Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AVM: Add bn256 pairing opcodes experimentally #4013

Merged
merged 31 commits into from
May 24, 2022
Merged

AVM: Add bn256 pairing opcodes experimentally #4013

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
e043e7a
add bn256 add opcode
ailisp Feb 17, 2022
bc1f9af
add bn256 add, scalar multiply and pairing opcode
ailisp Feb 18, 2022
5699c99
replace with gnark bn254 and bench
ailisp Feb 24, 2022
85ca7be
update opcost for bn256 according to benchmark
ailisp Feb 24, 2022
2d394f4
typo
ailisp Feb 24, 2022
ab407ee
use set bytes to avoid gnark point decompression to reduce cost
ailisp Mar 15, 2022
71d66db
Merge branch 'master' into add-bn256
ailisp Mar 15, 2022
d62219c
merge master, resolve conflict
ailisp Mar 15, 2022
2e571cc
fix unmarshal problem
ailisp Mar 24, 2022
d0b5461
one pair benchmark
ailisp Apr 3, 2022
8976642
test raw cases to know marshal cost and use benchOperation to reduce …
bo-abstrlabs Apr 7, 2022
1199b0b
merge master and resolve conflict
bo-abstrlabs Apr 8, 2022
73e6acd
address John and Hang comments
bo-abstrlabs Apr 8, 2022
37b511d
cleanup and update costs
bo-abstrlabs Apr 8, 2022
5ea7738
clean up benchmark code and update cost
bo-abstrlabs Apr 8, 2022
f38c775
bump new opcodes to v7 and fix testassemble
bo-abstrlabs Apr 9, 2022
d040f6a
fix doctest
bo-abstrlabs Apr 9, 2022
2b8ebb2
bn256 in opgroups
bo-abstrlabs Apr 9, 2022
ad86696
make not panic in invalid input, return human readable error messages…
bo-abstrlabs Apr 9, 2022
cdc0f42
update generated code
bo-abstrlabs Apr 9, 2022
1a84af3
remove unused bN254G2ToBytes
bo-abstrlabs Apr 11, 2022
c6d88a2
add doc to describe encoding. fix bench
bo-abstrlabs Apr 11, 2022
e23b187
codegen
bo-abstrlabs Apr 11, 2022
ba52b82
Merge branch 'master' into add-bn256
bo-abstrlabs May 3, 2022
0642b2e
fmt
bo-abstrlabs May 3, 2022
a3d8a63
Merge branch 'master' into add-bn256
bo-abstrlabs May 4, 2022
c6b75b9
merge master
bo-abstrlabs May 18, 2022
defdcbc
run go get github.com/consensys/[email protected]; go mod tidy -com…
cce May 19, 2022
8bc6e7d
Cleanups to allow merge of experimental pairing opcodes
jannotti May 19, 2022
06616ed
Merge branch 'master' into add-bn256
jannotti May 23, 2022
847e0a9
go fmt
jannotti May 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions data/transactions/logic/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -276,6 +276,9 @@ return stack matches the name of the input value.
| `ecdsa_verify v` | for (data A, signature B, C and pubkey D, E) verify the signature of the data against the pubkey => {0 or 1} |
| `ecdsa_pk_recover v` | for (data A, recovery id B, signature C, D) recover a public key |
| `ecdsa_pk_decompress v` | decompress pubkey A into components X, Y |
| `bn256_add` | for (curve points A and B) return the curve point A + B |
| `bn256_scalar_mul` | for (curve point A, scalar K) return the curve point KA |
| `bn256_pairing` | for (points in G1 group G1s, points in G2 group G2s), return whether they are paired => {0 or 1} |
| `+` | A plus B. Fail on overflow. |
| `-` | A minus B. Fail if B > A. |
| `/` | A divided by B (truncated division). Fail if B == 0. |
Expand Down
30 changes: 30 additions & 0 deletions data/transactions/logic/TEAL_opcodes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1097,6 +1097,36 @@ The notation A,B indicates that A and B are interpreted as a uint128 value, with
- **Cost**: 130
- Availability: v7

## bn256_add

- Opcode: 0x99
- Stack: ..., A: []byte, B: []byte → ..., []byte
- for (curve points A and B) return the curve point A + B
- **Cost**: 70
- Availability: v7

A, B are curve points in G1 group. Each point consists of (X, Y) where X and Y are 256 bit integers, big-endian encoded. The encoded point is 64 bytes from concatenation of 32 byte X and 32 byte Y.

## bn256_scalar_mul

- Opcode: 0x9a
- Stack: ..., A: []byte, B: []byte → ..., []byte
- for (curve point A, scalar K) return the curve point KA
- **Cost**: 970
- Availability: v7

A is a curve point in G1 Group and encoded as described in `bn256_add`. Scalar K is a big-endian encoded big integer that has no padding zeros.

## bn256_pairing

- Opcode: 0x9b
- Stack: ..., A: []byte, B: []byte → ..., uint64
- for (points in G1 group G1s, points in G2 group G2s), return whether they are paired => {0 or 1}
- **Cost**: 8700
- Availability: v7

G1s are encoded by the concatenation of encoded G1 points, as described in `bn256_add`. G2s are encoded by the concatenation of encoded G2 points. Each G2 is in form (XA0+i*XA1, YA0+i*YA1) and encoded by big-endian field element XA0, XA1, YA0 and YA1 in sequence.

## b+

- Opcode: 0xa0
Expand Down
Loading