From e69c81fd2b7c6a85358d28f49a69125240cbac6f Mon Sep 17 00:00:00 2001 From: TomasM Date: Sat, 4 Aug 2018 16:31:29 +0000 Subject: [PATCH] Fixed crashes when sending Z transactions in win32 build --- zcutil/extra/zcash-win32.patch | 2209 +++++++++++++++++++++++++++++--- 1 file changed, 2023 insertions(+), 186 deletions(-) diff --git a/zcutil/extra/zcash-win32.patch b/zcutil/extra/zcash-win32.patch index 89f619b67e9..a99d0bdc9cf 100644 --- a/zcutil/extra/zcash-win32.patch +++ b/zcutil/extra/zcash-win32.patch @@ -485,11 +485,132 @@ index 23f005a3e5..5887048adc 100644 } else { // Print delineator std::cout << "----------------------------------------" << std::endl; +diff --git a/src/test/rpc_wallet_tests.cpp b/src/test/rpc_wallet_tests.cpp +index 47c85722a0..cb920d26d6 100644 +--- a/src/test/rpc_wallet_tests.cpp ++++ b/src/test/rpc_wallet_tests.cpp +@@ -402,7 +402,7 @@ BOOST_AUTO_TEST_CASE(rpc_wallet_z_exportwallet) + BOOST_CHECK_THROW(CallRPC(string("z_exportwallet ") + tmpfilename.string()), runtime_error); + + // set exportdir +- mapArgs["-exportdir"] = tmppath.native(); ++ mapArgs["-exportdir"] = tmppath.string(); + + // run some tests + BOOST_CHECK_THROW(CallRPC("z_exportwallet"), runtime_error); +@@ -482,7 +482,7 @@ BOOST_AUTO_TEST_CASE(rpc_wallet_z_importwallet) + // write test data to file + boost::filesystem::path temp = boost::filesystem::temp_directory_path() / + boost::filesystem::unique_path(); +- const std::string path = temp.native(); ++ const std::string path = temp.string(); + std::ofstream file(path); + file << testWalletDump; + file << std::flush; +diff --git a/zcutil/build.sh b/zcutil/build.sh +index d86ae99ab9..5479ca58d4 100755 +--- a/zcutil/build.sh ++++ b/zcutil/build.sh +@@ -33,14 +33,6 @@ if [[ -z "${HOST-}" ]]; then + HOST="$BUILD" + fi + +-# Allow override to $CC and $CXX for porters. Most users will not need it. +-if [[ -z "${CC-}" ]]; then +- CC=gcc +-fi +-if [[ -z "${CXX-}" ]]; then +- CXX=g++ +-fi +- + # Allow users to set arbitary compile flags. Most users will not need this. + if [[ -z "${CONFIGURE_FLAGS-}" ]]; then + CONFIGURE_FLAGS="" +@@ -105,15 +97,11 @@ then + shift + fi + +-PREFIX="$(pwd)/depends/$BUILD/" +- + eval "$MAKE" --version +-eval "$CC" --version +-eval "$CXX" --version + as --version + ld -v + + HOST="$HOST" BUILD="$BUILD" NO_PROTON="$PROTON_ARG" "$MAKE" "$@" -C ./depends/ V=1 + ./autogen.sh +-CC="$CC" CXX="$CXX" ./configure --prefix="${PREFIX}" --host="$HOST" --build="$BUILD" "$HARDENING_ARG" "$LCOV_ARG" "$TEST_ARG" "$MINING_ARG" "$PROTON_ARG" $CONFIGURE_FLAGS --enable-werror CXXFLAGS='-g' ++CONFIG_SITE="$PWD/depends/$HOST/share/config.site" ./configure "$HARDENING_ARG" "$LCOV_ARG" "$TEST_ARG" "$MINING_ARG" "$PROTON_ARG" $CONFIGURE_FLAGS CXXFLAGS='-g' + "$MAKE" "$@" V=1 +diff --git a/src/snark/AUTHORS b/src/snark/AUTHORS +index 1b2d7a2..cdc8d66 100644 +--- a/src/snark/AUTHORS ++++ b/src/snark/AUTHORS +@@ -17,3 +17,6 @@ External contributors: + Tadanori TERUYA + Sean Bowe + Daira Hopwood ++ @mugatu on forum.z.cash ++ David Mercer ++ Joshua Yabut +diff --git a/src/snark/Makefile b/src/snark/Makefile +index cceffb9..ac86490 100644 +--- a/src/snark/Makefile ++++ b/src/snark/Makefile +@@ -6,6 +6,13 @@ + #* @copyright MIT license (see LICENSE file) + #*******************************************************************************/ + ++# Determine building operating system ++ifeq ($(OS),Windows_NT) ++ uname_S := Windows ++else ++ uname_S := $(shell uname -s) ++endif ++ + # To override these, use "make OPTFLAGS=..." etc. + CURVE = BN128 + OPTFLAGS = -O2 -march=native -mtune=native +@@ -106,18 +113,9 @@ + EXECUTABLES_WITH_SUPERCOP = \ + libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/demo_r1cs_ppzkadsnark + +-GTEST_TESTS = libsnark/gtests ++GTEST_TESTS = + +-GTEST_SRCS = \ +- libsnark/algebra/curves/tests/test_bilinearity.cpp \ +- libsnark/algebra/curves/tests/test_groups.cpp \ +- libsnark/algebra/fields/tests/test_bigint.cpp \ +- libsnark/algebra/fields/tests/test_fields.cpp \ +- libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp \ +- libsnark/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp \ +- libsnark/relations/arithmetic_programs/qap/tests/test_qap.cpp \ +- libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp \ +- libsnark/gtests.cpp ++GTEST_SRCS = + + DOCS = README.html + +@@ -175,6 +173,7 @@ + $(if $(NO_GTEST),,$(EXECUTABLES_WITH_GTEST) $(GTEST_TESTS)) \ + $(if $(NO_SUPERCOP),,$(EXECUTABLES_WITH_SUPERCOP)) \ + $(EXECUTABLES) \ ++ $(LIBSNARK_A) \ + $(if $(NO_DOCS),,doc) + + doc: $(DOCS) diff --git a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.cpp b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.cpp -index bf7f43d6f5..2c62060566 100644 +index bf7f43d..7f329d6 100644 --- a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.cpp +++ b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.cpp -@@ -10,8 +10,8 @@ +@@ -6,16 +6,17 @@ + *****************************************************************************/ + + #include "algebra/curves/alt_bn128/alt_bn128_g1.hpp" ++#include "common/assert_except.hpp" + namespace libsnark { #ifdef PROFILE_OP_COUNTS @@ -499,12 +620,27 @@ index bf7f43d6f5..2c62060566 100644 +int64_t alt_bn128_G1::dbl_cnt = 0; #endif - std::vector alt_bn128_G1::wnaf_window_table; +-std::vector alt_bn128_G1::wnaf_window_table; +-std::vector alt_bn128_G1::fixed_base_exp_window_table; ++std::vector alt_bn128_G1::wnaf_window_table; ++std::vector alt_bn128_G1::fixed_base_exp_window_table; + alt_bn128_G1 alt_bn128_G1::G1_zero; + alt_bn128_G1 alt_bn128_G1::G1_one; + +@@ -256,7 +257,7 @@ alt_bn128_G1 alt_bn128_G1::add(const alt_bn128_G1 &other) const + alt_bn128_G1 alt_bn128_G1::mixed_add(const alt_bn128_G1 &other) const + { + #ifdef DEBUG +- assert(other.is_special()); ++ assert_except(other.is_special()); + #endif + + // handle special cases having to do with O diff --git a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.hpp b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.hpp -index da11a2e8c4..7053fe6889 100644 +index da11a2e..567f2fa 100644 --- a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.hpp +++ b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g1.hpp -@@ -20,8 +20,8 @@ std::istream& operator>>(std::istream &, alt_bn128_G1&); +@@ -20,11 +20,11 @@ std::istream& operator>>(std::istream &, alt_bn128_G1&); class alt_bn128_G1 { public: #ifdef PROFILE_OP_COUNTS @@ -513,13 +649,23 @@ index da11a2e8c4..7053fe6889 100644 + static int64_t add_cnt; + static int64_t dbl_cnt; #endif - static std::vector wnaf_window_table; - static std::vector fixed_base_exp_window_table; +- static std::vector wnaf_window_table; +- static std::vector fixed_base_exp_window_table; ++ static std::vector wnaf_window_table; ++ static std::vector fixed_base_exp_window_table; + static alt_bn128_G1 G1_zero; + static alt_bn128_G1 G1_one; + diff --git a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.cpp b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.cpp -index c4152e4374..4b592e8044 100644 +index c4152e4..98f4710 100644 --- a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.cpp +++ b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.cpp -@@ -10,8 +10,8 @@ +@@ -6,16 +6,17 @@ + *****************************************************************************/ + + #include "algebra/curves/alt_bn128/alt_bn128_g2.hpp" ++#include "common/assert_except.hpp" + namespace libsnark { #ifdef PROFILE_OP_COUNTS @@ -529,12 +675,27 @@ index c4152e4374..4b592e8044 100644 +int64_t alt_bn128_G2::dbl_cnt = 0; #endif - std::vector alt_bn128_G2::wnaf_window_table; +-std::vector alt_bn128_G2::wnaf_window_table; +-std::vector alt_bn128_G2::fixed_base_exp_window_table; ++std::vector alt_bn128_G2::wnaf_window_table; ++std::vector alt_bn128_G2::fixed_base_exp_window_table; + alt_bn128_G2 alt_bn128_G2::G2_zero; + alt_bn128_G2 alt_bn128_G2::G2_one; + +@@ -266,7 +267,7 @@ alt_bn128_G2 alt_bn128_G2::add(const alt_bn128_G2 &other) const + alt_bn128_G2 alt_bn128_G2::mixed_add(const alt_bn128_G2 &other) const + { + #ifdef DEBUG +- assert(other.is_special()); ++ assert_except(other.is_special()); + #endif + + // handle special cases having to do with O diff --git a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.hpp b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.hpp -index a996a2d1a1..d6fa6a10d2 100644 +index a996a2d..57bad1a 100644 --- a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.hpp +++ b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_g2.hpp -@@ -20,8 +20,8 @@ std::istream& operator>>(std::istream &, alt_bn128_G2&); +@@ -20,11 +20,11 @@ std::istream& operator>>(std::istream &, alt_bn128_G2&); class alt_bn128_G2 { public: #ifdef PROFILE_OP_COUNTS @@ -543,10 +704,15 @@ index a996a2d1a1..d6fa6a10d2 100644 + static int64_t add_cnt; + static int64_t dbl_cnt; #endif - static std::vector wnaf_window_table; - static std::vector fixed_base_exp_window_table; +- static std::vector wnaf_window_table; +- static std::vector fixed_base_exp_window_table; ++ static std::vector wnaf_window_table; ++ static std::vector fixed_base_exp_window_table; + static alt_bn128_G2 G2_zero; + static alt_bn128_G2 G2_one; + diff --git a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_pairing.cpp b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_pairing.cpp -index db556c5b28..07b6a8c718 100644 +index db556c5..07b6a8c 100644 --- a/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_pairing.cpp +++ b/src/snark/libsnark/algebra/curves/alt_bn128/alt_bn128_pairing.cpp @@ -324,7 +324,7 @@ alt_bn128_ate_G2_precomp alt_bn128_ate_precompute_G2(const alt_bn128_G2& Q) @@ -577,7 +743,7 @@ index db556c5b28..07b6a8c718 100644 const bool bit = loop_count.test_bit(i); if (!found_one) diff --git a/src/snark/libsnark/algebra/curves/curve_utils.tcc b/src/snark/libsnark/algebra/curves/curve_utils.tcc -index 251d75d8ba..38140cd48a 100644 +index 251d75d..38140cd 100644 --- a/src/snark/libsnark/algebra/curves/curve_utils.tcc +++ b/src/snark/libsnark/algebra/curves/curve_utils.tcc @@ -16,7 +16,7 @@ GroupT scalar_mul(const GroupT &base, const bigint &scalar) @@ -589,11 +755,354 @@ index 251d75d8ba..38140cd48a 100644 { if (found_one) { +diff --git a/src/snark/libsnark/algebra/curves/tests/test_bilinearity.cpp b/src/snark/libsnark/algebra/curves/tests/test_bilinearity.cpp +index fe6593b..18e68f7 100644 +--- a/src/snark/libsnark/algebra/curves/tests/test_bilinearity.cpp ++++ b/src/snark/libsnark/algebra/curves/tests/test_bilinearity.cpp +@@ -4,13 +4,17 @@ + * and contributors (see AUTHORS). + * @copyright MIT license (see LICENSE file) + *****************************************************************************/ ++#include + #include "common/profiling.hpp" ++//#include "algebra/curves/edwards/edwards_pp.hpp" + #ifdef CURVE_BN128 + #include "algebra/curves/bn128/bn128_pp.hpp" + #endif + #include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" +- +-#include ++//#include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" ++//#include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" ++#include "algebra/curves/alt_bn128/alt_bn128_pairing.hpp" ++#include "algebra/curves/alt_bn128/alt_bn128_pairing.cpp" + + using namespace libsnark; + +@@ -45,11 +49,11 @@ void pairing_test() + ans1.print(); + ans2.print(); + ans3.print(); +- EXPECT_EQ(ans1, ans2); +- EXPECT_EQ(ans2, ans3); ++ assert(ans1 == ans2); ++ assert(ans2 == ans3); + +- EXPECT_NE(ans1, GT_one); +- EXPECT_EQ((ans1^Fr::field_char()), GT_one); ++ assert(ans1 != GT_one); ++ assert((ans1^Fr::field_char()) == GT_one); + printf("\n\n"); + } + +@@ -69,7 +73,7 @@ void double_miller_loop_test() + const Fqk ans_1 = ppT::miller_loop(prec_P1, prec_Q1); + const Fqk ans_2 = ppT::miller_loop(prec_P2, prec_Q2); + const Fqk ans_12 = ppT::double_miller_loop(prec_P1, prec_Q1, prec_P2, prec_Q2); +- EXPECT_EQ(ans_1 * ans_2, ans_12); ++ assert(ans_1 * ans_2 == ans_12); + } + + template +@@ -98,17 +102,31 @@ void affine_pairing_test() + ans1.print(); + ans2.print(); + ans3.print(); +- EXPECT_EQ(ans1, ans2); +- EXPECT_EQ(ans2, ans3); ++ assert(ans1 == ans2); ++ assert(ans2 == ans3); + +- EXPECT_NE(ans1, GT_one); +- EXPECT_EQ((ans1^Fr::field_char()), GT_one); ++ assert(ans1 != GT_one); ++ assert((ans1^Fr::field_char()) == GT_one); + printf("\n\n"); + } + +-TEST(algebra, bilinearity) ++int main(void) + { + start_profiling(); ++ edwards_pp::init_public_params(); ++ pairing_test(); ++ double_miller_loop_test(); ++ ++ mnt6_pp::init_public_params(); ++ pairing_test(); ++ double_miller_loop_test(); ++ affine_pairing_test(); ++ ++ mnt4_pp::init_public_params(); ++ pairing_test(); ++ double_miller_loop_test(); ++ affine_pairing_test(); ++ + alt_bn128_pp::init_public_params(); + pairing_test(); + double_miller_loop_test(); +diff --git a/src/snark/libsnark/algebra/curves/tests/test_groups.cpp b/src/snark/libsnark/algebra/curves/tests/test_groups.cpp +index 7bb7c31..4f64334 100644 +--- a/src/snark/libsnark/algebra/curves/tests/test_groups.cpp ++++ b/src/snark/libsnark/algebra/curves/tests/test_groups.cpp +@@ -5,14 +5,15 @@ + * @copyright MIT license (see LICENSE file) + *****************************************************************************/ + #include "common/profiling.hpp" ++//#include "algebra/curves/edwards/edwards_pp.hpp" ++//#include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" ++//#include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" + #ifdef CURVE_BN128 + #include "algebra/curves/bn128/bn128_pp.hpp" + #endif + #include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" + #include + +-#include +- + using namespace libsnark; + + template +@@ -24,31 +25,31 @@ void test_mixed_add() + el = GroupT::zero(); + el.to_special(); + result = base.mixed_add(el); +- EXPECT_EQ(result, base + el); ++ assert(result == base + el); + + base = GroupT::zero(); + el = GroupT::random_element(); + el.to_special(); + result = base.mixed_add(el); +- EXPECT_EQ(result, base + el); ++ assert(result == base + el); + + base = GroupT::random_element(); + el = GroupT::zero(); + el.to_special(); + result = base.mixed_add(el); +- EXPECT_EQ(result, base + el); ++ assert(result == base + el); + + base = GroupT::random_element(); + el = GroupT::random_element(); + el.to_special(); + result = base.mixed_add(el); +- EXPECT_EQ(result, base + el); ++ assert(result == base + el); + + base = GroupT::random_element(); + el = base; + el.to_special(); + result = base.mixed_add(el); +- EXPECT_EQ(result, base.dbl()); ++ assert(result == base.dbl()); + } + + template +@@ -59,53 +60,53 @@ void test_group() + bigint<1> randsum = bigint<1>("121160274"); + + GroupT zero = GroupT::zero(); +- EXPECT_EQ(zero, zero); ++ assert(zero == zero); + GroupT one = GroupT::one(); +- EXPECT_EQ(one, one); ++ assert(one == one); + GroupT two = bigint<1>(2l) * GroupT::one(); +- EXPECT_EQ(two, two); ++ assert(two == two); + GroupT five = bigint<1>(5l) * GroupT::one(); + + GroupT three = bigint<1>(3l) * GroupT::one(); + GroupT four = bigint<1>(4l) * GroupT::one(); + +- EXPECT_EQ(two+five, three+four); ++ assert(two+five == three+four); + + GroupT a = GroupT::random_element(); + GroupT b = GroupT::random_element(); + +- EXPECT_NE(one, zero); +- EXPECT_NE(a, zero); +- EXPECT_NE(a, one); ++ assert(one != zero); ++ assert(a != zero); ++ assert(a != one); + +- EXPECT_NE(b, zero); +- EXPECT_NE(b, one); ++ assert(b != zero); ++ assert(b != one); + +- EXPECT_EQ(a.dbl(), a + a); +- EXPECT_EQ(b.dbl(), b + b); +- EXPECT_EQ(one.add(two), three); +- EXPECT_EQ(two.add(one), three); +- EXPECT_EQ(a + b, b + a); +- EXPECT_EQ(a - a, zero); +- EXPECT_EQ(a - b, a + (-b)); +- EXPECT_EQ(a - b, (-b) + a); ++ assert(a.dbl() == a + a); ++ assert(b.dbl() == b + b); ++ assert(one.add(two) == three); ++ assert(two.add(one) == three); ++ assert(a + b == b + a); ++ assert(a - a == zero); ++ assert(a - b == a + (-b)); ++ assert(a - b == (-b) + a); + + // handle special cases +- EXPECT_EQ(zero + (-a), -a); +- EXPECT_EQ(zero - a, -a); +- EXPECT_EQ(a - zero, a); +- EXPECT_EQ(a + zero, a); +- EXPECT_EQ(zero + a, a); ++ assert(zero + (-a) == -a); ++ assert(zero - a == -a); ++ assert(a - zero == a); ++ assert(a + zero == a); ++ assert(zero + a == a); + +- EXPECT_EQ((a + b).dbl(), (a + b) + (b + a)); +- EXPECT_EQ(bigint<1>("2") * (a + b), (a + b) + (b + a)); ++ assert((a + b).dbl() == (a + b) + (b + a)); ++ assert(bigint<1>("2") * (a + b) == (a + b) + (b + a)); + +- EXPECT_EQ((rand1 * a) + (rand2 * a), (randsum * a)); ++ assert((rand1 * a) + (rand2 * a) == (randsum * a)); + +- EXPECT_EQ(GroupT::order() * a, zero); +- EXPECT_EQ(GroupT::order() * one, zero); +- EXPECT_NE((GroupT::order() * a) - a, zero); +- EXPECT_NE((GroupT::order() * one) - one, zero); ++ assert(GroupT::order() * a == zero); ++ assert(GroupT::order() * one == zero); ++ assert((GroupT::order() * a) - a != zero); ++ assert((GroupT::order() * one) - one != zero); + + test_mixed_add(); + } +@@ -114,7 +115,7 @@ template + void test_mul_by_q() + { + GroupT a = GroupT::random_element(); +- EXPECT_EQ((GroupT::base_field_char()*a), a.mul_by_q()); ++ assert((GroupT::base_field_char()*a) == a.mul_by_q()); + } + + template +@@ -128,14 +129,36 @@ void test_output() + ss << g; + GroupT gg; + ss >> gg; +- EXPECT_EQ(g, gg); ++ assert(g == gg); + /* use a random point in next iteration */ + g = GroupT::random_element(); + } + } + +-TEST(algebra, groups) ++int main(void) + { ++/* ++ edwards_pp::init_public_params(); ++ test_group >(); ++ test_output >(); ++ test_group >(); ++ test_output >(); ++ test_mul_by_q >(); ++ ++ mnt4_pp::init_public_params(); ++ test_group >(); ++ test_output >(); ++ test_group >(); ++ test_output >(); ++ test_mul_by_q >(); ++ ++ mnt6_pp::init_public_params(); ++ test_group >(); ++ test_output >(); ++ test_group >(); ++ test_output >(); ++ test_mul_by_q >(); ++*/ + alt_bn128_pp::init_public_params(); + test_group >(); + test_output >(); +diff --git a/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain.tcc b/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain.tcc +index d315e83..16dcd54 100644 +--- a/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain.tcc ++++ b/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain.tcc +@@ -15,15 +15,16 @@ + #define BASIC_RADIX2_DOMAIN_TCC_ + + #include "algebra/evaluation_domain/domains/basic_radix2_domain_aux.hpp" ++#include "common/assert_except.hpp" + + namespace libsnark { + + template + basic_radix2_domain::basic_radix2_domain(const size_t m) : evaluation_domain(m) + { +- assert(m > 1); ++ assert_except(m > 1); + const size_t logm = log2(m); +- assert(logm <= (FieldT::s)); ++ assert_except(logm <= (FieldT::s)); + + omega = get_root_of_unity(m); + } +@@ -32,7 +33,7 @@ template + void basic_radix2_domain::FFT(std::vector &a) + { + enter_block("Execute FFT"); +- assert(a.size() == this->m); ++ assert_except(a.size() == this->m); + _basic_radix2_FFT(a, omega); + leave_block("Execute FFT"); + } +@@ -41,7 +42,7 @@ template + void basic_radix2_domain::iFFT(std::vector &a) + { + enter_block("Execute inverse FFT"); +- assert(a.size() == this->m); ++ assert_except(a.size() == this->m); + _basic_radix2_FFT(a, omega.inverse()); + + const FieldT sconst = FieldT(a.size()).inverse(); +@@ -91,7 +92,7 @@ FieldT basic_radix2_domain::compute_Z(const FieldT &t) + template + void basic_radix2_domain::add_poly_Z(const FieldT &coeff, std::vector &H) + { +- assert(H.size() == this->m+1); ++ assert_except(H.size() == this->m+1); + H[this->m] += coeff; + H[0] -= coeff; + } diff --git a/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain_aux.tcc b/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain_aux.tcc -index 138b82dbc1..79f2ffec71 100644 +index 138b82d..f42e424 100644 --- a/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain_aux.tcc +++ b/src/snark/libsnark/algebra/evaluation_domain/domains/basic_radix2_domain_aux.tcc -@@ -74,11 +74,11 @@ void _basic_serial_radix2_FFT(std::vector &a, const FieldT &omega) +@@ -21,6 +21,7 @@ + #include "algebra/fields/field_utils.hpp" + #include "common/profiling.hpp" + #include "common/utils.hpp" ++#include "common/assert_except.hpp" + + namespace libsnark { + +@@ -38,7 +39,7 @@ template + void _basic_serial_radix2_FFT(std::vector &a, const FieldT &omega) + { + const size_t n = a.size(), logn = log2(n); +- assert(n == (1u << logn)); ++ assert_except(n == (1u << logn)); + + /* swapping in place (from Storer's book) */ + for (size_t k = 0; k < n; ++k) +@@ -74,11 +75,11 @@ void _basic_serial_radix2_FFT(std::vector &a, const FieldT &omega) template void _basic_parallel_radix2_FFT_inner(std::vector &a, const FieldT &omega, const size_t log_cpus) { @@ -603,11 +1112,11 @@ index 138b82dbc1..79f2ffec71 100644 const size_t m = a.size(); const size_t log_m = log2(m); - assert(m == 1ul< &a, const FieldT &omeg +@@ -90,7 +91,7 @@ void _basic_parallel_radix2_FFT_inner(std::vector &a, const FieldT &omeg std::vector > tmp(num_cpus); for (size_t j = 0; j < num_cpus; ++j) { @@ -616,7 +1125,7 @@ index 138b82dbc1..79f2ffec71 100644 } #ifdef MULTICORE -@@ -102,7 +102,7 @@ void _basic_parallel_radix2_FFT_inner(std::vector &a, const FieldT &omeg +@@ -102,7 +103,7 @@ void _basic_parallel_radix2_FFT_inner(std::vector &a, const FieldT &omeg const FieldT omega_step = omega^(j<<(log_m - log_cpus)); FieldT elt = FieldT::one(); @@ -625,7 +1134,7 @@ index 138b82dbc1..79f2ffec71 100644 { for (size_t s = 0; s < num_cpus; ++s) { -@@ -135,7 +135,7 @@ void _basic_parallel_radix2_FFT_inner(std::vector &a, const FieldT &omeg +@@ -135,7 +136,7 @@ void _basic_parallel_radix2_FFT_inner(std::vector &a, const FieldT &omeg #endif for (size_t i = 0; i < num_cpus; ++i) { @@ -634,11 +1143,48 @@ index 138b82dbc1..79f2ffec71 100644 { // now: i = idx >> (log_m - log_cpus) and j = idx % (1u << (log_m - log_cpus)), for idx = ((i<<(log_m-log_cpus))+j) % (1u << log_m) a[(j< _basic_radix2_lagrange_coeffs(const size_t m, const FieldT & + return std::vector(1, FieldT::one()); + } + +- assert(m == (1u << log2(m))); ++ assert_except(m == (1u << log2(m))); + + const FieldT omega = get_root_of_unity(m); + diff --git a/src/snark/libsnark/algebra/evaluation_domain/evaluation_domain.tcc b/src/snark/libsnark/algebra/evaluation_domain/evaluation_domain.tcc -index 8e3ea7a625..ec58ad87c1 100644 +index 8e3ea7a..d0e28c8 100644 --- a/src/snark/libsnark/algebra/evaluation_domain/evaluation_domain.tcc +++ b/src/snark/libsnark/algebra/evaluation_domain/evaluation_domain.tcc -@@ -54,9 +54,9 @@ std::shared_ptr > get_evaluation_domain(const size_t m +@@ -22,15 +22,16 @@ + #include + #include "algebra/fields/field_utils.hpp" + #include "algebra/evaluation_domain/domains/basic_radix2_domain.hpp" ++#include "common/assert_except.hpp" + + namespace libsnark { + + template + std::shared_ptr > get_evaluation_domain(const size_t min_size) + { +- assert(min_size > 1); ++ assert_except(min_size > 1); + const size_t log_min_size = log2(min_size); +- assert(log_min_size <= (FieldT::s+1)); ++ assert_except(log_min_size <= (FieldT::s+1)); + + std::shared_ptr > result; + if (min_size == (1u << log_min_size)) +@@ -41,7 +42,7 @@ std::shared_ptr > get_evaluation_domain(const size_t m + { + print_indent(); printf("* Selected domain: extended_radix2\n"); + } +- assert(0); ++ assert_except(0); + } + else + { +@@ -54,9 +55,9 @@ std::shared_ptr > get_evaluation_domain(const size_t m } else { @@ -650,8 +1196,37 @@ index 8e3ea7a625..ec58ad87c1 100644 if (big == rounded_small) { if (log2(big + rounded_small) < FieldT::s+1) +@@ -73,7 +74,7 @@ std::shared_ptr > get_evaluation_domain(const size_t m + { + print_indent(); printf("* Selected domain: extended_radix2\n"); + } +- assert(0); ++ assert_except(0); + } + } + else +@@ -82,7 +83,7 @@ std::shared_ptr > get_evaluation_domain(const size_t m + { + print_indent(); printf("* Selected domain: step_radix2\n"); + } +- assert(0); ++ assert_except(0); + } + } + +@@ -92,8 +93,8 @@ std::shared_ptr > get_evaluation_domain(const size_t m + template + FieldT lagrange_eval(const size_t m, const std::vector &domain, const FieldT &t, const size_t idx) + { +- assert(m == domain.size()); +- assert(idx < m); ++ assert_except(m == domain.size()); ++ assert_except(idx < m); + + FieldT num = FieldT::one(); + FieldT denom = FieldT::one(); diff --git a/src/snark/libsnark/algebra/exponentiation/exponentiation.hpp b/src/snark/libsnark/algebra/exponentiation/exponentiation.hpp -index a8a2c925cb..836ebf0021 100644 +index a8a2c92..836ebf0 100644 --- a/src/snark/libsnark/algebra/exponentiation/exponentiation.hpp +++ b/src/snark/libsnark/algebra/exponentiation/exponentiation.hpp @@ -22,7 +22,7 @@ template @@ -664,7 +1239,7 @@ index a8a2c925cb..836ebf0021 100644 } // libsnark diff --git a/src/snark/libsnark/algebra/exponentiation/exponentiation.tcc b/src/snark/libsnark/algebra/exponentiation/exponentiation.tcc -index dd557eb123..7ac3bf5d38 100644 +index dd557eb..7ac3bf5 100644 --- a/src/snark/libsnark/algebra/exponentiation/exponentiation.tcc +++ b/src/snark/libsnark/algebra/exponentiation/exponentiation.tcc @@ -25,7 +25,7 @@ FieldT power(const FieldT &base, const bigint &exponent) @@ -686,19 +1261,19 @@ index dd557eb123..7ac3bf5d38 100644 return power(base, bigint<1>(exponent)); } diff --git a/src/snark/libsnark/algebra/fields/bigint.hpp b/src/snark/libsnark/algebra/fields/bigint.hpp -index 50f78b780a..dc47a7efc7 100644 +index ff00dd5..dc47a7e 100644 --- a/src/snark/libsnark/algebra/fields/bigint.hpp +++ b/src/snark/libsnark/algebra/fields/bigint.hpp -@@ -33,7 +33,7 @@ class bigint { +@@ -33,7 +33,7 @@ public: mp_limb_t data[n] = {0}; bigint() = default; - bigint(const unsigned long x); /// Initialize from a small integer -+ bigint(const uint64_t x); /// Initalize from a small integer ++ bigint(const uint64_t x); /// Initialize from a small integer bigint(const char* s); /// Initialize from a string containing an integer in decimal notation bigint(const mpz_t r); /// Initialize from MPZ element -@@ -46,7 +46,7 @@ class bigint { +@@ -46,7 +46,7 @@ public: size_t max_bits() const { return n * GMP_NUMB_BITS; } size_t num_bits() const; @@ -708,10 +1283,15 @@ index 50f78b780a..dc47a7efc7 100644 bool test_bit(const std::size_t bitno) const; diff --git a/src/snark/libsnark/algebra/fields/bigint.tcc b/src/snark/libsnark/algebra/fields/bigint.tcc -index 81befd96af..dfd57589ac 100644 +index f81addf..1faa4f9 100644 --- a/src/snark/libsnark/algebra/fields/bigint.tcc +++ b/src/snark/libsnark/algebra/fields/bigint.tcc -@@ -17,9 +17,9 @@ +@@ -13,13 +13,14 @@ + #include + #include + #include "sodium.h" ++#include "common/assert_except.hpp" + namespace libsnark { template @@ -723,7 +1303,31 @@ index 81befd96af..dfd57589ac 100644 this->data[0] = x; } -@@ -105,7 +105,7 @@ template +@@ -31,12 +32,12 @@ bigint::bigint(const char* s) /// Initialize from a string containing an inte + + for (size_t i = 0; i < l; ++i) + { +- assert(s[i] >= '0' && s[i] <= '9'); ++ assert_except(s[i] >= '0' && s[i] <= '9'); + s_copy[i] = s[i] - '0'; + } + + mp_size_t limbs_written = mpn_set_str(this->data, s_copy, l, 10); +- assert(limbs_written <= n); ++ assert_except(limbs_written <= n); + + delete[] s_copy; + } +@@ -53,7 +54,7 @@ bigint::bigint(const mpz_t r) /// Initialize from MPZ element + mpz_fdiv_q_2exp(k, k, GMP_NUMB_BITS); + } + +- assert(mpz_sgn(k) == 0); ++ assert_except(mpz_sgn(k) == 0); + mpz_clear(k); + } + +@@ -105,7 +106,7 @@ template size_t bigint::num_bits() const { /* @@ -732,7 +1336,7 @@ index 81befd96af..dfd57589ac 100644 { if (this->test_bit(i)) { -@@ -115,7 +115,7 @@ size_t bigint::num_bits() const +@@ -115,7 +116,7 @@ size_t bigint::num_bits() const return 0; */ @@ -741,7 +1345,15 @@ index 81befd96af..dfd57589ac 100644 { mp_limb_t x = this->data[i]; if (x == 0) -@@ -131,7 +131,7 @@ size_t bigint::num_bits() const +@@ -124,14 +125,14 @@ size_t bigint::num_bits() const + } + else + { +- return ((i+1) * GMP_NUMB_BITS) - __builtin_clzl(x); ++ return ((i+1) * GMP_NUMB_BITS) - __builtin_clzll(x); + } + } + return 0; } template @@ -750,11 +1362,174 @@ index 81befd96af..dfd57589ac 100644 { return this->data[0]; } +@@ -186,7 +187,7 @@ inline void bigint::div_qr(bigint& quotient, bigint& remainder, + const bigint& dividend, const bigint& divisor) + { + static_assert(n >= d, "dividend must not be smaller than divisor for bigint::div_qr"); +- assert(divisor.data[d-1] != 0); ++ assert_except(divisor.data[d-1] != 0); + mpn_tdiv_qr(quotient.data, remainder.data, 0, dividend.data, n, divisor.data, d); + } + +@@ -223,7 +224,7 @@ inline bool bigint::operator>(const bigint& other) const + template + bigint& bigint::randomize() + { +- assert(GMP_NUMB_BITS == sizeof(mp_limb_t) * 8); ++ assert_except(GMP_NUMB_BITS == sizeof(mp_limb_t) * 8); + + randombytes_buf(this->data, sizeof(mp_limb_t) * n); + +@@ -262,12 +263,12 @@ std::istream& operator>>(std::istream &in, bigint &b) + + for (size_t i = 0; i < l; ++i) + { +- assert(s[i] >= '0' && s[i] <= '9'); ++ assert_except(s[i] >= '0' && s[i] <= '9'); + s_copy[i] = s[i] - '0'; + } + + mp_size_t limbs_written = mpn_set_str(b.data, s_copy, l, 10); +- assert(limbs_written <= n); ++ assert_except(limbs_written <= n); + + delete[] s_copy; + #endif +diff --git a/src/snark/libsnark/algebra/fields/field_utils.hpp b/src/snark/libsnark/algebra/fields/field_utils.hpp +index a07ecfe..8358e48 100644 +--- a/src/snark/libsnark/algebra/fields/field_utils.hpp ++++ b/src/snark/libsnark/algebra/fields/field_utils.hpp +@@ -16,13 +16,13 @@ namespace libsnark { + + // returns root of unity of order n (for n a power of 2), if one exists + template +-FieldT get_root_of_unity(const size_t n); ++FieldT get_root_of_unity(const uint64_t n); + + template +-std::vector pack_int_vector_into_field_element_vector(const std::vector &v, const size_t w); ++std::vector pack_int_vector_into_field_element_vector(const std::vector &v, const uint64_t w); + + template +-std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v, const size_t chunk_bits); ++std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v, const uint64_t chunk_bits); + + template + std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v); +@@ -37,7 +37,7 @@ template + bit_vector convert_field_element_to_bit_vector(const FieldT &el); + + template +-bit_vector convert_field_element_to_bit_vector(const FieldT &el, const size_t bitcount); ++bit_vector convert_field_element_to_bit_vector(const FieldT &el, const uint64_t bitcount); + + template + FieldT convert_bit_vector_to_field_element(const bit_vector &v); diff --git a/src/snark/libsnark/algebra/fields/field_utils.tcc b/src/snark/libsnark/algebra/fields/field_utils.tcc -index 13197b226f..66b5323456 100644 +index 13197b2..a092860 100644 --- a/src/snark/libsnark/algebra/fields/field_utils.tcc +++ b/src/snark/libsnark/algebra/fields/field_utils.tcc -@@ -171,7 +171,7 @@ void batch_invert(std::vector &vec) +@@ -11,6 +11,7 @@ + #define FIELD_UTILS_TCC_ + + #include "common/utils.hpp" ++#include "common/assert_except.hpp" + + namespace libsnark { + +@@ -21,14 +22,14 @@ FieldT coset_shift() + } + + template +-FieldT get_root_of_unity(const size_t n) ++FieldT get_root_of_unity(const uint64_t n) + { +- const size_t logn = log2(n); +- assert(n == (1u << logn)); +- assert(logn <= FieldT::s); ++ const uint64_t logn = log2(n); ++ assert_except(n == (1u << logn)); ++ assert_except(logn <= FieldT::s); + + FieldT omega = FieldT::root_of_unity; +- for (size_t i = FieldT::s; i > logn; --i) ++ for (uint64_t i = FieldT::s; i > logn; --i) + { + omega *= omega; + } +@@ -37,21 +38,21 @@ FieldT get_root_of_unity(const size_t n) + } + + template +-std::vector pack_int_vector_into_field_element_vector(const std::vector &v, const size_t w) ++std::vector pack_int_vector_into_field_element_vector(const std::vector &v, const uint64_t w) + { +- const size_t chunk_bits = FieldT::capacity(); +- const size_t repacked_size = div_ceil(v.size() * w, chunk_bits); ++ const uint64_t chunk_bits = FieldT::capacity(); ++ const uint64_t repacked_size = div_ceil(v.size() * w, chunk_bits); + std::vector result(repacked_size); + +- for (size_t i = 0; i < repacked_size; ++i) ++ for (uint64_t i = 0; i < repacked_size; ++i) + { + bigint b; +- for (size_t j = 0; j < chunk_bits; ++j) ++ for (uint64_t j = 0; j < chunk_bits; ++j) + { +- const size_t word_index = (i * chunk_bits + j) / w; +- const size_t pos_in_word = (i * chunk_bits + j) % w; +- const size_t word_or_0 = (word_index < v.size() ? v[word_index] : 0); +- const size_t bit = (word_or_0 >> pos_in_word) & 1; ++ const uint64_t word_index = (i * chunk_bits + j) / w; ++ const uint64_t pos_in_word = (i * chunk_bits + j) % w; ++ const uint64_t word_or_0 = (word_index < v.size() ? v[word_index] : 0); ++ const uint64_t bit = (word_or_0 >> pos_in_word) & 1; + + b.data[j / GMP_NUMB_BITS] |= bit << (j % GMP_NUMB_BITS); + } +@@ -62,11 +63,11 @@ std::vector pack_int_vector_into_field_element_vector(const std::vector< + } + + template +-std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v, const size_t chunk_bits) ++std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v, const uint64_t chunk_bits) + { +- assert(chunk_bits <= FieldT::capacity()); ++ assert_except(chunk_bits <= FieldT::capacity()); + +- const size_t repacked_size = div_ceil(v.size(), chunk_bits); ++ const uint64_t repacked_size = div_ceil(v.size(), chunk_bits); + std::vector result(repacked_size); + + for (size_t i = 0; i < repacked_size; ++i) +@@ -131,7 +132,7 @@ bit_vector convert_field_element_to_bit_vector(const FieldT &el) + } + + template +-bit_vector convert_field_element_to_bit_vector(const FieldT &el, const size_t bitcount) ++bit_vector convert_field_element_to_bit_vector(const FieldT &el, const uint64_t bitcount) + { + bit_vector result = convert_field_element_to_bit_vector(el); + result.resize(bitcount); +@@ -142,7 +143,7 @@ bit_vector convert_field_element_to_bit_vector(const FieldT &el, const size_t bi + template + FieldT convert_bit_vector_to_field_element(const bit_vector &v) + { +- assert(v.size() <= FieldT::size_in_bits()); ++ assert_except(v.size() <= FieldT::size_in_bits()); + + FieldT res = FieldT::zero(); + FieldT c = FieldT::one(); +@@ -164,14 +165,14 @@ void batch_invert(std::vector &vec) + + for (auto el : vec) + { +- assert(!el.is_zero()); ++ assert_except(!el.is_zero()); + prod.emplace_back(acc); + acc = acc * el; + } FieldT acc_inverse = acc.inverse(); @@ -764,10 +1539,10 @@ index 13197b226f..66b5323456 100644 const FieldT old_el = vec[i]; vec[i] = acc_inverse * prod[i]; diff --git a/src/snark/libsnark/algebra/fields/fp.hpp b/src/snark/libsnark/algebra/fields/fp.hpp -index 9679275d18..5baf20a9d1 100644 +index a498683..384e574 100644 --- a/src/snark/libsnark/algebra/fields/fp.hpp +++ b/src/snark/libsnark/algebra/fields/fp.hpp -@@ -44,11 +44,11 @@ class Fp_model { +@@ -44,15 +44,15 @@ public: static const mp_size_t num_limbs = n; static const constexpr bigint& mod = modulus; #ifdef PROFILE_OP_COUNTS @@ -782,9 +1557,15 @@ index 9679275d18..5baf20a9d1 100644 + static int64_t sqr_cnt; + static int64_t inv_cnt; #endif - static size_t num_bits; +- static size_t num_bits; ++ static uint64_t num_bits; static bigint euler; // (modulus-1)/2 -@@ -67,9 +67,9 @@ class Fp_model { +- static size_t s; // modulus = 2^s * t + 1 ++ static uint64_t s; // modulus = 2^s * t + 1 + static bigint t; // with t odd + static bigint t_minus_1_over_2; // (t-1)/2 + static Fp_model nqr; // a quadratic nonresidue +@@ -67,9 +67,9 @@ public: Fp_model() {}; Fp_model(const bigint &b); @@ -796,7 +1577,7 @@ index 9679275d18..5baf20a9d1 100644 void mul_reduce(const bigint &other); -@@ -82,7 +82,7 @@ class Fp_model { +@@ -82,7 +82,7 @@ public: /* Return the last limb of the standard representation of the field element. E.g. on 64-bit architectures Fp(123).as_ulong() and Fp(2^64+123).as_ulong() would both return 123. */ @@ -805,7 +1586,7 @@ index 9679275d18..5baf20a9d1 100644 bool operator==(const Fp_model& other) const; bool operator!=(const Fp_model& other) const; -@@ -93,7 +93,7 @@ class Fp_model { +@@ -93,7 +93,7 @@ public: Fp_model& operator+=(const Fp_model& other); Fp_model& operator-=(const Fp_model& other); Fp_model& operator*=(const Fp_model& other); @@ -814,7 +1595,7 @@ index 9679275d18..5baf20a9d1 100644 template Fp_model& operator^=(const bigint &pow); -@@ -107,7 +107,7 @@ class Fp_model { +@@ -107,12 +107,12 @@ public: Fp_model inverse() const; Fp_model sqrt() const; // HAS TO BE A SQUARE (else does not terminate) @@ -823,7 +1604,14 @@ index 9679275d18..5baf20a9d1 100644 template Fp_model operator^(const bigint &pow) const; -@@ -125,19 +125,19 @@ class Fp_model { +- static size_t size_in_bits() { return num_bits; } +- static size_t capacity() { return num_bits - 1; } ++ static uint64_t size_in_bits() { return num_bits; } ++ static uint64_t capacity() { return num_bits - 1; } + static bigint field_char() { return modulus; } + + static Fp_model zero(); +@@ -125,29 +125,29 @@ public: #ifdef PROFILE_OP_COUNTS template& modulus> @@ -848,10 +1636,38 @@ index 9679275d18..5baf20a9d1 100644 #endif template& modulus> +-size_t Fp_model::num_bits; ++uint64_t Fp_model::num_bits; + + template& modulus> + bigint Fp_model::euler; + + template& modulus> +-size_t Fp_model::s; ++uint64_t Fp_model::s; + + template& modulus> + bigint Fp_model::t; diff --git a/src/snark/libsnark/algebra/fields/fp.tcc b/src/snark/libsnark/algebra/fields/fp.tcc -index 566e99324a..25b723c8a0 100644 +index 566e993..3d220e2 100644 --- a/src/snark/libsnark/algebra/fields/fp.tcc +++ b/src/snark/libsnark/algebra/fields/fp.tcc +@@ -173,13 +173,13 @@ void Fp_model::mul_reduce(const bigint &other) + /* calculate res = res + k * mod * b^i */ + mp_limb_t carryout = mpn_addmul_1(res+i, modulus.data, n, k); + carryout = mpn_add_1(res+n+i, res+n+i, n-i, carryout); +- assert(carryout == 0); ++ assert_except(carryout == 0); + } + + if (mpn_cmp(res+n, modulus.data, n) >= 0) + { + const mp_limb_t borrow = mpn_sub(res+n, res+n, n, modulus.data, n); +- assert(borrow == 0); ++ assert_except(borrow == 0); + } + + mpn_copyi(this->mont_repr.data, res+n, n); @@ -194,7 +194,7 @@ Fp_model::Fp_model(const bigint &b) } @@ -861,7 +1677,15 @@ index 566e99324a..25b723c8a0 100644 { if (is_unsigned || x >= 0) { -@@ -210,7 +210,7 @@ Fp_model::Fp_model(const long x, const bool is_unsigned) +@@ -203,14 +203,14 @@ Fp_model::Fp_model(const long x, const bool is_unsigned) + else + { + const mp_limb_t borrow = mpn_sub_1(this->mont_repr.data, modulus.data, n, -x); +- assert(borrow == 0); ++ assert_except(borrow == 0); + } + + mul_reduce(Rsquared); } template& modulus> @@ -879,6 +1703,24 @@ index 566e99324a..25b723c8a0 100644 { return this->as_bigint().as_ulong(); } +@@ -391,7 +391,7 @@ Fp_model& Fp_model::operator+=(const Fp_model& + if (carry || mpn_cmp(scratch, modulus.data, n) >= 0) + { + const mp_limb_t borrow = mpn_sub(scratch, scratch, n+1, modulus.data, n); +- assert(borrow == 0); ++ assert_except(borrow == 0); + } + + mpn_copyi(this->mont_repr.data, scratch, n); +@@ -483,7 +483,7 @@ Fp_model& Fp_model::operator-=(const Fp_model& + } + + const mp_limb_t borrow = mpn_sub(scratch, scratch, n+1, other.mont_repr.data, n); +- assert(borrow == 0); ++ assert_except(borrow == 0); + + mpn_copyi(this->mont_repr.data, scratch, n); + } @@ -502,7 +502,7 @@ Fp_model& Fp_model::operator*=(const Fp_model& } @@ -897,20 +1739,74 @@ index 566e99324a..25b723c8a0 100644 { Fp_model r(*this); return (r ^= pow); -@@ -690,7 +690,7 @@ Fp_model Fp_model::random_element() /// returns random el - const std::size_t part = bitno/GMP_NUMB_BITS; - const std::size_t bit = bitno - (GMP_NUMB_BITS*part); +@@ -626,7 +626,7 @@ Fp_model& Fp_model::invert() + this->inv_cnt++; + #endif + +- assert(!this->is_zero()); ++ assert_except(!this->is_zero()); + + bigint g; /* gp should have room for vn = n limbs */ + +@@ -637,7 +637,7 @@ Fp_model& Fp_model::invert() + + /* computes gcd(u, v) = g = u*s + v*t, so s*u will be 1 (mod v) */ + const mp_size_t gn = mpn_gcdext(g.data, s, &sn, this->mont_repr.data, n, v.data, n); +- assert(gn == 1 && g.data[0] == 1); /* inverse exists */ ++ assert_except(gn == 1 && g.data[0] == 1); /* inverse exists */ + + mp_limb_t q; /* division result fits into q, as sn <= n+1 */ + /* sn < 0 indicates negative sn; will fix up later */ +@@ -658,7 +658,7 @@ Fp_model& Fp_model::invert() + if (sn < 0) + { + const mp_limb_t borrow = mpn_sub_n(this->mont_repr.data, modulus.data, this->mont_repr.data, n); +- assert(borrow == 0); ++ assert_except(borrow == 0); + } + + mul_reduce(Rcubed); +@@ -684,13 +684,13 @@ Fp_model Fp_model::random_element() /// returns random el + r.mont_repr.randomize(); + + /* clear all bits higher than MSB of modulus */ +- size_t bitno = GMP_NUMB_BITS * n - 1; ++ uint64_t bitno = GMP_NUMB_BITS * n - 1; + while (modulus.test_bit(bitno) == false) + { +- const std::size_t part = bitno/GMP_NUMB_BITS; +- const std::size_t bit = bitno - (GMP_NUMB_BITS*part); ++ const uint64_t part = bitno/GMP_NUMB_BITS; ++ const uint64_t bit = bitno - (GMP_NUMB_BITS*part); - r.mont_repr.data[part] &= ~(1ul< Fp_model::sqrt() const + + Fp_model one = Fp_model::one(); + +- size_t v = Fp_model::s; ++ uint64_t v = Fp_model::s; + Fp_model z = Fp_model::nqr_to_t; + Fp_model w = (*this)^Fp_model::t_minus_1_over_2; + Fp_model x = (*this) * w; +@@ -734,7 +734,7 @@ Fp_model Fp_model::sqrt() const + + while (b != one) + { +- size_t m = 0; ++ uint64_t m = 0; + Fp_model b2m = b; + while (b2m != one) + { diff --git a/src/snark/libsnark/algebra/fields/fp12_2over3over2.hpp b/src/snark/libsnark/algebra/fields/fp12_2over3over2.hpp -index 1de9d88b45..62ac8aa292 100644 +index 1de9d88..69d057a 100644 --- a/src/snark/libsnark/algebra/fields/fp12_2over3over2.hpp +++ b/src/snark/libsnark/algebra/fields/fp12_2over3over2.hpp -@@ -66,7 +66,7 @@ class Fp12_2over3over2_model { +@@ -66,7 +66,7 @@ public: Fp12_2over3over2_model squared_karatsuba() const; Fp12_2over3over2_model squared_complex() const; Fp12_2over3over2_model inverse() const; @@ -919,8 +1815,17 @@ index 1de9d88b45..62ac8aa292 100644 Fp12_2over3over2_model unitary_inverse() const; Fp12_2over3over2_model cyclotomic_squared() const; +@@ -78,7 +78,7 @@ public: + Fp12_2over3over2_model cyclotomic_exp(const bigint &exponent) const; + + static bigint base_field_char() { return modulus; } +- static size_t extension_degree() { return 12; } ++ static uint64_t extension_degree() { return 12; } + + friend std::ostream& operator<< (std::ostream &out, const Fp12_2over3over2_model &el); + friend std::istream& operator>> (std::istream &in, Fp12_2over3over2_model &el); diff --git a/src/snark/libsnark/algebra/fields/fp12_2over3over2.tcc b/src/snark/libsnark/algebra/fields/fp12_2over3over2.tcc -index 2fbc0b649a..dda3f40cb9 100644 +index 2fbc0b6..d985d68 100644 --- a/src/snark/libsnark/algebra/fields/fp12_2over3over2.tcc +++ b/src/snark/libsnark/algebra/fields/fp12_2over3over2.tcc @@ -156,7 +156,7 @@ Fp12_2over3over2_model Fp12_2over3over2_model::inverse() c @@ -952,11 +1857,29 @@ index 2fbc0b649a..dda3f40cb9 100644 { found_one = true; res = res * (*this); +@@ -390,7 +390,7 @@ std::istream& operator>>(std::istream& in, std::vector> s; + + char b; diff --git a/src/snark/libsnark/algebra/fields/fp2.hpp b/src/snark/libsnark/algebra/fields/fp2.hpp -index f07726918c..276c923e9b 100644 +index f077269..f194f5e 100644 --- a/src/snark/libsnark/algebra/fields/fp2.hpp +++ b/src/snark/libsnark/algebra/fields/fp2.hpp -@@ -66,7 +66,7 @@ class Fp2_model { +@@ -37,7 +37,7 @@ public: + typedef Fp_model my_Fp; + + static bigint<2*n> euler; // (modulus^2-1)/2 +- static size_t s; // modulus^2 = 2^s * t + 1 ++ static uint64_t s; // modulus^2 = 2^s * t + 1 + static bigint<2*n> t; // with t odd + static bigint<2*n> t_minus_1_over_2; // (t-1)/2 + static my_Fp non_residue; // X^4-non_residue irreducible over Fp; used for constructing Fp2 = Fp[X] / (X^2 - non_residue) +@@ -66,7 +66,7 @@ public: Fp2_model operator-() const; Fp2_model squared() const; // default is squared_complex Fp2_model inverse() const; @@ -965,8 +1888,26 @@ index f07726918c..276c923e9b 100644 Fp2_model sqrt() const; // HAS TO BE A SQUARE (else does not terminate) Fp2_model squared_karatsuba() const; Fp2_model squared_complex() const; +@@ -74,7 +74,7 @@ public: + template + Fp2_model operator^(const bigint &other) const; + +- static size_t size_in_bits() { return 2*my_Fp::size_in_bits(); } ++ static uint64_t size_in_bits() { return 2*my_Fp::size_in_bits(); } + static bigint base_field_char() { return modulus; } + + friend std::ostream& operator<< (std::ostream &out, const Fp2_model &el); +@@ -94,7 +94,7 @@ template& modulus> + bigint<2*n> Fp2_model::euler; + + template& modulus> +-size_t Fp2_model::s; ++uint64_t Fp2_model::s; + + template& modulus> + bigint<2*n> Fp2_model::t; diff --git a/src/snark/libsnark/algebra/fields/fp2.tcc b/src/snark/libsnark/algebra/fields/fp2.tcc -index 1632a04c79..fb3eacda97 100644 +index 1632a04..84aa303 100644 --- a/src/snark/libsnark/algebra/fields/fp2.tcc +++ b/src/snark/libsnark/algebra/fields/fp2.tcc @@ -136,7 +136,7 @@ Fp2_model Fp2_model::inverse() const @@ -978,11 +1919,38 @@ index 1632a04c79..fb3eacda97 100644 { return Fp2_model(c0, Frobenius_coeffs_c1[power % 2] * c1); +@@ -151,7 +151,7 @@ Fp2_model Fp2_model::sqrt() const + + Fp2_model one = Fp2_model::one(); + +- size_t v = Fp2_model::s; ++ unsigned long long v = Fp2_model::s; + Fp2_model z = Fp2_model::nqr_to_t; + Fp2_model w = (*this)^Fp2_model::t_minus_1_over_2; + Fp2_model x = (*this) * w; +@@ -175,7 +175,7 @@ Fp2_model Fp2_model::sqrt() const + + while (b != one) + { +- size_t m = 0; ++ unsigned long long m = 0; + Fp2_model b2m = b; + while (b2m != one) + { +@@ -239,7 +239,7 @@ std::istream& operator>>(std::istream& in, std::vector > & + { + v.clear(); + +- size_t s; ++ unsigned long long s; + in >> s; + + char b; diff --git a/src/snark/libsnark/algebra/fields/fp6_3over2.hpp b/src/snark/libsnark/algebra/fields/fp6_3over2.hpp -index 335d61c534..912c58a742 100644 +index 335d61c..8a888f0 100644 --- a/src/snark/libsnark/algebra/fields/fp6_3over2.hpp +++ b/src/snark/libsnark/algebra/fields/fp6_3over2.hpp -@@ -63,7 +63,7 @@ class Fp6_3over2_model { +@@ -63,7 +63,7 @@ public: Fp6_3over2_model operator-() const; Fp6_3over2_model squared() const; Fp6_3over2_model inverse() const; @@ -991,8 +1959,17 @@ index 335d61c534..912c58a742 100644 static my_Fp2 mul_by_non_residue(const my_Fp2 &elt); +@@ -71,7 +71,7 @@ public: + Fp6_3over2_model operator^(const bigint &other) const; + + static bigint base_field_char() { return modulus; } +- static size_t extension_degree() { return 6; } ++ static uint64_t extension_degree() { return 6; } + + friend std::ostream& operator<< (std::ostream &out, const Fp6_3over2_model &el); + friend std::istream& operator>> (std::istream &in, Fp6_3over2_model &el); diff --git a/src/snark/libsnark/algebra/fields/fp6_3over2.tcc b/src/snark/libsnark/algebra/fields/fp6_3over2.tcc -index f4fffde04a..86b864ef02 100644 +index f4fffde..de9b83d 100644 --- a/src/snark/libsnark/algebra/fields/fp6_3over2.tcc +++ b/src/snark/libsnark/algebra/fields/fp6_3over2.tcc @@ -149,7 +149,7 @@ Fp6_3over2_model Fp6_3over2_model::inverse() const @@ -1004,20 +1981,36 @@ index f4fffde04a..86b864ef02 100644 { return Fp6_3over2_model(c0.Frobenius_map(power), Frobenius_coeffs_c1[power % 6] * c1.Frobenius_map(power), +@@ -194,7 +194,7 @@ std::istream& operator>>(std::istream& in, std::vector> s; + + char b; diff --git a/src/snark/libsnark/algebra/fields/tests/test_bigint.cpp b/src/snark/libsnark/algebra/fields/tests/test_bigint.cpp -index d2da59e736..ac8c31ad28 100644 +index d2da59e..6392f27 100644 --- a/src/snark/libsnark/algebra/fields/tests/test_bigint.cpp +++ b/src/snark/libsnark/algebra/fields/tests/test_bigint.cpp -@@ -13,7 +13,7 @@ using namespace libsnark; +@@ -7,13 +7,11 @@ + + #include "algebra/fields/bigint.hpp" + +-#include +- + using namespace libsnark; - TEST(algebra, bigint) +-TEST(algebra, bigint) ++void test_bigint() { - static_assert(ULONG_MAX == 0xFFFFFFFFFFFFFFFFul, "unsigned long not 64-bit"); + static_assert(UINT64_MAX == 0xFFFFFFFFFFFFFFFFul, "uint64_t not 64-bit"); static_assert(GMP_NUMB_BITS == 64, "GMP limb not 64-bit"); const char *b1_decimal = "76749407"; -@@ -22,15 +22,15 @@ TEST(algebra, bigint) +@@ -22,76 +20,88 @@ TEST(algebra, bigint) const char *b2_binary = "0000000000000000000000000000010101111101101000000110100001011010" "1101101010001001000001101000101000100110011001110001111110100010"; @@ -1027,21 +2020,350 @@ index d2da59e736..ac8c31ad28 100644 bigint<2> b2 = bigint<2>(b2_decimal); - EXPECT_EQ(b0.as_ulong(), 0ul); -+ EXPECT_EQ(b0.as_ulong(), UINT64_C(0)); - EXPECT_TRUE(b0.is_zero()); +- EXPECT_TRUE(b0.is_zero()); - EXPECT_EQ(b1.as_ulong(), 76749407ul); -+ EXPECT_EQ(b1.as_ulong(), UINT64_C(76749407)); - EXPECT_FALSE(b1.is_zero()); +- EXPECT_FALSE(b1.is_zero()); - EXPECT_EQ(b2.as_ulong(), 15747124762497195938ul); -+ EXPECT_EQ(b2.as_ulong(), UINT64_C(15747124762497195938)); - EXPECT_FALSE(b2.is_zero()); - EXPECT_NE(b0, b1); - EXPECT_FALSE(b0 == b1); +- EXPECT_FALSE(b2.is_zero()); +- EXPECT_NE(b0, b1); +- EXPECT_FALSE(b0 == b1); +- +- EXPECT_EQ(b2.max_bits(), 128); +- EXPECT_EQ(b2.num_bits(), 99); ++ assert(b0.as_ulong() == UINT64_C(0)); ++ assert(b0.is_zero()); ++ assert(b1.as_ulong() == UINT64_C(76749407)); ++ assert(!(b1.is_zero())); ++ assert(b2.as_ulong() == UINT64_C(15747124762497195938)); ++ assert(!(b2.is_zero())); ++ assert(b0 != b1); ++ assert(!(b0 == b1)); ++ ++ assert(b2.max_bits() == 128); ++ assert(b2.num_bits() == 99); + for (size_t i = 0; i < 128; i++) { +- EXPECT_EQ(b2.test_bit(i), (b2_binary[127-i] == '1')); ++ assert(b2.test_bit(i) == (b2_binary[127-i] == '1')); + } + + bigint<3> b3 = b2 * b1; + +- EXPECT_EQ(b3, bigint<3>(b3_decimal)); +- EXPECT_FALSE(b3.is_zero()); ++ assert(b3 == bigint<3>(b3_decimal)); ++ assert(!(b3.is_zero())); + + bigint<3> b3a { b3 }; +- EXPECT_EQ(b3a, bigint<3>(b3_decimal)); +- EXPECT_EQ(b3a, b3); +- EXPECT_FALSE(b3a.is_zero()); ++ assert(b3a == bigint<3>(b3_decimal)); ++ assert(b3a == b3); ++ assert(!(b3a.is_zero())); + + mpz_t m3; + mpz_init(m3); + b3.to_mpz(m3); + bigint<3> b3b { m3 }; +- EXPECT_EQ(b3b, b3); ++ assert(b3b == b3); + + bigint<2> quotient; + bigint<2> remainder; + bigint<3>::div_qr(quotient, remainder, b3, b2); +- EXPECT_LT(quotient.num_bits(), GMP_NUMB_BITS); +- EXPECT_EQ(quotient.as_ulong(), b1.as_ulong()); ++ assert(quotient.num_bits() < GMP_NUMB_BITS); ++ assert(quotient.as_ulong() == b1.as_ulong()); + bigint<1> b1inc = bigint<1>("76749408"); + bigint<1> b1a = quotient.shorten(b1inc, "test"); +- EXPECT_EQ(b1a, b1); +- EXPECT_TRUE(remainder.is_zero()); ++ assert(b1a == b1); ++ assert(remainder.is_zero()); + remainder.limit(b2, "test"); + +- EXPECT_THROW((void)(quotient.shorten(b1, "test")), std::domain_error); +- EXPECT_THROW(remainder.limit(remainder, "test"), std::domain_error); ++ try { ++ (void)(quotient.shorten(b1, "test")); ++ assert(false); ++ } catch (std::domain_error) {} ++ try { ++ remainder.limit(remainder, "test"); ++ assert(false); ++ } catch (std::domain_error) {} + + bigint<1> br = bigint<1>("42"); + b3 += br; +- EXPECT_NE(b3, b3a); +- EXPECT_GT(b3, b3a); +- EXPECT_FALSE(b3a > b3); ++ assert(b3 != b3a); ++ assert(b3 > b3a); ++ assert(!(b3a > b3)); + + bigint<3>::div_qr(quotient, remainder, b3, b2); +- EXPECT_LT(quotient.num_bits(), GMP_NUMB_BITS); +- EXPECT_EQ(quotient.as_ulong(), b1.as_ulong()); +- EXPECT_LT(remainder.num_bits(), GMP_NUMB_BITS); +- EXPECT_EQ(remainder.as_ulong(), 42); ++ assert(quotient.num_bits() < GMP_NUMB_BITS); ++ assert(quotient.as_ulong() == b1.as_ulong()); ++ assert(remainder.num_bits() < GMP_NUMB_BITS); ++ assert(remainder.as_ulong() == 42); + + b3a.clear(); +- EXPECT_TRUE(b3a.is_zero()); +- EXPECT_EQ(b3a.num_bits(), 0); +- EXPECT_FALSE(b3.is_zero()); ++ assert(b3a.is_zero()); ++ assert(b3a.num_bits() == 0); ++ assert(!(b3.is_zero())); + + bigint<4> bx = bigint<4>().randomize(); + bigint<4> by = bigint<4>().randomize(); +- EXPECT_FALSE(bx == by); ++ assert(!(bx == by)); + + // TODO: test serialization + } + ++int main(void) ++{ ++ test_bigint(); ++ return 0; ++} ++ +diff --git a/src/snark/libsnark/algebra/fields/tests/test_fields.cpp b/src/snark/libsnark/algebra/fields/tests/test_fields.cpp +index 969800d..a05f601 100644 +--- a/src/snark/libsnark/algebra/fields/tests/test_fields.cpp ++++ b/src/snark/libsnark/algebra/fields/tests/test_fields.cpp +@@ -5,6 +5,9 @@ + * @copyright MIT license (see LICENSE file) + *****************************************************************************/ + #include "common/profiling.hpp" ++#include "algebra/curves/edwards/edwards_pp.hpp" ++#include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" ++#include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" + #ifdef CURVE_BN128 + #include "algebra/curves/bn128/bn128_pp.hpp" + #endif +@@ -12,8 +15,6 @@ + #include "algebra/fields/fp6_3over2.hpp" + #include "algebra/fields/fp12_2over3over2.hpp" + +-#include +- + using namespace libsnark; + + template +@@ -28,25 +29,25 @@ void test_field() + FieldT a = FieldT::random_element(); + FieldT a_ser; + a_ser = reserialize(a); +- EXPECT_EQ(a_ser, a); ++ assert(a_ser == a); + + FieldT b = FieldT::random_element(); + FieldT c = FieldT::random_element(); + FieldT d = FieldT::random_element(); + +- EXPECT_NE(a, zero); +- EXPECT_NE(a, one); ++ assert(a != zero); ++ assert(a != one); + +- EXPECT_EQ(a * a, a.squared()); +- EXPECT_EQ((a + b).squared(), a.squared() + a*b + b*a + b.squared()); +- EXPECT_EQ((a + b)*(c + d), a*c + a*d + b*c + b*d); +- EXPECT_EQ(a - b, a + (-b)); +- EXPECT_EQ(a - b, (-b) + a); ++ assert(a * a == a.squared()); ++ assert((a + b).squared() == a.squared() + a*b + b*a + b.squared()); ++ assert((a + b)*(c + d) == a*c + a*d + b*c + b*d); ++ assert(a - b == a + (-b)); ++ assert(a - b == (-b) + a); + +- EXPECT_EQ((a ^ rand1) * (a ^ rand2), (a^randsum)); ++ assert((a ^ rand1) * (a ^ rand2) == (a^randsum)); + +- EXPECT_EQ(a * a.inverse(), one); +- EXPECT_EQ((a + b) * c.inverse(), a * c.inverse() + (b.inverse() * c).inverse()); ++ assert(a * a.inverse() == one); ++ assert((a + b) * c.inverse() == a * c.inverse() + (b.inverse() * c).inverse()); + + } + +@@ -57,7 +58,7 @@ void test_sqrt() + { + FieldT a = FieldT::random_element(); + FieldT asq = a.squared(); +- EXPECT_TRUE(asq.sqrt() == a || asq.sqrt() == -a); ++ assert(asq.sqrt() == a || asq.sqrt() == -a); + } + } + +@@ -65,21 +66,21 @@ template + void test_two_squarings() + { + FieldT a = FieldT::random_element(); +- EXPECT_EQ(a.squared(), a * a); +- EXPECT_EQ(a.squared(), a.squared_complex()); +- EXPECT_EQ(a.squared(), a.squared_karatsuba()); ++ assert(a.squared() == a * a); ++ assert(a.squared() == a.squared_complex()); ++ assert(a.squared() == a.squared_karatsuba()); + } + + template + void test_Frobenius() + { + FieldT a = FieldT::random_element(); +- EXPECT_EQ(a.Frobenius_map(0), a); ++ assert(a.Frobenius_map(0) == a); + FieldT a_q = a ^ FieldT::base_field_char(); + for (size_t power = 1; power < 10; ++power) + { + const FieldT a_qi = a.Frobenius_map(power); +- EXPECT_EQ(a_qi, a_q); ++ assert(a_qi == a_q); + + a_q = a_q ^ FieldT::base_field_char(); + } +@@ -88,10 +89,49 @@ void test_Frobenius() + template + void test_unitary_inverse() + { +- EXPECT_EQ(FieldT::extension_degree() % 2, 0); ++ assert(FieldT::extension_degree() % 2 == 0); + FieldT a = FieldT::random_element(); + FieldT aqcubed_minus1 = a.Frobenius_map(FieldT::extension_degree()/2) * a.inverse(); +- EXPECT_EQ(aqcubed_minus1.inverse(), aqcubed_minus1.unitary_inverse()); ++ assert(aqcubed_minus1.inverse() == aqcubed_minus1.unitary_inverse()); ++} ++ ++template ++void test_cyclotomic_squaring(); ++ ++template<> ++void test_cyclotomic_squaring >() ++{ ++ typedef Fqk FieldT; ++ assert(FieldT::extension_degree() % 2 == 0); ++ FieldT a = FieldT::random_element(); ++ FieldT a_unitary = a.Frobenius_map(FieldT::extension_degree()/2) * a.inverse(); ++ // beta = a^((q^(k/2)-1)*(q+1)) ++ FieldT beta = a_unitary.Frobenius_map(1) * a_unitary; ++ assert(beta.cyclotomic_squared() == beta.squared()); ++} ++ ++template<> ++void test_cyclotomic_squaring >() ++{ ++ typedef Fqk FieldT; ++ assert(FieldT::extension_degree() % 2 == 0); ++ FieldT a = FieldT::random_element(); ++ FieldT a_unitary = a.Frobenius_map(FieldT::extension_degree()/2) * a.inverse(); ++ // beta = a^(q^(k/2)-1) ++ FieldT beta = a_unitary; ++ assert(beta.cyclotomic_squared() == beta.squared()); ++} ++ ++template<> ++void test_cyclotomic_squaring >() ++{ ++ typedef Fqk FieldT; ++ assert(FieldT::extension_degree() % 2 == 0); ++ FieldT a = FieldT::random_element(); ++ FieldT a_unitary = a.Frobenius_map(FieldT::extension_degree()/2) * a.inverse(); ++ // beta = a^((q^(k/2)-1)*(q+1)) ++ FieldT beta = a_unitary.Frobenius_map(1) * a_unitary; ++ assert(beta.cyclotomic_squared() == beta.squared()); + } + + template +@@ -157,16 +197,16 @@ void test_Fp4_tom_cook() + c2 = - (FieldT(5)*(FieldT(4).inverse()))* v0 + (FieldT(2)*(FieldT(3).inverse()))*(v1 + v2) - FieldT(24).inverse()*(v3 + v4) + FieldT(4)*v6 + beta*v6; + c3 = FieldT(12).inverse() * (FieldT(5)*v0 - FieldT(7)*v1) - FieldT(24).inverse()*(v2 - FieldT(7)*v3 + v4 + v5) + FieldT(15)*v6; + +- EXPECT_EQ(res, correct_res); ++ assert(res == correct_res); + + // {v0, v3, v4, v5} + const FieldT u = (FieldT::one() - beta).inverse(); +- EXPECT_EQ(v0, u * c0 + beta * u * c2 - beta * u * FieldT(2).inverse() * v1 - beta * u * FieldT(2).inverse() * v2 + beta * v6); +- EXPECT_EQ(v3, - FieldT(15) * u * c0 - FieldT(30) * u * c1 - FieldT(3) * (FieldT(4) + beta) * u * c2 - FieldT(6) * (FieldT(4) + beta) * u * c3 + (FieldT(24) - FieldT(3) * beta * FieldT(2).inverse()) * u * v1 + (-FieldT(8) + beta * FieldT(2).inverse()) * u * v2 ++ assert(v0 == u * c0 + beta * u * c2 - beta * u * FieldT(2).inverse() * v1 - beta * u * FieldT(2).inverse() * v2 + beta * v6); ++ assert(v3 == - FieldT(15) * u * c0 - FieldT(30) * u * c1 - FieldT(3) * (FieldT(4) + beta) * u * c2 - FieldT(6) * (FieldT(4) + beta) * u * c3 + (FieldT(24) - FieldT(3) * beta * FieldT(2).inverse()) * u * v1 + (-FieldT(8) + beta * FieldT(2).inverse()) * u * v2 + - FieldT(3) * (-FieldT(16) + beta) * v6); +- EXPECT_EQ(v4, - FieldT(15) * u * c0 + FieldT(30) * u * c1 - FieldT(3) * (FieldT(4) + beta) * u * c2 + FieldT(6) * (FieldT(4) + beta) * u * c3 + (FieldT(24) - FieldT(3) * beta * FieldT(2).inverse()) * u * v2 + (-FieldT(8) + beta * FieldT(2).inverse()) * u * v1 ++ assert(v4 == - FieldT(15) * u * c0 + FieldT(30) * u * c1 - FieldT(3) * (FieldT(4) + beta) * u * c2 + FieldT(6) * (FieldT(4) + beta) * u * c3 + (FieldT(24) - FieldT(3) * beta * FieldT(2).inverse()) * u * v2 + (-FieldT(8) + beta * FieldT(2).inverse()) * u * v1 + - FieldT(3) * (-FieldT(16) + beta) * v6); +- EXPECT_EQ(v5, - FieldT(80) * u * c0 - FieldT(240) * u * c1 - FieldT(8) * (FieldT(9) + beta) * u * c2 - FieldT(24) * (FieldT(9) + beta) * u * c3 - FieldT(2) * (-FieldT(81) + beta) * u * v1 + (-FieldT(81) + beta) * u * v2 ++ assert(v5 == - FieldT(80) * u * c0 - FieldT(240) * u * c1 - FieldT(8) * (FieldT(9) + beta) * u * c2 - FieldT(24) * (FieldT(9) + beta) * u * c3 - FieldT(2) * (-FieldT(81) + beta) * u * v1 + (-FieldT(81) + beta) * u * v2 + - FieldT(8) * (-FieldT(81) + beta) * v6); + + // c0 + beta c2 - (beta v1)/2 - (beta v2)/ 2 - (-1 + beta) beta v6, +@@ -176,8 +216,22 @@ void test_Fp4_tom_cook() + } + } + +-TEST(algebra, fields) ++int main(void) + { ++ edwards_pp::init_public_params(); ++ test_all_fields(); ++ test_cyclotomic_squaring >(); ++ ++ mnt4_pp::init_public_params(); ++ test_all_fields(); ++ test_Fp4_tom_cook(); ++ test_two_squarings >(); ++ test_cyclotomic_squaring >(); ++ ++ mnt6_pp::init_public_params(); ++ test_all_fields(); ++ test_cyclotomic_squaring >(); ++ + alt_bn128_pp::init_public_params(); + test_field(); + test_Frobenius(); +diff --git a/src/snark/libsnark/algebra/scalar_multiplication/kc_multiexp.tcc b/src/snark/libsnark/algebra/scalar_multiplication/kc_multiexp.tcc +index e9c08d4..6052033 100644 +--- a/src/snark/libsnark/algebra/scalar_multiplication/kc_multiexp.tcc ++++ b/src/snark/libsnark/algebra/scalar_multiplication/kc_multiexp.tcc +@@ -8,6 +8,8 @@ + #ifndef KC_MULTIEXP_TCC_ + #define KC_MULTIEXP_TCC_ + ++#include "common/assert_except.hpp" ++ + namespace libsnark { + + template +@@ -50,7 +52,7 @@ knowledge_commitment kc_multi_exp_with_mixed_addition(const knowledge_co + while (index_it != vec.indices.end() && *index_it < max_idx) + { + const size_t scalar_position = (*index_it) - min_idx; +- assert(scalar_position < scalar_length); ++ assert_except(scalar_position < scalar_length); + + const FieldT scalar = *(scalar_start + scalar_position); + diff --git a/src/snark/libsnark/algebra/scalar_multiplication/multiexp.tcc b/src/snark/libsnark/algebra/scalar_multiplication/multiexp.tcc -index a6b14c4dfa..e1783a8811 100644 +index a6b14c4..5dd19a6 100644 --- a/src/snark/libsnark/algebra/scalar_multiplication/multiexp.tcc +++ b/src/snark/libsnark/algebra/scalar_multiplication/multiexp.tcc -@@ -40,7 +40,7 @@ public: +@@ -22,6 +22,7 @@ + + #include "common/profiling.hpp" + #include "common/utils.hpp" ++#include "common/assert_except.hpp" + #include "algebra/scalar_multiplication/wnaf.hpp" + + namespace libsnark { +@@ -40,7 +41,7 @@ public: #if defined(__x86_64__) && defined(USE_ASM) if (n == 3) { @@ -1050,7 +2372,7 @@ index a6b14c4dfa..e1783a8811 100644 __asm__ ("// check for overflow \n\t" "mov $0, %[res] \n\t" -@@ -58,7 +58,7 @@ public: +@@ -58,7 +59,7 @@ public: } else if (n == 4) { @@ -1059,7 +2381,7 @@ index a6b14c4dfa..e1783a8811 100644 __asm__ ("// check for overflow \n\t" "mov $0, %[res] \n\t" -@@ -77,7 +77,7 @@ public: +@@ -77,7 +78,7 @@ public: } else if (n == 5) { @@ -1068,16 +2390,45 @@ index a6b14c4dfa..e1783a8811 100644 __asm__ ("// check for overflow \n\t" "mov $0, %[res] \n\t" -@@ -190,7 +190,7 @@ T multi_exp_inner(typename std::vector::const_iterator vec_start, +@@ -119,7 +120,7 @@ T naive_exp(typename std::vector::const_iterator vec_start, + bigint scalar_bigint = scalar_it->as_bigint(); + result = result + opt_window_wnaf_exp(*vec_it, scalar_bigint, scalar_bigint.num_bits()); + } +- assert(scalar_it == scalar_end); ++ assert_except(scalar_it == scalar_end); + + return result; + } +@@ -139,7 +140,7 @@ T naive_plain_exp(typename std::vector::const_iterator vec_start, + { + result = result + (*scalar_it) * (*vec_it); + } +- assert(scalar_it == scalar_end); ++ assert_except(scalar_it == scalar_end); + + return result; + } +@@ -185,15 +186,15 @@ T multi_exp_inner(typename std::vector::const_iterator vec_start, + opt_q.emplace_back(ordered_exponent(i, scalar_it->as_bigint())); + } + std::make_heap(opt_q.begin(),opt_q.end()); +- assert(scalar_it == scalar_end); ++ assert_except(scalar_it == scalar_end); + if (vec_len != odd_vec_len) { g.emplace_back(T::zero()); - opt_q.emplace_back(ordered_exponent(odd_vec_len - 1, bigint(0ul))); + opt_q.emplace_back(ordered_exponent(odd_vec_len - 1, bigint(UINT64_C(0)))); } - assert(g.size() % 2 == 1); - assert(opt_q.size() == g.size()); -@@ -214,7 +214,7 @@ T multi_exp_inner(typename std::vector::const_iterator vec_start, +- assert(g.size() % 2 == 1); +- assert(opt_q.size() == g.size()); ++ assert_except(g.size() % 2 == 1); ++ assert_except(opt_q.size() == g.size()); + + T opt_result = T::zero(); + +@@ -214,7 +215,7 @@ T multi_exp_inner(typename std::vector::const_iterator vec_start, const size_t bbits = b.r.num_bits(); const size_t limit = (abits-bbits >= 20 ? 20 : abits-bbits); @@ -1086,7 +2437,16 @@ index a6b14c4dfa..e1783a8811 100644 { /* In this case, exponentiating to the power of a is cheaper than -@@ -389,7 +389,7 @@ size_t get_exp_window_size(const size_t num_scalars) +@@ -329,7 +330,7 @@ T multi_exp_with_mixed_addition(typename std::vector::const_iterator vec_star + const size_t chunks, + const bool use_multiexp) + { +- assert(std::distance(vec_start, vec_end) == std::distance(scalar_start, scalar_end)); ++ assert_except(std::distance(vec_start, vec_end) == std::distance(scalar_start, scalar_end)); + enter_block("Process scalar vector"); + auto value_it = vec_start; + auto scalar_it = scalar_start; +@@ -389,7 +390,7 @@ size_t get_exp_window_size(const size_t num_scalars) #endif } size_t window = 1; @@ -1095,7 +2455,7 @@ index a6b14c4dfa..e1783a8811 100644 { #ifdef DEBUG if (!inhibit_profiling_info) -@@ -420,9 +420,9 @@ window_table get_window_table(const size_t scalar_size, +@@ -420,9 +421,9 @@ window_table get_window_table(const size_t scalar_size, const size_t window, const T &g) { @@ -1108,7 +2468,7 @@ index a6b14c4dfa..e1783a8811 100644 if (!inhibit_profiling_info) { diff --git a/src/snark/libsnark/algebra/scalar_multiplication/wnaf.hpp b/src/snark/libsnark/algebra/scalar_multiplication/wnaf.hpp -index a7ecd598e3..d6c43267eb 100644 +index a7ecd59..d6c4326 100644 --- a/src/snark/libsnark/algebra/scalar_multiplication/wnaf.hpp +++ b/src/snark/libsnark/algebra/scalar_multiplication/wnaf.hpp @@ -18,7 +18,7 @@ namespace libsnark { @@ -1121,7 +2481,7 @@ index a7ecd598e3..d6c43267eb 100644 /** * In additive notation, use wNAF exponentiation (with the given window size) to compute scalar * base. diff --git a/src/snark/libsnark/algebra/scalar_multiplication/wnaf.tcc b/src/snark/libsnark/algebra/scalar_multiplication/wnaf.tcc -index a5e47e8e2e..4f2e4072c7 100644 +index a5e47e8..4f2e407 100644 --- a/src/snark/libsnark/algebra/scalar_multiplication/wnaf.tcc +++ b/src/snark/libsnark/algebra/scalar_multiplication/wnaf.tcc @@ -17,15 +17,15 @@ @@ -1178,7 +2538,7 @@ index a5e47e8e2e..4f2e4072c7 100644 if (scalar_bits >= T::wnaf_window_table[i]) { diff --git a/src/snark/libsnark/common/data_structures/merkle_tree.tcc b/src/snark/libsnark/common/data_structures/merkle_tree.tcc -index 281700b331..ce28b124fb 100644 +index 281700b..ce28b12 100644 --- a/src/snark/libsnark/common/data_structures/merkle_tree.tcc +++ b/src/snark/libsnark/common/data_structures/merkle_tree.tcc @@ -66,14 +66,14 @@ merkle_tree::merkle_tree(const size_t depth, @@ -1251,12 +2611,192 @@ index 281700b331..ce28b124fb 100644 { auto it = values.find(i); printf("[%zu] -> ", i); +diff --git a/src/snark/libsnark/common/data_structures/sparse_vector.hpp b/src/snark/libsnark/common/data_structures/sparse_vector.hpp +index 8b134f4..20f1bc2 100644 +--- a/src/snark/libsnark/common/data_structures/sparse_vector.hpp ++++ b/src/snark/libsnark/common/data_structures/sparse_vector.hpp +@@ -32,9 +32,9 @@ std::istream& operator>>(std::istream &in, sparse_vector &v); + template + struct sparse_vector { + +- std::vector indices; ++ std::vector indices; + std::vector values; +- size_t domain_size_ = 0; ++ uint64_t domain_size_ = 0; + + sparse_vector() = default; + sparse_vector(const sparse_vector &other) = default; +@@ -44,7 +44,7 @@ struct sparse_vector { + sparse_vector& operator=(const sparse_vector &other) = default; + sparse_vector& operator=(sparse_vector &&other) = default; + +- T operator[](const size_t idx) const; ++ T operator[](const uint64_t idx) const; + + bool operator==(const sparse_vector &other) const; + bool operator==(const std::vector &other) const; +@@ -52,15 +52,15 @@ + bool is_valid() const; + bool empty() const; + +- size_t domain_size() const; // return domain_size_ +- size_t size() const; // return the number of indices (representing the number of non-zero entries) +- size_t size_in_bits() const; // return the number bits needed to store the sparse vector ++ uint64_t domain_size() const; // return domain_size_ ++ uint64_t size() const; // return the number of indices (representing the number of non-zero entries) ++ uint64_t size_in_bits() const; // return the number bits needed to store the sparse vector + + /* return a pair consisting of the accumulated value and the sparse vector of non-accumulated values */ + template + std::pair > accumulate(const typename std::vector::const_iterator &it_begin, + const typename std::vector::const_iterator &it_end, +- const size_t offset) const; ++ const uint64_t offset) const; + + friend std::ostream& operator<< (std::ostream &out, const sparse_vector &v); + friend std::istream& operator>> (std::istream &in, sparse_vector &v); +diff --git a/src/snark/libsnark/common/data_structures/sparse_vector.tcc b/src/snark/libsnark/common/data_structures/sparse_vector.tcc +index cfc5d75..906ed16 100644 +--- a/src/snark/libsnark/common/data_structures/sparse_vector.tcc ++++ b/src/snark/libsnark/common/data_structures/sparse_vector.tcc +@@ -29,7 +29,7 @@ sparse_vector::sparse_vector(std::vector &&v) : + } + + template +-T sparse_vector::operator[](const size_t idx) const ++T sparse_vector::operator[](const uint64_t idx) const + { + auto it = std::lower_bound(indices.begin(), indices.end(), idx); + return (it != indices.end() && *it == idx) ? values[it - indices.begin()] : T(); +@@ -43,7 +43,7 @@ bool sparse_vector::operator==(const sparse_vector &other) const + return false; + } + +- size_t this_pos = 0, other_pos = 0; ++ uint64_t this_pos = 0, other_pos = 0; + while (this_pos < this->indices.size() && other_pos < other.indices.size()) + { + if (this->indices[this_pos] == other.indices[other_pos]) +@@ -103,8 +103,8 @@ bool sparse_vector::operator==(const std::vector &other) const + return false; + } + +- size_t j = 0; +- for (size_t i = 0; i < other.size(); ++i) ++ uint64_t j = 0; ++ for (uint64_t i = 0; i < other.size(); ++i) + { + if (this->indices[j] == i) + { +@@ -134,7 +134,7 @@ bool sparse_vector::is_valid() const + return false; + } + +- for (size_t i = 0; i + 1 < indices.size(); ++i) ++ for (uint64_t i = 0; i + 1 < indices.size(); ++i) + { + if (indices[i] >= indices[i+1]) + { +@@ -157,42 +157,42 @@ bool sparse_vector::empty() const + } + + template +-size_t sparse_vector::domain_size() const ++uint64_t sparse_vector::domain_size() const + { + return domain_size_; + } + + template +-size_t sparse_vector::size() const ++uint64_t sparse_vector::size() const + { + return indices.size(); + } + + template +-size_t sparse_vector::size_in_bits() const ++uint64_t sparse_vector::size_in_bits() const + { +- return indices.size() * (sizeof(size_t) * 8 + T::size_in_bits()); ++ return indices.size() * (sizeof(uint64_t) * 8 + T::size_in_bits()); + } + + template + template + std::pair > sparse_vector::accumulate(const typename std::vector::const_iterator &it_begin, + const typename std::vector::const_iterator &it_end, +- const size_t offset) const ++ const uint64_t offset) const + { + // TODO: does not really belong here. +- const size_t chunks = 1; ++ const uint64_t chunks = 1; + const bool use_multiexp = true; + + T accumulated_value = T::zero(); + sparse_vector resulting_vector; + resulting_vector.domain_size_ = domain_size_; + +- const size_t range_len = it_end - it_begin; ++ const uint64_t range_len = it_end - it_begin; + bool in_block = false; +- size_t first_pos = -1, last_pos = -1; // g++ -flto emits unitialized warning, even though in_block guards for such cases. ++ uint64_t first_pos = -1, last_pos = -1; // g++ -flto emits unitialized warning, even though in_block guards for such cases. + +- for (size_t i = 0; i < indices.size(); ++i) ++ for (uint64_t i = 0; i < indices.size(); ++i) + { + const bool matching_pos = (offset <= indices[i] && indices[i] < offset + range_len); + // printf("i = %zu, pos[i] = %zu, offset = %zu, w_size = %zu\n", i, indices[i], offset, w_size); +@@ -265,7 +265,7 @@ std::ostream& operator<<(std::ostream& out, const sparse_vector &v) + { + out << v.domain_size_ << "\n"; + out << v.indices.size() << "\n"; +- for (const size_t& i : v.indices) ++ for (const uint64_t& i : v.indices) + { + out << i << "\n"; + } +@@ -285,11 +285,11 @@ std::istream& operator>>(std::istream& in, sparse_vector &v) + in >> v.domain_size_; + consume_newline(in); + +- size_t s; ++ uint64_t s; + in >> s; + consume_newline(in); + v.indices.resize(s); +- for (size_t i = 0; i < s; ++i) ++ for (uint64_t i = 0; i < s; ++i) + { + in >> v.indices[i]; + consume_newline(in); +@@ -300,7 +300,7 @@ std::istream& operator>>(std::istream& in, sparse_vector &v) + consume_newline(in); + v.values.reserve(s); + +- for (size_t i = 0; i < s; ++i) ++ for (uint64_t i = 0; i < s; ++i) + { + T t; + in >> t; diff --git a/src/snark/libsnark/common/profiling.cpp b/src/snark/libsnark/common/profiling.cpp -index 8fc3e6fd4e..44781e1a5c 100644 +index d227203..e4a2146 100644 --- a/src/snark/libsnark/common/profiling.cpp +++ b/src/snark/libsnark/common/profiling.cpp -@@ -28,14 +28,14 @@ +@@ -26,29 +26,46 @@ + #include + #endif ++#ifdef __MACH__ // required to build on MacOS ++#include ++#include ++#include ++#include ++#endif ++ namespace libsnark { -long long get_nsec_time() @@ -1271,8 +2811,20 @@ index 8fc3e6fd4e..44781e1a5c 100644 +int64_t get_nsec_cpu_time() { ::timespec ts; ++ #ifdef __MACH__ ++ clock_serv_t cclock; ++ mach_timespec_t mts; ++ host_get_clock_service(mach_host_self(), CALENDAR_CLOCK, &cclock); ++ clock_get_time(cclock, &mts); ++ mach_port_deallocate(mach_task_self(), cclock); ++ ts.tv_sec = mts.tv_sec; ++ ts.tv_nsec = mts.tv_nsec; ++ #else if ( ::clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &ts) ) -@@ -45,10 +45,10 @@ long long get_nsec_cpu_time() + throw ::std::runtime_error("clock_gettime(CLOCK_PROCESS_CPUTIME_ID) failed"); + // If we expected this to work, don't silently ignore failures, because that would hide the problem and incur an unnecessarily system-call overhead. So if we ever observe this exception, we should probably add a suitable #ifdef . + //TODO: clock_gettime(CLOCK_PROCESS_CPUTIME_ID) is not supported by native Windows. What about Cygwin? Should we #ifdef on CLOCK_PROCESS_CPUTIME_ID or on __linux__? ++ #endif return ts.tv_sec * 1000000000ll + ts.tv_nsec; } @@ -1287,7 +2839,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 void start_profiling() { -@@ -59,20 +59,20 @@ void start_profiling() +@@ -59,20 +76,20 @@ } std::map invocation_counts; @@ -1316,7 +2868,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 #ifdef PROFILE_OP_COUNTS std::make_pair("Fradd", &Fr::add_cnt), std::make_pair("Frsub", &Fr::sub_cnt), -@@ -100,7 +100,7 @@ void clear_profiling_counters() +@@ -98,7 +115,7 @@ void clear_profiling_counters() cumulative_times.clear(); } @@ -1325,7 +2877,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 { const double total_ms = (cumulative_times.at(key) * 1e-6); const size_t cnt = invocation_counts.at(key); -@@ -108,7 +108,7 @@ void print_cumulative_time_entry(const std::string &key, const long long factor) +@@ -106,7 +123,7 @@ void print_cumulative_time_entry(const std::string &key, const long long factor) printf(" %-45s: %12.5fms = %lld * %0.5fms (%zu invocations, %0.5fms = %lld * %0.5fms per invocation)\n", key.c_str(), total_ms, factor, total_ms/factor, cnt, avg_ms, factor, avg_ms/factor); } @@ -1334,7 +2886,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 { printf("Dumping times:\n"); for (auto& kv : cumulative_times) -@@ -157,7 +157,7 @@ void print_op_profiling(const std::string &msg) +@@ -155,7 +172,7 @@ void print_op_profiling(const std::string &msg) printf("(opcounts) = ("); bool first = true; @@ -1343,7 +2895,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 { if (!first) { -@@ -173,14 +173,14 @@ void print_op_profiling(const std::string &msg) +@@ -171,14 +188,14 @@ void print_op_profiling(const std::string &msg) #endif } @@ -1364,7 +2916,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 if (time_from_last != 0) { double parallelism_from_last = 1.0 * cpu_time_from_last / time_from_last; -@@ -201,8 +201,8 @@ void print_time(const char* msg) +@@ -199,8 +216,8 @@ void print_time(const char* msg) return; } @@ -1375,7 +2927,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 printf("%-35s\t", msg); print_times_from_last_and_start(now, last_time, cpu_now, last_cpu_time); -@@ -233,7 +233,7 @@ void print_indent() +@@ -231,7 +248,7 @@ void print_indent() void op_profiling_enter(const std::string &msg) { @@ -1384,7 +2936,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 { op_counts[std::make_pair(msg, p.first)] = *(p.second); } -@@ -247,9 +247,9 @@ void enter_block(const std::string &msg, const bool indent) +@@ -245,9 +262,9 @@ void enter_block(const std::string &msg, const bool indent) } block_names.emplace_back(msg); @@ -1396,7 +2948,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 enter_cpu_times[msg] = cpu_t; if (inhibit_profiling_info) -@@ -290,15 +290,15 @@ void leave_block(const std::string &msg, const bool indent) +@@ -288,15 +305,15 @@ void leave_block(const std::string &msg, const bool indent) ++invocation_counts[msg]; @@ -1416,7 +2968,7 @@ index 8fc3e6fd4e..44781e1a5c 100644 cumulative_op_counts[std::make_pair(msg, p.first)] += *(p.second)-op_counts[std::make_pair(msg, p.first)]; } diff --git a/src/snark/libsnark/common/profiling.hpp b/src/snark/libsnark/common/profiling.hpp -index 9619117f4b..4a496107b3 100644 +index 9619117..4a49610 100644 --- a/src/snark/libsnark/common/profiling.hpp +++ b/src/snark/libsnark/common/profiling.hpp @@ -22,7 +22,7 @@ @@ -1446,19 +2998,59 @@ index 9619117f4b..4a496107b3 100644 void print_cumulative_op_counts(const bool only_fq=false); void enter_block(const std::string &msg, const bool indent=true); +diff --git a/src/snark/libsnark/common/serialization.tcc b/src/snark/libsnark/common/serialization.tcc +index 398f978..7983c9f 100644 +--- a/src/snark/libsnark/common/serialization.tcc ++++ b/src/snark/libsnark/common/serialization.tcc +@@ -17,6 +17,7 @@ + #include + #include + #include "common/utils.hpp" ++#include "common/assert_except.hpp" + + namespace libsnark { + +@@ -69,7 +70,7 @@ T reserialize(const T &obj) + ss << obj; + T tmp; + ss >> tmp; +- assert(obj == tmp); ++ assert_except(obj == tmp); + return tmp; + } + diff --git a/src/snark/libsnark/common/utils.cpp b/src/snark/libsnark/common/utils.cpp -index dd114fdf0d..06af6eff84 100644 +index dd114fd..5bcaf82 100644 --- a/src/snark/libsnark/common/utils.cpp +++ b/src/snark/libsnark/common/utils.cpp -@@ -16,7 +16,7 @@ +@@ -15,11 +15,11 @@ + namespace libsnark { - size_t log2(size_t n) --/* returns ceil(log2(n)), so 1ul< 1) + { +@@ -30,10 +30,10 @@ size_t log2(size_t n) + return r; + } + +-size_t bitreverse(size_t n, const size_t l) ++uint64_t bitreverse(uint64_t n, const uint64_t l) + { +- size_t r = 0; +- for (size_t k = 0; k < l; ++k) ++ uint64_t r = 0; ++ for (uint64_t k = 0; k < l; ++k) + { + r = (r << 1) | (n & 1); + n >>= 1; @@ -41,20 +41,20 @@ size_t bitreverse(size_t n, const size_t l) return r; } @@ -1467,9 +3059,11 @@ index dd114fdf0d..06af6eff84 100644 +bit_vector int_list_to_bits(const std::initializer_list &l, const size_t wordsize) { bit_vector res(wordsize*l.size()); - for (size_t i = 0; i < l.size(); ++i) +- for (size_t i = 0; i < l.size(); ++i) ++ for (uint64_t i = 0; i < l.size(); ++i) { - for (size_t j = 0; j < wordsize; ++j) +- for (size_t j = 0; j < wordsize; ++j) ++ for (uint64_t j = 0; j < wordsize; ++j) { - res[i*wordsize + j] = (*(l.begin()+i) & (1ul<<(wordsize-1-j))); + res[i*wordsize + j] = (*(l.begin()+i) & (UINT64_C(1)<<(wordsize-1-j))); @@ -1483,31 +3077,101 @@ index dd114fdf0d..06af6eff84 100644 { return (x + (y-1)) / y; } +@@ -68,7 +68,7 @@ bool is_little_endian() + + std::string FORMAT(const std::string &prefix, const char* format, ...) + { +- const static size_t MAX_FMT = 256; ++ const static uint64_t MAX_FMT = 256; + char buf[MAX_FMT]; + va_list args; + va_start(args, format); +@@ -81,7 +81,7 @@ std::string FORMAT(const std::string &prefix, const char* format, ...) + void serialize_bit_vector(std::ostream &out, const bit_vector &v) + { + out << v.size() << "\n"; +- for (size_t i = 0; i < v.size(); ++i) ++ for (uint64_t i = 0; i < v.size(); ++i) + { + out << v[i] << "\n"; + } +@@ -89,10 +89,10 @@ void serialize_bit_vector(std::ostream &out, const bit_vector &v) + + void deserialize_bit_vector(std::istream &in, bit_vector &v) + { +- size_t size; ++ uint64_t size; + in >> size; + v.resize(size); +- for (size_t i = 0; i < size; ++i) ++ for (uint64_t i = 0; i < size; ++i) + { + bool b; + in >> b; diff --git a/src/snark/libsnark/common/utils.hpp b/src/snark/libsnark/common/utils.hpp -index d7d9e89473..505f67410b 100644 +index d7d9e89..6879f80 100644 --- a/src/snark/libsnark/common/utils.hpp +++ b/src/snark/libsnark/common/utils.hpp -@@ -20,14 +20,14 @@ namespace libsnark { - +@@ -21,13 +21,13 @@ namespace libsnark { typedef std::vector bit_vector; --/// returns ceil(log2(n)), so 1ul< &l, const size_t wordsize); -long long div_ceil(long long x, long long y); -+bit_vector int_list_to_bits(const std::initializer_list &l, const size_t wordsize); ++uint64_t bitreverse(uint64_t n, const uint64_t l); ++bit_vector int_list_to_bits(const std::initializer_list &l, const uint64_t wordsize); +int64_t div_ceil(int64_t x, int64_t y); bool is_little_endian(); +@@ -46,8 +46,13 @@ void UNUSED(Types&&...) {} + void serialize_bit_vector(std::ostream &out, const bit_vector &v); + void deserialize_bit_vector(std::istream &in, bit_vector &v); + ++#ifdef __APPLE__ + template +-size_t size_in_bits(const std::vector &v); ++unsigned long size_in_bits(const std::vector &v); ++#else ++template ++uint64_t size_in_bits(const std::vector &v); ++#endif + + #define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) + +diff --git a/src/snark/libsnark/common/utils.tcc b/src/snark/libsnark/common/utils.tcc +index f97178f..4afdc8b 100644 +--- a/src/snark/libsnark/common/utils.tcc ++++ b/src/snark/libsnark/common/utils.tcc +@@ -12,11 +12,19 @@ + + namespace libsnark { + ++#ifdef __APPLE__ ++template ++unsigned long size_in_bits(const std::vector &v) ++{ ++ return v.size() * T::size_in_bits(); ++} ++#else + template + size_t size_in_bits(const std::vector &v) + { + return v.size() * T::size_in_bits(); + } ++#endif + + } // libsnark + diff --git a/src/snark/libsnark/gadgetlib1/gadgets/basic_gadgets.tcc b/src/snark/libsnark/gadgetlib1/gadgets/basic_gadgets.tcc -index 213b1906f2..bcd2f2c722 100644 +index 213b190..bcd2f2c 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/basic_gadgets.tcc +++ b/src/snark/libsnark/gadgetlib1/gadgets/basic_gadgets.tcc @@ -275,11 +275,11 @@ void test_disjunction_gadget(const size_t n) @@ -1633,7 +3297,7 @@ index 213b1906f2..bcd2f2c722 100644 assert(pb.is_satisfied()); pb.val(result) -= FieldT::one(); diff --git a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_aux.tcc b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_aux.tcc -index 8ab67be5fb..148fe790bb 100644 +index 8ab67be..148fe79 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_aux.tcc +++ b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_aux.tcc @@ -285,7 +285,7 @@ void majority_gadget::generate_r1cs_witness() @@ -1646,10 +3310,10 @@ index 8ab67be5fb..148fe790bb 100644 } diff --git a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.hpp b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.hpp -index c2f31e3af3..13bbc075c9 100644 +index c2f31e3..13bbc07 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.hpp +++ b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.hpp -@@ -78,7 +78,7 @@ class sha256_round_function_gadget : public gadget { +@@ -78,7 +78,7 @@ public: pb_linear_combination_array g; pb_linear_combination_array h; pb_variable W; @@ -1658,7 +3322,7 @@ index c2f31e3af3..13bbc075c9 100644 pb_linear_combination_array new_a; pb_linear_combination_array new_e; -@@ -92,7 +92,7 @@ class sha256_round_function_gadget : public gadget { +@@ -92,7 +92,7 @@ public: const pb_linear_combination_array &g, const pb_linear_combination_array &h, const pb_variable &W, @@ -1668,7 +3332,7 @@ index c2f31e3af3..13bbc075c9 100644 const pb_linear_combination_array &new_e, const std::string &annotation_prefix); diff --git a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.tcc b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.tcc -index e8f233a544..b0e0063881 100644 +index e8f233a..b0e0063 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.tcc +++ b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.tcc @@ -16,7 +16,7 @@ @@ -1698,8 +3362,34 @@ index e8f233a544..b0e0063881 100644 const pb_linear_combination_array &new_a, const pb_linear_combination_array &new_e, const std::string &annotation_prefix) : +diff --git a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp +index 0bfaf3a..471928f 100644 +--- a/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp ++++ b/src/snark/libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp +@@ -10,8 +10,6 @@ + #include "common/profiling.hpp" + #include "gadgetlib1/gadgets/hashes/sha256/sha256_gadget.hpp" + +-#include +- + using namespace libsnark; + + template +@@ -37,10 +35,10 @@ void test_two_to_one() + f.generate_r1cs_witness(); + output.generate_r1cs_witness(hash_bv); + +- EXPECT_TRUE(pb.is_satisfied()); ++ assert(pb.is_satisfied()); + } + +-TEST(gadgetlib1, sha256) ++int main(void) + { + start_profiling(); + default_ec_pp::init_public_params(); diff --git a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.tcc b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.tcc -index d773051ab9..b3d805d8ed 100644 +index d773051..b3d805d 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.tcc +++ b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.tcc @@ -41,7 +41,7 @@ void merkle_authentication_path_variable::generate_r1cs_witness(c @@ -1721,7 +3411,7 @@ index d773051ab9..b3d805d8ed 100644 result.emplace_back(left_digests[i].get_digest()); } diff --git a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.tcc b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.tcc -index 6002a5886d..2fde4f68cb 100644 +index 6002a58..2fde4f6 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.tcc +++ b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.tcc @@ -144,10 +144,10 @@ void test_merkle_tree_check_read_gadget() @@ -1737,8 +3427,20 @@ index 6002a5886d..2fde4f68cb 100644 address_bits.push_back(computed_is_right); bit_vector other(digest_len); std::generate(other.begin(), other.end(), [&]() { return std::rand() % 2; }); +diff --git a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp +index 6ec0ca1..2d6840d 100644 +--- a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp ++++ b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp +@@ -19,6 +19,7 @@ + + #include "common/data_structures/merkle_tree.hpp" + #include "gadgetlib1/gadget.hpp" ++#include "gadgetlib1/gadgets/hashes/crh_gadget.hpp" + #include "gadgetlib1/gadgets/hashes/hash_io.hpp" + #include "gadgetlib1/gadgets/hashes/digest_selector_gadget.hpp" + #include "gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.hpp" diff --git a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.tcc b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.tcc -index 1ac08edbbe..3e73904c10 100644 +index 1ac08ed..3e73904 100644 --- a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.tcc +++ b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.tcc @@ -197,10 +197,10 @@ void test_merkle_tree_check_update_gadget() @@ -1754,11 +3456,67 @@ index 1ac08edbbe..3e73904c10 100644 address_bits.push_back(computed_is_right); bit_vector other(digest_len); std::generate(other.begin(), other.end(), [&]() { return std::rand() % 2; }); +diff --git a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp +index 27b52f9..8d52c57 100644 +--- a/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp ++++ b/src/snark/libsnark/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp +@@ -5,36 +5,44 @@ + * @copyright MIT license (see LICENSE file) + *****************************************************************************/ + +-#include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" + #ifdef CURVE_BN128 + #include "algebra/curves/bn128/bn128_pp.hpp" + #endif ++#include "algebra/curves/edwards/edwards_pp.hpp" ++#include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" ++#include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" + #include "gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.hpp" + #include "gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp" + #include "gadgetlib1/gadgets/hashes/sha256/sha256_gadget.hpp" + +-#include +- + using namespace libsnark; + + template + void test_all_merkle_tree_gadgets() + { + typedef Fr FieldT; ++ test_merkle_tree_check_read_gadget >(); + test_merkle_tree_check_read_gadget >(); + ++ test_merkle_tree_check_update_gadget >(); + test_merkle_tree_check_update_gadget >(); + } + +-TEST(gadgetlib1, merkle_tree) ++int main(void) + { + start_profiling(); + +- alt_bn128_pp::init_public_params(); +- test_all_merkle_tree_gadgets(); +- + #ifdef CURVE_BN128 // BN128 has fancy dependencies so it may be disabled + bn128_pp::init_public_params(); + test_all_merkle_tree_gadgets(); + #endif ++ ++ edwards_pp::init_public_params(); ++ test_all_merkle_tree_gadgets(); ++ ++ mnt4_pp::init_public_params(); ++ test_all_merkle_tree_gadgets(); ++ ++ mnt6_pp::init_public_params(); ++ test_all_merkle_tree_gadgets(); + } diff --git a/src/snark/libsnark/gadgetlib1/pb_variable.hpp b/src/snark/libsnark/gadgetlib1/pb_variable.hpp -index fdf64d0140..a6c71748d7 100644 +index fdf64d0..a6c7174 100644 --- a/src/snark/libsnark/gadgetlib1/pb_variable.hpp +++ b/src/snark/libsnark/gadgetlib1/pb_variable.hpp -@@ -59,7 +59,7 @@ class pb_variable_array : private std::vector > +@@ -59,7 +59,7 @@ public: void fill_with_field_elements(protoboard &pb, const std::vector& vals) const; void fill_with_bits(protoboard &pb, const bit_vector& bits) const; @@ -1767,7 +3525,7 @@ index fdf64d0140..a6c71748d7 100644 void fill_with_bits_of_field_element(protoboard &pb, const FieldT &r) const; std::vector get_vals(const protoboard &pb) const; -@@ -120,7 +120,7 @@ class pb_linear_combination_array : private std::vector &pb, const std::vector& vals) const; void fill_with_bits(protoboard &pb, const bit_vector& bits) const; @@ -1777,7 +3535,7 @@ index fdf64d0140..a6c71748d7 100644 std::vector get_vals(const protoboard &pb) const; diff --git a/src/snark/libsnark/gadgetlib1/pb_variable.tcc b/src/snark/libsnark/gadgetlib1/pb_variable.tcc -index b36b3f8d78..77c9f13f89 100644 +index b36b3f8..77c9f13 100644 --- a/src/snark/libsnark/gadgetlib1/pb_variable.tcc +++ b/src/snark/libsnark/gadgetlib1/pb_variable.tcc @@ -65,7 +65,7 @@ void pb_variable_array::fill_with_bits_of_field_element(protoboardfill_with_bits_of_field_element(pb, FieldT(i)); } diff --git a/src/snark/libsnark/relations/arithmetic_programs/qap/tests/test_qap.cpp b/src/snark/libsnark/relations/arithmetic_programs/qap/tests/test_qap.cpp -index e20f589c9d..3c7b870571 100644 +index e20f589..0054eaf 100644 --- a/src/snark/libsnark/relations/arithmetic_programs/qap/tests/test_qap.cpp +++ b/src/snark/libsnark/relations/arithmetic_programs/qap/tests/test_qap.cpp -@@ -92,13 +92,13 @@ TEST(relations, qap) +@@ -10,15 +10,13 @@ + #include + #include + +-#include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" ++#include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" + #include "algebra/fields/field_utils.hpp" + #include "common/profiling.hpp" + #include "common/utils.hpp" + #include "reductions/r1cs_to_qap/r1cs_to_qap.hpp" + #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" + +-#include +- + using namespace libsnark; + + template +@@ -30,7 +28,7 @@ void test_qap(const size_t qap_degree, const size_t num_inputs, const bool binar + See the transformation from R1CS to QAP for why this is the case. + So we need that qap_degree >= num_inputs + 1. + */ +- ASSERT_LE(num_inputs + 1, qap_degree); ++ assert(num_inputs + 1 <= qap_degree); + enter_block("Call to test_qap"); + + const size_t num_constraints = qap_degree - num_inputs - 1; +@@ -53,7 +51,7 @@ void test_qap(const size_t qap_degree, const size_t num_inputs, const bool binar + leave_block("Generate constraint system and assignment"); + + enter_block("Check satisfiability of constraint system"); +- EXPECT_TRUE(example.constraint_system.is_satisfied(example.primary_input, example.auxiliary_input)); ++ assert(example.constraint_system.is_satisfied(example.primary_input, example.auxiliary_input)); + leave_block("Check satisfiability of constraint system"); + + const FieldT t = FieldT::random_element(), +@@ -74,31 +72,44 @@ void test_qap(const size_t qap_degree, const size_t num_inputs, const bool binar + leave_block("Compute QAP witness"); + + enter_block("Check satisfiability of QAP instance 1"); +- EXPECT_TRUE(qap_inst_1.is_satisfied(qap_wit)); ++ assert(qap_inst_1.is_satisfied(qap_wit)); + leave_block("Check satisfiability of QAP instance 1"); + + enter_block("Check satisfiability of QAP instance 2"); +- EXPECT_TRUE(qap_inst_2.is_satisfied(qap_wit)); ++ assert(qap_inst_2.is_satisfied(qap_wit)); + leave_block("Check satisfiability of QAP instance 2"); + + leave_block("Call to test_qap"); + } + +-TEST(relations, qap) ++int main() + { + start_profiling(); ++ mnt6_pp::init_public_params(); ++ + const size_t num_inputs = 10; + ++ const size_t basic_domain_size = UINT64_C(1)< >(1ul << 21, num_inputs, true); -+ test_qap >(UINT64_C(1) << 21, num_inputs, true); ++ test_qap >(basic_domain_size, num_inputs, true); ++ test_qap >(step_domain_size, num_inputs, true); ++ test_qap >(extended_domain_size, num_inputs, true); ++ test_qap >(extended_domain_size_special, num_inputs, true); leave_block("Test QAP with binary input"); enter_block("Test QAP with field input"); - test_qap >(1ul << 21, num_inputs, false); -+ test_qap >(UINT64_C(1) << 21, num_inputs, false); ++ test_qap >(basic_domain_size, num_inputs, false); ++ test_qap >(step_domain_size, num_inputs, false); ++ test_qap >(extended_domain_size, num_inputs, false); ++ test_qap >(extended_domain_size_special, num_inputs, false); leave_block("Test QAP with field input"); } diff --git a/src/snark/libsnark/relations/variable.hpp b/src/snark/libsnark/relations/variable.hpp -index 8c2c704a39..84c65e810d 100644 +index a9a1449..c63f57b 100644 --- a/src/snark/libsnark/relations/variable.hpp +++ b/src/snark/libsnark/relations/variable.hpp @@ -26,7 +26,7 @@ namespace libsnark { @@ -1831,61 +3658,71 @@ index 8c2c704a39..84c65e810d 100644 /** * Forward declaration. -diff --git a/src/test/rpc_wallet_tests.cpp b/src/test/rpc_wallet_tests.cpp -index 47c85722a0..cb920d26d6 100644 ---- a/src/test/rpc_wallet_tests.cpp -+++ b/src/test/rpc_wallet_tests.cpp -@@ -402,7 +402,7 @@ BOOST_AUTO_TEST_CASE(rpc_wallet_z_exportwallet) - BOOST_CHECK_THROW(CallRPC(string("z_exportwallet ") + tmpfilename.string()), runtime_error); - - // set exportdir -- mapArgs["-exportdir"] = tmppath.native(); -+ mapArgs["-exportdir"] = tmppath.string(); +diff --git a/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.tcc b/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.tcc +index 00af6fe..9bc8758 100644 +--- a/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.tcc ++++ b/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.tcc +@@ -83,7 +83,7 @@ bool run_r1cs_ppzksnark(const r1cs_example > &example, + } - // run some tests - BOOST_CHECK_THROW(CallRPC("z_exportwallet"), runtime_error); -@@ -482,7 +482,7 @@ BOOST_AUTO_TEST_CASE(rpc_wallet_z_importwallet) - // write test data to file - boost::filesystem::path temp = boost::filesystem::temp_directory_path() / - boost::filesystem::unique_path(); -- const std::string path = temp.native(); -+ const std::string path = temp.string(); - std::ofstream file(path); - file << testWalletDump; - file << std::flush; -diff --git a/zcutil/build.sh b/zcutil/build.sh -index d86ae99ab9..5479ca58d4 100755 ---- a/zcutil/build.sh -+++ b/zcutil/build.sh -@@ -33,14 +33,6 @@ if [[ -z "${HOST-}" ]]; then - HOST="$BUILD" - fi + print_header("R1CS ppzkSNARK Prover"); +- r1cs_ppzksnark_proof proof = r1cs_ppzksnark_prover(keypair.pk, example.primary_input, example.auxiliary_input, example.constraint_system); ++ r1cs_ppzksnark_proof proof = r1cs_ppzksnark_prover(keypair.pk, example.primary_input, example.auxiliary_input); + printf("\n"); print_indent(); print_mem("after prover"); + + if (test_serialization) +diff --git a/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark.hpp b/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark.hpp +index 36f6c14..a068b09 100644 +--- a/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark.hpp ++++ b/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark.hpp +@@ -394,8 +394,7 @@ r1cs_ppzksnark_keypair r1cs_ppzksnark_generator( + template + r1cs_ppzksnark_proof r1cs_ppzksnark_prover(const r1cs_ppzksnark_proving_key &pk, + const r1cs_ppzksnark_primary_input &primary_input, +- const r1cs_ppzksnark_auxiliary_input &auxiliary_input, +- const r1cs_ppzksnark_constraint_system &constraint_system); ++ const r1cs_ppzksnark_auxiliary_input &auxiliary_input); --# Allow override to $CC and $CXX for porters. Most users will not need it. --if [[ -z "${CC-}" ]]; then -- CC=gcc --fi --if [[ -z "${CXX-}" ]]; then -- CXX=g++ --fi + /* + Below are four variants of verifier algorithm for the R1CS ppzkSNARK. +diff --git a/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp b/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp +index 6c6e518..6f8b575 100644 +--- a/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp ++++ b/src/snark/libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp +@@ -11,14 +11,12 @@ + #include + #include + +-#include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" ++#include "common/default_types/r1cs_ppzksnark_pp.hpp" + #include "common/profiling.hpp" + #include "common/utils.hpp" + #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" + #include "zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.hpp" + +-#include - - # Allow users to set arbitary compile flags. Most users will not need this. - if [[ -z "${CONFIGURE_FLAGS-}" ]]; then - CONFIGURE_FLAGS="" -@@ -105,15 +97,11 @@ then - shift - fi + using namespace libsnark; --PREFIX="$(pwd)/depends/$BUILD/" -- - eval "$MAKE" --version --eval "$CC" --version --eval "$CXX" --version - as --version - ld -v + template +@@ -29,16 +27,16 @@ void test_r1cs_ppzksnark(size_t num_constraints, - HOST="$HOST" BUILD="$BUILD" NO_PROTON="$PROTON_ARG" "$MAKE" "$@" -C ./depends/ V=1 - ./autogen.sh --CC="$CC" CXX="$CXX" ./configure --prefix="${PREFIX}" --host="$HOST" --build="$BUILD" "$HARDENING_ARG" "$LCOV_ARG" "$TEST_ARG" "$MINING_ARG" "$PROTON_ARG" $CONFIGURE_FLAGS --enable-werror CXXFLAGS='-g' -+CONFIG_SITE="$PWD/depends/$HOST/share/config.site" ./configure "$HARDENING_ARG" "$LCOV_ARG" "$TEST_ARG" "$MINING_ARG" "$PROTON_ARG" $CONFIGURE_FLAGS CXXFLAGS='-g' - "$MAKE" "$@" V=1 + const bool test_serialization = true; + r1cs_example > example = generate_r1cs_example_with_binary_input >(num_constraints, input_size); +- example.constraint_system.swap_AB_if_beneficial(); + const bool bit = run_r1cs_ppzksnark(example, test_serialization); +- EXPECT_TRUE(bit); ++ assert(bit); + + print_header("(leave) Test R1CS ppzkSNARK"); + } + +-TEST(zk_proof_systems, r1cs_ppzksnark) ++int main() + { ++ default_r1cs_ppzksnark_pp::init_public_params(); + start_profiling(); + +- test_r1cs_ppzksnark(1000, 20); ++ test_r1cs_ppzksnark(1000, 100); + }