Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

175 complete ecdsa bbf #304

Merged
merged 1 commit into from
Feb 17, 2025
Merged

175 complete ecdsa bbf #304

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
121 changes: 53 additions & 68 deletions ...s/blueprint/include/nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_double.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
//---------------------------------------------------------------------------//
// Copyright (c) 2024 Alexey Yashunsky <[email protected]>
// Copyright (c) 2024 Antoine Cyr <[email protected]>
// Copyright (c) 2025 Antoine Cyr <[email protected]>
//
// MIT License
//
Expand Down Expand Up @@ -28,23 +28,13 @@
#ifndef CRYPTO3_BBF_COMPONENTS_EC_DOUBLE_ECDSA_HPP
#define CRYPTO3_BBF_COMPONENTS_EC_DOUBLE_ECDSA_HPP

#include <functional>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/blueprint/blueprint/plonk/assignment.hpp>
#include <nil/blueprint/blueprint/plonk/circuit.hpp>
#include <nil/blueprint/component.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>
#include <nil/crypto3/zk/snark/arithmetization/plonk/constraint_system.hpp>

#include <nil/blueprint/bbf/components/algebra/fields/non_native/addition_mod_p.hpp>
#include <nil/blueprint/bbf/components/algebra/fields/non_native/add_sub_mod_p.hpp>
#include <nil/blueprint/bbf/components/algebra/fields/non_native/check_mod_p.hpp>
#include <nil/blueprint/bbf/components/algebra/fields/non_native/flexible_multiplication.hpp>
#include <nil/blueprint/bbf/components/algebra/fields/non_native/negation_mod_p.hpp>
#include <nil/blueprint/bbf/components/detail/choice_function.hpp>
#include <nil/blueprint/bbf/components/detail/range_check_multi.hpp>
#include <stdexcept>
#include <variant>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
namespace blueprint {
Expand All @@ -56,8 +46,7 @@ namespace nil {
// Expects input as k-chunked values with b bits per chunk
// p' = 2^(kb) - p
// Input: xQ[0],...,xQ[k-1], yQ[0],...,yQ[k-1], p[0],...,p[k-1],
// pp[0],...,pp[k-1], 0[0], ..., 0[k-1]
// (expects zero vector constant as input)
// pp[0],...,pp[k-1], 0 (expects zero constant as input)
// Output: xR[0],...,xR[k-1], yR[0],...,yR[k-1]

template<typename FieldType>
Expand All @@ -67,7 +56,7 @@ namespace nil {
std::vector<TYPE> yQ;
std::vector<TYPE> p;
std::vector<TYPE> pp;
std::vector<TYPE> zero;
TYPE zero;
};

template<typename FieldType, GenerationStage stage,
Expand All @@ -76,8 +65,6 @@ namespace nil {
using generic_component<FieldType, stage>::allocate;
using generic_component<FieldType, stage>::copy_constrain;
using generic_component<FieldType, stage>::constrain;
using generic_component<FieldType, stage>::lookup;
using component_type = generic_component<FieldType, stage>;

public:
using typename generic_component<FieldType, stage>::TYPE;
Expand All @@ -104,23 +91,23 @@ namespace nil {
}

static std::tuple<std::vector<TYPE>, std::vector<TYPE>,
std::vector<TYPE>, std::vector<TYPE>, std::vector<TYPE>>
std::vector<TYPE>, std::vector<TYPE>, TYPE>
form_input(context_type& context_object, raw_input_type raw_input,
std::size_t num_chunks, std::size_t bit_size_chunk) {
std::vector<TYPE> input_xQ(num_chunks);
std::vector<TYPE> input_yQ(num_chunks);
std::vector<TYPE> input_p(num_chunks);
std::vector<TYPE> input_pp(num_chunks);
std::vector<TYPE> input_zero(num_chunks);
TYPE input_zero;

if constexpr (stage == GenerationStage::ASSIGNMENT) {
for (std::size_t i = 0; i < num_chunks; i++) {
input_xQ[i] = raw_input.xQ[i];
input_yQ[i] = raw_input.yQ[i];
input_p[i] = raw_input.p[i];
input_pp[i] = raw_input.pp[i];
input_zero[i] = raw_input.zero[i];
}
input_zero = raw_input.zero;
}
for (std::size_t i = 0; i < num_chunks; i++) {
context_object.allocate(input_xQ[i], 0, i,
Expand All @@ -131,16 +118,16 @@ namespace nil {
column_type::public_input);
context_object.allocate(input_pp[i], 0, i + 3 * num_chunks,
column_type::public_input);
context_object.allocate(input_zero[i], 0, i + 4 * num_chunks,
column_type::public_input);
}
context_object.allocate(input_zero, 0, 4 * num_chunks,
column_type::public_input);
return std::make_tuple(input_xQ, input_yQ, input_p, input_pp,
input_zero);
}

ec_double(context_type& context_object, std::vector<TYPE> input_xQ,
std::vector<TYPE> input_yQ, std::vector<TYPE> input_p,
std::vector<TYPE> input_pp, std::vector<TYPE> input_zero,
std::vector<TYPE> input_pp, TYPE input_zero,
std::size_t num_chunks, std::size_t bit_size_chunk,
bool make_links = true)
: generic_component<FieldType, stage>(context_object) {
Expand All @@ -149,18 +136,15 @@ namespace nil {
using non_native_integral_type =
typename NonNativeFieldType::integral_type;

using Choice_Function =
typename bbf::components::choice_function<FieldType, stage>;
using Range_Check =
typename bbf::components::range_check_multi<FieldType, stage>;
using Check_Mod_P =
typename bbf::components::check_mod_p<FieldType, stage>;
using Addition_Mod_P =
typename bbf::components::addition_mod_p<FieldType, stage,
NonNativeFieldType>;
using Negation_Mod_P =
typename bbf::components::negation_mod_p<FieldType, stage,
NonNativeFieldType>;
using Addition_Mod_P = typename bbf::components::add_sub_mod_p<
FieldType, stage, NonNativeFieldType, true>;
using Substraction_Mod_P =
typename bbf::components::add_sub_mod_p<
FieldType, stage, NonNativeFieldType, false>;
using Multiplication_Mod_P =
typename bbf::components::flexible_multiplication<
FieldType, stage, NonNativeFieldType>;
Expand Down Expand Up @@ -224,8 +208,9 @@ namespace nil {
input_pp, input_zero](std::vector<TYPE> x) {
Range_Check rc = Range_Check(context_object, x, num_chunks,
bit_size_chunk);
Check_Mod_P cm = Check_Mod_P(context_object, x, input_pp, input_zero[0],
num_chunks, bit_size_chunk);
Check_Mod_P cm =
Check_Mod_P(context_object, x, input_pp, input_zero,
num_chunks, bit_size_chunk);
};

// Copy constraint generation lambda expression
Expand All @@ -242,46 +227,46 @@ namespace nil {
check_chunked(XR);
check_chunked(YR);

auto MultModP = [&context_object, input_p, input_pp, input_zero, num_chunks,
bit_size_chunk](std::vector<TYPE> x,
std::vector<TYPE> y) {
Multiplication_Mod_P t =
Multiplication_Mod_P(context_object, x, y, input_p, input_pp, input_zero[0],
num_chunks, bit_size_chunk);
auto MultModP = [&context_object, input_p, input_pp, input_zero,
num_chunks, bit_size_chunk](
std::vector<TYPE> x, std::vector<TYPE> y) {
Multiplication_Mod_P t = Multiplication_Mod_P(
context_object, x, y, input_p, input_pp, input_zero,
num_chunks, bit_size_chunk);
return t.r;
};
auto AddModP = [&context_object, input_p, input_pp, input_zero, num_chunks,
bit_size_chunk](std::vector<TYPE> x,
std::vector<TYPE> y) {
auto AddModP = [&context_object, input_p, input_pp, input_zero,
num_chunks, bit_size_chunk](std::vector<TYPE> x,
std::vector<TYPE> y) {
Addition_Mod_P t =
Addition_Mod_P(context_object, x, y, input_p, input_pp, input_zero,
num_chunks, bit_size_chunk);
Addition_Mod_P(context_object, x, y, input_p, input_pp,
input_zero, num_chunks, bit_size_chunk);
return t.r;
};
auto NegModP = [&context_object, input_p, input_pp, input_zero, num_chunks,
bit_size_chunk](std::vector<TYPE> x) {
Negation_Mod_P t =
Negation_Mod_P(context_object, x, input_p, input_pp, input_zero, num_chunks,
bit_size_chunk);
auto SubModP = [&context_object, input_p, input_pp, input_zero,
num_chunks, bit_size_chunk](std::vector<TYPE> x,
std::vector<TYPE> y) {
Substraction_Mod_P t = Substraction_Mod_P(
context_object, x, y, input_p, input_pp, input_zero,
num_chunks, bit_size_chunk);
return t.r;
};

auto t1 = MultModP(input_yQ,LAMBDA); // t1 = yQ * lambda
auto t2 = AddModP(t1,t1); // t2 = t1 + t1 = 2yQ * lambda
auto t3 = AddModP(input_xQ,input_xQ); // t3 = xQ + xQ = 2xQ
auto t4 = AddModP(input_xQ,t3); // t4 = xQ + t3 = 3xQ
auto t5 = MultModP(t4,input_xQ); // t5 = t4 * xQ = 3xQ^2
CopyConstrain(t2, t5); // 2yQ lambda = 3xQ^2
auto t6 = AddModP(XR,t3); // t6 = xR + t3 = xR + 2xQ
auto t7 = MultModP(LAMBDA,LAMBDA); // t7 = lambda * lambda
CopyConstrain(t6, t7); // xR + 2xQ = lambda^2
auto t8 = AddModP(YR,input_yQ); // t8 = yR + yQ
auto t9 = NegModP(XR); // t9 = -xR
auto t10 = AddModP(input_xQ,t9); // t10 = xQ + t9 = xQ - xR
auto t11 = MultModP(LAMBDA,t10); // t11 = lambda * t10 =lambda(xQ-xR)
CopyConstrain(t8, t11); // yR + yQ = lambda(xQ - xR)
auto t12 = MultModP(Z,t1); // t12 = z * t1 = z * yQ * lambda
CopyConstrain(LAMBDA, t12); // lambda = z yQ lambda
auto t1 = MultModP(input_yQ, LAMBDA); // t1 = yQ * lambda
auto t2 = AddModP(t1, t1); // t2 = t1 + t1 = 2yQ * lambda
auto t3 = AddModP(input_xQ, input_xQ); // t3 = xQ + xQ = 2xQ
auto t4 = AddModP(input_xQ, t3); // t4 = xQ + t3 = 3xQ
auto t5 = MultModP(t4, input_xQ); // t5 = t4 * xQ = 3xQ^2
CopyConstrain(t2, t5); // 2yQ lambda = 3xQ^2
auto t6 = AddModP(XR, t3); // t6 = xR + t3 = xR + 2xQ
auto t7 = MultModP(LAMBDA, LAMBDA); // t7 = lambda * lambda
CopyConstrain(t6, t7); // xR + 2xQ = lambda^2
auto t8 = AddModP(YR, input_yQ); // t8 = yR + yQ
auto t9 = SubModP(input_xQ, XR); // t9 = xQ - xR
auto t10 = MultModP(LAMBDA, t9); // t10 = lambda * t9 =lambda(xQ-xR)
CopyConstrain(t8, t10); // yR + yQ = lambda(xQ - xR)
auto t11 = MultModP(Z, t1); // t11 = z * t1 = z * yQ * lambda
CopyConstrain(LAMBDA, t11); // lambda = z yQ lambda

for (int i = 0; i < num_chunks; ++i) {
xR.push_back(XR[i]);
Expand Down
Loading