Fp2[BLS12_377].fromHex( "0x1680a40796537cac0c534db1a79beb1400398f50ad1dec1bce649cf436b0f6299588459bff27d8e6e76d5ecf1391c63", "0x0" ) # norm(SNR)^((p-1)/3) -const FrobPsiConst_BLS12_377_psi2_coef2* = Fp2[BLS12_377].fromHex( +const BLS12_377_FrobeniusPsi_psi2_coef2* = Fp2[BLS12_377].fromHex( "0x9b3af05dd14f6ec619aaf7d34594aabc5ed1347970dec00452217cc900000008508c00000000001", "0x0" ) diff --git a/constantine/curves/bls12_377_glv.nim b/constantine/curves/bls12_377_glv.nim index b232fd6..369b181 100644 --- a/constantine/curves/bls12_377_glv.nim +++ b/constantine/curves/bls12_377_glv.nim @@ -16,7 +16,7 @@ import const BLS12_377_cubicRootofUnity_mod_p* = Fp[BLS12_377].fromHex"0x9b3af05dd14f6ec619aaf7d34594aabc5ed1347970dec00452217cc900000008508c00000000001" -const Lattice_BLS12_377_G1* = ( +const BLS12_377_Lattice_G1* = ( # (BigInt, isNeg) ((BigInt[127].fromHex"0x452217cc900000010a11800000000000", false), # u² - 1 (BigInt[1].fromHex"0x1", true)), # -1 @@ -24,7 +24,7 @@ const Lattice_BLS12_377_G1* = ( (BigInt[127].fromHex"0x452217cc900000010a11800000000001", false)) # u² ) -const Babai_BLS12_377_G1* = ( +const BLS12_377_Babai_G1* = ( # Vector for Babai rounding # (BigInt, isNeg) (BigInt[130].fromHex"0x3b3f7aa969fd371607f72ed32af90182c", false), @@ -34,7 +34,7 @@ const Babai_BLS12_377_G1* = ( # BLS12-377 G2 # ---------------------------------------------------------------------------------------- -const Lattice_BLS12_377_G2* = ( +const BLS12_377_Lattice_G2* = ( # Curve of order 254 -> mini scalars of size 65 # x = -0xd201000000010000 # Value, isNeg @@ -59,7 +59,7 @@ const Lattice_BLS12_377_G2* = ( (BigInt[64].fromHex"0x8508c00000000001", true)) # -x ) -const Babai_BLS12_377_G2* = ( +const BLS12_377_Babai_G2* = ( # Vector for Babai rounding # Value, isNeg (BigInt[193].fromHex"0x1eca0125755aed064f63abaff9084ce152979759b442f60d1", true), diff --git a/constantine/curves/bls12_381_frobenius.nim b/constantine/curves/bls12_381_frobenius.nim index 41b454a..1d63cd0 100644 --- a/constantine/curves/bls12_381_frobenius.nim +++ b/constantine/curves/bls12_381_frobenius.nim @@ -17,7 +17,7 @@ import # c = (SNR^((p-1)/6)^coef). # Then for frobenius(2): c * conjugate(c) # And for frobenius(3): c² * conjugate(c) -const FrobMapConst_BLS12_381* = [ +const BLS12_381_FrobeniusMapCoefficients* = [ # frobenius(1) [Fp2[BLS12_381].fromHex( # SNR^((p-1)/6)^0 "0x1", @@ -98,22 +98,22 @@ const FrobMapConst_BLS12_381* = [ # ----------------------------------------------------------------- # BLS12_381 is a M-twist: (1/SNR)^((p-1)/6) -const FrobPsiConst_BLS12_381_psi1_coef1* = Fp2[BLS12_381].fromHex( +const BLS12_381_FrobeniusPsi_psi1_coef1* = Fp2[BLS12_381].fromHex( "0x5b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116", "0x5b2cfd9013a5fd8df47fa6b48b1e045f39816240c0b8fee8beadf4d8e9c0566c63a3e6e257f87329b18fae980078116" ) # (1/SNR)^((p-1)/3) -const FrobPsiConst_BLS12_381_psi1_coef2* = Fp2[BLS12_381].fromHex( +const BLS12_381_FrobeniusPsi_psi1_coef2* = Fp2[BLS12_381].fromHex( "0x0", "0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaad" ) # (1/SNR)^((p-1)/2) -const FrobPsiConst_BLS12_381_psi1_coef3* = Fp2[BLS12_381].fromHex( +const BLS12_381_FrobeniusPsi_psi1_coef3* = Fp2[BLS12_381].fromHex( "0x135203e60180a68ee2e9c448d77a2cd91c3dedd930b1cf60ef396489f61eb45e304466cf3e67fa0af1ee7b04121bdea2", "0x6af0e0437ff400b6831e36d6bd17ffe48395dabc2d3435e77f76e17009241c5ee67992f72ec05f4c81084fbede3cc09" ) # norm(SNR)^((p-1)/3) -const FrobPsiConst_BLS12_381_psi2_coef2* = Fp2[BLS12_381].fromHex( +const BLS12_381_FrobeniusPsi_psi2_coef2* = Fp2[BLS12_381].fromHex( "0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac", "0x0" ) diff --git a/constantine/curves/bls12_381_glv.nim b/constantine/curves/bls12_381_glv.nim index e1b9106..dab4bfc 100644 --- a/constantine/curves/bls12_381_glv.nim +++ b/constantine/curves/bls12_381_glv.nim @@ -16,7 +16,7 @@ import const BLS12_381_cubicRootOfUnity_mod_p* = Fp[BLS12_381].fromHex"0x1a0111ea397fe699ec02408663d4de85aa0d857d89759ad4897d29650fb85f9b409427eb4f49fffd8bfd00000000aaac" -const Lattice_BLS12_381_G1* = ( +const BLS12_381_Lattice_G1* = ( # (BigInt, isNeg) ((BigInt[128].fromHex"0xac45a4010001a40200000000ffffffff", false), # u² - 1 (BigInt[1].fromHex"0x1", true)), # -1 @@ -24,7 +24,7 @@ const Lattice_BLS12_381_G1* = ( (BigInt[128].fromHex"0xac45a4010001a4020000000100000000", false)) # u² ) -const Babai_BLS12_381_G1* = ( +const BLS12_381_Babai_G1* = ( # Vector for Babai rounding # (BigInt, isNeg) (BigInt[129].fromHex"0x17c6becf1e01faadd63f6e522f6cfee30", false), @@ -34,7 +34,7 @@ const Babai_BLS12_381_G1* = ( # BLS12-381 G2 # ---------------------------------------------------------------------------------------- -const Lattice_BLS12_381_G2* = ( +const BLS12_381_Lattice_G2* = ( # Curve of order 254 -> mini scalars of size 65 # x = -0xd201000000010000 # Value, isNeg @@ -59,7 +59,7 @@ const Lattice_BLS12_381_G2* = ( (BigInt[64].fromHex"0xd201000000010000", false)) # -x ) -const Babai_BLS12_381_G2* = ( +const BLS12_381_Babai_G2* = ( # Vector for Babai rounding # Value, isNeg (BigInt[193].fromHex"0x1381204ca56cd56b533cfcc0d3e76ec2892078a5e8573b29c", false), diff --git a/constantine/curves/bn254_nogami_frobenius.nim b/constantine/curves/bn254_nogami_frobenius.nim index d5a0725..7209200 100644 --- a/constantine/curves/bn254_nogami_frobenius.nim +++ b/constantine/curves/bn254_nogami_frobenius.nim @@ -17,7 +17,7 @@ import # c = (SNR^((p-1)/6)^coef). # Then for frobenius(2): c * conjugate(c) # And for frobenius(3): c² * conjugate(c) -const FrobMapConst_BN254_Nogami* = [ +const BN254_Nogami_FrobeniusMapCoefficients* = [ # frobenius(1) [Fp2[BN254_Nogami].fromHex( # SNR^((p-1)/6)^0 "0x1", @@ -98,22 +98,22 @@ const FrobMapConst_BN254_Nogami* = [ # ----------------------------------------------------------------- # BN254_Snarks is a D-Twist: SNR^((p-1)/6) -const FrobPsiConst_BN254_Nogami_psi1_coef1* = Fp2[BN254_Nogami].fromHex( +const BN254_Nogami_FrobeniusPsi_psi1_coef1* = Fp2[BN254_Nogami].fromHex( "0x1b377619212e7c8cb6499b50a846953f850974924d3f77c2e17de6c06f2a6de9", "0x9ebee691ed1837503eab22f57b96ac8dc178b6db2c08850c582193f90d5922a" ) # SNR^((p-1)/3) -const FrobPsiConst_BN254_Nogami_psi1_coef2* = Fp2[BN254_Nogami].fromHex( +const BN254_Nogami_FrobeniusPsi_psi1_coef2* = Fp2[BN254_Nogami].fromHex( "0x0", "0x25236482400000017080eb4000000006181800000000000cd98000000000000b" ) # SNR^((p-1)/2) -const FrobPsiConst_BN254_Nogami_psi1_coef3* = Fp2[BN254_Nogami].fromHex( +const BN254_Nogami_FrobeniusPsi_psi1_coef3* = Fp2[BN254_Nogami].fromHex( "0x23dfc9d1a39f4db8c69b87a8848aa075a7333a0e62d78cbf4b1b8eeae58b81c5", "0x23dfc9d1a39f4db8c69b87a8848aa075a7333a0e62d78cbf4b1b8eeae58b81c5" ) # norm(SNR)^((p-1)/3) -const FrobPsiConst_BN254_Nogami_psi2_coef2* = Fp2[BN254_Nogami].fromHex( +const BN254_Nogami_FrobeniusPsi_psi2_coef2* = Fp2[BN254_Nogami].fromHex( "0x49b36240000000024909000000000006cd80000000000007", "0x0" ) diff --git a/constantine/curves/bn254_snarks_frobenius.nim b/constantine/curves/bn254_snarks_frobenius.nim index 7635b5c..1aab674 100644 --- a/constantine/curves/bn254_snarks_frobenius.nim +++ b/constantine/curves/bn254_snarks_frobenius.nim @@ -17,7 +17,7 @@ import # c = (SNR^((p-1)/6)^coef). # Then for frobenius(2): c * conjugate(c) # And for frobenius(3): c² * conjugate(c) -const FrobMapConst_BN254_Snarks* = [ +const BN254_Snarks_FrobeniusMapCoefficients* = [ # frobenius(1) [Fp2[BN254_Snarks].fromHex( # SNR^((p-1)/6)^0 "0x1", @@ -98,22 +98,22 @@ const FrobMapConst_BN254_Snarks* = [ # ----------------------------------------------------------------- # BN254_Snarks is a D-Twist: SNR^((p-1)/6) -const FrobPsiConst_BN254_Snarks_psi1_coef1* = Fp2[BN254_Snarks].fromHex( +const BN254_Snarks_FrobeniusPsi_psi1_coef1* = Fp2[BN254_Snarks].fromHex( "0x1284b71c2865a7dfe8b99fdd76e68b605c521e08292f2176d60b35dadcc9e470", "0x246996f3b4fae7e6a6327cfe12150b8e747992778eeec7e5ca5cf05f80f362ac" ) # SNR^((p-1)/3) -const FrobPsiConst_BN254_Snarks_psi1_coef2* = Fp2[BN254_Snarks].fromHex( +const BN254_Snarks_FrobeniusPsi_psi1_coef2* = Fp2[BN254_Snarks].fromHex( "0x2fb347984f7911f74c0bec3cf559b143b78cc310c2c3330c99e39557176f553d", "0x16c9e55061ebae204ba4cc8bd75a079432ae2a1d0b7c9dce1665d51c640fcba2" ) # SNR^((p-1)/2) -const FrobPsiConst_BN254_Snarks_psi1_coef3* = Fp2[BN254_Snarks].fromHex( +const BN254_Snarks_FrobeniusPsi_psi1_coef3* = Fp2[BN254_Snarks].fromHex( "0x63cf305489af5dcdc5ec698b6e2f9b9dbaae0eda9c95998dc54014671a0135a", "0x7c03cbcac41049a0704b5a7ec796f2b21807dc98fa25bd282d37f632623b0e3" ) # norm(SNR)^((p-1)/3) -const FrobPsiConst_BN254_Snarks_psi2_coef2* = Fp2[BN254_Snarks].fromHex( +const BN254_Snarks_FrobeniusPsi_psi2_coef2* = Fp2[BN254_Snarks].fromHex( "0x30644e72e131a0295e6dd9e7e0acccb0c28f069fbb966e3de4bd44e5607cfd48", "0x0" ) diff --git a/constantine/curves/bn254_snarks_glv.nim b/constantine/curves/bn254_snarks_glv.nim index 191f344..d262f5e 100644 --- a/constantine/curves/bn254_snarks_glv.nim +++ b/constantine/curves/bn254_snarks_glv.nim @@ -17,7 +17,7 @@ const BN254_Snarks_cubicRootofUnity_mod_p* = Fp[BN254_Snarks].fromHex"0x30644e72e131a0295e6dd9e7e0acccb0c28f069fbb966e3de4bd44e5607cfd48" # Chapter 6.3.1 - Guide to Pairing-based Cryptography -const Lattice_BN254_Snarks_G1* = ( +const BN254_Snarks_Lattice_G1* = ( # Curve of order 254 -> mini scalars of size 127 # u = 0x44E992B44A6909F1 # (BigInt, isNeg) @@ -27,7 +27,7 @@ const Lattice_BN254_Snarks_G1* = ( (BigInt[64].fromHex"0x89d3256894d213e3", true)) # -2u - 1 ) -const Babai_BN254_Snarks_G1* = ( +const BN254_Snarks_Babai_G1* = ( # Vector for Babai rounding # (BigInt, isNeg) (BigInt[66].fromHex"0x2d91d232ec7e0b3d7", false), # (2u + 1) << 2^256 // r @@ -37,7 +37,7 @@ const Babai_BN254_Snarks_G1* = ( # BN254 Snarks G2 # ---------------------------------------------------------------------------------------- -const Lattice_BN254_Snarks_G2* = ( +const BN254_Snarks_Lattice_G2* = ( # Curve of order 254 -> mini scalars of size 65 # x = 0x44E992B44A6909F1 # Value, isNeg @@ -62,7 +62,7 @@ const Lattice_BN254_Snarks_G2* = ( (BigInt[63].fromHex"0x44e992b44a6909f0", false)), # x-1 ) -const Babai_BN254_Snarks_G2* = ( +const BN254_Snarks_Babai_G2* = ( # Vector for Babai rounding # Value, isNeg (BigInt[128].fromHex"0xc444fab18d269b9dd0cb46fd51906254", false), # 2x²+3x+1 << 2^256 // r diff --git a/constantine/curves/constants_frobenius.nim b/constantine/curves/constants_frobenius.nim index a7b5f38..6c8d5e1 100644 --- a/constantine/curves/constants_frobenius.nim +++ b/constantine/curves/constants_frobenius.nim @@ -24,11 +24,11 @@ macro frobMapConst*(C: static Curve, coef, p_pow: static int): untyped = ## With pow the return nnkBracketExpr.newTree( nnkBracketExpr.newTree( - bindSym("FrobMapConst_" & $C), + bindSym($C & "_FrobeniusMapCoefficients"), newLit(p_pow-1) ), newLit coef ) macro frobPsiConst*(C: static Curve, psipow, coefpow: static int): untyped = - return bindSym("FrobPsiConst_" & $C & "_psi" & $psipow & "_coef" & $coefpow) + return bindSym($C & "_FrobeniusPsi_psi" & $psipow & "_coef" & $coefpow) diff --git a/constantine/curves/constants_glv.nim b/constantine/curves/constants_glv.nim index 3e76f10..6a9f421 100644 --- a/constantine/curves/constants_glv.nim +++ b/constantine/curves/constants_glv.nim @@ -17,18 +17,20 @@ import {.experimental: "dynamicBindSym".} -macro dispatch(prefix: static string, C: static Curve, G: static string): untyped = - result = bindSym(prefix & $C & "_" & G) +macro dispatch(C: static Curve, tag: static string, G: static string): untyped = + result = bindSym($C & "_" & tag & "_" & G) template babai*(F: typedesc[Fp or Fp2]): untyped = + ## Return the GLV Babai roundings vector const G = if F is Fp: "G1" else: "G2" - dispatch("Babai_", F.C, G) + dispatch(F.C, "Babai", G) template lattice*(F: typedesc[Fp or Fp2]): untyped = + ## Returns the GLV Decomposition Lattice const G = if F is Fp: "G1" else: "G2" - dispatch("Lattice_", F.C, G) + dispatch(F.C, "Lattice", G) macro getCubicRootOfUnity_mod_p*(C: static Curve): untyped = ## Get a non-trivial cubic root of unity (mod p) with p the prime field