commit
de12fb3c94
|
@ -3,15 +3,15 @@ PrecompileTests
|
|||
## PrecompileTests
|
||||
```diff
|
||||
+ blake2F.json OK
|
||||
- blsG1Add.json Fail
|
||||
- blsG1Mul.json Fail
|
||||
- blsG1MultiExp.json Fail
|
||||
- blsG2Add.json Fail
|
||||
- blsG2Mul.json Fail
|
||||
- blsG2MultiExp.json Fail
|
||||
- blsMapG1.json Fail
|
||||
- blsMapG2.json Fail
|
||||
- blsPairing.json Fail
|
||||
+ blsG1Add.json OK
|
||||
+ blsG1Mul.json OK
|
||||
+ blsG1MultiExp.json OK
|
||||
+ blsG2Add.json OK
|
||||
+ blsG2Mul.json OK
|
||||
+ blsG2MultiExp.json OK
|
||||
+ blsMapG1.json OK
|
||||
+ blsMapG2.json OK
|
||||
+ blsPairing.json OK
|
||||
+ bn256Add.json OK
|
||||
+ bn256Add_istanbul.json OK
|
||||
+ bn256mul.json OK
|
||||
|
@ -25,7 +25,7 @@ PrecompileTests
|
|||
+ ripemd160.json OK
|
||||
+ sha256.json OK
|
||||
```
|
||||
OK: 13/22 Fail: 9/22 Skip: 0/22
|
||||
OK: 22/22 Fail: 0/22 Skip: 0/22
|
||||
|
||||
---TOTAL---
|
||||
OK: 13/22 Fail: 9/22 Skip: 0/22
|
||||
OK: 22/22 Fail: 0/22 Skip: 0/22
|
||||
|
|
|
@ -0,0 +1,279 @@
|
|||
import blscurve/bls_backend, stint
|
||||
|
||||
when BLS_BACKEND == Miracl:
|
||||
import blscurve/miracl/[common, milagro, hash_to_curve, bls_signature_scheme]
|
||||
import map_to_curve_g1
|
||||
export common
|
||||
export bls_signature_scheme.subgroupCheck
|
||||
|
||||
type
|
||||
BLS_G1* = ECP_BLS12381
|
||||
BLS_G2* = ECP2_BLS12381
|
||||
BLS_FP* = BIG_384
|
||||
BLS_FP2* = FP2_BLS12381
|
||||
BLS_SCALAR* = BIG_384
|
||||
BLS_FE* = FP_BLS12381
|
||||
BLS_FE2* = FP2_BLS12381
|
||||
BLS_ACC* = FP12_BLS12381
|
||||
BLS_G1P* = BLS_G1
|
||||
BLS_G2P* = BLS_G2
|
||||
|
||||
func pack(g: var BLS_G1, x, y: BLS_FP): bool {.inline.} =
|
||||
discard ECP_BLS12381_set(g.addr, x, y)
|
||||
let xx = x.nres
|
||||
let yy = y.nres
|
||||
isOnCurve(xx, yy)
|
||||
|
||||
func unpack(g: BLS_G1, x, y: var BLS_FP): bool {.inline.} =
|
||||
discard g.get(x, y)
|
||||
true
|
||||
|
||||
func pack(g: var BLS_G2, x0, x1, y0, y1: BLS_FP): bool =
|
||||
var x, y: BLS_FP2
|
||||
x.fromBigs(x0, x1)
|
||||
y.fromBigs(y0, y1)
|
||||
discard ECP2_BLS12381_set(g.addr, x.addr, y.addr)
|
||||
isOnCurve(x, y)
|
||||
|
||||
func unpack(g: BLS_G2, x0, x1, y0, y1: var BLS_FP): bool =
|
||||
var x, y: BLS_FP2
|
||||
result = g.get(x, y) <= 0.cint
|
||||
FP_BLS12381_redc(x0, addr x.a)
|
||||
FP_BLS12381_redc(x1, addr x.b)
|
||||
FP_BLS12381_redc(y0, addr y.a)
|
||||
FP_BLS12381_redc(y1, addr y.b)
|
||||
|
||||
func mapFPToG1*(fp: BLS_FE): BLS_G1 {.inline.} =
|
||||
mapToCurveG1(fp)
|
||||
|
||||
func mapFPToG2*(fp: BLS_FE2): BLS_G2 {.inline.} =
|
||||
result = mapToCurveG2(fp)
|
||||
result.clearCofactor()
|
||||
|
||||
func millerLoop*(g1: BLS_G1, g2: BLS_G2): BLS_ACC {.inline.} =
|
||||
PAIR_BLS12381_ate(result.addr, g2.unsafeAddr, g1.unsafeAddr)
|
||||
|
||||
proc mul*(a: var BLS_ACC, b: BLS_ACC) {.inline.} =
|
||||
FP12_BLS12381_mul(a.addr, b.unsafeAddr)
|
||||
|
||||
func check*(x: BLS_ACC): bool {.inline.} =
|
||||
PAIR_BLS12381_fexp(x.unsafeAddr)
|
||||
FP12_BLS12381_isunity(x.unsafeAddr).int == 1
|
||||
|
||||
else:
|
||||
import blscurve/blst/[blst_lowlevel]
|
||||
|
||||
type
|
||||
BLS_G1* = blst_p1
|
||||
BLS_G2* = blst_p2
|
||||
BLS_FP* = blst_fp
|
||||
BLS_FP2* = blst_fp2
|
||||
BLS_SCALAR* = blst_scalar
|
||||
BLS_FE* = blst_fp
|
||||
BLS_FE2* = blst_fp2
|
||||
BLS_ACC* = blst_fp12
|
||||
BLS_G1P* = blst_p1_affine
|
||||
BLS_G2P* = blst_p2_affine
|
||||
|
||||
func fromBytes*(ret: var BLS_SCALAR, raw: openArray[byte]): bool =
|
||||
const L = 32
|
||||
if raw.len < L:
|
||||
return false
|
||||
let pa = cast[ptr array[L, byte]](raw[0].unsafeAddr)
|
||||
blst_scalar_from_bendian(ret, pa[])
|
||||
true
|
||||
|
||||
func fromBytes(ret: var BLS_FP, raw: openArray[byte]): bool =
|
||||
const L = 48
|
||||
if raw.len < L:
|
||||
return false
|
||||
let pa = cast[ptr array[L, byte]](raw[0].unsafeAddr)
|
||||
blst_fp_from_bendian(ret, pa[])
|
||||
true
|
||||
|
||||
func toBytes(fp: BLS_FP, output: var openArray[byte]): bool =
|
||||
const L = 48
|
||||
if output.len < L:
|
||||
return false
|
||||
let pa = cast[ptr array[L, byte]](output[0].unsafeAddr)
|
||||
blst_bendian_from_fp(pa[], fp)
|
||||
true
|
||||
|
||||
func pack(g: var BLS_G1, x, y: BLS_FP): bool =
|
||||
let src = blst_p1_affine(x: x, y: y)
|
||||
blst_p1_from_affine(g, src)
|
||||
blst_p1_on_curve(g).int == 1
|
||||
|
||||
func unpack(g: BLS_G1, x, y: var BLS_FP): bool =
|
||||
var dst: blst_p1_affine
|
||||
blst_p1_to_affine(dst, g)
|
||||
x = dst.x
|
||||
y = dst.y
|
||||
true
|
||||
|
||||
func pack(g: var BLS_G2, x0, x1, y0, y1: BLS_FP): bool =
|
||||
let src = blst_p2_affine(x: blst_fp2(fp: [x0, x1]), y: blst_fp2(fp: [y0, y1]))
|
||||
blst_p2_from_affine(g, src)
|
||||
blst_p2_on_curve(g).int == 1
|
||||
|
||||
func unpack(g: BLS_G2, x0, x1, y0, y1: var BLS_FP): bool =
|
||||
var dst: blst_p2_affine
|
||||
blst_p2_to_affine(dst, g)
|
||||
x0 = dst.x.fp[0]
|
||||
x1 = dst.x.fp[1]
|
||||
y0 = dst.y.fp[0]
|
||||
y1 = dst.y.fp[1]
|
||||
true
|
||||
|
||||
func nbits(s: BLS_SCALAR): uint =
|
||||
var k = sizeof(s.l) - 1
|
||||
while k >= 0 and s.l[k] == 0: dec k
|
||||
if k < 0: return 0
|
||||
var
|
||||
bts = k shl 3
|
||||
c = s.l[k]
|
||||
|
||||
while c != 0:
|
||||
c = c shr 1
|
||||
inc bts
|
||||
|
||||
result = bts.uint
|
||||
|
||||
func add*(a: var BLS_G1, b: BLS_G1) {.inline.} =
|
||||
blst_p1_add_or_double(a, a, b)
|
||||
|
||||
func mul*(a: var BLS_G1, b: BLS_SCALAR) {.inline.} =
|
||||
blst_p1_mult(a, a, b, b.nbits)
|
||||
|
||||
func add*(a: var BLS_G2, b: BLS_G2) {.inline.} =
|
||||
blst_p2_add_or_double(a, a, b)
|
||||
|
||||
func mul*(a: var BLS_G2, b: BLS_SCALAR) {.inline.} =
|
||||
blst_p2_mult(a, a, b, b.nbits)
|
||||
|
||||
func mapFPToG1*(fp: BLS_FE): BLS_G1 {.inline.} =
|
||||
let z: ptr blst_fp = nil
|
||||
blst_map_to_g1(result, fp, z[])
|
||||
|
||||
func mapFPToG2*(fp: BLS_FE2): BLS_G2 {.inline.} =
|
||||
let z: ptr blst_fp2 = nil
|
||||
blst_map_to_g2(result, fp, z[])
|
||||
|
||||
func pack(g: var BLS_G1P, x, y: BLS_FP): bool =
|
||||
g = blst_p1_affine(x: x, y: y)
|
||||
blst_p1_affine_on_curve(g).int == 1
|
||||
|
||||
func pack(g: var BLS_G2P, x0, x1, y0, y1: BLS_FP): bool =
|
||||
g = blst_p2_affine(x: blst_fp2(fp: [x0, x1]), y: blst_fp2(fp: [y0, y1]))
|
||||
blst_p2_affine_on_curve(g).int == 1
|
||||
|
||||
func subgroupCheck*(P: BLS_G1P): bool {.inline.} =
|
||||
blst_p1_affine_in_g1(P).int == 1
|
||||
|
||||
func subgroupCheck*(P: BLS_G2P): bool {.inline.} =
|
||||
blst_p2_affine_in_g2(P).int == 1
|
||||
|
||||
func millerLoop*(P: BLS_G1P, Q: BLS_G2P): BLS_ACC {.inline.} =
|
||||
blst_miller_loop(result, Q, P)
|
||||
|
||||
proc mul*(a: var BLS_ACC, b: BLS_ACC) {.inline.} =
|
||||
blst_fp12_mul(a, a, b)
|
||||
|
||||
func check*(x: BLS_ACC): bool {.inline.} =
|
||||
var ret: BLS_ACC
|
||||
ret.blst_final_exp(x)
|
||||
ret.blst_fp12_is_one().int == 1
|
||||
|
||||
# decodeFieldElement expects 64 byte input with zero top 16 bytes,
|
||||
# returns lower 48 bytes.
|
||||
func decodeFieldElement*(res: var BLS_FP, input: openArray[byte]): bool =
|
||||
if input.len != 64:
|
||||
return false
|
||||
|
||||
# check top bytes
|
||||
for i in 0..<16:
|
||||
if input[i] != 0.byte:
|
||||
return false
|
||||
|
||||
res.fromBytes input.toOpenArray(16, 63)
|
||||
|
||||
when BLS_BACKEND == Miracl:
|
||||
proc decodeFE*(res: var BLS_FE, input: openArray[byte]): bool =
|
||||
var big: BLS_FP
|
||||
if not big.decodeFieldElement(input):
|
||||
return false
|
||||
res = big.nres()
|
||||
# fieldModulus > big
|
||||
BIG_384_comp(FIELD_Modulus, big).int == 1
|
||||
|
||||
proc decodeFE*(res: var BLS_FE2, input: openArray[byte]): bool =
|
||||
if input.len != 128:
|
||||
return false
|
||||
|
||||
if res.a.decodeFE(input.toOpenArray(0, 63)) and
|
||||
res.b.decodeFE(input.toOpenArray(64, 127)):
|
||||
result = true
|
||||
|
||||
else:
|
||||
func decodeFE*(res: var BLS_FE, input: openArray[byte]): bool =
|
||||
const
|
||||
fieldModulus = Stuint[512].fromHex "0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab"
|
||||
if not res.decodeFieldElement(input):
|
||||
return false
|
||||
var z: Stuint[512]
|
||||
z.initFromBytesBE(input)
|
||||
z < fieldModulus
|
||||
|
||||
func decodeFE*(res: var BLS_FE2, input: openArray[byte]): bool =
|
||||
if input.len != 128:
|
||||
return false
|
||||
|
||||
if res.fp[0].decodeFE(input.toOpenArray(0, 63)) and
|
||||
res.fp[1].decodeFE(input.toOpenArray(64, 127)):
|
||||
result = true
|
||||
|
||||
# DecodePoint given encoded (x, y) coordinates in 128 bytes returns a valid G1 Point.
|
||||
func decodePoint*(g: var (BLS_G1 | BLS_G1P), data: openArray[byte]): bool =
|
||||
if data.len != 128:
|
||||
return false
|
||||
|
||||
var x, y: BLS_FP
|
||||
if x.decodeFieldElement(data.toOpenArray(0, 63)) and
|
||||
y.decodeFieldElement(data.toOpenArray(64, 127)):
|
||||
result = g.pack(x, y)
|
||||
|
||||
# EncodePoint encodes a point into 128 bytes.
|
||||
func encodePoint*(g: BLS_G1, output: var openArray[byte]): bool =
|
||||
if output.len != 128:
|
||||
return false
|
||||
|
||||
var x, y: BLS_FP
|
||||
if g.unpack(x, y) and
|
||||
x.toBytes(output.toOpenArray(16, 63)) and
|
||||
y.toBytes(output.toOpenArray(64+16, 127)):
|
||||
result = true
|
||||
|
||||
# DecodePoint given encoded (x, y) coordinates in 256 bytes returns a valid G2 Point.
|
||||
func decodePoint*(g: var (BLS_G2 | BLS_G2P), data: openArray[byte]): bool =
|
||||
if data.len != 256:
|
||||
return false
|
||||
|
||||
var x0, x1, y0, y1: BLS_FP
|
||||
if x0.decodeFieldElement(data.toOpenArray(0, 63)) and
|
||||
x1.decodeFieldElement(data.toOpenArray(64, 127)) and
|
||||
y0.decodeFieldElement(data.toOpenArray(128, 191)) and
|
||||
y1.decodeFieldElement(data.toOpenArray(192, 255)):
|
||||
result = g.pack(x0, x1, y0, y1)
|
||||
|
||||
# EncodePoint encodes a point into 256 bytes.
|
||||
func encodePoint*(g: BLS_G2, output: var openArray[byte]): bool =
|
||||
if output.len != 256:
|
||||
return false
|
||||
|
||||
var x0, x1, y0, y1: BLS_FP
|
||||
if g.unpack(x0, x1, y0, y1) and
|
||||
x0.toBytes(output.toOpenArray(16, 63)) and
|
||||
x1.toBytes(output.toOpenArray(80, 127)) and
|
||||
y0.toBytes(output.toOpenArray(144, 192)) and
|
||||
y1.toBytes(output.toOpenArray(208, 255)):
|
||||
result = true
|
|
@ -759,4 +759,14 @@ const
|
|||
# The Yellow Paper is special casing the GasQuadDivisor.
|
||||
# It is defined in Appendix G with the other GasFeeKind constants
|
||||
# instead of Appendix E for precompiled contracts
|
||||
GasQuadDivisor* = 20
|
||||
GasQuadDivisor* = 20
|
||||
GasQuadDivisorEIP2565* = 3
|
||||
# EIP2537 BLS12 381
|
||||
Bls12381G1AddGas* = 600
|
||||
Bls12381G1MulGas* = 12000
|
||||
Bls12381G2AddGas* = 4500
|
||||
Bls12381G2MulGas* = 55000
|
||||
Bls12381PairingBaseGas* = 115000
|
||||
Bls12381PairingPerPairGas* = 23000
|
||||
Bls12381MapG1Gas* = 5500
|
||||
Bls12381MapG2Gas* = 110000
|
||||
|
|
|
@ -0,0 +1,221 @@
|
|||
import blscurve/miracl/[common, milagro]
|
||||
|
||||
# IETF Standard Draft: https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-10
|
||||
# The Hash-To-Curve v7 is binary compatible with Hash-To-Curve v9, v10
|
||||
|
||||
# constants for 11-isogeny map for BLS12-381 G1. Apendix E.2
|
||||
const
|
||||
xNumHex = [
|
||||
"0x11a05f2b1e833340b809101dd99815856b303e88a2d7005ff2627b56cdb4e2c85610c2d5f2e62d6eaeac1662734649b7",
|
||||
"0x17294ed3e943ab2f0588bab22147a81c7c17e75b2f6a8417f565e33c70d1e86b4838f2a6f318c356e834eef1b3cb83bb",
|
||||
"0x0d54005db97678ec1d1048c5d10a9a1bce032473295983e56878e501ec68e25c958c3e3d2a09729fe0179f9dac9edcb0",
|
||||
"0x1778e7166fcc6db74e0609d307e55412d7f5e4656a8dbf25f1b33289f1b330835336e25ce3107193c5b388641d9b6861",
|
||||
"0x0e99726a3199f4436642b4b3e4118e5499db995a1257fb3f086eeb65982fac18985a286f301e77c451154ce9ac8895d9",
|
||||
"0x1630c3250d7313ff01d1201bf7a74ab5db3cb17dd952799b9ed3ab9097e68f90a0870d2dcae73d19cd13c1c66f652983",
|
||||
"0x0d6ed6553fe44d296a3726c38ae652bfb11586264f0f8ce19008e218f9c86b2a8da25128c1052ecaddd7f225a139ed84",
|
||||
"0x17b81e7701abdbe2e8743884d1117e53356de5ab275b4db1a682c62ef0f2753339b7c8f8c8f475af9ccb5618e3f0c88e",
|
||||
"0x080d3cf1f9a78fc47b90b33563be990dc43b756ce79f5574a2c596c928c5d1de4fa295f296b74e956d71986a8497e317",
|
||||
"0x169b1f8e1bcfa7c42e0c37515d138f22dd2ecb803a0c5c99676314baf4bb1b7fa3190b2edc0327797f241067be390c9e",
|
||||
"0x10321da079ce07e272d8ec09d2565b0dfa7dccdde6787f96d50af36003b14866f69b771f8c285decca67df3f1605fb7b",
|
||||
"0x06e08c248e260e70bd1e962381edee3d31d79d7e22c837bc23c0bf1bc24c6b68c24b1b80b64d391fa9c8ba2e8ba2d229"
|
||||
]
|
||||
|
||||
xDenHex = [
|
||||
"0x08ca8d548cff19ae18b2e62f4bd3fa6f01d5ef4ba35b48ba9c9588617fc8ac62b558d681be343df8993cf9fa40d21b1c",
|
||||
"0x12561a5deb559c4348b4711298e536367041e8ca0cf0800c0126c2588c48bf5713daa8846cb026e9e5c8276ec82b3bff",
|
||||
"0x0b2962fe57a3225e8137e629bff2991f6f89416f5a718cd1fca64e00b11aceacd6a3d0967c94fedcfcc239ba5cb83e19",
|
||||
"0x03425581a58ae2fec83aafef7c40eb545b08243f16b1655154cca8abc28d6fd04976d5243eecf5c4130de8938dc62cd8",
|
||||
"0x13a8e162022914a80a6f1d5f43e7a07dffdfc759a12062bb8d6b44e833b306da9bd29ba81f35781d539d395b3532a21e",
|
||||
"0x0e7355f8e4e667b955390f7f0506c6e9395735e9ce9cad4d0a43bcef24b8982f7400d24bc4228f11c02df9a29f6304a5",
|
||||
"0x0772caacf16936190f3e0c63e0596721570f5799af53a1894e2e073062aede9cea73b3538f0de06cec2574496ee84a3a",
|
||||
"0x14a7ac2a9d64a8b230b3f5b074cf01996e7f63c21bca68a81996e1cdf9822c580fa5b9489d11e2d311f7d99bbdcc5a5e",
|
||||
"0x0a10ecf6ada54f825e920b3dafc7a3cce07f8d1d7161366b74100da67f39883503826692abba43704776ec3a79a1d641",
|
||||
"0x095fc13ab9e92ad4476d6e3eb3a56680f682b4ee96f7d03776df533978f31c1593174e4b4b7865002d6384d168ecdd0a",
|
||||
"0x01"
|
||||
]
|
||||
|
||||
yNumHex = [
|
||||
"0x090d97c81ba24ee0259d1f094980dcfa11ad138e48a869522b52af6c956543d3cd0c7aee9b3ba3c2be9845719707bb33",
|
||||
"0x134996a104ee5811d51036d776fb46831223e96c254f383d0f906343eb67ad34d6c56711962fa8bfe097e75a2e41c696",
|
||||
"0x00cc786baa966e66f4a384c86a3b49942552e2d658a31ce2c344be4b91400da7d26d521628b00523b8dfe240c72de1f6",
|
||||
"0x01f86376e8981c217898751ad8746757d42aa7b90eeb791c09e4a3ec03251cf9de405aba9ec61deca6355c77b0e5f4cb",
|
||||
"0x08cc03fdefe0ff135caf4fe2a21529c4195536fbe3ce50b879833fd221351adc2ee7f8dc099040a841b6daecf2e8fedb",
|
||||
"0x16603fca40634b6a2211e11db8f0a6a074a7d0d4afadb7bd76505c3d3ad5544e203f6326c95a807299b23ab13633a5f0",
|
||||
"0x04ab0b9bcfac1bbcb2c977d027796b3ce75bb8ca2be184cb5231413c4d634f3747a87ac2460f415ec961f8855fe9d6f2",
|
||||
"0x0987c8d5333ab86fde9926bd2ca6c674170a05bfe3bdd81ffd038da6c26c842642f64550fedfe935a15e4ca31870fb29",
|
||||
"0x09fc4018bd96684be88c9e221e4da1bb8f3abd16679dc26c1e8b6e6a1f20cabe69d65201c78607a360370e577bdba587",
|
||||
"0x0e1bba7a1186bdb5223abde7ada14a23c42a0ca7915af6fe06985e7ed1e4d43b9b3f7055dd4eba6f2bafaaebca731c30",
|
||||
"0x19713e47937cd1be0dfd0b8f1d43fb93cd2fcbcb6caf493fd1183e416389e61031bf3a5cce3fbafce813711ad011c132",
|
||||
"0x18b46a908f36f6deb918c143fed2edcc523559b8aaf0c2462e6bfe7f911f643249d9cdf41b44d606ce07c8a4d0074d8e",
|
||||
"0x0b182cac101b9399d155096004f53f447aa7b12a3426b08ec02710e807b4633f06c851c1919211f20d4c04f00b971ef8",
|
||||
"0x0245a394ad1eca9b72fc00ae7be315dc757b3b080d4c158013e6632d3c40659cc6cf90ad1c232a6442d9d3f5db980133",
|
||||
"0x05c129645e44cf1102a159f748c4a3fc5e673d81d7e86568d9ab0f5d396a7ce46ba1049b6579afb7866b1e715475224b",
|
||||
"0x15e6be4e990f03ce4ea50b3b42df2eb5cb181d8f84965a3957add4fa95af01b2b665027efec01c7704b456be69c8b604"
|
||||
]
|
||||
|
||||
yDenHex = [
|
||||
"0x16112c4c3a9c98b252181140fad0eae9601a6de578980be6eec3232b5be72e7a07f3688ef60c206d01479253b03663c1",
|
||||
"0x1962d75c2381201e1a0cbd6c43c348b885c84ff731c4d59ca4a10356f453e01f78a4260763529e3532f6102c2e49a03d",
|
||||
"0x058df3306640da276faaae7d6e8eb15778c4855551ae7f310c35a5dd279cd2eca6757cd636f96f891e2538b53dbf67f2",
|
||||
"0x16b7d288798e5395f20d23bf89edb4d1d115c5dbddbcd30e123da489e726af41727364f2c28297ada8d26d98445f5416",
|
||||
"0x0be0e079545f43e4b00cc912f8228ddcc6d19c9f0f69bbb0542eda0fc9dec916a20b15dc0fd2ededda39142311a5001d",
|
||||
"0x08d9e5297186db2d9fb266eaac783182b70152c65550d881c5ecd87b6f0f5a6449f38db9dfa9cce202c6477faaf9b7ac",
|
||||
"0x166007c08a99db2fc3ba8734ace9824b5eecfdfa8d0cf8ef5dd365bc400a0051d5fa9c01a58b1fb93d1a1399126a775c",
|
||||
"0x16a3ef08be3ea7ea03bcddfabba6ff6ee5a4375efa1f4fd7feb34fd206357132b920f5b00801dee460ee415a15812ed9",
|
||||
"0x1866c8ed336c61231a1be54fd1d74cc4f9fb0ce4c6af5920abc5750c4bf39b4852cfe2f7bb9248836b233d9d55535d4a",
|
||||
"0x167a55cda70a6e1cea820597d94a84903216f763e13d87bb5308592e7ea7d4fbc7385ea3d529b35e346ef48bb8913f55",
|
||||
"0x04d2f259eea405bd48f010a01ad2911d9c6dd039bb61a6290e591b36e636a5c871a5c29f4f83060400f8b49cba8f6aa8",
|
||||
"0x0accbb67481d033ff5852c1e48c50c477f94ff8aefce42d28c0f9a88cea7913516f968986f7ebbea9684b529e2561092",
|
||||
"0x0ad6b9514c767fe3c3613144b45f1496543346d98adf02267d5ceef9a00d9b8693000763e3b90ac11e99b138573345cc",
|
||||
"0x02660400eb2e4f3b628bdd0d53cd76f2bf565b94e72927c1cb748df27942480e420517bd8714cc80d1fadc1326ed06f7",
|
||||
"0x0e0fa1d816ddc03e6b24255e0d7819c171c40f65e273b853324efcd6356caa205ca2f570f13497804415473a1d634b8f",
|
||||
"0x01"
|
||||
]
|
||||
|
||||
func hexToFP(hex: string): FP_BLS12381 =
|
||||
var big: BIG_384
|
||||
discard big.fromHex(hex)
|
||||
big.nres()
|
||||
|
||||
func hexToBig(hex: string): BIG_384 {.inline.} =
|
||||
discard result.fromHex(hex)
|
||||
|
||||
# syntactic sugars
|
||||
proc `*=`(a: var FP_BLS12381, b: FP_BLS12381) {.inline.} =
|
||||
FP_BLS12381_mul(a.addr, a.addr, b.unsafeAddr)
|
||||
|
||||
proc `*`(a: FP_BLS12381, b: FP_BLS12381): FP_BLS12381 {.inline.} =
|
||||
FP_BLS12381_mul(result.addr, a.unsafeAddr, b.unsafeAddr)
|
||||
|
||||
proc `+`(a: FP_BLS12381, b: FP_BLS12381): FP_BLS12381 {.inline.} =
|
||||
FP_BLS12381_add(result.addr, a.unsafeAddr, b.unsafeAddr)
|
||||
|
||||
proc `+=`(a: var FP_BLS12381, b: FP_BLS12381) {.inline.} =
|
||||
FP_BLS12381_add(a.addr, a.addr, b.unsafeAddr)
|
||||
|
||||
proc inv(a: FP_BLS12381): FP_BLS12381 {.inline.} =
|
||||
FP_BLS12381_inv(result.addr, a.unsafeAddr, nil)
|
||||
|
||||
proc `/`(a, b: FP_BLS12381): FP_BLS12381 {.inline.} =
|
||||
result = a * inv(b)
|
||||
|
||||
proc inc(a: var FP_BLS12381) {.inline.} =
|
||||
var one: FP_BLS12381
|
||||
FP_BLS12381_one(addr one)
|
||||
FP_BLS12381_add(addr a, addr a, addr one)
|
||||
|
||||
proc cmov(a: var FP_BLS12381, b: FP_BLS12381, c: bool) {.inline.} =
|
||||
# branchless conditional move
|
||||
FP_BLS12381_cmove(addr a, unsafeAddr b, cint(c))
|
||||
|
||||
proc cmov(a: FP_BLS12381, b: FP_BLS12381, c: bool): FP_BLS12381 {.inline.} =
|
||||
# branchless conditional move
|
||||
result = a
|
||||
FP_BLS12381_cmove(addr result, unsafeAddr b, cint(c))
|
||||
|
||||
func isSquare(a: FP_BLS12381): bool {.inline.} =
|
||||
# returns true if `a` is a quadratic residue
|
||||
FP_BLS12381_qr(unsafeAddr a, nil) == 1
|
||||
|
||||
proc sqrt(a: FP_BLS12381): FP_BLS12381 {.inline.} =
|
||||
FP_BLS12381_sqrt(addr result, unsafeAddr a, nil)
|
||||
|
||||
func sign0(x: FP_BLS12381): bool {.inline.} =
|
||||
# The sgn0 function. Section 4.1
|
||||
when false:
|
||||
const
|
||||
sign_0 = 0
|
||||
zero_0 = 1
|
||||
let sign_1 = x.parity()
|
||||
# hope the compiler can optimize this
|
||||
bool(sign_0 or (zero_0 and sign_1))
|
||||
else:
|
||||
bool x.parity
|
||||
|
||||
func initArray[N: static[int]](hex: array[N, string]): array[N, FP_BLS12381] =
|
||||
for i in 0..<N:
|
||||
result[i] = hex[i].hexToFP
|
||||
|
||||
func evalPoly(x: FP_BLS12381, c: openArray[FP_BLS12381]): FP_BLS12381 =
|
||||
# Note: 32-bit use 29 bits limbs so you can do at most 3 additions before normalizing
|
||||
# but during test there is no problem
|
||||
result = c[^1]
|
||||
let NN = c.len - 1
|
||||
for i in 1..<c.len:
|
||||
result *= x
|
||||
result += c[NN - i]
|
||||
result.norm
|
||||
|
||||
func init(z: var ECP_BLS12381, x, y: FP_BLS12381) =
|
||||
var xx, yy: BIG_384
|
||||
xx.FP_BLS12381_redc(unsafeAddr x)
|
||||
yy.FP_BLS12381_redc(unsafeAddr y)
|
||||
discard ECP_BLS12381_set(addr z, xx, yy)
|
||||
|
||||
func isogenyMapG1(xp, yp: FP_BLS12381): ECP_BLS12381 =
|
||||
# 11-isogeny map for BLS12-381 G1. Apendix E.2
|
||||
# we use globals to ensure they are computed only once.
|
||||
{.noSideEffect.}:
|
||||
let
|
||||
g1xnum {.global.} = initArray(xNumHex)
|
||||
g1xden {.global.} = initArray(xDenHex)
|
||||
g1ynum {.global.} = initArray(yNumHex)
|
||||
g1yden {.global.} = initArray(yDenHex)
|
||||
|
||||
let
|
||||
xn = evalPoly(xp, g1xnum)
|
||||
xd = evalPoly(xp, g1xden)
|
||||
yn = evalPoly(xp, g1ynum)
|
||||
yd = evalPoly(xp, g1yden)
|
||||
x = xn / xd
|
||||
y = yp * yn / yd
|
||||
|
||||
result.init(x, y)
|
||||
|
||||
func mapToIsoCurveSSWU(u: FP_BLS12381): tuple[x, y: FP_BLS12381] =
|
||||
# BLS12-381 G1 Suite. Section 8.8.1
|
||||
{.noSideEffect.}:
|
||||
let
|
||||
A {.global.} = hexToFP "0x00144698a3b8e9433d693a02c96d4982b0ea985383ee66a8d8e8981aefd881ac98936f8da0e0f97f5cf428082d584c1d"
|
||||
B {.global.} = hexToFP "0x12e2908d11688030018b12e8753eee3b2016c1f0f24f4070a0b9c14fcef35ef55a23215a316ceaa5d1cc48e98e172be0"
|
||||
Z {.global.} = hexToFP "0x0B" # 11
|
||||
c1 {.global.} = neg B/A # -B/A
|
||||
c2 {.global.} = neg inv(Z) # -1/Z
|
||||
|
||||
# Simplified Shallue-van de Woestijne-Ulas method. Apendix F.2.
|
||||
let tv1 = Z * sqr(u)
|
||||
var tv2 = sqr(tv1)
|
||||
var x1 = tv1 + tv2
|
||||
x1 = inv(x1) # TODO: Spec defines inv0(0) == 0; inv0(x) == x^(q-2)
|
||||
let e1 = x1.isZilch()
|
||||
inc x1 # // no norm needed when adding one
|
||||
x1.cmov(c2, e1) # If (tv1 + tv2) == 0, set x1 = -1 / Z
|
||||
x1 = x1 * c1 # x1 = (-B / A) * (1 + (1 / (Z² * u^4 + Z * u²)))
|
||||
var gx1 = sqr(x1)
|
||||
gx1 = gx1 + A; gx1.norm()
|
||||
gx1 = gx1 * x1
|
||||
gx1 = gx1 + B; gx1.norm() # gx1 = g(x1) = x1³ + A * x1 + B
|
||||
let x2 = tv1 * x1 # x2 = Z * u² * x1
|
||||
tv2 = tv1 * tv2
|
||||
let gx2 = gx1 * tv2 # gx2 = (Z * u²)³ * gx1
|
||||
let e2 = gx1.isSquare()
|
||||
let x = cmov(x2, x1, e2) # If is_square(gx1), x = x1, else x = x2
|
||||
let y2 = cmov(gx2, gx1, e2) # If is_square(gx1), y2 = gx1, else y2 = gx2
|
||||
var y = sqrt(y2)
|
||||
let e3 = u.sign0() == y.sign0() # Fix sign of y
|
||||
y = cmov(neg y, y, e3)
|
||||
|
||||
result.x = x
|
||||
result.y = y
|
||||
|
||||
func mapToCurveG1*(u: FP_BLS12381): ECP_BLS12381 =
|
||||
when false:
|
||||
{.noSideEffect.}:
|
||||
let cofactor {.global.} = hexToBig("d201000000010001")
|
||||
let p = mapToIsoCurveSSWU(u)
|
||||
result = isogenyMapG1(p.x, p.y)
|
||||
result.mul cofactor
|
||||
else:
|
||||
let p = mapToIsoCurveSSWU(u)
|
||||
result = isogenyMapG1(p.x, p.y)
|
||||
ECP_BLS12381_cfp(addr result)
|
|
@ -1,22 +1,32 @@
|
|||
import
|
||||
../vm_types, interpreter/[gas_meter, gas_costs, utils/utils_numeric, vm_forks],
|
||||
../errors, stint, eth/[keys, common], chronicles, tables, macros,
|
||||
math, nimcrypto, bncurve/[fields, groups], blake2b_f
|
||||
math, nimcrypto, bncurve/[fields, groups], blake2b_f, ./blscurve
|
||||
|
||||
type
|
||||
PrecompileAddresses* = enum
|
||||
# Frontier to Spurious Dragron
|
||||
paEcRecover = 1,
|
||||
paSha256,
|
||||
paRipeMd160,
|
||||
paIdentity,
|
||||
paEcRecover = 1
|
||||
paSha256
|
||||
paRipeMd160
|
||||
paIdentity
|
||||
# Byzantium and Constantinople
|
||||
paModExp,
|
||||
paEcAdd,
|
||||
paEcMul,
|
||||
paPairing,
|
||||
paModExp
|
||||
paEcAdd
|
||||
paEcMul
|
||||
paPairing
|
||||
# Istanbul
|
||||
paBlake2bf = 9
|
||||
paBlake2bf
|
||||
# Berlin
|
||||
paBlsG1Add
|
||||
paBlsG1Mul
|
||||
paBlsG1MultiExp
|
||||
paBlsG2Add
|
||||
paBlsG2Mul
|
||||
paBlsG2MultiExp
|
||||
paBlsPairing
|
||||
paBlsMapG1
|
||||
paBlsMapG2
|
||||
|
||||
proc getSignature(computation: Computation): (array[32, byte], Signature) =
|
||||
# input is Hash, V, R, S
|
||||
|
@ -52,6 +62,17 @@ proc getSignature(computation: Computation): (array[32, byte], Signature) =
|
|||
else:
|
||||
raise newException(ValidationError, "Invalid V in getSignature")
|
||||
|
||||
proc simpleDecode*(dst: var FQ2, src: openarray[byte]): bool {.noinit.} =
|
||||
# bypassing FQ2.fromBytes
|
||||
# because we want to check `value > modulus`
|
||||
result = false
|
||||
if dst.c1.fromBytes(src.toOpenArray(0, 31)) and
|
||||
dst.c0.fromBytes(src.toOpenArray(32, 63)):
|
||||
result = true
|
||||
|
||||
template simpleDecode*(dst: var FQ, src: openarray[byte]): bool =
|
||||
fromBytes(dst, src)
|
||||
|
||||
proc getPoint[T: G1|G2](t: typedesc[T], data: openarray[byte]): Point[T] =
|
||||
when T is G1:
|
||||
const nextOffset = 32
|
||||
|
@ -59,28 +80,11 @@ proc getPoint[T: G1|G2](t: typedesc[T], data: openarray[byte]): Point[T] =
|
|||
else:
|
||||
const nextOffset = 64
|
||||
var px, py: FQ2
|
||||
if not px.fromBytes2(data.toOpenArray(0, nextOffset - 1)):
|
||||
if not px.simpleDecode(data.toOpenArray(0, nextOffset - 1)):
|
||||
raise newException(ValidationError, "Could not get point value")
|
||||
if not py.fromBytes2(data.toOpenArray(nextOffset, nextOffset * 2 - 1)):
|
||||
if not py.simpleDecode(data.toOpenArray(nextOffset, nextOffset * 2 - 1)):
|
||||
raise newException(ValidationError, "Could not get point value")
|
||||
|
||||
# "ecpairing_perturb_g2_by_field_modulus_again.json",
|
||||
# "ecpairing_perturb_zeropoint_by_field_modulus.json",
|
||||
# "ecpairing_perturb_g2_by_field_modulus.json",
|
||||
# modulus comparion in FQ2.fromBytes produce different result
|
||||
const
|
||||
modulus = Uint256.fromHex("30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47")
|
||||
let a = Uint256.fromBytesBE(data.toOpenArray(0, 31), false)
|
||||
let b = Uint256.fromBytesBE(data.toOpenArray(32, 63), false)
|
||||
when T is G2:
|
||||
let c = Uint256.fromBytesBE(data.toOpenArray(64, 95), false)
|
||||
let d = Uint256.fromBytesBE(data.toOpenArray(96, 127), false)
|
||||
if a >= modulus or b >= modulus or c >= modulus or d >= modulus:
|
||||
raise newException(ValidationError, "value greater than field modulus")
|
||||
else:
|
||||
if a >= modulus or b >= modulus:
|
||||
raise newException(ValidationError, "value greater than field modulus")
|
||||
|
||||
if px.isZero() and py.isZero():
|
||||
result = T.zero()
|
||||
else:
|
||||
|
@ -218,7 +222,7 @@ proc modExpFee(c: Computation, baseLen, expLen, modLen: Uint256, fork: Fork): Ga
|
|||
max(adjExpLen, 1.u256)
|
||||
) div divisor
|
||||
|
||||
let gasFee = if fork >= FkBerlin: gasCalc(mulComplexityEIP2565, 3)
|
||||
let gasFee = if fork >= FkBerlin: gasCalc(mulComplexityEIP2565, GasQuadDivisorEIP2565)
|
||||
else: gasCalc(mulComplexity, GasQuadDivisor)
|
||||
|
||||
if gasFee > high(GasInt).u256:
|
||||
|
@ -344,23 +348,314 @@ proc bn256ecPairing*(computation: Computation, fork: Fork = FkByzantium) =
|
|||
|
||||
computation.output = @output
|
||||
|
||||
proc blake2bf*(computation: Computation) =
|
||||
template input(): untyped =
|
||||
computation.msg.data
|
||||
proc blake2bf*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if len(input) == blake2FInputLength:
|
||||
let gasFee = GasInt(beLoad32(input, 0))
|
||||
computation.gasMeter.consumeGas(gasFee, reason="blake2bf Precompile")
|
||||
c.gasMeter.consumeGas(gasFee, reason="blake2bf Precompile")
|
||||
|
||||
var output: array[64, byte]
|
||||
if not blake2b_F(input, output):
|
||||
raise newException(ValidationError, "Blake2b F function invalid input")
|
||||
else:
|
||||
computation.output = @output
|
||||
c.output = @output
|
||||
|
||||
proc blsG1Add*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if input.len != 256:
|
||||
raise newException(ValidationError, "blsG1Add invalid input len")
|
||||
|
||||
c.gasMeter.consumeGas(Bls12381G1AddGas, reason="blsG1Add Precompile")
|
||||
|
||||
var a, b: BLS_G1
|
||||
if not a.decodePoint(input.toOpenArray(0, 127)):
|
||||
raise newException(ValidationError, "blsG1Add invalid input A")
|
||||
|
||||
if not b.decodePoint(input.toOpenArray(128, 255)):
|
||||
raise newException(ValidationError, "blsG1Add invalid input B")
|
||||
|
||||
a.add b
|
||||
|
||||
c.output = newSeq[byte](128)
|
||||
if not encodePoint(a, c.output):
|
||||
raise newException(ValidationError, "blsG1Add encodePoint error")
|
||||
|
||||
proc blsG1Mul*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if input.len != 160:
|
||||
raise newException(ValidationError, "blsG1Mul invalid input len")
|
||||
|
||||
c.gasMeter.consumeGas(Bls12381G1MulGas, reason="blsG1Mul Precompile")
|
||||
|
||||
var a: BLS_G1
|
||||
if not a.decodePoint(input.toOpenArray(0, 127)):
|
||||
raise newException(ValidationError, "blsG1Mul invalid input A")
|
||||
|
||||
var scalar: BLS_SCALAR
|
||||
if not scalar.fromBytes(input.toOpenArray(128, 159)):
|
||||
raise newException(ValidationError, "blsG1Mul invalid scalar")
|
||||
|
||||
a.mul(scalar)
|
||||
|
||||
c.output = newSeq[byte](128)
|
||||
if not encodePoint(a, c.output):
|
||||
raise newException(ValidationError, "blsG1Mul encodePoint error")
|
||||
|
||||
const
|
||||
Bls12381MultiExpDiscountTable = [
|
||||
1200, 888, 764, 641, 594, 547, 500, 453, 438, 423,
|
||||
408, 394, 379, 364, 349, 334, 330, 326, 322, 318,
|
||||
314, 310, 306, 302, 298, 294, 289, 285, 281, 277,
|
||||
273, 269, 268, 266, 265, 263, 262, 260, 259, 257,
|
||||
256, 254, 253, 251, 250, 248, 247, 245, 244, 242,
|
||||
241, 239, 238, 236, 235, 233, 232, 231, 229, 228,
|
||||
226, 225, 223, 222, 221, 220, 219, 219, 218, 217,
|
||||
216, 216, 215, 214, 213, 213, 212, 211, 211, 210,
|
||||
209, 208, 208, 207, 206, 205, 205, 204, 203, 202,
|
||||
202, 201, 200, 199, 199, 198, 197, 196, 196, 195,
|
||||
194, 193, 193, 192, 191, 191, 190, 189, 188, 188,
|
||||
187, 186, 185, 185, 184, 183, 182, 182, 181, 180,
|
||||
179, 179, 178, 177, 176, 176, 175, 174
|
||||
]
|
||||
|
||||
func calcBlsMultiExpGas(K: int, gasCost: GasInt): GasInt =
|
||||
# Calculate G1 point, scalar value pair length
|
||||
if K == 0:
|
||||
# Return 0 gas for small input length
|
||||
return 0.GasInt
|
||||
|
||||
const dLen = Bls12381MultiExpDiscountTable.len
|
||||
# Lookup discount value for G1 point, scalar value pair length
|
||||
let discount = if K < dLen: Bls12381MultiExpDiscountTable[K-1]
|
||||
else: Bls12381MultiExpDiscountTable[dLen-1]
|
||||
|
||||
# Calculate gas and return the result
|
||||
result = (K * gasCost * discount) div 1000
|
||||
|
||||
proc blsG1MultiExp*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
const L = 160
|
||||
if (input.len == 0) or ((input.len mod L) != 0):
|
||||
raise newException(ValidationError, "blsG1MultiExp invalid input len")
|
||||
|
||||
let
|
||||
K = input.len div L
|
||||
gas = K.calcBlsMultiExpGas(Bls12381G1MulGas)
|
||||
|
||||
c.gasMeter.consumeGas(gas, reason="blsG1MultiExp Precompile")
|
||||
|
||||
var
|
||||
p: BLS_G1
|
||||
s: BLS_SCALAR
|
||||
acc: BLS_G1
|
||||
|
||||
# Decode point scalar pairs
|
||||
for i in 0..<K:
|
||||
let off = L * i
|
||||
|
||||
# Decode G1 point
|
||||
if not p.decodePoint(input.toOpenArray(off, off+127)):
|
||||
raise newException(ValidationError, "blsG1MultiExp invalid input P")
|
||||
|
||||
# Decode scalar value
|
||||
if not s.fromBytes(input.toOpenArray(off+128, off+159)):
|
||||
raise newException(ValidationError, "blsG1MultiExp invalid scalar")
|
||||
|
||||
p.mul(s)
|
||||
if i == 0:
|
||||
acc = p
|
||||
else:
|
||||
acc.add(p)
|
||||
|
||||
c.output = newSeq[byte](128)
|
||||
if not encodePoint(acc, c.output):
|
||||
raise newException(ValidationError, "blsG1MuliExp encodePoint error")
|
||||
|
||||
proc blsG2Add*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if input.len != 512:
|
||||
raise newException(ValidationError, "blsG2Add invalid input len")
|
||||
|
||||
c.gasMeter.consumeGas(Bls12381G2AddGas, reason="blsG2Add Precompile")
|
||||
|
||||
var a, b: BLS_G2
|
||||
if not a.decodePoint(input.toOpenArray(0, 255)):
|
||||
raise newException(ValidationError, "blsG2Add invalid input A")
|
||||
|
||||
if not b.decodePoint(input.toOpenArray(256, 511)):
|
||||
raise newException(ValidationError, "blsG2Add invalid input B")
|
||||
|
||||
a.add b
|
||||
|
||||
c.output = newSeq[byte](256)
|
||||
if not encodePoint(a, c.output):
|
||||
raise newException(ValidationError, "blsG2Add encodePoint error")
|
||||
|
||||
proc blsG2Mul*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if input.len != 288:
|
||||
raise newException(ValidationError, "blsG2Mul invalid input len")
|
||||
|
||||
c.gasMeter.consumeGas(Bls12381G2MulGas, reason="blsG2Mul Precompile")
|
||||
|
||||
var a: BLS_G2
|
||||
if not a.decodePoint(input.toOpenArray(0, 255)):
|
||||
raise newException(ValidationError, "blsG2Mul invalid input A")
|
||||
|
||||
var scalar: BLS_SCALAR
|
||||
if not scalar.fromBytes(input.toOpenArray(256, 287)):
|
||||
raise newException(ValidationError, "blsG2Mul invalid scalar")
|
||||
|
||||
a.mul(scalar)
|
||||
|
||||
c.output = newSeq[byte](256)
|
||||
if not encodePoint(a, c.output):
|
||||
raise newException(ValidationError, "blsG2Mul encodePoint error")
|
||||
|
||||
proc blsG2MultiExp*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
const L = 288
|
||||
if (input.len == 0) or ((input.len mod L) != 0):
|
||||
raise newException(ValidationError, "blsG2MultiExp invalid input len")
|
||||
|
||||
let
|
||||
K = input.len div L
|
||||
gas = K.calcBlsMultiExpGas(Bls12381G2MulGas)
|
||||
|
||||
c.gasMeter.consumeGas(gas, reason="blsG2MultiExp Precompile")
|
||||
|
||||
var
|
||||
p: BLS_G2
|
||||
s: BLS_SCALAR
|
||||
acc: BLS_G2
|
||||
|
||||
# Decode point scalar pairs
|
||||
for i in 0..<K:
|
||||
let off = L * i
|
||||
|
||||
# Decode G1 point
|
||||
if not p.decodePoint(input.toOpenArray(off, off+255)):
|
||||
raise newException(ValidationError, "blsG2MultiExp invalid input P")
|
||||
|
||||
# Decode scalar value
|
||||
if not s.fromBytes(input.toOpenArray(off+256, off+287)):
|
||||
raise newException(ValidationError, "blsG2MultiExp invalid scalar")
|
||||
|
||||
p.mul(s)
|
||||
if i == 0:
|
||||
acc = p
|
||||
else:
|
||||
acc.add(p)
|
||||
|
||||
c.output = newSeq[byte](256)
|
||||
if not encodePoint(acc, c.output):
|
||||
raise newException(ValidationError, "blsG2MuliExp encodePoint error")
|
||||
|
||||
proc blsPairing*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
const L = 384
|
||||
if (input.len == 0) or ((input.len mod L) != 0):
|
||||
raise newException(ValidationError, "blsG2Pairing invalid input len")
|
||||
|
||||
let
|
||||
K = input.len div L
|
||||
gas = Bls12381PairingBaseGas + K.GasInt * Bls12381PairingPerPairGas
|
||||
|
||||
c.gasMeter.consumeGas(gas, reason="blsG2Pairing Precompile")
|
||||
|
||||
var
|
||||
g1: BLS_G1P
|
||||
g2: BLS_G2P
|
||||
acc: BLS_ACC
|
||||
|
||||
# Decode pairs
|
||||
for i in 0..<K:
|
||||
let off = L * i
|
||||
|
||||
# Decode G1 point
|
||||
if not g1.decodePoint(input.toOpenArray(off, off+127)):
|
||||
raise newException(ValidationError, "blsG2Pairing invalid G1")
|
||||
|
||||
# Decode G2 point
|
||||
if not g2.decodePoint(input.toOpenArray(off+128, off+383)):
|
||||
raise newException(ValidationError, "blsG2Pairing invalid G2")
|
||||
|
||||
# 'point is on curve' check already done,
|
||||
# Here we need to apply subgroup checks.
|
||||
if not g1.subgroupCheck:
|
||||
raise newException(ValidationError, "blsG2Pairing invalid G1 subgroup")
|
||||
|
||||
if not g2.subgroupCheck:
|
||||
raise newException(ValidationError, "blsG2Pairing invalid G2 subgroup")
|
||||
|
||||
# Update pairing engine with G1 and G2 points
|
||||
if i == 0:
|
||||
acc = millerLoop(g1, g2)
|
||||
else:
|
||||
acc.mul(millerLoop(g1, g2))
|
||||
|
||||
c.output = newSeq[byte](32)
|
||||
if acc.check():
|
||||
c.output[^1] = 1.byte
|
||||
|
||||
proc blsMapG1*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if input.len != 64:
|
||||
raise newException(ValidationError, "blsMapG1 invalid input len")
|
||||
|
||||
c.gasMeter.consumeGas(Bls12381MapG1Gas, reason="blsMapG1 Precompile")
|
||||
|
||||
var fe: BLS_FE
|
||||
if not fe.decodeFE(input):
|
||||
raise newException(ValidationError, "blsMapG1 invalid field element")
|
||||
|
||||
let p = fe.mapFPToG1()
|
||||
|
||||
c.output = newSeq[byte](128)
|
||||
if not encodePoint(p, c.output):
|
||||
raise newException(ValidationError, "blsMapG1 encodePoint error")
|
||||
|
||||
proc blsMapG2*(c: Computation) =
|
||||
template input: untyped =
|
||||
c.msg.data
|
||||
|
||||
if input.len != 128:
|
||||
raise newException(ValidationError, "blsMapG2 invalid input len")
|
||||
|
||||
c.gasMeter.consumeGas(Bls12381MapG2Gas, reason="blsMapG2 Precompile")
|
||||
|
||||
var fe: BLS_FE2
|
||||
if not fe.decodeFE(input):
|
||||
raise newException(ValidationError, "blsMapG2 invalid field element")
|
||||
|
||||
let p = fe.mapFPToG2()
|
||||
|
||||
c.output = newSeq[byte](256)
|
||||
if not encodePoint(p, c.output):
|
||||
raise newException(ValidationError, "blsMapG2 encodePoint error")
|
||||
|
||||
proc getMaxPrecompileAddr(fork: Fork): PrecompileAddresses =
|
||||
if fork < FkByzantium: paIdentity
|
||||
elif fork < FkIstanbul: paPairing
|
||||
elif fork < FkBerlin: paBlake2bf
|
||||
else: PrecompileAddresses.high
|
||||
|
||||
proc execPrecompiles*(computation: Computation, fork: Fork): bool {.inline.} =
|
||||
|
@ -384,6 +679,15 @@ proc execPrecompiles*(computation: Computation, fork: Fork): bool {.inline.} =
|
|||
of paEcMul: bn256ecMul(computation, fork)
|
||||
of paPairing: bn256ecPairing(computation, fork)
|
||||
of paBlake2bf: blake2bf(computation)
|
||||
of paBlsG1Add: blsG1Add(computation)
|
||||
of paBlsG1Mul: blsG1Mul(computation)
|
||||
of paBlsG1MultiExp: blsG1MultiExp(computation)
|
||||
of paBlsG2Add: blsG2Add(computation)
|
||||
of paBlsG2Mul: blsG2Mul(computation)
|
||||
of paBlsG2MultiExp: blsG2MultiExp(computation)
|
||||
of paBlsPairing: blsPairing(computation)
|
||||
of paBlsMapG1: blsMapG1(computation)
|
||||
of paBlsMapG2: blsMapG2(computation)
|
||||
except OutOfGas as e:
|
||||
# cannot use setError here, cyclic dependency
|
||||
computation.error = Error(info: e.msg, burnsGas: true)
|
||||
|
|
|
@ -5,22 +5,22 @@
|
|||
[
|
||||
{
|
||||
"Input": "",
|
||||
"Expected": "error",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "vector 0: empty input"
|
||||
},
|
||||
{
|
||||
"Input": "00000c48c9bdf267e6096a3ba7ca8485ae67bb2bf894fe72f36e3cf1361d5f3af54fa5d182e6ad7f520e511f6c3e2b8c68059b6bbd41fbabd9831f79217e1319cde05b61626300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000001",
|
||||
"Expected": "error",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "vector 1: less than 213 bytes input"
|
||||
},
|
||||
{
|
||||
"Input": "000000000c48c9bdf267e6096a3ba7ca8485ae67bb2bf894fe72f36e3cf1361d5f3af54fa5d182e6ad7f520e511f6c3e2b8c68059b6bbd41fbabd9831f79217e1319cde05b61626300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000001",
|
||||
"Expected": "error",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "vector 2: more than 213 bytes input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000c48c9bdf267e6096a3ba7ca8485ae67bb2bf894fe72f36e3cf1361d5f3af54fa5d182e6ad7f520e511f6c3e2b8c68059b6bbd41fbabd9831f79217e1319cde05b61626300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000002",
|
||||
"Expected": "error",
|
||||
"ExpectedError": "invalid final flag",
|
||||
"Name": "vector 3: malformed final block indicator flag"
|
||||
},
|
||||
{
|
||||
|
|
|
@ -3,6 +3,36 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1add_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb00000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1add_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb000000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1add_large_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000108b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_g1add_violate_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_g1add_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_g1add_point_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1",
|
||||
"Expected": "000000000000000000000000000000000572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e00000000000000000000000000000000166a9d8cabc673a322fda673779d8e3822ba3ecb8670e461f73bb9021d5fd76a4c56d9d4cd16bd1bba86881979749d28",
|
||||
|
|
|
@ -3,6 +3,36 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1mul_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb00000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1mul_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb000000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1mul_large_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000108b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_g1mul_violate_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_g1mul_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_g1mul_point_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000000",
|
||||
"Expected": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
|
|
|
@ -3,6 +3,36 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1multiexp_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb00000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1multiexp_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb000000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g1multiexp_large_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_g1multiexp_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000108b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_g1multiexp_violate_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_g1multiexp_point_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e10000000000000000000000000000000000000000000000000000000000000011",
|
||||
"Expected": "000000000000000000000000000000001098f178f84fc753a76bb63709e9be91eec3ff5f7f3a5f4836f34fe8a1a6d6c5578d8fd820573cef3a01e2bfef3eaf3a000000000000000000000000000000000ea923110b733b531006075f796cc9368f2477fe26020f465468efbb380ce1f8eebaf5c770f31d320f9bd378dc758436",
|
||||
|
|
|
@ -3,6 +3,36 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2add_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b828010000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2add_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b8280100000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2add_large_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000010606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_g2add_violate_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_g2add_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_g2add_point_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"Expected": "000000000000000000000000000000001638533957d540a9d2370f17cc7ed5863bc0b995b8825e0ee1ea1e1e4d00dbae81f14b0bf3611b78c952aacab827a053000000000000000000000000000000000a4edef9c1ed7f729f520e47730a124fd70662a904ba1074728114d1031e1572c6c886f6b57ec72a6178288c47c33577000000000000000000000000000000000468fb440d82b0630aeb8dca2b5256789a66da69bf91009cbfe6bd221e47aa8ae88dece9764bf3bd999d95d71e4c9899000000000000000000000000000000000f6d4552fa65dd2638b361543f887136a43253d9c66c411697003f7a13c308f5422e1aa0a59c8967acdefd8b6e36ccf3",
|
||||
|
|
|
@ -3,6 +3,36 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2mul_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b828010000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2mul_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b8280100000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2mul_large_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000010606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_g2mul_violate_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_g2mul_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_g2mul_point_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000000",
|
||||
"Expected": "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
|
|
|
@ -3,6 +3,36 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2multiexp_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b828010000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2multiexp_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b8280100000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_g2multiexp_large_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000010606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_g2multiexp_violate_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac0000000000000000000000000000000000000000000000000000000000000007",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_g2multiexp_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_g2multiexp_point_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000000000000000000000000000000000011",
|
||||
"Expected": "000000000000000000000000000000000ef786ebdcda12e142a32f091307f2fedf52f6c36beb278b0007a03ad81bf9fee3710a04928e43e541d02c9be44722e8000000000000000000000000000000000d05ceb0be53d2624a796a7a033aec59d9463c18d672c451ec4f2e679daef882cab7d8dd88789065156a1340ca9d426500000000000000000000000000000000118ed350274bc45e63eaaa4b8ddf119b3bf38418b5b9748597edfc456d9bc3e864ec7283426e840fd29fa84e7d89c934000000000000000000000000000000001594b866a28946b6d444bf0481558812769ea3222f5dfc961ca33e78e0ea62ee8ba63fd1ece9cc3e315abfa96d536944",
|
||||
|
|
|
@ -3,6 +3,26 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_mapg1_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_mapg1_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_mapg1_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_mapg1_invalid_fq_element"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000014406e5bfb9209256a3820879a29ac2f62d6aca82324bf3ae2aa7d3c54792043bd8c791fccdb080c1a52dc68b8b69350",
|
||||
"Expected": "000000000000000000000000000000000d7721bcdb7ce1047557776eb2659a444166dc6dd55c7ca6e240e21ae9aa18f529f04ac31d861b54faf3307692545db700000000000000000000000000000000108286acbdf4384f67659a8abe89e712a504cb3ce1cba07a716869025d60d499a00d1da8cdc92958918c222ea93d87f0",
|
||||
|
|
|
@ -3,6 +3,26 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_mapg2_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_mapg2_short_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_mapg2_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_mapg2_invalid_fq_element"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000014406e5bfb9209256a3820879a29ac2f62d6aca82324bf3ae2aa7d3c54792043bd8c791fccdb080c1a52dc68b8b69350000000000000000000000000000000000e885bb33996e12f07da69073e2c0cc880bc8eff26d2a724299eb12d54f4bcf26f4748bb020e80a7e3794a7b0e47a641",
|
||||
"Expected": "000000000000000000000000000000000d029393d3a13ff5b26fe52bd8953768946c5510f9441f1136f1e938957882db6adbd7504177ee49281ecccba596f2bf000000000000000000000000000000001993f668fb1ae603aefbb1323000033fcb3b65d8ed3bf09c84c61e27704b745f540299a1872cd697ae45a5afd780f1d600000000000000000000000000000000079cb41060ef7a128d286c9ef8638689a49ca19da8672ea5c47b6ba6dbde193ee835d3b87a76a689966037c07159c10d0000000000000000000000000000000017c688ae9a8b59a7069c27f2d58dd2196cb414f4fb89da8510518a1142ab19d158badd1c3bad03408fafb1669903cd6c",
|
||||
|
|
|
@ -3,6 +3,46 @@
|
|||
"fork": "berlin",
|
||||
"data":
|
||||
[
|
||||
{
|
||||
"Input": "",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_pairing_empty_input"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b8280100000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "invalid input length",
|
||||
"Name": "bls_pairing_extra_data"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000001a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaac",
|
||||
"ExpectedError": "must be less than modulus",
|
||||
"Name": "bls_pairing_invalid_field_element"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000010606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "invalid field element top bytes",
|
||||
"Name": "bls_pairing_top_bytes"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_pairing_g1_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
|
||||
"ExpectedError": "point is not on curve",
|
||||
"Name": "bls_pairing_g2_not_on_curve"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000a989badd40d6212b33cffc3f3763e9bc760f988c9926b26da9dd85e928483446346b8ed00e1de5d5ea93e354abe706c00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be",
|
||||
"ExpectedError": "g1 point is not on correct subgroup",
|
||||
"Name": "bls_pairing_g1_not_in_correct_subgroup"
|
||||
},
|
||||
{
|
||||
"Input": "0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e100000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801000000000000000000000000000000000606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0000000000000000000000000000000017f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb0000000000000000000000000000000008b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000013a59858b6809fca4d9a3b6539246a70051a3c88899964a42bc9a69cf9acdd9dd387cfa9086b894185b9a46a402be730000000000000000000000000000000002d27e0ec3356299a346a09ad7dc4ef68a483c3aed53f9139d2f929a3eecebf72082e5e58c6da24ee32e03040c406d4f",
|
||||
"ExpectedError": "g2 point is not on correct subgroup",
|
||||
"Name": "bls_pairing_g2_not_in_correct_subgroup"
|
||||
},
|
||||
{
|
||||
"Input": "000000000000000000000000000000000572cbea904d67468808c8eb50a9450c9721db309128012543902d0ac358a62ae28f75bb8f1c7c42c39a8c5529bf0f4e00000000000000000000000000000000166a9d8cabc673a322fda673779d8e3822ba3ecb8670e461f73bb9021d5fd76a4c56d9d4cd16bd1bba86881979749d2800000000000000000000000000000000122915c824a0857e2ee414a3dccb23ae691ae54329781315a0c75df1c04d6d7a50a030fc866f09d516020ef82324afae0000000000000000000000000000000009380275bbc8e5dcea7dc4dd7e0550ff2ac480905396eda55062650f8d251c96eb480673937cc6d9d6a44aaa56ca66dc000000000000000000000000000000000b21da7955969e61010c7a1abc1a6f0136961d1e3b20b1a7326ac738fef5c721479dfd948b52fdf2455e44813ecfd8920000000000000000000000000000000008f239ba329b3967fe48d718a36cfe5f62a7e42e0bf1c1ed714150a166bfbd6bcf6b3b58b975b9edea56d53f23a0e8490000000000000000000000000000000006e82f6da4520f85c5d27d8f329eccfa05944fd1096b20734c894966d12a9e2a9a9744529d7212d33883113a0cadb9090000000000000000000000000000000017d81038f7d60bee9110d9c0d6d1102fe2d998c957f28e31ec284cc04134df8e47e8f82ff3af2e60a6d9688a4563477c00000000000000000000000000000000024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80000000000000000000000000000000013e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e000000000000000000000000000000000d1b3cc2c7027888be51d9ef691d77bcb679afda66c73f17f9ee3837a55024f78c71363275a75d75d86bab79f74782aa0000000000000000000000000000000013fa4d4a0ad8b1ce186ed5061789213d993923066dddaf1040bc3ff59f825c78df74f2d75467e25e0f55f8a00fa030ed",
|
||||
"Expected": "0000000000000000000000000000000000000000000000000000000000000001",
|
||||
|
|
|
@ -18,8 +18,8 @@ template doTest(fixture: JsonNode, fork: Fork, address: PrecompileAddresses): un
|
|||
let
|
||||
blockNum = 1.u256 # TODO: Check other forks
|
||||
header = BlockHeader(blockNumber: blockNum)
|
||||
expectedStr = test["Expected"].getStr
|
||||
expected = if expectedStr != "error": expectedStr.hexToSeqByte else: @[]
|
||||
expectedErr = test.hasKey("ExpectedError")
|
||||
expected = if test.hasKey("Expected"): hexToSeqByte(test["Expected"].getStr) else: @[]
|
||||
dataStr = test["Input"].getStr
|
||||
data = if dataStr.len > 0: dataStr.hexToSeqByte else: @[]
|
||||
vmState = newBaseVMState(header.stateRoot, header, newBaseChainDB(newMemoryDb()))
|
||||
|
@ -49,7 +49,7 @@ template doTest(fixture: JsonNode, fork: Fork, address: PrecompileAddresses): un
|
|||
let initialGas = comp.gasMeter.gasRemaining
|
||||
discard execPrecompiles(comp, fork)
|
||||
|
||||
if expectedStr == "error":
|
||||
if expectedErr:
|
||||
check comp.isError
|
||||
else:
|
||||
let c = comp.output == expected
|
||||
|
@ -78,6 +78,15 @@ proc testFixture(fixtures: JsonNode, testStatusIMPL: var TestStatus) =
|
|||
of "bn256mul" : data.doTest(fork, paEcMul)
|
||||
of "ecpairing": data.doTest(fork, paPairing)
|
||||
of "blake2f" : data.doTest(fork, paBlake2bf)
|
||||
of "blsg1add" : data.doTest(fork, paBlsG1Add)
|
||||
of "blsg1mul" : data.doTest(fork, paBlsG1Mul)
|
||||
of "blsg1multiexp" : data.doTest(fork, paBlsG1MultiExp)
|
||||
of "blsg2add" : data.doTest(fork, paBlsG2Add)
|
||||
of "blsg2mul" : data.doTest(fork, paBlsG2Mul)
|
||||
of "blsg2multiexp": data.doTest(fork, paBlsG2MultiExp)
|
||||
of "blspairing": data.doTest(fork, paBlsPairing)
|
||||
of "blsmapg1": data.doTest(fork, paBlsMapG1)
|
||||
of "blsmapg2": data.doTest(fork, paBlsMapG2)
|
||||
else:
|
||||
echo "Unknown test vector '" & $label & "'"
|
||||
testStatusIMPL = SKIPPED
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 3878b9bf324fd895f07f2c3a07622fac7c939e21
|
||||
Subproject commit ab07ea092b6db3e242ec9bab0553e34d2fbfe22b
|
Loading…
Reference in New Issue