Skip to content

Commit

Permalink
feat: use emulated decomposition for scalar marshal
Browse files Browse the repository at this point in the history
  • Loading branch information
ivokub committed Nov 7, 2023
1 parent 2cc57c7 commit 6d69ac3
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 14 deletions.
10 changes: 8 additions & 2 deletions std/algebra/defaults.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,16 @@ func GetCurve[FR emulated.FieldParams, G1El G1ElementT](api frontend.API) (Curve
}
*s = c
case *Curve[sw_bls12377.ScalarField, sw_bls12377.G1Affine]:
c := sw_bls12377.NewCurve(api)
c, err := sw_bls12377.NewCurve(api)
if err != nil {
return ret, fmt.Errorf("new curve: %w", err)
}
*s = c
case *Curve[sw_bls24315.ScalarField, sw_bls24315.G1Affine]:
c := sw_bls24315.NewCurve(api)
c, err := sw_bls24315.NewCurve(api)
if err != nil {
return ret, fmt.Errorf("new curve: %w", err)
}
*s = c
default:
return ret, fmt.Errorf("unknown type parametrisation")
Expand Down
10 changes: 8 additions & 2 deletions std/algebra/native/sw_bls12377/g1_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,10 @@ type MarshalScalarTest struct {
}

func (c *MarshalScalarTest) Define(api frontend.API) error {
ec := NewCurve(api)
ec, err := NewCurve(api)
if err != nil {
return err
}
r := ec.MarshalScalar(c.X)
for i := range c.R {
api.AssertIsEqual(r[i], c.R[i])
Expand Down Expand Up @@ -71,7 +74,10 @@ type MarshalG1Test struct {
}

func (c *MarshalG1Test) Define(api frontend.API) error {
ec := NewCurve(api)
ec, err := NewCurve(api)
if err != nil {
return err
}
// the bits are layed out exactly as in gnark-crypto
r := ec.MarshalG1(c.P)
for i := range c.R {
Expand Down
15 changes: 11 additions & 4 deletions std/algebra/native/sw_bls12377/pairing2.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,26 @@ import (
// Curve allows G1 operations in BLS12-377.
type Curve struct {
api frontend.API
fr *emulated.Field[ScalarField]
}

// NewCurve initializes a new [Curve] instance.
func NewCurve(api frontend.API) *Curve {
func NewCurve(api frontend.API) (*Curve, error) {
f, err := emulated.NewField[ScalarField](api)
if err != nil {
return nil, fmt.Errorf("scalar field")
}
return &Curve{
api: api,
}
fr: f,
}, nil
}

// MarshalScalar returns
func (c *Curve) MarshalScalar(s Scalar) []frontend.Variable {
nbBits := 8 * ((ecc.BLS12_377.ScalarField().BitLen() + 7) / 8)
x := bits.ToBinary(c.api, s.Limbs[0], bits.WithNbDigits(nbBits))
nbBits := 8 * ((ScalarField{}.Modulus().BitLen() + 7) / 8)
ss := c.fr.Reduce(&s)
x := c.fr.ToBits(ss)
for i, j := 0, nbBits-1; i < j; {
x[i], x[j] = x[j], x[i]
i++
Expand Down
10 changes: 8 additions & 2 deletions std/algebra/native/sw_bls24315/g1_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,10 @@ type MarshalScalarTest struct {
}

func (c *MarshalScalarTest) Define(api frontend.API) error {
ec := NewCurve(api)
ec, err := NewCurve(api)
if err != nil {
return err
}
r := ec.MarshalScalar(c.X)
for i := range c.R {
api.AssertIsEqual(r[i], c.R[i])
Expand Down Expand Up @@ -71,7 +74,10 @@ type MarshalG1Test struct {
}

func (c *MarshalG1Test) Define(api frontend.API) error {
ec := NewCurve(api)
ec, err := NewCurve(api)
if err != nil {
return err
}
// we want to get the same output as gnark-crypto's marshal.
// It's a point on bls12-377 so the number of bytes is 96, as the
// field of definition of bls12-377 is 48 bytes long.
Expand Down
15 changes: 11 additions & 4 deletions std/algebra/native/sw_bls24315/pairing2.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,26 @@ import (
// Curve allows G1 operations in BLS24-315.
type Curve struct {
api frontend.API
fr *emulated.Field[ScalarField]
}

// NewCurve initializes a new [Curve] instance.
func NewCurve(api frontend.API) *Curve {
func NewCurve(api frontend.API) (*Curve, error) {
f, err := emulated.NewField[ScalarField](api)
if err != nil {
return nil, fmt.Errorf("scalar field")
}
return &Curve{
api: api,
}
fr: f,
}, nil
}

// MarshalScalar returns
func (c *Curve) MarshalScalar(s Scalar) []frontend.Variable {
nbBits := 8 * ((ecc.BLS24_315.ScalarField().BitLen() + 7) / 8)
x := bits.ToBinary(c.api, s.Limbs[0], bits.WithNbDigits(nbBits))
nbBits := 8 * ((ScalarField{}.Modulus().BitLen() + 7) / 8)
ss := c.fr.Reduce(&s)
x := c.fr.ToBits(ss)
for i, j := 0, nbBits-1; i < j; {
x[i], x[j] = x[j], x[i]
i++
Expand Down

0 comments on commit 6d69ac3

Please sign in to comment.