fields_bls12381

package
v0.0.0-...-e3ece56 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 8, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package fields_bls12381 implements the fields arithmetic of the Fp12 tower used to compute the pairing over the BLS12-381 curve.

𝔽p²[u] = 𝔽p/u²+1
𝔽p⁶[v] = 𝔽p²/v³-1-u
𝔽p¹²[w] = 𝔽p⁶/w²-v

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetHints

func GetHints() []solver.Hint

GetHints returns all hint functions used in the package.

Types

type E12

type E12 struct {
	C0, C1 E6
}

func FromE12

func FromE12(y *bls12381.E12) E12

type E2

type E2 struct {
	A0, A1 baseEl
}

func FromE2

func FromE2(y *bls12381.E2) E2

type E6

type E6 struct {
	B0, B1, B2 E2
}

func FromE6

func FromE6(y *bls12381.E6) E6

type Ext12

type Ext12 struct {
	*Ext6
}

func NewExt12

func NewExt12(api frontend.API) *Ext12

func (Ext12) Add

func (e Ext12) Add(x, y *E12) *E12

func (Ext12) AssertFinalExponentiationIsOne

func (e Ext12) AssertFinalExponentiationIsOne(x *E12)

AssertFinalExponentiationIsOne checks that a Miller function output x lies in the same equivalence class as the reduced pairing. This replaces the final exponentiation step in-circuit. The method is inspired from On Proving Pairings paper by A. Novakovic and L. Eagen, and is based on a personal communication with A. Novakovic.

func (Ext12) AssertIsEqual

func (e Ext12) AssertIsEqual(x, y *E12)

func (Ext12) CompressTorus

func (e Ext12) CompressTorus(x *E12) *E6

CompressTorus compresses x ∈ E12 to (x.C0 + 1)/x.C1 ∈ E6

func (Ext12) Conjugate

func (e Ext12) Conjugate(x *E12) *E12

func (Ext12) CyclotomicSquare

func (e Ext12) CyclotomicSquare(x *E12) *E12

Granger--Scott cyclotomic square

func (Ext12) DecompressTorus

func (e Ext12) DecompressTorus(y *E6) *E12

DecompressTorus decompresses y ∈ E6 to (y+w)/(y-w) ∈ E12

func (Ext12) DivUnchecked

func (e Ext12) DivUnchecked(x, y *E12) *E12

func (Ext12) ExpByU

func (e Ext12) ExpByU(x *E12) *E12

ExpByU sets z to x^U in E12 and return z where U = (u-1)^2/3 = 76329603384216526031706109802092473003

func (Ext12) Expt

func (e Ext12) Expt(x *E12) *E12

Expt sets z to x^t in E12 and return z where t = -u = 15132376222941642752

func (Ext12) ExptHalfTorus

func (e Ext12) ExptHalfTorus(x *E6) *E6

ExptHalfTorus set z to x^(t/2) in E6 and return z const t/2 uint64 = 7566188111470821376 // negative

func (Ext12) ExptTorus

func (e Ext12) ExptTorus(x *E6) *E6

ExptTorus set z to xᵗ in E6 and return z const t uint64 = 15132376222941642752 // negative

func (Ext12) Frobenius

func (e Ext12) Frobenius(x *E12) *E12

func (Ext12) FrobeniusSquare

func (e Ext12) FrobeniusSquare(x *E12) *E12

func (Ext12) FrobeniusSquareTorus

func (e Ext12) FrobeniusSquareTorus(y *E6) *E6

FrobeniusSquareTorus raises a compressed elements y ∈ E6 to the square modulus p^2 and returns y^(p^2) / v^((p^2-1)/2)

func (Ext12) FrobeniusTorus

func (e Ext12) FrobeniusTorus(y *E6) *E6

FrobeniusTorus raises a compressed elements y ∈ E6 to the modulus p and returns y^p / v^((p-1)/2)

func (Ext12) Inverse

func (e Ext12) Inverse(x *E12) *E12

func (Ext12) InverseTorus

func (e Ext12) InverseTorus(y *E6) *E6

InverseTorus inverses a compressed elements y ∈ E6 and returns -y

func (Ext12) IsZero

func (e Ext12) IsZero(z *E12) frontend.Variable

func (Ext12) Lookup2

func (e Ext12) Lookup2(s1, s2 frontend.Variable, a, b, c, d *E12) *E12

func (Ext12) Mul

func (e Ext12) Mul(x, y *E12) *E12

func (Ext12) Mul014By014

func (e Ext12) Mul014By014(d0, d1, c0, c1 *E2) [5]*E2
multiplies two E12 sparse element of the form:

E12{
	C0: E6{B0: c0, B1: c1, B2: 0},
	C1: E6{B0: 0, B1: 1, B2: 0},
}

and

E12{
	C0: E6{B0: d0, B1: d1, B2: 0},
	C1: E6{B0: 0, B1: 1, B2: 0},
}

func (*Ext12) MulBy01245

func (e *Ext12) MulBy01245(z *E12, x [5]*E2) *E12

MulBy01245 multiplies z by an E12 sparse element of the form

E12{
	C0: E6{B0: c0, B1: c1, B2: c2},
	C1: E6{B0: 0, B1: c4, B2: c5},
}

func (*Ext12) MulBy014

func (e *Ext12) MulBy014(z *E12, c0, c1 *E2) *E12

MulBy014 multiplies z by an E12 sparse element of the form

E12{
	C0: E6{B0: c0, B1: c1, B2: 0},
	C1: E6{B0: 0, B1: 1, B2: 0},
}

func (Ext12) MulTorus

func (e Ext12) MulTorus(y1, y2 *E6) *E6

MulTorus multiplies two compressed elements y1, y2 ∈ E6 and returns (y1 * y2 + v)/(y1 + y2) N.B.: we use MulTorus in the final exponentiation throughout y1 ≠ -y2 always.

func (Ext12) One

func (e Ext12) One() *E12

func (Ext12) Select

func (e Ext12) Select(selector frontend.Variable, z1, z0 *E12) *E12

func (Ext12) Square

func (e Ext12) Square(x *E12) *E12

func (Ext12) SquareTorus

func (e Ext12) SquareTorus(y *E6) *E6

SquareTorus squares a compressed elements y ∈ E6 and returns (y + v/y)/2

It uses a hint to verify that (2x-y)y = v saving one E6 AssertIsEqual.

func (Ext12) Sub

func (e Ext12) Sub(x, y *E12) *E12

func (Ext12) Zero

func (e Ext12) Zero() *E12

type Ext2

type Ext2 struct {
	// contains filtered or unexported fields
}

func NewExt2

func NewExt2(api frontend.API) *Ext2

func (Ext2) Add

func (e Ext2) Add(x, y *E2) *E2

func (Ext2) AssertIsEqual

func (e Ext2) AssertIsEqual(x, y *E2)

func (Ext2) Conjugate

func (e Ext2) Conjugate(x *E2) *E2

func (Ext2) DivUnchecked

func (e Ext2) DivUnchecked(x, y *E2) *E2

func (Ext2) Double

func (e Ext2) Double(x *E2) *E2

func (Ext2) Inverse

func (e Ext2) Inverse(x *E2) *E2

func (Ext2) IsZero

func (e Ext2) IsZero(z *E2) frontend.Variable

func (Ext2) Lookup2

func (e Ext2) Lookup2(s1, s2 frontend.Variable, a, b, c, d *E2) *E2

func (Ext2) Mul

func (e Ext2) Mul(x, y *E2) *E2

func (Ext2) MulByConstElement

func (e Ext2) MulByConstElement(x *E2, y *big.Int) *E2

func (Ext2) MulByElement

func (e Ext2) MulByElement(x *E2, y *baseEl) *E2

func (Ext2) MulByNonResidue

func (e Ext2) MulByNonResidue(x *E2) *E2

MulByNonResidue returns x*(1+u)

func (Ext2) MulByNonResidue1Power1

func (e Ext2) MulByNonResidue1Power1(x *E2) *E2

MulByNonResidue1Power1 returns x*(1+u)^(1*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power2

func (e Ext2) MulByNonResidue1Power2(x *E2) *E2

MulByNonResidue1Power2 returns x*(1+u)^(2*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power3

func (e Ext2) MulByNonResidue1Power3(x *E2) *E2

MulByNonResidue1Power3 returns x*(1+u)^(3*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power4

func (e Ext2) MulByNonResidue1Power4(x *E2) *E2

MulByNonResidue1Power4 returns x*(1+u)^(4*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power5

func (e Ext2) MulByNonResidue1Power5(x *E2) *E2

MulByNonResidue1Power5 returns x*(1+u)^(5*(p^1-1)/6)

func (Ext2) MulByNonResidue2Power1

func (e Ext2) MulByNonResidue2Power1(x *E2) *E2

MulByNonResidue2Power1 returns x*(1+u)^(1*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power2

func (e Ext2) MulByNonResidue2Power2(x *E2) *E2

MulByNonResidue2Power2 returns x*(1+u)^(2*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power3

func (e Ext2) MulByNonResidue2Power3(x *E2) *E2

MulByNonResidue2Power3 returns x*(1+u)^(3*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power4

func (e Ext2) MulByNonResidue2Power4(x *E2) *E2

MulByNonResidue2Power4 returns x*(1+u)^(4*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power5

func (e Ext2) MulByNonResidue2Power5(x *E2) *E2

MulByNonResidue2Power5 returns x*(1+u)^(5*(p^2-1)/6)

func (Ext2) MulByNonResidueGeneric

func (e Ext2) MulByNonResidueGeneric(x *E2, power, coef int) *E2

func (Ext2) Neg

func (e Ext2) Neg(x *E2) *E2

func (Ext2) NonResidue

func (e Ext2) NonResidue() *E2

returns 1+u

func (Ext2) One

func (e Ext2) One() *E2

func (Ext2) Select

func (e Ext2) Select(selector frontend.Variable, z1, z0 *E2) *E2

func (Ext2) Square

func (e Ext2) Square(x *E2) *E2

func (Ext2) Sub

func (e Ext2) Sub(x, y *E2) *E2

func (Ext2) Zero

func (e Ext2) Zero() *E2

type Ext6

type Ext6 struct {
	*Ext2
}

func NewExt6

func NewExt6(api frontend.API) *Ext6

func (Ext6) Add

func (e Ext6) Add(x, y *E6) *E6

func (Ext6) AssertIsEqual

func (e Ext6) AssertIsEqual(x, y *E6)

func (Ext6) DivUnchecked

func (e Ext6) DivUnchecked(x, y *E6) *E6

func (Ext6) Double

func (e Ext6) Double(x *E6) *E6

func (Ext6) Inverse

func (e Ext6) Inverse(x *E6) *E6

func (Ext6) IsZero

func (e Ext6) IsZero(z *E6) frontend.Variable

func (Ext6) Lookup2

func (e Ext6) Lookup2(s1, s2 frontend.Variable, a, b, c, d *E6) *E6

func (Ext6) Mul

func (e Ext6) Mul(x, y *E6) *E6

Mul multiplies two E6 elmts

func (Ext6) MulBy0

func (e Ext6) MulBy0(z *E6, c0 *E2) *E6

MulBy0 multiplies z by an E6 sparse element of the form

E6{
	B0: c0,
	B1: 0,
	B2: 0,
}

func (Ext6) MulBy01

func (e Ext6) MulBy01(z *E6, c0, c1 *E2) *E6

MulBy01 multiplies z by an E6 sparse element of the form

E6{
	B0: c0,
	B1: c1,
	B2: 0,
}

func (Ext6) MulBy12

func (e Ext6) MulBy12(x *E6, b1, b2 *E2) *E6

MulBy12 multiplication by sparse element (0,b1,b2)

func (Ext6) MulByE2

func (e Ext6) MulByE2(x *E6, y *E2) *E6

func (Ext6) MulByNonResidue

func (e Ext6) MulByNonResidue(x *E6) *E6

func (Ext6) Neg

func (e Ext6) Neg(x *E6) *E6

func (Ext6) One

func (e Ext6) One() *E6

func (Ext6) Select

func (e Ext6) Select(selector frontend.Variable, z1, z0 *E6) *E6

func (Ext6) Square

func (e Ext6) Square(x *E6) *E6

func (Ext6) Sub

func (e Ext6) Sub(x, y *E6) *E6

func (Ext6) Zero

func (e Ext6) Zero() *E6

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL