This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
https://cryptosith.org/michael/data/talks/2013-08-01-SIAMAG13.pdf | |
https://www.issac-conference.org/2015/Slides/Schost.pdf | |
http://www.craigcostello.com.au/pairings/PairingsForBeginners.pdf | |
""" | |
fresh_compute = False # Perform expensive-(ish) computations for curve orders | |
field_modulus = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577 | |
desired_curve_order = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Let (L, R) = x, 0 | |
# for i in range(128): (L, R) = (L, R) ** 3 + (k_i1, k_i2) (interpreting the two values as an element of some quadratic field over F_p, | |
# so the # actual equations are newL = L**3 + 3*q*L*R**2 + k_i1, newR = 3*L**2*R + q*R**3 + k_i2, | |
from random import randint | |
q = 21888242871839275222246405745257275088696311157297823662689037894645226208583 | |
q = 199 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
field_modulus = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787 | |
desired_curve_order = 52435875175126190479447740508185965837690552500527637822603658699938581184513 | |
Fp = GF(field_modulus) | |
PARAM_A4 = 0 | |
PARAM_A6 = 4 | |
E = EllipticCurve(Fp, [PARAM_A4, PARAM_A6]) | |
E_order = E.order() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#ifndef CHACHARNG_HPP_ | |
#define CHACHARNG_HPP_ | |
// C++ port of Rust's ChaChaRng | |
// https://rust-num.github.io/num/src/rand/chacha.rs.html | |
#include <cstdint> | |
template<size_t nRounds> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
D = -3572 | |
k = 6 | |
q = 447231129305840782240237212949663229744995012174421358105320171206333968505891497257173296273883152751267692209531558911549014331037613855148689298263886841953 | |
# log2(q) 527.025659602 | |
t = 678535529027017531887434617617827405828167042133406771522385895475121806814108 | |
r_torsion = 21888242871839275222246405745257275088696311157297823662689037894645226208583 | |
a4 = 42712243339421257868660507567123354675510133075791388004452184727050960820502924907704571467862154994392063936591279133153055638947148552957928421434686670171 | |
a6 = 131738226030767995270565871104903809777878096841386516668655049559644995686736483226876210759529899795643641377453253635430103115971908064841330245626213375876 | |
point_count = 447231129305840782240237212949663229744995012174421358105320171206333968505891496578637767246865620863833074591704153083381972197630842332762793823142080027846 | |
h = point_count // r_torsion |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
Generates verbose code for montgomery operations | |
""" | |
def mont_reduce(fp_bits, limb_bits=64): | |
assert fp_bits % limb_bits == 0 | |
n_limbs = fp_bits // limb_bits | |
n_limbs2 = n_limbs * 2 | |
args = ', '.join([f'{"&mut " if _ != 0 else ""}r{_}: u{limb_bits}' for _ in range(n_limbs2)]) | |
yield "#[inline]" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from typing import List, NamedTuple, Tuple, Union | |
from math import ceil, log2 | |
from random import randint | |
from functools import reduce | |
import operator | |
from py_ecc import bn128 as curve | |
""" | |
Implementation of PolyCommit_{DL} from: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from math import gcd | |
p = 21888242871839275222246405745257275088548364400416034343698204186575808495617 | |
primes = [int(_) for _ in """ | |
2 3 5 7 11 13 17 19 23 29 | |
31 37 41 43 47 53 59 61 67 71 | |
73 79 83 89 97 101 103 107 109 113 | |
127 131 137 139 149 151 157 163 167 173 | |
179 181 191 193 197 199 211 223 227 229 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"linkReferences": {}, | |
"object": "6060604052341561000f57600080fd5b5b6102338061001f6000396000f300606060405263ffffffff7c0100000000000000000000000000000000000000000000000000000000600035041663eca135cb811461003d575b600080fd5b341561004857600080fd5b61009e60046024813581810190830135806020601f820181900481020160405190810160405281815292919060208401838380828437509496505060ff85351694602081013594506040013592506100a0915050565b005b60006001856040518082805190602001908083835b602083106100d557805182525b601f1990920191602091820191016100b5565b6001836020036101000a038019825116818451161790925250505091909101925060409150505180910390208585856040518060005260200160405260006040516020015260405193845260ff90921660208085019190915260408085019290925260608401929092526080909201915160208103908084039060008661646e5a03f1151561016357600080fd5b50506020604051035190503073ffffffffffffffffffffffffffffffffffffffff168173ffffffffffffffffffffffffffffffffffffffff161415156101a857600080fd5b3373ffffffffffffffffffffffffffffffffffffffff166108fc3073fffffffffffffffffff |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
""" | |
Implements the Poseidon permutation: | |
Starkad and Poseidon: New Hash Functions for Zero Knowledge Proof Systems | |
- Lorenzo Grassi, Daniel Kales, Dmitry Khovratovich, Arnab Roy, Christian Rechberger, and Markus Schofnegger | |
- https://eprint.iacr.org/2019/458.pdf | |
Other implementations: |