Skip to content

Test: emulated/fields_bn254 #532

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
yelhousni wants to merge 21 commits into from
Closed

Test: emulated/fields_bn254 #532

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
40e45b0
feat: add BN254 pairing using field emulation
ivokub Nov 29, 2022
026133b
refactor: make methods private
ivokub Feb 17, 2023
41d98e2
feat: add equality assertion for GT elements
ivokub Feb 17, 2023
c2f401d
docs: add package documentation and example
ivokub Feb 17, 2023
8219e39
Merge branch 'develop' into feat/nonnative-pairing
ivokub Mar 1, 2023
0984911
refactor: algebra into native (2-chain) and emulated
yelhousni Mar 6, 2023
61b2833
Merge branch 'develop' into refactor/std/algebra
yelhousni Mar 6, 2023
1d76c58
fix: remove pairing_bn254
yelhousni Mar 6, 2023
130ed80
fix: use sw_emulated instead of weierstrass
yelhousni Mar 6, 2023
e88b1df
fix: update path to algebra/native
yelhousni Mar 6, 2023
440afdb
fix: update path to algebra/native
yelhousni Mar 6, 2023
00d4c1a
fix: update path to algebra/native/twistededwards
yelhousni Mar 6, 2023
904cbc0
docs: add documentation to std/algebra packages
yelhousni Mar 7, 2023
f2b7910
style(std/fields_*): separate Fpk ops specific to choice of pairing
yelhousni Mar 7, 2023
d400c0b
test: add emulated Fp2 tests
yelhousni Mar 7, 2023
26b9968
test: add emulated Fp6 tests
yelhousni Mar 7, 2023
93d9103
test: add emulated Fp12 tests
yelhousni Mar 7, 2023
7dc3607
test(fields_bn254): add remaing tests
yelhousni Mar 7, 2023
9ca5337
Merge branch 'develop' into test/emulated/fields_bn254
yelhousni Mar 8, 2023
a57f017
style: apply suggested edits
yelhousni Mar 8, 2023
c08f206
build: remove local go.mod
yelhousni Mar 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions std/algebra/emulated/fields_bn254/e12.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
package fields_bn254

import "github.com/consensys/gnark-crypto/ecc/bn254"

type E12 struct {
C0, C1 E6
}
Expand All @@ -11,6 +13,25 @@ type Ext12 struct {
func NewExt12(baseField *curveF) *Ext12 {
return &Ext12{Ext6: NewExt6(baseField)}
}

func (e Ext12) Add(x, y *E12) *E12 {
z0 := e.Ext6.Add(&x.C0, &y.C0) // z.C0.Add(&x.A0, &y.A0)
z1 := e.Ext6.Add(&x.C1, &y.C1) // z.C1.Add(&x.A1, &y.A1)
return &E12{
C0: *z0,
C1: *z1,
}
}

func (e Ext12) Sub(x, y *E12) *E12 {
z0 := e.Ext6.Sub(&x.C0, &y.C0) // z.C0.Sub(&x.A0, &y.A0)
z1 := e.Ext6.Sub(&x.C1, &y.C1) // z.C1.Sub(&x.A1, &y.A1)
return &E12{
C0: *z0,
C1: *z1,
}
}

func (e Ext12) Conjugate(x *E12) *E12 {
z1 := e.Ext6.Neg(&x.C1) // z.C1.Neg(&z.C1)
return &E12{ // return z
Expand Down Expand Up @@ -224,3 +245,11 @@ func (e Ext12) AssertIsEqual(x, y *E12) {
e.Ext6.AssertIsEqual(&x.C0, &y.C0)
e.Ext6.AssertIsEqual(&x.C1, &y.C1)
}

func FromE12(y *bn254.E12) E12 {
return E12{
C0: FromE6(&y.C0),
C1: FromE6(&y.C1),
}

}
6 changes: 3 additions & 3 deletions std/algebra/emulated/fields_bn254/e12_pairing.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,11 +43,11 @@ func (e Ext12) MulBy034(z *E12, c0, c3, c4 *E2) *E12 {
c0 = e.Ext2.Add(c0, c3) // c0.Add(c0, c3)
d := e.Ext6.Add(&z.C0, &z.C1) // d.Add(&z.C0, &z.C1)
d = e.Ext6.MulBy01(d, c0, c4) // d.MulBy01(c0, c4)
z1 := e.Add(a, b) // z.C1.Add(&a, &b).
z1 := e.Ext6.Add(a, b) // z.C1.Add(&a, &b).
z1 = e.Neg(z1) // Neg(&z.C1).
z1 = e.Add(z1, d) // Add(&z.C1, &d)
z1 = e.Ext6.Add(z1, d) // Add(&z.C1, &d)
z0 := e.MulByNonResidue(b) // z.C0.MulByNonResidue(&b).
z0 = e.Add(z0, a) // Add(&z.C0, &a)
z0 = e.Ext6.Add(z0, a) // Add(&z.C0, &a)
return &E12{ // return z
C0: *z0,
C1: *z1,
Expand Down
326 changes: 326 additions & 0 deletions std/algebra/emulated/fields_bn254/e12_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,326 @@
package fields_bn254

import (
"testing"

"github.com/consensys/gnark-crypto/ecc"
"github.com/consensys/gnark-crypto/ecc/bn254"
"github.com/consensys/gnark/frontend"
"github.com/consensys/gnark/std/math/emulated"
"github.com/consensys/gnark/test"
)

type e12Add struct {
A, B, C E12
}

func (circuit *e12Add) Define(api frontend.API) error {
ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
expected := e.Add(&circuit.A, &circuit.B)
e.AssertIsEqual(expected, &circuit.C)
return nil
}

func TestAddFp12(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, b, c bn254.E12
_, _ = a.SetRandom()
_, _ = b.SetRandom()
c.Add(&a, &b)

witness := e12Add{
A: FromE12(&a),
B: FromE12(&b),
C: FromE12(&c),
}

err := test.IsSolved(&e12Add{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)

}

type e12Sub struct {
A, B, C E12
}

func (circuit *e12Sub) Define(api frontend.API) error {
ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
expected := e.Sub(&circuit.A, &circuit.B)
e.AssertIsEqual(expected, &circuit.C)
return nil
}

func TestSubFp12(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, b, c bn254.E12
_, _ = a.SetRandom()
_, _ = b.SetRandom()
c.Sub(&a, &b)

witness := e12Sub{
A: FromE12(&a),
B: FromE12(&b),
C: FromE12(&c),
}

err := test.IsSolved(&e12Sub{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)

}

type e12Mul struct {
A, B, C E12
}

func (circuit *e12Mul) Define(api frontend.API) error {
ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)

expected := e.Mul(&circuit.A, &circuit.B)
e.AssertIsEqual(expected, &circuit.C)
return nil
}

func TestMulFp12(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, b, c bn254.E12
_, _ = a.SetRandom()
_, _ = b.SetRandom()
c.Mul(&a, &b)

witness := e12Mul{
A: FromE12(&a),
B: FromE12(&b),
C: FromE12(&c),
}

err := test.IsSolved(&e12Mul{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)

}

type e12MulBy034by034 struct {
C0, C3, C4 E2
D0, D3, D4 E2
C E12 `gnark:",public"`
}

func (circuit *e12MulBy034by034) Define(api frontend.API) error {
ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
expected := e.MulBy034by034(&circuit.C0, &circuit.C3, &circuit.C4, &circuit.D0, &circuit.D3, &circuit.D4)
e.AssertIsEqual(expected, &circuit.C)

return nil
}

func TestMulFp12By034by034(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var c bn254.E12
var c0, c3, c4, d0, d3, d4 bn254.E2
_, _ = c0.SetRandom()
_, _ = c3.SetRandom()
_, _ = c4.SetRandom()
_, _ = d0.SetRandom()
_, _ = d3.SetRandom()
_, _ = d4.SetRandom()
c.Mul034by034(&c0, &c3, &c4, &d0, &d3, &d4)

witness := e12MulBy034by034{
C0: FromE2(&c0),
C3: FromE2(&c3),
C4: FromE2(&c4),
D0: FromE2(&d0),
D3: FromE2(&d3),
D4: FromE2(&d4),
C: FromE12(&c),
}

err := test.IsSolved(&e12MulBy034by034{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)

}

type e12Square struct {
A, C E12
}

func (circuit *e12Square) Define(api frontend.API) error {
ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)

expected := e.Square(&circuit.A)
e.AssertIsEqual(expected, &circuit.C)
return nil
}

func TestSquareFp12(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, c bn254.E12
_, _ = a.SetRandom()
c.Square(&a)

witness := e12Square{
A: FromE12(&a),
C: FromE12(&c),
}

err := test.IsSolved(&e12Square{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)

}

type e12CycloSquare struct {
A E12
C E12 `gnark:",public"`
}

func (circuit *e12CycloSquare) Define(api frontend.API) error {

ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
u := e.Square(&circuit.A)
v := e.CyclotomicSquare(&circuit.A)
e.AssertIsEqual(u, v)
e.AssertIsEqual(u, &circuit.C)
return nil
}

func TestFp12CyclotomicSquare(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, c bn254.E12
_, _ = a.SetRandom()

// put a in the cyclotomic subgroup
var tmp bn254.E12
tmp.Conjugate(&a)
a.Inverse(&a)
tmp.Mul(&tmp, &a)
a.FrobeniusSquare(&tmp).Mul(&a, &tmp)
c.CyclotomicSquare(&a)

witness := e12CycloSquare{
A: FromE12(&a),
C: FromE12(&c),
}

err := test.IsSolved(&e12CycloSquare{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)
}

type e12Conjugate struct {
A E12
C E12 `gnark:",public"`
}

func (circuit *e12Conjugate) Define(api frontend.API) error {
ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
expected := e.Conjugate(&circuit.A)
e.AssertIsEqual(expected, &circuit.C)

return nil
}

func TestConjugateFp12(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, c bn254.E12
_, _ = a.SetRandom()
c.Conjugate(&a)

witness := e12Conjugate{
A: FromE12(&a),
C: FromE12(&c),
}

err := test.IsSolved(&e12Conjugate{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)
}

type e12Inverse struct {
A E12
C E12 `gnark:",public"`
}

func (circuit *e12Inverse) Define(api frontend.API) error {

ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
expected := e.Inverse(&circuit.A)
e.AssertIsEqual(expected, &circuit.C)

return nil
}

func TestInverseFp12(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, c bn254.E12
_, _ = a.SetRandom()
c.Inverse(&a)

witness := e12Inverse{
A: FromE12(&a),
C: FromE12(&c),
}

err := test.IsSolved(&e12Inverse{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)
}

type e12Expt struct {
A E12
C E12 `gnark:",public"`
}

func (circuit *e12Expt) Define(api frontend.API) error {

ba, _ := emulated.NewField[emulated.BN254Fp](api)
e := NewExt12(ba)
expected := e.Expt(&circuit.A)
e.AssertIsEqual(expected, &circuit.C)

return nil
}

func TestFp12Expt(t *testing.T) {

assert := test.NewAssert(t)
// witness values
var a, c bn254.E12
_, _ = a.SetRandom()

// put a in the cyclotomic subgroup
var tmp bn254.E12
tmp.Conjugate(&a)
a.Inverse(&a)
tmp.Mul(&tmp, &a)
a.FrobeniusSquare(&tmp).Mul(&a, &tmp)

c.Expt(&a)

witness := e12Expt{
A: FromE12(&a),
C: FromE12(&c),
}

err := test.IsSolved(&e12Expt{}, &witness, ecc.BN254.ScalarField())
assert.NoError(err)
}
Loading