Upgrade to work with latest ark-ff (#95)

Co-authored-by: Sun <huachuang20@gmail.com>
2026-01-08 23:11:29 +01:00 · 2022-03-07 13:12:03 -08:00
parent d0dc200f22
commit 1551d6d76c
231 changed files with 2830 additions and 4343 deletions
--- a/ed_on_bls12_377/scripts/base_field.sage
+++ b/ed_on_bls12_377/scripts/base_field.sage
@@ -0,0 +1,28 @@
+modulus = 8444461749428370424248824938781546531375899335154063827935233455917409239041
+
+assert(modulus.is_prime())
+
+Fp = GF(modulus)
+
+generator = Fp(0);
+for i in range(0, 30):
+    i = Fp(i);
+    neg_i = Fp(-i)
+    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
+        continue
+    elif i.is_primitive_root():
+        assert(i.is_primitive_root());
+        print("Generator: %d" % i)
+        generator = i
+        break
+    else:
+        assert(neg_i.is_primitive_root());
+        print("Generator: %d" % neg_i)
+        generator = neg_i
+        break
+
+
+two_adicity = valuation(modulus - 1, 2);
+trace = (modulus - 1) / 2**two_adicity;
+two_adic_root_of_unity = generator^trace
+print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_377/scripts/scalar_field.sage
+++ b/ed_on_bls12_377/scripts/scalar_field.sage
@@ -0,0 +1,28 @@
+modulus = 2111115437357092606062206234695386632838870926408408195193685246394721360383
+
+assert(modulus.is_prime())
+
+Fp = GF(modulus)
+
+generator = Fp(0);
+for i in range(0, 30):
+    i = Fp(i);
+    neg_i = Fp(-i)
+    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
+        continue
+    elif i.is_primitive_root():
+        assert(i.is_primitive_root());
+        print("Generator: %d" % i)
+        generator = i
+        break
+    else:
+        assert(neg_i.is_primitive_root());
+        print("Generator: %d" % neg_i)
+        generator = neg_i
+        break
+
+
+two_adicity = valuation(modulus - 1, 2);
+trace = (modulus - 1) / 2**two_adicity;
+two_adic_root_of_unity = generator^trace
+print("2-adic Root of Unity: %d " % two_adic_root_of_unity)
--- a/ed_on_bls12_377/src/constraints/curves.rs
+++ b/ed_on_bls12_377/src/constraints/curves.rs
@@ -1,7 +1,6 @@
-use crate::*;
 use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar;

-use crate::constraints::FqVar;
+use crate::{constraints::FqVar, *};

 /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`.
 pub type EdwardsVar = AffineVar<EdwardsParameters, FqVar>;
--- a/ed_on_bls12_377/src/constraints/fields.rs
+++ b/ed_on_bls12_377/src/constraints/fields.rs
@@ -1,6 +1,7 @@
-use crate::fq::Fq;
 use ark_r1cs_std::fields::fp::FpVar;

+use crate::fq::Fq;
+
 /// A variable that is the R1CS equivalent of `crate::Fq`.
 pub type FqVar = FpVar<Fq>;

--- a/ed_on_bls12_377/src/curves/mod.rs
+++ b/ed_on_bls12_377/src/curves/mod.rs
@@ -1,9 +1,10 @@
-use crate::{fq::Fq, fr::Fr};
 use ark_ec::{
    models::{ModelParameters, MontgomeryModelParameters, TEModelParameters},
    twisted_edwards_extended::{GroupAffine, GroupProjective},
 };
-use ark_ff::field_new;
+use ark_ff::MontFp;
+
+use crate::{fq::Fq, fr::Fr};

 #[cfg(test)]
 mod tests;
@@ -23,18 +24,18 @@ impl ModelParameters for EdwardsParameters {

    /// COFACTOR_INV =
    /// 527778859339273151515551558673846658209717731602102048798421311598680340096
-    #[rustfmt::skip]
-    const COFACTOR_INV: Fr = field_new!(Fr, "527778859339273151515551558673846658209717731602102048798421311598680340096");
+    const COFACTOR_INV: Fr = MontFp!(
+        Fr,
+        "527778859339273151515551558673846658209717731602102048798421311598680340096"
+    );
 }

 impl TEModelParameters for EdwardsParameters {
    /// COEFF_A = -1
-    #[rustfmt::skip]
-    const COEFF_A: Fq = field_new!(Fq, "-1");
+    const COEFF_A: Fq = MontFp!(Fq, "-1");

    /// COEFF_D = 3021
-    #[rustfmt::skip]
-    const COEFF_D: Fq = field_new!(Fq, "3021");
+    const COEFF_D: Fq = MontFp!(Fq, "3021");

    /// Generated randomly
    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) = (GENERATOR_X, GENERATOR_Y);
@@ -52,22 +53,31 @@ impl TEModelParameters for EdwardsParameters {
 impl MontgomeryModelParameters for EdwardsParameters {
    /// COEFF_A = 0x8D26E3FADA9010A26949031ECE3971B93952AD84D4753DDEDB748DA37E8F552
    ///         = 3990301581132929505568273333084066329187552697088022219156688740916631500114
-    #[rustfmt::skip]
-    const COEFF_A: Fq = field_new!(Fq, "3990301581132929505568273333084066329187552697088022219156688740916631500114");
+    const COEFF_A: Fq = MontFp!(
+        Fq,
+        "3990301581132929505568273333084066329187552697088022219156688740916631500114"
+    );
+
    /// COEFF_B = 0x9D8F71EEC83A44C3A1FBCEC6F5418E5C6154C2682B8AC231C5A3725C8170AAD
    ///         = 4454160168295440918680551605697480202188346638066041608778544715000777738925
-    #[rustfmt::skip]
-    const COEFF_B: Fq = field_new!(Fq, "4454160168295440918680551605697480202188346638066041608778544715000777738925");
+    const COEFF_B: Fq = MontFp!(
+        Fq,
+        "4454160168295440918680551605697480202188346638066041608778544715000777738925"
+    );

    type TEModelParameters = EdwardsParameters;
 }

 /// GENERATOR_X =
 /// 4497879464030519973909970603271755437257548612157028181994697785683032656389,
-#[rustfmt::skip]
-const GENERATOR_X: Fq = field_new!(Fq, "4497879464030519973909970603271755437257548612157028181994697785683032656389");
+const GENERATOR_X: Fq = MontFp!(
+    Fq,
+    "4497879464030519973909970603271755437257548612157028181994697785683032656389"
+);

 /// GENERATOR_Y =
 /// 4357141146396347889246900916607623952598927460421559113092863576544024487809
-#[rustfmt::skip]
-const GENERATOR_Y: Fq = field_new!(Fq, "4357141146396347889246900916607623952598927460421559113092863576544024487809");
+const GENERATOR_Y: Fq = MontFp!(
+    Fq,
+    "4357141146396347889246900916607623952598927460421559113092863576544024487809"
+);
--- a/ed_on_bls12_377/src/curves/tests.rs
+++ b/ed_on_bls12_377/src/curves/tests.rs
@@ -1,11 +1,9 @@
+use ark_algebra_test_templates::{curves::*, groups::*};
 use ark_ec::{AffineCurve, ProjectiveCurve};
-use ark_std::rand::Rng;
-use ark_std::test_rng;
+use ark_std::{rand::Rng, test_rng};

 use crate::*;

-use ark_algebra_test_templates::{curves::*, groups::*};
-
 #[test]
 fn test_projective_curve() {
    curve_tests::<EdwardsProjective>();
--- a/ed_on_bls12_377/src/fields/fq.rs
+++ b/ed_on_bls12_377/src/fields/fq.rs
@@ -1 +1 @@
-pub use ark_bls12_377::{Fr as Fq, FrParameters as FqParameters};
+pub use ark_bls12_377::{Fr as Fq, FrConfig as FqConfig};
--- a/ed_on_bls12_377/src/fields/fr.rs
+++ b/ed_on_bls12_377/src/fields/fr.rs
@@ -1,83 +1,7 @@
-use ark_ff::{
-    biginteger::{BigInt, BigInteger256 as BigInteger},
-    fields::{FftParameters, Fp256, Fp256Parameters, FpParameters},
-};
+use ark_ff::fields::{Fp256, MontBackend, MontConfig};

-pub type Fr = Fp256<FrParameters>;
-
-pub struct FrParameters;
-
-impl Fp256Parameters for FrParameters {}
-impl FftParameters for FrParameters {
-    type BigInt = BigInteger;
-
-    const TWO_ADICITY: u32 = 1;
-
-    #[rustfmt::skip]
-    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
-        15170730761708361161u64,
-        13670723686578117817u64,
-        12803492266614043665u64,
-        50861023252832611u64,
-    ]);
-}
-impl FpParameters for FrParameters {
-    /// MODULUS = 2111115437357092606062206234695386632838870926408408195193685246394721360383
-    #[rustfmt::skip]
-    const MODULUS: BigInteger = BigInt::new([
-        13356249993388743167u64,
-        5950279507993463550u64,
-        10965441865914903552u64,
-        336320092672043349u64,
-    ]);
-
-    const MODULUS_BITS: u32 = 251;
-
-    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
-
-    const REPR_SHAVE_BITS: u32 = 5;
-
-    #[rustfmt::skip]
-    const R: BigInteger = BigInt::new([
-        16632263305389933622u64,
-        10726299895124897348u64,
-        16608693673010411502u64,
-        285459069419210737u64,
-    ]);
-
-    #[rustfmt::skip]
-    const R2: BigInteger = BigInt::new([
-        3987543627614508126u64,
-        17742427666091596403u64,
-        14557327917022607905u64,
-        322810149704226881u64,
-    ]);
-
-    const INV: u64 = 9659935179256617473u64;
-
-    // 70865795004005329077606947863872807680085016823885970091001235374859923341923
-    #[rustfmt::skip]
-    const GENERATOR: BigInteger = BigInt::new([
-        11289572479685143826u64,
-        11383637369941080925u64,
-        2288212753973340071u64,
-        82014976407880291u64,
-    ]);
-
-    #[rustfmt::skip]
-    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
-        6678124996694371583u64,
-        2975139753996731775u64,
-        14706092969812227584u64,
-        168160046336021674u64,
-    ]);
-
-    const T: BigInteger = Self::MODULUS_MINUS_ONE_DIV_TWO;
-
-    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
-        0xae56bba6b0cff67f,
-        0x14a4e8ebf10f22bf,
-        0x660b44d1e5c37b00,
-        0x12ab655e9a2ca55,
-    ]);
-}
+#[derive(MontConfig)]
+#[modulus = "2111115437357092606062206234695386632838870926408408195193685246394721360383"]
+#[generator = "5"]
+pub struct FrConfig;
+pub type Fr = Fp256<MontBackend<FrConfig, 4>>;
--- a/ed_on_bls12_377/src/fields/mod.rs
+++ b/ed_on_bls12_377/src/fields/mod.rs
@@ -4,5 +4,5 @@ pub mod fr;
 pub use fq::*;
 pub use fr::*;

-#[cfg(all(feature = "ed_on_bls12_377", test))]
+#[cfg(test)]
 mod tests;
--- a/ed_on_bls12_377/src/fields/tests.rs
+++ b/ed_on_bls12_377/src/fields/tests.rs
@@ -1,24 +1,15 @@
-use ark_std::rand::Rng;
-use ark_std::test_rng;
+use ark_algebra_test_templates::{
+    fields::*, generate_field_serialization_test, generate_field_test,
+};
+use ark_ff::{
+    fields::{Field, PrimeField, SquareRootField},
+    One, UniformRand, Zero,
+};
+use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
+use ark_std::{rand::Rng, test_rng};
+use core::ops::{AddAssign, MulAssign, SubAssign};

-use crate::{Fq, Fr};
+use crate::{Fq, FqConfig, Fr, FrConfig};

-use ark_algebra_test_templates::fields::*;
-
-#[test]
-fn test_fr() {
-    let mut rng = test_rng();
-    let a: Fr = rng.gen();
-    let b: Fr = rng.gen();
-    field_test(a, b);
-    primefield_test::<Fr>();
-}
-
-#[test]
-fn test_fq() {
-    let mut rng = test_rng();
-    let a: Fq = rng.gen();
-    let b: Fq = rng.gen();
-    field_test(a, b);
-    primefield_test::<Fq>();
-}
+generate_field_test!(ed_on_bls12_377; mont(4, 4); );
+generate_field_serialization_test!(ed_on_bls12_377;);
--- a/ed_on_bls12_377/src/lib.rs
+++ b/ed_on_bls12_377/src/lib.rs
@@ -8,14 +8,16 @@
 )]
 #![forbid(unsafe_code)]

-//! This library implements a twisted Edwards curve whose base field is the scalar field of the
-//! curve BLS12-377.  This allows defining cryptographic primitives that use elliptic curves over
-//! the scalar field of the latter curve. This curve was generated as part of the paper
-//! [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962).
+//! This library implements a twisted Edwards curve whose base field is the
+//! scalar field of the curve BLS12-377.  This allows defining cryptographic
+//! primitives that use elliptic curves over the scalar field of the latter
+//! curve. This curve was generated as part of the paper [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962).
 //!
 //! Curve information:
-//! * Base field: q = 8444461749428370424248824938781546531375899335154063827935233455917409239041
-//! * Scalar field: r = 2111115437357092606062206234695386632838870926408408195193685246394721360383
+//! * Base field: q =
+//!   8444461749428370424248824938781546531375899335154063827935233455917409239041
+//! * Scalar field: r =
+//!   2111115437357092606062206234695386632838870926408408195193685246394721360383
 //! * Valuation(q - 1, 2) = 47
 //! * Valuation(r - 1, 2) = 1
 //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where