diff --git a/Cargo.lock b/Cargo.lock index 0c174cc521d6..1bc9f2b2f803 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -317,33 +317,25 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bddcadddf5e9015d310179a59bb28c4d4b9920ad0f11e8e14dbadf654890c9a6" [[package]] -name = "ark-algebra-test-templates" -version = "0.4.2" +name = "ark-bls12-377" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "400bd3a79c741b1832f1416d4373ae077ef82ca14a8b4cee1248a2f11c8b9172" +checksum = "fb00293ba84f51ce3bd026bd0de55899c4e68f0a39a5728cebae3a73ffdc0a4f" dependencies = [ "ark-ec", "ark-ff", - "ark-serialize", "ark-std", - "hex", - "num-bigint", - "num-integer", - "num-traits", - "serde", - "serde_derive", - "serde_json", - "sha2 0.10.7", ] [[package]] -name = "ark-bls12-377" -version = "0.4.0" +name = "ark-bls12-377-ext" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb00293ba84f51ce3bd026bd0de55899c4e68f0a39a5728cebae3a73ffdc0a4f" +checksum = "20c7021f180a0cbea0380eba97c2af3c57074cdaffe0eef7e840e1c9f2841e55" dependencies = [ + "ark-bls12-377", "ark-ec", - "ark-ff", + "ark-models-ext", "ark-std", ] @@ -359,6 +351,20 @@ dependencies = [ "ark-std", ] +[[package]] +name = "ark-bls12-381-ext" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b1dc4b3d08f19e8ec06e949712f95b8361e43f1391d94f65e4234df03480631c" +dependencies = [ + "ark-bls12-381", + "ark-ec", + "ark-ff", + "ark-models-ext", + "ark-serialize", + "ark-std", +] + [[package]] name = "ark-bw6-761" version = "0.4.0" @@ -371,6 +377,19 @@ dependencies = [ "ark-std", ] +[[package]] +name = "ark-bw6-761-ext" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ccee5fba47266f460067588ee1bf070a9c760bf2050c1c509982c5719aadb4f2" +dependencies = [ + "ark-bw6-761", + "ark-ec", + "ark-ff", + "ark-models-ext", + "ark-std", +] + [[package]] name = "ark-ec" version = "0.4.2" @@ -385,6 +404,7 @@ dependencies = [ "hashbrown 0.13.2", "itertools 0.10.5", "num-traits", + "rayon", "zeroize", ] @@ -400,6 +420,19 @@ dependencies = [ "ark-std", ] +[[package]] +name = "ark-ed-on-bls12-377-ext" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "524a4fb7540df2e1a8c2e67a83ba1d1e6c3947f4f9342cc2359fc2e789ad731d" +dependencies = [ + "ark-ec", + "ark-ed-on-bls12-377", + "ark-ff", + "ark-models-ext", + "ark-std", +] + [[package]] name = "ark-ed-on-bls12-381-bandersnatch" version = "0.4.0" @@ -412,6 +445,19 @@ dependencies = [ "ark-std", ] +[[package]] +name = "ark-ed-on-bls12-381-bandersnatch-ext" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d15185f1acb49a07ff8cbe5f11a1adc5a93b19e211e325d826ae98e98e124346" +dependencies = [ + "ark-ec", + "ark-ed-on-bls12-381-bandersnatch", + "ark-ff", + "ark-models-ext", + "ark-std", +] + [[package]] name = "ark-ff" version = "0.4.2" @@ -456,58 +502,56 @@ dependencies = [ ] [[package]] -name = "ark-poly" -version = "0.4.2" +name = "ark-models-ext" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" +checksum = "3e9eab5d4b5ff2f228b763d38442adc9b084b0a465409b059fac5c2308835ec2" dependencies = [ + "ark-ec", "ark-ff", "ark-serialize", "ark-std", "derivative", - "hashbrown 0.13.2", ] [[package]] -name = "ark-r1cs-std" -version = "0.4.0" +name = "ark-poly" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de1d1472e5cb020cb3405ce2567c91c8d43f21b674aef37b0202f5c3304761db" +checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf" dependencies = [ - "ark-ec", "ark-ff", - "ark-relations", + "ark-serialize", "ark-std", "derivative", - "num-bigint", - "num-integer", - "num-traits", - "tracing", + "hashbrown 0.13.2", ] [[package]] -name = "ark-relations" -version = "0.4.0" +name = "ark-scale" +version = "0.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "00796b6efc05a3f48225e59cb6a2cda78881e7c390872d5786aaf112f31fb4f0" +checksum = "49b08346a3e38e2be792ef53ee168623c9244d968ff00cd70fb9932f6fe36393" dependencies = [ + "ark-ec", "ark-ff", + "ark-serialize", "ark-std", - "tracing", - "tracing-subscriber", + "parity-scale-codec", ] [[package]] name = "ark-scale" -version = "0.0.10" +version = "0.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49b08346a3e38e2be792ef53ee168623c9244d968ff00cd70fb9932f6fe36393" +checksum = "5f69c00b3b529be29528a6f2fd5fa7b1790f8bed81b9cdca17e326538545a179" dependencies = [ "ark-ec", "ark-ff", "ark-serialize", "ark-std", "parity-scale-codec", + "scale-info", ] [[package]] @@ -556,6 +600,7 @@ checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185" dependencies = [ "num-traits", "rand 0.8.5", + "rayon", ] [[package]] @@ -4441,7 +4486,7 @@ source = "git+https://github.com/w3f/ring-vrf?rev=f4fe253#f4fe2534ccc6d916cd10d9 dependencies = [ "ark-ec", "ark-ff", - "ark-scale", + "ark-scale 0.0.10", "ark-secret-scalar", "ark-serialize", "ark-std", @@ -5735,10 +5780,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" dependencies = [ "cfg-if", - "js-sys", "libc", "wasi 0.11.0+wasi-snapshot-preview1", - "wasm-bindgen", ] [[package]] @@ -16789,100 +16832,6 @@ dependencies = [ "sp-arithmetic", ] -[[package]] -name = "sp-ark-bls12-377" -version = "0.4.1-beta" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9b60ba7d8fbb82e21f5be499b02438c9a79365acb441a4dc3993179f09c4cc9" -dependencies = [ - "ark-bls12-377", - "ark-ff", - "ark-r1cs-std", - "ark-scale", - "ark-std", - "parity-scale-codec", - "sp-ark-models", -] - -[[package]] -name = "sp-ark-bls12-381" -version = "0.4.1-beta" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2cd101171d2e988a4e1b2320ad3f26f8746a263110c7153213fe86293e0552b" -dependencies = [ - "ark-bls12-381", - "ark-ff", - "ark-scale", - "ark-serialize", - "ark-std", - "parity-scale-codec", - "sp-ark-models", -] - -[[package]] -name = "sp-ark-bw6-761" -version = "0.4.1-beta" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d94d66ba98893cc42dfe81d5b5dee9142577176bdbdba80ec25a37d8cdffdbd5" -dependencies = [ - "ark-bw6-761", - "ark-ff", - "ark-scale", - "ark-std", - "parity-scale-codec", - "sp-ark-models", -] - -[[package]] -name = "sp-ark-ed-on-bls12-377" -version = "0.4.1-beta" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37f6ea96c9b1cd4cbd05d741225ff7f6328ab035bda16cf3fac105c87ad98959" -dependencies = [ - "ark-ed-on-bls12-377", - "ark-ff", - "ark-r1cs-std", - "ark-scale", - "ark-serialize", - "ark-std", - "parity-scale-codec", - "sp-ark-models", -] - -[[package]] -name = "sp-ark-ed-on-bls12-381-bandersnatch" -version = "0.4.1-beta" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4db7a801260397cd58077befcee87acfdde8c189f48718bba1bc3783c799b67b" -dependencies = [ - "ark-ec", - "ark-ed-on-bls12-381-bandersnatch", - "ark-ff", - "ark-r1cs-std", - "ark-scale", - "ark-std", - "parity-scale-codec", - "sp-ark-bls12-381", - "sp-ark-models", -] - -[[package]] -name = "sp-ark-models" -version = "0.4.1-beta" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd77599e09f12893739e1ef822ae065f2f46c3be040ba1979bb786ae21059f44" -dependencies = [ - "ark-ec", - "ark-ff", - "ark-serialize", - "ark-std", - "derivative", - "getrandom 0.2.10", - "itertools 0.10.5", - "num-traits", - "zeroize", -] - [[package]] name = "sp-authority-discovery" version = "4.0.0-dev" @@ -17118,27 +17067,20 @@ dependencies = [ [[package]] name = "sp-crypto-ec-utils" -version = "0.4.0" +version = "0.4.1" dependencies = [ - "ark-algebra-test-templates", "ark-bls12-377", + "ark-bls12-377-ext", "ark-bls12-381", + "ark-bls12-381-ext", "ark-bw6-761", + "ark-bw6-761-ext", "ark-ec", "ark-ed-on-bls12-377", + "ark-ed-on-bls12-377-ext", "ark-ed-on-bls12-381-bandersnatch", - "ark-ff", - "ark-scale", - "ark-serialize", - "ark-std", - "parity-scale-codec", - "sp-ark-bls12-377", - "sp-ark-bls12-381", - "sp-ark-bw6-761", - "sp-ark-ed-on-bls12-377", - "sp-ark-ed-on-bls12-381-bandersnatch", - "sp-ark-models", - "sp-io", + "ark-ed-on-bls12-381-bandersnatch-ext", + "ark-scale 0.0.12", "sp-runtime-interface", "sp-std", ] diff --git a/substrate/primitives/crypto/ec-utils/Cargo.toml b/substrate/primitives/crypto/ec-utils/Cargo.toml index 15a6e85abb96..7519fa5fc68c 100644 --- a/substrate/primitives/crypto/ec-utils/Cargo.toml +++ b/substrate/primitives/crypto/ec-utils/Cargo.toml @@ -1,8 +1,8 @@ [package] name = "sp-crypto-ec-utils" -version = "0.4.0" +version = "0.4.1" authors.workspace = true -description = "Host function interface for common elliptic curve operations in Substrate runtimes" +description = "Host functions for common Arkworks elliptic curve operations" edition.workspace = true license = "Apache-2.0" homepage = "https://substrate.io" @@ -12,51 +12,54 @@ repository.workspace = true targets = ["x86_64-unknown-linux-gnu"] [dependencies] -ark-serialize = { version = "0.4.2", default-features = false } -ark-ff = { version = "0.4.2", default-features = false } -ark-ec = { version = "0.4.2", default-features = false } -ark-std = { version = "0.4.0", default-features = false } -ark-bls12-377 = { version = "0.4.0", features = ["curve"], default-features = false } -ark-bls12-381 = { version = "0.4.0", features = ["curve"], default-features = false } -ark-bw6-761 = { version = "0.4.0", default-features = false } -ark-ed-on-bls12-381-bandersnatch = { version = "0.4.0", default-features = false } -ark-ed-on-bls12-377 = { version = "0.4.0", default-features = false } -sp-std = { path = "../../std", default-features = false } -codec = { package = "parity-scale-codec", version = "3.6.1", default-features = false } -ark-scale = { version = "0.0.10", features = ["hazmat"], default-features = false } -sp-runtime-interface = { path = "../../runtime-interface", default-features = false} - -[dev-dependencies] -sp-io = { path = "../../io", default-features = false } -ark-algebra-test-templates = { version = "0.4.2", default-features = false } -sp-ark-models = { version = "0.4.1-beta", default-features = false } -sp-ark-bls12-377 = { version = "0.4.1-beta", default-features = false } -sp-ark-bls12-381 = { version = "0.4.1-beta", default-features = false } -sp-ark-bw6-761 = { version = "0.4.1-beta", default-features = false } -sp-ark-ed-on-bls12-377 = { version = "0.4.1-beta", default-features = false } -sp-ark-ed-on-bls12-381-bandersnatch = { version = "0.4.1-beta", default-features = false } +ark-ec = { version = "0.4.2", default-features = false, optional = true } +ark-bls12-377-ext = { version = "0.4.1", default-features = false, optional = true } +ark-bls12-377 = { version = "0.4.0", default-features = false, features = ["curve"], optional = true } +ark-bls12-381-ext = { version = "0.4.1", default-features = false, optional = true } +ark-bls12-381 = { version = "0.4.0", default-features = false, features = ["curve"], optional = true } +ark-bw6-761-ext = { version = "0.4.1", default-features = false, optional = true } +ark-bw6-761 = { version = "0.4.0", default-features = false, optional = true } +ark-ed-on-bls12-381-bandersnatch-ext = { version = "0.4.1", default-features = false, optional = true } +ark-ed-on-bls12-381-bandersnatch = { version = "0.4.0", default-features = false, optional = true } +ark-ed-on-bls12-377-ext = { version = "0.4.1", default-features = false, optional = true } +ark-ed-on-bls12-377 = { version = "0.4.0", default-features = false, optional = true } +ark-scale = { version = "0.0.12", default-features = false, features = ["hazmat"], optional = true } +sp-runtime-interface = { path = "../../runtime-interface", default-features = false, optional = true } +sp-std = { path = "../../std", default-features = false, optional = true } [features] -default = [ "std" ] +default = ["std"] std = [ - "ark-algebra-test-templates/std", - "ark-bls12-377/std", - "ark-bls12-381/std", - "ark-bw6-761/std", - "ark-ec/std", - "ark-ed-on-bls12-377/std", - "ark-ed-on-bls12-381-bandersnatch/std", - "ark-ff/std", - "ark-scale/std", - "ark-serialize/std", - "ark-std/std", - "codec/std", - "sp-ark-bls12-377/std", - "sp-ark-bls12-381/std", - "sp-ark-bw6-761/std", - "sp-ark-ed-on-bls12-377/std", - "sp-ark-ed-on-bls12-381-bandersnatch/std", - "sp-io/std", - "sp-runtime-interface/std", - "sp-std/std", + "ark-bls12-377-ext?/std", + "ark-bls12-377?/std", + "ark-bls12-381-ext?/std", + "ark-bls12-381?/std", + "ark-bw6-761-ext?/std", + "ark-bw6-761?/std", + "ark-ec?/parallel", + "ark-ec?/std", + "ark-ed-on-bls12-377-ext?/std", + "ark-ed-on-bls12-377?/std", + "ark-ed-on-bls12-381-bandersnatch-ext?/std", + "ark-ed-on-bls12-381-bandersnatch?/std", + "ark-scale?/std", + "sp-runtime-interface?/std", + "sp-std?/std", +] +common = ["ark-ec", "ark-scale", "sp-runtime-interface", "sp-std"] +bls12-377 = ["ark-bls12-377", "ark-bls12-377-ext", "common"] +bls12-381 = ["ark-bls12-381", "ark-bls12-381-ext", "common"] +bw6-761 = ["ark-bw6-761", "ark-bw6-761-ext", "common"] +ed-on-bls12-377 = ["ark-ed-on-bls12-377", "ark-ed-on-bls12-377-ext", "common"] +ed-on-bls12-381-bandersnatch = [ + "ark-ed-on-bls12-381-bandersnatch", + "ark-ed-on-bls12-381-bandersnatch-ext", + "common", +] +all-curves = [ + "bls12-377", + "bls12-381", + "bw6-761", + "ed-on-bls12-377", + "ed-on-bls12-381-bandersnatch", ] diff --git a/substrate/primitives/crypto/ec-utils/src/bls12_377.rs b/substrate/primitives/crypto/ec-utils/src/bls12_377.rs index 78f20297299b..8f19a2c4a191 100644 --- a/substrate/primitives/crypto/ec-utils/src/bls12_377.rs +++ b/substrate/primitives/crypto/ec-utils/src/bls12_377.rs @@ -15,89 +15,191 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! Support functions for bls12_377 to improve the performance of -//! multi_miller_loop, final_exponentiation, msm's and projective -//! multiplications by host function calls +//! *BLS12-377* types and host functions. -use crate::utils::{ - final_exponentiation_generic, msm_sw_generic, mul_projective_generic, multi_miller_loop_generic, -}; -use ark_bls12_377::{g1, g2, Bls12_377}; +use crate::utils; +use ark_bls12_377_ext::CurveHooks; +use ark_ec::{pairing::Pairing, CurveConfig}; +use sp_runtime_interface::runtime_interface; use sp_std::vec::Vec; -/// Compute a multi miller loop through arkworks -pub fn multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - multi_miller_loop_generic::(a, b) +/// First pairing group definitions. +pub mod g1 { + pub use ark_bls12_377_ext::g1::{ + G1_GENERATOR_X, G1_GENERATOR_Y, TE_GENERATOR_X, TE_GENERATOR_Y, + }; + /// Group configuration. + pub type Config = ark_bls12_377_ext::g1::Config; + /// Short Weierstrass form point affine representation. + pub type G1Affine = ark_bls12_377_ext::g1::G1Affine; + /// Short Weierstrass form point projective representation. + pub type G1Projective = ark_bls12_377_ext::g1::G1Projective; + /// Short Weierstrass form point affine representation. + pub type G1SWAffine = ark_bls12_377_ext::g1::G1SWAffine; + /// Short Weierstrass form point projective representation. + pub type G1SWProjective = ark_bls12_377_ext::g1::G1SWProjective; + /// Twisted Edwards form point affine representation. + pub type G1TEAffine = ark_bls12_377_ext::g1::G1TEAffine; + /// Twisted Edwards form point projective representation. + pub type G1TEProjective = ark_bls12_377_ext::g1::G1TEProjective; } -/// Compute a final exponentiation through arkworks -pub fn final_exponentiation(target: Vec) -> Result, ()> { - final_exponentiation_generic::(target) +/// Second pairing group definitions. +pub mod g2 { + pub use ark_bls12_377_ext::g2::{ + G2_GENERATOR_X, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_Y, G2_GENERATOR_Y_C0, + G2_GENERATOR_Y_C1, + }; + /// Group configuration. + pub type Config = ark_bls12_377_ext::g2::Config; + /// Short Weierstrass form point affine representation. + pub type G2Affine = ark_bls12_377_ext::g2::G2Affine; + /// Short Weierstrass form point projective representation. + pub type G2Projective = ark_bls12_377_ext::g2::G2Projective; } -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks on G1. -pub fn msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) -} +pub use self::{ + g1::{Config as G1Config, G1Affine, G1Projective}, + g2::{Config as G2Config, G2Affine, G2Projective}, +}; -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks on G2. -pub fn msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) -} +/// Curve hooks jumping into [`host_calls`] host functions. +#[derive(Copy, Clone)] +pub struct HostHooks; -/// Compute a projective scalar multiplication for short_weierstrass -/// through arkworks on G1. -pub fn mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) -} +/// Configuration for *BLS12-377* curve. +pub type Config = ark_bls12_377_ext::Config; + +/// *BLS12-377* definition. +/// +/// A generic *BLS12* model specialized with *BLS12-377* configuration. +pub type Bls12_377 = ark_bls12_377_ext::Bls12_377; + +impl CurveHooks for HostHooks { + fn bls12_377_multi_miller_loop( + g1: impl Iterator::G1Prepared>, + g2: impl Iterator::G2Prepared>, + ) -> Result<::TargetField, ()> { + let g1 = utils::encode(g1.collect::>()); + let g2 = utils::encode(g2.collect::>()); + let res = host_calls::bls12_377_multi_miller_loop(g1, g2).unwrap_or_default(); + utils::decode(res) + } + + fn bls12_377_final_exponentiation( + target: ::TargetField, + ) -> Result<::TargetField, ()> { + let target = utils::encode(target); + let res = host_calls::bls12_377_final_exponentiation(target).unwrap_or_default(); + utils::decode(res) + } + + fn bls12_377_msm_g1( + bases: &[G1Affine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::bls12_377_msm_g1(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) + } -/// Compute a projective scalar multiplication for short_weierstrass -/// through arkworks on G2. -pub fn mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) + fn bls12_377_msm_g2( + bases: &[G2Affine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::bls12_377_msm_g2(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) + } + + fn bls12_377_mul_projective_g1( + base: &G1Projective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::bls12_377_mul_projective_g1(base, scalar).unwrap_or_default(); + utils::decode_proj_sw(res) + } + + fn bls12_377_mul_projective_g2( + base: &G2Projective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::bls12_377_mul_projective_g2(base, scalar).unwrap_or_default(); + utils::decode_proj_sw(res) + } } -#[cfg(test)] -mod tests { - use super::*; - use ark_algebra_test_templates::*; - use sp_ark_bls12_377::{ - Bls12_377 as Bls12_377Host, G1Projective as G1ProjectiveHost, - G2Projective as G2ProjectiveHost, HostFunctions, - }; +/// Interfaces for working with *Arkworks* *BLS12-377* elliptic curve related types +/// from within the runtime. +/// +/// All types are (de-)serialized through the wrapper types from the `ark-scale` trait, +/// with `ark_scale::{ArkScale, ArkScaleProjective}`. +/// +/// `ArkScale`'s `Usage` generic parameter is expected to be set to "not-validated" +/// and "not-compressed". +#[runtime_interface] +pub trait HostCalls { + /// Pairing multi Miller loop for *BLS12-377*. + /// + /// - Receives encoded: + /// - `a`: `ArkScale>`. + /// - `b`: `ArkScale>`. + /// - Returns encoded: `ArkScale`. + fn bls12_377_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { + utils::multi_miller_loop::(a, b) + } - #[derive(PartialEq, Eq)] - struct Host; - - impl HostFunctions for Host { - fn bls12_377_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_377_multi_miller_loop(a, b) - } - fn bls12_377_final_exponentiation(f12: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_377_final_exponentiation(f12) - } - fn bls12_377_msm_g1(bases: Vec, bigints: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_377_msm_g1(bases, bigints) - } - fn bls12_377_msm_g2(bases: Vec, bigints: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_377_msm_g2(bases, bigints) - } - fn bls12_377_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_377_mul_projective_g1(base, scalar) - } - fn bls12_377_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_377_mul_projective_g2(base, scalar) - } + /// Pairing final exponentiation for *BLS12-377.* + /// + /// - Receives encoded: `ArkScale`. + /// - Returns encoded: `ArkScale`. + fn bls12_377_final_exponentiation(f: Vec) -> Result, ()> { + utils::final_exponentiation::(f) } - type Bls12_377 = Bls12_377Host; - type G1Projective = G1ProjectiveHost; - type G2Projective = G2ProjectiveHost; + /// Multi scalar multiplication on *G1* for *BLS12-377*. + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_377_msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_sw::(bases, scalars) + } + + /// Multi scalar multiplication on *G2* for *BLS12-377*. + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_377_msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_sw::(bases, scalars) + } - test_group!(g1; G1Projective; sw); - test_group!(g2; G2Projective; sw); - test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); - test_pairing!(pairing; super::Bls12_377); + /// Projective multiplication on *G1* for *BLS12-377*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_377_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) + } + + /// Projective multiplication on *G2* for *BLS12-377*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_377_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) + } } diff --git a/substrate/primitives/crypto/ec-utils/src/bls12_381.rs b/substrate/primitives/crypto/ec-utils/src/bls12_381.rs index b2ec48a42fc5..99a0289b7ad2 100644 --- a/substrate/primitives/crypto/ec-utils/src/bls12_381.rs +++ b/substrate/primitives/crypto/ec-utils/src/bls12_381.rs @@ -15,205 +15,181 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! Support functions for bls12_381 to improve the performance of -//! multi_miller_loop, final_exponentiation, msm's and projective -//! multiplications by host function calls +//! *BLS12-381* types and host functions. -use crate::utils::{ - final_exponentiation_generic, msm_sw_generic, mul_projective_generic, multi_miller_loop_generic, -}; -use ark_bls12_381::{g1, g2, Bls12_381}; +use crate::utils; +use ark_bls12_381_ext::CurveHooks; +use ark_ec::{pairing::Pairing, CurveConfig}; +use sp_runtime_interface::runtime_interface; use sp_std::vec::Vec; -/// Compute a multi miller loop through arkworks -pub fn multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - multi_miller_loop_generic::(a, b) -} - -/// Compute a final exponentiation through arkworks -pub fn final_exponentiation(target: Vec) -> Result, ()> { - final_exponentiation_generic::(target) -} - -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks on G1. -pub fn msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) -} - -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks on G2. -pub fn msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) +/// First pairing group definitions. +pub mod g1 { + pub use ark_bls12_381_ext::g1::{BETA, G1_GENERATOR_X, G1_GENERATOR_Y}; + /// Group configuration. + pub type Config = ark_bls12_381_ext::g1::Config; + /// Short Weierstrass form point affine representation. + pub type G1Affine = ark_bls12_381_ext::g1::G1Affine; + /// Short Weierstrass form point projective representation. + pub type G1Projective = ark_bls12_381_ext::g1::G1Projective; } -/// Compute a projective scalar multiplication for short_weierstrass -/// through arkworks on G1. -pub fn mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) +/// Second pairing group definitions. +pub mod g2 { + pub use ark_bls12_381_ext::g2::{ + G2_GENERATOR_X, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_Y, G2_GENERATOR_Y_C0, + G2_GENERATOR_Y_C1, + }; + /// Group configuration. + pub type Config = ark_bls12_381_ext::g2::Config; + /// Short Weierstrass form point affine representation. + pub type G2Affine = ark_bls12_381_ext::g2::G2Affine; + /// Short Weierstrass form point projective representation. + pub type G2Projective = ark_bls12_381_ext::g2::G2Projective; } -/// Compute a projective scalar multiplication for short_weierstrass -/// through arkworks on G2. -pub fn mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) -} +pub use self::{ + g1::{Config as G1Config, G1Affine, G1Projective}, + g2::{Config as G2Config, G2Affine, G2Projective}, +}; -#[cfg(test)] -mod tests { - use super::*; - use ark_algebra_test_templates::*; - use ark_ec::{AffineRepr, CurveGroup, Group}; - use ark_ff::{fields::Field, One, Zero}; - use ark_serialize::{CanonicalDeserialize, CanonicalSerialize, Compress, Validate}; - use ark_std::{rand::Rng, test_rng, vec, UniformRand}; - use sp_ark_bls12_381::{ - fq::Fq, fq2::Fq2, fr::Fr, Bls12_381 as Bls12_381Host, G1Affine as G1AffineHost, - G1Projective as G1ProjectiveHost, G2Affine as G2AffineHost, - G2Projective as G2ProjectiveHost, HostFunctions, - }; - use sp_ark_models::pairing::PairingOutput; - - #[derive(PartialEq, Eq)] - struct Host; - - impl HostFunctions for Host { - fn bls12_381_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_381_multi_miller_loop(a, b) - } - fn bls12_381_final_exponentiation(f12: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_381_final_exponentiation(f12) - } - fn bls12_381_msm_g1(bases: Vec, bigints: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_381_msm_g1(bases, bigints) - } - fn bls12_381_msm_g2(bases: Vec, bigints: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_381_msm_g2(bases, bigints) - } - fn bls12_381_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_381_mul_projective_g1(base, scalar) - } - fn bls12_381_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::bls12_381_mul_projective_g2(base, scalar) - } +/// Curve hooks jumping into [`host_calls`] host functions. +#[derive(Copy, Clone)] +pub struct HostHooks; + +/// Configuration for *BLS12-381* curve. +pub type Config = ark_bls12_381_ext::Config; + +/// *BLS12-381* definition. +/// +/// A generic *BLS12* model specialized with *BLS12-381* configuration. +pub type Bls12_381 = ark_bls12_381_ext::Bls12_381; + +impl CurveHooks for HostHooks { + fn bls12_381_multi_miller_loop( + g1: impl Iterator::G1Prepared>, + g2: impl Iterator::G2Prepared>, + ) -> Result<::TargetField, ()> { + let g1 = utils::encode(g1.collect::>()); + let g2 = utils::encode(g2.collect::>()); + let res = host_calls::bls12_381_multi_miller_loop(g1, g2).unwrap_or_default(); + utils::decode(res) } - type Bls12_381 = Bls12_381Host; - type G1Projective = G1ProjectiveHost; - type G2Projective = G2ProjectiveHost; - type G1Affine = G1AffineHost; - type G2Affine = G2AffineHost; - - test_group!(g1; G1Projective; sw); - test_group!(g2; G2Projective; sw); - test_group!(pairing_output; PairingOutput; msm); - test_pairing!(ark_pairing; super::Bls12_381); + fn bls12_381_final_exponentiation( + target: ::TargetField, + ) -> Result<::TargetField, ()> { + let target = utils::encode(target); + let res = host_calls::bls12_381_final_exponentiation(target).unwrap_or_default(); + utils::decode(res) + } - #[test] - fn test_g1_endomorphism_beta() { - assert!(sp_ark_bls12_381::g1::BETA.pow([3u64]).is_one()); + fn bls12_381_msm_g1( + bases: &[G1Affine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::bls12_381_msm_g1(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) } - #[test] - fn test_g1_subgroup_membership_via_endomorphism() { - let mut rng = test_rng(); - let generator = G1Projective::rand(&mut rng).into_affine(); - assert!(generator.is_in_correct_subgroup_assuming_on_curve()); + fn bls12_381_msm_g2( + bases: &[G2Affine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::bls12_381_msm_g2(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) } - #[test] - fn test_g1_subgroup_non_membership_via_endomorphism() { - let mut rng = test_rng(); - loop { - let x = Fq::rand(&mut rng); - let greatest = rng.gen(); - - if let Some(p) = G1Affine::get_point_from_x_unchecked(x, greatest) { - if !::is_zero(&p.mul_bigint(Fr::characteristic())) { - assert!(!p.is_in_correct_subgroup_assuming_on_curve()); - return - } - } - } + fn bls12_381_mul_projective_g1( + base: &G1Projective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::bls12_381_mul_projective_g1(base, scalar).unwrap_or_default(); + utils::decode_proj_sw(res) } - #[test] - fn test_g2_subgroup_membership_via_endomorphism() { - let mut rng = test_rng(); - let generator = G2Projective::rand(&mut rng).into_affine(); - assert!(generator.is_in_correct_subgroup_assuming_on_curve()); + fn bls12_381_mul_projective_g2( + base: &G2Projective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::bls12_381_mul_projective_g2(base, scalar).unwrap_or_default(); + utils::decode_proj_sw(res) } +} - #[test] - fn test_g2_subgroup_non_membership_via_endomorphism() { - let mut rng = test_rng(); - loop { - let x = Fq2::rand(&mut rng); - let greatest = rng.gen(); - - if let Some(p) = G2Affine::get_point_from_x_unchecked(x, greatest) { - if !::is_zero(&p.mul_bigint(Fr::characteristic())) { - assert!(!p.is_in_correct_subgroup_assuming_on_curve()); - return - } - } - } +/// Interfaces for working with *Arkworks* *BLS12-381* elliptic curve related types +/// from within the runtime. +/// +/// All types are (de-)serialized through the wrapper types from the `ark-scale` trait, +/// with `ark_scale::{ArkScale, ArkScaleProjective}`. +/// +/// `ArkScale`'s `Usage` generic parameter is expected to be set to "not-validated" +/// and "not-compressed". +#[runtime_interface] +pub trait HostCalls { + /// Pairing multi Miller loop for *BLS12-381*. + /// + /// - Receives encoded: + /// - `a`: `ArkScale>`. + /// - `b`: `ArkScale>`. + /// - Returns encoded: `ArkScale`. + fn bls12_381_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { + utils::multi_miller_loop::(a, b) } - // Test vectors and macro adapted from https://github.com/zkcrypto/bls12_381/blob/e224ad4ea1babfc582ccd751c2bf128611d10936/src/test-data/mod.rs - macro_rules! test_vectors { - ($projective:ident, $affine:ident, $compress:expr, $expected:ident) => { - let mut e = $projective::zero(); - - let mut v = vec![]; - { - let mut expected = $expected; - for _ in 0..1000 { - let e_affine = $affine::from(e); - let mut serialized = vec![0u8; e.serialized_size($compress)]; - e_affine.serialize_with_mode(serialized.as_mut_slice(), $compress).unwrap(); - v.extend_from_slice(&serialized[..]); - - let mut decoded = serialized; - let len_of_encoding = decoded.len(); - (&mut decoded[..]).copy_from_slice(&expected[0..len_of_encoding]); - expected = &expected[len_of_encoding..]; - let decoded = - $affine::deserialize_with_mode(&decoded[..], $compress, Validate::Yes) - .unwrap(); - assert_eq!(e_affine, decoded); - - e += &$projective::generator(); - } - } - - assert_eq!(&v[..], $expected); - }; + /// Pairing final exponentiation for *BLS12-381*. + /// + /// - Receives encoded: `ArkScale<`. + /// - Returns encoded: `ArkScale<` + fn bls12_381_final_exponentiation(f: Vec) -> Result, ()> { + utils::final_exponentiation::(f) } - #[test] - fn g1_compressed_valid_test_vectors() { - let bytes: &'static [u8] = include_bytes!("test-data/g1_compressed_valid_test_vectors.dat"); - test_vectors!(G1Projective, G1Affine, Compress::Yes, bytes); + /// Multi scalar multiplication on *G1* for *BLS12-381* + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_381_msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_sw::(bases, scalars) } - #[test] - fn g1_uncompressed_valid_test_vectors() { - let bytes: &'static [u8] = - include_bytes!("test-data/g1_uncompressed_valid_test_vectors.dat"); - test_vectors!(G1Projective, G1Affine, Compress::No, bytes); + /// Multi scalar multiplication on *G2* for *BLS12-381* + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_381_msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_sw::(bases, scalars) } - #[test] - fn g2_compressed_valid_test_vectors() { - let bytes: &'static [u8] = include_bytes!("test-data/g2_compressed_valid_test_vectors.dat"); - test_vectors!(G2Projective, G2Affine, Compress::Yes, bytes); + /// Projective multiplication on *G1* for *BLS12-381*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_381_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) } - #[test] - fn g2_uncompressed_valid_test_vectors() { - let bytes: &'static [u8] = - include_bytes!("test-data/g2_uncompressed_valid_test_vectors.dat"); - test_vectors!(G2Projective, G2Affine, Compress::No, bytes); + /// Projective multiplication on *G2* for *BLS12-381* + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bls12_381_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) } } diff --git a/substrate/primitives/crypto/ec-utils/src/bw6_761.rs b/substrate/primitives/crypto/ec-utils/src/bw6_761.rs index 4ad26fc54b1e..a68abf6e43e0 100644 --- a/substrate/primitives/crypto/ec-utils/src/bw6_761.rs +++ b/substrate/primitives/crypto/ec-utils/src/bw6_761.rs @@ -15,89 +15,172 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! Support functions for bw6_761 to improve the performance of -//! multi_miller_loop, final_exponentiation, msm's and projective -//! multiplications by host function calls. +//! *BW6-761* types and host functions. -use crate::utils::{ - final_exponentiation_generic, msm_sw_generic, mul_projective_generic, multi_miller_loop_generic, -}; -use ark_bw6_761::{g1, g2, BW6_761}; +use crate::utils; +use ark_bw6_761_ext::CurveHooks; +use ark_ec::{pairing::Pairing, CurveConfig}; +use sp_runtime_interface::runtime_interface; use sp_std::vec::Vec; -/// Compute a multi miller loop through arkworks -pub fn multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - multi_miller_loop_generic::(a, b) +/// First pairing group definitions. +pub mod g1 { + pub use ark_bw6_761_ext::g1::{G1_GENERATOR_X, G1_GENERATOR_Y}; + /// Group configuration. + pub type Config = ark_bw6_761_ext::g1::Config; + /// Short Weierstrass form point affine representation. + pub type G1Affine = ark_bw6_761_ext::g1::G1Affine; + /// Short Weierstrass form point projective representation. + pub type G1Projective = ark_bw6_761_ext::g1::G1Projective; } -/// Compute a final exponentiation through arkworks -pub fn final_exponentiation(target: Vec) -> Result, ()> { - final_exponentiation_generic::(target) +/// Second pairing group definitions. +pub mod g2 { + pub use ark_bw6_761_ext::g2::{G2_GENERATOR_X, G2_GENERATOR_Y}; + /// Group configuration. + pub type Config = ark_bw6_761_ext::g2::Config; + /// Short Weierstrass form point affine representation. + pub type G2Affine = ark_bw6_761_ext::g2::G2Affine; + /// Short Weierstrass form point projective representation. + pub type G2Projective = ark_bw6_761_ext::g2::G2Projective; } -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks on G1. -pub fn msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) -} +pub use self::{ + g1::{Config as G1Config, G1Affine, G1Projective}, + g2::{Config as G2Config, G2Affine, G2Projective}, +}; -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks on G2. -pub fn msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) -} +/// Curve hooks jumping into [`host_calls`] host functions. +#[derive(Copy, Clone)] +pub struct HostHooks; -/// Compute a projective scalar multiplication for short_weierstrass through -/// arkworks on G1. -pub fn mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) -} +/// Configuration for *BW6-361* curve. +pub type Config = ark_bw6_761_ext::Config; + +/// *BW6-361* definition. +/// +/// A generic *BW6* model specialized with *BW6-761* configuration. +pub type BW6_761 = ark_bw6_761_ext::BW6_761; -/// Compute a projective scalar multiplication for short_weierstrass through -/// arkworks on G2. -pub fn mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) +impl CurveHooks for HostHooks { + fn bw6_761_multi_miller_loop( + g1: impl Iterator::G1Prepared>, + g2: impl Iterator::G2Prepared>, + ) -> Result<::TargetField, ()> { + let g1 = utils::encode(g1.collect::>()); + let g2 = utils::encode(g2.collect::>()); + let res = host_calls::bw6_761_multi_miller_loop(g1, g2).unwrap_or_default(); + utils::decode(res) + } + + fn bw6_761_final_exponentiation( + target: ::TargetField, + ) -> Result<::TargetField, ()> { + let target = utils::encode(target); + let res = host_calls::bw6_761_final_exponentiation(target).unwrap_or_default(); + utils::decode(res) + } + + fn bw6_761_msm_g1( + bases: &[G1Affine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::bw6_761_msm_g1(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) + } + + fn bw6_761_msm_g2( + bases: &[G2Affine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::bw6_761_msm_g2(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) + } + + fn bw6_761_mul_projective_g1(base: &G1Projective, scalar: &[u64]) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::bw6_761_mul_projective_g1(base, scalar).unwrap_or_default(); + utils::decode_proj_sw(res) + } + + fn bw6_761_mul_projective_g2(base: &G2Projective, scalar: &[u64]) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::bw6_761_mul_projective_g2(base, scalar).unwrap_or_default(); + utils::decode_proj_sw(res) + } } -#[cfg(test)] -mod tests { - use super::*; - use ark_algebra_test_templates::*; - use sp_ark_bw6_761::{ - G1Projective as G1ProjectiveHost, G2Projective as G2ProjectiveHost, HostFunctions, - BW6_761 as BW6_761Host, - }; - - #[derive(PartialEq, Eq)] - struct Host; - - impl HostFunctions for Host { - fn bw6_761_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - crate::elliptic_curves::bw6_761_multi_miller_loop(a, b) - } - fn bw6_761_final_exponentiation(f12: Vec) -> Result, ()> { - crate::elliptic_curves::bw6_761_final_exponentiation(f12) - } - fn bw6_761_msm_g1(bases: Vec, bigints: Vec) -> Result, ()> { - crate::elliptic_curves::bw6_761_msm_g1(bases, bigints) - } - fn bw6_761_msm_g2(bases: Vec, bigints: Vec) -> Result, ()> { - crate::elliptic_curves::bw6_761_msm_g2(bases, bigints) - } - fn bw6_761_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::bw6_761_mul_projective_g1(base, scalar) - } - fn bw6_761_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::bw6_761_mul_projective_g2(base, scalar) - } +/// Interfaces for working with *Arkworks* *BW6-761* elliptic curve related types +/// from within the runtime. +/// +/// All types are (de-)serialized through the wrapper types from the `ark-scale` trait, +/// with `ark_scale::{ArkScale, ArkScaleProjective}`. +/// +/// `ArkScale`'s `Usage` generic parameter is expected to be set to "not-validated" +/// and "not-compressed". +#[runtime_interface] +pub trait HostCalls { + /// Pairing multi Miller loop for *BW6-761*. + /// + /// - Receives encoded: + /// - `a: ArkScale>`. + /// - `b: ArkScale>`. + /// - Returns encoded: `ArkScale`. + fn bw6_761_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { + utils::multi_miller_loop::(a, b) + } + + /// Pairing final exponentiation for *BW6-761*. + /// + /// - Receives encoded: `ArkScale`. + /// - Returns encoded: `ArkScale`. + fn bw6_761_final_exponentiation(f: Vec) -> Result, ()> { + utils::final_exponentiation::(f) } - type BW6_761 = BW6_761Host; - type G1Projective = G1ProjectiveHost; - type G2Projective = G2ProjectiveHost; + /// Multi scalar multiplication on *G1* for *BW6-761*. + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale`. + /// - Returns encoded: `ArkScaleProjective`. + fn bw6_761_msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_sw::(bases, scalars) + } + + /// Multi scalar multiplication on *G2* for *BW6-761*. + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bw6_761_msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_sw::(bases, scalars) + } - test_group!(g1; G1Projective; sw); - test_group!(g2; G2Projective; sw); - test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); - test_pairing!(pairing; super::BW6_761); + /// Projective multiplication on *G1* for *BW6-761*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bw6_761_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) + } + + /// Projective multiplication on *G2* for *BW6-761*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn bw6_761_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) + } } diff --git a/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_377.rs b/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_377.rs index e69dbd798464..a03be41b8542 100644 --- a/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_377.rs +++ b/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_377.rs @@ -15,42 +15,74 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! Support functions for ed_on_bls12_377 to improve the performance of -//! msm and projective multiplication by host function calls +//! *Ed-on-BLS12-377* types and host functions. -use crate::utils::{msm_te_generic, mul_projective_te_generic}; -use ark_ed_on_bls12_377::EdwardsConfig; +use crate::utils; +use ark_ec::CurveConfig; +use ark_ed_on_bls12_377_ext::CurveHooks; +use sp_runtime_interface::runtime_interface; use sp_std::vec::Vec; -/// Compute a multi scalar mulitplication for twisted_edwards through -/// arkworks. -pub fn msm(bases: Vec, scalars: Vec) -> Result, ()> { - msm_te_generic::(bases, scalars) -} +/// Curve hooks jumping into [`host_calls`] host functions. +#[derive(Copy, Clone)] +pub struct HostHooks; + +/// Group configuration. +pub type EdwardsConfig = ark_ed_on_bls12_377_ext::EdwardsConfig; +/// Twisted Edwards form point affine representation. +pub type EdwardsAffine = ark_ed_on_bls12_377_ext::EdwardsAffine; +/// Twisted Edwards form point projective representation. +pub type EdwardsProjective = ark_ed_on_bls12_377_ext::EdwardsProjective; + +impl CurveHooks for HostHooks { + fn ed_on_bls12_377_msm( + bases: &[EdwardsAffine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = host_calls::ed_on_bls12_377_te_msm(bases, scalars).unwrap_or_default(); + utils::decode_proj_te(res) + } -/// Compute a projective scalar multiplication for twisted_edwards -/// through arkworks. -pub fn mul_projective(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_te_generic::(base, scalar) + fn ed_on_bls12_377_mul_projective( + base: &EdwardsProjective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_te(base); + let scalar = utils::encode(scalar); + let res = host_calls::ed_on_bls12_377_te_mul_projective(base, scalar).unwrap_or_default(); + utils::decode_proj_te(res) + } } -#[cfg(test)] -mod tests { - use super::*; - use ark_algebra_test_templates::*; - use sp_ark_ed_on_bls12_377::{EdwardsProjective as EdwardsProjectiveHost, HostFunctions}; - - struct Host {} - - impl HostFunctions for Host { - fn ed_on_bls12_377_msm(bases: Vec, scalars: Vec) -> Result, ()> { - crate::elliptic_curves::ed_on_bls12_377_msm(bases, scalars) - } - fn ed_on_bls12_377_mul_projective(base: Vec, scalar: Vec) -> Result, ()> { - crate::elliptic_curves::ed_on_bls12_377_mul_projective(base, scalar) - } +/// Interfaces for working with *Arkworks* *Ed-on-BLS12-377* elliptic curve +/// related types from within the runtime. +/// +/// All types are (de-)serialized through the wrapper types from the `ark-scale` trait, +/// with `ark_scale::{ArkScale, ArkScaleProjective}`. +/// +/// `ArkScale`'s `Usage` generic parameter is expected to be set to "not-validated" +/// and "not-compressed". +#[runtime_interface] +pub trait HostCalls { + /// Twisted Edwards multi scalar multiplication for *Ed-on-BLS12-377*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn ed_on_bls12_377_te_msm(bases: Vec, scalars: Vec) -> Result, ()> { + utils::msm_te::(bases, scalars) } - type EdwardsProjective = EdwardsProjectiveHost; - test_group!(te; EdwardsProjective; te); + /// Twisted Edwards projective multiplication for *Ed-on-BLS12-377*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn ed_on_bls12_377_te_mul_projective(base: Vec, scalar: Vec) -> Result, ()> { + utils::mul_projective_te::(base, scalar) + } } diff --git a/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_381_bandersnatch.rs b/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_381_bandersnatch.rs index 7e9cd87e543d..9d63f3587652 100644 --- a/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_381_bandersnatch.rs +++ b/substrate/primitives/crypto/ec-utils/src/ed_on_bls12_381_bandersnatch.rs @@ -15,80 +15,139 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! Support functions for ed_on_bls12_381_bandersnatch to improve the -//! performance of msm' and projective multiplications by host function -//! calls. +//! Elliptic Curves host functions to handle some of the *Arkworks* *Ed-on-BLS12-381-Bandersnatch* +//! computationally expensive operations. -use crate::utils::{ - msm_sw_generic, msm_te_generic, mul_projective_generic, mul_projective_te_generic, -}; -use ark_ed_on_bls12_381_bandersnatch::BandersnatchConfig; +use crate::utils; +use ark_ec::CurveConfig; +use ark_ed_on_bls12_381_bandersnatch_ext::CurveHooks; +use sp_runtime_interface::runtime_interface; use sp_std::vec::Vec; -/// Compute a multi scalar multiplication for short_weierstrass through -/// arkworks. -pub fn sw_msm(bases: Vec, scalars: Vec) -> Result, ()> { - msm_sw_generic::(bases, scalars) -} +/// Curve hooks jumping into [`host_calls`] host functions. +#[derive(Copy, Clone)] +pub struct HostHooks; -/// Compute a multi scalar mulitplication for twisted_edwards through -/// arkworks. -pub fn te_msm(bases: Vec, scalars: Vec) -> Result, ()> { - msm_te_generic::(bases, scalars) -} +/// Group configuration. +pub type BandersnatchConfig = ark_ed_on_bls12_381_bandersnatch_ext::BandersnatchConfig; +/// Group configuration for Twisted Edwards form (equal to [`BandersnatchConfig`]). +pub type EdwardsConfig = ark_ed_on_bls12_381_bandersnatch_ext::EdwardsConfig; +/// Twisted Edwards form point affine representation. +pub type EdwardsAffine = ark_ed_on_bls12_381_bandersnatch_ext::EdwardsAffine; +/// Twisted Edwards form point projective representation. +pub type EdwardsProjective = ark_ed_on_bls12_381_bandersnatch_ext::EdwardsProjective; +/// Group configuration for Short Weierstrass form (equal to [`BandersnatchConfig`]). +pub type SWConfig = ark_ed_on_bls12_381_bandersnatch_ext::SWConfig; +/// Short Weierstrass form point affine representation. +pub type SWAffine = ark_ed_on_bls12_381_bandersnatch_ext::SWAffine; +/// Short Weierstrass form point projective representation. +pub type SWProjective = ark_ed_on_bls12_381_bandersnatch_ext::SWProjective; -/// Compute a projective scalar multiplication for short_weierstrass -/// through arkworks. -pub fn sw_mul_projective(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_generic::(base, scalar) -} +impl CurveHooks for HostHooks { + fn ed_on_bls12_381_bandersnatch_te_msm( + bases: &[EdwardsAffine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = + host_calls::ed_on_bls12_381_bandersnatch_te_msm(bases, scalars).unwrap_or_default(); + utils::decode_proj_te(res) + } -/// Compute a projective scalar multiplication for twisted_edwards -/// through arkworks. -pub fn te_mul_projective(base: Vec, scalar: Vec) -> Result, ()> { - mul_projective_te_generic::(base, scalar) -} + fn ed_on_bls12_381_bandersnatch_te_mul_projective( + base: &EdwardsProjective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_te(base); + let scalar = utils::encode(scalar); + let res = host_calls::ed_on_bls12_381_bandersnatch_te_mul_projective(base, scalar) + .unwrap_or_default(); + utils::decode_proj_te(res) + } -#[cfg(test)] -mod tests { - use super::*; - use ark_algebra_test_templates::*; - use sp_ark_ed_on_bls12_381_bandersnatch::{ - EdwardsProjective as EdwardsProjectiveHost, HostFunctions, SWProjective as SWProjectiveHost, - }; + fn ed_on_bls12_381_bandersnatch_sw_msm( + bases: &[SWAffine], + scalars: &[::ScalarField], + ) -> Result { + let bases = utils::encode(bases); + let scalars = utils::encode(scalars); + let res = + host_calls::ed_on_bls12_381_bandersnatch_sw_msm(bases, scalars).unwrap_or_default(); + utils::decode_proj_sw(res) + } - pub struct Host {} + fn ed_on_bls12_381_bandersnatch_sw_mul_projective( + base: &SWProjective, + scalar: &[u64], + ) -> Result { + let base = utils::encode_proj_sw(base); + let scalar = utils::encode(scalar); + let res = host_calls::ed_on_bls12_381_bandersnatch_sw_mul_projective(base, scalar) + .unwrap_or_default(); + utils::decode_proj_sw(res) + } +} + +/// Interfaces for working with *Arkworks* *Ed-on-BLS12-381-Bandersnatch* elliptic curve +/// related types from within the runtime. +/// +/// All types are (de-)serialized through the wrapper types from the `ark-scale` trait, +/// with `ark_scale::{ArkScale, ArkScaleProjective}`. +/// +/// `ArkScale`'s `Usage` generic parameter is expected to be set to "not-validated" +/// and "not-compressed". +#[runtime_interface] +pub trait HostCalls { + /// Twisted Edwards multi scalar multiplication for *Ed-on-BLS12-381-Bandersnatch*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn ed_on_bls12_381_bandersnatch_te_msm( + bases: Vec, + scalars: Vec, + ) -> Result, ()> { + utils::msm_te::(bases, scalars) + } - impl HostFunctions for Host { - fn ed_on_bls12_381_bandersnatch_te_msm( - bases: Vec, - scalars: Vec, - ) -> Result, ()> { - crate::elliptic_curves::ed_on_bls12_381_bandersnatch_te_msm(bases, scalars) - } - fn ed_on_bls12_381_bandersnatch_sw_msm( - bases: Vec, - scalars: Vec, - ) -> Result, ()> { - crate::elliptic_curves::ed_on_bls12_381_bandersnatch_sw_msm(bases, scalars) - } - fn ed_on_bls12_381_bandersnatch_te_mul_projective( - base: Vec, - scalar: Vec, - ) -> Result, ()> { - crate::elliptic_curves::ed_on_bls12_381_bandersnatch_te_mul_projective(base, scalar) - } - fn ed_on_bls12_381_bandersnatch_sw_mul_projective( - base: Vec, - scalar: Vec, - ) -> Result, ()> { - crate::elliptic_curves::ed_on_bls12_381_bandersnatch_sw_mul_projective(base, scalar) - } + /// Twisted Edwards projective multiplication for *Ed-on-BLS12-381-Bandersnatch*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn ed_on_bls12_381_bandersnatch_te_mul_projective( + base: Vec, + scalar: Vec, + ) -> Result, ()> { + utils::mul_projective_te::(base, scalar) } - type EdwardsProjective = EdwardsProjectiveHost; - type SWProjective = SWProjectiveHost; + /// Short Weierstrass multi scalar multiplication for *Ed-on-BLS12-381-Bandersnatch*. + /// + /// - Receives encoded: + /// - `bases`: `ArkScale>`. + /// - `scalars`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn ed_on_bls12_381_bandersnatch_sw_msm( + bases: Vec, + scalars: Vec, + ) -> Result, ()> { + utils::msm_sw::(bases, scalars) + } - test_group!(sw; SWProjective; sw); - test_group!(te; EdwardsProjective; te); + /// Short Weierstrass projective multiplication for *Ed-on-BLS12-381-Bandersnatch*. + /// + /// - Receives encoded: + /// - `base`: `ArkScaleProjective`. + /// - `scalar`: `ArkScale>`. + /// - Returns encoded: `ArkScaleProjective`. + fn ed_on_bls12_381_bandersnatch_sw_mul_projective( + base: Vec, + scalar: Vec, + ) -> Result, ()> { + utils::mul_projective_sw::(base, scalar) + } } diff --git a/substrate/primitives/crypto/ec-utils/src/lib.rs b/substrate/primitives/crypto/ec-utils/src/lib.rs index 22e24e61f7b3..970ad71765a5 100644 --- a/substrate/primitives/crypto/ec-utils/src/lib.rs +++ b/substrate/primitives/crypto/ec-utils/src/lib.rs @@ -15,251 +15,39 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! The main elliptic curves trait, allowing Substrate to call into host functions -//! for operations on elliptic curves. +//! This crate offers elliptic curves types which are compatible with the +//! [Arkworks](https://github.com/arkworks-rs) library functionalities. +//! +//! The implementation has been primarily designed to be used in slow hosted +//! targets (e.g. wasm32) and offloads the most computationally expensive +//! operations to the host by leveraging the +//! [arkworks-extensions](https://github.com/paritytech/arkworks-extensions) +//! library and Substrate's host functions. +//! +//! The exported types are organized and named in a way that mirrors the structure +//! of the types in the original Arkworks library. This design choice aims to make +//! it easier for users already familiar with the library to understand and utilize +//! the exported types effectively. #![warn(missing_docs)] #![cfg_attr(not(feature = "std"), no_std)] -use sp_runtime_interface::runtime_interface; -use sp_std::vec::Vec; - +#[cfg(feature = "bls12-377")] pub mod bls12_377; +#[cfg(feature = "bls12-381")] pub mod bls12_381; +#[cfg(feature = "bw6-761")] pub mod bw6_761; +#[cfg(feature = "ed-on-bls12-377")] pub mod ed_on_bls12_377; +#[cfg(feature = "ed-on-bls12-381-bandersnatch")] pub mod ed_on_bls12_381_bandersnatch; -mod utils; - -/// Interfaces for working with elliptic curves related types from within the runtime. -/// All type are (de-)serialized through the wrapper types from the ark-scale trait, -/// with ark_scale::{ArkScale, ArkScaleProjective}; -#[runtime_interface] -pub trait EllipticCurves { - /// Compute a multi Miller loop for bls12_37 - /// Receives encoded: - /// a: ArkScale>> - /// b: ArkScale>> - /// Returns encoded: ArkScale>> - fn bls12_377_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - bls12_377::multi_miller_loop(a, b) - } - - /// Compute a final exponentiation for bls12_377 - /// Receives encoded: ArkScale>> - /// Returns encoded: ArkScale>> - fn bls12_377_final_exponentiation(f12: Vec) -> Result, ()> { - bls12_377::final_exponentiation(f12) - } - - /// Compute a projective multiplication on G1 for bls12_377 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn bls12_377_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - bls12_377::mul_projective_g1(base, scalar) - } - - /// Compute a projective multiplication on G2 for bls12_377 - /// through arkworks on G2 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn bls12_377_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - bls12_377::mul_projective_g2(base, scalar) - } - - /// Compute a msm on G1 for bls12_377 - /// Receives encoded: - /// bases: ArkScale<&[ark_bls12_377::G1Affine]> - /// scalars: ArkScale<&[ark_bls12_377::Fr]> - /// Returns encoded: ArkScaleProjective - fn bls12_377_msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { - bls12_377::msm_g1(bases, scalars) - } - - /// Compute a msm on G2 for bls12_377 - /// Receives encoded: - /// bases: ArkScale<&[ark_bls12_377::G2Affine]> - /// scalars: ArkScale<&[ark_bls12_377::Fr]> - /// Returns encoded: ArkScaleProjective - fn bls12_377_msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { - bls12_377::msm_g2(bases, scalars) - } - - /// Compute a multi Miller loop on bls12_381 - /// Receives encoded: - /// a: ArkScale>> - /// b: ArkScale>> - /// Returns encoded: ArkScale>> - fn bls12_381_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - bls12_381::multi_miller_loop(a, b) - } - - /// Compute a final exponentiation on bls12_381 - /// Receives encoded: ArkScale>> - /// Returns encoded:ArkScale>> - fn bls12_381_final_exponentiation(f12: Vec) -> Result, ()> { - bls12_381::final_exponentiation(f12) - } - - /// Compute a projective multiplication on G1 for bls12_381 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn bls12_381_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - bls12_381::mul_projective_g1(base, scalar) - } - - /// Compute a projective multiplication on G2 for bls12_381 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn bls12_381_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - bls12_381::mul_projective_g2(base, scalar) - } - - /// Compute a msm on G1 for bls12_381 - /// Receives encoded: - /// bases: ArkScale<&[ark_bls12_381::G1Affine]> - /// scalars: ArkScale<&[ark_bls12_381::Fr]> - /// Returns encoded: ArkScaleProjective - fn bls12_381_msm_g1(bases: Vec, scalars: Vec) -> Result, ()> { - bls12_381::msm_g1(bases, scalars) - } - /// Compute a msm on G2 for bls12_381 - /// Receives encoded: - /// bases: ArkScale<&[ark_bls12_381::G2Affine]> - /// scalars: ArkScale<&[ark_bls12_381::Fr]> - /// Returns encoded: ArkScaleProjective - fn bls12_381_msm_g2(bases: Vec, scalars: Vec) -> Result, ()> { - bls12_381::msm_g2(bases, scalars) - } - - /// Compute a multi Miller loop on bw6_761 - /// Receives encoded: - /// a: ArkScale>> - /// b: ArkScale>> - /// Returns encoded: ArkScale>> - fn bw6_761_multi_miller_loop(a: Vec, b: Vec) -> Result, ()> { - bw6_761::multi_miller_loop(a, b) - } - - /// Compute a final exponentiation on bw6_761 - /// Receives encoded: ArkScale>> - /// Returns encoded: ArkScale>> - fn bw6_761_final_exponentiation(f12: Vec) -> Result, ()> { - bw6_761::final_exponentiation(f12) - } - - /// Compute a projective multiplication on G1 for bw6_761 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn bw6_761_mul_projective_g1(base: Vec, scalar: Vec) -> Result, ()> { - bw6_761::mul_projective_g1(base, scalar) - } - - /// Compute a projective multiplication on G2 for bw6_761 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn bw6_761_mul_projective_g2(base: Vec, scalar: Vec) -> Result, ()> { - bw6_761::mul_projective_g2(base, scalar) - } - - /// Compute a msm on G1 for bw6_761 - /// Receives encoded: - /// bases: ArkScale<&[ark_bw6_761::G1Affine]> - /// scalars: ArkScale<&[ark_bw6_761::Fr]> - /// Returns encoded: ArkScaleProjective - fn bw6_761_msm_g1(bases: Vec, bigints: Vec) -> Result, ()> { - bw6_761::msm_g1(bases, bigints) - } - - /// Compute a msm on G2 for bw6_761 - /// Receives encoded: - /// bases: ArkScale<&[ark_bw6_761::G2Affine]> - /// scalars: ArkScale<&[ark_bw6_761::Fr]> - /// Returns encoded: ArkScaleProjective - fn bw6_761_msm_g2(bases: Vec, bigints: Vec) -> Result, ()> { - bw6_761::msm_g2(bases, bigints) - } - - /// Compute projective multiplication on ed_on_bls12_377 - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn ed_on_bls12_377_mul_projective(base: Vec, scalar: Vec) -> Result, ()> { - ed_on_bls12_377::mul_projective(base, scalar) - } - - /// Compute msm on ed_on_bls12_377 - /// Receives encoded: - /// bases: ArkScale<&[ark_ed_on_bls12_377::EdwardsAffine]> - /// scalars: - /// ArkScale<&[ark_ed_on_bls12_377::Fr]> - /// Returns encoded: - /// ArkScaleProjective - fn ed_on_bls12_377_msm(bases: Vec, scalars: Vec) -> Result, ()> { - ed_on_bls12_377::msm(bases, scalars) - } - - /// Compute short weierstrass projective multiplication on ed_on_bls12_381_bandersnatch - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn ed_on_bls12_381_bandersnatch_sw_mul_projective( - base: Vec, - scalar: Vec, - ) -> Result, ()> { - ed_on_bls12_381_bandersnatch::sw_mul_projective(base, scalar) - } - - /// Compute twisted edwards projective multiplication on ed_on_bls12_381_bandersnatch - /// Receives encoded: - /// base: ArkScaleProjective - /// scalar: ArkScale<&[u64]> - /// Returns encoded: ArkScaleProjective - fn ed_on_bls12_381_bandersnatch_te_mul_projective( - base: Vec, - scalar: Vec, - ) -> Result, ()> { - ed_on_bls12_381_bandersnatch::te_mul_projective(base, scalar) - } - - /// Compute short weierstrass msm on ed_on_bls12_381_bandersnatch - /// Receives encoded: - /// bases: ArkScale<&[ark_ed_on_bls12_381_bandersnatch::SWAffine]> - /// scalars: ArkScale<&[ark_ed_on_bls12_381_bandersnatch::Fr]> - /// Returns encoded: - /// ArkScaleProjective - fn ed_on_bls12_381_bandersnatch_sw_msm( - bases: Vec, - scalars: Vec, - ) -> Result, ()> { - ed_on_bls12_381_bandersnatch::sw_msm(bases, scalars) - } - - /// Compute twisted edwards msm on ed_on_bls12_381_bandersnatch - /// Receives encoded: - /// base: ArkScaleProjective - /// scalars: ArkScale<&[ark_ed_on_bls12_381_bandersnatch::Fr]> - /// Returns encoded: - /// ArkScaleProjective - fn ed_on_bls12_381_bandersnatch_te_msm( - bases: Vec, - scalars: Vec, - ) -> Result, ()> { - ed_on_bls12_381_bandersnatch::te_msm(bases, scalars) - } -} +#[cfg(any( + feature = "bls12-377", + feature = "bls12-381", + feature = "bw6-761", + feature = "ed-on-bls12-377", + feature = "ed-on-bls12-381-bandersnatch", +))] +mod utils; diff --git a/substrate/primitives/crypto/ec-utils/src/test-data/g1_compressed_valid_test_vectors.dat b/substrate/primitives/crypto/ec-utils/src/test-data/g1_compressed_valid_test_vectors.dat deleted file mode 100644 index ea8cd67652d1..000000000000 Binary files a/substrate/primitives/crypto/ec-utils/src/test-data/g1_compressed_valid_test_vectors.dat and /dev/null differ diff --git a/substrate/primitives/crypto/ec-utils/src/test-data/g1_uncompressed_valid_test_vectors.dat b/substrate/primitives/crypto/ec-utils/src/test-data/g1_uncompressed_valid_test_vectors.dat deleted file mode 100644 index 86abfba945c7..000000000000 Binary files a/substrate/primitives/crypto/ec-utils/src/test-data/g1_uncompressed_valid_test_vectors.dat and /dev/null differ diff --git a/substrate/primitives/crypto/ec-utils/src/test-data/g2_compressed_valid_test_vectors.dat b/substrate/primitives/crypto/ec-utils/src/test-data/g2_compressed_valid_test_vectors.dat deleted file mode 100644 index a40bbe251d90..000000000000 Binary files a/substrate/primitives/crypto/ec-utils/src/test-data/g2_compressed_valid_test_vectors.dat and /dev/null differ diff --git a/substrate/primitives/crypto/ec-utils/src/test-data/g2_uncompressed_valid_test_vectors.dat b/substrate/primitives/crypto/ec-utils/src/test-data/g2_uncompressed_valid_test_vectors.dat deleted file mode 100644 index 92e4bc528e89..000000000000 Binary files a/substrate/primitives/crypto/ec-utils/src/test-data/g2_uncompressed_valid_test_vectors.dat and /dev/null differ diff --git a/substrate/primitives/crypto/ec-utils/src/utils.rs b/substrate/primitives/crypto/ec-utils/src/utils.rs index 5560d5921160..d0dd8ed8131c 100644 --- a/substrate/primitives/crypto/ec-utils/src/utils.rs +++ b/substrate/primitives/crypto/ec-utils/src/utils.rs @@ -15,116 +15,102 @@ // See the License for the specific language governing permissions and // limitations under the License. -//! The generic executions of the operations on arkworks elliptic curves -//! which get instantiatied by the corresponding curves. +//! Generic executions of the operations for *Arkworks* elliptic curves. + +// As not all functions are used by each elliptic curve and some elliptic +// curve may be excluded by the build we resort to `#[allow(unused)]` to +// suppress the expected warning. + use ark_ec::{ - pairing::{MillerLoopOutput, Pairing, PairingOutput}, - short_weierstrass, - short_weierstrass::SWCurveConfig, - twisted_edwards, - twisted_edwards::TECurveConfig, + pairing::{MillerLoopOutput, Pairing}, + short_weierstrass::{Affine as SWAffine, Projective as SWProjective, SWCurveConfig}, + twisted_edwards::{Affine as TEAffine, Projective as TEProjective, TECurveConfig}, CurveConfig, VariableBaseMSM, }; -use ark_scale::hazmat::ArkScaleProjective; -use ark_std::vec::Vec; -use codec::{Decode, Encode}; - -const HOST_CALL: ark_scale::Usage = ark_scale::HOST_CALL; -type ArkScale = ark_scale::ArkScale; - -pub(crate) fn multi_miller_loop_generic( - g1: Vec, - g2: Vec, -) -> Result, ()> { - let g1 = ::G1Affine>> as Decode>::decode(&mut g1.as_slice()) - .map_err(|_| ())?; - let g2 = ::G2Affine>> as Decode>::decode(&mut g2.as_slice()) - .map_err(|_| ())?; - - let result = Curve::multi_miller_loop(g1.0, g2.0).0; - - let result: ArkScale<::TargetField> = result.into(); - Ok(result.encode()) +use ark_scale::{ + ark_serialize::{CanonicalDeserialize, CanonicalSerialize, Compress, Validate}, + scale::{Decode, Encode}, +}; +use sp_std::vec::Vec; + +// SCALE encoding parameters shared by all the enabled modules +const SCALE_USAGE: u8 = ark_scale::make_usage(Compress::No, Validate::No); +type ArkScale = ark_scale::ArkScale; +type ArkScaleProjective = ark_scale::hazmat::ArkScaleProjective; + +#[inline(always)] +pub fn encode(val: T) -> Vec { + ArkScale::from(val).encode() } -pub(crate) fn final_exponentiation_generic(target: Vec) -> Result, ()> { - let target = - ::TargetField> as Decode>::decode(&mut target.as_slice()) - .map_err(|_| ())?; +#[inline(always)] +pub fn decode(buf: Vec) -> Result { + ArkScale::::decode(&mut &buf[..]).map_err(|_| ()).map(|v| v.0) +} - let result = Curve::final_exponentiation(MillerLoopOutput(target.0)).ok_or(())?; +#[inline(always)] +pub fn encode_proj_sw(val: &SWProjective) -> Vec { + ArkScaleProjective::from(val).encode() +} - let result: ArkScale> = result.into(); - Ok(result.encode()) +#[inline(always)] +pub fn decode_proj_sw(buf: Vec) -> Result, ()> { + ArkScaleProjective::decode(&mut &buf[..]).map_err(|_| ()).map(|v| v.0) } -pub(crate) fn msm_sw_generic( - bases: Vec, - scalars: Vec, -) -> Result, ()> { - let bases = - >> as Decode>::decode(&mut bases.as_slice()) - .map_err(|_| ())?; - let scalars = ::ScalarField>> as Decode>::decode( - &mut scalars.as_slice(), - ) - .map_err(|_| ())?; - - let result = - as VariableBaseMSM>::msm(&bases.0, &scalars.0) - .map_err(|_| ())?; - - let result: ArkScaleProjective> = result.into(); - Ok(result.encode()) +#[inline(always)] +pub fn encode_proj_te(val: &TEProjective) -> Vec { + ArkScaleProjective::from(val).encode() } -pub(crate) fn msm_te_generic( - bases: Vec, - scalars: Vec, -) -> Result, ()> { - let bases = - >> as Decode>::decode(&mut bases.as_slice()) - .map_err(|_| ())?; - let scalars = ::ScalarField>> as Decode>::decode( - &mut scalars.as_slice(), - ) - .map_err(|_| ())?; - - let result = as VariableBaseMSM>::msm(&bases.0, &scalars.0) - .map_err(|_| ())?; - - let result: ArkScaleProjective> = result.into(); - Ok(result.encode()) +#[inline(always)] +pub fn decode_proj_te(buf: Vec) -> Result, ()> { + ArkScaleProjective::decode(&mut &buf[..]).map_err(|_| ()).map(|v| v.0) } -pub(crate) fn mul_projective_generic( - base: Vec, - scalar: Vec, -) -> Result, ()> { - let base = > as Decode>::decode( - &mut base.as_slice(), - ) - .map_err(|_| ())?; - let scalar = > as Decode>::decode(&mut scalar.as_slice()).map_err(|_| ())?; +#[allow(unused)] +pub fn multi_miller_loop(g1: Vec, g2: Vec) -> Result, ()> { + let g1 = decode::::G1Affine>>(g1)?; + let g2 = decode::::G2Affine>>(g2)?; + let res = T::multi_miller_loop(g1, g2); + Ok(encode(res.0)) +} - let result = ::mul_projective(&base.0, &scalar.0); +#[allow(unused)] +pub fn final_exponentiation(target: Vec) -> Result, ()> { + let target = decode::<::TargetField>(target)?; + let res = T::final_exponentiation(MillerLoopOutput(target)).ok_or(())?; + Ok(encode(res.0)) +} - let result: ArkScaleProjective> = result.into(); - Ok(result.encode()) +#[allow(unused)] +pub fn msm_sw(bases: Vec, scalars: Vec) -> Result, ()> { + let bases = decode::>>(bases)?; + let scalars = decode::::ScalarField>>(scalars)?; + let res = as VariableBaseMSM>::msm(&bases, &scalars).map_err(|_| ())?; + Ok(encode_proj_sw(&res)) } -pub(crate) fn mul_projective_te_generic( - base: Vec, - scalar: Vec, -) -> Result, ()> { - let base = > as Decode>::decode( - &mut base.as_slice(), - ) - .map_err(|_| ())?; - let scalar = > as Decode>::decode(&mut scalar.as_slice()).map_err(|_| ())?; +#[allow(unused)] +pub fn msm_te(bases: Vec, scalars: Vec) -> Result, ()> { + let bases = decode::>>(bases)?; + let scalars = decode::::ScalarField>>(scalars)?; + let res = as VariableBaseMSM>::msm(&bases, &scalars).map_err(|_| ())?; + Ok(encode_proj_te(&res)) +} - let result = ::mul_projective(&base.0, &scalar.0); +#[allow(unused)] +pub fn mul_projective_sw(base: Vec, scalar: Vec) -> Result, ()> { + let base = decode_proj_sw::(base)?; + let scalar = decode::>(scalar)?; + let res = ::mul_projective(&base, &scalar); + Ok(encode_proj_sw(&res)) +} - let result: ArkScaleProjective> = result.into(); - Ok(result.encode()) +#[allow(unused)] +pub fn mul_projective_te(base: Vec, scalar: Vec) -> Result, ()> { + let base = decode_proj_te::(base)?; + let scalar = decode::>(scalar)?; + let res = ::mul_projective(&base, &scalar); + Ok(encode_proj_te(&res)) }