Skip to content
This repository has been archived by the owner on Aug 16, 2024. It is now read-only.

πŸ“ˆ Elliptic Curve and Modexp Precompiles #23

Open
wants to merge 19 commits into
base: dl-precompiles
Choose a base branch
from
Open

πŸ“ˆ Elliptic Curve and Modexp Precompiles #23

wants to merge 19 commits into from

Conversation

ZamDimon
Copy link

@ZamDimon ZamDimon commented May 7, 2024
edited
Loading

What ❔

This pull request adds the evm abstractions for the following precompiles:

  • ecadd: adding two points on the elliptic curve;
  • ecmul: multiplying two points on the elliptic curve;
  • ecpairing: verification of pairing operation;
  • modexp: modular exponentiation.

Why ❔

They haven't been implemented yet, thus the PR.

Checklist

  • PR title corresponds to the PR body (we generate changelog entries from PRs).
  • Tests for the changes have been added / updated.
  • Documentation comments have been added / updated.
  • Code has been formatted via zk fmt and zk lint.

@ZamDimon ZamDimon changed the title πŸ“ˆ Elliptic Curve Precompiles πŸ“ˆ Elliptic Curve and Modexp Precompiles May 10, 2024
@jules jules changed the base branch from main to dl-precompiles May 25, 2024 14:18
@jules jules deleted the branch matter-labs:dl-precompiles May 25, 2024 14:21
@jules jules closed this May 25, 2024
@jules jules reopened this May 25, 2024
@jules jules changed the base branch from dl-precompiles to v1.5.1 May 25, 2024 14:22
@jules jules changed the base branch from v1.5.1 to dl-precompiles May 25, 2024 14:24
jules
jules reviewed May 25, 2024
View reviewed changes
src/vm.rs Outdated Show resolved Hide resolved
vladbochok
vladbochok reviewed May 27, 2024
View reviewed changes
src/precompiles/ecmul.rs Outdated
// and validating that the conversion is successful
let x1_field = Fq::from_str(x1.to_string().as_str()).ok_or(Error::msg("invalid x1"))?;
let y1_field = Fq::from_str(y1.to_string().as_str()).ok_or(Error::msg("invalid y1"))?;
let s_field = Fr::from_str(s.to_string().as_str()).ok_or(Error::msg("invalid s"))?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is that? s can be an arbitrary uint256 number

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True, missed that, we will update

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, indeed, missed that. Now, s can be arbitrary. Also, I added three different tests where the scalar is greater than the group order to make sure we have not missed anything

@NikitaMasych NikitaMasych force-pushed the feature/ec-and-modexp-precompiles branch from 65c274c to 8ad9745 Compare May 27, 2024 16:11
@NikitaMasych NikitaMasych force-pushed the feature/ec-and-modexp-precompiles branch from 8ad9745 to 245965b Compare May 27, 2024 16:44
@ZamDimon
Copy link
Author

Fixed the issue where the point at infinity was encoded as a tuple (0,1) due to the internal implementation in https://github.com/matter-labs/pairing.

According to the precompile spec, the point at infinity is now encoded as (0,0) (see here. I have added corresponding tests to assert that this now holds.

@NikitaMasych NikitaMasych mentioned this pull request Sep 5, 2024
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@NikitaMasych NikitaMasych NikitaMasych left review comments

@vladbochok vladbochok vladbochok left review comments

@jules jules jules left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ZamDimon @jules @vladbochok @NikitaMasych