From 8b3e63c2d434a7651904be38df0b57ba3d11dba8 Mon Sep 17 00:00:00 2001 From: Jordi Baylina Date: Wed, 17 Apr 2019 21:51:12 +0200 Subject: [PATCH] FIX: fromMontgomery to domainsize in h --- build/websnark.js | 13 ++++++++++++- example/proof.json | 16 ++++++++-------- example/websnark.js | 13 ++++++++++++- src/groth16.js | 13 ++++++++++++- 4 files changed, 44 insertions(+), 11 deletions(-) diff --git a/build/websnark.js b/build/websnark.js index 9b71ef9..9658277 100644 --- a/build/websnark.js +++ b/build/websnark.js @@ -1657,7 +1657,7 @@ function thread(self) { instance.exports.fft_ifft(pPolA2, domainSize*2, 0); - instance.exports.fft_fromMontgomeryN(pPolA2+domainSize*32, pPolA2+domainSize*32, nSignals); + instance.exports.fft_fromMontgomeryN(pPolA2+domainSize*32, pPolA2+domainSize*32, domainSize); data.result = getBin(pPolA2+domainSize*32, domainSize*32); i32[0] = oldAlloc; @@ -1991,6 +1991,12 @@ class Groth16 { const pH = this.calcH(signals.slice(0), polsA, polsB, nSignals, domainSize).then( (h) => { +/* Debug code to print the result of h + for (let i=0; i " + a.toString()); + } +*/ return this.g1_multiexp(h, pointsHExps); }); @@ -2040,6 +2046,10 @@ class Groth16 { this.putBin(ps, bs); } +/// Uncoment it to debug and check it works +// this.instance.exports.f1m_zero(pr); +// this.instance.exports.f1m_zero(ps); + // pi_a = pi_a + Alfa1 + r*Delta1 this.instance.exports.g1_add(pAlfa1, pi_a, pi_a); this.instance.exports.g1_timesScalar(pDelta1, pr, 32, aux1); @@ -2060,6 +2070,7 @@ class Groth16 { this.putBin(aux1, res[4]); this.instance.exports.g1_add(aux1, pi_c, pi_c); + // pi_c = pi_c + s*pi_a this.instance.exports.g1_timesScalar(pi_a, ps, 32, aux1); this.instance.exports.g1_add(aux1, pi_c, pi_c); diff --git a/example/proof.json b/example/proof.json index a336c1f..1740cf1 100644 --- a/example/proof.json +++ b/example/proof.json @@ -1,17 +1,17 @@ { "pi_a": [ - "21299468428975157907971509843242790611956840031982109540080148460860054961068", - "16218562239871505083548927620326532327685583756957331621908222303280694697058", + "21266998874284424955919569029881989465699205822263354313670808828909395154496", + "13808207576200570409195938017448994370347750586807229689124956313666939364223", "1" ], "pi_b": [ [ - "3990093423700828311838231842021296772880795509915393919119908397509245494630", - "9935722568224593716709531459846007601397798580251740830053012576354022332241" + "20826174028125964218380958569361176477127093215239661788856774751838141561143", + "18124837593398705925374973761391356712682789028723957898056733210681657516129" ], [ - "21666639296245372573730164687386555903413178611772851802112755493707480411718", - "20480827377835335108619082478623567541229122073863081725837512367680199835917" + "11061422325891624289091287264538564377906983481144726751439738589444312205684", + "7233025874448062341952037774861209177679802086176943726704101043680595476782" ], [ "1", @@ -19,8 +19,8 @@ ] ], "pi_c": [ - "13342643079462362387238709887432684790096854916120073722409236990698569347488", - "10435157339334380790943583827752333771606989087519357640989102922869580065639", + "16878419494624994424179370797390123339814891459464251523862017440818718425099", + "2746788445790348352996135341367179450489222192737650564198988415207995710311", "1" ] } diff --git a/example/websnark.js b/example/websnark.js index 9b71ef9..9658277 100644 --- a/example/websnark.js +++ b/example/websnark.js @@ -1657,7 +1657,7 @@ function thread(self) { instance.exports.fft_ifft(pPolA2, domainSize*2, 0); - instance.exports.fft_fromMontgomeryN(pPolA2+domainSize*32, pPolA2+domainSize*32, nSignals); + instance.exports.fft_fromMontgomeryN(pPolA2+domainSize*32, pPolA2+domainSize*32, domainSize); data.result = getBin(pPolA2+domainSize*32, domainSize*32); i32[0] = oldAlloc; @@ -1991,6 +1991,12 @@ class Groth16 { const pH = this.calcH(signals.slice(0), polsA, polsB, nSignals, domainSize).then( (h) => { +/* Debug code to print the result of h + for (let i=0; i " + a.toString()); + } +*/ return this.g1_multiexp(h, pointsHExps); }); @@ -2040,6 +2046,10 @@ class Groth16 { this.putBin(ps, bs); } +/// Uncoment it to debug and check it works +// this.instance.exports.f1m_zero(pr); +// this.instance.exports.f1m_zero(ps); + // pi_a = pi_a + Alfa1 + r*Delta1 this.instance.exports.g1_add(pAlfa1, pi_a, pi_a); this.instance.exports.g1_timesScalar(pDelta1, pr, 32, aux1); @@ -2060,6 +2070,7 @@ class Groth16 { this.putBin(aux1, res[4]); this.instance.exports.g1_add(aux1, pi_c, pi_c); + // pi_c = pi_c + s*pi_a this.instance.exports.g1_timesScalar(pi_a, ps, 32, aux1); this.instance.exports.g1_add(aux1, pi_c, pi_c); diff --git a/src/groth16.js b/src/groth16.js index 70d9ded..b9e66ea 100644 --- a/src/groth16.js +++ b/src/groth16.js @@ -154,7 +154,7 @@ function thread(self) { instance.exports.fft_ifft(pPolA2, domainSize*2, 0); - instance.exports.fft_fromMontgomeryN(pPolA2+domainSize*32, pPolA2+domainSize*32, nSignals); + instance.exports.fft_fromMontgomeryN(pPolA2+domainSize*32, pPolA2+domainSize*32, domainSize); data.result = getBin(pPolA2+domainSize*32, domainSize*32); i32[0] = oldAlloc; @@ -488,6 +488,12 @@ class Groth16 { const pH = this.calcH(signals.slice(0), polsA, polsB, nSignals, domainSize).then( (h) => { +/* Debug code to print the result of h + for (let i=0; i " + a.toString()); + } +*/ return this.g1_multiexp(h, pointsHExps); }); @@ -537,6 +543,10 @@ class Groth16 { this.putBin(ps, bs); } +/// Uncoment it to debug and check it works +// this.instance.exports.f1m_zero(pr); +// this.instance.exports.f1m_zero(ps); + // pi_a = pi_a + Alfa1 + r*Delta1 this.instance.exports.g1_add(pAlfa1, pi_a, pi_a); this.instance.exports.g1_timesScalar(pDelta1, pr, 32, aux1); @@ -557,6 +567,7 @@ class Groth16 { this.putBin(aux1, res[4]); this.instance.exports.g1_add(aux1, pi_c, pi_c); + // pi_c = pi_c + s*pi_a this.instance.exports.g1_timesScalar(pi_a, ps, 32, aux1); this.instance.exports.g1_add(aux1, pi_c, pi_c);