diff --git a/constantine/proof_systems/groth16_utils.nim b/constantine/proof_systems/groth16_utils.nim index b17f1e32..3f87c64c 100644 --- a/constantine/proof_systems/groth16_utils.nim +++ b/constantine/proof_systems/groth16_utils.nim @@ -1,10 +1,10 @@ -import ../../math/[arithmetic, extension_fields] -import ../../math/io/[io_bigints, io_fields, io_ec, io_extfields] -import ../../platforms/abstractions -import ../../named/[algebras, properties_fields, properties_curves] -import ../../math/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_scalar_mul, ec_multi_scalar_mul, ec_scalar_mul_vartime] +import ../math/[arithmetic, extension_fields], + ../math/io/[io_bigints, io_fields, io_ec, io_extfields], + ../platforms/abstractions, + ../named/[algebras, properties_fields, properties_curves], + ../math/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_scalar_mul, ec_multi_scalar_mul, ec_scalar_mul_vartime] -## NOTE: These constructors for ... +## Helper constructors for Fp / Fr elements used in Groth16 binary file parsers. proc toFp*[Name: static Algebra](x: seq[byte], isMont = true): Fp[Name] = let b = matchingBigInt(Name).unmarshal(x.toOpenArray(0, x.len - 1), littleEndian) if isMont: @@ -46,16 +46,6 @@ proc toEcG2*[Name: static Algebra](s: seq[byte]): EC_ShortW_Aff[Fp2[Name], G2] = if not bool(result.isNeutral()): doAssert isOnCurve(result.x, result.y, G2).bool, "Input point is not on curve!" -## Currently not used -proc randomFieldElement*[Name: static Algebra](_: typedesc[Fr[Name]]): Fr[Name] = - ## random element in ~Fr[Name]~ - let m = Fr[Name].getModulus() - var b: matchingOrderBigInt(Name) - - while b.isZero().bool or (b > m).bool: ## XXX: or just truncate? - assert b.limbs.sysrand() - result.fromBig(b) - proc asEC*[Name: static Algebra](pts: seq[seq[byte]], _: typedesc[Fp[Name]]): seq[EC_ShortW_Aff[Fp[Name], G1]] = result = newSeq[EC_ShortW_Aff[Fp[Name], G1]](pts.len) for i, el in pts: @@ -65,3 +55,12 @@ proc asEC2*[Name: static Algebra](pts: seq[seq[byte]], _: typedesc[Fp2[Name]]): result = newSeq[EC_ShortW_Aff[Fp2[Name], G2]](pts.len) for i, el in pts: result[i] = toEcG2[Name](el) + +proc randomFieldElement*[Name: static Algebra](_: typedesc[Fr[Name]]): Fr[Name] = + ## random element in ~Fr[Name]~ + let m = Fr[Name].getModulus() + var b: matchingOrderBigInt(Name) + + while b.isZero().bool or (b > m).bool: ## XXX: or just truncate? + assert b.limbs.sysrand() + result.fromBig(b) diff --git a/constantine/proof_systems/manual_groth16.nim b/constantine/proof_systems/manual_groth16.nim index c59004bb..abf12658 100644 --- a/constantine/proof_systems/manual_groth16.nim +++ b/constantine/proof_systems/manual_groth16.nim @@ -1,16 +1,16 @@ -import ./r1cs_circom_parser, - ./zkey_binary_parser, - ./wtns_binary_parser +import ./constraint_systems/r1cs_circom_parser, + ./constraint_systems/zkey_binary_parser, + ./constraint_systems/wtns_binary_parser -import ../../math/[arithmetic, extension_fields] -import ../../math/io/[io_bigints, io_fields, io_ec, io_extfields] -import ../../platforms/abstractions -import ../../named/[algebras, properties_fields, properties_curves] -import ../../math/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_scalar_mul, ec_multi_scalar_mul, ec_scalar_mul_vartime] -import ../../named/zoo_generators -import ../../csprngs/sysrand +import ../math/[arithmetic, extension_fields], + ../math/io/[io_bigints, io_fields, io_ec, io_extfields], + ../platforms/abstractions, + ../named/[algebras, properties_fields, properties_curves], + ../math/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_scalar_mul, ec_multi_scalar_mul, ec_scalar_mul_vartime], + ../named/zoo_generators, + ../csprngs/sysrand -import ../../math/polynomials/[fft_fields, fft_lut] +import ../math/polynomials/[fft_fields, fft_lut] from std / math import log2 @@ -26,15 +26,6 @@ type r: Fr[Name] s: Fr[Name] -proc randomFieldElement[Name: static Algebra](_: typedesc[Fr[Name]]): Fr[Name] = - ## random element in ~Fp[Name]~ - let m = Fr[Name].getModulus() - var b: matchingOrderBigInt(Name) - - while b.isZero().bool or (b > m).bool: ## XXX: or just truncate? - assert b.limbs.sysrand() - result.fromBig(b) - proc init*[Name: static Algebra](G: typedesc[Groth16Prover[Name]], zkey: Zkey[Name], wtns: Wtns[Name], r1cs: R1CS): Groth16Prover[Name] = result = Groth16Prover[Name]( zkey: zkey,