search

penumbra-zone / decaf377

decaf377 is a prime-order group designed for use in SNARKs over BLS12-377
https://protocol.penumbra.zone/main/crypto/decaf377.html
12 stars 12 forks source link

refactor(fiat-crypto): Inversion #66

Closed TalDerei closed 8 months ago

TalDerei commented 9 months ago

References #65.

Referenced BLS12-377 curve construction parameters from ZEXE paper (p.44). Retrieved BLS12-377 twisted edwards curve construction parameters from here.

Note: I slightly modified the input bounds of the fiat-generated divstep to make the output bounds explicitly return. This is merely a semantic change that simplifies the iterations in the inverse function. Update: This change has been reverted.

hdevalence commented 9 months ago

We should avoid editing the generated code, and only write wrappers around it. Otherwise, if we ever need to regenerate, we won't be able to apply the changes cleanly. This is kind of annoying to work around, considering that the generated code generates C-style APIs, but it's important for long-term maintainability and verifiability.

TalDerei commented 9 months ago

We should avoid editing the generated code

agreed, fixed!

TalDerei commented 8 months ago

Per the recent indexing changes (packing two u32s into a single u64) in #67, we effectively consume and implement the inversion functionality. Proposing to close this PR in favor of those changes? cc @redshiftzero @hdevalence.

@cronokirby let's carry over the inversion proptest to Arkworks-Compatibility.