Remove unused BN inversion

constantine/arithmetic/finite_fields_inversion.nim

@@ -310,48 +310,6 @@ func inv_addchain*(r: var Fp[BLS12_381], a: Fp[BLS12_381]) =
 
 # BN Curves
 # ------------------------------------------------------------
-# Efficient Pairings and ECC for Embedded Systems
-# Thomas Unterluggauer and Erich Wenger
-# https://eprint.iacr.org/2014/800.pdf
-#
-# BN curve field modulus are of the form:
-#   p = 36u^4 + 36u^3 + 24u^2 + 6u + 1
-#
-# We construct the following multiplication-squaring chain
-# a^-1 mod p = a^(p-2) mod p                 (Little Fermat Theorem)
-#            = a^(36 u^4 + 36 u^3 + 24 u^2 + 6u + 1 - 2) mod p
-#            = a^(36 u^4) . a^(36 u^3) . a^(24 u^2) . a^(6u-1) mod p
-#
-# Note: it only works for u positive, in particular BN254_Nogami doesn't work :/
-#       Is there a way to only use a^-u or even powers?
-
-func inv_addchain_bn[C](r: var Fp[C], a: Fp[C]) {.used.}=
-  ## Inversion on BN prime fields with positive base parameter `u`
-  ## via Little Fermat theorem and leveraging the prime low Hamming weight
-  ##
-  ## Requires a `bn` curve with a positive parameter `u`
-  # TODO: debug for input "0x0d2007d8aaface1b8501bfbe792974166e8f9ad6106e5b563604f0aea9ab06f6"
-  #       on BN254_Snarks see test suite (but works in Sage so aliasing issue?)
-  #
-  # For BN254_Snarks `u` and `6u-1` exponentiation are not fast enough
-  # (even with dedicated addchains)
-  # compared to an addchain on the full prime modulus
-  static: doAssert C.canUse_BN_AddchainInversion()
-
-  var v0 {.noInit.}, v1 {.noInit.}: Fp[C]
-
-  v0 = a
-  v0.powUnsafeExponent(C.getBN_param_6u_minus_1_BE()) # v0 <- a^(6u-1)
-  v1.prod(v0, a)                                      # v1 <- a^(6u)
-  v1.powUnsafeExponent(C.getBN_param_u_BE())          # v1 <- a^(6u²)
-  r.square(v1)                                        # r  <- a^(12u²)
-  v1.square(r)                                        # v1 <- a^(24u²)
-  v0 *= v1                                            # v0 <- a^(24u²) a^(6u-1)
-  v1 *= r                                             # v1 <- a^(24u²) a^(12u²) = a^(36u²)
-  v1.powUnsafeExponent(C.getBN_param_u_BE())          # v1 <- a^(36u³)
-  r.prod(v0, v1)                                      # r  <- a^(36u³) a^(24u²) a^(6u-1)
-  v1.powUnsafeExponent(C.getBN_param_u_BE())          # v1 <- a^(36u⁴)
-  r *= v1                                             # r  <- a^(36u⁴) a^(36u³) a^(24u²) a^(6u-1) = a^(p-2) = a^(-1)
 
 func inv_addchain*(r: var Fp[BN254_Snarks], a: Fp[BN254_Snarks]) =
   var

constantine/config/curves_declaration.nim

@@ -38,15 +38,6 @@ export CurveFamily
 #   which returns the field modulus of the curve
 # - proc Family*(curve: static Curve): CurveFamily
 #   which returns the curve family
-# - proc get_BN_param_u_BE*(curve: static Curve): array[N, byte]
-#   which returns the "u" parameter of a BN curve
-#   as a big-endian canonical integer representation
-#   if it's a BN curve and u is positive
-# - proc get_BN_param_6u_minus1_BE*(curve: static Curve): array[N, byte]
-#   which returns the "6u-1" parameter of a BN curve
-#   as a big-endian canonical integer representation
-#   if it's a BN curve and u is positive.
-#   This is used for optimized field inversion for BN curves
 
 declareCurves:
   # -----------------------------------------------------------------------------
@@ -102,8 +93,6 @@ declareCurves:
     bitwidth: 254
     modulus: "0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47"
     family: BarretoNaehrig
-    bn_u_bitwidth: 63
-    bn_u: "0x44e992b44a6909f1" # u: 4965661367192848881
 
     # G1 Equation: Y^2 = X^3 + 3
     # G2 Equation: Y^2 = X^3 + 3/(9+𝑖)

constantine/config/curves_parser.nim

@@ -110,10 +110,6 @@ type
     sexticNonResidue_fp2: NimNode # nnkPar(nnkIntLit, nnkIntLit)
 
     family: CurveFamily
-    # BN family
-    # ------------------------
-    bn_u_bitwidth: NimNode # nnkIntLit
-    bn_u: NimNode          # nnkStrLit (hex)
 
 var curvesDefinitions {.compileTime.}: seq[CurveParams]
 
@@ -178,10 +174,6 @@ proc parseCurveDecls(defs: var seq[CurveParams], curves: NimNode) =
         params.modulus = sectionVal
       elif sectionId.eqIdent"family":
         params.family = parseEnum[CurveFamily]($sectionVal)
-      elif sectionId.eqIdent"bn_u_bitwidth":
-        params.bn_u_bitwidth = sectionVal
-      elif sectionId.eqIdent"bn_u":
-        params.bn_u = sectionVal
       elif sectionId.eqIdent"eq_form":
         params.eq_form = parseEnum[CurveEquationForm]($sectionVal)
       elif sectionId.eqIdent"coef_a":
@@ -315,29 +307,6 @@ proc genMainConstants(defs: var seq[CurveParams]): NimNode =
         curveDef.sexticNonResidue_fp2
       )
 
-    # BN curves
-    # -----------------------------------------------
-    if family == BarretoNaehrig:
-      if not curveDef.bn_u_bitwidth.isNil and
-         not curveDef.bn_u.isNil and
-         ($curveDef.bn_u)[0] != '-': # The parameter must be positive
-        curveExtraStmts.add newConstStmt(
-          exported($curve & "_BN_can_use_addchain_inversion"),
-          newLit true
-        )
-        curveExtraStmts.add newConstStmt(
-          exported($curve & "_BN_param_u"),
-          newCall(
-            bindSym"fromHex",
-            nnkBracketExpr.newTree(bindSym"BigInt", curveDef.bn_u_bitwidth),
-            curveDef.bn_u
-          )
-        )
-      else:
-        curveExtraStmts.add newConstStmt(
-          exported($curve & "_BN_can_use_addchain_inversion"),
-          newLit false
-        )
   # end for ---------------------------------------------------
 
   result = newStmtList()

constantine/io/io_towers.nim

@@ -12,8 +12,6 @@ import
   std/typetraits,
   # Internal
   ./io_bigints, ./io_fields,
-  ../config/curves,
-  ../arithmetic/finite_fields,
   ../towers
 
 # No exceptions allowed