Add and multiply return bool success

This commit is contained in:
Mark Spanbroek 2024-01-30 09:47:44 +01:00 committed by markspanbroek
parent 111ed0826c
commit a97a598b0e

View File

@ -35,18 +35,16 @@ library Pairing {
function add( function add(
G1Point memory p1, G1Point memory p1,
G1Point memory p2 G1Point memory p2
) internal view returns (G1Point memory sum) { ) internal view returns (bool success, G1Point memory sum) {
uint[4] memory input; uint[4] memory input;
input[0] = p1.x; input[0] = p1.x;
input[1] = p1.y; input[1] = p1.y;
input[2] = p2.x; input[2] = p2.x;
input[3] = p2.y; input[3] = p2.y;
bool success;
// solhint-disable-next-line no-inline-assembly // solhint-disable-next-line no-inline-assembly
assembly { assembly {
success := staticcall(sub(gas(), 2000), 6, input, 128, sum, 64) success := staticcall(sub(gas(), 2000), 6, input, 128, sum, 64)
} }
require(success, "pairing-add-failed");
} }
/// The product of a point on G1 and a scalar, i.e. /// The product of a point on G1 and a scalar, i.e.
@ -54,17 +52,15 @@ library Pairing {
function multiply( function multiply(
G1Point memory p, G1Point memory p,
uint s uint s
) internal view returns (G1Point memory product) { ) internal view returns (bool success, G1Point memory product) {
uint[3] memory input; uint[3] memory input;
input[0] = p.x; input[0] = p.x;
input[1] = p.y; input[1] = p.y;
input[2] = s; input[2] = s;
bool success;
// solhint-disable-next-line no-inline-assembly // solhint-disable-next-line no-inline-assembly
assembly { assembly {
success := staticcall(sub(gas(), 2000), 7, input, 96, product, 64) success := staticcall(sub(gas(), 2000), 7, input, 96, product, 64)
} }
require(success, "pairing-mul-failed");
} }
/// The result of computing the pairing check /// The result of computing the pairing check
@ -155,7 +151,7 @@ contract Groth16Verifier {
function verify( function verify(
Groth16Proof calldata proof, Groth16Proof calldata proof,
uint[] memory input uint[] memory input
) public view returns (bool) { ) public view returns (bool success) {
require(input.length + 1 == _verifyingKey.ic.length, "verifier-bad-input"); require(input.length + 1 == _verifyingKey.ic.length, "verifier-bad-input");
// Compute the linear combination vkX // Compute the linear combination vkX
G1Point memory vkX = G1Point(0, 0); G1Point memory vkX = G1Point(0, 0);
@ -164,12 +160,14 @@ contract Groth16Verifier {
input[i] < _SNARK_SCALAR_FIELD, input[i] < _SNARK_SCALAR_FIELD,
"verifier-gte-snark-scalar-field" "verifier-gte-snark-scalar-field"
); );
vkX = Pairing.add( G1Point memory product;
vkX, (success, product) = Pairing.multiply(_verifyingKey.ic[i + 1], input[i]);
Pairing.multiply(_verifyingKey.ic[i + 1], input[i]) require(success, "pairing-mul-failed");
); (success, vkX) = Pairing.add(vkX, product);
require(success, "pairing-add-failed");
} }
vkX = Pairing.add(vkX, _verifyingKey.ic[0]); (success, vkX) = Pairing.add(vkX, _verifyingKey.ic[0]);
require(success, "pairing-add-failed");
return return
Pairing.pairingProd4( Pairing.pairingProd4(
Pairing.negate(proof.a), Pairing.negate(proof.a),