search

10d9e / fiat-shamir.sol

Zero Knowledge Proofs with Fiat-Shamir Heuristic in Solidity
12 stars 3 forks source link

Support for BigIntegers #1

Open 10d9e opened 4 years ago

10d9e commented 4 years ago

Currently the contract only supports 256 bit types. In the wild, this library would have to be updated to handle much larger primes. Possible implementation could use the zcoin BigNumber library.

EIP 198 modular exponentiation notes:

https://ethereum.stackexchange.com/questions/71565/verifying-modular-exponentiation-operation-in-etherum/71590#71590

https://github.com/ethereum/EIPs/blob/master/EIPS/eip-198.md

https://github.com/ethereum/EIPs/blob/60fe6515378aca6c9d1acb4f84d2f0b2a180abe8/EIPS/bigint_modexp.md#specification

function expmod(uint base, uint e, uint m) public view returns (uint o) {

  assembly {
   // define pointer
   let p := mload(0x40)
   // store data assembly-favouring ways
   mstore(p, 0x20)             // Length of Base
   mstore(add(p, 0x20), 0x20)  // Length of Exponent
   mstore(add(p, 0x40), 0x20)  // Length of Modulus
   mstore(add(p, 0x60), base)  // Base
   mstore(add(p, 0x80), e)     // Exponent
   mstore(add(p, 0xa0), m)     // Modulus
   if iszero(staticcall(sub(gas, 2000), 0x05, p, 0xc0, p, 0x20)) {
     revert(0, 0)
   }
   // data
   o := mload(p)
  }
}
riordant commented 5 months ago

hey, FYI the BigNumber library has been massively overhauled and is much more stable now - https://github.com/firoorg/solidity-BigNumber