diff --git a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/invariant_exponent.asm b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/invariant_exponent.asm index c74db1af..9d72767d 100644 --- a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/invariant_exponent.asm +++ b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/invariant_exponent.asm @@ -13,15 +13,15 @@ global bn254_invariant_exponent: /// def first_exp(y): /// return y.frob(6) / y // stack: out, retdest {out: y} - %stack (out) -> (out, 100, first_exp, out) - // stack: out, 100, first_exp, out, retdest {out: y} + %stack (out) -> (out, 0, first_exp, out) + // stack: out, 0, first_exp, out, retdest {out: y} %jump(inv_fp254_12) first_exp: - // stack: out, retdest {out: y , 100: y^-1} + // stack: out, retdest {out: y , 0: y^-1} %frob_fp254_12_6 - // stack: out, retdest {out: y_6, 100: y^-1} - %stack (out) -> (out, 100, out, second_exp, out) - // stack: out, 100, out, second_exp, out, retdest {out: y_6, 100: y^-1} + // stack: out, retdest {out: y_6, 0: y^-1} + %stack (out) -> (out, 0, out, second_exp, out) + // stack: out, 0, out, second_exp, out, retdest {out: y_6, 0: y^-1} %jump(mul_fp254_12) /// second, exponentiate by (p^2 + 1) via @@ -29,10 +29,10 @@ first_exp: /// return y.frob(2) * y second_exp: // stack: out, retdest {out: y} - %stack (out) -> (out, 100, out, out, final_exp, out) - // stack: out, 100, out, out, final_exp, out, retdest {out: y} + %stack (out) -> (out, 0, out, out, final_exp, out) + // stack: out, 0, out, out, final_exp, out, retdest {out: y} %frob_fp254_12_2_ - // stack: 100, out, out, final_exp, out, retdest {out: y, 100: y_2} + // stack: 0, out, out, final_exp, out, retdest {out: y, 0: y_2} %jump(mul_fp254_12) /// Finally, we must exponentiate by (p^4 - p^2 + 1)/N @@ -52,19 +52,19 @@ second_exp: /// final_power() final_exp: - // stack: val, retdest - %stack (val) -> (val, 300, val) - // stack: val, 300, val, retdest + // stack: val, retdest + %stack (val) -> (val, 60, val) + // stack: val, 60, val, retdest %move_fp254_12 - // stack: 300, val, retdest + // stack: 60, val, retdest %stack () -> (1, 1, 1) - // stack: 1, 1, 1, 300, val, retdest - %mstore_kernel_bn254_pairing(200) - %mstore_kernel_bn254_pairing(224) - %mstore_kernel_bn254_pairing(212) - // stack: 300, val, retdest {200: y0, 212: y2, 224: y4} + // stack: 1, 1, 1, 60, val, retdest + %mstore_kernel_bn254_pairing(12) + %mstore_kernel_bn254_pairing(36) + %mstore_kernel_bn254_pairing(24) + // stack: 60, val, retdest {12: y0, 24: y2, 36: y4} %stack () -> (64, 62, 65) - // stack: 64, 62, 65, 300, val, retdest {200: y0, 212: y2, 224: y4} + // stack: 64, 62, 65, 60, val, retdest {12: y0, 24: y2, 36: y4} %jump(power_loop_4) /// After computing the powers @@ -87,49 +87,49 @@ final_exp: /// return y * y2 * y1 * y0 custom_powers: - // stack: val, retdest {200: y0, 212: y2, 224: y4} - %stack () -> (200, 236, make_term_1) - // stack: 200, 236, make_term_1, val, retdest {200: y0, 212: y2, 224: y4} + // stack: val, retdest {12: y0, 24: y2, 36: y4} + %stack () -> (12, 48, make_term_1) + // stack: 12, 48, make_term_1, val, retdest {12: y0, 24: y2, 36: y4} %jump(inv_fp254_12) make_term_1: - // stack: val, retdest {212: y2, 224: y4, 236: y0^-1} - %stack () -> (212, 224, 224, make_term_2) - // stack: 212, 224, 224, make_term_2, val, retdest {212: y2, 224: y4, 236: y0^-1} + // stack: val, retdest {24: y2, 36: y4, 48: y0^-1} + %stack () -> (24, 36, 36, make_term_2) + // stack: 24, 36, 36, make_term_2, val, retdest {24: y2, 36: y4, 48: y0^-1} %jump(mul_fp254_12) make_term_2: - // stack: val, retdest {212: y2, 224: y4 * y2, 236: y0^-1} - %stack () -> (212, 224, 224, make_term_3) - // stack: 212, 224, 224, make_term_3, val, retdest {212: y2, 224: y4 * y2, 236: y0^-1} + // stack: val, retdest {24: y2, 36: y4 * y2, 48: y0^-1} + %stack () -> (24, 36, 36, make_term_3) + // stack: 24, 36, 36, make_term_3, val, retdest {24: y2, 36: y4 * y2, 48: y0^-1} %jump(mul_fp254_12) make_term_3: - // stack: val, retdest {212: y2, 224: y4 * y2^2, 236: y0^-1} - %stack () -> (236, 224, 224, final_power) - // stack: 236, 224, 224, final_power, val, retdest {212: y2, 224: y4 * y2^2, 236: y0^-1} + // stack: val, retdest {24: y2, 36: y4 * y2^2, 48: y0^-1} + %stack () -> (48, 36, 36, final_power) + // stack: 48, 36, 36, final_power, val, retdest {24: y2, 36: y4 * y2^2, 48: y0^-1} %jump(mul_fp254_12) final_power: - // stack: val, retdest {val: y , 212: y^a2 , 224: y^a1 , 236: y^a0} + // stack: val, retdest {val: y , 24: y^a2 , 36: y^a1 , 48: y^a0} %frob_fp254_12_3 - // stack: val, retdest {val: y_3, 212: y^a2 , 224: y^a1 , 236: y^a0} - %stack () -> (212, 212) + // stack: val, retdest {val: y_3, 24: y^a2 , 36: y^a1 , 48: y^a0} + %stack () -> (24, 24) %frob_fp254_12_2_ POP - // stack: val, retdest {val: y_3, 212: (y^a2)_2, 224: y^a1 , 236: y^a0} - PUSH 224 + // stack: val, retdest {val: y_3, 24: (y^a2)_2, 36: y^a1 , 48: y^a0} + PUSH 36 %frob_fp254_12_1 POP - // stack: val, retdest {val: y_3, 212: (y^a2)_2, 224: (y^a1)_1, 236: y^a0} - %stack (val) -> (212, val, val, penult_mul, val) - // stack: 212, val, val, penult_mul, val, retdest {val: y_3, 212: (y^a2)_2, 224: (y^a1)_1, 236: y^a0} + // stack: val, retdest {val: y_3, 24: (y^a2)_2, 36: (y^a1)_1, 48: y^a0} + %stack (val) -> (24, val, val, penult_mul, val) + // stack: 24, val, val, penult_mul, val, retdest {val: y_3, 24: (y^a2)_2, 36: (y^a1)_1, 48: y^a0} %jump(mul_fp254_12) penult_mul: - // stack: val, retdest {val: y_3 * (y^a2)_2, 224: (y^a1)_1, 236: y^a0} - %stack (val) -> (224, val, val, final_mul, val) - // stack: 224, val, val, final_mul, val, retdest {val: y_3 * (y^a2)_2, 224: (y^a1)_1, 236: y^a0} + // stack: val, retdest {val: y_3 * (y^a2)_2, 36: (y^a1)_1, 48: y^a0} + %stack (val) -> (36, val, val, final_mul, val) + // stack: 36, val, val, final_mul, val, retdest {val: y_3 * (y^a2)_2, 36: (y^a1)_1, 48: y^a0} %jump(mul_fp254_12) final_mul: - // stack: val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 236: y^a0} - %stack (val) -> (236, val, val) - // stack: 236, val, val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 236: y^a0} + // stack: val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 48: y^a0} + %stack (val) -> (48, val, val) + // stack: 48, val, val, retdest {val: y_3 * (y^a2)_2 * (y^a1)_1, 48: y^a0} %jump(mul_fp254_12) @@ -164,156 +164,156 @@ final_mul: /// y0 *= acc power_loop_4: - // stack: i , j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: i , j, k, sqr {12: y0, 24: y2, 36: y4} DUP1 ISZERO - // stack: break?, i , j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: break?, i , j, k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_4_end) - // stack: i , j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: i , j, k, sqr {12: y0, 24: y2, 36: y4} %sub_const(1) - // stack: i-1, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: i-1, j, k, sqr {12: y0, 24: y2, 36: y4} DUP1 %mload_kernel_code(power_data_4) - // stack: abc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: abc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4} DUP1 %lt_const(100) - // stack: skip?, abc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: skip?, abc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_4_b) - // stack: abc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: abc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4} %sub_const(100) - // stack: bc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (224, 224, power_loop_4_b) - // stack: 224, 224, power_loop_4_b, bc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: bc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (36, 36, power_loop_4_b) + // stack: 36, 36, power_loop_4_b, bc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4} DUP8 - // stack: sqr, 224, 224, power_loop_4_b, bc, i-1, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 36, 36, power_loop_4_b, bc, i-1, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_4_b: - // stack: bc, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: bc, i, j, k, sqr {12: y0, 24: y2, 36: y4} DUP1 %lt_const(10) - // stack: skip?, bc, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: skip?, bc, i, j, k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_4_c) - // stack: bc, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: bc, i, j, k, sqr {12: y0, 24: y2, 36: y4} %sub_const(10) - // stack: c, i, j, k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (212, 212, power_loop_4_c) - // stack: 212, 212, power_loop_4_c, c, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: c, i, j, k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (24, 24, power_loop_4_c) + // stack: 24, 24, power_loop_4_c, c, i, j, k, sqr {12: y0, 24: y2, 36: y4} DUP8 - // stack: sqr, 212, 212, power_loop_4_c, c, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 24, 24, power_loop_4_c, c, i, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_4_c: - // stack: c, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: c, i, j, k, sqr {12: y0, 24: y2, 36: y4} ISZERO - // stack: skip?, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: skip?, i, j, k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_4_sq) - // stack: i, j, k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (200, 200, power_loop_4_sq) - // stack: 200, 200, power_loop_4_sq, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: i, j, k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (12, 12, power_loop_4_sq) + // stack: 12, 12, power_loop_4_sq, i, j, k, sqr {12: y0, 24: y2, 36: y4} DUP7 - // stack: sqr, 200, 200, power_loop_4_sq, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 12, 12, power_loop_4_sq, i, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_4_sq: - // stack: i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: i, j, k, sqr {12: y0, 24: y2, 36: y4} PUSH power_loop_4 - // stack: power_loop_4, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: power_loop_4, i, j, k, sqr {12: y0, 24: y2, 36: y4} DUP5 DUP1 - // stack: sqr, sqr, power_loop_4, i, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, sqr, power_loop_4, i, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(square_fp254_12) power_loop_4_end: - // stack: 0, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: 0, j, k, sqr {12: y0, 24: y2, 36: y4} POP - // stack: j, k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (224, 224, power_loop_2) - // stack: 224, 224, power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: j, k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (36, 36, power_loop_2) + // stack: 36, 36, power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4} DUP6 - // stack: sqr, 224, 224, power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 36, 36, power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_2: - // stack: j , k, sqr {200: y0, 212: y2, 224: y4} + // stack: j , k, sqr {12: y0, 24: y2, 36: y4} DUP1 ISZERO - // stack: break?, j , k, sqr {200: y0, 212: y2, 224: y4} + // stack: break?, j , k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_2_end) - // stack: j , k, sqr {200: y0, 212: y2, 224: y4} + // stack: j , k, sqr {12: y0, 24: y2, 36: y4} %sub_const(1) - // stack: j-1, k, sqr {200: y0, 212: y2, 224: y4} + // stack: j-1, k, sqr {12: y0, 24: y2, 36: y4} DUP1 %mload_kernel_code(power_data_2) - // stack: ab, j-1, k, sqr {200: y0, 212: y2, 224: y4} + // stack: ab, j-1, k, sqr {12: y0, 24: y2, 36: y4} DUP1 %lt_const(10) - // stack: skip?, ab, j-1, k, sqr {200: y0, 212: y2, 224: y4} + // stack: skip?, ab, j-1, k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_2_b) - // stack: ab, j-1, k, sqr {200: y0, 212: y2, 224: y4} + // stack: ab, j-1, k, sqr {12: y0, 24: y2, 36: y4} %sub_const(10) - // stack: b, j-1, k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (212, 212, power_loop_2_b) - // stack: 212, 212, power_loop_2_b, b, j-1, k, sqr {200: y0, 212: y2, 224: y4} + // stack: b, j-1, k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (24, 24, power_loop_2_b) + // stack: 24, 24, power_loop_2_b, b, j-1, k, sqr {12: y0, 24: y2, 36: y4} DUP7 - // stack: sqr, 212, 212, power_loop_2_b, b, j-1, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 24, 24, power_loop_2_b, b, j-1, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_2_b: - // stack: b, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: b, j, k, sqr {12: y0, 24: y2, 36: y4} ISZERO - // stack: skip?, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: skip?, j, k, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_2_sq) - // stack: j, k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (200, 200, power_loop_2_sq) - // stack: 200, 200, power_loop_2_sq, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: j, k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (12, 12, power_loop_2_sq) + // stack: 12, 12, power_loop_2_sq, j, k, sqr {12: y0, 24: y2, 36: y4} DUP6 - // stack: sqr, 200, 200, power_loop_2_sq, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 12, 12, power_loop_2_sq, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_2_sq: - // stack: j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: j, k, sqr {12: y0, 24: y2, 36: y4} PUSH power_loop_2 - // stack: power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4} DUP4 DUP1 - // stack: sqr, sqr, power_loop_2, j, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, sqr, power_loop_2, j, k, sqr {12: y0, 24: y2, 36: y4} %jump(square_fp254_12) power_loop_2_end: - // stack: 0, k, sqr {200: y0, 212: y2, 224: y4} + // stack: 0, k, sqr {12: y0, 24: y2, 36: y4} POP - // stack: k, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (212, 212, power_loop_0) - // stack: 212, 212, power_loop_0, k, sqr {200: y0, 212: y2, 224: y4} + // stack: k, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (24, 24, power_loop_0) + // stack: 24, 24, power_loop_0, k, sqr {12: y0, 24: y2, 36: y4} DUP5 - // stack: sqr, 212, 212, power_loop_0, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 24, 24, power_loop_0, k, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_0: - // stack: k , sqr {200: y0, 212: y2, 224: y4} + // stack: k , sqr {12: y0, 24: y2, 36: y4} DUP1 ISZERO - // stack: break?, k , sqr {200: y0, 212: y2, 224: y4} + // stack: break?, k , sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_0_end) - // stack: k , sqr {200: y0, 212: y2, 224: y4} + // stack: k , sqr {12: y0, 24: y2, 36: y4} %sub_const(1) - // stack: k-1, sqr {200: y0, 212: y2, 224: y4} + // stack: k-1, sqr {12: y0, 24: y2, 36: y4} DUP1 %mload_kernel_code(power_data_0) - // stack: a, k-1, sqr {200: y0, 212: y2, 224: y4} + // stack: a, k-1, sqr {12: y0, 24: y2, 36: y4} ISZERO - // stack: skip?, k-1, sqr {200: y0, 212: y2, 224: y4} + // stack: skip?, k-1, sqr {12: y0, 24: y2, 36: y4} %jumpi(power_loop_0_sq) - // stack: k-1, sqr {200: y0, 212: y2, 224: y4} - %stack () -> (200, 200, power_loop_0_sq) - // stack: 200, 200, power_loop_0_sq, k-1, sqr {200: y0, 212: y2, 224: y4} + // stack: k-1, sqr {12: y0, 24: y2, 36: y4} + %stack () -> (12, 12, power_loop_0_sq) + // stack: 12, 12, power_loop_0_sq, k-1, sqr {12: y0, 24: y2, 36: y4} DUP5 - // stack: sqr, 200, 200, power_loop_0_sq, k-1, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, 12, 12, power_loop_0_sq, k-1, sqr {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) power_loop_0_sq: - // stack: k, sqr {200: y0, 212: y2, 224: y4} + // stack: k, sqr {12: y0, 24: y2, 36: y4} PUSH power_loop_0 - // stack: power_loop_0, k, sqr {200: y0, 212: y2, 224: y4} + // stack: power_loop_0, k, sqr {12: y0, 24: y2, 36: y4} DUP3 DUP1 - // stack: sqr, sqr, power_loop_0, k, sqr {200: y0, 212: y2, 224: y4} + // stack: sqr, sqr, power_loop_0, k, sqr {12: y0, 24: y2, 36: y4} %jump(square_fp254_12) power_loop_0_end: - // stack: 0, sqr {200: y0, 212: y2, 224: y4} - %stack (i, sqr) -> (200, sqr, 200, custom_powers) - // stack: 200, sqr, 200, custom_powers {200: y0, 212: y2, 224: y4} + // stack: 0, sqr {12: y0, 24: y2, 36: y4} + %stack (i, sqr) -> (12, sqr, 12, custom_powers) + // stack: 12, sqr, 12, custom_powers {12: y0, 24: y2, 36: y4} %jump(mul_fp254_12) diff --git a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/tate_pairing.asm b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/tate_pairing.asm index a4cebd72..f09684bd 100644 --- a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/tate_pairing.asm +++ b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/tate_pairing.asm @@ -109,35 +109,35 @@ mul_tangent: // stack: out, out, mul_tangent_1, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out %jump(square_fp254_12) mul_tangent_1: - // stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out + // stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out DUP13 DUP13 DUP13 DUP13 - // stack: Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out + // stack: Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out DUP11 DUP11 - // stack: O, Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out + // stack: O, Q, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out %tangent - // stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {100: line} - %stack (out) -> (out, 100, out) - // stack: out, 100, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {100: line} + // stack: out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {0: line} + %stack (out) -> (out, 0, out) + // stack: out, 0, out, mul_tangent_2, retdest, 0xnm, times, O, P, Q, out {0: line} %jump(mul_fp254_12_sparse) mul_tangent_2: - // stack: retdest, 0xnm, times, O, P, Q, out {100: line} + // stack: retdest, 0xnm, times, O, P, Q, out {0: line} PUSH after_double - // stack: after_double, retdest, 0xnm, times, O, P, Q, out {100: line} + // stack: after_double, retdest, 0xnm, times, O, P, Q, out {0: line} DUP6 DUP6 - // stack: O, after_double, retdest, 0xnm, times, O, P, Q, out {100: line} + // stack: O, after_double, retdest, 0xnm, times, O, P, Q, out {0: line} %jump(bn_double) after_double: - // stack: 2*O, retdest, 0xnm, times, O, P, Q, out {100: line} + // stack: 2*O, retdest, 0xnm, times, O, P, Q, out {0: line} SWAP5 POP SWAP5 POP - // stack: retdest, 0xnm, times, 2*O, P, Q, out {100: line} + // stack: retdest, 0xnm, times, 2*O, P, Q, out {0: line} JUMP /// def mul_cord() @@ -146,26 +146,26 @@ after_double: /// O += P mul_cord: - // stack: 0xnm, times, O, P, Q, out + // stack: 0xnm, times, O, P, Q, out PUSH mul_cord_1 - // stack: mul_cord_1, 0xnm, times, O, P, Q, out + // stack: mul_cord_1, 0xnm, times, O, P, Q, out DUP11 DUP11 DUP11 DUP11 - // stack: Q, mul_cord_1, 0xnm, times, O, P, Q, out + // stack: Q, mul_cord_1, 0xnm, times, O, P, Q, out DUP9 DUP9 - // stack: O, Q, mul_cord_1, 0xnm, times, O, P, Q, out + // stack: O, Q, mul_cord_1, 0xnm, times, O, P, Q, out DUP13 DUP13 - // stack: P, O, Q, mul_cord_1, 0xnm, times, O, P, Q, out + // stack: P, O, Q, mul_cord_1, 0xnm, times, O, P, Q, out %cord - // stack: mul_cord_1, 0xnm, times, O, P, Q, out {100: line} + // stack: mul_cord_1, 0xnm, times, O, P, Q, out {0: line} DUP12 - // stack: out, mul_cord_1, 0xnm, times, O, P, Q, out {100: line} - %stack (out) -> (out, 100, out) - // stack: out, 100, out, mul_cord_1, 0xnm, times, O, P, Q, out {100: line} + // stack: out, mul_cord_1, 0xnm, times, O, P, Q, out {0: line} + %stack (out) -> (out, 0, out) + // stack: out, 0, out, mul_cord_1, 0xnm, times, O, P, Q, out {0: line} %jump(mul_fp254_12_sparse) mul_cord_1: // stack: 0xnm, times, O , P, Q, out @@ -202,7 +202,7 @@ after_add: // stack: py^2 , 9, px, py, qx, qx_, qy, qy_ SUBFP254 // stack: py^2 - 9, px, py, qx, qx_, qy, qy_ - %mstore_kernel_bn254_pairing(100) + %mstore_kernel_bn254_pairing(0) // stack: px, py, qx, qx_, qy, qy_ DUP1 MULFP254 @@ -218,7 +218,7 @@ after_add: DUP3 MULFP254 // stack: (-3*px^2)qx, py, -3px^2, qx_, qy, qy_ - %mstore_kernel_bn254_pairing(102) + %mstore_kernel_bn254_pairing(2) // stack: py, -3px^2, qx_, qy, qy_ PUSH 2 MULFP254 @@ -228,15 +228,15 @@ after_add: DUP4 MULFP254 // stack: (2py)qy, -3px^2, qx_, 2py, qy_ - %mstore_kernel_bn254_pairing(108) + %mstore_kernel_bn254_pairing(8) // stack: -3px^2, qx_, 2py, qy_ MULFP254 // stack: (-3px^2)*qx_, 2py, qy_ - %mstore_kernel_bn254_pairing(103) + %mstore_kernel_bn254_pairing(3) // stack: 2py, qy_ MULFP254 // stack: (2py)*qy_ - %mstore_kernel_bn254_pairing(109) + %mstore_kernel_bn254_pairing(9) %endmacro /// def cord(p1x, p1y, p2x, p2y, qx, qy): @@ -258,7 +258,7 @@ after_add: // stack: p1y*p2x , p2y*p1x, p1x , p1y, p2x , p2y, qx, qx_, qy, qy_ SUBFP254 // stack: p1y*p2x - p2y*p1x, p1x , p1y, p2x , p2y, qx, qx_, qy, qy_ - %mstore_kernel_bn254_pairing(100) + %mstore_kernel_bn254_pairing(0) // stack: p1x , p1y, p2x , p2y, qx, qx_, qy, qy_ SWAP3 // stack: p2y , p1y, p2x , p1x, qx, qx_, qy, qy_ @@ -273,20 +273,20 @@ after_add: DUP5 MULFP254 // stack: (p1x - p2x)qy, p2y - p1y, qx, qx_, p1x - p2x, qy_ - %mstore_kernel_bn254_pairing(108) + %mstore_kernel_bn254_pairing(8) // stack: p2y - p1y, qx, qx_, p1x - p2x, qy_ SWAP1 // stack: qx, p2y - p1y, qx_, p1x - p2x, qy_ DUP2 MULFP254 // stack: (p2y - p1y)qx, p2y - p1y, qx_, p1x - p2x, qy_ - %mstore_kernel_bn254_pairing(102) + %mstore_kernel_bn254_pairing(2) // stack: p2y - p1y, qx_, p1x - p2x, qy_ MULFP254 // stack: (p2y - p1y)qx_, p1x - p2x, qy_ - %mstore_kernel_bn254_pairing(103) + %mstore_kernel_bn254_pairing(3) // stack: p1x - p2x, qy_ MULFP254 // stack: (p1x - p2x)*qy_ - %mstore_kernel_bn254_pairing(109) + %mstore_kernel_bn254_pairing(9) %endmacro diff --git a/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/degree_12_mul.asm b/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/degree_12_mul.asm index 9b3e67cf..5fd47e80 100644 --- a/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/degree_12_mul.asm +++ b/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/degree_12_mul.asm @@ -66,73 +66,73 @@ mul_fp254_12_1: // stack: f'g', g' , f', inA, inB, out %dup_fp254_6_0 // stack: f'g', f'g', g' , f', inA, inB, out - %store_fp254_6_sh(0) - // stack: f'g', g' , f', inA, inB, out {0: sh(f'g')} - %store_fp254_6(6) - // stack: g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + %store_fp254_6_sh(84) + // stack: f'g', g' , f', inA, inB, out {84: sh(f'g')} + %store_fp254_6(90) + // stack: g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'} DUP13 - // stack: inA, g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: inA, g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'} DUP15 - // stack: inB, inA, g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: inB, inA, g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'} %load_fp254_6 - // stack: g , inA, g' , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: g , inA, g' , f', inA, inB, out {84: sh(f'g'), 90: f'g'} %stack (f: 6, x, g: 6) -> (g, x, f) - // stack: g', inA, g , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: g', inA, g , f', inA, inB, out {84: sh(f'g'), 90: f'g'} %dup_fp254_6_7 - // stack: g,g', inA, g , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: g,g', inA, g , f', inA, inB, out {84: sh(f'g'), 90: f'g'} %add_fp254_6 - // stack: g+g', inA, g , f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: g+g', inA, g , f', inA, inB, out {84: sh(f'g'), 90: f'g'} %stack (f: 6, x, g: 6) -> (g, x, f) - // stack: g, inA, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: g, inA, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'} PUSH mul_fp254_12_2 - // stack: mul_fp254_12_2, g, inA, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: mul_fp254_12_2, g, inA, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'} SWAP7 - // stack: inA, g, mul_fp254_12_2, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: inA, g, mul_fp254_12_2, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'} %load_fp254_6 - // stack: f, g, mul_fp254_12_2, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'} + // stack: f, g, mul_fp254_12_2, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'} %jump(mul_fp254_6) mul_fp254_12_2: - // stack: fg, g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g'} - %store_fp254_6(12) - // stack: g+g', f', inA, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: fg, g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g'} + %store_fp254_6(96) + // stack: g+g', f', inA, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %stack (x: 6, y: 6) -> (y, x) - // stack: f', g+g', inA, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: f', g+g', inA, inB, out {84: sh(f'g'), 90: f'g', 96: fg} PUSH mul_fp254_12_3 - // stack: mul_fp254_12_3, f', g+g', inA, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: mul_fp254_12_3, f', g+g', inA, inB, out {84: sh(f'g'), 90: f'g', 96: fg} SWAP13 - // stack: inA, f', g+g', mul_fp254_12_3, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: inA, f', g+g', mul_fp254_12_3, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %load_fp254_6 - // stack: f,f', g+g', mul_fp254_12_3, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: f,f', g+g', mul_fp254_12_3, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %add_fp254_6 - // stack: f+f', g+g', mul_fp254_12_3, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: f+f', g+g', mul_fp254_12_3, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %jump(mul_fp254_6) mul_fp254_12_3: - // stack: (f+f')(g+g'), inB, out {0: sh(f'g'), 6: f'g', 12: fg} - %load_fp254_6(12) - // stack: fg, (f+f')(g+g'), inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: (f+f')(g+g'), inB, out {84: sh(f'g'), 90: f'g', 96: fg} + %load_fp254_6(96) + // stack: fg, (f+f')(g+g'), inB, out {84: sh(f'g'), 90: f'g', 96: fg} %stack (x: 6, y: 6) -> (y, x) - // stack: (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %dup_fp254_6_6 - // stack: fg, (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} - %load_fp254_6(6) - // stack: f'g',fg, (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: fg, (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} + %load_fp254_6(90) + // stack: f'g',fg, (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %add_fp254_6 - // stack: f'g'+fg, (f+f')(g+g'), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: f'g'+fg, (f+f')(g+g'), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %subr_fp254_6 - // stack: (f+f')(g+g') - (f'g'+fg), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: (f+f')(g+g') - (f'g'+fg), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} DUP14 %add_const(6) - // stack: out', (f+f')(g+g') - (f'g'+fg), fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: out', (f+f')(g+g') - (f'g'+fg), fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %store_fp254_6 - // stack: fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} - %load_fp254_6(0) - // stack: sh(f'g') , fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} + %load_fp254_6(84) + // stack: sh(f'g') , fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %add_fp254_6 - // stack: sh(f'g') + fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: sh(f'g') + fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} DUP8 - // stack: out, sh(f'g') + fg, inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: out, sh(f'g') + fg, inB, out {84: sh(f'g'), 90: f'g', 96: fg} %store_fp254_6 - // stack: inB, out {0: sh(f'g'), 6: f'g', 12: fg} + // stack: inB, out {84: sh(f'g'), 90: f'g', 96: fg} %pop2 JUMP diff --git a/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/inverse.asm b/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/inverse.asm index 72ca051b..8e821f82 100644 --- a/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/inverse.asm +++ b/evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/inverse.asm @@ -29,12 +29,12 @@ global inv_fp254_12: // stack: out, f^-1, inp, out, retdest %store_fp254_12 // stack: inp, out, retdest - %stack (inp, out) -> (inp, out, 50, check_inv_fp254_12) - // stack: inp, out, 50, check_inv_fp254_12, retdest + %stack (inp, out) -> (inp, out, 72, check_inv_fp254_12) + // stack: inp, out, 72, check_inv_fp254_12, retdest %jump(mul_fp254_12) check_inv_fp254_12: // stack: retdest - PUSH 50 + PUSH 72 %load_fp254_12 // stack: unit?, retdest %assert_eq_unit_fp254_12 diff --git a/evm/src/cpu/kernel/tests/bn254.rs b/evm/src/cpu/kernel/tests/bn254.rs index a4c81ab2..4643351a 100644 --- a/evm/src/cpu/kernel/tests/bn254.rs +++ b/evm/src/cpu/kernel/tests/bn254.rs @@ -94,8 +94,8 @@ fn test_mul_fp6() -> Result<()> { } fn setup_mul_fp12_test(out: usize, f: Fp12, g: Fp12, label: &str) -> InterpreterSetup { - let in0: usize = 64; - let in1: usize = 76; + let in0: usize = 200; + let in1: usize = 212; let mut stack = vec![ U256::from(in0), @@ -115,7 +115,7 @@ fn setup_mul_fp12_test(out: usize, f: Fp12, g: Fp12, label: &str) -> Interpreter #[test] fn test_mul_fp12() -> Result<()> { - let out: usize = 88; + let out: usize = 224; let mut rng = rand::thread_rng(); let f: Fp12 = rng.gen::(); @@ -191,7 +191,7 @@ fn setup_frob_fp12_test(ptr: usize, f: Fp12, label: &str) -> InterpreterSetup { #[test] fn test_frob_fp12() -> Result<()> { - let ptr: usize = 100; + let ptr: usize = 200; let mut rng = rand::thread_rng(); let f: Fp12 = rng.gen::(); @@ -226,8 +226,8 @@ fn test_frob_fp12() -> Result<()> { #[test] fn test_inv_fp12() -> Result<()> { - let ptr: usize = 100; - let inv: usize = 112; + let ptr: usize = 200; + let inv: usize = 212; let mut rng = rand::thread_rng(); let f: Fp12 = rng.gen::(); @@ -247,7 +247,7 @@ fn test_inv_fp12() -> Result<()> { #[test] fn test_invariant_exponent() -> Result<()> { - let ptr: usize = 400; + let ptr: usize = 200; let mut rng = rand::thread_rng(); let f: Fp12 = rng.gen::(); @@ -348,8 +348,8 @@ fn test_miller() -> Result<()> { #[test] fn test_tate() -> Result<()> { - let ptr: usize = 300; - let out: usize = 400; + let ptr: usize = 200; + let out: usize = 206; let inputs: Vec = vec![ CURVE_GENERATOR.x.val, CURVE_GENERATOR.y.val,