Skip to content

Commit

Permalink
Merge pull request #297 from ConsenSys/develop
Browse files Browse the repository at this point in the history
v0.9.0 placeholder
  • Loading branch information
gbotrel authored Jan 5, 2023
2 parents 7fcb6a3 + 2576e10 commit a628c68
Show file tree
Hide file tree
Showing 697 changed files with 92,523 additions and 51,828 deletions.
8 changes: 5 additions & 3 deletions .github/workflows/pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
- name: install Go
uses: actions/setup-go@v2
with:
go-version: 1.18.x
go-version: 1.19.x
- name: checkout code
uses: actions/checkout@v2
with:
Expand Down Expand Up @@ -43,7 +43,7 @@ jobs:
test:
strategy:
matrix:
go-version: [1.17.x, 1.18.x]
go-version: [1.18.x, 1.19.x]
os: [ubuntu-latest]
runs-on: ${{ matrix.os }}
needs:
Expand All @@ -68,7 +68,9 @@ jobs:
- name: install deps
run: go install golang.org/x/tools/cmd/goimports@latest && go install github.com/klauspost/asmfmt/cmd/asmfmt@latest
- name: Test
run: go test -p=1 -v -timeout=30m ./...
run: |
go test -p=1 -v -timeout=30m ./...
go test -p=1 -tags=purego -v -timeout=30m ./...
- name: Test (32 bits & race)
if: (matrix.os == 'ubuntu-latest') && (matrix.go-version == '1.18.x')
run: |
Expand Down
1 change: 1 addition & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ linters:
- gosimple
- govet
- ineffassign
# - errcheck

run:
issues-exit-code: 1
8 changes: 4 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
* [`bls12-377`] / [`bw6-761`]
* [`bls24-315`] / [`bw6-633`]
* [`bls12-378`] / [`bw6-756`]
* Each of these curve has a [`twistededwards`] sub-package with its companion curve which allow efficient elliptic curve cryptography inside zkSNARK circuits.
* Each of these curves has a [`twistededwards`] sub-package with its companion curve which allow efficient elliptic curve cryptography inside zkSNARK circuits.
* [`field/goff`] - Finite field arithmetic code generator (blazingly fast big.Int)
* [`fft`] - Fast Fourier Transform
* [`fri`] - FRI (multiplicative) commitment scheme
Expand Down Expand Up @@ -46,15 +46,15 @@
go get github.com/consensys/gnark-crypto
```

Note if that if you use go modules, in `go.mod` the module path is case sensitive (use `consensys` and not `ConsenSys`).
Note that if you use go modules, in `go.mod` the module path is case sensitive (use `consensys` and not `ConsenSys`).

### Development

Most (but not all) of the code is generated from the templates in `internal/generator`.

The generated code contains little to no interfaces and is strongly typed with a field (generated by the `gnark-crypto/field` package). The two main factors driving this design choice are:

1. Performance: `gnark-crypto` algorithms manipulates millions (if not billions) of field elements. Interface indirection at this level, plus garbage collection indexing takes a heavy toll on perf.
1. Performance: `gnark-crypto` algorithms manipulate millions (if not billions) of field elements. Interface indirection at this level, plus garbage collection indexing takes a heavy toll on perf.
2. Need to derive (mostly) identical code for various moduli and curves, with consistent APIs. Generics introduce significant performance overhead and are not yet suited for high performance computing.

To regenerate the files, see `internal/generator/main.go`. Run:
Expand Down Expand Up @@ -117,4 +117,4 @@ This project is licensed under the Apache 2 License - see the [LICENSE](LICENSE)
[`kzg`]: https://pkg.go.dev/github.com/consensys/gnark-crypto/ecc/bn254/fr/kzg
[`plookup`]: https://pkg.go.dev/github.com/consensys/gnark-crypto/ecc/bn254/fr/plookup
[`permutation`]: https://pkg.go.dev/github.com/consensys/gnark-crypto/ecc/bn254/fr/permutation
[`fiatshamir`]: https://pkg.go.dev/github.com/consensys/gnark-crypto/fiat-shamir
[`fiatshamir`]: https://pkg.go.dev/github.com/consensys/gnark-crypto/fiat-shamir
6 changes: 4 additions & 2 deletions accumulator/merkletree/tree.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,8 @@ func sum(h hash.Hash, data ...[]byte) []byte {

// leafSum returns the hash created from data inserted to form a leaf. Leaf
// sums are calculated using:
// Hash(0x00 || data)
//
// Hash(0x00 || data)
func leafSum(h hash.Hash, data []byte) []byte {

//return sum(h, leafHashPrefix, data)
Expand All @@ -93,7 +94,8 @@ func leafSum(h hash.Hash, data []byte) []byte {

// nodeSum returns the hash created from two sibling nodes being combined into
// a parent node. Node sums are calculated using:
// Hash(0x01 || left sibling sum || right sibling sum)
//
// Hash(0x01 || left sibling sum || right sibling sum)
func nodeSum(h hash.Hash, a, b []byte) []byte {
//return sum(h, nodeHashPrefix, a, b)
return sum(h, a, b)
Expand Down
30 changes: 18 additions & 12 deletions ecc/bls12-377/bls12-377.go
Original file line number Diff line number Diff line change
@@ -1,23 +1,29 @@
// Package bls12377 efficient elliptic curve, pairing and hash to curve implementation for bls12-377.
//
// bls12-377: A Barreto--Lynn--Scott curve with
// embedding degree k=12
// seed x₀=9586122913090633729
// 𝔽r: r=8444461749428370424248824938781546531375899335154063827935233455917409239041 (x₀⁴-x₀²+1)
// 𝔽p: p=258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 ((x₀-1)² ⋅ r(x₀)/3+x₀)
// (E/𝔽p): Y²=X³+1
// (Eₜ/𝔽p²): Y² = X³+1/u (D-type twist)
// r ∣ #E(Fp) and r ∣ #Eₜ(𝔽p²)
//
// embedding degree k=12
// seed x₀=9586122913090633729
// 𝔽r: r=8444461749428370424248824938781546531375899335154063827935233455917409239041 (x₀⁴-x₀²+1)
// 𝔽p: p=258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 ((x₀-1)² ⋅ r(x₀)/3+x₀)
// (E/𝔽p): Y²=X³+1
// (Eₜ/𝔽p²): Y² = X³+1/u (D-type twist)
// r ∣ #E(Fp) and r ∣ #Eₜ(𝔽p²)
//
// Extension fields tower:
// 𝔽p²[u] = 𝔽p/u²+5
// 𝔽p⁶[v] = 𝔽p²/v³-u
// 𝔽p¹²[w] = 𝔽p⁶/w²-v
//
// 𝔽p²[u] = 𝔽p/u²+5
// 𝔽p⁶[v] = 𝔽p²/v³-u
// 𝔽p¹²[w] = 𝔽p⁶/w²-v
//
// optimal Ate loop size:
// x₀
//
// x₀
//
// Security: estimated 126-bit level following [https://eprint.iacr.org/2019/885.pdf]
// (r is 253 bits and p¹² is 4521 bits)
//
// Warning
// # Warning
//
// This code has not been audited and is provided as-is. In particular, there is no security guarantees such as constant time implementation or side-channel attack resistance.
package bls12377
Expand Down
33 changes: 18 additions & 15 deletions ecc/bls12-377/fp/doc.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit a628c68

Please sign in to comment.