diff --git a/go.mod b/go.mod index 777f8c4..faed557 100644 --- a/go.mod +++ b/go.mod @@ -1,14 +1,13 @@ module github.com/vocdoni/gnark-crypto-primitives -go 1.23.0 - -toolchain go1.23.2 +go 1.23.2 require ( github.com/consensys/gnark v0.11.0 github.com/consensys/gnark-crypto v0.14.0 github.com/frankban/quicktest v1.14.6 github.com/iden3/go-iden3-crypto v0.0.17 + github.com/vocdoni/vocdoni-z-sandbox v0.0.0-20241111130906-b8e8592696c6 go.vocdoni.io/dvote v1.10.2-0.20241024102542-c1ce6d744bc5 ) diff --git a/go.sum b/go.sum index d627896..7054df7 100644 --- a/go.sum +++ b/go.sum @@ -125,6 +125,8 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/syndtr/goleveldb v1.0.1-0.20220614013038-64ee5596c38a h1:1ur3QoCqvE5fl+nylMaIr9PVV1w343YRDtsy+Rwu7XI= github.com/syndtr/goleveldb v1.0.1-0.20220614013038-64ee5596c38a/go.mod h1:RRCYJbIwD5jmqPI9XoAFR0OcDxqUctll6zUj/+B4S48= +github.com/vocdoni/vocdoni-z-sandbox v0.0.0-20241111130906-b8e8592696c6 h1:Lnikgc2rZsnxZDwGbPhlsmq0yiLRotKDOGnuOOYU37o= +github.com/vocdoni/vocdoni-z-sandbox v0.0.0-20241111130906-b8e8592696c6/go.mod h1:B43i83saYhSReG+jNAj0igxWcZYHGjF2AeXunaXnCQE= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c= diff --git a/hadd/homomorphic_add_test.go b/hadd/homomorphic_add_test.go index 128587d..1619265 100644 --- a/hadd/homomorphic_add_test.go +++ b/hadd/homomorphic_add_test.go @@ -15,7 +15,7 @@ import ( "github.com/consensys/gnark/std/algebra/native/twistededwards" "github.com/consensys/gnark/test" "github.com/iden3/go-iden3-crypto/babyjub" - tw "github.com/vocdoni/gnark-crypto-primitives/internal/twistededwards" + "github.com/vocdoni/vocdoni-z-sandbox/ecc/format" ) type testHomomorphicAddCircuit struct { @@ -57,8 +57,8 @@ func TestHomomorphicAdd(t *testing.T) { msg1 := big.NewInt(3) a1, a2 := encrypt(msg1, pubKey, k1) // reduce the points to reduced twisted edwards form - xA1RTE, yA1RTE := tw.FromTEtoRTE(a1.X, a1.Y) - xA2RTE, yA2RTE := tw.FromTEtoRTE(a2.X, a2.Y) + xA1RTE, yA1RTE := format.FromTEtoRTE(a1.X, a1.Y) + xA2RTE, yA2RTE := format.FromTEtoRTE(a2.X, a2.Y) // generate a second random k to encrypt a second message k2, err := randomK() if err != nil { @@ -69,14 +69,14 @@ func TestHomomorphicAdd(t *testing.T) { msg2 := big.NewInt(5) b1, b2 := encrypt(msg2, pubKey, k2) // reduce the points to reduced twisted edwards form - xB1RTE, yB1RTE := tw.FromTEtoRTE(b1.X, b1.Y) - xB2RTE, yB2RTE := tw.FromTEtoRTE(b2.X, b2.Y) + xB1RTE, yB1RTE := format.FromTEtoRTE(b1.X, b1.Y) + xB2RTE, yB2RTE := format.FromTEtoRTE(b2.X, b2.Y) // calculate the sum of the encrypted messages to check the homomorphic property c1 := new(babyjub.PointProjective).Add(a1.Projective(), b1.Projective()).Affine() c2 := new(babyjub.PointProjective).Add(a2.Projective(), b2.Projective()).Affine() // reduce the points to reduced twisted edwards form - xC1RTE, yC1RTE := tw.FromTEtoRTE(c1.X, c1.Y) - xC2RTE, yC2RTE := tw.FromTEtoRTE(c2.X, c2.Y) + xC1RTE, yC1RTE := format.FromTEtoRTE(c1.X, c1.Y) + xC2RTE, yC2RTE := format.FromTEtoRTE(c2.X, c2.Y) // profiling the circuit compilation p := profile.Start() now := time.Now() diff --git a/internal/twistededwards/twistededwards.go b/internal/twistededwards/twistededwards.go deleted file mode 100644 index aa634a1..0000000 --- a/internal/twistededwards/twistededwards.go +++ /dev/null @@ -1,64 +0,0 @@ -// twistededwards package provides helper functions to transform points (x, y) -// from TwistedEdwards to Reduced TwistedEdwards and vice versa. These functions -// are required because Gnark uses the Reduced TwistedEdwards formula while -// Iden3 uses the standard TwistedEdwards formula. -// See https://github.com/bellesmarta/baby_jubjub for more information. -package twistededwards - -import ( - "math/big" - - "github.com/consensys/gnark-crypto/ecc/bn254/fr" -) - -var scalingFactor, _ = new(big.Int).SetString("6360561867910373094066688120553762416144456282423235903351243436111059670888", 10) - -// Convert Reduced TwistedEdwards x' to TwistedEdwards: -// -// x = x'/(-f) -// y' = y -func FromRTEtoTE(x, y *big.Int) (*big.Int, *big.Int) { - // Step 1: Convert scalingFactor to fr.Element (mod p) - var f fr.Element - f.SetBigInt(scalingFactor) // f = scalingFactor mod p - - // Step 2: Compute negF = -f mod p - var negF fr.Element - negF.Neg(&f) // negF = -f mod p - - // Step 3: Compute the inverse of negF in the field - var negFInv fr.Element - negFInv.Inverse(&negF) // negFInv = (-f)^{-1} mod p - - xTE := new(fr.Element) - xTE.SetBigInt(x) - // Step 4: Multiply g.inner.X by negFInv to get xTE - xRTE := new(fr.Element) - xRTE.Mul(xTE, &negFInv) // xTE = g.inner.X * negFInv mod p - - // Step 5: Convert xTE and g.inner.Y to *big.Int - xRTEBigInt := new(big.Int) - xRTE.BigInt(xRTEBigInt) - return xRTEBigInt, y // x = x' / (-f) & y' = y -} - -// Convert TwistedEdwards to Reduced TwistedEdwards: -// -// x' = x*(-f) -// y = y' -func FromTEtoRTE(x, y *big.Int) (*big.Int, *big.Int) { - // convert scalingFactor to fr.Element (mod p) - var f fr.Element - f.SetBigInt(scalingFactor) // f = scalingFactor mod p - // compute negF = -f mod p - var negF fr.Element - negF.Neg(&f) // negF = -f mod p - // multiply x by negF to get xTE - xRTE := new(fr.Element).SetBigInt(x) - xTE := new(fr.Element) - xTE.Mul(xRTE, &negF) // xTE = g.inner.X * -f mod p - // convert xTE to *big.Int - xTEBigInt := new(big.Int) - xTE.BigInt(xTEBigInt) - return xTEBigInt, y // x' = x * (-f) & y = y' -} diff --git a/internal/twistededwards/twistededwards_test.go b/internal/twistededwards/twistededwards_test.go deleted file mode 100644 index 7bd76a0..0000000 --- a/internal/twistededwards/twistededwards_test.go +++ /dev/null @@ -1,25 +0,0 @@ -package twistededwards - -import ( - "math/big" - "testing" -) - -func TestTE2RTETransform(t *testing.T) { - x, _ := new(big.Int).SetString("20284931487578954787250358776722960153090567235942462656834196519767860852891", 10) - y, _ := new(big.Int).SetString("21185575020764391300398134415668786804224896114060668011215204645513129497221", 10) - - expectedRTE, _ := new(big.Int).SetString("5730906301301611931737915251485454905492689746504994962065413628158661689313", 10) - xPrime, yPrime := FromTEtoRTE(x, y) - if xPrime.Cmp(expectedRTE) != 0 { - t.Errorf("Expected %v, got %v", expectedRTE, xPrime) - } else if yPrime.Cmp(y) != 0 { - t.Errorf("Expected %v, got %v", y, yPrime) - } - xPrimePrime, yPrimePrime := FromRTEtoTE(xPrime, yPrime) - if xPrimePrime.Cmp(x) != 0 { - t.Errorf("Expected %v, got %v", x, xPrimePrime) - } else if yPrimePrime.Cmp(y) != 0 { - t.Errorf("Expected %v, got %v", y, yPrimePrime) - } -} diff --git a/twistededwards/twistededwards_test.go b/twistededwards/twistededwards_test.go index 559eab1..e3693dd 100644 --- a/twistededwards/twistededwards_test.go +++ b/twistededwards/twistededwards_test.go @@ -12,7 +12,7 @@ import ( "github.com/consensys/gnark/frontend/cs/r1cs" "github.com/consensys/gnark/profile" "github.com/consensys/gnark/test" - "github.com/vocdoni/gnark-crypto-primitives/internal/twistededwards" + "github.com/vocdoni/vocdoni-z-sandbox/ecc/format" ) type testFromTwistedEdwards struct { @@ -41,7 +41,7 @@ func TestFromTwistedEdwards(t *testing.T) { x, _ := new(big.Int).SetString("20284931487578954787250358776722960153090567235942462656834196519767860852891", 10) y, _ := new(big.Int).SetString("21185575020764391300398134415668786804224896114060668011215204645513129497221", 10) - xRTE, yRTE := twistededwards.FromTEtoRTE(x, y) + xRTE, yRTE := format.FromTEtoRTE(x, y) // profiling the circuit compilation p := profile.Start() now := time.Now() @@ -67,7 +67,7 @@ func TestFromReducedTwistedEdwards(t *testing.T) { x, _ := new(big.Int).SetString("20284931487578954787250358776722960153090567235942462656834196519767860852891", 10) y, _ := new(big.Int).SetString("21185575020764391300398134415668786804224896114060668011215204645513129497221", 10) - xRTE, yRTE := twistededwards.FromTEtoRTE(x, y) + xRTE, yRTE := format.FromTEtoRTE(x, y) // profiling the circuit compilation p := profile.Start() now := time.Now()