Upgrade to work with latest ark-ff (#95)

Co-authored-by: Sun <huachuang20@gmail.com>

ed_on_mnt4_298/scripts/base_field.sage

@@ -0,0 +1,28 @@
+modulus = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137
+
+assert(modulus.is_prime())
+
+Fp = GF(modulus)
+
+generator = Fp(0);
+for i in range(0, 20):
+    i = Fp(i);
+    neg_i = Fp(-i)
+    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
+        continue
+    elif i.is_primitive_root():
+        assert(i.is_primitive_root());
+        print("Generator: %d" % i)
+        generator = i
+        break
+    else:
+        assert(neg_i.is_primitive_root());
+        print("Generator: %d" % neg_i)
+        generator = neg_i
+        break
+
+
+two_adicity = valuation(modulus - 1, 2);
+trace = (modulus - 1) / 2**two_adicity;
+two_adic_root_of_unity = generator^trace
+print("2-adic Root of Unity: %d " % two_adic_root_of_unity)

ed_on_mnt4_298/scripts/scalar_field.sage

@@ -0,0 +1,28 @@
+modulus = 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631
+
+assert(modulus.is_prime())
+
+Fp = GF(modulus)
+
+generator = Fp(0);
+for i in range(0, 20):
+    i = Fp(i);
+    neg_i = Fp(-i)
+    if not(i.is_primitive_root() or neg_i.is_primitive_root()):
+        continue
+    elif i.is_primitive_root():
+        assert(i.is_primitive_root());
+        print("Generator: %d" % i)
+        generator = i
+        break
+    else:
+        assert(neg_i.is_primitive_root());
+        print("Generator: %d" % neg_i)
+        generator = neg_i
+        break
+
+
+two_adicity = valuation(modulus - 1, 2);
+trace = (modulus - 1) / 2**two_adicity;
+two_adic_root_of_unity = generator^trace
+print("2-adic Root of Unity: %d " % two_adic_root_of_unity)

ed_on_mnt4_298/src/constraints/curves.rs

@@ -1,7 +1,6 @@
-use crate::*;
 use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar;
 
-use crate::constraints::fields::FqVar;
+use crate::{constraints::fields::FqVar, *};
 
 /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`.
 pub type EdwardsVar = AffineVar<EdwardsParameters, FqVar>;

ed_on_mnt4_298/src/constraints/fields.rs

@@ -1,6 +1,7 @@
-use crate::fq::Fq;
 use ark_r1cs_std::fields::fp::FpVar;
 
+use crate::fq::Fq;
+
 /// A variable that is the R1CS equivalent of `crate::Fq`.
 pub type FqVar = FpVar<Fq>;
 

ed_on_mnt4_298/src/curves/mod.rs

@@ -2,7 +2,7 @@ use ark_ec::{
     models::{ModelParameters, MontgomeryModelParameters, TEModelParameters},
     twisted_edwards_extended::{GroupAffine, GroupProjective},
 };
-use ark_ff::field_new;
+use ark_ff::MontFp;
 
 use crate::{fq::Fq, fr::Fr};
 
@@ -24,8 +24,10 @@ impl ModelParameters for EdwardsParameters {
 
     /// COFACTOR_INV (mod r) =
     /// 29745142885578832859584328103315528221570304936126890280067991221921526670592508030983158
-    #[rustfmt::skip]
-    const COFACTOR_INV: Fr = field_new!(Fr, "29745142885578832859584328103315528221570304936126890280067991221921526670592508030983158");
+    const COFACTOR_INV: Fr = MontFp!(
+        Fr,
+        "29745142885578832859584328103315528221570304936126890280067991221921526670592508030983158"
+    );
 }
 
 // Many parameters need to be written down in the Montgomery residue form,
@@ -38,15 +40,13 @@ impl TEModelParameters for EdwardsParameters {
     /// Needs to be in the Montgomery residue form in Fq
     /// I.e., -1 * R for Fq
     ///     = 252557637842979910814547544293825421990201153003031094870216460866964386803867699028196261
-    #[rustfmt::skip]
-    const COEFF_A: Fq = field_new!(Fq, "-1");
+    const COEFF_A: Fq = MontFp!(Fq, "-1");
 
     /// COEFF_D = 4212
     /// Needs to be in the Montgomery residue form in Fq
     /// I.e., 4212 * R for Fq
     ///     = 389461279836940033614665658623660232171971995346409183754923941118154161474636585314923000
-    #[rustfmt::skip]
-    const COEFF_D: Fq = field_new!(Fq, "4212");
+    const COEFF_D: Fq = MontFp!(Fq, "4212");
 
     /// Generated randomly
     const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) = (GENERATOR_X, GENERATOR_Y);
@@ -62,21 +62,24 @@ impl TEModelParameters for EdwardsParameters {
 
 impl MontgomeryModelParameters for EdwardsParameters {
     /// COEFF_A = 203563247015667910991582090642011229452721346107806307863040223071914240315202967004285204
-    #[rustfmt::skip]
-    const COEFF_A: Fq = field_new!(Fq, "203563247015667910991582090642011229452721346107806307863040223071914240315202967004285204");
+    const COEFF_A: Fq = MontFp!(Fq, "203563247015667910991582090642011229452721346107806307863040223071914240315202967004285204");
+
     /// COEFF_B = 272359039153593414761767159011037222092403532445017207690227512667250406992205523555677931
-    #[rustfmt::skip]
-    const COEFF_B: Fq = field_new!(Fq, "272359039153593414761767159011037222092403532445017207690227512667250406992205523555677931");
+    const COEFF_B: Fq = MontFp!(Fq, "272359039153593414761767159011037222092403532445017207690227512667250406992205523555677931");
 
     type TEModelParameters = EdwardsParameters;
 }
 
 /// GENERATOR_X =
 /// 282406820114868156776872298252698015906762052916420164316497572033519876761239463633892227
-#[rustfmt::skip]
-const GENERATOR_X: Fq = field_new!(Fq, "282406820114868156776872298252698015906762052916420164316497572033519876761239463633892227");
+const GENERATOR_X: Fq = MontFp!(
+    Fq,
+    "282406820114868156776872298252698015906762052916420164316497572033519876761239463633892227"
+);
 
 /// GENERATOR_Y =
 /// 452667754940241021433619311795265643711152068500301853535337412655162600774122192283142703
-#[rustfmt::skip]
-const GENERATOR_Y: Fq = field_new!(Fq, "452667754940241021433619311795265643711152068500301853535337412655162600774122192283142703");
+const GENERATOR_Y: Fq = MontFp!(
+    Fq,
+    "452667754940241021433619311795265643711152068500301853535337412655162600774122192283142703"
+);

ed_on_mnt4_298/src/curves/tests.rs

@@ -1,11 +1,9 @@
+use ark_algebra_test_templates::{curves::*, groups::*};
 use ark_ec::{AffineCurve, ProjectiveCurve};
-use ark_std::rand::Rng;
-use ark_std::test_rng;
+use ark_std::{rand::Rng, test_rng};
 
 use crate::*;
 
-use ark_algebra_test_templates::{curves::*, groups::*};
-
 #[test]
 fn test_projective_curve() {
     curve_tests::<EdwardsProjective>();

ed_on_mnt4_298/src/fields/fq.rs

@@ -1 +1 @@
-pub use ark_mnt4_298::{Fr as Fq, FrParameters as FqParameters};
+pub use ark_mnt4_298::{Fr as Fq, FrConfig as FqConfig};

ed_on_mnt4_298/src/fields/fr.rs

@@ -1,127 +1,7 @@
-use ark_ff::{
-    biginteger::{BigInt, BigInteger320 as BigInteger},
-    fields::{FftParameters, Fp320, Fp320Parameters, FpParameters},
-};
+use ark_ff::fields::{Fp320, MontBackend, MontConfig};
 
-pub type Fr = Fp320<FrParameters>;
-
-pub struct FrParameters;
-
-impl Fp320Parameters for FrParameters {}
-impl FftParameters for FrParameters {
-    type BigInt = BigInteger;
-
-    const TWO_ADICITY: u32 = 1u32;
-
-    // ROOT_OF_UNITY = GENERATOR ^ t =
-    // 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932630
-    // t is defined below
-    // This number needs to be in the Montgomery residue form.
-    // I.e., write
-    // 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932630
-    // * R
-    // = 14596494758349247937872919467301196219547084259323651055171406111196152579418790325693086
-    #[rustfmt::skip]
-    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInt::new([
-        4913018085921565342u64,
-        18164325898792356216u64,
-        11499902056485864693u64,
-        12113224729248979119u64,
-        126057789046u64,
-    ]);
-}
-impl FpParameters for FrParameters {
-    // MODULUS = 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631
-    // Factors of MODULUS - 1:
-    //      2
-    //      5
-    //      17
-    //      47
-    //      3645289
-    //      42373926857
-    //      96404785755712297250936212793128201320333033128042968811755970858369
-    #[rustfmt::skip]
-    const MODULUS: BigInteger = BigInt::new([
-        15535567651727634391u64,
-        14992835038329117496u64,
-        12879083654034347181u64,
-        16760578290609820963u64,
-        1027536270620u64,
-    ]);
-
-    const MODULUS_BITS: u32 = 296;
-
-    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
-
-    const REPR_SHAVE_BITS: u32 = 24;
-
-    // see ark-ff/src/fields/mod.rs for more information
-    // R = pow(2,320) %
-    // 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631
-    // R = 104384076783966083500464392945960916666734135485183910065100558776489954102951241798239545
-    #[rustfmt::skip]
-    const R: BigInteger = BigInt::new([
-        10622549565806069049u64,
-        15275253213246312896u64,
-        1379181597548482487u64,
-        4647353561360841844u64,
-        901478481574u64
-    ]);
-
-    // R2 = R * R %
-    // 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631
-    // R2 = 64940318866745953005690402896764745514897573584912026577721076893188083397226247459368768
-    #[rustfmt::skip]
-    const R2: BigInteger = BigInt::new([
-        16858329796171722560u64,
-        12060416575249219689u64,
-        17034911964548502611u64,
-        14718631438675169669u64,
-        560835539754u64
-    ]);
-
-    // INV = -(118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631)^(-1) % 2^64
-    const INV: u64 = 9223688842165816345u64;
-
-    // GENERATOR = 7
-    // This number needs to be in the Montgomery residue form.
-    // I.e., write 7 * R =
-    // 16805108233870595873226876142153739349451629929242003734072122109313038626438499844081029
-    #[rustfmt::skip]
-    const GENERATOR: BigInteger = BigInt::new([
-        18037929197695780229u64,
-        16969762262749485294u64,
-        6166745553471500787u64,
-        5754981480705173590u64,
-        145131747294u64,
-    ]);
-
-    // (n-1)/2 = 59490285771157665719168656206631056443140609872253780560135982443843053341185016061966315
-    #[rustfmt::skip]
-    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
-        7767783825863817195u64,
-        16719789556019334556u64,
-        15662913863871949398u64,
-        8380289145304910481u64,
-        513768135310u64,
-    ]);
-
-    // t = (n - 1) / 2^{TWO_ADICITY} =
-    // 59490285771157665719168656206631056443140609872253780560135982443843053341185016061966315
-    const T: BigInteger = BigInt::new([
-        7767783825863817195u64,
-        16719789556019334556u64,
-        15662913863871949398u64,
-        8380289145304910481u64,
-        513768135310u64,
-    ]);
-
-    // (t-1)/2 = 29745142885578832859584328103315528221570304936126890280067991221921526670592508030983157
-    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInt::new([
-        3883891912931908597u64,
-        8359894778009667278u64,
-        17054828968790750507u64,
-        4190144572652455240u64,
-        256884067655u64,
-    ]);
-}
+#[derive(MontConfig)]
+#[modulus = "118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631"]
+#[generator = "7"]
+pub struct FrConfig;
+pub type Fr = Fp320<MontBackend<FrConfig, 5>>;

ed_on_mnt4_298/src/fields/mod.rs

@@ -4,5 +4,5 @@ pub mod fr;
 pub use fq::*;
 pub use fr::*;
 
-#[cfg(all(feature = "ed_on_mnt4_298", test))]
+#[cfg(test)]
 mod tests;

ed_on_mnt4_298/src/fields/tests.rs

@@ -1,24 +1,12 @@
-use ark_std::rand::Rng;
-use ark_std::test_rng;
+use ark_algebra_test_templates::{
+    fields::*, generate_field_serialization_test, generate_field_test,
+};
+use ark_ff::{Field, One, PrimeField, SquareRootField, UniformRand, Zero};
+use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
+use ark_std::{rand::Rng, test_rng};
+use core::ops::{AddAssign, MulAssign, SubAssign};
 
-use crate::fields::*;
+use crate::{Fq, FqConfig, Fr, FrConfig};
 
-use ark_algebra_test_templates::fields::*;
-
-#[test]
-fn test_fr() {
-    let mut rng = test_rng();
-    let a: Fr = rng.gen();
-    let b: Fr = rng.gen();
-    field_test(a, b);
-    primefield_test::<Fr>();
-}
-
-#[test]
-fn test_fq() {
-    let mut rng = test_rng();
-    let a: Fq = rng.gen();
-    let b: Fq = rng.gen();
-    field_test(a, b);
-    primefield_test::<Fq>();
-}
+generate_field_test!(ed_on_mnt4_298; mont(5, 5); );
+generate_field_serialization_test!(ed_on_mnt4_298;);

ed_on_mnt4_298/src/lib.rs

@@ -8,13 +8,16 @@
 )]
 #![forbid(unsafe_code)]
 
-//! This library implements a twisted Edwards curve whose base field is the scalar field of the
-//! curve MNT4-298. This allows defining cryptographic primitives that use elliptic curves over
-//! the scalar field of the latter curve.
+//! This library implements a twisted Edwards curve whose base field is the
+//! scalar field of the curve MNT4-298. This allows defining cryptographic
+//! primitives that use elliptic curves over the scalar field of the latter
+//! curve.
 //!
 //! Curve information:
-//! * Base field: q = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137
-//! * Scalar field: r = 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631
+//! * Base field: q =
+//!   475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137
+//! * Scalar field: r =
+//!   118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631
 //! * Valuation(q - 1, 2) = 30
 //! * Valuation(r - 1, 2) = 1
 //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where