logos-storage/plonky2
1
0
Fork 0
mirror of https://github.com/logos-storage/plonky2.git synced 2026-05-28 12:49:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

better comments

Browse Source
This commit is contained in:
Dmitry Vagner 2023-01-25 15:31:32 +07:00
parent f0a6ec9535
commit f70243e70c
2 changed files with 164 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
evm/src/bn254_pairing.rs
View File

@ -129,15 +129,125 @@ pub fn invariance_inducing_power(f: Fp12) -> Fp12 {
y.frob(3) * y_a2.frob(2) * y_a1.frob(1) * y_a0 y.frob(3) * y_a2.frob(2) * y_a1.frob(1) * y_a0
} }
/// Given an f: Fp12, this function computes /// We first together (so as to avoid repeated steps) compute
/// y^a2, y^(-a1), y^(-a0)
/// by first computing
/// y^a4, y^a2, y^a0 /// y^a4, y^a2, y^a0
/// where a1 is given by /// where a1 is given by
/// a1 = a4 + 2a2 - a0 /// a1 = a4 + 2a2 - a0
/// thus what remains is inverting y^a0 and returning /// we then invert y^a0 and return
/// y^a2, y^a4 * y^a2 * y^a2 * y^(-a0), y^(-a0) /// y^a2, y^a1 = y^a4 * y^a2 * y^a2 * y^(-a0), y^(-a0)
///
/// Represent a4, a2, a0 in *little endian* binary, define
/// EXPS4 = [(a4[i], a2[i], a0[i]) for i in 0..len(a4)]
/// EXPS2 = [ (a2[i], a0[i]) for i in len(a4)..len(a2)]
/// EXPS0 = [ a0[i] for i in len(a2)..len(a0)]
fn get_custom_powers(f: Fp12) -> (Fp12, Fp12, Fp12) { fn get_custom_powers(f: Fp12) -> (Fp12, Fp12, Fp12) {
let mut sq: Fp12 = f;
let mut y0: Fp12 = UNIT_FP12;
let mut y2: Fp12 = UNIT_FP12;
let mut y4: Fp12 = UNIT_FP12;
// proceed via standard squaring algorithm for exponentiation
// must keep multiplying all three values: a4, a2, a0
for (a, b, c) in EXPS4 {
if a != 0 {
y4 = y4 * sq;
}
if b != 0 {
y2 = y2 * sq;
}
if c != 0 {
y0 = y0 * sq;
}
sq = sq * sq;
}
// leading term of a4 is always 1
y4 = y4 * sq;
// must keep multiplying remaining two values: a2, a0
for (a, b) in EXPS2 {
if a != 0 {
y2 = y2 * sq;
}
if b != 0 {
y0 = y0 * sq;
}
sq = sq * sq;
}
// leading term of a2 is always 1
y2 = y2 * sq;
// must keep multiplying remaining value: a0
for a in EXPS0 {
if a != 0 {
y0 = y0 * sq;
}
sq = sq * sq;
}
// leading term of a0 is always 1
y0 = y0 * sq;
// invert y0 to compute y^(-a0)
let y0_inv = y0.inv();
// return y2, y1 = y4 * y2^2 * y^(-a0), y^(-a0)
(y2, y4 * y2 * y2 * y0_inv, y0_inv)
}
// The curve is cyclic with generator (1, 2)
pub const CURVE_GENERATOR: Curve = {
Curve {
x: Fp { val: U256::one() },
y: Fp {
val: U256([2, 0, 0, 0]),
},
}
};
// The twisted curve is cyclic with generator (x, y) as follows
pub const TWISTED_GENERATOR: TwistedCurve = {
TwistedCurve {
x: Fp2 {
re: Fp {
val: U256([
0x46debd5cd992f6ed,
0x674322d4f75edadd,
0x426a00665e5c4479,
0x1800deef121f1e76,
]),
},
im: Fp {
val: U256([
0x97e485b7aef312c2,
0xf1aa493335a9e712,
0x7260bfb731fb5d25,
0x198e9393920d483a,
]),
},
},
y: Fp2 {
re: Fp {
val: U256([
0x4ce6cc0166fa7daa,
0xe3d1e7690c43d37b,
0x4aab71808dcb408f,
0x12c85ea5db8c6deb,
]),
},
im: Fp {
val: U256([
0x55acdadcd122975b,
0xbc4b313370b38ef3,
0xec9e99ad690c3395,
0x090689d0585ff075,
]),
},
},
}
};
/// The folowing constants are defined above get_custom_powers
const EXPS4: [(usize, usize, usize); 64] = [ const EXPS4: [(usize, usize, usize); 64] = [
(1, 1, 0), (1, 1, 0),
(1, 1, 1), (1, 1, 1),
@ -271,101 +381,7 @@ fn get_custom_powers(f: Fp12) -> (Fp12, Fp12, Fp12) {
]; ];
const EXPS0: [usize; 65] = [ const EXPS0: [usize; 65] = [
0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0,
0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1,
0, 0, 1, 1, 0, 0,
]; ];
let mut sq: Fp12 = f;
let mut y0: Fp12 = UNIT_FP12;
let mut y2: Fp12 = UNIT_FP12;
let mut y4: Fp12 = UNIT_FP12;
for (a, b, c) in EXPS4 {
if a != 0 {
y4 = y4 * sq;
}
if b != 0 {
y2 = y2 * sq;
}
if c != 0 {
y0 = y0 * sq;
}
sq = sq * sq;
}
y4 = y4 * sq;
for (a, b) in EXPS2 {
if a != 0 {
y2 = y2 * sq;
}
if b != 0 {
y0 = y0 * sq;
}
sq = sq * sq;
}
y2 = y2 * sq;
for a in EXPS0 {
if a != 0 {
y0 = y0 * sq;
}
sq = sq * sq;
}
y0 = y0 * sq;
let y0_inv = y0.inv();
(y2, y4 * y2 * y2 * y0_inv, y0_inv)
}
// The curve is cyclic with generator (1, 2)
pub const CURVE_GENERATOR: Curve = {
Curve {
x: Fp { val: U256::one() },
y: Fp {
val: U256([2, 0, 0, 0]),
},
}
};
// The twisted curve is cyclic with generator (x, y) as follows
pub const TWISTED_GENERATOR: TwistedCurve = {
TwistedCurve {
x: Fp2 {
re: Fp {
val: U256([
0x46debd5cd992f6ed,
0x674322d4f75edadd,
0x426a00665e5c4479,
0x1800deef121f1e76,
]),
},
im: Fp {
val: U256([
0x97e485b7aef312c2,
0xf1aa493335a9e712,
0x7260bfb731fb5d25,
0x198e9393920d483a,
]),
},
},
y: Fp2 {
re: Fp {
val: U256([
0x4ce6cc0166fa7daa,
0xe3d1e7690c43d37b,
0x4aab71808dcb408f,
0x12c85ea5db8c6deb,
]),
},
im: Fp {
val: U256([
0x55acdadcd122975b,
0xbc4b313370b38ef3,
0xec9e99ad690c3395,
0x090689d0585ff075,
]),
},
},
}
};