2018-09-05 04:56:49 +02:00
|
|
|
/*
|
|
|
|
|
Copyright 2018 0kims association
|
|
|
|
|
|
|
|
|
|
This file is part of zksnark javascript library.
|
|
|
|
|
|
|
|
|
|
zksnark javascript library is free software: you can redistribute it and/or modify
|
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
zksnark javascript library is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
|
along with zksnark javascript library. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
2018-08-12 22:11:42 +02:00
|
|
|
const chai = require("chai");
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-15 09:59:18 +02:00
|
|
|
const bigInt = require("../src/bigint.js");
|
2018-08-14 09:06:00 +02:00
|
|
|
const BN128 = require("../src/BN128.js");
|
2018-08-15 11:05:17 +02:00
|
|
|
const F1Field = require("../src/zqfield.js");
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-12 20:37:43 +02:00
|
|
|
const assert = chai.assert;
|
|
|
|
|
|
2018-08-15 11:05:17 +02:00
|
|
|
|
|
|
|
|
describe("F1 testing", () => {
|
|
|
|
|
it("Should compute euclidean", () => {
|
|
|
|
|
const F = new F1Field(bigInt(7));
|
|
|
|
|
const res = F.inverse(bigInt(4));
|
|
|
|
|
|
|
|
|
|
assert(F.equals(res, bigInt(2)));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it("Should multiply and divide in F1", () => {
|
|
|
|
|
const bn128 = new BN128();
|
|
|
|
|
const a = bigInt("1");
|
|
|
|
|
const b = bn128.F1.affine(bigInt("-3"));
|
|
|
|
|
const c = bn128.F1.mul(a,b);
|
|
|
|
|
const d = bn128.F1.div(c,b);
|
|
|
|
|
|
|
|
|
|
assert(bn128.F1.equals(a, d));
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
|
2018-08-12 20:37:43 +02:00
|
|
|
describe("Curve G1 Test", () => {
|
2018-08-14 09:06:00 +02:00
|
|
|
it("r*one == 0", () => {
|
|
|
|
|
const bn128 = new BN128();
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const res = bn128.G1.mulScalar(bn128.G1.g, bn128.r);
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-14 09:06:00 +02:00
|
|
|
assert(bn128.G1.equals(res, bn128.G1.zero), "G1 does not have range r");
|
2018-08-12 20:37:43 +02:00
|
|
|
});
|
|
|
|
|
|
2018-08-12 22:11:42 +02:00
|
|
|
it("Should add match in various in G1", () => {
|
2018-08-14 09:06:00 +02:00
|
|
|
|
|
|
|
|
const bn128 = new BN128();
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-12 22:11:42 +02:00
|
|
|
const r1 = bigInt(33);
|
|
|
|
|
const r2 = bigInt(44);
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const gr1 = bn128.G1.mulScalar(bn128.G1.g, r1);
|
|
|
|
|
const gr2 = bn128.G1.mulScalar(bn128.G1.g, r2);
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-14 09:06:00 +02:00
|
|
|
const grsum1 = bn128.G1.add(gr1, gr2);
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const grsum2 = bn128.G1.mulScalar(bn128.G1.g, r1.add(r2));
|
2018-08-12 20:37:43 +02:00
|
|
|
|
2018-08-14 09:06:00 +02:00
|
|
|
assert(bn128.G1.equals(grsum1, grsum2));
|
2018-08-12 20:37:43 +02:00
|
|
|
});
|
|
|
|
|
});
|
2018-08-12 22:11:42 +02:00
|
|
|
|
|
|
|
|
describe("Curve G2 Test", () => {
|
|
|
|
|
it ("r*one == 0", () => {
|
2018-08-14 09:06:00 +02:00
|
|
|
const bn128 = new BN128();
|
2018-08-12 22:11:42 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const res = bn128.G2.mulScalar(bn128.G2.g, bn128.r);
|
2018-08-12 22:11:42 +02:00
|
|
|
|
2018-08-14 09:06:00 +02:00
|
|
|
assert(bn128.G2.equals(res, bn128.G2.zero), "G2 does not have range r");
|
2018-08-12 22:11:42 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
it("Should add match in various in G2", () => {
|
2018-08-14 09:06:00 +02:00
|
|
|
const bn128 = new BN128();
|
2018-08-12 22:11:42 +02:00
|
|
|
|
|
|
|
|
const r1 = bigInt(33);
|
|
|
|
|
const r2 = bigInt(44);
|
|
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const gr1 = bn128.G2.mulScalar(bn128.G2.g, r1);
|
|
|
|
|
const gr2 = bn128.G2.mulScalar(bn128.G2.g, r2);
|
2018-08-12 22:11:42 +02:00
|
|
|
|
2018-08-14 09:06:00 +02:00
|
|
|
const grsum1 = bn128.G2.add(gr1, gr2);
|
2018-08-12 22:11:42 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const grsum2 = bn128.G2.mulScalar(bn128.G2.g, r1.add(r2));
|
2018-08-12 22:11:42 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
console.log(G2.toString(grsum1));
|
|
|
|
|
console.log(G2.toString(grsum2));
|
|
|
|
|
*/
|
|
|
|
|
|
2018-08-14 09:06:00 +02:00
|
|
|
assert(bn128.G2.equals(grsum1, grsum2));
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe("F6 testing", () => {
|
|
|
|
|
it("Should multiply and divide in F6", () => {
|
|
|
|
|
const bn128 = new BN128();
|
|
|
|
|
const a =
|
|
|
|
|
[
|
|
|
|
|
[bigInt("1"), bigInt("2")],
|
|
|
|
|
[bigInt("3"), bigInt("4")],
|
|
|
|
|
[bigInt("5"), bigInt("6")]
|
|
|
|
|
];
|
|
|
|
|
const b =
|
|
|
|
|
[
|
|
|
|
|
[bigInt("12"), bigInt("11")],
|
|
|
|
|
[bigInt("10"), bigInt("9")],
|
|
|
|
|
[bigInt("8"), bigInt("7")]
|
|
|
|
|
];
|
|
|
|
|
const c = bn128.F6.mul(a,b);
|
|
|
|
|
const d = bn128.F6.div(c,b);
|
|
|
|
|
|
|
|
|
|
assert(bn128.F6.equals(a, d));
|
|
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe("F12 testing", () => {
|
|
|
|
|
it("Should multiply and divide in F12", () => {
|
|
|
|
|
const bn128 = new BN128();
|
|
|
|
|
const a =
|
|
|
|
|
[
|
|
|
|
|
[
|
|
|
|
|
[bigInt("1"), bigInt("2")],
|
|
|
|
|
[bigInt("3"), bigInt("4")],
|
|
|
|
|
[bigInt("5"), bigInt("6")]
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
[bigInt("7"), bigInt("8")],
|
|
|
|
|
[bigInt("9"), bigInt("10")],
|
|
|
|
|
[bigInt("11"), bigInt("12")]
|
|
|
|
|
]
|
|
|
|
|
];
|
|
|
|
|
const b =
|
|
|
|
|
[
|
|
|
|
|
[
|
|
|
|
|
[bigInt("12"), bigInt("11")],
|
|
|
|
|
[bigInt("10"), bigInt("9")],
|
|
|
|
|
[bigInt("8"), bigInt("7")]
|
|
|
|
|
],
|
|
|
|
|
[
|
|
|
|
|
[bigInt("6"), bigInt("5")],
|
|
|
|
|
[bigInt("4"), bigInt("3")],
|
|
|
|
|
[bigInt("2"), bigInt("1")]
|
|
|
|
|
]
|
|
|
|
|
];
|
|
|
|
|
const c = bn128.F12.mul(a,b);
|
|
|
|
|
const d = bn128.F12.div(c,b);
|
|
|
|
|
|
|
|
|
|
assert(bn128.F12.equals(a, d));
|
2018-08-12 22:11:42 +02:00
|
|
|
});
|
2018-08-14 09:06:00 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
|
|
describe("Pairing", () => {
|
|
|
|
|
it("Should match pairing", () => {
|
2018-08-15 15:13:21 +02:00
|
|
|
for (let i=0; i<1; i++) {
|
|
|
|
|
const bn128 = new BN128();
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const g1a = bn128.G1.mulScalar(bn128.G1.g, 25);
|
|
|
|
|
const g2a = bn128.G2.mulScalar(bn128.G2.g, 30);
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-25 00:16:12 +02:00
|
|
|
const g1b = bn128.G1.mulScalar(bn128.G1.g, 30);
|
|
|
|
|
const g2b = bn128.G2.mulScalar(bn128.G2.g, 25);
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-15 15:13:21 +02:00
|
|
|
const pre1a = bn128.precomputeG1(g1a);
|
|
|
|
|
const pre2a = bn128.precomputeG2(g2a);
|
|
|
|
|
const pre1b = bn128.precomputeG1(g1b);
|
|
|
|
|
const pre2b = bn128.precomputeG2(g2b);
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-15 15:13:21 +02:00
|
|
|
const r1 = bn128.millerLoop(pre1a, pre2a);
|
|
|
|
|
const r2 = bn128.millerLoop(pre1b, pre2b);
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-15 15:13:21 +02:00
|
|
|
const rbe = bn128.F12.mul(r1, bn128.F12.inverse(r2));
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-15 15:13:21 +02:00
|
|
|
const res = bn128.finalExponentiation(rbe);
|
2018-08-14 09:06:00 +02:00
|
|
|
|
2018-08-15 15:13:21 +02:00
|
|
|
assert(bn128.F12.equals(res, bn128.F12.one));
|
|
|
|
|
}
|
2018-08-14 09:06:00 +02:00
|
|
|
}).timeout(10000);
|
2018-08-12 22:11:42 +02:00
|
|
|
|
|
|
|
|
});
|
