Skip to content

Commit

Permalink
fix(stdlib): correct tecurve contains formula and simplify code
Browse files Browse the repository at this point in the history
  • Loading branch information
@shuklaayush
shuklaayush committed Jun 26, 2023
1 parent 6fa751b commit 97b438f
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 51 deletions.
18 changes: 9 additions & 9 deletions noir_stdlib/src/ec/montcurve.nr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,12 @@ mod affine {

// Check if zero
fn is_zero(self) -> bool {
self.infty == true
self.infty
}

// Conversion to CurveGroup coordinates
fn into_group(self) -> curvegroup::Point {
if self.is_zero() == true {
if self.is_zero() {
curvegroup::Point::zero()
} else {
let (x,y) = (self.x, self.y);
Expand All @@ -70,7 +70,7 @@ mod affine {
fn into_tecurve(self) -> TEPoint {
let Self {x, y, infty} = self;

if (infty == true) | (y*(x+1) == 0) {
if infty | (y*(x+1) == 0) {
TEPoint::zero()
} else {
TEPoint::new(x/y, (x-1)/(x+1))
Expand Down Expand Up @@ -126,7 +126,7 @@ mod affine {
fn msm<N>(self, n: [Field; N], p: [Point; N]) -> Point {
let mut out = Point::zero();

for i in 0..n.len() {
for i in 0..N {
out = self.add(out, self.mul(n[i], p[i]));
}

Expand Down Expand Up @@ -156,7 +156,7 @@ mod affine {

// Point mapping into equivalent Short Weierstraß curve
fn map_into_swcurve(self, p: Point) -> SWPoint {
if p.is_zero() == true {
if p.is_zero() {
SWPoint::zero()
} else {
SWPoint::new((3*p.x + self.j)/(3*self.k),
Expand Down Expand Up @@ -191,9 +191,9 @@ mod affine {
let x2 = 0 - x1 - (j/k);
let gx2 = x2*x2*x2 + (j/k)*x2*x2 + x2/(k*k);

let x = if is_square(gx1) == true { x1 } else { x2 };
let x = if is_square(gx1) { x1 } else { x2 };

let y = if is_square(gx1) == true {
let y = if is_square(gx1) {
let y0 = sqrt(gx1);
if y0.sgn0() == 1 { y0 } else { 0 - y0 }
} else {
Expand Down Expand Up @@ -254,7 +254,7 @@ mod curvegroup {

// Conversion to affine coordinates
fn into_affine(self) -> affine::Point {
if self.is_zero() == true{
if self.is_zero() {
affine::Point::zero()
} else {
let (x,y,z) = (self.x, self.y, self.z);
Expand Down Expand Up @@ -328,7 +328,7 @@ mod curvegroup {
fn msm<N>(self, n: [Field; N], p: [Point; N]) -> Point {
let mut out = Point::zero();

for i in 0..n.len() {
for i in 0..N {
out = self.add(out, self.mul(n[i], p[i]));
}

Expand Down
17 changes: 8 additions & 9 deletions noir_stdlib/src/ec/swcurve.nr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ mod affine {
fn into_group(self) -> curvegroup::Point {
let Self {x, y, infty} = self;

if infty == true {
if infty {
curvegroup::Point::zero()
} else {
curvegroup::Point::new(x, y, 1)
Expand All @@ -73,7 +73,7 @@ mod affine {
// Check curve coefficients
assert(4*a*a*a + 27*b*b != 0);

let curve = Curve { a, b, gen };
let curve = Curve { a, b, gen };

// gen should be on the curve
assert(curve.contains(curve.gen));
Expand Down Expand Up @@ -147,7 +147,7 @@ mod affine {
fn msm<N>(self, n: [Field; N], p: [Point; N]) -> Point {
let mut out = Point::zero();

for i in 0..n.len() {
for i in 0..N {
out = self.add(out, self.mul(n[i], p[i]));
}

Expand All @@ -173,7 +173,7 @@ mod affine {
let gx1 = x1*x1*x1 + a*x1 + b;
let x2 = z*u*u*x1;
let gx2 = x2*x2*x2 + a*x2 + b;
let (x,y) = if is_square(gx1) == true {(x1, sqrt(gx1))} else {(x2, sqrt(gx2))};
let (x,y) = if is_square(gx1) {(x1, sqrt(gx1))} else {(x2, sqrt(gx2))};
Point::new(x, if u.sgn0() != y.sgn0() {0-y} else {y})
}
}
Expand Down Expand Up @@ -250,7 +250,7 @@ mod curvegroup {
// Check curve coefficients
assert(4*a*a*a + 27*b*b != 0);

let curve = Curve { a, b, gen };
let curve = Curve { a, b, gen };

// gen should be on the curve
assert(curve.contains(curve.gen));
Expand Down Expand Up @@ -331,12 +331,11 @@ mod curvegroup {
// If k is the natural number represented by `bits`, then this computes p + ... + p k times.
fn bit_mul<N>(self, bits: [u1; N], p: Point) -> Point {
let mut out = Point::zero();
let n = bits.len();

for i in 0..n {
for i in 0..N {
out = self.add(
self.add(out, out),
if(bits[n - i - 1] == 0) {Point::zero()} else {p});
if(bits[N - i - 1] == 0) {Point::zero()} else {p});
}

out
Expand All @@ -360,7 +359,7 @@ mod curvegroup {
fn msm<N>(self, n: [Field; N], p: [Point; N]) -> Point {
let mut out = Point::zero();

for i in 0..n.len() {
for i in 0..N {
out = self.add(out, self.mul(n[i], p[i]));
}

Expand Down
47 changes: 14 additions & 33 deletions noir_stdlib/src/ec/tecurve.nr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ mod affine {

// Map into prime-order subgroup of equivalent Montgomery curve
fn into_montcurve(self) -> MPoint {
if self.is_zero() == true {
if self.is_zero() {
MPoint::zero()
} else {
let Self {x, y} = self;
Expand All @@ -83,7 +83,7 @@ mod affine {
// Check curve coefficients
assert(a*d*(a-d) != 0);

let curve = Curve {a, d, gen};
let curve = Curve {a, d, gen};

// gen should be on the curve
assert(curve.contains(curve.gen));
Expand Down Expand Up @@ -145,7 +145,7 @@ mod affine {
fn msm<N>(self, n: [Field; N], p: [Point; N]) -> Point {
let mut out = Point::zero();

for i in 0..n.len() {
for i in 0..N {
out = self.add(out, self.mul(n[i], p[i]));
}

Expand Down Expand Up @@ -227,34 +227,16 @@ mod curvegroup {

// Check for equality
fn eq(self, p: Point) -> bool {
if self.is_zero() == true {
p.is_zero()
} else if p.is_zero() == true {
false
} else {
let Self {x: x1, y: y1, t: _t1, z: z1} = self;
let Self {x: x2, y: y2, t: _t2, z:z2} = p;

if x1*z2 == x2*z1 {
y1*z2 == y2*z1
} else {
false
}
}
let Self {x: x1, y: y1, t: _t1, z: z1} = self;
let Self {x: x2, y: y2, t: _t2, z:z2} = p;

(x1*z2 == x2*z1) & (y1*z2 == y2*z1)
}

// Check if zero
fn is_zero(self) -> bool {
let Self {x, y, t, z} = self;
if y == z {
if x == t {
x == 0
} else {
false
}
} else {
false
}
let Self {x, y, t: _t, z} = self;
(x == 0) & (y == z)
}

// Conversion to affine coordinates
Expand Down Expand Up @@ -288,7 +270,7 @@ mod curvegroup {
// Check curve coefficients
assert(a*d*(a-d) != 0);

let curve = Curve { a, d, gen };
let curve = Curve { a, d, gen };

// gen should be on the curve
assert(curve.contains(curve.gen));
Expand All @@ -307,7 +289,7 @@ mod curvegroup {
fn contains(self, p: Point) -> bool {
let Point {x, y, t, z} = p;

(z != 0) & (z*t == x*y) & (z*z*(self.a*x*x + y*y) == z*z + self.d*x*x*y*y)
(z != 0) & (z*t == x*y) & (z*z*(self.a*x*x + y*y) == z*z*z*z + self.d*x*x*y*y)
}

// Point addition
Expand Down Expand Up @@ -357,12 +339,11 @@ mod curvegroup {
// If k is the natural number represented by `bits`, then this computes p + ... + p k times.
fn bit_mul<N>(self, bits: [u1; N], p: Point) -> Point {
let mut out = Point::zero();
let n = bits.len();

for i in 0..n {
for i in 0..N {
out = self.add(
self.add(out, out),
if(bits[n - i - 1] == 0) {Point::zero()} else {p});
if(bits[N - i - 1] == 0) {Point::zero()} else {p});
}

out
Expand All @@ -386,7 +367,7 @@ mod curvegroup {
fn msm<N>(self, n: [Field; N], p: [Point; N]) -> Point {
let mut out = Point::zero();

for i in 0..n.len() {
for i in 0..N {
out = self.add(out, self.mul(n[i], p[i]));
}

Expand Down

0 comments on commit 97b438f

Please sign in to comment.