arnaucube
/
circomlib
mirror of https://github.com/arnaucube/circomlib.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
129 Commits
7 Branches
7 Tags
51 MiB
Tree: b2ac4daaa7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b2ac4daaa7'
${ noResults }
circomlib/circuits/pedersen_old.circom

66 lines
3.2 KiB
Raw Normal View History

Substractor
6 years ago
Before merging in a single lib
6 years ago
Adapted circuits to the construction fase refactorization
4 years ago
Blake to Blake2b and use of native big num
4 years ago
Change bases and IV
6 years ago
Before merging in a single lib
6 years ago
  1. /*
  2. Copyright 2018 0KIMS association.
  4. This file is part of circom (Zero Knowledge Circuit Compiler).
  6. circom is a free software: you can redistribute it and/or modify it
  7. under the terms of the GNU General Public License as published by
  8. the Free Software Foundation, either version 3 of the License, or
  9. (at your option) any later version.
  11. circom is distributed in the hope that it will be useful, but WITHOUT
  12. ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13. or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
  14. License for more details.
  16. You should have received a copy of the GNU General Public License
  17. along with circom. If not, see <https://www.gnu.org/licenses/>.
  18. */
  20. include "escalarmul.circom";
  22. template Pedersen(n) {
  23. signal input in[n];
  24. signal output out[2];
  26. var nexps = ((n-1) \ 250) + 1;
  27. var nlastbits = n - (nexps-1)*250;
  29. component escalarMuls[nexps];
  31. var PBASE[10][2] = [
  32. [7688621503272331394947188562469131124099290577812125474996268020905176040083,6637287939860384587467947982369268811366630904563077767287326262235485629411],
  33. [11549681895645637778324638856880330712650895608496649854094912415387988201330,5771732722784528537721081267383956005090479808901717812009343940574217488577],
  34. [18790245153471844934157747708238883966079935875787657036767664036124524381945,18300275459419441151064576487317481499516933849631632883767173501999997278432],
  35. [16301069151422548986850494139112207641738464387919729729324473657161689764196,8215273507373494014441104012907835625670941526105528197815397741007626226499],
  36. [12597665704678284488008395353749282149622295037737374782196049599390683534185,4072455241781501621593714139281767473040087753548015968773801065193764079468],
  37. [4729410576230735258214831208080552588881894465489299233097088872252465832672,14367731890670510422926552586486424937476635415639602730590517235570020260326],
  38. [7546420686025050869200393054526306477146836870617678274607971529534032974471,8663210466512842901413293603100781938253817808912549776944118491282484711929],
  39. [6544653022506992755201027646251976600601201151329001772892901529509137954387,5932506509962692832681604586561215780097326378431958035490245111470435106811],
  40. [12376274813795671622507230443130412169480807188767687554607910279743333852725,10116389110458158800073166533660211332390835019644001845057351607297889034557],
  41. [18268098112071835140361074835791174816144587762778386397940339415400583397725,8120955462199046866292537174552276799123029303901205157708576578886090835495]
  42. ];
  44. var i;
  45. var j;
  46. var nexpbits;
  47. for (i=0; i<nexps; i++) {
  48. nexpbits = (i == nexps-1) ? nlastbits : 250;
  49. escalarMuls[i] = EscalarMul(nexpbits, PBASE[i]);
  51. for (j=0; j<nexpbits; j++) {
  52. escalarMuls[i].in[j] <== in[250*i + j];
  53. }
  55. if (i==0) {
  56. escalarMuls[i].inp[0] <== 0;
  57. escalarMuls[i].inp[1] <== 1;
  58. } else {
  59. escalarMuls[i].inp[0] <== escalarMuls[i-1].out[0];
  60. escalarMuls[i].inp[1] <== escalarMuls[i-1].out[1];
  61. }
  62. }
  64. escalarMuls[nexps-1].out[0] ==> out[0];
  65. escalarMuls[nexps-1].out[1] ==> out[1];
  66. }