arnaucube/ark-r1cs-std
1
0
Fork 0
mirror of https://github.com/arnaucube/ark-r1cs-std.git synced 2026-01-09 23:41:33 +01:00
Code Issues Projects Releases Wiki Activity

Add examples and doctests for instantiated curves

Browse Source
This commit is contained in:
Pratyush Mishra
2020-09-13 17:24:17 -07:00
parent 370fbcdd3b
commit 3a18ecee0d
19 changed files with 1511 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
r1cs-std/src/fields/cubic_extension.rs
View File

@@ -1,6 +1,6 @@
use algebra::{
fields::{CubicExtField, CubicExtParameters, Field},
One, Zero,
Zero,
};
use core::{borrow::Borrow, marker::PhantomData};
use r1cs_core::{ConstraintSystemRef, Namespace, SynthesisError};
@@ -266,14 +266,20 @@ where
#[tracing::instrument(target = "r1cs")]
fn inverse(&self) -> Result<Self, SynthesisError> {
let cs = self.cs().get()?.clone();
let one = Self::new_constant(cs.clone(), CubicExtField::one())?;
let inverse = Self::new_witness(self.cs().get()?.clone(), || {
self.value()
.map(|f| f.inverse().unwrap_or(CubicExtField::zero()))
})?;
self.mul_equals(&inverse, &one)?;
let mode = if self.is_constant() {
AllocationMode::Constant
} else {
AllocationMode::Witness
};
let inverse = Self::new_variable(
self.cs().get()?.clone(),
|| {
self.value()
.map(|f| f.inverse().unwrap_or(CubicExtField::zero()))
},
mode,
)?;
self.mul_equals(&inverse, &Self::one())?;
Ok(inverse)
}
}

2
r1cs-std/src/fields/fp/mod.rs
View File

@@ -48,7 +48,7 @@ impl<F: PrimeField> R1CSVar<F> for FpVar<F> {
fn cs(&self) -> Option<ConstraintSystemRef<F>> {
match self {
Self::Constant(_) => None,
Self::Constant(_) => Some(ConstraintSystemRef::None),
Self::Var(a) => Some(a.cs.clone()),
}
}

22
r1cs-std/src/fields/quadratic_extension.rs
View File

@@ -1,6 +1,6 @@
use algebra::{
fields::{Field, QuadExtField, QuadExtParameters},
One, Zero,
Zero,
};
use core::{borrow::Borrow, marker::PhantomData};
use r1cs_core::{ConstraintSystemRef, Namespace, SynthesisError};
@@ -273,12 +273,20 @@ where
#[tracing::instrument(target = "r1cs")]
fn inverse(&self) -> Result<Self, SynthesisError> {
let one = Self::new_constant(self.cs().get()?.clone(), QuadExtField::one())?;
let inverse = Self::new_witness(self.cs().get()?.clone(), || {
self.value()
.map(|f| f.inverse().unwrap_or(QuadExtField::zero()))
})?;
self.mul_equals(&inverse, &one)?;
let mode = if self.is_constant() {
AllocationMode::Constant
} else {
AllocationMode::Witness
};
let inverse = Self::new_variable(
self.cs().get()?.clone(),
|| {
self.value()
.map(|f| f.inverse().unwrap_or(QuadExtField::zero()))
},
mode,
)?;
self.mul_equals(&inverse, &Self::one())?;
Ok(inverse)
}
}

6
r1cs-std/src/groups/curves/short_weierstrass/mod.rs
View File

@@ -154,7 +154,11 @@ where
pub fn to_affine(&self) -> Result<AffineVar<P, F>, SynthesisError> {
let cs = self.cs().unwrap_or(ConstraintSystemRef::None);
let mode = if self.is_constant() {
AllocationMode::Constant
let point = self.value()?.into_affine();
let x = F::new_constant(ConstraintSystemRef::None, point.x)?;
let y = F::new_constant(ConstraintSystemRef::None, point.y)?;
let infinity = Boolean::constant(point.infinity);
return Ok(AffineVar::new(x, y, infinity));
} else {
AllocationMode::Witness
};

19
r1cs-std/src/groups/curves/twisted_edwards/mod.rs
View File

@@ -461,7 +461,11 @@ where
#[inline]
#[tracing::instrument(target = "r1cs")]
fn double_in_place(&mut self) -> Result<(), SynthesisError> {
if let Some(cs) = self.cs() {
if self.is_constant() {
let value = self.value()?;
*self = Self::constant(value.double());
} else {
let cs = self.cs().unwrap();
let a = P::COEFF_A;
// xy
@@ -496,9 +500,6 @@ where
y3.mul_equals(&two_minus_ax2_minus_y2, &y2_minus_a_x2)?;
self.x = x3;
self.y = y3;
} else {
let value = self.value()?;
*self = Self::constant(value.double());
}
Ok(())
}
@@ -708,7 +709,12 @@ impl_bounded_ops!(
AddAssign,
add_assign,
|this: &'a AffineVar<P, F>, other: &'a AffineVar<P, F>| {
if let Some(cs) = [this, other].cs() {
if [this, other].is_constant() {
assert!(this.is_constant() && other.is_constant());
AffineVar::constant(this.value().unwrap() + &other.value().unwrap())
} else {
let cs = [this, other].cs().unwrap();
let a = P::COEFF_A;
let d = P::COEFF_D;
@@ -752,9 +758,6 @@ impl_bounded_ops!(
y3.mul_equals(&one_minus_v2, &u_plus_a_v0_minus_v1).unwrap();
AffineVar::new(x3, y3)
} else {
assert!(this.is_constant() && other.is_constant());
AffineVar::constant(this.value().unwrap() + &other.value().unwrap())
}
},
|this: &'a AffineVar<P, F>, other: TEProjective<P>| this + AffineVar::constant(other),

1
r1cs-std/src/instantiated/bls12_377/fields.rs
View File

@@ -4,6 +4,7 @@ use crate::fields::{fp::FpVar, fp12::Fp12Var, fp2::Fp2Var, fp6_3over2::Fp6Var};
/// A variable that is the R1CS equivalent of `algebra::bls12_377::Fq`.
pub type FqVar = FpVar<Fq>;
/// A variable that is the R1CS equivalent of `algebra::bls12_377::Fq2`.
pub type Fq2Var = Fp2Var<Fq2Parameters>;
/// A variable that is the R1CS equivalent of `algebra::bls12_377::Fq6`.

150
r1cs-std/src/instantiated/bls12_377/mod.rs
View File

@@ -1,3 +1,153 @@
//! This module implements the R1CS equivalent of `algebra::bls12_377`.
//!
//! It implements field variables for `algebra::bls12_377::{Fq, Fq2, Fq6, Fq12}`,
//! group variables for `algebra::bls12_377::{G1, G2}`, and implements constraint
//! generation for computing `Bls12_377::pairing`.
//!
//! The field underlying these constraints is `algebra::bls12_377::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, bls12_377::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::bls12_377::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `G1Var` and `G2Var`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, bls12_377::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::bls12_377::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `G1` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G1Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G1Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G1Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `G1`.
//! let zero = G1Var::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! Finally, one can check pairing computations as well:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, PairingEngine, bls12_377::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::bls12_377::{self, *};
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate random `G1` and `G2` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G2Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G2Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G2Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let pairing_result_native = Bls12_377::pairing(a_native, b_native);
//!
//! // Prepare `a` and `b` for pairing.
//! let a_prep = bls12_377::PairingVar::prepare_g1(&a)?;
//! let b_prep = bls12_377::PairingVar::prepare_g2(&b)?;
//! let pairing_result = bls12_377::PairingVar::pairing(a_prep, b_prep)?;
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!(pairing_result.value()?, pairing_result_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! let a_prep_const = bls12_377::PairingVar::prepare_g1(&a_const)?;
//! let b_prep_const = bls12_377::PairingVar::prepare_g2(&b_const)?;
//! let pairing_result_const = bls12_377::PairingVar::pairing(a_prep_const, b_prep_const)?;
//! println!("Done here 3");
//!
//! pairing_result.enforce_equal(&pairing_result_const)?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;
mod pairing;

102
r1cs-std/src/instantiated/ed_on_bls12_377/mod.rs
View File

@@ -1,3 +1,105 @@
//! This module implements the R1CS equivalent of `algebra::ed_on_bls12_377`.
//!
//! It implements field variables for `algebra::ed_on_bls12_377::Fq`,
//! and group variables for `algebra::ed_on_bls12_377::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_bls12_377::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_bls12_377::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_bls12_377::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_bls12_377::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_bls12_377::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;

102
r1cs-std/src/instantiated/ed_on_bls12_381/mod.rs
View File

@@ -1,3 +1,105 @@
//! This module implements the R1CS equivalent of `algebra::ed_on_bls12_381`.
//!
//! It implements field variables for `algebra::ed_on_bls12_381::Fq`,
//! and group variables for `algebra::ed_on_bls12_381::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_bls12_381::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_bls12_381::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_bls12_381::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_bls12_381::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_bls12_381::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `Edwards`.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;

102
r1cs-std/src/instantiated/ed_on_bn254/mod.rs
View File

@@ -1,3 +1,105 @@
//! This module implements the R1CS equivalent of `algebra::ed_on_bn254`.
//!
//! It implements field variables for `algebra::ed_on_bn254::Fq`,
//! and group variables for `algebra::ed_on_bn254::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_bn254::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_bn254::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_bn254::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_bn254::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_bn254::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `Edwards`.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;

102
r1cs-std/src/instantiated/ed_on_bw6_761/mod.rs
View File

@@ -1 +1,103 @@
//! This module implements the R1CS equivalent of `algebra::ed_on_bw6_761`.
//!
//! It implements field variables for `algebra::ed_on_bw6_761::Fq`,
//! and group variables for `algebra::ed_on_bw6_761::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_bw6_761::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_bw6_761::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_bw6_761::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_bw6_761::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_bw6_761::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `Edwards`.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
pub use crate::instantiated::ed_on_cp6_782::*;

101
r1cs-std/src/instantiated/ed_on_cp6_782/mod.rs
View File

@@ -1,4 +1,105 @@
#![allow(unreachable_pub)]
//! This module implements the R1CS equivalent of `algebra::ed_on_cp6_782`.
//!
//! It implements field variables for `algebra::ed_on_cp6_782::Fq`,
//! and group variables for `algebra::ed_on_cp6_782::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_cp6_782::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_cp6_782::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_cp6_782::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_cp6_782::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_cp6_782::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `Edwards`.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;

102
r1cs-std/src/instantiated/ed_on_mnt4_298/mod.rs
View File

@@ -1,3 +1,105 @@
//! This module implements the R1CS equivalent of `algebra::ed_on_mnt4_298`.
//!
//! It implements field variables for `algebra::ed_on_mnt4_298::Fq`,
//! and group variables for `algebra::ed_on_mnt4_298::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_mnt4_298::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_mnt4_298::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_mnt4_298::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_mnt4_298::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_mnt4_298::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `Edwards`.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;

102
r1cs-std/src/instantiated/ed_on_mnt4_753/mod.rs
View File

@@ -1,3 +1,105 @@
//! This module implements the R1CS equivalent of `algebra::ed_on_mnt4_753`.
//!
//! It implements field variables for `algebra::ed_on_mnt4_753::Fq`,
//! and group variables for `algebra::ed_on_mnt4_753::GroupProjective`.
//!
//! The field underlying these constraints is `algebra::ed_on_mnt4_753::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, ed_on_mnt4_753::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::ed_on_mnt4_753::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `EdwardsVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, ed_on_mnt4_753::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::ed_on_mnt4_753::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `Edwards` elements.
//! let a_native = EdwardsProjective::rand(&mut rng);
//! let b_native = EdwardsProjective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = EdwardsVar::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = EdwardsVar::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = EdwardsVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `Edwards`.
//! let zero = EdwardsVar::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;

150
r1cs-std/src/instantiated/mnt4_298/mod.rs
View File

@@ -1,3 +1,153 @@
//! This module implements the R1CS equivalent of `algebra::mnt4_298`.
//!
//! It implements field variables for `algebra::mnt4_298::{Fq, Fq2, Fq4}`,
//! group variables for `algebra::mnt4_298::{G1, G2}`, and implements constraint
//! generation for computing `MNT4_298::pairing`.
//!
//! The field underlying these constraints is `algebra::mnt4_298::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, mnt4_298::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::mnt4_298::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `G1Var` and `G2Var`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, mnt4_298::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt4_298::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `G1` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G1Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G1Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G1Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `G1`.
//! let zero = G1Var::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! Finally, one can check pairing computations as well:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, PairingEngine, mnt4_298::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt4_298::{self, *};
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate random `G1` and `G2` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G2Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G2Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G2Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let pairing_result_native = MNT4_298::pairing(a_native, b_native);
//!
//! // Prepare `a` and `b` for pairing.
//! let a_prep = mnt4_298::PairingVar::prepare_g1(&a)?;
//! let b_prep = mnt4_298::PairingVar::prepare_g2(&b)?;
//! let pairing_result = mnt4_298::PairingVar::pairing(a_prep, b_prep)?;
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!(pairing_result.value()?, pairing_result_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! let a_prep_const = mnt4_298::PairingVar::prepare_g1(&a_const)?;
//! let b_prep_const = mnt4_298::PairingVar::prepare_g2(&b_const)?;
//! let pairing_result_const = mnt4_298::PairingVar::pairing(a_prep_const, b_prep_const)?;
//! println!("Done here 3");
//!
//! pairing_result.enforce_equal(&pairing_result_const)?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;
mod pairing;

150
r1cs-std/src/instantiated/mnt4_753/mod.rs
View File

@@ -1,3 +1,153 @@
//! This module implements the R1CS equivalent of `algebra::mnt4_753`.
//!
//! It implements field variables for `algebra::mnt4_753::{Fq, Fq2, Fq4}`,
//! group variables for `algebra::mnt4_753::{G1, G2}`, and implements constraint
//! generation for computing `MNT4_753::pairing`.
//!
//! The field underlying these constraints is `algebra::mnt4_753::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, mnt4_753::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::mnt4_753::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `G1Var` and `G2Var`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, mnt4_753::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt4_753::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `G1` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G1Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G1Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G1Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `G1`.
//! let zero = G1Var::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! Finally, one can check pairing computations as well:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, PairingEngine, mnt4_753::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt4_753::{self, *};
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate random `G1` and `G2` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G2Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G2Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G2Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let pairing_result_native = MNT4_753::pairing(a_native, b_native);
//!
//! // Prepare `a` and `b` for pairing.
//! let a_prep = mnt4_753::PairingVar::prepare_g1(&a)?;
//! let b_prep = mnt4_753::PairingVar::prepare_g2(&b)?;
//! let pairing_result = mnt4_753::PairingVar::pairing(a_prep, b_prep)?;
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!(pairing_result.value()?, pairing_result_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! let a_prep_const = mnt4_753::PairingVar::prepare_g1(&a_const)?;
//! let b_prep_const = mnt4_753::PairingVar::prepare_g2(&b_const)?;
//! let pairing_result_const = mnt4_753::PairingVar::pairing(a_prep_const, b_prep_const)?;
//! println!("Done here 3");
//!
//! pairing_result.enforce_equal(&pairing_result_const)?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;
mod pairing;

150
r1cs-std/src/instantiated/mnt6_298/mod.rs
View File

@@ -1,3 +1,153 @@
//! This module implements the R1CS equivalent of `algebra::mnt6_298`.
//!
//! It implements field variables for `algebra::mnt6_298::{Fq, Fq3, Fq6}`,
//! group variables for `algebra::mnt6_298::{G1, G2}`, and implements constraint
//! generation for computing `MNT6_298::pairing`.
//!
//! The field underlying these constraints is `algebra::mnt6_298::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, mnt6_298::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::mnt6_298::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `G1Var` and `G2Var`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, mnt6_298::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt6_298::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `G1` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G1Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G1Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G1Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `G1`.
//! let zero = G1Var::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! Finally, one can check pairing computations as well:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, PairingEngine, mnt6_298::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt6_298::{self, *};
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate random `G1` and `G2` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G2Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G2Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G2Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let pairing_result_native = MNT6_298::pairing(a_native, b_native);
//!
//! // Prepare `a` and `b` for pairing.
//! let a_prep = mnt6_298::PairingVar::prepare_g1(&a)?;
//! let b_prep = mnt6_298::PairingVar::prepare_g2(&b)?;
//! let pairing_result = mnt6_298::PairingVar::pairing(a_prep, b_prep)?;
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!(pairing_result.value()?, pairing_result_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! let a_prep_const = mnt6_298::PairingVar::prepare_g1(&a_const)?;
//! let b_prep_const = mnt6_298::PairingVar::prepare_g2(&b_const)?;
//! let pairing_result_const = mnt6_298::PairingVar::pairing(a_prep_const, b_prep_const)?;
//! println!("Done here 3");
//!
//! pairing_result.enforce_equal(&pairing_result_const)?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;
mod pairing;

150
r1cs-std/src/instantiated/mnt6_753/mod.rs
View File

@@ -1,3 +1,153 @@
//! This module implements the R1CS equivalent of `algebra::mnt6_753`.
//!
//! It implements field variables for `algebra::mnt6_753::{Fq, Fq3, Fq6}`,
//! group variables for `algebra::mnt6_753::{G1, G2}`, and implements constraint
//! generation for computing `MNT6_753::pairing`.
//!
//! The field underlying these constraints is `algebra::mnt6_753::Fq`.
//!
//! # Examples
//!
//! One can perform standard algebraic operations on `FqVar`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! use algebra::{UniformRand, mnt6_753::*};
//! use r1cs_core::*;
//! use r1cs_std::prelude::*;
//! use r1cs_std::mnt6_753::*;
//!
//! let cs = ConstraintSystem::<Fq>::new_ref();
//! // This rng is just for test purposes; do not use it
//! // in real applications.
//! let mut rng = algebra::test_rng();
//!
//! // Generate some random `Fq` elements.
//! let a_native = Fq::rand(&mut rng);
//! let b_native = Fq::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = FqVar::new_witness(r1cs_core::ns!(cs, "generate_a"), || Ok(a_native))?;
//! let b = FqVar::new_witness(r1cs_core::ns!(cs, "generate_b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = FqVar::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = FqVar::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let one = FqVar::one();
//! let zero = FqVar::zero();
//!
//! // Sanity check one + one = two
//! let two = &one + &one + &zero;
//! two.enforce_equal(&one.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that the value of &a * &b is correct.
//! assert_eq!((&a * &b).value()?, a_native * &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! One can also perform standard algebraic operations on `G1Var` and `G2Var`:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, mnt6_753::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt6_753::*;
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate some random `G1` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G1Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G1Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G1Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! // This returns the identity of `G1`.
//! let zero = G1Var::zero();
//!
//! // Sanity check one + one = two
//! let two_a = &a + &a + &zero;
//! two_a.enforce_equal(&a.double()?)?;
//!
//! assert!(cs.is_satisfied()?);
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!((&a + &b).value()?, a_native + &b_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! (&a + &b).enforce_equal(&(&a_const + &b_const))?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
//!
//! Finally, one can check pairing computations as well:
//!
//! ```
//! # fn main() -> Result<(), r1cs_core::SynthesisError> {
//! # use algebra::{UniformRand, PairingEngine, mnt6_753::*};
//! # use r1cs_core::*;
//! # use r1cs_std::prelude::*;
//! # use r1cs_std::mnt6_753::{self, *};
//!
//! # let cs = ConstraintSystem::<Fq>::new_ref();
//! # let mut rng = algebra::test_rng();
//!
//! // Generate random `G1` and `G2` elements.
//! let a_native = G1Projective::rand(&mut rng);
//! let b_native = G2Projective::rand(&mut rng);
//!
//! // Allocate `a_native` and `b_native` as witness variables in `cs`.
//! let a = G1Var::new_witness(r1cs_core::ns!(cs, "a"), || Ok(a_native))?;
//! let b = G2Var::new_witness(r1cs_core::ns!(cs, "b"), || Ok(b_native))?;
//!
//! // Allocate `a_native` and `b_native` as constants in `cs`. This does not add any
//! // constraints or variables.
//! let a_const = G1Var::new_constant(r1cs_core::ns!(cs, "a_as_constant"), a_native)?;
//! let b_const = G2Var::new_constant(r1cs_core::ns!(cs, "b_as_constant"), b_native)?;
//!
//! let pairing_result_native = MNT6_753::pairing(a_native, b_native);
//!
//! // Prepare `a` and `b` for pairing.
//! let a_prep = mnt6_753::PairingVar::prepare_g1(&a)?;
//! let b_prep = mnt6_753::PairingVar::prepare_g2(&b)?;
//! let pairing_result = mnt6_753::PairingVar::pairing(a_prep, b_prep)?;
//!
//! // Check that the value of &a + &b is correct.
//! assert_eq!(pairing_result.value()?, pairing_result_native);
//!
//! // Check that operations on variables and constants are equivalent.
//! let a_prep_const = mnt6_753::PairingVar::prepare_g1(&a_const)?;
//! let b_prep_const = mnt6_753::PairingVar::prepare_g2(&b_const)?;
//! let pairing_result_const = mnt6_753::PairingVar::pairing(a_prep_const, b_prep_const)?;
//! println!("Done here 3");
//!
//! pairing_result.enforce_equal(&pairing_result_const)?;
//! assert!(cs.is_satisfied()?);
//! # Ok(())
//! # }
//! ```
mod curves;
mod fields;
mod pairing;

12
r1cs-std/src/instantiated/mod.rs
View File

@@ -1,50 +1,38 @@
/// This module implements the R1CS equivalent of `algebra::bls12_377`.
#[cfg(feature = "bls12_377")]
pub mod bls12_377;
/// This module implements the R1CS equivalent of `algebra::ed_on_bls12_377`.
#[cfg(feature = "ed_on_bls12_377")]
pub mod ed_on_bls12_377;
/// This module implements the R1CS equivalent of `algebra::ed_on_cp6_782`.
#[cfg(feature = "ed_on_cp6_782")]
pub mod ed_on_cp6_782;
#[cfg(all(not(feature = "ed_on_cp6_782"), feature = "ed_on_bw6_761"))]
pub(crate) mod ed_on_cp6_782;
/// This module implements the R1CS equivalent of `algebra::ed_on_bw6_761`.
#[cfg(feature = "ed_on_bw6_761")]
pub mod ed_on_bw6_761;
/// This module implements the R1CS equivalent of `algebra::ed_on_bn254`.
#[cfg(feature = "ed_on_bn254")]
pub mod ed_on_bn254;
/// This module implements the R1CS equivalent of `algebra::ed_on_bls12_381`.
#[cfg(feature = "ed_on_bls12_381")]
pub mod ed_on_bls12_381;
/// This module implements the R1CS equivalent of `algebra::ed_on_mnt4_298`.
#[cfg(feature = "ed_on_mnt4_298")]
pub mod ed_on_mnt4_298;
/// This module implements the R1CS equivalent of `algebra::ed_on_mnt4_753`.
#[cfg(feature = "ed_on_mnt4_753")]
pub mod ed_on_mnt4_753;
/// This module implements the R1CS equivalent of `algebra::mnt4_298`.
#[cfg(feature = "mnt4_298")]
pub mod mnt4_298;
/// This module implements the R1CS equivalent of `algebra::mnt4_753`.
#[cfg(feature = "mnt4_753")]
pub mod mnt4_753;
/// This module implements the R1CS equivalent of `algebra::mnt6_298`.
#[cfg(feature = "mnt6_298")]
pub mod mnt6_298;
/// This module implements the R1CS equivalent of `algebra::mnt6_753`.
#[cfg(feature = "mnt6_753")]
pub mod mnt6_753;