You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

146 lines
7.3 KiB

6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
  1. /*
  2. ┏━━━━━━━━━━━┓
  3. ┃ ┃
  4. ┃ ┃
  5. (inx, iny) ══════════════════════════════════════════▶┃ EC Point ┃
  6. ┃ ╠═▶ (outx, outy)
  7. ╔══▶┃ Adder ┃
  8. ║ ┃ ┃
  9. ║ ┃ ┃
  10. ║ ┃ ┃
  11. ┏━━━━━━━━━━━┓ ┏━━━━━━━━━━━━┓ ║ ┗━━━━━━━━━━━┛
  12. ┃ ┃ ┃ ┃ ║
  13. ┃ ┃ ┃ ┃ ║
  14. ┃ ╠═══(p0x,p0y)═══▶┃ ┃ ║
  15. ┃ ╠═══(p1x,p1y)═══▶┃ ┃ ║
  16. ┃ ╠═══(p2x,p2y)═══▶┃ ┃ ║
  17. ┃ ╠═══(p3x,p3y)═══▶┃ ┃ ║
  18. ┃ ╠═══(p4x,p4y)═══▶┃ ┃ ║
  19. ┃ ╠═══(p5x,p5y)═══▶┃ ┃ ║
  20. ┃ ╠═══(p6x,p6y)═══▶┃ ┃ ║
  21. ┃ Constant ╠═══(p7x,p7y)═══▶┃ ┃ ║
  22. ┃ Points ┃ ┃ Mux4 ╠══╝
  23. ┃ ╠═══(p8x,p8y)═══▶┃ ┃
  24. ┃ ╠═══(p9x,p9y)═══▶┃ ┃
  25. ┃ ╠══(p10x,p10y)══▶┃ ┃
  26. ┃ ╠══(p11x,p11y)══▶┃ ┃
  27. ┃ ╠══(p12x,p12y)══▶┃ ┃
  28. ┃ ╠══(p13x,p13y)══▶┃ ┃
  29. ┃ ╠══(p14x,p14y)══▶┃ ┃
  30. ┃ ╠══(p15x,p15y)══▶┃ ┃
  31. ┃ ┃ ┃ ┃
  32. ┃ ┃ ┃ ┃
  33. ┗━━━━━━━━━━━┛ ┗━━━━━━━━━━━━┛
  34. ▲ ▲ ▲ ▲
  35. │ │ │ │
  36. s0 ─────────────────────────────────┘ │ │ │
  37. s1 ────────────────────────────────────┘ │ │
  38. s2 ───────────────────────────────────────┘ │
  39. s3 ──────────────────────────────────────────┘
  40. */
  41. include "mux4.circom";
  42. include "escalarmulw4table.circom";
  43. include "babyjub.circom";
  44. template EscalarMulWindow(base, k) {
  45. signal input in[2];
  46. signal input sel[4];
  47. signal output out[2];
  48. component table;
  49. component mux;
  50. component adder;
  51. var i;
  52. table = EscalarMulW4Table(base, k);
  53. mux = MultiMux4(2);
  54. adder = BabyAdd();
  55. for (i=0; i<4; i++) {
  56. sel[i] ==> mux.s[i];
  57. }
  58. for (i=0; i<16; i++) {
  59. table.out[i][0] ==> mux.c[0][i];
  60. table.out[i][1] ==> mux.c[1][i];
  61. }
  62. in[0] ==> adder.x1;
  63. in[1] ==> adder.y1;
  64. mux.out[0] ==> adder.x2;
  65. mux.out[1] ==> adder.y2;
  66. adder.xout ==> out[0];
  67. adder.yout ==> out[1];
  68. }
  69. /*
  70. ┏━━━━━━━━━┓ ┏━━━━━━━━━┓ ┏━━━━━━━━━━━━━━━━━━━┓
  71. ┃ ┃ ┃ ┃ ┃ ┃
  72. inp ════▶┃Window(0)┃═════▶┃Window(1)┃════════ . . . . ═════════▶┃ Window(nBlocks-1) ┃═════▶ out
  73. ┃ ┃ ┃ ┃ ┃ ┃
  74. ┗━━━━━━━━━┛ ┗━━━━━━━━━┛ ┗━━━━━━━━━━━━━━━━━━━┛
  75. ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲ ▲
  76. in[0]─────────┘ │ │ │ │ │ │ │ │ │ │ │
  77. in[1]───────────┘ │ │ │ │ │ │ │ │ │ │
  78. in[2]─────────────┘ │ │ │ │ │ │ │ 0 0
  79. in[3]───────────────┘ │ │ │ │ │ │
  80. in[4]──────────────────────────┘ │ │ │ │ │
  81. in[5]────────────────────────────┘ │ │ │ │
  82. in[6]──────────────────────────────┘ │ │ │
  83. in[7]────────────────────────────────┘ │ │
  84. . │ │
  85. . │ │
  86. in[n-2]─────────────────────────────────────────────────────────────────────┘ │
  87. in[n-1]───────────────────────────────────────────────────────────────────────┘
  88. */
  89. template EscalarMul(n, base) {
  90. signal input in[n];
  91. signal input inp[2]; // Point input to be added
  92. signal output out[2];
  93. var nBlocks = ((n-1)>>2)+1;
  94. var i;
  95. var j;
  96. component windows[nBlocks];
  97. // Construct the windows
  98. for (i=0; i<nBlocks; i++) {
  99. windows[i] = EscalarMulWindow(base, i);
  100. }
  101. // Connect the selectors
  102. for (i=0; i<nBlocks; i++) {
  103. for (j=0; j<4; j++) {
  104. if (i*4+j >= n) {
  105. windows[i].sel[j] <== 0;
  106. } else {
  107. windows[i].sel[j] <== in[i*4+j];
  108. }
  109. }
  110. }
  111. // Start with generator
  112. windows[0].in[0] <== inp[0];
  113. windows[0].in[1] <== inp[1];
  114. for(i=0; i<nBlocks-1; i++) {
  115. windows[i].out[0] ==> windows[i+1].in[0];
  116. windows[i].out[1] ==> windows[i+1].in[1];
  117. }
  118. windows[nBlocks-1].out[0] ==> out[0];
  119. windows[nBlocks-1].out[1] ==> out[1];
  120. }