Skip to content

Commit

Permalink
Improve speed of polyvec_add() proof.
Browse files Browse the repository at this point in the history
Removes detailed ENSURES clause for polyvec_add()
since this is not required for proof of type-safety
of calling units.

Add comment explaining why a strong ENSURES
clause on polyvec_add() is NOT required
for proof of type-safety.

Signed-off-by: Rod Chapman <[email protected]>
  • Loading branch information
rod-chapman authored and hanno-becker committed Nov 12, 2024
1 parent e55ab4d commit b53f1f0
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions mlkem/polyvec.h
Original file line number Diff line number Diff line change
Expand Up @@ -199,13 +199,16 @@ ENSURES(FORALL(int, k0, 0, MLKEM_K - 1,
*
* Description: Add vectors of polynomials
*
* Arguments: - polyvec *r: pointer to input-output vector of polynomials to be
*added to
* Arguments: - polyvec *r: pointer to input-output vector of polynomials to be
* added to
* - const polyvec *b: pointer to second input vector of polynomials
*
* The coefficients of r and b must be so that the addition does
* not overflow. Otherwise, the behaviour of this function is undefined.
*
* The coefficients returned in *r are in int16_t which is sufficient
* to prove type-safety of calling units. Therefore, no stronger
* ENSURES clause is required on this function.
**************************************************/
void polyvec_add(polyvec *r, const polyvec *b) // clang-format off
REQUIRES(IS_FRESH(r, sizeof(polyvec)))
Expand All @@ -216,9 +219,6 @@ REQUIRES(FORALL(int, j0, 0, MLKEM_K - 1,
REQUIRES(FORALL(int, j1, 0, MLKEM_K - 1,
FORALL(int, k1, 0, MLKEM_N - 1,
(int32_t)r->vec[j1].coeffs[k1] + b->vec[j1].coeffs[k1] >= INT16_MIN)))
ENSURES(FORALL(int, j, 0, MLKEM_K - 1,
FORALL(int, k, 0, MLKEM_N - 1,
r->vec[j].coeffs[k] == OLD(*r).vec[j].coeffs[k] + b->vec[j].coeffs[k])))
ASSIGNS(OBJECT_WHOLE(r));
// clang-format on

Expand Down

0 comments on commit b53f1f0

Please sign in to comment.