From 41b32ebe5f1010652c1ef884ee5cd4cb219dd2c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9ctor=20Masip?= Date: Thu, 28 Dec 2023 18:42:32 +0100 Subject: [PATCH] escalar renamed to the correct scalar --- main/pairings/BN254/addPointBN254.zkasm | 2 +- main/pairings/BN254/escalarMulBN254.zkasm | 155 ------------------ main/pairings/BN254/lineDiffPointsBN254.zkasm | 4 +- main/pairings/BN254/lineSamePointsBN254.zkasm | 8 +- main/pairings/BN254/scalarMulBN254.zkasm | 155 ++++++++++++++++++ .../CYCLOFP12BN254/decompressFp12BN254.zkasm | 16 +- .../squareCompCycloFp12BN254.zkasm | 16 +- .../CYCLOFP12BN254/squareCycloFp12BN254.zkasm | 24 +-- main/pairings/FP12BN254/frob2Fp12BN254.zkasm | 10 +- main/pairings/FP12BN254/squareFp12BN254.zkasm | 26 +-- ...Fp2BN254.zkasm => scalarMulFp2BN254.zkasm} | 10 +- .../FP6BN254/escalarMulFp6BN254.zkasm | 51 ------ .../pairings/FP6BN254/scalarMulFp6BN254.zkasm | 51 ++++++ main/pairings/FP6BN254/squareFp6BN254.zkasm | 4 +- main/pairings/halfPairingBN254.zkasm | 36 ++-- main/pairings/pairingBN254.zkasm | 36 ++-- main/precompiled/selector.zkasm | 6 +- test/testCycloFp12ArithBN254.zkasm | 2 +- test/testFinalExpBn254.zkasm | 2 +- test/testFp12ArithBN254.zkasm | 4 +- test/testFp2ArithBN254.zkasm | 6 +- test/testFp6ArithBN254.zkasm | 2 +- test/testHalfPairingBN254.zkasm | 6 +- test/testPairingBN254.zkasm | 6 +- test/testPointArithBN254.zkasm | 86 +++++----- 25 files changed, 362 insertions(+), 362 deletions(-) delete mode 100644 main/pairings/BN254/escalarMulBN254.zkasm create mode 100644 main/pairings/BN254/scalarMulBN254.zkasm rename main/pairings/FP2BN254/{escalarMulFp2BN254.zkasm => scalarMulFp2BN254.zkasm} (67%) delete mode 100644 main/pairings/FP6BN254/escalarMulFp6BN254.zkasm create mode 100644 main/pairings/FP6BN254/scalarMulFp6BN254.zkasm diff --git a/main/pairings/BN254/addPointBN254.zkasm b/main/pairings/BN254/addPointBN254.zkasm index 2cacf8c0..b98c9599 100644 --- a/main/pairings/BN254/addPointBN254.zkasm +++ b/main/pairings/BN254/addPointBN254.zkasm @@ -134,7 +134,7 @@ addPointBN254_same: C => B :CALL(invFp2BN254) ; C + D·u = 1 / 2y - 3n => A :CALL(escalarMulFp2BN254) + 3n => A :CALL(scalarMulFp2BN254) ; E + C·u = 3/2y $ => A :MLOAD(addPointBN254_P1_x1) diff --git a/main/pairings/BN254/escalarMulBN254.zkasm b/main/pairings/BN254/escalarMulBN254.zkasm deleted file mode 100644 index da5c1ce6..00000000 --- a/main/pairings/BN254/escalarMulBN254.zkasm +++ /dev/null @@ -1,155 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; PRE: P ∈ E'(Fp2) -;; POST: The resulting coordinates are in the range [0,BN254_P) because if falls back to addPointBN254 -;; -;; -;; escalarMulBN254: -;; in: k, P = (P.x1 + P.x2·u, P.y1 + P.y2·u) ∈ E'(Fp2), where k ∈ [0,r-1] -;; out: k·P = (Q.x1 + Q.x2·u, Q.y1 + Q.y2·u) ∈ E'(Fp2) -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; escalarMulBN254 assumes P belong to E'(Fp2), since it is checked in the pairing. -; However, it must be implemented if escalarMulBN254 wants to be used independently. - -; Since the curve is E'/Fp2: y² = x³ + 3/(9+u), there is no issue in representing the point at infinity as (0, 0). - -VAR GLOBAL escalarMulBN254_k -VAR GLOBAL escalarMulBN254_P_x1 -VAR GLOBAL escalarMulBN254_P_x2 -VAR GLOBAL escalarMulBN254_P_y1 -VAR GLOBAL escalarMulBN254_P_y2 -VAR GLOBAL escalarMulBN254_Q_x1 -VAR GLOBAL escalarMulBN254_Q_x2 -VAR GLOBAL escalarMulBN254_Q_y1 -VAR GLOBAL escalarMulBN254_Q_y2 - -VAR GLOBAL escalarMulBN254_RR - - -escalarMulBN254: - RR :MSTORE(escalarMulBN254_RR) - - ; Is P = 𝒪? - 0n => B - $ => A :MLOAD(escalarMulBN254_P_x1) - $ :EQ, JMPNC(__escalarMulBN254_P_continue) - $ => A :MLOAD(escalarMulBN254_P_x2) - $ :EQ, JMPNC(__escalarMulBN254_P_continue) - $ => A :MLOAD(escalarMulBN254_P_y1) - $ :EQ, JMPNC(__escalarMulBN254_P_continue) - $ => A :MLOAD(escalarMulBN254_P_y2) - $ :EQ, JMPC(escalarMulBN254_P_is_zero) - __escalarMulBN254_P_continue: - - ; Is k = 0? - $ => B :MLOAD(escalarMulBN254_k), CALL(reduceFrBN254) - A :MSTORE(escalarMulBN254_k) - 0n => B - $ :EQ, JMPC(escalarMulBN254_k_is_zero) - - 257 => RCX - - $ => A :MLOAD(escalarMulBN254_P_x1) - $ => B :MLOAD(escalarMulBN254_P_x2) - $ => C :MLOAD(escalarMulBN254_P_y1) - $ => D :MLOAD(escalarMulBN254_P_y2) - A :MSTORE(escalarMulBN254_Q_x1) - B :MSTORE(escalarMulBN254_Q_x2) - C :MSTORE(escalarMulBN254_Q_y1) - D :MSTORE(escalarMulBN254_Q_y2) - - :JMP(escalarMulBN254_find_MSB_k) - -escalarMulBN254_P_is_zero: - ; Q = 𝒪 - 0n :MSTORE(escalarMulBN254_Q_x1) - 0n :MSTORE(escalarMulBN254_Q_x2) - 0n :MSTORE(escalarMulBN254_Q_y1) - 0n :MSTORE(escalarMulBN254_Q_y2) - - :JMP(escalarMulBN254_end) - -escalarMulBN254_k_is_zero: - ; Q = 𝒪 - 0n :MSTORE(escalarMulBN254_Q_x1) - 0n :MSTORE(escalarMulBN254_Q_x2) - 0n :MSTORE(escalarMulBN254_Q_y1) - 0n :MSTORE(escalarMulBN254_Q_y2) - - :JMP(escalarMulBN254_end) - -escalarMulBN254_find_MSB_k: - RCX - 1 => RCX - $ => A,B :MLOAD(escalarMulBN254_k) - ; E = 2A - $ => E :ADD,MSTORE(escalarMulBN254_k), JMPNC(escalarMulBN254_find_MSB_k) - - -escalarMulBN254_loop: - RCX - 1 => RCX :JMPZ(escalarMulBN254_end) - - ; We always double - $ => A :MLOAD(escalarMulBN254_Q_x1) - $ => B :MLOAD(escalarMulBN254_Q_x2) - $ => C :MLOAD(escalarMulBN254_Q_y1) - $ => D :MLOAD(escalarMulBN254_Q_y2) - A :MSTORE(addPointBN254_P1_x1) - B :MSTORE(addPointBN254_P1_x2) - C :MSTORE(addPointBN254_P1_y1) - D :MSTORE(addPointBN254_P1_y2) - A :MSTORE(addPointBN254_P2_x1) - B :MSTORE(addPointBN254_P2_x2) - C :MSTORE(addPointBN254_P2_y1) - D :MSTORE(addPointBN254_P2_y2), CALL(addPointBN254) - ; Q = Q + Q - - $ => A :MLOAD(addPointBN254_P3_x1) - $ => B :MLOAD(addPointBN254_P3_x2) - $ => C :MLOAD(addPointBN254_P3_y1) - $ => D :MLOAD(addPointBN254_P3_y2) - A :MSTORE(escalarMulBN254_Q_x1) - B :MSTORE(escalarMulBN254_Q_x2) - C :MSTORE(escalarMulBN254_Q_y1) - D :MSTORE(escalarMulBN254_Q_y2) - - ; We check if the MSB b of k is either 1 or 0. If b==1, we should add P to Q. - ; Then, update the value of k. - $ => A,B :MLOAD(escalarMulBN254_k) - ; E = 2A - $ => E :ADD,MSTORE(escalarMulBN254_k), JMPNC(escalarMulBN254_loop) - -escalarMulBN254_add: - ; We add - $ => A :MLOAD(escalarMulBN254_Q_x1) - $ => B :MLOAD(escalarMulBN254_Q_x2) - $ => C :MLOAD(escalarMulBN254_Q_y1) - $ => D :MLOAD(escalarMulBN254_Q_y2) - A :MSTORE(addPointBN254_P1_x1) - B :MSTORE(addPointBN254_P1_x2) - C :MSTORE(addPointBN254_P1_y1) - D :MSTORE(addPointBN254_P1_y2) - - $ => A :MLOAD(escalarMulBN254_P_x1) - $ => B :MLOAD(escalarMulBN254_P_x2) - $ => C :MLOAD(escalarMulBN254_P_y1) - $ => D :MLOAD(escalarMulBN254_P_y2) - A :MSTORE(addPointBN254_P2_x1) - B :MSTORE(addPointBN254_P2_x2) - C :MSTORE(addPointBN254_P2_y1) - D :MSTORE(addPointBN254_P2_y2), CALL(addPointBN254) - ; Q = Q + P - - $ => A :MLOAD(addPointBN254_P3_x1) - $ => B :MLOAD(addPointBN254_P3_x2) - $ => C :MLOAD(addPointBN254_P3_y1) - $ => D :MLOAD(addPointBN254_P3_y2) - A :MSTORE(escalarMulBN254_Q_x1) - B :MSTORE(escalarMulBN254_Q_x2) - C :MSTORE(escalarMulBN254_Q_y1) - D :MSTORE(escalarMulBN254_Q_y2), JMP(escalarMulBN254_loop) - - -escalarMulBN254_end: - $ => RR :MLOAD(escalarMulBN254_RR) - :RETURN \ No newline at end of file diff --git a/main/pairings/BN254/lineDiffPointsBN254.zkasm b/main/pairings/BN254/lineDiffPointsBN254.zkasm index a0baac1b..9b0df6d3 100644 --- a/main/pairings/BN254/lineDiffPointsBN254.zkasm +++ b/main/pairings/BN254/lineDiffPointsBN254.zkasm @@ -45,7 +45,7 @@ lineDiffPointsBN254: $ => D :MLOAD(lineDiffPointsBN254_P1_x2), CALL(subFp2BN254) $ => A :MLOAD(lineDiffPointsBN254_Q_y) C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(lineDiffPointsBN254_l12_x) C :MSTORE(lineDiffPointsBN254_l12_y) @@ -56,7 +56,7 @@ lineDiffPointsBN254: $ => D :MLOAD(lineDiffPointsBN254_P2_y2), CALL(subFp2BN254) $ => A :MLOAD(lineDiffPointsBN254_Q_x) C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(lineDiffPointsBN254_l22_x) C :MSTORE(lineDiffPointsBN254_l22_y) diff --git a/main/pairings/BN254/lineSamePointsBN254.zkasm b/main/pairings/BN254/lineSamePointsBN254.zkasm index 5bdec945..8f408720 100644 --- a/main/pairings/BN254/lineSamePointsBN254.zkasm +++ b/main/pairings/BN254/lineSamePointsBN254.zkasm @@ -40,7 +40,7 @@ lineSamePointsBN254: $ => B :MLOAD(lineSamePointsBN254_P_y2), CALL(squareFp2BN254) C => D E => C - 2n => A :CALL(escalarMulFp2BN254) + 2n => A :CALL(scalarMulFp2BN254) E :MSTORE(lineSamePointsBN254_P_y1_square) C :MSTORE(lineSamePointsBN254_P_y2_square) @@ -55,7 +55,7 @@ lineSamePointsBN254: $ => D :MLOAD(lineSamePointsBN254_P_x2), CALL(mulFp2BN254) C => D E => C - 3n => A :CALL(escalarMulFp2BN254) + 3n => A :CALL(scalarMulFp2BN254) E => A C => B @@ -77,7 +77,7 @@ lineSamePointsBN254: C => A $ => C :MLOAD(lineSamePointsBN254_P_y1) - $ => D :MLOAD(lineSamePointsBN254_P_y2), CALL(escalarMulFp2BN254) + $ => D :MLOAD(lineSamePointsBN254_P_y2), CALL(scalarMulFp2BN254) E :MSTORE(lineSamePointsBN254_l22_x) C :MSTORE(lineSamePointsBN254_l22_y) @@ -87,7 +87,7 @@ lineSamePointsBN254: $ => B :MLOAD(lineSamePointsBN254_Q_x), CALL(mulFpBN254) C => A $ => C :MLOAD(lineSamePointsBN254_P_x1_square) - $ => D :MLOAD(lineSamePointsBN254_P_x2_square), CALL(escalarMulFp2BN254) + $ => D :MLOAD(lineSamePointsBN254_P_x2_square), CALL(scalarMulFp2BN254) E :MSTORE(lineSamePointsBN254_l13_x) C :MSTORE(lineSamePointsBN254_l13_y) diff --git a/main/pairings/BN254/scalarMulBN254.zkasm b/main/pairings/BN254/scalarMulBN254.zkasm new file mode 100644 index 00000000..5e8da19a --- /dev/null +++ b/main/pairings/BN254/scalarMulBN254.zkasm @@ -0,0 +1,155 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; PRE: P ∈ E'(Fp2) +;; POST: The resulting coordinates are in the range [0,BN254_P) because if falls back to addPointBN254 +;; +;; +;; scalarMulBN254: +;; in: k, P = (P.x1 + P.x2·u, P.y1 + P.y2·u) ∈ E'(Fp2), where k ∈ [0,r-1] +;; out: k·P = (Q.x1 + Q.x2·u, Q.y1 + Q.y2·u) ∈ E'(Fp2) +;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +; scalarMulBN254 assumes P belong to E'(Fp2), since it is checked in the pairing. +; However, it must be implemented if scalarMulBN254 wants to be used independently. + +; Since the curve is E'/Fp2: y² = x³ + 3/(9+u), there is no issue in representing the point at infinity as (0, 0). + +VAR GLOBAL scalarMulBN254_k +VAR GLOBAL scalarMulBN254_P_x1 +VAR GLOBAL scalarMulBN254_P_x2 +VAR GLOBAL scalarMulBN254_P_y1 +VAR GLOBAL scalarMulBN254_P_y2 +VAR GLOBAL scalarMulBN254_Q_x1 +VAR GLOBAL scalarMulBN254_Q_x2 +VAR GLOBAL scalarMulBN254_Q_y1 +VAR GLOBAL scalarMulBN254_Q_y2 + +VAR GLOBAL scalarMulBN254_RR + + +scalarMulBN254: + RR :MSTORE(scalarMulBN254_RR) + + ; Is P = 𝒪? + 0n => B + $ => A :MLOAD(scalarMulBN254_P_x1) + $ :EQ, JMPNC(__scalarMulBN254_P_continue) + $ => A :MLOAD(scalarMulBN254_P_x2) + $ :EQ, JMPNC(__scalarMulBN254_P_continue) + $ => A :MLOAD(scalarMulBN254_P_y1) + $ :EQ, JMPNC(__scalarMulBN254_P_continue) + $ => A :MLOAD(scalarMulBN254_P_y2) + $ :EQ, JMPC(scalarMulBN254_P_is_zero) + __scalarMulBN254_P_continue: + + ; Is k = 0? + $ => B :MLOAD(scalarMulBN254_k), CALL(reduceFrBN254) + A :MSTORE(scalarMulBN254_k) + 0n => B + $ :EQ, JMPC(scalarMulBN254_k_is_zero) + + 257 => RCX + + $ => A :MLOAD(scalarMulBN254_P_x1) + $ => B :MLOAD(scalarMulBN254_P_x2) + $ => C :MLOAD(scalarMulBN254_P_y1) + $ => D :MLOAD(scalarMulBN254_P_y2) + A :MSTORE(scalarMulBN254_Q_x1) + B :MSTORE(scalarMulBN254_Q_x2) + C :MSTORE(scalarMulBN254_Q_y1) + D :MSTORE(scalarMulBN254_Q_y2) + + :JMP(scalarMulBN254_find_MSB_k) + +scalarMulBN254_P_is_zero: + ; Q = 𝒪 + 0n :MSTORE(scalarMulBN254_Q_x1) + 0n :MSTORE(scalarMulBN254_Q_x2) + 0n :MSTORE(scalarMulBN254_Q_y1) + 0n :MSTORE(scalarMulBN254_Q_y2) + + :JMP(scalarMulBN254_end) + +scalarMulBN254_k_is_zero: + ; Q = 𝒪 + 0n :MSTORE(scalarMulBN254_Q_x1) + 0n :MSTORE(scalarMulBN254_Q_x2) + 0n :MSTORE(scalarMulBN254_Q_y1) + 0n :MSTORE(scalarMulBN254_Q_y2) + + :JMP(scalarMulBN254_end) + +scalarMulBN254_find_MSB_k: + RCX - 1 => RCX + $ => A,B :MLOAD(scalarMulBN254_k) + ; E = 2A + $ => E :ADD,MSTORE(scalarMulBN254_k), JMPNC(scalarMulBN254_find_MSB_k) + + +scalarMulBN254_loop: + RCX - 1 => RCX :JMPZ(scalarMulBN254_end) + + ; We always double + $ => A :MLOAD(scalarMulBN254_Q_x1) + $ => B :MLOAD(scalarMulBN254_Q_x2) + $ => C :MLOAD(scalarMulBN254_Q_y1) + $ => D :MLOAD(scalarMulBN254_Q_y2) + A :MSTORE(addPointBN254_P1_x1) + B :MSTORE(addPointBN254_P1_x2) + C :MSTORE(addPointBN254_P1_y1) + D :MSTORE(addPointBN254_P1_y2) + A :MSTORE(addPointBN254_P2_x1) + B :MSTORE(addPointBN254_P2_x2) + C :MSTORE(addPointBN254_P2_y1) + D :MSTORE(addPointBN254_P2_y2), CALL(addPointBN254) + ; Q = Q + Q + + $ => A :MLOAD(addPointBN254_P3_x1) + $ => B :MLOAD(addPointBN254_P3_x2) + $ => C :MLOAD(addPointBN254_P3_y1) + $ => D :MLOAD(addPointBN254_P3_y2) + A :MSTORE(scalarMulBN254_Q_x1) + B :MSTORE(scalarMulBN254_Q_x2) + C :MSTORE(scalarMulBN254_Q_y1) + D :MSTORE(scalarMulBN254_Q_y2) + + ; We check if the MSB b of k is either 1 or 0. If b==1, we should add P to Q. + ; Then, update the value of k. + $ => A,B :MLOAD(scalarMulBN254_k) + ; E = 2A + $ => E :ADD,MSTORE(scalarMulBN254_k), JMPNC(scalarMulBN254_loop) + +scalarMulBN254_add: + ; We add + $ => A :MLOAD(scalarMulBN254_Q_x1) + $ => B :MLOAD(scalarMulBN254_Q_x2) + $ => C :MLOAD(scalarMulBN254_Q_y1) + $ => D :MLOAD(scalarMulBN254_Q_y2) + A :MSTORE(addPointBN254_P1_x1) + B :MSTORE(addPointBN254_P1_x2) + C :MSTORE(addPointBN254_P1_y1) + D :MSTORE(addPointBN254_P1_y2) + + $ => A :MLOAD(scalarMulBN254_P_x1) + $ => B :MLOAD(scalarMulBN254_P_x2) + $ => C :MLOAD(scalarMulBN254_P_y1) + $ => D :MLOAD(scalarMulBN254_P_y2) + A :MSTORE(addPointBN254_P2_x1) + B :MSTORE(addPointBN254_P2_x2) + C :MSTORE(addPointBN254_P2_y1) + D :MSTORE(addPointBN254_P2_y2), CALL(addPointBN254) + ; Q = Q + P + + $ => A :MLOAD(addPointBN254_P3_x1) + $ => B :MLOAD(addPointBN254_P3_x2) + $ => C :MLOAD(addPointBN254_P3_y1) + $ => D :MLOAD(addPointBN254_P3_y2) + A :MSTORE(scalarMulBN254_Q_x1) + B :MSTORE(scalarMulBN254_Q_x2) + C :MSTORE(scalarMulBN254_Q_y1) + D :MSTORE(scalarMulBN254_Q_y2), JMP(scalarMulBN254_loop) + + +scalarMulBN254_end: + $ => RR :MLOAD(scalarMulBN254_RR) + :RETURN \ No newline at end of file diff --git a/main/pairings/FP12BN254/CYCLOFP12BN254/decompressFp12BN254.zkasm b/main/pairings/FP12BN254/CYCLOFP12BN254/decompressFp12BN254.zkasm index 64cd2665..a6cd1cf2 100644 --- a/main/pairings/FP12BN254/CYCLOFP12BN254/decompressFp12BN254.zkasm +++ b/main/pairings/FP12BN254/CYCLOFP12BN254/decompressFp12BN254.zkasm @@ -96,7 +96,7 @@ decompressFp12BN254_Ca2_is_zero: 2n => A $ => C :MLOAD(decompressFp12BN254_Ca4_x) - $ => D :MLOAD(decompressFp12BN254_Ca4_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(decompressFp12BN254_Ca4_y), CALL(scalarMulFp2BN254) E => A C => B $ => C :MLOAD(decompressFp12BN254_Ca5_x) @@ -113,13 +113,13 @@ decompressFp12BN254_Ca2_is_zero: $ => B :MLOAD(decompressFp12BN254_a1_y), CALL(squareFp2BN254) 2n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(decompressFp12BN254_twoCa1sq_x) C :MSTORE(decompressFp12BN254_twoCa1sq_y) 3n => A $ => C :MLOAD(decompressFp12BN254_Ca3_x) - $ => D :MLOAD(decompressFp12BN254_Ca3_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(decompressFp12BN254_Ca3_y), CALL(scalarMulFp2BN254) E => A C => B $ => C :MLOAD(decompressFp12BN254_Ca4_x) @@ -147,7 +147,7 @@ decompressFp12BN254_Ca2_is_not_zero: ; 1] Compute a1 = (a5²·(9+u) + 3·a4² - 2·a3)/(4·a2) 4n => A $ => C :MLOAD(decompressFp12BN254_Ca2_x) - $ => D :MLOAD(decompressFp12BN254_Ca2_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(decompressFp12BN254_Ca2_y), CALL(scalarMulFp2BN254) E => A C => B :CALL(invFp2BN254) C :MSTORE(decompressFp12BN254_fourCa2inv_x) @@ -166,13 +166,13 @@ decompressFp12BN254_Ca2_is_not_zero: $ => B :MLOAD(decompressFp12BN254_Ca4_y), CALL(squareFp2BN254) 3n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(decompressFp12BN254_threeCa4sq_x) C :MSTORE(decompressFp12BN254_threeCa4sq_y) 2n => A $ => C :MLOAD(decompressFp12BN254_Ca3_x) - $ => D :MLOAD(decompressFp12BN254_Ca3_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(decompressFp12BN254_Ca3_y), CALL(scalarMulFp2BN254) $ => A :MLOAD(decompressFp12BN254_threeCa4sq_x) $ => B :MLOAD(decompressFp12BN254_threeCa4sq_y) C => D @@ -193,7 +193,7 @@ decompressFp12BN254_Ca2_is_not_zero: $ => B :MLOAD(decompressFp12BN254_a1_y), CALL(squareFp2BN254) 2n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(decompressFp12BN254_twoCa1sq2_x) C :MSTORE(decompressFp12BN254_twoCa1sq2_y) @@ -215,7 +215,7 @@ decompressFp12BN254_Ca2_is_not_zero: $ => D :MLOAD(decompressFp12BN254_Ca4_y), CALL(mulFp2BN254) 3n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) $ => A :MLOAD(decompressFp12BN254_sum_x) $ => B :MLOAD(decompressFp12BN254_sum_y) C => D diff --git a/main/pairings/FP12BN254/CYCLOFP12BN254/squareCompCycloFp12BN254.zkasm b/main/pairings/FP12BN254/CYCLOFP12BN254/squareCompCycloFp12BN254.zkasm index 63d576d5..805ce130 100644 --- a/main/pairings/FP12BN254/CYCLOFP12BN254/squareCompCycloFp12BN254.zkasm +++ b/main/pairings/FP12BN254/CYCLOFP12BN254/squareCompCycloFp12BN254.zkasm @@ -127,21 +127,21 @@ squareCompCycloFp12BN254: $ => D :MLOAD(squareCompCycloFp12BN254_B45_y), CALL(mulFp2BN254) 3n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E => A C => B $ => C :MLOAD(squareCompCycloFp12BN254_Ca2_x) $ => D :MLOAD(squareCompCycloFp12BN254_Ca2_y), CALL(addFp2BN254) 2n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(squareCompCycloFp12BN254_Cb2_x) C :MSTORE(squareCompCycloFp12BN254_Cb2_y) ; 5] b3 = 3·(A45 - (10+u)·B45) - 2·a3 2n => A $ => C :MLOAD(squareCompCycloFp12BN254_Ca3_x) - $ => D :MLOAD(squareCompCycloFp12BN254_Ca3_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCompCycloFp12BN254_Ca3_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCompCycloFp12BN254_twoCa3_x) C :MSTORE(squareCompCycloFp12BN254_twoCa3_y) @@ -156,7 +156,7 @@ squareCompCycloFp12BN254: 3n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E => A C => B @@ -168,7 +168,7 @@ squareCompCycloFp12BN254: ; 6] b4 = 3·(A23 - (10+u)·B23) - 2·a4 2n => A $ => C :MLOAD(squareCompCycloFp12BN254_Ca4_x) - $ => D :MLOAD(squareCompCycloFp12BN254_Ca4_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCompCycloFp12BN254_Ca4_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCompCycloFp12BN254_twoCa4_x) C :MSTORE(squareCompCycloFp12BN254_twoCa4_y) @@ -183,7 +183,7 @@ squareCompCycloFp12BN254: 3n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E => A C => B @@ -195,14 +195,14 @@ squareCompCycloFp12BN254: ; 7] b5 = 2·(a5 + 3·B23) 3n => A $ => C :MLOAD(squareCompCycloFp12BN254_B23_x) - $ => D :MLOAD(squareCompCycloFp12BN254_B23_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCompCycloFp12BN254_B23_y), CALL(scalarMulFp2BN254) E => A C => B $ => C :MLOAD(squareCompCycloFp12BN254_Ca5_x) $ => D :MLOAD(squareCompCycloFp12BN254_Ca5_y), CALL(addFp2BN254) 2n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(squareCompCycloFp12BN254_Cb5_x) C :MSTORE(squareCompCycloFp12BN254_Cb5_y) diff --git a/main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm b/main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm index 6b965120..230dcfaa 100644 --- a/main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm +++ b/main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm @@ -118,13 +118,13 @@ squareCycloFp12BN254: ; 5] c11 = -2·a11 + 3·t11 %BN254_P - 2n => A $ => C :MLOAD(squareCycloFp12BN254_a11_x) - $ => D :MLOAD(squareCycloFp12BN254_a11_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_a11_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCycloFp12BN254_a11_x) C :MSTORE(squareCycloFp12BN254_a11_y) 3n => A $ => C :MLOAD(squareCycloFp12BN254_t11_x) - $ => D :MLOAD(squareCycloFp12BN254_t11_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_t11_y), CALL(scalarMulFp2BN254) E => A C => B @@ -136,13 +136,13 @@ squareCycloFp12BN254: ; 6] c12 = -2·a12 + 3·t23 %BN254_P - 2n => A $ => C :MLOAD(squareCycloFp12BN254_a12_x) - $ => D :MLOAD(squareCycloFp12BN254_a12_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_a12_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCycloFp12BN254_a12_x) C :MSTORE(squareCycloFp12BN254_a12_y) 3n => A $ => C :MLOAD(squareCycloFp12BN254_t23_x) - $ => D :MLOAD(squareCycloFp12BN254_t23_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_t23_y), CALL(scalarMulFp2BN254) E => A C => B @@ -154,13 +154,13 @@ squareCycloFp12BN254: ; 7] c13 = -2·a13 + 3·t13 %BN254_P - 2n => A $ => C :MLOAD(squareCycloFp12BN254_a13_x) - $ => D :MLOAD(squareCycloFp12BN254_a13_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_a13_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCycloFp12BN254_a13_x) C :MSTORE(squareCycloFp12BN254_a13_y) 3n => A $ => C :MLOAD(squareCycloFp12BN254_t13_x) - $ => D :MLOAD(squareCycloFp12BN254_t13_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_t13_y), CALL(scalarMulFp2BN254) E => A C => B @@ -172,13 +172,13 @@ squareCycloFp12BN254: ; 8] c21 = 2·a21 + 3·t21 2n => A $ => C :MLOAD(squareCycloFp12BN254_a21_x) - $ => D :MLOAD(squareCycloFp12BN254_a21_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_a21_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCycloFp12BN254_a21_x) C :MSTORE(squareCycloFp12BN254_a21_y) 3n => A $ => C :MLOAD(squareCycloFp12BN254_t21_x) - $ => D :MLOAD(squareCycloFp12BN254_t21_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_t21_y), CALL(scalarMulFp2BN254) E => A C => B @@ -190,13 +190,13 @@ squareCycloFp12BN254: ; 9] c22 = 2·a22 + 3·t22 2n => A $ => C :MLOAD(squareCycloFp12BN254_a22_x) - $ => D :MLOAD(squareCycloFp12BN254_a22_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_a22_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCycloFp12BN254_a22_x) C :MSTORE(squareCycloFp12BN254_a22_y) 3n => A $ => C :MLOAD(squareCycloFp12BN254_t22_x) - $ => D :MLOAD(squareCycloFp12BN254_t22_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_t22_y), CALL(scalarMulFp2BN254) E => A C => B @@ -208,13 +208,13 @@ squareCycloFp12BN254: ; 9] c23 = 2·a23 + 3·t12 2n => A $ => C :MLOAD(squareCycloFp12BN254_a23_x) - $ => D :MLOAD(squareCycloFp12BN254_a23_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_a23_y), CALL(scalarMulFp2BN254) E :MSTORE(squareCycloFp12BN254_a23_x) C :MSTORE(squareCycloFp12BN254_a23_y) 3n => A $ => C :MLOAD(squareCycloFp12BN254_t12_x) - $ => D :MLOAD(squareCycloFp12BN254_t12_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(squareCycloFp12BN254_t12_y), CALL(scalarMulFp2BN254) E => A C => B diff --git a/main/pairings/FP12BN254/frob2Fp12BN254.zkasm b/main/pairings/FP12BN254/frob2Fp12BN254.zkasm index b09bcfec..28ebf346 100644 --- a/main/pairings/FP12BN254/frob2Fp12BN254.zkasm +++ b/main/pairings/FP12BN254/frob2Fp12BN254.zkasm @@ -47,32 +47,32 @@ frob2Fp12BN254: %FROBENIUS_GAMMA22 => A $ => C :MLOAD(frob2Fp12BN254_a12_x) - $ => D :MLOAD(frob2Fp12BN254_a12_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(frob2Fp12BN254_a12_y), CALL(scalarMulFp2BN254) E :MSTORE(frob2Fp12BN254_c12_x) C :MSTORE(frob2Fp12BN254_c12_y) %FROBENIUS_GAMMA24 => A $ => C :MLOAD(frob2Fp12BN254_a13_x) - $ => D :MLOAD(frob2Fp12BN254_a13_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(frob2Fp12BN254_a13_y), CALL(scalarMulFp2BN254) E :MSTORE(frob2Fp12BN254_c13_x) C :MSTORE(frob2Fp12BN254_c13_y) ; 2] c2 = a21·γ21 + a22·γ23·v + a23·γ25·v² %FROBENIUS_GAMMA21 => A $ => C :MLOAD(frob2Fp12BN254_a21_x) - $ => D :MLOAD(frob2Fp12BN254_a21_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(frob2Fp12BN254_a21_y), CALL(scalarMulFp2BN254) E :MSTORE(frob2Fp12BN254_c21_x) C :MSTORE(frob2Fp12BN254_c21_y) %FROBENIUS_GAMMA23 => A $ => C :MLOAD(frob2Fp12BN254_a22_x) - $ => D :MLOAD(frob2Fp12BN254_a22_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(frob2Fp12BN254_a22_y), CALL(scalarMulFp2BN254) E :MSTORE(frob2Fp12BN254_c22_x) C :MSTORE(frob2Fp12BN254_c22_y) %FROBENIUS_GAMMA25 => A $ => C :MLOAD(frob2Fp12BN254_a23_x) - $ => D :MLOAD(frob2Fp12BN254_a23_y), CALL(escalarMulFp2BN254) + $ => D :MLOAD(frob2Fp12BN254_a23_y), CALL(scalarMulFp2BN254) E :MSTORE(frob2Fp12BN254_c23_x) C :MSTORE(frob2Fp12BN254_c23_y) diff --git a/main/pairings/FP12BN254/squareFp12BN254.zkasm b/main/pairings/FP12BN254/squareFp12BN254.zkasm index b554b83d..580e5ade 100644 --- a/main/pairings/FP12BN254/squareFp12BN254.zkasm +++ b/main/pairings/FP12BN254/squareFp12BN254.zkasm @@ -173,28 +173,28 @@ squareFp12BN254: ; 3] c2 = 2·a1·a2 $ => A :MLOAD(squareFp12BN254_a1a2mul1_x) $ => B :MLOAD(squareFp12BN254_a1a2mul1_y) - A :MSTORE(escalarMulFp6BN254_a1_x) - B :MSTORE(escalarMulFp6BN254_a1_y) + A :MSTORE(scalarMulFp6BN254_a1_x) + B :MSTORE(scalarMulFp6BN254_a1_y) $ => A :MLOAD(squareFp12BN254_a1a2mul2_x) $ => B :MLOAD(squareFp12BN254_a1a2mul2_y) - A :MSTORE(escalarMulFp6BN254_a2_x) - B :MSTORE(escalarMulFp6BN254_a2_y) + A :MSTORE(scalarMulFp6BN254_a2_x) + B :MSTORE(scalarMulFp6BN254_a2_y) $ => A :MLOAD(squareFp12BN254_a1a2mul3_x) $ => B :MLOAD(squareFp12BN254_a1a2mul3_y) - A :MSTORE(escalarMulFp6BN254_a3_x) - B :MSTORE(escalarMulFp6BN254_a3_y) + A :MSTORE(scalarMulFp6BN254_a3_x) + B :MSTORE(scalarMulFp6BN254_a3_y) - 2n :MSTORE(escalarMulFp6BN254_b), CALL(escalarMulFp6BN254) - $ => A :MLOAD(escalarMulFp6BN254_c1_x) - $ => B :MLOAD(escalarMulFp6BN254_c1_y) + 2n :MSTORE(scalarMulFp6BN254_b), CALL(scalarMulFp6BN254) + $ => A :MLOAD(scalarMulFp6BN254_c1_x) + $ => B :MLOAD(scalarMulFp6BN254_c1_y) A :MSTORE(squareFp12BN254_c21_x) B :MSTORE(squareFp12BN254_c21_y) - $ => A :MLOAD(escalarMulFp6BN254_c2_x) - $ => B :MLOAD(escalarMulFp6BN254_c2_y) + $ => A :MLOAD(scalarMulFp6BN254_c2_x) + $ => B :MLOAD(scalarMulFp6BN254_c2_y) A :MSTORE(squareFp12BN254_c22_x) B :MSTORE(squareFp12BN254_c22_y) - $ => A :MLOAD(escalarMulFp6BN254_c3_x) - $ => B :MLOAD(escalarMulFp6BN254_c3_y) + $ => A :MLOAD(scalarMulFp6BN254_c3_x) + $ => B :MLOAD(scalarMulFp6BN254_c3_y) A :MSTORE(squareFp12BN254_c23_x) B :MSTORE(squareFp12BN254_c23_y) diff --git a/main/pairings/FP2BN254/escalarMulFp2BN254.zkasm b/main/pairings/FP2BN254/scalarMulFp2BN254.zkasm similarity index 67% rename from main/pairings/FP2BN254/escalarMulFp2BN254.zkasm rename to main/pairings/FP2BN254/scalarMulFp2BN254.zkasm index 1814aec3..53aa7820 100644 --- a/main/pairings/FP2BN254/escalarMulFp2BN254.zkasm +++ b/main/pairings/FP2BN254/scalarMulFp2BN254.zkasm @@ -1,20 +1,20 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; POST: ARITH_BN254_MULFP2 ensures that the result is in the range [0,BN254_P) ;; -;; escalarMulFp2BN254: +;; scalarMulFp2BN254: ;; in: A ∈ Fp, (C + D·u) ∈ Fp2, where C,D ∈ Fp ;; out: E + C·u = (A·C) + (A·D)·u ∈ Fp2 ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -VAR GLOBAL escalarMulFp2BN254_i +VAR GLOBAL scalarMulFp2BN254_i -escalarMulFp2BN254: +scalarMulFp2BN254: ; Compute and check the mul ; A·C - 0·D = [E] + (q0·BN254_P) ; A·D + 0·C = [OP] + (q1·BN254_P) 0n => B ${ARITH_BN254_MULFP2_X(A,B,C,D)} => E - ${ARITH_BN254_MULFP2_Y(A,B,C,D)} :MSTORE(escalarMulFp2BN254_i), ARITH_BN254_MULFP2 + ${ARITH_BN254_MULFP2_Y(A,B,C,D)} :MSTORE(scalarMulFp2BN254_i), ARITH_BN254_MULFP2 - $ => C :MLOAD(escalarMulFp2BN254_i), RETURN \ No newline at end of file + $ => C :MLOAD(scalarMulFp2BN254_i), RETURN \ No newline at end of file diff --git a/main/pairings/FP6BN254/escalarMulFp6BN254.zkasm b/main/pairings/FP6BN254/escalarMulFp6BN254.zkasm deleted file mode 100644 index 878abcd5..00000000 --- a/main/pairings/FP6BN254/escalarMulFp6BN254.zkasm +++ /dev/null @@ -1,51 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; POST: The result is in the range [0,BN254_P) because if falls back to FP2 arithmetic -;; -;; escalarMulFp6BN254: -;; in: b ∈ Fp, (a1 + a2·v + a3·v²) ∈ Fp6, where ai ∈ Fp2 -;; out: (c1 + c2·v + c3·v²) = (a1·b) + (a2·b)·v + (a3·b)·v² ∈ Fp6 -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -VAR GLOBAL escalarMulFp6BN254_a1_x -VAR GLOBAL escalarMulFp6BN254_a1_y -VAR GLOBAL escalarMulFp6BN254_a2_x -VAR GLOBAL escalarMulFp6BN254_a2_y -VAR GLOBAL escalarMulFp6BN254_a3_x -VAR GLOBAL escalarMulFp6BN254_a3_y -VAR GLOBAL escalarMulFp6BN254_b -VAR GLOBAL escalarMulFp6BN254_c1_x -VAR GLOBAL escalarMulFp6BN254_c1_y -VAR GLOBAL escalarMulFp6BN254_c2_x -VAR GLOBAL escalarMulFp6BN254_c2_y -VAR GLOBAL escalarMulFp6BN254_c3_x -VAR GLOBAL escalarMulFp6BN254_c3_y - -VAR GLOBAL escalarMulFp6BN254_RR - -escalarMulFp6BN254: - RR :MSTORE(escalarMulFp6BN254_RR) - - ; 1] c1 = a1·b - $ => A :MLOAD(escalarMulFp6BN254_b) - $ => C :MLOAD(escalarMulFp6BN254_a1_x) - $ => D :MLOAD(escalarMulFp6BN254_a1_y), CALL(escalarMulFp2BN254) - E :MSTORE(escalarMulFp6BN254_c1_x) - C :MSTORE(escalarMulFp6BN254_c1_y) - - ; 2] c2 = a2·b - $ => A :MLOAD(escalarMulFp6BN254_b) - $ => C :MLOAD(escalarMulFp6BN254_a2_x) - $ => D :MLOAD(escalarMulFp6BN254_a2_y), CALL(escalarMulFp2BN254) - E :MSTORE(escalarMulFp6BN254_c2_x) - C :MSTORE(escalarMulFp6BN254_c2_y) - - ; 3] c3 = a3·b - $ => A :MLOAD(escalarMulFp6BN254_b) - $ => C :MLOAD(escalarMulFp6BN254_a3_x) - $ => D :MLOAD(escalarMulFp6BN254_a3_y), CALL(escalarMulFp2BN254) - E :MSTORE(escalarMulFp6BN254_c3_x) - C :MSTORE(escalarMulFp6BN254_c3_y) - - $ => RR :MLOAD(escalarMulFp6BN254_RR) - :RETURN \ No newline at end of file diff --git a/main/pairings/FP6BN254/scalarMulFp6BN254.zkasm b/main/pairings/FP6BN254/scalarMulFp6BN254.zkasm new file mode 100644 index 00000000..658421c5 --- /dev/null +++ b/main/pairings/FP6BN254/scalarMulFp6BN254.zkasm @@ -0,0 +1,51 @@ +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; POST: The result is in the range [0,BN254_P) because if falls back to FP2 arithmetic +;; +;; scalarMulFp6BN254: +;; in: b ∈ Fp, (a1 + a2·v + a3·v²) ∈ Fp6, where ai ∈ Fp2 +;; out: (c1 + c2·v + c3·v²) = (a1·b) + (a2·b)·v + (a3·b)·v² ∈ Fp6 +;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;; + +VAR GLOBAL scalarMulFp6BN254_a1_x +VAR GLOBAL scalarMulFp6BN254_a1_y +VAR GLOBAL scalarMulFp6BN254_a2_x +VAR GLOBAL scalarMulFp6BN254_a2_y +VAR GLOBAL scalarMulFp6BN254_a3_x +VAR GLOBAL scalarMulFp6BN254_a3_y +VAR GLOBAL scalarMulFp6BN254_b +VAR GLOBAL scalarMulFp6BN254_c1_x +VAR GLOBAL scalarMulFp6BN254_c1_y +VAR GLOBAL scalarMulFp6BN254_c2_x +VAR GLOBAL scalarMulFp6BN254_c2_y +VAR GLOBAL scalarMulFp6BN254_c3_x +VAR GLOBAL scalarMulFp6BN254_c3_y + +VAR GLOBAL scalarMulFp6BN254_RR + +scalarMulFp6BN254: + RR :MSTORE(scalarMulFp6BN254_RR) + + ; 1] c1 = a1·b + $ => A :MLOAD(scalarMulFp6BN254_b) + $ => C :MLOAD(scalarMulFp6BN254_a1_x) + $ => D :MLOAD(scalarMulFp6BN254_a1_y), CALL(scalarMulFp2BN254) + E :MSTORE(scalarMulFp6BN254_c1_x) + C :MSTORE(scalarMulFp6BN254_c1_y) + + ; 2] c2 = a2·b + $ => A :MLOAD(scalarMulFp6BN254_b) + $ => C :MLOAD(scalarMulFp6BN254_a2_x) + $ => D :MLOAD(scalarMulFp6BN254_a2_y), CALL(scalarMulFp2BN254) + E :MSTORE(scalarMulFp6BN254_c2_x) + C :MSTORE(scalarMulFp6BN254_c2_y) + + ; 3] c3 = a3·b + $ => A :MLOAD(scalarMulFp6BN254_b) + $ => C :MLOAD(scalarMulFp6BN254_a3_x) + $ => D :MLOAD(scalarMulFp6BN254_a3_y), CALL(scalarMulFp2BN254) + E :MSTORE(scalarMulFp6BN254_c3_x) + C :MSTORE(scalarMulFp6BN254_c3_y) + + $ => RR :MLOAD(scalarMulFp6BN254_RR) + :RETURN \ No newline at end of file diff --git a/main/pairings/FP6BN254/squareFp6BN254.zkasm b/main/pairings/FP6BN254/squareFp6BN254.zkasm index fc9b62af..b9029443 100644 --- a/main/pairings/FP6BN254/squareFp6BN254.zkasm +++ b/main/pairings/FP6BN254/squareFp6BN254.zkasm @@ -48,7 +48,7 @@ squareFp6BN254: $ => D :MLOAD(squareFp6BN254_a2_y), CALL(mulFp2BN254) 2n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(squareFp6BN254_2a1a2mul_x) C :MSTORE(squareFp6BN254_2a1a2mul_y) @@ -109,7 +109,7 @@ squareFp6BN254: $ => D :MLOAD(squareFp6BN254_a3_y), CALL(mulFp2BN254) 2n => A C => D - E => C :CALL(escalarMulFp2BN254) + E => C :CALL(scalarMulFp2BN254) E :MSTORE(squareFp6BN254_2a2a3mul_x) C :MSTORE(squareFp6BN254_2a2a3mul_y) diff --git a/main/pairings/halfPairingBN254.zkasm b/main/pairings/halfPairingBN254.zkasm index dc553641..8c4a00b2 100644 --- a/main/pairings/halfPairingBN254.zkasm +++ b/main/pairings/halfPairingBN254.zkasm @@ -159,28 +159,28 @@ halfPairingBN254_P_is_zero: $ => B :MLOAD(halfPairingBN254_Q_x2) $ => C :MLOAD(halfPairingBN254_Q_y1) $ => D :MLOAD(halfPairingBN254_Q_y2) - A :MSTORE(escalarMulBN254_P_x1) - B :MSTORE(escalarMulBN254_P_x2) - C :MSTORE(escalarMulBN254_P_y1) - D :MSTORE(escalarMulBN254_P_y2) - %BN254_SIX_TIMES_X_SQ :MSTORE(escalarMulBN254_k), CALL(escalarMulBN254) + A :MSTORE(scalarMulBN254_P_x1) + B :MSTORE(scalarMulBN254_P_x2) + C :MSTORE(scalarMulBN254_P_y1) + D :MSTORE(scalarMulBN254_P_y2) + %BN254_SIX_TIMES_X_SQ :MSTORE(scalarMulBN254_k), CALL(scalarMulBN254) ; 2.3] Check if psi(Q) == [6x²]Q $ => A :MLOAD(halfPairingBN254_psi_x1) - $ => B :MLOAD(escalarMulBN254_Q_x1) + $ => B :MLOAD(scalarMulBN254_Q_x1) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) $ => A :MLOAD(halfPairingBN254_psi_x2) - $ => B :MLOAD(escalarMulBN254_Q_x2) + $ => B :MLOAD(scalarMulBN254_Q_x2) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) $ => A :MLOAD(halfPairingBN254_psi_y1) - $ => B :MLOAD(escalarMulBN254_Q_y1) + $ => B :MLOAD(scalarMulBN254_Q_y1) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) $ => A :MLOAD(halfPairingBN254_psi_y2) - $ => B :MLOAD(escalarMulBN254_Q_y2) + $ => B :MLOAD(scalarMulBN254_Q_y2) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) ; e(O,Q) = 1 @@ -331,28 +331,28 @@ halfPairingBN254_Q_subgroup_check: $ => B :MLOAD(halfPairingBN254_Q_x2) $ => C :MLOAD(halfPairingBN254_Q_y1) $ => D :MLOAD(halfPairingBN254_Q_y2) - A :MSTORE(escalarMulBN254_P_x1) - B :MSTORE(escalarMulBN254_P_x2) - C :MSTORE(escalarMulBN254_P_y1) - D :MSTORE(escalarMulBN254_P_y2) - %BN254_SIX_TIMES_X_SQ :MSTORE(escalarMulBN254_k), CALL(escalarMulBN254) + A :MSTORE(scalarMulBN254_P_x1) + B :MSTORE(scalarMulBN254_P_x2) + C :MSTORE(scalarMulBN254_P_y1) + D :MSTORE(scalarMulBN254_P_y2) + %BN254_SIX_TIMES_X_SQ :MSTORE(scalarMulBN254_k), CALL(scalarMulBN254) ; 2.3] Check if psi(Q) == [6x²]Q $ => A :MLOAD(halfPairingBN254_psi_x1) - $ => B :MLOAD(escalarMulBN254_Q_x1) + $ => B :MLOAD(scalarMulBN254_Q_x1) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) $ => A :MLOAD(halfPairingBN254_psi_x2) - $ => B :MLOAD(escalarMulBN254_Q_x2) + $ => B :MLOAD(scalarMulBN254_Q_x2) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) $ => A :MLOAD(halfPairingBN254_psi_y1) - $ => B :MLOAD(escalarMulBN254_Q_y1) + $ => B :MLOAD(scalarMulBN254_Q_y1) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) $ => A :MLOAD(halfPairingBN254_psi_y2) - $ => B :MLOAD(escalarMulBN254_Q_y2) + $ => B :MLOAD(scalarMulBN254_Q_y2) $ :EQ, JMPNC(halfPairingBN254_Q_is_not_in_G2) halfPairingBN254_Miller_loop: diff --git a/main/pairings/pairingBN254.zkasm b/main/pairings/pairingBN254.zkasm index f0daa8c8..c69b1a09 100644 --- a/main/pairings/pairingBN254.zkasm +++ b/main/pairings/pairingBN254.zkasm @@ -163,28 +163,28 @@ pairingBN254_P_is_zero: $ => B :MLOAD(pairingBN254_Q_x2) $ => C :MLOAD(pairingBN254_Q_y1) $ => D :MLOAD(pairingBN254_Q_y2) - A :MSTORE(escalarMulBN254_P_x1) - B :MSTORE(escalarMulBN254_P_x2) - C :MSTORE(escalarMulBN254_P_y1) - D :MSTORE(escalarMulBN254_P_y2) - %BN254_SIX_TIMES_X_SQ :MSTORE(escalarMulBN254_k), CALL(escalarMulBN254) + A :MSTORE(scalarMulBN254_P_x1) + B :MSTORE(scalarMulBN254_P_x2) + C :MSTORE(scalarMulBN254_P_y1) + D :MSTORE(scalarMulBN254_P_y2) + %BN254_SIX_TIMES_X_SQ :MSTORE(scalarMulBN254_k), CALL(scalarMulBN254) ; 2.3] Check if psi(Q) == [6x²]Q $ => A :MLOAD(pairingBN254_psi_x1) - $ => B :MLOAD(escalarMulBN254_Q_x1) + $ => B :MLOAD(scalarMulBN254_Q_x1) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) $ => A :MLOAD(pairingBN254_psi_x2) - $ => B :MLOAD(escalarMulBN254_Q_x2) + $ => B :MLOAD(scalarMulBN254_Q_x2) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) $ => A :MLOAD(pairingBN254_psi_y1) - $ => B :MLOAD(escalarMulBN254_Q_y1) + $ => B :MLOAD(scalarMulBN254_Q_y1) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) $ => A :MLOAD(pairingBN254_psi_y2) - $ => B :MLOAD(escalarMulBN254_Q_y2) + $ => B :MLOAD(scalarMulBN254_Q_y2) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) ; e(O,Q) = 1 @@ -333,28 +333,28 @@ pairingBN254_Q_subgroup_check: $ => B :MLOAD(pairingBN254_Q_x2) $ => C :MLOAD(pairingBN254_Q_y1) $ => D :MLOAD(pairingBN254_Q_y2) - A :MSTORE(escalarMulBN254_P_x1) - B :MSTORE(escalarMulBN254_P_x2) - C :MSTORE(escalarMulBN254_P_y1) - D :MSTORE(escalarMulBN254_P_y2) - %BN254_SIX_TIMES_X_SQ :MSTORE(escalarMulBN254_k), CALL(escalarMulBN254) + A :MSTORE(scalarMulBN254_P_x1) + B :MSTORE(scalarMulBN254_P_x2) + C :MSTORE(scalarMulBN254_P_y1) + D :MSTORE(scalarMulBN254_P_y2) + %BN254_SIX_TIMES_X_SQ :MSTORE(scalarMulBN254_k), CALL(scalarMulBN254) ; 2.3] Check if psi(Q) == [6x²]Q $ => A :MLOAD(pairingBN254_psi_x1) - $ => B :MLOAD(escalarMulBN254_Q_x1) + $ => B :MLOAD(scalarMulBN254_Q_x1) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) $ => A :MLOAD(pairingBN254_psi_x2) - $ => B :MLOAD(escalarMulBN254_Q_x2) + $ => B :MLOAD(scalarMulBN254_Q_x2) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) $ => A :MLOAD(pairingBN254_psi_y1) - $ => B :MLOAD(escalarMulBN254_Q_y1) + $ => B :MLOAD(scalarMulBN254_Q_y1) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) $ => A :MLOAD(pairingBN254_psi_y2) - $ => B :MLOAD(escalarMulBN254_Q_y2) + $ => B :MLOAD(scalarMulBN254_Q_y2) $ :EQ, JMPNC(pairingBN254_Q_is_not_in_G2) pairingBN254_Miller_loop: diff --git a/main/precompiled/selector.zkasm b/main/precompiled/selector.zkasm index 20da84e9..30ba683c 100644 --- a/main/precompiled/selector.zkasm +++ b/main/precompiled/selector.zkasm @@ -17,7 +17,7 @@ INCLUDE "../pairings/BN254/ecAdd.zkasm" INCLUDE "../pairings/BN254/ecMul.zkasm" INCLUDE "../pairings/BN254/doublePointBN254.zkasm" INCLUDE "../pairings/BN254/addPointBN254.zkasm" -INCLUDE "../pairings/BN254/escalarMulBN254.zkasm" +INCLUDE "../pairings/BN254/scalarMulBN254.zkasm" INCLUDE "../pairings/BN254/lineSamePointsBN254.zkasm" INCLUDE "../pairings/BN254/lineDiffPointsBN254.zkasm" INCLUDE "../pairings/FRBN254/reduceFrBN254.zkasm" @@ -31,13 +31,13 @@ INCLUDE "../pairings/FP2BN254/addFp2BN254.zkasm" INCLUDE "../pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../pairings/FP4BN254/squareFp4BN254.zkasm" INCLUDE "../pairings/FP6BN254/addFp6BN254.zkasm" INCLUDE "../pairings/FP6BN254/subFp6BN254.zkasm" INCLUDE "../pairings/FP6BN254/mulFp6BN254.zkasm" -INCLUDE "../pairings/FP6BN254/escalarMulFp6BN254.zkasm" +INCLUDE "../pairings/FP6BN254/scalarMulFp6BN254.zkasm" INCLUDE "../pairings/FP6BN254/sparseMulAFp6BN254.zkasm" INCLUDE "../pairings/FP6BN254/sparseMulBFp6BN254.zkasm" INCLUDE "../pairings/FP6BN254/sparseMulCFp6BN254.zkasm" diff --git a/test/testCycloFp12ArithBN254.zkasm b/test/testCycloFp12ArithBN254.zkasm index 63872930..b88d3324 100644 --- a/test/testCycloFp12ArithBN254.zkasm +++ b/test/testCycloFp12ArithBN254.zkasm @@ -524,7 +524,7 @@ INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP4BN254/squareFp4BN254.zkasm" diff --git a/test/testFinalExpBn254.zkasm b/test/testFinalExpBn254.zkasm index 6e182304..9f1290ba 100644 --- a/test/testFinalExpBn254.zkasm +++ b/test/testFinalExpBn254.zkasm @@ -113,7 +113,7 @@ INCLUDE "../main/pairings/FP2BN254/addFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/FP4BN254/squareFp4BN254.zkasm" diff --git a/test/testFp12ArithBN254.zkasm b/test/testFp12ArithBN254.zkasm index f387ba2b..4f0e8ebb 100644 --- a/test/testFp12ArithBN254.zkasm +++ b/test/testFp12ArithBN254.zkasm @@ -666,12 +666,12 @@ INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/addFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/subFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/mulFp6BN254.zkasm" -INCLUDE "../main/pairings/FP6BN254/escalarMulFp6BN254.zkasm" +INCLUDE "../main/pairings/FP6BN254/scalarMulFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulAFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulBFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulCFp6BN254.zkasm" diff --git a/test/testFp2ArithBN254.zkasm b/test/testFp2ArithBN254.zkasm index 0c51cd3d..4e32ab98 100644 --- a/test/testFp2ArithBN254.zkasm +++ b/test/testFp2ArithBN254.zkasm @@ -139,11 +139,11 @@ start: C => A 8n :ASSERT - ; 5] Escalar Multiplication + ; 5] scalar Multiplication 3n => A 6n => C 4n => D - :CALL(escalarMulFp2BN254) + :CALL(scalarMulFp2BN254) E => A 18n :ASSERT C => A @@ -182,4 +182,4 @@ INCLUDE "../main/pairings/FP2BN254/addFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" \ No newline at end of file +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" \ No newline at end of file diff --git a/test/testFp6ArithBN254.zkasm b/test/testFp6ArithBN254.zkasm index 5259b73b..19a5d40a 100644 --- a/test/testFp6ArithBN254.zkasm +++ b/test/testFp6ArithBN254.zkasm @@ -248,7 +248,7 @@ INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/addFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/subFp6BN254.zkasm" diff --git a/test/testHalfPairingBN254.zkasm b/test/testHalfPairingBN254.zkasm index a37ef1f0..91dbca15 100644 --- a/test/testHalfPairingBN254.zkasm +++ b/test/testHalfPairingBN254.zkasm @@ -261,13 +261,13 @@ INCLUDE "../main/pairings/FP2BN254/addFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/addFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/subFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/mulFp6BN254.zkasm" -INCLUDE "../main/pairings/FP6BN254/escalarMulFp6BN254.zkasm" +INCLUDE "../main/pairings/FP6BN254/scalarMulFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulAFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulBFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulCFp6BN254.zkasm" @@ -277,7 +277,7 @@ INCLUDE "../main/pairings/FP12BN254/sparseMulBFp12BN254.zkasm" INCLUDE "../main/pairings/FP12BN254/squareFp12BN254.zkasm" INCLUDE "../main/pairings/BN254/addPointBN254.zkasm" -INCLUDE "../main/pairings/BN254/escalarMulBN254.zkasm" +INCLUDE "../main/pairings/BN254/scalarMulBN254.zkasm" INCLUDE "../main/pairings/BN254/lineSamePointsBN254.zkasm" INCLUDE "../main/pairings/BN254/lineDiffPointsBN254.zkasm" diff --git a/test/testPairingBN254.zkasm b/test/testPairingBN254.zkasm index 3a2ed975..a86e7cc9 100644 --- a/test/testPairingBN254.zkasm +++ b/test/testPairingBN254.zkasm @@ -420,7 +420,7 @@ INCLUDE "../main/pairings/FP2BN254/addFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/FP4BN254/squareFp4BN254.zkasm" @@ -428,7 +428,7 @@ INCLUDE "../main/pairings/FP4BN254/squareFp4BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/addFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/subFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/mulFp6BN254.zkasm" -INCLUDE "../main/pairings/FP6BN254/escalarMulFp6BN254.zkasm" +INCLUDE "../main/pairings/FP6BN254/scalarMulFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulAFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulBFp6BN254.zkasm" INCLUDE "../main/pairings/FP6BN254/sparseMulCFp6BN254.zkasm" @@ -452,7 +452,7 @@ INCLUDE "../main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm" INCLUDE "../main/pairings/FP12BN254/CYCLOFP12BN254/expByXCompCycloFp12BN254.zkasm" INCLUDE "../main/pairings/BN254/addPointBN254.zkasm" -INCLUDE "../main/pairings/BN254/escalarMulBN254.zkasm" +INCLUDE "../main/pairings/BN254/scalarMulBN254.zkasm" INCLUDE "../main/pairings/BN254/lineSamePointsBN254.zkasm" INCLUDE "../main/pairings/BN254/lineDiffPointsBN254.zkasm" diff --git a/test/testPointArithBN254.zkasm b/test/testPointArithBN254.zkasm index 786e05ae..85eddacf 100644 --- a/test/testPointArithBN254.zkasm +++ b/test/testPointArithBN254.zkasm @@ -143,50 +143,50 @@ start: 2512659008974376214222774206987427162027254181373325676825515531566330959255n :MLOAD(addPointBN254_P3_y1) 957874124722006818841961785324909313781880061366718538693995380805373202866n :MLOAD(addPointBN254_P3_y2) - ; 2] Escalar multiplication - 0n :MSTORE(escalarMulBN254_k) - 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(escalarMulBN254_P_x1) - 11559732032986387107991004021392285783925812861821192530917403151452391805634n :MSTORE(escalarMulBN254_P_x2) - 8495653923123431417604973247489272438418190587263600148770280649306958101930n :MSTORE(escalarMulBN254_P_y1) - 4082367875863433681332203403145435568316851327593401208105741076214120093531n :MSTORE(escalarMulBN254_P_y2) - :CALL(escalarMulBN254) - 0n :MLOAD(escalarMulBN254_Q_x1) - 0n :MLOAD(escalarMulBN254_Q_x2) - 0n :MLOAD(escalarMulBN254_Q_y1) - 0n :MLOAD(escalarMulBN254_Q_y2) + ; 2] scalar multiplication + 0n :MSTORE(scalarMulBN254_k) + 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(scalarMulBN254_P_x1) + 11559732032986387107991004021392285783925812861821192530917403151452391805634n :MSTORE(scalarMulBN254_P_x2) + 8495653923123431417604973247489272438418190587263600148770280649306958101930n :MSTORE(scalarMulBN254_P_y1) + 4082367875863433681332203403145435568316851327593401208105741076214120093531n :MSTORE(scalarMulBN254_P_y2) + :CALL(scalarMulBN254) + 0n :MLOAD(scalarMulBN254_Q_x1) + 0n :MLOAD(scalarMulBN254_Q_x2) + 0n :MLOAD(scalarMulBN254_Q_y1) + 0n :MLOAD(scalarMulBN254_Q_y2) - %BN254_SIX_TIMES_X_SQ :MSTORE(escalarMulBN254_k) - 0n :MSTORE(escalarMulBN254_P_x1) - 0n :MSTORE(escalarMulBN254_P_x2) - 0n :MSTORE(escalarMulBN254_P_y1) - 0n :MSTORE(escalarMulBN254_P_y2) - :CALL(escalarMulBN254) - 0n :MLOAD(escalarMulBN254_Q_x1) - 0n :MLOAD(escalarMulBN254_Q_x2) - 0n :MLOAD(escalarMulBN254_Q_y1) - 0n :MLOAD(escalarMulBN254_Q_y2) + %BN254_SIX_TIMES_X_SQ :MSTORE(scalarMulBN254_k) + 0n :MSTORE(scalarMulBN254_P_x1) + 0n :MSTORE(scalarMulBN254_P_x2) + 0n :MSTORE(scalarMulBN254_P_y1) + 0n :MSTORE(scalarMulBN254_P_y2) + :CALL(scalarMulBN254) + 0n :MLOAD(scalarMulBN254_Q_x1) + 0n :MLOAD(scalarMulBN254_Q_x2) + 0n :MLOAD(scalarMulBN254_Q_y1) + 0n :MLOAD(scalarMulBN254_Q_y2) - %BN254_SIX_TIMES_X_SQ :MSTORE(escalarMulBN254_k) - 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(escalarMulBN254_P_x1) - 11559732032986387107991004021392285783925812861821192530917403151452391805634n :MSTORE(escalarMulBN254_P_x2) - 8495653923123431417604973247489272438418190587263600148770280649306958101930n :MSTORE(escalarMulBN254_P_y1) - 4082367875863433681332203403145435568316851327593401208105741076214120093531n :MSTORE(escalarMulBN254_P_y2) - :CALL(escalarMulBN254) - 13824868563399673693405984206252027284526901521624614945388441201916943098448n :MLOAD(escalarMulBN254_Q_x1) - 6070174842523651825461006324987645339257276059765462992338211551285097849152n :MLOAD(escalarMulBN254_Q_x2) - 4224873494559498571787136390356590572898009346319218613936276445484292886657n :MLOAD(escalarMulBN254_Q_y1) - 14979195929948718632567968180703131754953567972706796447883440492471033097811n :MLOAD(escalarMulBN254_Q_y2) + %BN254_SIX_TIMES_X_SQ :MSTORE(scalarMulBN254_k) + 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(scalarMulBN254_P_x1) + 11559732032986387107991004021392285783925812861821192530917403151452391805634n :MSTORE(scalarMulBN254_P_x2) + 8495653923123431417604973247489272438418190587263600148770280649306958101930n :MSTORE(scalarMulBN254_P_y1) + 4082367875863433681332203403145435568316851327593401208105741076214120093531n :MSTORE(scalarMulBN254_P_y2) + :CALL(scalarMulBN254) + 13824868563399673693405984206252027284526901521624614945388441201916943098448n :MLOAD(scalarMulBN254_Q_x1) + 6070174842523651825461006324987645339257276059765462992338211551285097849152n :MLOAD(scalarMulBN254_Q_x2) + 4224873494559498571787136390356590572898009346319218613936276445484292886657n :MLOAD(scalarMulBN254_Q_y1) + 14979195929948718632567968180703131754953567972706796447883440492471033097811n :MLOAD(scalarMulBN254_Q_y2) - %BN254_R :MSTORE(escalarMulBN254_k) - 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(escalarMulBN254_P_x1) - 11559732032986387107991004021392285783925812861821192530917403151452391805634n :MSTORE(escalarMulBN254_P_x2) - 8495653923123431417604973247489272438418190587263600148770280649306958101930n :MSTORE(escalarMulBN254_P_y1) - 4082367875863433681332203403145435568316851327593401208105741076214120093531n :MSTORE(escalarMulBN254_P_y2) - :CALL(escalarMulBN254) - 0n :MLOAD(escalarMulBN254_Q_x1) - 0n :MLOAD(escalarMulBN254_Q_x2) - 0n :MLOAD(escalarMulBN254_Q_y1) - 0n :MLOAD(escalarMulBN254_Q_y2) + %BN254_R :MSTORE(scalarMulBN254_k) + 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(scalarMulBN254_P_x1) + 11559732032986387107991004021392285783925812861821192530917403151452391805634n :MSTORE(scalarMulBN254_P_x2) + 8495653923123431417604973247489272438418190587263600148770280649306958101930n :MSTORE(scalarMulBN254_P_y1) + 4082367875863433681332203403145435568316851327593401208105741076214120093531n :MSTORE(scalarMulBN254_P_y2) + :CALL(scalarMulBN254) + 0n :MLOAD(scalarMulBN254_Q_x1) + 0n :MLOAD(scalarMulBN254_Q_x2) + 0n :MLOAD(scalarMulBN254_Q_y1) + 0n :MLOAD(scalarMulBN254_Q_y2) ; 3] Tangent line to a point 10857046999023057135944570762232829481370756359578518086990519993285655852781n :MSTORE(lineSamePointsBN254_P_x1) @@ -259,12 +259,12 @@ INCLUDE "../main/pairings/FPBN254/mulFpBN254.zkasm" INCLUDE "../main/pairings/FP2BN254/addFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm" -INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm" +INCLUDE "../main/pairings/FP2BN254/scalarMulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm" INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm" INCLUDE "../main/pairings/BN254/addPointBN254.zkasm" -INCLUDE "../main/pairings/BN254/escalarMulBN254.zkasm" +INCLUDE "../main/pairings/BN254/scalarMulBN254.zkasm" INCLUDE "../main/pairings/BN254/lineSamePointsBN254.zkasm" INCLUDE "../main/pairings/BN254/lineDiffPointsBN254.zkasm" \ No newline at end of file