neutral input

2026-01-03 22:33:06 +00:00 · 2023-04-28 18:23:08 -07:00 · 2023-04-28 18:23:08 -07:00 · f9aad433fe
commit f9aad433fe
parent 9b18b3aeec
2 changed files with 51 additions and 11 deletions
--- a/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/pairing.asm
+++ b/evm/src/cpu/kernel/asm/curve/bn254/curve_arithmetic/pairing.asm
@ -76,21 +76,37 @@ bn254_pairing_start:
    // stack:         k, inp, out, final_label, out, retdest

 bn254_pairing_loop:
-    // stack:       k, inp, out, final_label
+    // stack:               k, inp, out, final_label
    DUP1
    ISZERO
-    // stack: end?, k, inp, out, final_label
+    // stack:         end?, k, inp, out, final_label
    %jumpi(bn254_final_exponent)
-    // stack:       k, inp, out, final_label
+    // stack:               k, inp, out, final_label
    %sub_const(1)
-    // stack:   k=k-1, inp, out, final_label
-
-    %stack (k, inp, out) -> (k, inp, 0, mul_fp254_12, 0, out, out, bn254_pairing_loop, k, inp, out)
-    // stack: k, inp, 0, mul_fp254_12, 0, out, out, bn254_pairing_loop, k, inp, out, final_label
+    // stack:           k=k-1, inp, out, final_label
+    %stack (k, inp) -> (k, inp, k, inp)
+    // stack:       k, inp, k, inp, out, final_label
    %mul_const(6)
    ADD
-    // stack:  inp_k, 0, mul_fp254_12, 0, out, out, bn254_pairing_loop, k, inp, out, final_label
-    %jump(bn254_miller)
+    // stack:        inp_k, k, inp, out, final_label
+    DUP1
+    %load_fp254_6
+    // stack:  P, Q, inp_k, k, inp, out, final_label
+    %neutral_input
+    // stack: skip?, inp_k, k, inp, out, final_label
+    %jumpi(bn_skip_input)
+    // stack:        inp_k, k, inp, out, final_label
+    %stack (inp_k, k, inp, out) -> (bn254_miller, inp_k, 0, mul_fp254_12, 0, out, out, bn254_pairing_loop, k, inp, out)
+    // stack: bn254_miller,       inp_k, 0, 
+    //        mul_fp254_12,       0, out, out, 
+    //        bn254_pairing_loop, k, inp, out, final_label
+    JUMP
+
+bn_skip_input:
+    // stack: inp_k, k, inp, out, final_label
+    POP
+    // stack:        k, inp, out, final_label
+    %jump(bn254_pairing_loop)


 bn254_pairing_output_validation:
@ -137,3 +153,27 @@ bn254_pairing_output_validation:
    MUL
    // stack:          check, out
 %endmacro
+
+%macro neutral_input
+    // stack: P      , Q
+    ISZERO
+    SWAP1
+    ISZERO
+    MUL
+    // stack: P==0,    Q
+    SWAP4
+    // stack: Q   , P==0
+    ISZERO
+    SWAP1
+    ISZERO
+    MUL
+    SWAP1
+    ISZERO
+    MUL
+    SWAP1
+    ISZERO
+    MUL
+    // stack: Q==0, P==0
+    OR
+    // stack: Q==0||P==0
+%endmacro
--- a/evm/src/cpu/kernel/tests/bn254.rs
+++ b/evm/src/cpu/kernel/tests/bn254.rs
@ -237,8 +237,8 @@ fn test_bn_pairing() -> Result<()> {
    let mut acc: i32 = 0;
    let mut input: Vec<U256> = vec![];
    for _ in 1..k {
-        let m: i32 = rng.gen_range(1..8);
-        let n: i32 = rng.gen_range(1..8);
+        let m: i32 = rng.gen_range(-8..8);
+        let n: i32 = rng.gen_range(-8..8);
        acc -= m * n;

        let p: Curve<BN254> = Curve::<BN254>::int(m);