From 0e1f0c556293b66fd647290e59dc154f5ca5aaa7 Mon Sep 17 00:00:00 2001
From: Nicholas Ward <npward@berkeley.edu>
Date: Wed, 10 Nov 2021 11:50:04 -0800
Subject: [PATCH] merge

---
 src/curve/curve_summation.rs | 25 ++++++++++++------------
 src/gadgets/secp256k1.rs     | 38 +++++++++++++++++++++++++++++-------
 2 files changed, 44 insertions(+), 19 deletions(-)

diff --git a/src/curve/curve_summation.rs b/src/curve/curve_summation.rs
index 501a4977..ad4232ce 100644
--- a/src/curve/curve_summation.rs
+++ b/src/curve/curve_summation.rs
@@ -186,50 +186,51 @@ pub fn affine_multisummation_batch_inversion<C: Curve>(
 
 #[cfg(test)]
 mod tests {
-    use crate::{
-        affine_summation_batch_inversion, affine_summation_pairwise, Bls12377, Curve,
-        ProjectivePoint,
+    use crate::curve::curve_summation::{
+        affine_summation_batch_inversion, affine_summation_pairwise,
     };
+    use crate::curve::curve_types::{Curve, ProjectivePoint};
+    use crate::curve::secp256k1_curve::Secp256K1;
 
     #[test]
     fn test_pairwise_affine_summation() {
-        let g_affine = Bls12377::GENERATOR_AFFINE;
+        let g_affine = Secp256K1::GENERATOR_AFFINE;
         let g2_affine = (g_affine + g_affine).to_affine();
         let g3_affine = (g_affine + g_affine + g_affine).to_affine();
         let g2_proj = g2_affine.to_projective();
         let g3_proj = g3_affine.to_projective();
         assert_eq!(
-            affine_summation_pairwise::<Bls12377>(vec![g_affine, g_affine]),
+            affine_summation_pairwise::<Secp256K1>(vec![g_affine, g_affine]),
             g2_proj
         );
         assert_eq!(
-            affine_summation_pairwise::<Bls12377>(vec![g_affine, g2_affine]),
+            affine_summation_pairwise::<Secp256K1>(vec![g_affine, g2_affine]),
             g3_proj
         );
         assert_eq!(
-            affine_summation_pairwise::<Bls12377>(vec![g_affine, g_affine, g_affine]),
+            affine_summation_pairwise::<Secp256K1>(vec![g_affine, g_affine, g_affine]),
             g3_proj
         );
         assert_eq!(
-            affine_summation_pairwise::<Bls12377>(vec![]),
+            affine_summation_pairwise::<Secp256K1>(vec![]),
             ProjectivePoint::ZERO
         );
     }
 
     #[test]
     fn test_pairwise_affine_summation_batch_inversion() {
-        let g = Bls12377::GENERATOR_AFFINE;
+        let g = Secp256K1::GENERATOR_AFFINE;
         let g_proj = g.to_projective();
         assert_eq!(
-            affine_summation_batch_inversion::<Bls12377>(vec![g, g]),
+            affine_summation_batch_inversion::<Secp256K1>(vec![g, g]),
             g_proj + g_proj
         );
         assert_eq!(
-            affine_summation_batch_inversion::<Bls12377>(vec![g, g, g]),
+            affine_summation_batch_inversion::<Secp256K1>(vec![g, g, g]),
             g_proj + g_proj + g_proj
         );
         assert_eq!(
-            affine_summation_batch_inversion::<Bls12377>(vec![]),
+            affine_summation_batch_inversion::<Secp256K1>(vec![]),
             ProjectivePoint::ZERO
         );
     }
diff --git a/src/gadgets/secp256k1.rs b/src/gadgets/secp256k1.rs
index 36d8d145..3294a954 100644
--- a/src/gadgets/secp256k1.rs
+++ b/src/gadgets/secp256k1.rs
@@ -4,29 +4,53 @@ use crate::field::field_types::RichField;
 use crate::gadgets::nonnative::ForeignFieldTarget;
 use crate::plonk::circuit_builder::CircuitBuilder;
 
+/// A Target representing an affine point on the curve `C`.
 #[derive(Clone, Debug)]
 pub struct AffinePointTarget<C: Curve> {
-    pub x: ForeignFieldTarget<C::ScalarField>,
-    pub y: ForeignFieldTarget<C::ScalarField>,
+    pub x: ForeignFieldTarget<C::BaseField>,
+    pub y: ForeignFieldTarget<C::BaseField>,
 }
 
 impl<C: Curve> AffinePointTarget<C> {
-    pub fn to_vec(&self) -> Vec<ForeignFieldTarget<C::ScalarField>> {
+    pub fn to_vec(&self) -> Vec<ForeignFieldTarget<C::BaseField>> {
         vec![self.x.clone(), self.y.clone()]
     }
 }
 
 impl<F: RichField + Extendable<D>, const D: usize> CircuitBuilder<F, D> {
-    pub fn constant_affine_point<C: Curve, InnerC: Curve<BaseField = C::ScalarField>>(
+    pub fn constant_affine_point<C: Curve>(
         &mut self,
-        point: AffinePoint<InnerC>,
+        point: AffinePoint<C>,
     ) -> AffinePointTarget<C> {
         debug_assert!(!point.zero);
         AffinePointTarget {
-            x: self.constant_ff(point.x),
-            y: self.constant_ff(point.y),
+            x: self.constant_nonnative(point.x),
+            y: self.constant_nonnative(point.y),
         }
     }
+
+    pub fn connect_affine_point<C: Curve>(
+        &mut self,
+        lhs: AffinePointTarget<C>,
+        rhs: AffinePointTarget<C>,
+    ) {
+        self.connect_nonnative(&lhs.x, &rhs.x);
+        self.connect_nonnative(&lhs.y, &rhs.y);
+    }
+
+    pub fn curve_assert_valid<C: Curve>(&mut self, p: AffinePointTarget<C>) {
+        let a = self.constant_nonnative(C::A);
+        let b = self.constant_nonnative(C::B);
+
+        let y_squared = self.mul_nonnative(&p.y, &p.y);
+        let x_squared = self.mul_nonnative(&p.x, &p.x);
+        let x_cubed = self.mul_nonnative(&x_squared, &p.x);
+        let a_x = self.mul_nonnative(&a, &p.x);
+        let a_x_plus_b = self.add_nonnative(&a_x, &b);
+        let rhs = self.add_nonnative(&x_cubed, &a_x_plus_b);
+
+        self.connect_nonnative(&y_squared, &rhs);
+    }
 }
 
 mod tests {}