tornadocash
/
snarkjs
mirror of https://github.com/tornadocash/snarkjs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

sqrt added in ZqField

This commit is contained in:
Jordi Baylina 2018-11-11 19:48:02 +01:00
parent 448dc345ad
commit ceb9a7f58e
No known key found for this signature in database
GPG Key ID: 7480C80C1BE43112
6 changed files with 96 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
index.js
View File

@ -29,3 +29,7 @@ exports.groth = {
isValid: require("./src/verifier_groth.js")
};
exports.bigInt = require("./src/bigint.js");
exports.ZqField = require("./src/zqfield.js");
const Bn128 = require("./src/bn128.js");
exports.bn128 = new Bn128();

1
src/bn128.js
View File

@ -52,6 +52,7 @@ class BN128 {
this.G2 = new GCurve(this.F2, this.g2);
this.F6 = new F3Field(this.F2, this.nonResidueF6);
this.F12 = new F2Field(this.F6, this.nonResidueF6);
this.Fr = new F1Field(this.r);
const self = this;
this.F12._mulByNonResidue = function(a) {
return [self.F2.mul(this.nonResidue, a[2]), a[0], a[1]];

62
src/zqfield.js
View File

@ -24,9 +24,10 @@ const fUtils = require("./futils.js");
class ZqField {
constructor(q) {
this.q = q;
this.q = bigInt(q);
this.zero = bigInt.zero;
this.one = bigInt.one;
this.minusone = this.q.sub(this.one);
this.add = bigInt.genAdd();
this.double = bigInt.genDouble();
this.sub = bigInt.genSub();
@ -39,6 +40,24 @@ class ZqField {
this.isZero = bigInt.genIsZero(q);
this.two = this.add(this.one, this.one);
this.twoinv = this.inverse(this.two);
const e = this.minusone.shr(this.one);
this.nqr = this.two;
let r = this.exp(this.nqr, e);
while (!r.equals(this.minusone)) {
this.nqr = this.nqr.add(this.one);
r = this.exp(this.nqr, e);
}
this.s = this.zero;
this.t = this.minusone;
while (!this.t.isOdd()) {
this.s = this.s.add(this.one);
this.t = this.t.shr(this.one);
}
this.nqr_to_t = this.exp(this.nqr, this.t);
}
copy(a) {
@ -71,6 +90,47 @@ class ZqField {
}
return res;
}
sqrt(n) {
n = this.affine(n);
if (n.equals(this.zero)) return this.zero;
// Test that have solution
const res = this.exp(n, this.minusone.shr(this.one));
if (!res.equals(this.one)) return null;
let m = parseInt(this.s);
let c = this.nqr_to_t;
let t = this.exp(n, this.t);
let r = this.exp(n, this.add(this.t, this.one).shr(this.one) );
while (!t.equals(this.one)) {
let sq = this.square(t);
let i = 1;
while (!sq.equals(this.one)) {
i++;
sq = this.square(sq);
}
// b = c ^ m-i-1
let b = c;
for (let j=0; j< m-i-1; j ++) b = this.square(b);
m = i;
c = this.square(b);
t = this.mul(t, c);
r = this.mul(r, b);
}
if (r.greater(this.q.shr(this.one))) {
r = this.neg(r);
}
return r;
}
}

34
test/algebra.js
View File

@ -3,17 +3,17 @@
This file is part of zksnark JavaScript library.
zksnark JavaScript library is a free software: you can redistribute it and/or
modify it under the terms of the GNU General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your option)
zksnark JavaScript library is a free software: you can redistribute it and/or
modify it under the terms of the GNU General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your option)
any later version.
zksnark JavaScript library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
more details.
You should have received a copy of the GNU General Public License along with
You should have received a copy of the GNU General Public License along with
zksnark JavaScript library. If not, see <https://www.gnu.org/licenses/>.
*/
@ -43,6 +43,28 @@ describe("F1 testing", () => {
assert(bn128.F1.equals(a, d));
});
it("Should compute sqrts", () => {
const bn128 = new BN128();
const F = new F1Field(bn128.r);
const a = bigInt("4");
let b = F.sqrt(a);
assert(F.equals(bigInt(0), F.sqrt(bigInt("0"))));
assert(F.equals(b, bigInt("2")));
assert(F.sqrt(F.nqr) === null);
});
it("Should compute sqrt of 100 random numbers", () => {
const bn128 = new BN128();
const F = new F1Field(bn128.r);
for (let j=0;j<100; j++) {
let a = F.random();
let s = F.sqrt(a);
if (s != null) {
assert(F.equals(F.square(s), a));
}
}
});
});
describe("Curve G1 Test", () => {

2
vk_proof.json
View File

File diff suppressed because one or more lines are too long

2
vk_verifier.json
View File

@ -1 +1 @@
{"protocol":"original","nPublic":2,"IC":[["8576214033540765746842371044606415301996418658271131870010054843723125163599","6341586104423260990679666539888111771038590989830860832895739252684050857707","1"],["15965749752898192947949203569369046733334441167283696622057886266799413427301","2923294366489694707913989169803315514830365425557160936060478290028119985650","1"],["7665320522958326350241374389379617045227126617343912001068756442073187713151","16937313025308113974092602028496797364239833856912463403728694496750412757538","1"]],"vk_a":[["3077982983963123319793719127530918395964362371665929870764367633238119486171","10624095704253675484950110288768135448751925925397705744445034274470877571540"],["11223362065478924443549715710933863673280794406631767082774645916652066279620","8337303782475651751238621200032482701595413914475156108205195808465067782279"],["1","0"]],"vk_b":["21564332231353345084812731105505859926291540020010209070828241581510575981361","12811195542841792594989162567316414585491137627361662320857051029637227214375","1"],"vk_c":[["19363023180056795628459533284881872720326658174081788262267940216199137656570","5359479215742140254894625739314368559215232189770028818973166302624793559662"],["5187488231426445386134004945862512998731236294362858853152004154989502945485","17318067103531560956632275402153347927836013608148619363574266960244666419321"],["1","0"]],"vk_gb_1":["13737850238192771532086098218362386191676025312053065674387897049554183714895","258437624375537354893318850011642077381094913426153928052848023008663588967","1"],"vk_gb_2":[["20913086464866824409816176346029303914897145075292440377103410617064950551322","11968128624576981916297332896923117639178526628339597211407604428593282315380"],["21502773962397802833840010558276426068561764138489279214768725069584289910777","5965528328875401985902369254259185228639060740935479481669241063329338432524"],["1","0"]],"vk_g":[["1421964931962045670203169891741553307915101481355771768590757853405478618657","18344258226310817730803896348763784823599742300007390070956950541714752264594"],["84572320859600481810744445647071373623359906260999813141892498206365049722","17232762898384488387547345327643231467979450189903835933795160671651120045038"],["1","0"]],"vk_z":[["10267283293805156712473859167140009309675016274438754125335111954220207367714","16337057180792535646473469361191381596052094521156035083114407475052456206736"],["8437712429457291876807475578260323834614411158149818941874257329388894255364","15389184070055161803675113258684887402795693485388956653591015728117764501181"],["1","0"]]}
{"protocol":"original","nPublic":2,"IC":[["8849055511082207197386816220933697359788971969723311105914207102749058732262","16959719579845113100884343214094921890994800988324717557455180752030411170003","1"],["2484443707386195254509798174506364533244136674881306666282125111587938066433","19427682058362356154903959035863203819006762969409806927732486823153723237810","1"],["7130785916432156053719609234300145030816421804617499884567479079011422988955","6189201216535197259817162464187743592146560869870792185911497850033335074298","1"]],"vk_a":[["9872559917844294477536347504934832320655533991650169902417802683379346119997","843772301140357563436689776827970926589741902080524202569657734909662469474"],["7531191948728096398667205760901764150746858276390769174947239681261174603496","19390457837724221793002986178650274717908327325393349077639674652630431124169"],["1","0"]],"vk_b":["501420461369693852599229883919204710886593732833724468965832578166009925713","10317710816126649044200749005377880660464978872377653125422472992191645650124","1"],"vk_c":[["10051649206767283312353552575431286293027310220624929913814364593030185419531","14791785180254274883514790322022956673529295334754985355268675419718338162079"],["7936893319622378351783826963378019679916863061363731322724584049671768481832","14935855848155905276829387453433187422477676703547349346896558674964769292707"],["1","0"]],"vk_gb_1":["16883378629371629842761088081108977348103248355774740955500038886325479370413","1920838522949484267352900228504548578245603817578514439559866317386119521003","1"],"vk_gb_2":[["11108842905356484096288635838337079212811899426526012687887143514045721790804","21031591569096646322506103672254640960873689370092824091794804577786886967908"],["817213165866263014069075203124784173584879880614844748456154653668382729159","864218259110131214014552546475739264317537208733507094863210326585244180593"],["1","0"]],"vk_g":[["14650542782728886534422292348945287981512706836643134176709351124791472680543","18960277976951274828172086500759014849906184580071220971216975068158250858162"],["14398341775515438116369872062699814349975225443081016536963355934433867545051","7430323674093579778297501612631986638268006525016526795405658142628213235594"],["1","0"]],"vk_z":[["9232595145194514136236063963352093468662621616460757765591947153028653483170","21870021077089796283233323883357370909479704574901541789297553490533610487318"],["1344881225032961007807685156782552847773328464965034725847677510387048101542","17695086597077289574292295853159694727053610025432390166769224554889027950018"],["1","0"]]}