mirror of
https://github.com/codex-storage/constantine.git
synced 2025-01-27 19:15:30 +00:00
Properly distinguish between Nogami and Snark/Ethereum BN254 closes #19
This commit is contained in:
parent
42109d4f1c
commit
33314fe725
@ -27,7 +27,8 @@ const Iters = 1_000_000
|
||||
const InvIters = 1000
|
||||
const AvailableCurves = [
|
||||
P224,
|
||||
BN254,
|
||||
BN254_Nogami,
|
||||
BN254_Snarks,
|
||||
Curve25519,
|
||||
P256,
|
||||
Secp256k1,
|
||||
|
@ -27,7 +27,8 @@ const Iters = 10_000
|
||||
const InvIters = 1000
|
||||
const AvailableCurves = [
|
||||
# Pairing-Friendly curves
|
||||
BN254,
|
||||
BN254_Nogami,
|
||||
BN254_Snarks,
|
||||
BLS12_377,
|
||||
BLS12_381,
|
||||
BN446,
|
||||
|
@ -27,7 +27,8 @@ const Iters = 1_000_000
|
||||
const InvIters = 1000
|
||||
const AvailableCurves = [
|
||||
# Pairing-Friendly curves
|
||||
BN254,
|
||||
BN254_Nogami,
|
||||
BN254_Snarks,
|
||||
BLS12_377,
|
||||
BLS12_381,
|
||||
BN446,
|
||||
|
@ -27,7 +27,8 @@ const Iters = 1_000_000
|
||||
const InvIters = 1000
|
||||
const AvailableCurves = [
|
||||
# Pairing-Friendly curves
|
||||
BN254,
|
||||
BN254_Nogami,
|
||||
BN254_Snarks,
|
||||
BLS12_377,
|
||||
BLS12_381,
|
||||
BN446,
|
||||
|
@ -71,11 +71,16 @@ declareCurves:
|
||||
curve P224: # NIST P-224
|
||||
bitsize: 224
|
||||
modulus: "0xffffffff_ffffffff_ffffffff_ffffffff_00000000_00000000_00000001"
|
||||
curve BN254: # Zero-Knowledge proofs curve (SNARKS, STARKS)
|
||||
curve BN254_Nogami: # Integer Variable χ–Based Ate Pairing, 2008, Nogami et al
|
||||
bitsize: 254
|
||||
modulus: "0x2523648240000001ba344d80000000086121000000000013a700000000000013"
|
||||
# Equation: Y^2 = X^3 + 2
|
||||
# u: -(2^62 + 2^55 + 1)
|
||||
curve BN254_Snarks: # Zero-Knowledge proofs curve (SNARKS, STARKS, Ethereum)
|
||||
bitsize: 254
|
||||
modulus: "0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47"
|
||||
# Equation: Y^2 = X^3 + 3
|
||||
# u: -(2^62 + 2^55 + 1)
|
||||
# u: 4965661367192848881
|
||||
curve Curve25519: # Bernstein curve
|
||||
bitsize: 255
|
||||
modulus: "0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed"
|
||||
|
@ -18,7 +18,8 @@
|
||||
# trigger "carry" code-paths that are not triggered by pairing-friendly moduli.
|
||||
Curves = {
|
||||
'P224': Integer('0xffffffffffffffffffffffffffffffff000000000000000000000001'),
|
||||
'BN254': Integer('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47'),
|
||||
'BN254_Nogami': Integer('0x2523648240000001ba344d80000000086121000000000013a700000000000013'),
|
||||
'BN254_Snarks': Integer('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47'),
|
||||
'Curve25519': Integer('0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffed'),
|
||||
'P256': Integer('0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff'),
|
||||
'Secp256k1': Integer('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F'),
|
||||
|
@ -109,7 +109,8 @@ proc main() =
|
||||
exhaustiveCheck_p3mod4 Fake65519, 65519
|
||||
randomSqrtCheck_p3mod4 Mersenne61
|
||||
randomSqrtCheck_p3mod4 Mersenne127
|
||||
randomSqrtCheck_p3mod4 BN254
|
||||
randomSqrtCheck_p3mod4 BN254_Nogami
|
||||
randomSqrtCheck_p3mod4 BN254_Snarks
|
||||
randomSqrtCheck_p3mod4 P256
|
||||
randomSqrtCheck_p3mod4 Secp256k1
|
||||
randomSqrtCheck_p3mod4 BLS12_381
|
||||
|
@ -20,7 +20,8 @@ import
|
||||
var RNG {.compileTime.} = initRand(1234)
|
||||
const CurveParams = [
|
||||
P224,
|
||||
BN254,
|
||||
BN254_Nogami,
|
||||
BN254_Snarks,
|
||||
Curve25519,
|
||||
P256,
|
||||
Secp256k1,
|
||||
@ -32,7 +33,7 @@ const CurveParams = [
|
||||
BN462
|
||||
]
|
||||
|
||||
const AvailableCurves = [P224, BN254, P256, Secp256k1, BLS12_381]
|
||||
const AvailableCurves = [P224, BN254_Nogami, BN254_Snarks, P256, Secp256k1, BLS12_381]
|
||||
|
||||
const # https://gmplib.org/manual/Integer-Import-and-Export.html
|
||||
GMP_WordLittleEndian = -1'i32
|
||||
|
@ -50,7 +50,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -86,7 +87,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -124,7 +126,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -162,7 +165,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -190,16 +194,28 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(x, Zero)
|
||||
check: bool(r == Zero)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(Zero, x)
|
||||
check: bool(r == Zero)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(x, One)
|
||||
check: bool(r == x)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(One, x)
|
||||
check: bool(r == x)
|
||||
test(BN254_Snarks):
|
||||
r.prod(x, Zero)
|
||||
check: bool(r == Zero)
|
||||
test(BN254_Snarks):
|
||||
r.prod(Zero, x)
|
||||
check: bool(r == Zero)
|
||||
test(BN254_Snarks):
|
||||
r.prod(x, One)
|
||||
check: bool(r == x)
|
||||
test(BN254_Snarks):
|
||||
r.prod(One, x)
|
||||
check: bool(r == x)
|
||||
test(BLS12_381):
|
||||
@ -242,7 +258,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -268,7 +285,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -311,7 +329,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -361,7 +380,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
bool(r0 == r3)
|
||||
bool(r0 == r4)
|
||||
|
||||
abelianGroup(BN254)
|
||||
abelianGroup(BN254_Nogami)
|
||||
abelianGroup(BN254_Snarks)
|
||||
abelianGroup(BLS12_377)
|
||||
abelianGroup(BLS12_381)
|
||||
abelianGroup(BN446)
|
||||
@ -411,7 +431,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
bool(r0 == r3)
|
||||
bool(r0 == r4)
|
||||
|
||||
commutativeRing(BN254)
|
||||
commutativeRing(BN254_Nogami)
|
||||
commutativeRing(BN254_Snarks)
|
||||
commutativeRing(BLS12_377)
|
||||
commutativeRing(BLS12_381)
|
||||
commutativeRing(BN446)
|
||||
@ -441,7 +462,8 @@ suite "𝔽p12 = 𝔽p6[√∛(1+𝑖)]":
|
||||
r.prod(aInv, a)
|
||||
check: bool(r == one)
|
||||
|
||||
mulInvOne(BN254)
|
||||
mulInvOne(BN254_Nogami)
|
||||
mulInvOne(BN254_Snarks)
|
||||
mulInvOne(BLS12_377)
|
||||
mulInvOne(BLS12_381)
|
||||
mulInvOne(BN446)
|
||||
|
@ -51,7 +51,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
bool(r == oneBig)
|
||||
bool(oneFp2.c1.mres.isZero())
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_381)
|
||||
|
||||
test "Squaring 1 returns 1":
|
||||
@ -73,7 +74,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -101,16 +103,28 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(x, Zero)
|
||||
check: bool(r == Zero)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(Zero, x)
|
||||
check: bool(r == Zero)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(x, One)
|
||||
check: bool(r == x)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(One, x)
|
||||
check: bool(r == x)
|
||||
test(BN254_Snarks):
|
||||
r.prod(x, Zero)
|
||||
check: bool(r == Zero)
|
||||
test(BN254_Snarks):
|
||||
r.prod(Zero, x)
|
||||
check: bool(r == Zero)
|
||||
test(BN254_Snarks):
|
||||
r.prod(x, One)
|
||||
check: bool(r == x)
|
||||
test(BN254_Snarks):
|
||||
r.prod(One, x)
|
||||
check: bool(r == x)
|
||||
test(BLS12_381):
|
||||
@ -141,7 +155,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -167,7 +182,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -210,7 +226,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -260,7 +277,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
bool(r0 == r3)
|
||||
bool(r0 == r4)
|
||||
|
||||
abelianGroup(BN254)
|
||||
abelianGroup(BN254_Nogami)
|
||||
abelianGroup(BN254_Snarks)
|
||||
abelianGroup(BLS12_377)
|
||||
abelianGroup(BLS12_381)
|
||||
abelianGroup(BN446)
|
||||
@ -310,7 +328,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
bool(r0 == r3)
|
||||
bool(r0 == r4)
|
||||
|
||||
commutativeRing(BN254)
|
||||
commutativeRing(BN254_Nogami)
|
||||
commutativeRing(BN254_Snarks)
|
||||
commutativeRing(BLS12_377)
|
||||
commutativeRing(BLS12_381)
|
||||
commutativeRing(BN446)
|
||||
@ -333,7 +352,8 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||
r.prod(aInv, a)
|
||||
check: bool(r == one)
|
||||
|
||||
mulInvOne(BN254)
|
||||
mulInvOne(BN254_Nogami)
|
||||
mulInvOne(BN254_Snarks)
|
||||
mulInvOne(BLS12_377)
|
||||
mulInvOne(BLS12_381)
|
||||
mulInvOne(BN446)
|
||||
|
@ -50,7 +50,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -86,7 +87,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -124,7 +126,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -162,7 +165,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -190,16 +194,28 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(x, Zero)
|
||||
check: bool(r == Zero)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(Zero, x)
|
||||
check: bool(r == Zero)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(x, One)
|
||||
check: bool(r == x)
|
||||
test(BN254):
|
||||
test(BN254_Nogami):
|
||||
r.prod(One, x)
|
||||
check: bool(r == x)
|
||||
test(BN254_Snarks):
|
||||
r.prod(x, Zero)
|
||||
check: bool(r == Zero)
|
||||
test(BN254_Snarks):
|
||||
r.prod(Zero, x)
|
||||
check: bool(r == Zero)
|
||||
test(BN254_Snarks):
|
||||
r.prod(x, One)
|
||||
check: bool(r == x)
|
||||
test(BN254_Snarks):
|
||||
r.prod(One, x)
|
||||
check: bool(r == x)
|
||||
test(BLS12_381):
|
||||
@ -242,7 +258,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -268,7 +285,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -311,7 +329,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
|
||||
testInstance()
|
||||
|
||||
test(BN254)
|
||||
test(BN254_Nogami)
|
||||
test(BN254_Snarks)
|
||||
test(BLS12_377)
|
||||
test(BLS12_381)
|
||||
test(BN446)
|
||||
@ -361,7 +380,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
bool(r0 == r3)
|
||||
bool(r0 == r4)
|
||||
|
||||
abelianGroup(BN254)
|
||||
abelianGroup(BN254_Nogami)
|
||||
abelianGroup(BN254_Snarks)
|
||||
abelianGroup(BLS12_377)
|
||||
abelianGroup(BLS12_381)
|
||||
abelianGroup(BN446)
|
||||
@ -411,7 +431,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
bool(r0 == r3)
|
||||
bool(r0 == r4)
|
||||
|
||||
commutativeRing(BN254)
|
||||
commutativeRing(BN254_Nogami)
|
||||
commutativeRing(BN254_Snarks)
|
||||
commutativeRing(BLS12_377)
|
||||
commutativeRing(BLS12_381)
|
||||
commutativeRing(BN446)
|
||||
@ -441,7 +462,8 @@ suite "𝔽p6 = 𝔽p2[∛(1+𝑖)] (irreducible polynomial x³ - (1+𝑖))":
|
||||
r.prod(aInv, a)
|
||||
check: bool(r == one)
|
||||
|
||||
mulInvOne(BN254)
|
||||
mulInvOne(BN254_Nogami)
|
||||
mulInvOne(BN254_Snarks)
|
||||
mulInvOne(BLS12_377)
|
||||
mulInvOne(BLS12_381)
|
||||
mulInvOne(BN446)
|
||||
|
Loading…
x
Reference in New Issue
Block a user