-
Notifications
You must be signed in to change notification settings - Fork 237
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added XYZZ coordinates and let z=0 represent infinity
- Loading branch information
Showing
7 changed files
with
127 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
use bitvec::order::Lsb0; | ||
use bitvec::slice::BitSlice; | ||
|
||
use crate::algebra::curve::*; | ||
use crate::algebra::field::*; | ||
|
||
/// A XYZZ point on an elliptic curve over [MontFelt] satisfying: | ||
/// x = X / ZZ | ||
/// y = Y / ZZ | ||
/// ZZ^3 = ZZZ^2 | ||
/// | ||
/// This point representation is used for fast table-based scalar multiplication | ||
/// and only include add_affine and add_affine_unchecked operations. | ||
#[derive(Clone, Debug, Eq, PartialEq)] | ||
pub struct XYZZPoint { | ||
pub x: MontFelt, | ||
pub y: MontFelt, | ||
pub zz: MontFelt, | ||
pub zzz: MontFelt, | ||
} | ||
|
||
impl From<&AffinePoint> for XYZZPoint { | ||
fn from(p: &AffinePoint) -> Self { | ||
let x = p.x; | ||
let y = p.y; | ||
let zz = MontFelt::ONE; | ||
let zzz = MontFelt::ONE; | ||
XYZZPoint { x, y, zz, zzz } | ||
} | ||
} | ||
|
||
impl XYZZPoint { | ||
/// Check if the point is the point of infinity | ||
pub fn is_infinity(&self) -> bool { | ||
self.zz.is_zero() | ||
} | ||
|
||
/// Add an affine point to this point | ||
pub fn add_affine(&mut self, other: &AffinePoint) { | ||
if other.infinity { | ||
return; | ||
} | ||
if self.is_infinity() { | ||
self.x = other.x; | ||
self.y = other.y; | ||
let z = if other.infinity { | ||
MontFelt::ZERO | ||
} else { | ||
MontFelt::ONE | ||
}; | ||
self.zz = z; | ||
self.zzz = z; | ||
|
||
return; | ||
} | ||
self.add_affine_unchecked(other); | ||
} | ||
|
||
/// Add an affine point to this point, neither must be the point of infinity | ||
pub fn add_affine_unchecked(&mut self, other: &AffinePoint) { | ||
// See https://www.hyperelliptic.org/EFD/g1p/auto-shortw-xyzz.html#addition-madd-2008-s | ||
let p = other.x * self.zz - self.x; | ||
let r = other.y * self.zzz - self.y; | ||
let pp = p.square(); | ||
let ppp = p * pp; | ||
let q = self.x * pp; | ||
self.x = r.square() - ppp - q.double(); | ||
self.y = r * (q - self.x) - self.y * ppp; | ||
self.zz *= pp; | ||
self.zzz *= ppp; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,34 +1,34 @@ | ||
//! Generators for the Pedersen hash function. | ||
//! | ||
//! See <https://docs.starkware.co/starkex/crypto/pedersen-hash-function.html> | ||
use crate::algebra::curve::ProjectivePoint; | ||
use crate::algebra::curve::AffinePoint; | ||
|
||
/// Montgomery representation of the Stark curve constant P0. | ||
pub const PEDERSEN_P0: ProjectivePoint = ProjectivePoint::from_hex( | ||
pub const PEDERSEN_P0: AffinePoint = AffinePoint::from_hex( | ||
"49EE3EBA8C1600700EE1B87EB599F16716B0B1022947733551FDE4050CA6804", | ||
"3CA0CFE4B3BC6DDF346D49D06EA0ED34E621062C0E056C1D0405D266E10268A", | ||
); | ||
|
||
/// Montgomery representation of the Stark curve constant P1. | ||
pub const PEDERSEN_P1: ProjectivePoint = ProjectivePoint::from_hex( | ||
pub const PEDERSEN_P1: AffinePoint = AffinePoint::from_hex( | ||
"234287DCBAFFE7F969C748655FCA9E58FA8120B6D56EB0C1080D17957EBE47B", | ||
"3B056F100F96FB21E889527D41F4E39940135DD7A6C94CC6ED0268EE89E5615", | ||
); | ||
|
||
/// Montgomery representation of the Stark curve constant P2. | ||
pub const PEDERSEN_P2: ProjectivePoint = ProjectivePoint::from_hex( | ||
pub const PEDERSEN_P2: AffinePoint = AffinePoint::from_hex( | ||
"4FA56F376C83DB33F9DAB2656558F3399099EC1DE5E3018B7A6932DBA8AA378", | ||
"3FA0984C931C9E38113E0C0E47E4401562761F92A7A23B45168F4E80FF5B54D", | ||
); | ||
|
||
/// Montgomery representation of the Stark curve constant P3. | ||
pub const PEDERSEN_P3: ProjectivePoint = ProjectivePoint::from_hex( | ||
pub const PEDERSEN_P3: AffinePoint = AffinePoint::from_hex( | ||
"4BA4CC166BE8DEC764910F75B45F74B40C690C74709E90F3AA372F0BD2D6997", | ||
"40301CF5C1751F4B971E46C4EDE85FCAC5C59A5CE5AE7C48151F27B24B219C", | ||
); | ||
|
||
/// Montgomery representation of the Stark curve constant P4. | ||
pub const PEDERSEN_P4: ProjectivePoint = ProjectivePoint::from_hex( | ||
pub const PEDERSEN_P4: AffinePoint = AffinePoint::from_hex( | ||
"54302DCB0E6CC1C6E44CCA8F61A63BB2CA65048D53FB325D36FF12C49A58202", | ||
"1B77B3E37D13504B348046268D8AE25CE98AD783C25561A879DCC77E99C2426", | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters