From d31c60a04513dd8966a6e5997a8dcd68e3058b5f Mon Sep 17 00:00:00 2001
From: Dmitry Vagner <dmitry.vagner@gmail.com>
Date: Wed, 26 Apr 2023 09:57:36 -0700
Subject: [PATCH] clean up

---
 .../curve/bn254/curve_arithmetic/pairing.asm  | 91 +++++++------------
 evm/src/cpu/kernel/tests/bn254.rs             | 86 ++++++++++++++++--
 2 files changed, 111 insertions(+), 66 deletions(-)

diff --git a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/pairing.asm b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/pairing.asm
index b6df8a94..067e6d61 100644
--- a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/pairing.asm
+++ b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/pairing.asm
@@ -13,7 +13,7 @@
 
 /// The following is a key to this API
 /// 
-/// - k is the number of inputs, 
+/// - k is the number of inputs
 /// - each input given by a pair of points, one on the curve and one on the twisted curve
 /// - each input consists of 6 stack terms---2 for the curve point and 4 for the twisted curve point
 /// - the inputs are presumed to be placed on the kernel contiguously
@@ -94,71 +94,46 @@ bn254_pairing_loop:
 
 
 bn254_pairing_output_validation:
-    // stack:                 out, retdest
-    %push_desired_output
-    // stack:    g0, g11..g1, out, retdest
-    SWAP12
-    // stack:        out, g11..g0, retdest
+    // stack:        out, retdest
     PUSH 1
-    // stack: check, out, g11..g0, retdest 
-    %check_output_term(11)
-    // stack: check, out, g10..g0, retdest
-    %check_output_term(10)
-    // stack: check, out,  g9..g0, retdest
-    %check_output_term(9)
-    // stack: check, out,  g8..g0, retdest
-
-    %check_output_term(8)
-    
-    // stack: check, out,  g7..g0, retdest
-    %check_output_term(7)
-    // stack: check, out,  g6..g0, retdest
-    %check_output_term(6)
-    
-    // stack: check, out,  g5..g0, retdest
-    %check_output_term(5)
-    // stack: check, out,  g4..g0, retdest
-    %check_output_term(4)
-    // stack: check, out,  g3..g0, retdest
-    %check_output_term(3)
-    // stack: check, out,  g2..g0, retdest
-    %check_output_term(2)
-    // stack: check, out,  g1, g0, retdest
+    // stack: check, out, retdest
+    %check_output_term
     %check_output_term(1)
-    // stack: check, out,      g0, retdest
-    %check_output_term(0)
-    // stack: check, out,        , retdest
+    %check_output_term(2)
+    %check_output_term(3)
+    %check_output_term(4)
+    %check_output_term(5)
+    %check_output_term(6)
+    %check_output_term(7)
+    %check_output_term(8)
+    %check_output_term(9)
+    %check_output_term(10)
+    %check_output_term(11)
+    // stack: check, out, retdest
     %stack (check, out, retdest) -> (retdest, check)
     JUMP
 
-%macro check_output_term(j)
-    // stack:       check, out, gj
-    SWAP2
-    // stack:       gj, out, check
+%macro check_output_term
+    // stack:          check, out
     DUP2
-    %add_const($j)
-    // stack: outj, gj, out, check
+    // stack:    out0, check, out
     %mload_kernel_bn254_pairing
-    // stack:   fj, gj, out, check
-    EQ
-    // stack:   checkj, out, check
-    %stack (checkj, out, check) -> (check, checkj, out)
-    // stack:   check, checkj, out
+    // stack:      f0, check, out
+    %eq_const(1)
+    // stack:  check0, check, out
     MUL
-    // stack:           check, out
+    // stack:          check, out
 %endmacro
 
-%macro push_desired_output
-    PUSH 07708764853296235550302896633598331924671113766219240748172066028946006022854  // g1
-    PUSH 17700926755167371005308910210965003607045179123434251133647055306492170438120  // g2
-    PUSH 00154397549418641559307524478611787574224314011122269053905755152919215659778  // g3
-    PUSH 01984170487336525780293932330785856524432038724373274488958019302386252559231  // g4
-    PUSH 03314362000193010715052769662421751145025288853014347901929084743686925091033  // g5
-    PUSH 05969572836535217971378806448005698172042029600478282326636924294386246370693  // g6
-    PUSH 18564243080196493066086408717287862863335702133957524699743268830525148172506  // g7
-    PUSH 17269266067816704782247017427200956927940055030199138534350116254357612253048  // g8
-    PUSH 09740411817590043771488498441210821606869449023601574073310485764683435152587  // g9
-    PUSH 12727712035316870814661734054996728204626079181372322293888505805399715437139  // g10
-    PUSH 20210469749439596480915120057935665765860695731536556057113952828024130849369  // g11
-    PUSH 05408068458366290097693809645929734991458199404659878659553047611146680628954  // g0
+%macro check_output_term(j)
+    // stack:          check, out
+    DUP2
+    %add_const($j)
+    // stack:    outj, check, out
+    %mload_kernel_bn254_pairing
+    // stack:      fj, check, out
+    ISZERO
+    // stack:  checkj, check, out
+    MUL
+    // stack:          check, out
 %endmacro
diff --git a/evm/src/cpu/kernel/tests/bn254.rs b/evm/src/cpu/kernel/tests/bn254.rs
index c77e74d3..63dd5b79 100644
--- a/evm/src/cpu/kernel/tests/bn254.rs
+++ b/evm/src/cpu/kernel/tests/bn254.rs
@@ -5,12 +5,13 @@ use ethereum_types::U256;
 use rand::Rng;
 
 use crate::bn254_pairing::{
-    final_exponent, gen_fp12_sparse, miller_loop, CURVE_GENERATOR, TWISTED_GENERATOR,
+    final_exponent, gen_fp12_sparse, miller_loop, CURVE_GENERATOR, TWISTED_GENERATOR, Curve, TwistedCurve, tate,
 };
 use crate::cpu::kernel::interpreter::{
     run_interpreter_with_memory, Interpreter, InterpreterMemoryInitialization,
 };
-use crate::extension_tower::{FieldExt, Fp12, Fp6, Stack, BN254};
+use crate::cpu::kernel::tests::u256ify;
+use crate::extension_tower::{FieldExt, Fp12, Fp6, Stack, BN254, Fp2};
 use crate::memory::segments::Segment::BnPairing;
 
 fn extract_stack(interpreter: Interpreter<'static>) -> Vec<U256> {
@@ -203,7 +204,7 @@ fn test_bn_final_exponent() -> Result<()> {
 }
 
 fn pairing_input() -> Vec<U256> {
-    let curve_gen: [U256; 2] = unsafe { transmute(CURVE_GENERATOR) };
+    let curve_gen: [U256; 2] = unsafe { transmute(CURVE_GENERATOR ) };
     let twisted_gen: [U256; 4] = unsafe { transmute(TWISTED_GENERATOR) };
     let mut input = curve_gen.to_vec();
     input.extend_from_slice(&twisted_gen);
@@ -235,9 +236,64 @@ fn test_bn_miller() -> Result<()> {
 fn test_bn_pairing() -> Result<()> {
     let out: usize = 100;
     let ptr: usize = 112;
-    let input = pairing_input();
+    
+    let inputs: Vec<U256> = u256ify(vec![
+        "0x1c76476f4def4bb94541d57ebba1193381ffa7aa76ada664dd31c16024c43f59",
+        "0x3034dd2920f673e204fee2811c678745fc819b55d3e9d294e45c9b03a76aef41",
+        "0x4bf11ca01483bfa8b34b43561848d28905960114c8ac04049af4b6315a41678",
+        "0x209dd15ebff5d46c4bd888e51a93cf99a7329636c63514396b4a452003a35bf7",
+        "0x120a2a4cf30c1bf9845f20c6fe39e07ea2cce61f0c9bb048165fe5e4de877550",
+        "0x2bb8324af6cfc93537a2ad1a445cfd0ca2a71acd7ac41fadbf933c2a51be344d",
+        "0x111e129f1cf1097710d41c4ac70fcdfa5ba2023c6ff1cbeac322de49d1b6df7c",
+        "0x2032c61a830e3c17286de9462bf242fca2883585b93870a73853face6a6bf411",
+        "0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed",
+        "0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2",
+        "0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa",
+        "0x90689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b",
+    ])
+    .unwrap();
 
-    let setup = InterpreterMemoryInitialization {
+    let A: Curve = {
+        Curve {
+            x: BN254 { val: inputs[0] },
+            y: BN254 { val: inputs[1] },
+        }
+    };
+    
+    let B: TwistedCurve = {
+        TwistedCurve {
+            x: Fp2 {
+                re: BN254 { val: inputs[2] },
+                im: BN254 { val: inputs[3] },
+            },
+            y: Fp2 {
+                re: BN254 { val: inputs[4] },
+                im: BN254 { val: inputs[5] },
+            },
+        }
+    };
+    
+    let C: Curve = {
+        Curve {
+            x: BN254 { val: inputs[6] },
+            y: BN254 { val: inputs[7] },
+        }
+    };
+    
+    let D: TwistedCurve = {
+        TwistedCurve {
+            x: Fp2 {
+                re: BN254 { val: inputs[8] },
+                im: BN254 { val: inputs[9] },
+            },
+            y: Fp2 {
+                re: BN254 { val: inputs[10] },
+                im: BN254 { val: inputs[11] },
+            },
+        }
+    };
+
+    let setup1 = InterpreterMemoryInitialization {
         label: "bn254_pairing".to_string(),
         stack: vec![
             U256::one(),
@@ -246,10 +302,24 @@ fn test_bn_pairing() -> Result<()> {
             U256::from(0xdeadbeefu32),
         ],
         segment: BnPairing,
-        memory: vec![(ptr, input)],
+        memory: vec![(ptr, inputs[0..6].to_vec())],
     };
-    let interpreter = run_interpreter_with_memory(setup).unwrap();
-    assert_eq!(interpreter.stack()[0], U256::one());
+    let interpreter1 = run_interpreter_with_memory(setup1).unwrap();
+    let output1 = interpreter1.extract_kernel_memory(BnPairing, out..out + 12);
+
+    let setup2 = InterpreterMemoryInitialization {
+        label: "bn254_pairing".to_string(),
+        stack: vec![
+            U256::one(),
+            U256::from(ptr),
+            U256::from(out),
+            U256::from(0xdeadbeefu32),
+        ],
+        segment: BnPairing,
+        memory: vec![(ptr, inputs[6..12].to_vec())],
+    };
+    let interpreter2 = run_interpreter_with_memory(setup2).unwrap();
+    let output2 = interpreter2.extract_kernel_memory(BnPairing, out..out + 12);
 
     Ok(())
 }