Fix Bandersnatch parameters and the constraint tests (#119)

Co-authored-by: onewayfunc <onewayfunc@gmail.com>

bls12_377/src/constraints/mod.rs

@@ -106,7 +106,7 @@
 //! ```
 //! # fn main() -> Result<(), ark_relations::r1cs::SynthesisError> {
 //! # use ark_std::UniformRand;
-//! # use ark_ec::PairingEngine;
+//! # use ark_ec::pairing::Pairing;
 //! # use ark_relations::r1cs::*;
 //! # use ark_r1cs_std::prelude::*;
 //! # use ark_bls12_377::{*, constraints::*};
@@ -135,7 +135,7 @@
 //! let pairing_result = constraints::PairingVar::pairing(a_prep, b_prep)?;
 //!
 //! // Check that the value of &a + &b is correct.
-//! assert_eq!(pairing_result.value()?, pairing_result_native);
+//! assert_eq!(pairing_result.value()?, pairing_result_native.0);
 //!
 //! // Check that operations on variables and constants are equivalent.
 //! let a_prep_const = constraints::PairingVar::prepare_g1(&a_const)?;

ed_on_bls12_381_bandersnatch/src/curves/mod.rs

@@ -17,10 +17,10 @@ pub type SWAffine = short_weierstrass::Affine;
 pub type SWProjective = short_weierstrass::Projective<BandersnatchParameters>;
 
 /// `bandersnatch` is an incomplete twisted Edwards curve. These curves have equations of
-/// the form: ax² + y² = 1 - dx²y².
+/// the form: ax² + y² = 1 + dx²y².
 /// over some base finite field Fq.
 ///
-/// bandersnatch's curve equation: -5x² + y² = 1 - dx²y²
+/// bandersnatch's curve equation: -5x² + y² = 1 + dx²y²
 ///
 /// q = 52435875175126190479447740508185965837690552500527637822603658699938581184513.
 ///
@@ -84,7 +84,7 @@ impl TECurveConfig for BandersnatchParameters {
     /// Multiplication by `a` is multiply by `-5`.
     #[inline(always)]
     fn mul_by_a(elem: Self::BaseField) -> Self::BaseField {
-        elem.double().double() * elem
+        -(elem.double().double() + elem)
     }
 }
 

mnt4_298/src/constraints/mod.rs

@@ -106,7 +106,7 @@
 //! ```
 //! # fn main() -> Result<(), ark_relations::r1cs::SynthesisError> {
 //! # use ark_std::UniformRand;
-//! # use ark_ec::PairingEngine;
+//! # use ark_ec::pairing::Pairing;
 //! # use ark_relations::r1cs::*;
 //! # use ark_r1cs_std::prelude::*;
 //! # use ark_mnt4_298::{*, constraints::*};
@@ -135,7 +135,7 @@
 //! let pairing_result = constraints::PairingVar::pairing(a_prep, b_prep)?;
 //!
 //! // Check that the value of &a + &b is correct.
-//! assert_eq!(pairing_result.value()?, pairing_result_native);
+//! assert_eq!(pairing_result.value()?, pairing_result_native.0);
 //!
 //! // Check that operations on variables and constants are equivalent.
 //! let a_prep_const = constraints::PairingVar::prepare_g1(&a_const)?;

mnt4_753/src/constraints/mod.rs

@@ -106,7 +106,7 @@
 //! ```
 //! # fn main() -> Result<(), ark_relations::r1cs::SynthesisError> {
 //! # use ark_std::UniformRand;
-//! # use ark_ec::PairingEngine;
+//! # use ark_ec::pairing::Pairing;
 //! # use ark_relations::r1cs::*;
 //! # use ark_r1cs_std::prelude::*;
 //! # use ark_mnt4_753::{*, constraints::*};
@@ -135,7 +135,7 @@
 //! let pairing_result = constraints::PairingVar::pairing(a_prep, b_prep)?;
 //!
 //! // Check that the value of &a + &b is correct.
-//! assert_eq!(pairing_result.value()?, pairing_result_native);
+//! assert_eq!(pairing_result.value()?, pairing_result_native.0);
 //!
 //! // Check that operations on variables and constants are equivalent.
 //! let a_prep_const = constraints::PairingVar::prepare_g1(&a_const)?;

mnt6_298/src/constraints/mod.rs

@@ -106,7 +106,7 @@
 //! ```
 //! # fn main() -> Result<(), ark_relations::r1cs::SynthesisError> {
 //! # use ark_std::UniformRand;
-//! # use ark_ec::PairingEngine;
+//! # use ark_ec::pairing::Pairing;
 //! # use ark_relations::r1cs::*;
 //! # use ark_r1cs_std::prelude::*;
 //! # use ark_mnt6_298::{*, constraints::*};
@@ -135,7 +135,7 @@
 //! let pairing_result = constraints::PairingVar::pairing(a_prep, b_prep)?;
 //!
 //! // Check that the value of &a + &b is correct.
-//! assert_eq!(pairing_result.value()?, pairing_result_native);
+//! assert_eq!(pairing_result.value()?, pairing_result_native.0);
 //!
 //! // Check that operations on variables and constants are equivalent.
 //! let a_prep_const = constraints::PairingVar::prepare_g1(&a_const)?;

mnt6_753/src/constraints/mod.rs

@@ -106,7 +106,7 @@
 //! ```
 //! # fn main() -> Result<(), ark_relations::r1cs::SynthesisError> {
 //! # use ark_std::UniformRand;
-//! # use ark_ec::PairingEngine;
+//! # use ark_ec::pairing::Pairing;
 //! # use ark_relations::r1cs::*;
 //! # use ark_r1cs_std::prelude::*;
 //! # use ark_mnt6_753::{*, constraints::*};
@@ -135,7 +135,7 @@
 //! let pairing_result = constraints::PairingVar::pairing(a_prep, b_prep)?;
 //!
 //! // Check that the value of &a + &b is correct.
-//! assert_eq!(pairing_result.value()?, pairing_result_native);
+//! assert_eq!(pairing_result.value()?, pairing_result_native.0);
 //!
 //! // Check that operations on variables and constants are equivalent.
 //! let a_prep_const = constraints::PairingVar::prepare_g1(&a_const)?;