search

ethereum / py_ecc

Python implementation of ECC pairing and bn_128 and bls12_381 curve operations
MIT License
183 stars 82 forks source link

Mysterious for... else statement in `optimized_swu` #96

Closed hwwhww closed 4 years ago

hwwhww commented 4 years ago

What is wrong?

This else clause on loop is never triggered without a break statement: https://github.com/ethereum/py_ecc/blob/50ee33abc9edb0ffd60acc88cf41614598bd9149/py_ecc/optimized_bls12_381/optimized_swu.py#L60-L63

How can it be fixed

Is it okay to remove this clause?

hwwhww commented 4 years ago

/cc @kirk-baird

kirk-baird commented 4 years ago

Ooh interesting there should not be an else statement!

for eta in etas:
        # Valid solution if (eta * sqrt_candidate(x1)) ** 2 * v - u == 0
        eta_sqrt_candidate = eta * sqrt_candidate
        temp1 = eta_sqrt_candidate ** 2 * v - u
        if temp1 == FQ2.zero() and not success and not success_2:
            y = eta_sqrt_candidate
            success_2 = True
if not success and not success_2:
    # Unreachable
    raise Exception("Hash to Curve - Optimized SWU failure")

It is there to pickup the case where no square root is found and thus hashing to curve has failed. Theoretically it should not be reached, unless of course there is a bug somewhere else in the code.

hwwhww commented 4 years ago

Thanks @kirk-baird!

Closing via #97.