-
Notifications
You must be signed in to change notification settings - Fork 347
/
exponentiate.go
56 lines (45 loc) · 1.5 KB
/
exponentiate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
// Copyright 2020 ConsenSys AG
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package exponentiate
import (
"github.com/consensys/gnark/frontend"
"github.com/consensys/gnark/std/math/bits"
)
// Circuit y == x**e
// only the bitSize least significant bits of e are used
type Circuit struct {
// tagging a variable is optional
// default uses variable name and secret visibility.
X frontend.Variable `gnark:",public"`
Y frontend.Variable `gnark:",public"`
E frontend.Variable
}
// Define declares the circuit's constraints
// y == x**e
func (circuit *Circuit) Define(api frontend.API) error {
// number of bits of exponent
const bitSize = 8
// specify constraints
output := frontend.Variable(1)
bits := bits.ToBinary(api, circuit.E, bits.WithNbDigits(bitSize))
for i := 0; i < len(bits); i++ {
if i != 0 {
output = api.Mul(output, output)
}
multiply := api.Mul(output, circuit.X)
output = api.Select(bits[len(bits)-1-i], multiply, output)
}
api.AssertIsEqual(circuit.Y, output)
return nil
}