Worst case environments for jets

jets_worst_case_env.md

Methodolody:

Run each jet for the selected input and choose the worst case amongst those inputs. For example, when running Add32, we run bench 50 random inputs and select the worst case amongst those

Jets based on Bits

• Verify, Random inputs,
• Low32, Random inputs,
• Eq32, Both numbers equal,
• Eq256, Both numbers equal,
• Le32, Random inputs,

Jets on Arithmetic

• One32, Random inputs,
• Add32, Random inputs,
• Subtract32, Random inputs,
• Multiply32, Random inputs,
• FullAdd32, Random inputs,
• FullMultiply32, Random inputs,
• FullSubtract32, Random inputs,

Time-locks parsing

• ParseLock, Random inputs,
• ParseSequence, Set the first bit to zero to only consider valid sequences for worst case,

Hashes

• Sha256Iv, Random inputs,
• Sha256Block, Random inputs,
• Sha256Ctx8Init, Random inputs,
• Sha256Ctx8Add1, random context object with len = 512 - 8 such that block is processed,
• Sha256Ctx8Add2, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add4, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add8, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add16, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add32, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add64, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add128, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add256, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8Add512, Random context object with len = 512 - 8 such that sha block is completed.
• Sha256Ctx8AddBuffer511, Random object object with len = 512 - 8 and variable byte array len = 511,
• Sha256Ctx8Finalize, Random object with len = 512 - 8.

Jets for secp FE

Scalar = Random 32 byte arrays, ge = valid secp points, gej = (ge, fe), fe = random 32 bytes, point = valid secp point

• FeNormalize, Random Fe point,
• FeNegate, Random Fe point,
• FeAdd, Two random Fe points,
• FeSquare, Random Fe point,
• FeMultiply, Two random Fe points,
• FeMultiplyBeta, Random Fe point,
• FeInvert, Random Fe point,
• FeSquareRoot, Random Fe points,
• FeIsZero, Zero value,
• FeIsOdd, Random Fe value,

Jets for secp scalars

• ScalarNormalize, Random scalar,
• ScalarNegate, Random Scalar,
• ScalarAdd, Random two scalars,
• ScalarSquare, Random Scalar,
• ScalarMultiply, Random two scalars,
• ScalarMultiplyLambda, Random Scalar,
• ScalarInvert, Random Scalar,
• ScalarIsZero, Zero scalar,

Jets for secp gej points

• GejInfinity, Random Gej point,
• GejRescale, Random (gej, fe) pair,
• GejNormalize, Random gej,
• GejNegate, Random gej,
• GejDouble, Random gej,
• GejAdd, Random gej pair,
• GejGeAddEx, Random (gej, ge) pair,
• GejGeAdd, Random (gej, ge) pair,
• GejIsInfinity, Random (gej, fe_zero) pair,
• GejXEquiv, Random fe gej pair,
• GejYIsOdd, Random gej,
• GejIsOnCurve, Random gej,

Other jets

• GeIsOnCurve, Random ge point,
• Scale, Random (scalar, gej) pair,
• Generate, Random Scalar,
• LinearCombination1, ((Scalar, gej), scalar),
• LinearVerify1, Random (((Scalar, ge), scalar), ge),
• Decompress, Random point,
• PointVerify1, Random (((Scalar, point), scalar), point),

Signature jets

• Bip0340Verify, Valid signatures,
• CheckSigVerify, valid signatures,

SIGHALL jets chapter jets with unit src type

The jets below just read data from pre-computed cache which is fixed regardless of the input data. That is, we just read hashed values from the cache and return them. Random environment refers to env with 0th input index having:

• 25% chance of having first input pegin

• 25% chance of having first input issuance

• 25% chance of having a first input non-pegin, non-issunce, but a confidential spend

• 25% chance of having a first input non-pegin, non-issuance but explicit spend Number of inputs and outputs in the tx = 3 inputs and 6 outputs, the current index is 0 and genesis hash is random number. We only add annex for jets that directly depend on annex. RATIONALE: One input to spend a asset, one input to pay fees, one input to interact with the contract. Two outputs for asset(dest, change), two outputs for bitcoin (dest, change). One output for fees, and one output for the contract

• SigAllHash, Random Environment,

• TxHash, Random Environment,

• TapEnvHash, Random Environment,

• InputsHash, Random Environment,

• OutputsHash, Random Environment,

• IssuancesHash, Random Environment,

• InputUtxosHash, Random Environment,

• OutputAmountsHash, Random Environment,

• OutputScriptsHash, Random Environment,

• OutputNoncesHash, Random Environment,

• OutputRangeProofsHash, Random Environment,

• OutputSurjectionProofsHash, Random Environment,

• InputOutpointsHash, Random Environment,

• InputSequencesHash, Random Environment,

• InputAnnexesHash, Random Environment,

• InputScriptSigsHash, Random Environment,

• IssuanceAssetAmountsHash, Random Environment,

• IssuanceTokenAmountsHash, Random Environment,

• IssuanceRangeProofsHash, Random Environment,

• IssuanceBlindingEntropyHash, Random Environment,

• InputAmountsHash, Random Environment,

• InputScriptsHash, Random Environment,

• TapleafHash, Random Environment,

• TapbranchHash, Random Environment,

Jets with no environment required, but non unit inputs and no custom sampling

• BuildTapleafSimplicity, Random input
• BuildTapbranch, Random input

Timelock jets

• CheckLockHeight, Random environment,
• CheckLockTime, Random environment,
• CheckLockDistance, Random environment,
• CheckLockDuration, Random environment,
• TxLockHeight, Random environment,
• TxLockTime, Random environment,
• TxLockDistance, Random environment,
• TxLockDuration, Random environment,
• TxIsFinal, Random environment,

Elements Calculations jets

Jets with no environment required, but no custom sampling required

• CalculateIssuanceEntropy, Random inputs,
• CalculateAsset, Random inputs,
• CalculateExplicitToken, Random inputs,
• CalculateConfidentialToken, Random inputs,

Jets with tx introspection

• ScriptCMR, Random Environment,
• InternalKey, Random Environment,
• CurrentIndex, Random Environment,
• NumInputs, Random Environment,
• NumOutputs, Random Environment,
• LockTime, Random Environment,

Current Input

Each jet has worst case dependent on whether it is pegin or issuance or none

• CurrentPegin, First input pegin,
• CurrentPrevOutpoint, Random environment,
• CurrentAsset, Random environment,
• CurrentAmount, Random environment,
• CurrentScriptHash, Random environment,
• CurrentSequence, Random environment,
• CurrentAnnexHash, Random environment with annex added to the tx,
• CurrentScriptSigHash, Random environment,
• CurrentReissuanceBlinding, Environment with confidential issuance tx,
• CurrentNewIssuanceContract, Environment with confidential issuance tx,
• CurrentReissuanceEntropy, Environment with confidential issuance tx,
• CurrentIssuanceAssetAmount, Environment with confidential issuance tx,
• CurrentIssuanceTokenAmount, Environment with confidential issuance tx,
• CurrentIssuanceAssetProof, Environment with confidential issuance tx,
• CurrentIssuanceTokenProof, Environment with confidential issuance tx,

General tx jets

• TapleafVersion, Random inputs,
• Version, Random inputs,
• GenesisBlockHash, Random inputs,

No environment computation jets

• For sampling asset and amount, we take

• 50% of time explicit and 50% of time confidential

• nonce is 50% time null or 50% confidential

• annex is present or absent 50% of time.

• OutpointHash, Random outpoint but ctx8 is chosen such that sha2 block is processed upon adding these bytes

• AssetAmountHash, Random (asset, amount) but ctx8 is chosen such that sha2 block is processed upon adding these bytes

• NonceHash, Random nonce but ctx8 is chosen such that sha2 block is processed upon adding these bytes

• AnnexHash, Random annex but ctx8 is chosen such that sha2 block is processed upon adding these bytes

Issuance chapter jets with index

• Issuance, Current Index with issuance tx,
• IssuanceAsset, Current Index with issuance tx,
• IssuanceToken, Current Index with issuance tx,
• IssuanceEntropy, Current Index with issuance tx,

Transaction chapter jets with output index

• OutputAsset, Random valid output index with Random env,
• OutputAmount, Random valid output index with Random env,
• OutputNonce, Random valid output index with Random env,
• OutputScriptHash, Random valid output index with Random env,
• OutputNullDatum, Random valid output index with Random env, // This is the only thing that I know which is not correct
• OutputSurjectionProof, Random valid output index with Random env,
• OutputRangeProof, Random valid output index with Random env,

Transaction chapter jets with input index

• InputPegin, Current Index with pegin transaction env,
• InputPrevOutpoint, Random input index with random environment,
• InputAsset, Random input index with random environment,
• InputAmount, Random input index with random environment,
• InputScriptHash, Random input index with random environment,
• InputSequence, Random input index with random environment,
• InputAnnexHash, Current Index with random envionrment but current input having annex,
• InputScriptSigHash, Random input index with random environment,
• ReissuanceBlinding, Current Index with issuance tx,
• NewIssuanceContract, Current Index with issuance tx,
• ReissuanceEntropy, Current Index with issuance tx,
• IssuanceAssetAmount, Current Index with issuance tx,
• IssuanceTokenAmount, Current Index with issuance tx,
• IssuanceAssetProof, Current Index with issuance tx,
• IssuanceTokenProof, Current Index with issuance tx,
• Tapbranch, tapbranch at the 0th index,-