Sync with the recent changes in ark-algebra on pairing and testing (#116)

* Fix another typo in the Jubjub curve comment

* fix

* progress

* get_point_from_x_unchecked

* fix

* soft link

* Fix Bandersnatch

* Fix Edwards form of Bandersnatch

* Actually fix ed_on_bls12_381_bandersnatch/src/curves/mod.rs

* fix

* fix

* curve-benches

* fix the last mul_by_a; fmt

Co-authored-by: onewayfunc <onewayfunc@gmail.com>
Co-authored-by: Pratyush Mishra <pratyushmishra@berkeley.edu>

cp6_782/Cargo.toml

@@ -10,13 +10,14 @@ keywords = ["cryptography", "finite-fields", "elliptic-curves" ]
 categories = ["cryptography"]
 include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"]
 license = "MIT/Apache-2.0"
-edition = "2018"
+edition = "2021"
 
 [dependencies]
 ark-ff = { version = "^0.3.0", default-features = false }
 ark-ec = { version = "^0.3.0", default-features = false }
 ark-std = { version = "^0.3.0", default-features = false }
 ark-bls12-377 = { version = "^0.3.0", path = "../bls12_377", default-features = false, features = [ "base_field" ] }
+itertools = { version = "0.10", default-features = false }
 
 [dev-dependencies]
 ark-serialize = { version = "^0.3.0", default-features = false }

cp6_782/LICENSE-APACHE

@@ -0,0 +1 @@
+../LICENSE-APACHE

cp6_782/LICENSE-MIT

@@ -0,0 +1 @@
+../LICENSE-MIT

cp6_782/src/curves/g1.rs

@@ -1,6 +1,7 @@
 use ark_ec::{
     models::{short_weierstrass::SWCurveConfig, CurveConfig},
     short_weierstrass::{Affine, Projective},
+    AffineRepr, CurveGroup,
 };
 use ark_ff::MontFp;
 
@@ -9,6 +10,45 @@ use crate::{Fq, Fr};
 pub type G1Affine = Affine<Parameters>;
 pub type G1Projective = Projective<Parameters>;
 
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct G1Prepared(pub G1Affine);
+
+impl From<G1Affine> for G1Prepared {
+    fn from(other: G1Affine) -> Self {
+        G1Prepared(other)
+    }
+}
+
+impl From<G1Projective> for G1Prepared {
+    fn from(q: G1Projective) -> Self {
+        q.into_affine().into()
+    }
+}
+
+impl<'a> From<&'a G1Affine> for G1Prepared {
+    fn from(other: &'a G1Affine) -> Self {
+        G1Prepared(*other)
+    }
+}
+
+impl<'a> From<&'a G1Projective> for G1Prepared {
+    fn from(q: &'a G1Projective) -> Self {
+        q.into_affine().into()
+    }
+}
+
+impl G1Prepared {
+    pub fn is_zero(&self) -> bool {
+        self.0.is_identity()
+    }
+}
+
+impl Default for G1Prepared {
+    fn default() -> Self {
+        G1Prepared(G1Affine::generator())
+    }
+}
+
 #[derive(Clone, Default, PartialEq, Eq)]
 pub struct Parameters;
 

cp6_782/src/curves/g2.rs

@@ -1,6 +1,7 @@
 use ark_ec::{
     models::CurveConfig,
     short_weierstrass::{Affine, Projective, SWCurveConfig},
+    AffineRepr, CurveGroup,
 };
 use ark_ff::{Field, MontFp};
 
@@ -9,6 +10,45 @@ use crate::{Fq, Fq3, Fr};
 pub type G2Affine = Affine<Parameters>;
 pub type G2Projective = Projective<Parameters>;
 
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct G2Prepared(pub G2Affine);
+
+impl From<G2Affine> for G2Prepared {
+    fn from(other: G2Affine) -> Self {
+        G2Prepared(other)
+    }
+}
+
+impl From<G2Projective> for G2Prepared {
+    fn from(q: G2Projective) -> Self {
+        q.into_affine().into()
+    }
+}
+
+impl<'a> From<&'a G2Affine> for G2Prepared {
+    fn from(other: &'a G2Affine) -> Self {
+        G2Prepared(*other)
+    }
+}
+
+impl<'a> From<&'a G2Projective> for G2Prepared {
+    fn from(q: &'a G2Projective) -> Self {
+        q.into_affine().into()
+    }
+}
+
+impl G2Prepared {
+    pub fn is_zero(&self) -> bool {
+        self.0.is_identity()
+    }
+}
+
+impl Default for G2Prepared {
+    fn default() -> Self {
+        G2Prepared(G2Affine::generator())
+    }
+}
+
 #[derive(Clone, Default, PartialEq, Eq)]
 pub struct Parameters;
 

cp6_782/src/curves/mod.rs

@@ -1,17 +1,19 @@
-use ark_ec::{models::short_weierstrass::SWCurveConfig, PairingEngine};
+use ark_ec::pairing::{MillerLoopOutput, PairingOutput};
+use ark_ec::{models::short_weierstrass::SWCurveConfig, pairing::Pairing};
 use ark_ff::{
     biginteger::BigInteger832,
     fields::{BitIteratorBE, Field},
     BigInt, CyclotomicMultSubgroup, One,
 };
+use itertools::Itertools;
 
 use crate::{Fq, Fq3, Fq6, Fr};
 
 pub mod g1;
-pub use self::g1::{G1Affine, G1Projective};
+pub use self::g1::{G1Affine, G1Prepared, G1Projective};
 
 pub mod g2;
-pub use self::g2::{G2Affine, G2Projective};
+pub use self::g2::{G2Affine, G2Prepared, G2Projective};
 
 #[cfg(test)]
 mod tests;
@@ -21,40 +23,39 @@ pub type GT = Fq6;
 #[derive(Copy, Clone, Debug, PartialEq, Eq)]
 pub struct CP6_782;
 
-impl PairingEngine for CP6_782 {
-    type Fr = Fr;
-    type G1Projective = G1Projective;
+impl Pairing for CP6_782 {
+    type ScalarField = Fr;
+    type G1 = G1Projective;
     type G1Affine = G1Affine;
-    type G1Prepared = G1Affine;
-    type G2Projective = G2Projective;
+    type G1Prepared = G1Prepared;
+    type G2 = G2Projective;
     type G2Affine = G2Affine;
-    type G2Prepared = G2Affine;
-    type Fq = Fq;
-    type Fqe = Fq3;
-    type Fqk = Fq6;
+    type G2Prepared = G2Prepared;
+    type TargetField = Fq6;
 
-    fn miller_loop<'a, I>(i: I) -> Self::Fqk
-    where
-        I: IntoIterator<Item = &'a (Self::G1Prepared, Self::G2Prepared)>,
-    {
-        let mut result = Self::Fqk::one();
-        for &(ref p, ref q) in i {
-            result *= &CP6_782::ate_miller_loop(p, q);
-        }
-        result
+    fn multi_miller_loop(
+        a: impl IntoIterator<Item = impl Into<Self::G1Prepared>>,
+        b: impl IntoIterator<Item = impl Into<Self::G2Prepared>>,
+    ) -> MillerLoopOutput<Self> {
+        let mut result = Self::TargetField::one();
+        a.into_iter().zip_eq(b).for_each(|(p, q)| {
+            let (p, q) = (p.into(), q.into());
+            result *= &CP6_782::ate_miller_loop(&p, &q);
+        });
+
+        MillerLoopOutput(result)
     }
 
-    fn final_exponentiation(r: &Self::Fqk) -> Option<Self::Fqk> {
-        Some(CP6_782::final_exponentiation(r))
+    fn final_exponentiation(r: MillerLoopOutput<Self>) -> Option<PairingOutput<Self>> {
+        Some(PairingOutput(CP6_782::final_exponentiation(&r.0)))
     }
 }
 
 impl CP6_782 {
-    pub fn ate_pairing(p: &G1Affine, q: &G2Affine) -> GT {
-        CP6_782::final_exponentiation(&CP6_782::ate_miller_loop(p, q))
-    }
+    fn ate_miller_loop(p: &G1Prepared, q: &G2Prepared) -> Fq6 {
+        let p = p.0;
+        let q = q.0;
 
-    fn ate_miller_loop(p: &G1Affine, q: &G2Affine) -> Fq6 {
         let px = p.x;
         let py = p.y;
         let qx = q.x;

cp6_782/src/curves/tests.rs

@@ -1,13 +1,9 @@
-use ark_algebra_test_templates::{
-    curves::*, generate_bilinearity_test, generate_g1_test, generate_g2_test, msm::*,
-};
-use ark_ec::{AffineCurve, PairingEngine};
-use ark_ff::{Field, One, PrimeField};
-use ark_std::{rand::Rng, test_rng};
-use core::ops::MulAssign;
+use ark_algebra_test_templates::*;
+use ark_ff::Field;
 
 use crate::*;
 
-generate_g1_test!(cp6_782; curve_tests; sw_tests;);
-generate_g2_test!(cp6_782; curve_tests; sw_tests;);
-generate_bilinearity_test!(CP6_782, Fq6);
+test_group!(g1; G1Projective; sw);
+test_group!(g2; G2Projective; sw);
+test_group!(pairing_output; ark_ec::pairing::PairingOutput<CP6_782>; msm);
+test_pairing!(pairing; crate::CP6_782);

cp6_782/src/fields/tests.rs

@@ -1,12 +1,7 @@
-use ark_algebra_test_templates::{
-    fields::*, generate_field_serialization_test, generate_field_test,
-};
-use ark_ff::{Field, One, PrimeField, UniformRand, Zero};
-use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
-use ark_std::{rand::Rng, test_rng};
-use core::ops::{AddAssign, MulAssign, SubAssign};
-
 use crate::*;
+use ark_algebra_test_templates::*;
 
-generate_field_test!(cp6_782; fq3; fq6_2_on_3; mont(13, 6); );
-generate_field_serialization_test!(cp6_782;);
+test_field!(fr; Fr; mont_prime_field);
+test_field!(fq; Fq; mont_prime_field);
+test_field!(fq3; Fq3);
+test_field!(fq6; Fq6);