[Bug] Problems with Window Table

[alexpArtos]

I think there is a bug in the Window Table calculation in the SerialSetup.java.
Around line 90, there is this block of code that initializes the window table.

        config.beginLog("Generating G1 MSM Window Table");
        final G1T generatorG1 = g1Factory.random(config.seed(), config.secureSeed());
        final int scalarCountG1 = nonZeroAt + nonZeroBt + numVariables;
        final int scalarSizeG1 = generatorG1.bitSize();
        final int windowSizeG1 = FixedBaseMSM.getWindowSize(scalarCountG1, generatorG1);
        final List<List<G1T>> windowTableG1 = FixedBaseMSM
                .getWindowTable(generatorG1, scalarSizeG1, windowSizeG1);
        config.endLog("Generating G1 MSM Window Table");

The scalarSizeG1 is set to the size of the generator, and this returns the minimum number of bits that can represent generatorG1. If I pick this to be g1Factory.one() (a valid generator), the scalarSizeG1 would be 2 and the window table would be too small. I did some basic tests for batchMSM with such a table (with scalars between 1 and 10) and it could not accurately compute the multiples of generatorG1, because it did not inspect all the bits of the scalars.

I think this should not really depend on the generator but be an attribute of the type used. Otherwise, even when uniformly sampling the generator, we should get a wrong number of bits with reasonable probability.

I did a quick fix for my particular use case (non-generic) like this. A better fix should be capable of taking the type into account:

scalarSizeG1 = (int) BN254aFields.BN254aFr.FrParameters.numBits();