-
Notifications
You must be signed in to change notification settings - Fork 1
/
exponentiate.go
61 lines (49 loc) · 1.63 KB
/
exponentiate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
// Copyright 2020 ConsenSys AG
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package main
import (
"github.com/consensys/gnark-crypto/ecc"
"github.com/consensys/gnark/frontend"
"github.com/consensys/gnark/std/math/bits"
)
// Circuit y == x**e
// only the bitSize least significant bits of e are used
type ExponentiateCircuit struct {
// tagging a variable is optional
// default uses variable name and secret visibility.
X frontend.Variable `gnark:",public"`
Y frontend.Variable `gnark:",public"`
E frontend.Variable
}
// Define declares the circuit's constraints
// y == x**e
func (circuit *ExponentiateCircuit) Define(api frontend.API) error {
// number of bits of exponent
const bitSize = 8
// specify constraints
output := frontend.Variable(1)
bits := bits.ToBinary(api, circuit.E, bits.WithNbDigits(bitSize))
for i := 0; i < len(bits); i++ {
if i != 0 {
output = api.Mul(output, output)
}
multiply := api.Mul(output, circuit.X)
output = api.Select(bits[len(bits)-1-i], multiply, output)
}
api.AssertIsEqual(circuit.Y, output)
return nil
}
func init() {
AddEntry("exponentiate", &ExponentiateCircuit{}, ecc.BN254)
}