fields_bn254

package
v0.0.0-...-e3ece56 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 8, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Overview

Package fields_bn254 implements the fields arithmetic of the Fp12 tower used to compute the pairing over the BN254 curve.

𝔽p²[u] = 𝔽p/u²+1
𝔽p⁶[v] = 𝔽p²/v³-9-u
𝔽p¹²[w] = 𝔽p⁶/w²-v

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetHints

func GetHints() []solver.Hint

GetHints returns all hint functions used in the package.

Types

type E12

type E12 struct {
	C0, C1 E6
}

func FromE12

func FromE12(y *bn254.E12) E12

type E2

type E2 struct {
	A0, A1 baseEl
}

func FromE2

func FromE2(y *bn254.E2) E2

type E6

type E6 struct {
	B0, B1, B2 E2
}

func FromE6

func FromE6(y *bn254.E6) E6

type Ext12

type Ext12 struct {
	*Ext6
}

func NewExt12

func NewExt12(api frontend.API) *Ext12

func (Ext12) Add

func (e Ext12) Add(x, y *E12) *E12

func (Ext12) AssertFinalExponentiationIsOne

func (e Ext12) AssertFinalExponentiationIsOne(x *E12)

AssertFinalExponentiationIsOne checks that a Miller function output x lies in the same equivalence class as the reduced pairing. This replaces the final exponentiation step in-circuit. The method follows Section 4 of On Proving Pairings paper by A. Novakovic and L. Eagen.

func (Ext12) AssertIsEqual

func (e Ext12) AssertIsEqual(x, y *E12)

func (Ext12) CompressTorus

func (e Ext12) CompressTorus(x *E12) *E6

CompressTorus compresses x ∈ E12 to (x.C0 + 1)/x.C1 ∈ E6

func (Ext12) Conjugate

func (e Ext12) Conjugate(x *E12) *E12

func (Ext12) CyclotomicSquare

func (e Ext12) CyclotomicSquare(x *E12) *E12

Granger--Scott cyclotomic square

func (Ext12) DecompressTorus

func (e Ext12) DecompressTorus(y *E6) *E12

DecompressTorus decompresses y ∈ E6 to (y+w)/(y-w) ∈ E12

func (Ext12) DivUnchecked

func (e Ext12) DivUnchecked(x, y *E12) *E12

func (Ext12) ExpByU

func (e Ext12) ExpByU(x *E12) *E12

Exponentiation by U=6u+2 where t is the seed u=4965661367192848881

func (Ext12) ExptTorus

func (e Ext12) ExptTorus(x *E6) *E6

Exponentiation by the seed t=4965661367192848881 The computations are performed on E6 compressed form using Torus-based arithmetic.

func (Ext12) Frobenius

func (e Ext12) Frobenius(x *E12) *E12

func (Ext12) FrobeniusCube

func (e Ext12) FrobeniusCube(x *E12) *E12

func (Ext12) FrobeniusCubeTorus

func (e Ext12) FrobeniusCubeTorus(y *E6) *E6

FrobeniusCubeTorus raises a compressed elements y ∈ E6 to the cube modulus p^3 and returns y^(p^3) / v^((p^3-1)/2)

func (Ext12) FrobeniusSquare

func (e Ext12) FrobeniusSquare(x *E12) *E12

func (Ext12) FrobeniusSquareTorus

func (e Ext12) FrobeniusSquareTorus(y *E6) *E6

FrobeniusSquareTorus raises a compressed elements y ∈ E6 to the square modulus p^2 and returns y^(p^2) / v^((p^2-1)/2)

func (Ext12) FrobeniusTorus

func (e Ext12) FrobeniusTorus(y *E6) *E6

FrobeniusTorus raises a compressed elements y ∈ E6 to the modulus p and returns y^p / v^((p-1)/2)

func (Ext12) Inverse

func (e Ext12) Inverse(x *E12) *E12

func (Ext12) InverseTorus

func (e Ext12) InverseTorus(y *E6) *E6

InverseTorus inverses a compressed elements y ∈ E6 and returns -y

func (Ext12) IsEqual

func (e Ext12) IsEqual(x, y *E12) frontend.Variable

func (Ext12) IsZero

func (e Ext12) IsZero(z *E12) frontend.Variable

func (Ext12) Lookup2

func (e Ext12) Lookup2(s1, s2 frontend.Variable, a, b, c, d *E12) *E12

func (Ext12) Mul

func (e Ext12) Mul(x, y *E12) *E12

func (*Ext12) Mul01234By034

func (e *Ext12) Mul01234By034(x [5]*E2, z3, z4 *E2) *E12
multiplies two E12 sparse element of the form:

E12{
	C0: E6{B0: x0, B1: x1, B2: x2},
	C1: E6{B0: x3, B1: x4, B2: 0},
}

and

E12{
	C0: E6{B0: 1, B1: 0, B2: 0},
	C1: E6{B0: z3, B1: z4, B2: 0},
}

func (*Ext12) Mul034By034

func (e *Ext12) Mul034By034(d3, d4, c3, c4 *E2) [5]*E2
multiplies two E12 sparse element of the form:

E12{
	C0: E6{B0: 1, B1: 0, B2: 0},
	C1: E6{B0: c3, B1: c4, B2: 0},
}

and

E12{
	C0: E6{B0: 1, B1: 0, B2: 0},
	C1: E6{B0: d3, B1: d4, B2: 0},
}

func (*Ext12) MulBy01234

func (e *Ext12) MulBy01234(z *E12, x [5]*E2) *E12

MulBy01234 multiplies z by an E12 sparse element of the form

E12{
	C0: E6{B0: c0, B1: c1, B2: c2},
	C1: E6{B0: c3, B1: c4, B2: 0},
}

func (*Ext12) MulBy034

func (e *Ext12) MulBy034(z *E12, c3, c4 *E2) *E12

MulBy034 multiplies z by an E12 sparse element of the form

E12{
	C0: E6{B0: 1, B1: 0, B2: 0},
	C1: E6{B0: c3, B1: c4, B2: 0},
}

func (Ext12) MulTorus

func (e Ext12) MulTorus(y1, y2 *E6) *E6

MulTorus multiplies two compressed elements y1, y2 ∈ E6 and returns (y1 * y2 + v)/(y1 + y2) N.B.: we use MulTorus in the final exponentiation throughout y1 ≠ -y2 always.

func (Ext12) One

func (e Ext12) One() *E12

func (Ext12) Select

func (e Ext12) Select(selector frontend.Variable, z1, z0 *E12) *E12

func (Ext12) Square

func (e Ext12) Square(x *E12) *E12

func (*Ext12) Square034

func (e *Ext12) Square034(x *E12) *E12

Square034 squares an E12 sparse element of the form

E12{
	C0: E6{B0: 1, B1: 0, B2: 0},
	C1: E6{B0: c3, B1: c4, B2: 0},
}

func (Ext12) SquareTorus

func (e Ext12) SquareTorus(y *E6) *E6

SquareTorus squares a compressed elements y ∈ E6 and returns (y + v/y)/2

It uses a hint to verify that (2x-y)y = v saving one E6 AssertIsEqual.

func (Ext12) Sub

func (e Ext12) Sub(x, y *E12) *E12

func (Ext12) Zero

func (e Ext12) Zero() *E12

type Ext2

type Ext2 struct {
	// contains filtered or unexported fields
}

func NewExt2

func NewExt2(api frontend.API) *Ext2

func (Ext2) Add

func (e Ext2) Add(x, y *E2) *E2

func (Ext2) AssertIsEqual

func (e Ext2) AssertIsEqual(x, y *E2)

func (Ext2) Conjugate

func (e Ext2) Conjugate(x *E2) *E2

func (Ext2) DivUnchecked

func (e Ext2) DivUnchecked(x, y *E2) *E2

func (Ext2) Double

func (e Ext2) Double(x *E2) *E2

func (Ext2) Inverse

func (e Ext2) Inverse(x *E2) *E2

func (Ext2) IsEqual

func (e Ext2) IsEqual(x, y *E2) frontend.Variable

func (Ext2) IsZero

func (e Ext2) IsZero(z *E2) frontend.Variable

func (Ext2) Lookup2

func (e Ext2) Lookup2(s1, s2 frontend.Variable, a, b, c, d *E2) *E2

func (Ext2) Mul

func (e Ext2) Mul(x, y *E2) *E2

func (Ext2) MulByConstElement

func (e Ext2) MulByConstElement(x *E2, y *big.Int) *E2

func (Ext2) MulByElement

func (e Ext2) MulByElement(x *E2, y *baseEl) *E2

func (Ext2) MulByNonResidue

func (e Ext2) MulByNonResidue(x *E2) *E2

MulByNonResidue return x*(9+u)

func (Ext2) MulByNonResidue1Power1

func (e Ext2) MulByNonResidue1Power1(x *E2) *E2

MulByNonResidue1Power1 returns x*(9+u)^(1*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power2

func (e Ext2) MulByNonResidue1Power2(x *E2) *E2

MulByNonResidue1Power2 returns x*(9+u)^(2*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power3

func (e Ext2) MulByNonResidue1Power3(x *E2) *E2

MulByNonResidue1Power3 returns x*(9+u)^(3*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power4

func (e Ext2) MulByNonResidue1Power4(x *E2) *E2

MulByNonResidue1Power4 returns x*(9+u)^(4*(p^1-1)/6)

func (Ext2) MulByNonResidue1Power5

func (e Ext2) MulByNonResidue1Power5(x *E2) *E2

MulByNonResidue1Power5 returns x*(9+u)^(5*(p^1-1)/6)

func (Ext2) MulByNonResidue2Power1

func (e Ext2) MulByNonResidue2Power1(x *E2) *E2

MulByNonResidue2Power1 returns x*(9+u)^(1*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power2

func (e Ext2) MulByNonResidue2Power2(x *E2) *E2

MulByNonResidue2Power2 returns x*(9+u)^(2*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power3

func (e Ext2) MulByNonResidue2Power3(x *E2) *E2

MulByNonResidue2Power3 returns x*(9+u)^(3*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power4

func (e Ext2) MulByNonResidue2Power4(x *E2) *E2

MulByNonResidue2Power4 returns x*(9+u)^(4*(p^2-1)/6)

func (Ext2) MulByNonResidue2Power5

func (e Ext2) MulByNonResidue2Power5(x *E2) *E2

MulByNonResidue2Power5 returns x*(9+u)^(5*(p^2-1)/6)

func (Ext2) MulByNonResidue3Power1

func (e Ext2) MulByNonResidue3Power1(x *E2) *E2

MulByNonResidue3Power1 returns x*(9+u)^(1*(p^3-1)/6)

func (Ext2) MulByNonResidue3Power2

func (e Ext2) MulByNonResidue3Power2(x *E2) *E2

MulByNonResidue3Power2 returns x*(9+u)^(2*(p^3-1)/6)

func (Ext2) MulByNonResidue3Power3

func (e Ext2) MulByNonResidue3Power3(x *E2) *E2

MulByNonResidue3Power3 returns x*(9+u)^(3*(p^3-1)/6)

func (Ext2) MulByNonResidue3Power4

func (e Ext2) MulByNonResidue3Power4(x *E2) *E2

MulByNonResidue3Power4 returns x*(9+u)^(4*(p^3-1)/6)

func (Ext2) MulByNonResidue3Power5

func (e Ext2) MulByNonResidue3Power5(x *E2) *E2

MulByNonResidue3Power5 returns x*(9+u)^(5*(p^3-1)/6)

func (Ext2) MulByNonResidueGeneric

func (e Ext2) MulByNonResidueGeneric(x *E2, power, coef int) *E2

func (Ext2) Neg

func (e Ext2) Neg(x *E2) *E2

func (Ext2) One

func (e Ext2) One() *E2

func (Ext2) Select

func (e Ext2) Select(selector frontend.Variable, z1, z0 *E2) *E2

func (Ext2) Square

func (e Ext2) Square(x *E2) *E2

func (Ext2) Sub

func (e Ext2) Sub(x, y *E2) *E2

func (Ext2) Zero

func (e Ext2) Zero() *E2

type Ext6

type Ext6 struct {
	*Ext2
}

func NewExt6

func NewExt6(api frontend.API) *Ext6

func (Ext6) Add

func (e Ext6) Add(x, y *E6) *E6

func (Ext6) AssertIsEqual

func (e Ext6) AssertIsEqual(x, y *E6)

func (Ext6) DivUnchecked

func (e Ext6) DivUnchecked(x, y *E6) *E6

func (Ext6) Double

func (e Ext6) Double(x *E6) *E6

func (Ext6) FrobeniusSquare

func (e Ext6) FrobeniusSquare(x *E6) *E6

func (Ext6) Inverse

func (e Ext6) Inverse(x *E6) *E6

func (Ext6) IsEqual

func (e Ext6) IsEqual(x, y *E6) frontend.Variable

func (Ext6) IsZero

func (e Ext6) IsZero(z *E6) frontend.Variable

func (Ext6) Lookup2

func (e Ext6) Lookup2(s1, s2 frontend.Variable, a, b, c, d *E6) *E6

func (Ext6) Mul

func (e Ext6) Mul(x, y *E6) *E6

Mul multiplies two E6 elmts

func (Ext6) Mul01By01

func (e Ext6) Mul01By01(c0, c1, d0, d1 *E2) *E6

Mul01By01 multiplies two E6 sparse element of the form:

E6{
	B0: c0,
	B1: c1,
	B2: 0,
}

and

E6{
	B0: d0,
	B1: d1,
	B2: 0,
}

func (Ext6) MulBy0

func (e Ext6) MulBy0(z *E6, c0 *E2) *E6

MulBy0 multiplies z by an E6 sparse element of the form

E6{
	B0: c0,
	B1: 0,
	B2: 0,
}

func (Ext6) MulBy01

func (e Ext6) MulBy01(z *E6, c0, c1 *E2) *E6

MulBy01 multiplies z by an E6 sparse element of the form

E6{
	B0: c0,
	B1: c1,
	B2: 0,
}

func (Ext6) MulByConstE2

func (e Ext6) MulByConstE2(x *E6, y *E2) *E6

func (Ext6) MulByE2

func (e Ext6) MulByE2(x *E6, y *E2) *E6

func (Ext6) MulByNonResidue

func (e Ext6) MulByNonResidue(x *E6) *E6

func (Ext6) Neg

func (e Ext6) Neg(x *E6) *E6

func (Ext6) One

func (e Ext6) One() *E6

func (Ext6) Select

func (e Ext6) Select(selector frontend.Variable, z1, z0 *E6) *E6

func (Ext6) Square

func (e Ext6) Square(x *E6) *E6

func (Ext6) Sub

func (e Ext6) Sub(x, y *E6) *E6

func (Ext6) Zero

func (e Ext6) Zero() *E6

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL