├── ec ├── LICENSE-MIT ├── LICENSE-APACHE ├── doc │ └── katex-header.html └── src │ ├── hashing │ └── curve_maps │ │ └── mod.rs │ └── models │ └── mod.rs ├── ff ├── LICENSE-MIT ├── LICENSE-APACHE ├── doc │ └── katex-header.html └── src │ ├── fields │ ├── utils.rs │ └── models │ │ └── mod.rs │ └── lib.rs ├── curves ├── LICENSE-MIT ├── LICENSE-APACHE ├── bn254 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ ├── mod.rs │ │ │ └── fq2.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── curves │ │ │ └── tests.rs │ ├── benches │ │ └── bn254.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── vesta │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ ├── mod.rs │ │ │ └── tests.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ ├── benches │ │ └── vesta.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── bls12_377 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ └── fr.rs │ │ ├── constraints │ │ │ ├── pairing.rs │ │ │ └── fields.rs │ │ └── curves │ │ │ └── mod.rs │ ├── benches │ │ └── bls12_377.rs │ └── scripts │ │ ├── scalar_field.sage │ │ └── base_field.sage ├── bls12_381 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── curves │ │ │ ├── tests │ │ │ │ ├── g1_compressed_valid_test_vectors.dat │ │ │ │ ├── g1_uncompressed_valid_test_vectors.dat │ │ │ │ ├── g2_compressed_valid_test_vectors.dat │ │ │ │ └── g2_uncompressed_valid_test_vectors.dat │ │ │ └── mod.rs │ │ ├── fields │ │ │ ├── fr.rs │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ └── fq2.rs │ │ └── lib.rs │ ├── benches │ │ └── bls12_381.rs │ ├── scripts │ │ ├── scalar_field.sage │ │ └── base_field.sage │ └── Cargo.toml ├── bw6_761 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fr.rs │ │ │ ├── tests.rs │ │ │ ├── mod.rs │ │ │ └── fq.rs │ │ └── curves │ │ │ └── tests.rs │ ├── benches │ │ └── bw6_761.rs │ └── scripts │ │ ├── scalar_field.sage │ │ └── base_field.sage ├── bw6_767 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fr.rs │ │ │ ├── tests.rs │ │ │ ├── mod.rs │ │ │ └── fq.rs │ │ └── curves │ │ │ └── tests.rs │ ├── benches │ │ └── bw6_767.rs │ └── scripts │ │ ├── scalar_field.sage │ │ └── base_field.sage ├── cp6_782 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fr.rs │ │ │ ├── tests.rs │ │ │ ├── mod.rs │ │ │ └── fq.rs │ │ └── curves │ │ │ └── tests.rs │ ├── benches │ │ └── cp6_782.rs │ └── scripts │ │ ├── scalar_field.sage │ │ └── base_field.sage ├── curve25519 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── curves │ │ │ └── tests.rs │ │ ├── fields │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ ├── fq.rs │ │ │ └── fr.rs │ │ ├── constraints │ │ │ ├── mod.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── benches │ │ └── curve25519.rs ├── ed25519 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ └── src │ │ ├── fields │ │ ├── fq.rs │ │ ├── fr.rs │ │ ├── mod.rs │ │ └── tests.rs │ │ ├── curves │ │ └── tests.rs │ │ ├── constraints │ │ ├── mod.rs │ │ ├── fields.rs │ │ └── curves.rs │ │ └── lib.rs ├── grumpkin │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ ├── mod.rs │ │ │ └── tests.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ ├── benches │ │ └── grumpkin.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── mnt4_298 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── tests.rs │ │ │ ├── fr.rs │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ └── fq2.rs │ │ ├── curves │ │ │ └── tests.rs │ │ └── constraints │ │ │ ├── pairing.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ ├── benches │ │ └── mnt4_298.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── mnt4_753 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── tests.rs │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ ├── mod.rs │ │ │ └── fq2.rs │ │ ├── curves │ │ │ └── tests.rs │ │ └── constraints │ │ │ ├── pairing.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ ├── benches │ │ └── mnt4_753.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── mnt6_298 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ └── fq6.rs │ │ ├── curves │ │ │ └── tests.rs │ │ └── constraints │ │ │ ├── pairing.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ ├── benches │ │ └── mnt6_298.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── mnt6_753 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ ├── mod.rs │ │ │ └── tests.rs │ │ ├── curves │ │ │ └── tests.rs │ │ └── constraints │ │ │ ├── pairing.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ ├── benches │ │ └── mnt6_753.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── pallas │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── curves │ │ │ └── tests.rs │ │ ├── fields │ │ │ ├── tests.rs │ │ │ ├── fq.rs │ │ │ ├── fr.rs │ │ │ └── mod.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ ├── benches │ │ └── pallas.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── secp256k1 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── curves │ │ │ └── tests.rs │ │ ├── fields │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ ├── fq.rs │ │ │ └── fr.rs │ │ ├── constraints │ │ │ ├── mod.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── benches │ │ └── secp256k1.rs ├── secp256r1 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── curves │ │ │ └── tests.rs │ │ ├── fields │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ ├── fq.rs │ │ │ └── fr.rs │ │ ├── constraints │ │ │ ├── mod.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── Cargo.toml ├── secp384r1 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── curves │ │ │ └── tests.rs │ │ ├── fields │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ ├── fq.rs │ │ │ └── fr.rs │ │ ├── constraints │ │ │ ├── mod.rs │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── Cargo.toml ├── secq256k1 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ └── src │ │ ├── fields │ │ ├── fq.rs │ │ ├── fr.rs │ │ └── mod.rs │ │ ├── curves │ │ └── tests.rs │ │ ├── constraints │ │ ├── mod.rs │ │ ├── fields.rs │ │ └── curves.rs │ │ └── lib.rs ├── ed_on_bls12_377 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ └── fr.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ ├── benches │ │ └── ed_on_bls12_377.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── ed_on_bls12_381 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ └── fr.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ ├── benches │ │ └── ed_on_bls12_381.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── ed_on_bn254 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ └── fr.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── ed_on_bw6_761 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ └── lib.rs │ └── Cargo.toml ├── ed_on_cp6_782 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ └── fr.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── ed_on_mnt4_298 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ └── fr.rs │ │ ├── mod.rs │ │ ├── curves │ │ │ └── tests.rs │ │ ├── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ │ └── lib.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── ed_on_mnt4_753 │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ ├── tests.rs │ │ │ └── fr.rs │ │ ├── curves │ │ │ └── tests.rs │ │ └── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage ├── curve-constraint-tests │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ └── Cargo.toml ├── ed_on_bls12_381_bandersnatch │ ├── LICENSE-MIT │ ├── LICENSE-APACHE │ ├── src │ │ ├── fields │ │ │ ├── fq.rs │ │ │ ├── mod.rs │ │ │ └── fr.rs │ │ ├── curves │ │ │ └── tests.rs │ │ └── constraints │ │ │ ├── fields.rs │ │ │ └── curves.rs │ └── scripts │ │ ├── base_field.sage │ │ └── scalar_field.sage └── scripts │ └── install-hook.sh ├── ff-asm ├── LICENSE-MIT ├── LICENSE-APACHE └── Cargo.toml ├── poly ├── LICENSE-MIT ├── LICENSE-APACHE ├── src │ └── evaluations │ │ ├── mod.rs │ │ └── multivariate │ │ └── mod.rs └── benches │ └── common.rs ├── ff-macros ├── LICENSE-MIT ├── LICENSE-APACHE ├── src │ └── montgomery │ │ ├── add.rs │ │ └── double.rs └── Cargo.toml ├── serialize ├── LICENSE-MIT ├── LICENSE-APACHE └── Cargo.toml ├── test-curves ├── LICENSE-MIT ├── LICENSE-APACHE ├── src │ ├── mnt6_753 │ │ ├── fq.rs │ │ ├── fr.rs │ │ ├── tests.rs │ │ └── mod.rs │ ├── ed_on_bls12_381 │ │ ├── fq.rs │ │ ├── tests.rs │ │ ├── fr.rs │ │ └── mod.rs │ ├── secp256k1 │ │ ├── mod.rs │ │ ├── tests.rs │ │ ├── fq.rs │ │ └── fr.rs │ ├── mnt4_753 │ │ ├── tests.rs │ │ ├── mod.rs │ │ ├── fq.rs │ │ └── fr.rs │ ├── fp128.rs │ ├── bn384_small_two_adicity │ │ ├── fq.rs │ │ ├── fr.rs │ │ ├── mod.rs │ │ └── tests.rs │ ├── bls12_381 │ │ ├── fr.rs │ │ └── tests.rs │ └── lib.rs └── benches │ ├── bn384_small_two_adicity.rs │ ├── mnt6_753.rs │ ├── mnt4_753.rs │ ├── ed_on_bls12_381.rs │ └── bls12_381.rs ├── bench-templates ├── LICENSE-MIT ├── LICENSE-APACHE ├── src │ └── lib.rs ├── README.md └── Cargo.toml ├── serialize-derive ├── LICENSE-MIT ├── LICENSE-APACHE ├── Cargo.toml └── src │ └── lib.rs ├── test-templates ├── LICENSE-MIT ├── LICENSE-APACHE ├── README.md ├── src │ └── lib.rs └── Cargo.toml ├── .github ├── linters │ ├── .htmlhintrc │ └── .markdown-lint.yml ├── CODEOWNERS ├── release-pr-template.ejs ├── dependabot.yml ├── workflows │ ├── linkify_changelog.yml │ └── release_pr.yml └── PULL_REQUEST_TEMPLATE.md ├── .gitignore ├── rustfmt.toml ├── CITATION.cff ├── scripts ├── install-hook.sh └── linkify_changelog.py ├── makefile ├── LICENSE-MIT └── .hooks └── pre-commit /ec/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /ff/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /ff-asm/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /poly/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/bn254/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/vesta/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /ec/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /ff-asm/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /ff-macros/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /ff/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /poly/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /serialize/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /test-curves/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /bench-templates/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/bls12_377/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/bls12_381/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/bw6_761/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/bw6_767/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/cp6_782/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/curve25519/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed25519/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/grumpkin/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/mnt4_298/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/mnt4_753/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/mnt6_298/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/mnt6_753/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/pallas/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/secp256k1/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/secp256r1/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/secp384r1/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/secq256k1/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /ff-macros/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /serialize-derive/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /serialize/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /test-curves/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /test-templates/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /bench-templates/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/bls12_377/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/bls12_381/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/bn254/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/bw6_761/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/bw6_767/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/cp6_782/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed25519/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_bn254/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_bw6_761/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/grumpkin/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/mnt4_298/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/mnt4_753/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/mnt6_298/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/mnt6_753/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/pallas/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/secp256k1/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/secp256r1/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/secp384r1/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/secq256k1/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/vesta/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /serialize-derive/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /test-templates/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/curve25519/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_bn254/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_bw6_761/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /ec/doc/katex-header.html: -------------------------------------------------------------------------------- 1 | ../../doc/katex-header.html -------------------------------------------------------------------------------- /ff/doc/katex-header.html: -------------------------------------------------------------------------------- 1 | ../../doc/katex-header.html -------------------------------------------------------------------------------- /curves/curve-constraint-tests/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/curve-constraint-tests/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/LICENSE-MIT: -------------------------------------------------------------------------------- 1 | ../LICENSE-MIT -------------------------------------------------------------------------------- /.github/linters/.htmlhintrc: -------------------------------------------------------------------------------- 1 | 2 | { 3 | "doctype-html5": false 4 | } -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/LICENSE-APACHE: -------------------------------------------------------------------------------- 1 | ../LICENSE-APACHE -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @arkworks-rs/algebra @arkworks-rs/maintainers 2 | -------------------------------------------------------------------------------- /curves/ed25519/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_curve25519::{Fq, FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed25519/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_curve25519::{Fr, FrConfig}; 2 | -------------------------------------------------------------------------------- /poly/src/evaluations/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod multivariate; 2 | pub mod univariate; 3 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_377::{Fq, FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/vesta/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_pallas::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/vesta/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_pallas::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/bw6_761/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_377::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/bw6_767/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_381::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/cp6_782/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_377::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bn254::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/grumpkin/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bn254::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/grumpkin/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bn254::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_mnt4_298::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_mnt4_298::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_mnt4_753::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_mnt4_753::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /test-curves/src/mnt6_753/fq.rs: -------------------------------------------------------------------------------- 1 | pub use crate::mnt4_753::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /test-curves/src/mnt6_753/fr.rs: -------------------------------------------------------------------------------- 1 | pub use crate::mnt4_753::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_mnt4_298::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_mnt4_753::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/secq256k1/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_secp256k1::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/secq256k1/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | pub use ark_secp256k1::{Fq as Fr, FqConfig as FrConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_377::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_381::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /test-curves/src/ed_on_bls12_381/fq.rs: -------------------------------------------------------------------------------- 1 | pub use crate::bls12_381::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | pub use ark_bls12_381::{Fr as Fq, FrConfig as FqConfig}; 2 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/mod.rs: -------------------------------------------------------------------------------- 1 | mod curves; 2 | mod fields; 3 | 4 | pub use curves::*; 5 | pub use fields::*; 6 | -------------------------------------------------------------------------------- /curves/secq256k1/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub use self::fq::*; 3 | 4 | pub mod fr; 5 | pub use self::fr::*; 6 | -------------------------------------------------------------------------------- /curves/ed25519/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | mod fq; 2 | mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/curve25519/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/curve25519/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | mod fq; 2 | mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed25519/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/grumpkin/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | -------------------------------------------------------------------------------- /test-curves/src/mnt6_753/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::mnt6_753::Fq3; 2 | use ark_algebra_test_templates::test_field; 3 | 4 | test_field!(fq3; Fq3); 5 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /curves/secp256k1/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | -------------------------------------------------------------------------------- /curves/secp256r1/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | -------------------------------------------------------------------------------- /curves/secp384r1/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | -------------------------------------------------------------------------------- /curves/secq256k1/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/grumpkin/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub use self::fq::*; 3 | 4 | pub mod fr; 5 | pub use self::fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/secp256k1/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub use self::fq::*; 3 | 4 | pub mod fr; 5 | pub use self::fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/secp256r1/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub use self::fq::*; 3 | 4 | pub mod fr; 5 | pub use self::fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/secp384r1/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub use self::fq::*; 3 | 4 | pub mod fr; 5 | pub use self::fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/vesta/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub use self::fq::*; 3 | 4 | pub mod fr; 5 | pub use self::fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(te; EdwardsProjective; te); 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | target 2 | Cargo.lock 3 | .DS_Store 4 | .idea 5 | *.iml 6 | *.ipynb_checkpoints 7 | *.pyc 8 | *.sage.py 9 | params 10 | *.swp 11 | *.swo 12 | .vscode -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fq; 2 | pub mod fr; 3 | 4 | pub use fq::*; 5 | pub use fr::*; 6 | 7 | #[cfg(test)] 8 | mod tests; 9 | -------------------------------------------------------------------------------- /test-curves/src/secp256k1/mod.rs: -------------------------------------------------------------------------------- 1 | mod fq; 2 | mod fr; 3 | mod g1; 4 | pub use fq::*; 5 | pub use fr::*; 6 | pub use g1::*; 7 | 8 | #[cfg(test)] 9 | mod tests; 10 | -------------------------------------------------------------------------------- /curves/pallas/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | test_group!(g1_glv; Projective; glv); 6 | -------------------------------------------------------------------------------- /curves/vesta/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::Projective; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; Projective; sw); 5 | test_group!(g1_glv; Projective; glv); 6 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(sw; SWProjective; sw); 5 | test_group!(te; EdwardsProjective; te); 6 | -------------------------------------------------------------------------------- /curves/pallas/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/vesta/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /poly/src/evaluations/multivariate/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod multilinear; 2 | pub use multilinear::{ 3 | DenseMultilinearExtension, MultilinearExtension, SparseMultilinearExtension, 4 | }; 5 | -------------------------------------------------------------------------------- /curves/curve25519/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/ed25519/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/grumpkin/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/secp256k1/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/secp256r1/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/secp384r1/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /rustfmt.toml: -------------------------------------------------------------------------------- 1 | edition = "2021" 2 | 3 | match_block_trailing_comma = true 4 | 5 | reorder_imports = true 6 | 7 | use_field_init_shorthand = true 8 | use_try_shorthand = true 9 | 10 | -------------------------------------------------------------------------------- /curves/bls12_381/src/curves/tests/g1_compressed_valid_test_vectors.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coset-io/algebra/master/curves/bls12_381/src/curves/tests/g1_compressed_valid_test_vectors.dat -------------------------------------------------------------------------------- /curves/bls12_381/src/curves/tests/g1_uncompressed_valid_test_vectors.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coset-io/algebra/master/curves/bls12_381/src/curves/tests/g1_uncompressed_valid_test_vectors.dat -------------------------------------------------------------------------------- /curves/bls12_381/src/curves/tests/g2_compressed_valid_test_vectors.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coset-io/algebra/master/curves/bls12_381/src/curves/tests/g2_compressed_valid_test_vectors.dat -------------------------------------------------------------------------------- /curves/bls12_381/src/curves/tests/g2_uncompressed_valid_test_vectors.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/coset-io/algebra/master/curves/bls12_381/src/curves/tests/g2_uncompressed_valid_test_vectors.dat -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::{Fq, Fr}; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | -------------------------------------------------------------------------------- /curves/secp256k1/src/constraints/mod.rs: -------------------------------------------------------------------------------- 1 | //! This module implements the R1CS equivalent of `ark_secp256k1`. 2 | 3 | mod curves; 4 | mod fields; 5 | 6 | pub use curves::*; 7 | pub use fields::*; 8 | -------------------------------------------------------------------------------- /curves/secp256r1/src/constraints/mod.rs: -------------------------------------------------------------------------------- 1 | //! This module implements the R1CS equivalent of `ark_secp256r1`. 2 | 3 | mod curves; 4 | mod fields; 5 | 6 | pub use curves::*; 7 | pub use fields::*; 8 | -------------------------------------------------------------------------------- /curves/secp384r1/src/constraints/mod.rs: -------------------------------------------------------------------------------- 1 | //! This module implements the R1CS equivalent of `ark_secp384r1`. 2 | 3 | mod curves; 4 | mod fields; 5 | 6 | pub use curves::*; 7 | pub use fields::*; 8 | -------------------------------------------------------------------------------- /curves/secq256k1/src/constraints/mod.rs: -------------------------------------------------------------------------------- 1 | //! This module implements the R1CS equivalent of `ark_secq256k1`. 2 | 3 | mod curves; 4 | mod fields; 5 | 6 | pub use curves::*; 7 | pub use fields::*; 8 | -------------------------------------------------------------------------------- /test-curves/src/mnt6_753/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fr; 2 | pub use self::fr::*; 3 | 4 | pub mod fq; 5 | pub use self::fq::*; 6 | 7 | pub mod fq3; 8 | pub use self::fq3::*; 9 | 10 | #[cfg(test)] 11 | mod tests; 12 | -------------------------------------------------------------------------------- /CITATION.cff: -------------------------------------------------------------------------------- 1 | cff-version: 1.2.0 2 | message: "If you use this software, please cite it as below." 3 | authors: 4 | - given-names: "arkworks contributors" 5 | title: "arkworks zkSNARK ecosystem" 6 | url: "https://github.com/arkworks-rs/" -------------------------------------------------------------------------------- /curves/bw6_761/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | test_field!(fq3; Fq3); 7 | test_field!(fq6; Fq6); 8 | -------------------------------------------------------------------------------- /curves/bw6_767/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | test_field!(fq3; Fq3); 7 | test_field!(fq6; Fq6); 8 | -------------------------------------------------------------------------------- /curves/cp6_782/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | test_field!(fq3; Fq3); 7 | test_field!(fq6; Fq6); 8 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | test_field!(fq2; Fq2); 7 | test_field!(fq4; Fq4); 8 | -------------------------------------------------------------------------------- /curves/ed25519/src/constraints/mod.rs: -------------------------------------------------------------------------------- 1 | //! This module implements the R1CS equivalent of `ark_ed25519`. 2 | //! It requires a curve that embeds ed25519. 3 | 4 | mod curves; 5 | mod fields; 6 | 7 | pub use curves::*; 8 | pub use fields::*; 9 | -------------------------------------------------------------------------------- /test-curves/src/ed_on_bls12_381/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::ed_on_bls12_381::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | test_field!(fq; Fq; mont_prime_field); 6 | test_group!(g; Projective; te); 7 | -------------------------------------------------------------------------------- /bench-templates/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![allow(unused_macros, unused_imports)] 2 | #[macro_use] 3 | pub mod macros; 4 | pub use macros::*; 5 | 6 | #[macro_use] 7 | pub extern crate criterion; 8 | pub use criterion::*; 9 | 10 | pub use paste::paste; 11 | -------------------------------------------------------------------------------- /curves/curve25519/src/constraints/mod.rs: -------------------------------------------------------------------------------- 1 | //! This module implements the R1CS equivalent of `ark_curve25519`. 2 | //! It requires a curve that embeds curve25519. 3 | 4 | mod curves; 5 | mod fields; 6 | 7 | pub use curves::*; 8 | pub use fields::*; 9 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(100; fr; Fr; mont_prime_field); 5 | test_field!(100; fq; Fq; mont_prime_field); 6 | test_field!(100; fq2; Fq2); 7 | test_field!(100; fq4; Fq4); 8 | -------------------------------------------------------------------------------- /curves/vesta/benches/vesta.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_vesta::{fq::Fq, fr::Fr, Projective as G}; 3 | 4 | bench!( 5 | Name = "Vesta", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/pallas/benches/pallas.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_pallas::{fq::Fq, fr::Fr, Projective as G}; 3 | 4 | bench!( 5 | Name = "Pallas", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/bw6_761/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fr; 2 | pub use self::fr::*; 3 | 4 | pub mod fq; 5 | pub use self::fq::*; 6 | 7 | pub mod fq3; 8 | pub use self::fq3::*; 9 | 10 | pub mod fq6; 11 | pub use self::fq6::*; 12 | 13 | #[cfg(test)] 14 | mod tests; 15 | -------------------------------------------------------------------------------- /curves/bw6_767/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fr; 2 | pub use self::fr::*; 3 | 4 | pub mod fq; 5 | pub use self::fq::*; 6 | 7 | pub mod fq3; 8 | pub use self::fq3::*; 9 | 10 | pub mod fq6; 11 | pub use self::fq6::*; 12 | 13 | #[cfg(test)] 14 | mod tests; 15 | -------------------------------------------------------------------------------- /curves/cp6_782/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fr; 2 | pub use self::fr::*; 3 | 4 | pub mod fq; 5 | pub use self::fq::*; 6 | 7 | pub mod fq3; 8 | pub use self::fq3::*; 9 | 10 | pub mod fq6; 11 | pub use self::fq6::*; 12 | 13 | #[cfg(test)] 14 | mod tests; 15 | -------------------------------------------------------------------------------- /curves/grumpkin/benches/grumpkin.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_grumpkin::{fq::Fq, fr::Fr, Projective as G}; 3 | 4 | bench!( 5 | Name = "Grumpkin", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fr; 2 | pub use self::fr::*; 3 | 4 | pub mod fq; 5 | pub use self::fq::*; 6 | 7 | pub mod fq3; 8 | pub use self::fq3::*; 9 | 10 | pub mod fq6; 11 | pub use self::fq6::*; 12 | 13 | #[cfg(test)] 14 | mod tests; 15 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fr; 2 | pub use self::fr::*; 3 | 4 | pub mod fq; 5 | pub use self::fq::*; 6 | 7 | pub mod fq3; 8 | pub use self::fq3::*; 9 | 10 | pub mod fq6; 11 | pub use self::fq6::*; 12 | 13 | #[cfg(test)] 14 | mod tests; 15 | -------------------------------------------------------------------------------- /curves/secp256k1/benches/secp256k1.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_secp256k1::{fq::Fq, fr::Fr, Projective as G}; 3 | 4 | bench!( 5 | Name = "Secp256k1", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /test-curves/src/mnt4_753/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::mnt4_753::{Fq, Fr, G1Projective}; 2 | use ark_algebra_test_templates::{test_field, test_group}; 3 | 4 | test_field!(fq; Fq; mont_prime_field); 5 | test_field!(fr; Fr; mont_prime_field); 6 | test_group!(g1; G1Projective); 7 | -------------------------------------------------------------------------------- /test-curves/src/secp256k1/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::secp256k1::{Fq, Fr, G1Projective}; 2 | use ark_algebra_test_templates::{test_field, test_group}; 3 | 4 | test_field!(fq; Fq; mont_prime_field); 5 | test_field!(fr; Fr; mont_prime_field); 6 | test_group!(g1; G1Projective); 7 | -------------------------------------------------------------------------------- /test-templates/README.md: -------------------------------------------------------------------------------- 1 | # test-templates 2 | 3 | **Warning!!!** This package does not implement any tests, but exports templates and macros for testing. 4 | In order to test arkworks, please run `cargo test` inside [algebra](https://github.com/arkworks-rs/algebra). 5 | -------------------------------------------------------------------------------- /curves/curve25519/benches/curve25519.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_curve25519::{EdwardsProjective as G, Fq, Fr}; 3 | 4 | bench!( 5 | Name = "Curve25519", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/benches/ed_on_bls12_377.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_ed_on_bls12_377::{fq::Fq, fr::Fr, EdwardsProjective as G}; 3 | 4 | bench!( 5 | Name = "EdOnBls12_377", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/benches/ed_on_bls12_381.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_ed_on_bls12_381::{fq::Fq, fr::Fr, EdwardsProjective as G}; 3 | 4 | bench!( 5 | Name = "EdOnBls12_381", 6 | Group = G, 7 | ScalarField = Fr, 8 | PrimeBaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; G1Projective; sw); 5 | test_group!(g2; G2Projective; sw); 6 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 7 | test_pairing!(pairing; crate::MNT4_298); 8 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(g1; G1Projective; sw); 5 | test_group!(g2; G2Projective; sw); 6 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 7 | test_pairing!(pairing; crate::MNT6_298); 8 | -------------------------------------------------------------------------------- /bench-templates/README.md: -------------------------------------------------------------------------------- 1 | # bench-templates 2 | 3 | **Warning!!!** This package does not implement any benchmarks, but exports templates and macros for benchmarking. 4 | In order to benchmark arkworks, please run `cargo bench` inside [ark-curves](https://github.com/arkworks-rs/algebra/tree/master/curves). 5 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(50; g1; G1Projective; sw); 5 | test_group!(50; g2; G2Projective; sw); 6 | test_group!(50; pairing_output; ark_ec::pairing::PairingOutput; msm); 7 | test_pairing!(pairing; crate::MNT4_753); 8 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_group!(50; g1; G1Projective; sw); 5 | test_group!(50; g2; G2Projective; sw); 6 | test_group!(50; pairing_output; ark_ec::pairing::PairingOutput; msm); 7 | test_pairing!(pairing; crate::MNT6_753); 8 | -------------------------------------------------------------------------------- /curves/bn254/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "21888242871839275222246405745257275088696311157297823662689037894645226208583"] 5 | #[generator = "3"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/pallas/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "28948022309329048855892746252171976963363056481941560715954676764349967630337"] 5 | #[generator = "5"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/pallas/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "28948022309329048855892746252171976963363056481941647379679742748393362948097"] 5 | #[generator = "5"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /test-curves/benches/bn384_small_two_adicity.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::{bench, criterion_main, field_common, paste, prime_field, sqrt}; 2 | use ark_test_curves::bn384_small_two_adicity::{fq::Fq, fr::Fr, G1Projective as G1}; 3 | 4 | bench!(Name = "BN384", Group = G1, ScalarField = Fr, BaseField = Fq,); 5 | -------------------------------------------------------------------------------- /test-curves/src/secp256k1/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "115792089237316195423570985008687907853269984665640564039457584007908834671663"] 5 | #[generator = "3"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp256>; 8 | -------------------------------------------------------------------------------- /test-curves/src/secp256k1/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "115792089237316195423570985008687907852837564279074904382605163141518161494337"] 5 | #[generator = "7"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/bw6_767/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | use ark_ff::Field; 4 | 5 | test_group!(g1; G1Projective; sw); 6 | test_group!(g2; G2Projective; sw); 7 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 8 | test_pairing!(pairing; crate::BW6_767); 9 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "2111115437357092606062206234695386632838870926408408195193685246394721360383"] 5 | #[generator = "5"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "6554484396890773809930967563523245729705921265872317281365359162392183254199"] 5 | #[generator = "6"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | /// A variable that is the R1CS equivalent of `crate::Fq`. 4 | pub type FqVar = FpVar; 5 | 6 | #[test] 7 | fn test() { 8 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 9 | } 10 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "2736030358979909402780800718157159386076813972158567259200215660948447373041"] 5 | #[generator = "31"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/secp256r1/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "115792089210356248762697446949407573530086143415290314195533631308867097853951"] 5 | #[generator = "2"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/secp256r1/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "115792089210356248762697446949407573529996955224135760342422259061068512044369"] 5 | #[generator = "11"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /test-curves/benches/mnt6_753.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_test_curves::mnt6_753::{fq::Fq, fq3::Fq3, fr::Fr}; 3 | 4 | f_bench!(prime, "MNT6_753", Fq); 5 | f_bench!(prime, "MNT6_753", Fr); 6 | f_bench!(extension, "MNT6_753", Fq3); 7 | 8 | criterion_main!(fq::benches, fr::benches, fq3::benches); 9 | -------------------------------------------------------------------------------- /test-curves/src/ed_on_bls12_381/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "6554484396890773809930967563523245729705921265872317281365359162392183254199"] 5 | #[generator = "6"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /test-templates/src/lib.rs: -------------------------------------------------------------------------------- 1 | #[macro_use] 2 | pub mod groups; 3 | #[macro_use] 4 | pub mod fields; 5 | pub mod glv; 6 | pub mod msm; 7 | #[macro_use] 8 | pub mod pairing; 9 | #[macro_use] 10 | pub mod h2c; 11 | pub use h2c::*; 12 | 13 | pub use num_bigint; 14 | pub use num_integer; 15 | pub use num_traits; 16 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | /// A variable that is the R1CS equivalent of `crate::Fq`. 4 | pub type FqVar = FpVar; 5 | 6 | #[test] 7 | fn test() { 8 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 9 | } 10 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp320, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137"] 5 | #[generator = "10"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp320>; 8 | -------------------------------------------------------------------------------- /curves/cp6_782/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_test_templates::*; 2 | use ark_ff::Field; 3 | 4 | use crate::*; 5 | 6 | test_group!(g1; G1Projective; sw); 7 | test_group!(g2; G2Projective; sw); 8 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 9 | test_pairing!(pairing; crate::CP6_782); 10 | -------------------------------------------------------------------------------- /curves/ed25519/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "13108968793781547619861935127046491459309155893440570251786403306729687672801"] 5 | #[generator = "7"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp256>; 8 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp320, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631"] 5 | #[generator = "7"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp320>; 8 | -------------------------------------------------------------------------------- /curves/pallas/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "base_field")] 2 | pub mod fq; 3 | #[cfg(feature = "base_field")] 4 | pub use self::fq::*; 5 | 6 | #[cfg(feature = "scalar_field")] 7 | pub mod fr; 8 | #[cfg(feature = "scalar_field")] 9 | pub use self::fr::*; 10 | 11 | #[cfg(all(feature = "curve", test))] 12 | mod tests; 13 | -------------------------------------------------------------------------------- /test-curves/benches/mnt4_753.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::{bench, criterion_main, field_common, paste, prime_field, sqrt}; 2 | use ark_test_curves::mnt4_753::{fq::Fq, fr::Fr, G1Projective as G1}; 3 | 4 | bench!( 5 | Name = "MNT4_753", 6 | Group = G1, 7 | ScalarField = Fr, 8 | BaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/curve25519/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | /// A variable that is the R1CS equivalent of `crate::Fq`. 4 | pub type FqVar = FpVar; 5 | 6 | #[test] 7 | fn test() { 8 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 9 | } 10 | -------------------------------------------------------------------------------- /curves/bn254/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FBaseVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FBaseVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/pallas/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FBaseVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FBaseVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/secp256k1/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/secp256r1/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/secp384r1/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/secq256k1/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/vesta/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FBaseVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FBaseVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /test-curves/benches/ed_on_bls12_381.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::{bench, criterion_main, field_common, paste, prime_field, sqrt}; 2 | use ark_test_curves::ed_on_bls12_381::{Fq, Fr, Projective}; 3 | 4 | bench!( 5 | Name = "EdOnBls12_381", 6 | Group = Projective, 7 | ScalarField = Fr, 8 | BaseField = Fq, 9 | ); 10 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FqVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/grumpkin/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::fp::FpVar; 2 | 3 | use crate::fq::Fq; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FBaseVar = FpVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::fields::field_test::<_, _, FBaseVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/bls12_377/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177"] 5 | #[generator = "15"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp384>; 8 | -------------------------------------------------------------------------------- /curves/secp384r1/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "39402006196394479212279040100143613805079739270465446667948293404245721771496870329047266088258938001861606973112319"] 5 | #[generator = "2"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp384>; 8 | -------------------------------------------------------------------------------- /curves/secp384r1/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643"] 5 | #[generator = "2"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp384>; 8 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "32333053251621136751331591711861691692049189094364332567435817881934511297123972799646723302813083835942624121493"] 5 | #[generator = "13"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp384>; 8 | -------------------------------------------------------------------------------- /curves/secp256k1/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use crate::{constraints::FqVar, *}; 2 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 3 | 4 | /// A group element in the secp256k1 curve. 5 | pub type GVar = ProjectiveVar; 6 | 7 | #[test] 8 | fn test() { 9 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 10 | } 11 | -------------------------------------------------------------------------------- /curves/secp256r1/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use crate::{constraints::FqVar, *}; 2 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 3 | 4 | /// A group element in the secp256r1 curve. 5 | pub type GVar = ProjectiveVar; 6 | 7 | #[test] 8 | fn test() { 9 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 10 | } 11 | -------------------------------------------------------------------------------- /curves/secp384r1/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use crate::{constraints::FqVar, *}; 2 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 3 | 4 | /// A group element in the secp384r1 curve. 5 | pub type GVar = ProjectiveVar; 6 | 7 | #[test] 8 | fn test() { 9 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 10 | } 11 | -------------------------------------------------------------------------------- /curves/secq256k1/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use crate::{constraints::FqVar, *}; 2 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 3 | 4 | /// A group element in the secq256k1 curve. 5 | pub type GVar = ProjectiveVar; 6 | 7 | #[test] 8 | fn test() { 9 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 10 | } 11 | -------------------------------------------------------------------------------- /.github/release-pr-template.ejs: -------------------------------------------------------------------------------- 1 | This is a release PR for version **<%= version.actual %>**<% 2 | if (version.actual != version.desired) { 3 | %> (performing a <%= version.desired %> bump).<% 4 | } else { 5 | %>.<% 6 | } 7 | %> 8 | 9 | You will still need to manually publish the cargo crate: 10 | 11 | ``` 12 | $ make VERSION=<%= version.actual %> release 13 | ``` 14 | -------------------------------------------------------------------------------- /curves/bn254/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "21888242871839275222246405745257275088548364400416034343698204186575808495617"] 5 | #[generator = "5"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp256>; 10 | -------------------------------------------------------------------------------- /curves/bls12_381/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "52435875175126190479447740508185965837690552500527637822603658699938581184513"] 5 | #[generator = "7"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "1"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp256>; 10 | -------------------------------------------------------------------------------- /curves/bn254/benches/bn254.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_bn254::{fq::Fq, fq2::Fq2, fr::Fr, Bn254, Fq12, G1Projective as G1, G2Projective as G2}; 3 | 4 | bench!( 5 | Name = "BN254", 6 | Pairing = Bn254, 7 | G1 = G1, 8 | G2 = G2, 9 | ScalarField = Fr, 10 | G1BaseField = Fq, 11 | G2BaseField = Fq2, 12 | TargetField = Fq12, 13 | ); 14 | -------------------------------------------------------------------------------- /curves/curve25519/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "57896044618658097711785492504343953926634992332820282019728792003956564819949"] 5 | #[generator = "2"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "1"] 8 | pub struct FqConfig; 9 | pub type Fq = Fp256>; 10 | -------------------------------------------------------------------------------- /curves/curve25519/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "7237005577332262213973186563042994240857116359379907606001950938285454250989"] 5 | #[generator = "2"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "1"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp256>; 10 | -------------------------------------------------------------------------------- /curves/secp256k1/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "115792089237316195423570985008687907853269984665640564039457584007908834671663"] 5 | #[generator = "3"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "1"] 8 | pub struct FqConfig; 9 | pub type Fq = Fp256>; 10 | -------------------------------------------------------------------------------- /curves/secp256k1/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "115792089237316195423570985008687907852837564279074904382605163141518161494337"] 5 | #[generator = "7"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "1"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp256>; 10 | -------------------------------------------------------------------------------- /ff/src/fields/utils.rs: -------------------------------------------------------------------------------- 1 | /// Calculates the k-adicity of n, i.e., the number of trailing 0s in a base-k 2 | /// representation. 3 | pub fn k_adicity(k: u64, mut n: u64) -> u32 { 4 | let mut r = 0; 5 | while n > 1 { 6 | if n % k == 0 { 7 | r += 1; 8 | n /= k; 9 | } else { 10 | return r; 11 | } 12 | } 13 | r 14 | } 15 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp320, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "475922286169261325753349249653048451545124879242694725395555128576210262817955800483758081"] 5 | #[generator = "17"] 6 | #[small_subgroup_base = "7"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FqConfig; 9 | pub type Fq = Fp320>; 10 | -------------------------------------------------------------------------------- /curves/bn254/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 2 | 3 | use crate::{constraints::FBaseVar, g1::Config}; 4 | 5 | /// A group element in the Bn254 prime-order group. 6 | pub type GVar = ProjectiveVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/vesta/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 2 | 3 | use crate::{constraints::FBaseVar, *}; 4 | 5 | /// A group element in the Vesta prime-order group. 6 | pub type GVar = ProjectiveVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /scripts/install-hook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/env bash 2 | # This script will install the provided directory ../.hooks as the hook 3 | # directory for the present repo. See there for hooks, including a pre-commit 4 | # hook that runs rustfmt on files before a commit. 5 | 6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 7 | HOOKS_DIR="${DIR}/../.hooks" 8 | 9 | git config core.hooksPath "$HOOKS_DIR" 10 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: cargo 4 | directory: "/" 5 | schedule: 6 | interval: daily 7 | open-pull-requests-limit: 10 8 | ignore: 9 | - dependency-name: hashbrown 10 | versions: 11 | - 0.11.0 12 | - dependency-name: rand 13 | versions: 14 | - 0.8.0 15 | - dependency-name: rand_xorshift 16 | versions: 17 | - 0.3.0 18 | -------------------------------------------------------------------------------- /curves/pallas/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 2 | 3 | use crate::{constraints::FBaseVar, *}; 4 | 5 | /// A group element in the Pallas prime-order group. 6 | pub type GVar = ProjectiveVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/bw6_761/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | use ark_ff::Field; 4 | 5 | test_group!(g1; G1Projective; sw); 6 | test_group!(g2; G2Projective; sw); 7 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 8 | test_pairing!(pairing; crate::BW6_761); 9 | test_group!(g1_glv; G1Projective; glv); 10 | test_group!(g2_glv; G2Projective; glv); 11 | -------------------------------------------------------------------------------- /curves/scripts/install-hook.sh: -------------------------------------------------------------------------------- 1 | #!/bin/env bash 2 | # This script will install the provided directory ../.hooks as the hook 3 | # directory for the present repo. See there for hooks, including a pre-commit 4 | # hook that runs rustfmt on files before a commit. 5 | 6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 7 | HOOKS_DIR="${DIR}/../.hooks" 8 | 9 | git config core.hooksPath "$HOOKS_DIR" 10 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::te_test::<_, EdwardsVar>().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/grumpkin/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::short_weierstrass::ProjectiveVar; 2 | 3 | use crate::{constraints::FBaseVar, *}; 4 | 5 | /// A group element in the Grumpkin prime-order group. 6 | pub type GVar = ProjectiveVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::sw_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed25519/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::te_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/mnt4_298/benches/mnt4_298.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_mnt4_298::{ 3 | fq::Fq, fq2::Fq2, fr::Fr, Fq4, G1Projective as G1, G2Projective as G2, MNT4_298, 4 | }; 5 | 6 | bench!( 7 | Name = "MNT4_298", 8 | Pairing = MNT4_298, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq2, 14 | TargetField = Fq4, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/mnt4_753/benches/mnt4_753.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_mnt4_753::{ 3 | fq::Fq, fq2::Fq2, fr::Fr, Fq4, G1Projective as G1, G2Projective as G2, MNT4_753, 4 | }; 5 | 6 | bench!( 7 | Name = "MNT4_753", 8 | Pairing = MNT4_753, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq2, 14 | TargetField = Fq4, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/mnt6_298/benches/mnt6_298.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_mnt6_298::{ 3 | fq::Fq, fq3::Fq3, fr::Fr, Fq6, G1Projective as G1, G2Projective as G2, MNT6_298, 4 | }; 5 | 6 | bench!( 7 | Name = "MNT6_298", 8 | Pairing = MNT6_298, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq3, 14 | TargetField = Fq6, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/mnt6_753/benches/mnt6_753.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_mnt6_753::{ 3 | fq::Fq, fq3::Fq3, fr::Fr, Fq6, G1Projective as G1, G2Projective as G2, MNT6_753, 4 | }; 5 | 6 | bench!( 7 | Name = "MNT6_753", 8 | Pairing = MNT6_753, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq3, 14 | TargetField = Fq6, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/bls12_381/benches/bls12_381.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_bls12_381::{ 3 | fq::Fq, fq2::Fq2, fr::Fr, Bls12_381, Fq12, G1Projective as G1, G2Projective as G2, 4 | }; 5 | 6 | bench!( 7 | Name = "Bls12_381", 8 | Pairing = Bls12_381, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq2, 14 | TargetField = Fq12, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/cp6_782/benches/cp6_782.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | use ark_cp6_782::{ 3 | fq::Fq, fq3::Fq3, fq6::Fq6, fr::Fr, g1::G1Projective as G1, g2::G2Projective as G2, CP6_782, 4 | }; 5 | 6 | bench!( 7 | Name = "CP6_782", 8 | Pairing = CP6_782, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq3, 14 | TargetField = Fq6, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/bw6_761/benches/bw6_761.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | 3 | use ark_bw6_761::{ 4 | fq::Fq, fq3::Fq3, fq6::Fq6, fr::Fr, g1::G1Projective as G1, g2::G2Projective as G2, BW6_761, 5 | }; 6 | 7 | bench!( 8 | Name = "BW6_761", 9 | Pairing = BW6_761, 10 | G1 = G1, 11 | G2 = G2, 12 | ScalarField = Fr, 13 | G1BaseField = Fq, 14 | G2BaseField = Fq3, 15 | TargetField = Fq6, 16 | ); 17 | -------------------------------------------------------------------------------- /curves/bw6_767/benches/bw6_767.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | 3 | use ark_bw6_767::{ 4 | fq::Fq, fq3::Fq3, fq6::Fq6, fr::Fr, g1::G1Projective as G1, g2::G2Projective as G2, BW6_767, 5 | }; 6 | 7 | bench!( 8 | Name = "BW6_767", 9 | Pairing = BW6_767, 10 | G1 = G1, 11 | G2 = G2, 12 | ScalarField = Fr, 13 | G1BaseField = Fq, 14 | G2BaseField = Fq3, 15 | TargetField = Fq6, 16 | ); 17 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::te_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::te_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/bls12_377/benches/bls12_377.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::*; 2 | 3 | use ark_bls12_377::{ 4 | fq::Fq, fq2::Fq2, fr::Fr, Bls12_377, Fq12, G1Projective as G1, G2Projective as G2, 5 | }; 6 | 7 | bench!( 8 | Name = "Bls12_377", 9 | Pairing = Bls12_377, 10 | G1 = G1, 11 | G2 = G2, 12 | ScalarField = Fr, 13 | G1BaseField = Fq, 14 | G2BaseField = Fq2, 15 | TargetField = Fq12, 16 | ); 17 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar; 2 | 3 | use crate::{constraints::fields::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::te_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::AffineVar; 2 | 3 | use crate::{constraints::fields::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | #[test] 9 | fn test() { 10 | ark_curve_constraint_tests::curves::te_test::().unwrap(); 11 | } 12 | -------------------------------------------------------------------------------- /curves/bn254/src/curves/tests.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_test_templates::*; 2 | use ark_ff::fields::Field; 3 | 4 | use crate::{Bn254, G1Projective, G2Projective}; 5 | 6 | test_group!(g1; G1Projective; sw); 7 | test_group!(g2; G2Projective; sw); 8 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 9 | test_pairing!(pairing; crate::Bn254); 10 | test_group!(g1_glv; G1Projective; glv); 11 | test_group!(g2_glv; G2Projective; glv); 12 | -------------------------------------------------------------------------------- /test-curves/src/mnt4_753/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "mnt4_753_base_field")] 2 | pub mod fq; 3 | #[cfg(feature = "mnt4_753_base_field")] 4 | pub use fq::*; 5 | 6 | #[cfg(feature = "mnt4_753_scalar_field")] 7 | pub mod fr; 8 | #[cfg(feature = "mnt4_753_scalar_field")] 9 | pub use fr::*; 10 | 11 | #[cfg(feature = "mnt4_753_curve")] 12 | pub mod g1; 13 | #[cfg(feature = "mnt4_753_curve")] 14 | pub use g1::*; 15 | 16 | #[cfg(test)] 17 | mod tests; 18 | -------------------------------------------------------------------------------- /curves/bw6_761/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068299"] 5 | #[generator = "2"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp768>; 8 | -------------------------------------------------------------------------------- /curves/bw6_767/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "496597749679620867773432037469214230242402307330180853437434581099336634619713640485778675608223760166307530047354464605410050411581079376994803852937842168733702867087556948851016246640584660942486895230518034810309227309966899431"] 5 | #[generator = "3"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp768>; 8 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "5237311370989869175293026848905079641021338739994243633972937865128169101571388346632361720473792365177258871486054600656048925740061347509722287043067341250552640264308621296888446513816907173362124418513727200975392177480577"] 5 | #[generator = "5"] 6 | pub struct FrConfig; 7 | pub type Fr = Fp768>; 8 | -------------------------------------------------------------------------------- /curves/cp6_782/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp832, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577"] 5 | #[generator = "13"] 6 | pub struct FqConfig; 7 | pub type Fq = Fp832>; 8 | -------------------------------------------------------------------------------- /test-curves/src/fp128.rs: -------------------------------------------------------------------------------- 1 | //! Prime field `Fp` where `p = 2^127 - 1`. 2 | use ark_ff::fields::{Fp128, MontBackend}; 3 | 4 | #[derive(ark_ff::MontConfig)] 5 | #[modulus = "170141183460469231731687303715884105727"] 6 | #[generator = "43"] 7 | pub struct FqConfig; 8 | pub type Fq = Fp128>; 9 | 10 | #[cfg(test)] 11 | mod tests { 12 | use super::*; 13 | use ark_algebra_test_templates::*; 14 | test_field!(fq; Fq; mont_prime_field); 15 | } 16 | -------------------------------------------------------------------------------- /ff-macros/src/montgomery/add.rs: -------------------------------------------------------------------------------- 1 | pub(super) fn add_assign_impl(modulus_has_spare_bit: bool) -> proc_macro2::TokenStream { 2 | if modulus_has_spare_bit { 3 | quote::quote! { 4 | __add_with_carry(&mut a.0, &b.0); 5 | __subtract_modulus(a); 6 | } 7 | } else { 8 | quote::quote! { 9 | let c = __add_with_carry(&mut a.0, &b.0); 10 | __subtract_modulus_with_carry(a, c); 11 | } 12 | } 13 | } 14 | -------------------------------------------------------------------------------- /.github/linters/.markdown-lint.yml: -------------------------------------------------------------------------------- 1 | # See https://github.com/DavidAnson/markdownlint#rules--aliases for list of markdown lint codes 2 | default: true 3 | # MD01 lint blocks having header's incrementing by more than # at a time. 4 | MD001: false 5 | MD007: { indent: 4 } 6 | # MD013 blocks long lines 7 | MD013: false 8 | MD024: { siblings_only: true } 9 | MD025: false 10 | # MD033 lint blocks HTML in MD 11 | MD033: false 12 | # MD036 no-emphasis-as-heading 13 | MD036: false 14 | MD041: false 15 | -------------------------------------------------------------------------------- /test-curves/benches/bls12_381.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_bench_templates::{bench, criterion_main, field_common, paste, prime_field, sqrt}; 2 | use ark_test_curves::bls12_381::{ 3 | fq::Fq, fq2::Fq2, fr::Fr, Bls12_381, Fq12, G1Projective as G1, G2Projective as G2, 4 | }; 5 | 6 | bench!( 7 | Name = "Bls12_381", 8 | Pairing = Bls12_381, 9 | G1 = G1, 10 | G2 = G2, 11 | ScalarField = Fr, 12 | G1BaseField = Fq, 13 | G2BaseField = Fq2, 14 | TargetField = Fq12, 15 | ); 16 | -------------------------------------------------------------------------------- /curves/bls12_381/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787"] 5 | #[generator = "2"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FqConfig; 9 | pub type Fq = Fp384>; 10 | 11 | pub const FQ_ONE: Fq = ark_ff::MontFp!("1"); 12 | pub const FQ_ZERO: Fq = ark_ff::MontFp!("0"); 13 | -------------------------------------------------------------------------------- /test-curves/src/mnt4_753/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend}; 2 | 3 | pub type Fq = Fp768>; 4 | #[derive(ark_ff::MontConfig)] 5 | #[modulus = "41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888253786114353726529584385201591605722013126468931404347949840543007986327743462853720628051692141265303114721689601"] 6 | #[generator = "17"] 7 | #[small_subgroup_base = "5"] 8 | #[small_subgroup_power = "2"] 9 | pub struct FqConfig; 10 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/constraints/pairing.rs: -------------------------------------------------------------------------------- 1 | use crate::Config; 2 | 3 | /// Specifies the constraints for computing a pairing in the MNT4-298 bilinear 4 | /// group. 5 | pub type PairingVar = ark_r1cs_std::pairing::mnt4::PairingVar; 6 | 7 | #[test] 8 | fn test() { 9 | use crate::MNT4_298; 10 | ark_curve_constraint_tests::pairing::bilinearity_test::().unwrap(); 11 | ark_curve_constraint_tests::pairing::g2_prepare_consistency_test::() 12 | .unwrap(); 13 | } 14 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/constraints/pairing.rs: -------------------------------------------------------------------------------- 1 | use crate::Config; 2 | 3 | /// Specifies the constraints for computing a pairing in the MNT4-753 bilinear 4 | /// group. 5 | pub type PairingVar = ark_r1cs_std::pairing::mnt4::PairingVar; 6 | 7 | #[test] 8 | fn test() { 9 | use crate::MNT4_753; 10 | ark_curve_constraint_tests::pairing::bilinearity_test::().unwrap(); 11 | ark_curve_constraint_tests::pairing::g2_prepare_consistency_test::() 12 | .unwrap(); 13 | } 14 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/fields/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888253786114353726529584385201591605722013126468931404347949840543007986327743462853720628051692141265303114721689601"] 5 | #[generator = "17"] 6 | #[small_subgroup_base = "5"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FqConfig; 9 | pub type Fq = Fp768>; 10 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888458477323173057491593855069696241854796396165721416325350064441470418137846398469611935719059908164220784476160001"] 5 | #[generator = "17"] 6 | #[small_subgroup_base = "5"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp768>; 10 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/constraints/pairing.rs: -------------------------------------------------------------------------------- 1 | use crate::Config; 2 | 3 | /// Specifies the constraints for computing a pairing in the MNT6-298 bilinear 4 | /// group. 5 | pub type PairingVar = ark_r1cs_std::pairing::mnt6::PairingVar; 6 | 7 | #[test] 8 | fn test() { 9 | use crate::MNT6_298; 10 | ark_curve_constraint_tests::pairing::bilinearity_test::().unwrap(); 11 | ark_curve_constraint_tests::pairing::g2_prepare_consistency_test::() 12 | .unwrap(); 13 | } 14 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/constraints/pairing.rs: -------------------------------------------------------------------------------- 1 | use crate::Config; 2 | 3 | /// Specifies the constraints for computing a pairing in the MNT6-753 bilinear 4 | /// group. 5 | pub type PairingVar = ark_r1cs_std::pairing::mnt6::PairingVar; 6 | 7 | #[test] 8 | fn test() { 9 | use crate::MNT6_753; 10 | ark_curve_constraint_tests::pairing::bilinearity_test::().unwrap(); 11 | ark_curve_constraint_tests::pairing::g2_prepare_consistency_test::() 12 | .unwrap(); 13 | } 14 | -------------------------------------------------------------------------------- /test-curves/src/bn384_small_two_adicity/fq.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend}; 2 | 3 | #[derive(ark_ff::MontConfig)] 4 | #[modulus = "5945877603251831796258517492029536515488649313567122628447476625319762940580461319088175968449723373773214087057409"] 5 | #[generator = "7"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FqConfig; 9 | pub type Fq = Fp384>; 10 | 11 | pub const FQ_ONE: Fq = ark_ff::MontFp!("1"); 12 | pub const FQ_ZERO: Fq = ark_ff::MontFp!("0"); 13 | -------------------------------------------------------------------------------- /test-curves/src/bn384_small_two_adicity/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp384, MontBackend}; 2 | 3 | #[derive(ark_ff::MontConfig)] 4 | #[modulus = "5945877603251831796258517492029536515488649313567122628445038208291596545947608789992834434053176523624102324539393"] 5 | #[generator = "5"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "2"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp384>; 10 | 11 | pub const FR_ONE: Fr = ark_ff::MontFp!("1"); 12 | pub const FR_ZERO: Fr = ark_ff::MontFp!("0"); 13 | -------------------------------------------------------------------------------- /curves/bls12_377/src/constraints/pairing.rs: -------------------------------------------------------------------------------- 1 | use crate::Config; 2 | 3 | /// Specifies the constraints for computing a pairing in the BLS12-377 bilinear 4 | /// group. 5 | pub type PairingVar = ark_r1cs_std::pairing::bls12::PairingVar; 6 | 7 | #[test] 8 | fn test() { 9 | use crate::Bls12_377; 10 | ark_curve_constraint_tests::pairing::bilinearity_test::().unwrap(); 11 | ark_curve_constraint_tests::pairing::g2_prepare_consistency_test::() 12 | .unwrap(); 13 | } 14 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "scalar_field")] 2 | pub mod fr; 3 | #[cfg(feature = "scalar_field")] 4 | pub use self::fr::*; 5 | 6 | #[cfg(feature = "base_field")] 7 | pub mod fq; 8 | #[cfg(feature = "base_field")] 9 | pub use self::fq::*; 10 | 11 | #[cfg(feature = "curve")] 12 | pub mod fq2; 13 | #[cfg(feature = "curve")] 14 | pub use self::fq2::*; 15 | 16 | #[cfg(feature = "curve")] 17 | pub mod fq4; 18 | #[cfg(feature = "curve")] 19 | pub use self::fq4::*; 20 | 21 | #[cfg(all(feature = "curve", test))] 22 | mod tests; 23 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "scalar_field")] 2 | pub mod fr; 3 | #[cfg(feature = "scalar_field")] 4 | pub use self::fr::*; 5 | 6 | #[cfg(feature = "base_field")] 7 | pub mod fq; 8 | #[cfg(feature = "base_field")] 9 | pub use self::fq::*; 10 | 11 | #[cfg(feature = "curve")] 12 | pub mod fq2; 13 | #[cfg(feature = "curve")] 14 | pub use self::fq2::*; 15 | 16 | #[cfg(feature = "curve")] 17 | pub mod fq4; 18 | #[cfg(feature = "curve")] 19 | pub use self::fq4::*; 20 | 21 | #[cfg(all(feature = "curve", test))] 22 | mod tests; 23 | -------------------------------------------------------------------------------- /test-curves/src/bn384_small_two_adicity/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "bn384_small_two_adicity_base_field")] 2 | pub mod fq; 3 | #[cfg(feature = "bn384_small_two_adicity_base_field")] 4 | pub use fq::*; 5 | 6 | #[cfg(feature = "bn384_small_two_adicity_scalar_field")] 7 | pub mod fr; 8 | #[cfg(feature = "bn384_small_two_adicity_scalar_field")] 9 | pub use fr::*; 10 | 11 | #[cfg(feature = "bn384_small_two_adicity_curve")] 12 | pub mod g1; 13 | #[cfg(feature = "bn384_small_two_adicity_curve")] 14 | pub use g1::*; 15 | 16 | #[cfg(test)] 17 | mod tests; 18 | -------------------------------------------------------------------------------- /ff/src/fields/models/mod.rs: -------------------------------------------------------------------------------- 1 | pub mod fp; 2 | pub use self::fp::*; 3 | 4 | pub mod fp2; 5 | pub use self::fp2::*; 6 | 7 | pub mod fp3; 8 | pub use self::fp3::*; 9 | 10 | pub mod fp4; 11 | pub use self::fp4::*; 12 | 13 | pub mod fp6_2over3; 14 | 15 | pub mod fp6_3over2; 16 | pub use self::fp6_3over2::*; 17 | 18 | pub mod fp12_2over3over2; 19 | pub use self::fp12_2over3over2::*; 20 | 21 | #[macro_use] 22 | pub mod quadratic_extension; 23 | pub use quadratic_extension::*; 24 | 25 | #[macro_use] 26 | pub mod cubic_extension; 27 | pub use cubic_extension::*; 28 | -------------------------------------------------------------------------------- /ec/src/hashing/curve_maps/mod.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{BigInteger, Field, PrimeField, Zero}; 2 | pub mod elligator2; 3 | pub mod swu; 4 | pub mod wb; 5 | 6 | //// parity method on the Field elements based on [\[1\]] Section 4.1 7 | //// which is used by multiple curve maps including Elligator2 and SWU 8 | /// - [\[1\]] 9 | pub fn parity(element: &F) -> bool { 10 | element 11 | .to_base_prime_field_elements() 12 | .find(|&x| !x.is_zero()) 13 | .map_or(false, |x| x.into_bigint().is_odd()) 14 | } 15 | -------------------------------------------------------------------------------- /test-curves/src/mnt4_753/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp768, MontBackend}; 2 | 3 | pub type Fr = Fp768>; 4 | #[derive(ark_ff::MontConfig)] 5 | #[modulus = "41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888458477323173057491593855069696241854796396165721416325350064441470418137846398469611935719059908164220784476160001"] 6 | #[generator = "17"] 7 | #[small_subgroup_base = "5"] 8 | #[small_subgroup_power = "2"] 9 | pub struct FrConfig; 10 | 11 | pub const FR_ONE: Fr = ark_ff::MontFp!("1"); 12 | -------------------------------------------------------------------------------- /.github/workflows/linkify_changelog.yml: -------------------------------------------------------------------------------- 1 | name: Linkify Changelog 2 | 3 | on: 4 | workflow_dispatch 5 | 6 | jobs: 7 | linkify: 8 | runs-on: ubuntu-latest 9 | steps: 10 | - name: Checkout 11 | uses: actions/checkout@v2 12 | - name: Add links 13 | run: python3 scripts/linkify_changelog.py CHANGELOG.md 14 | - name: Commit 15 | run: | 16 | git config user.name github-actions 17 | git config user.email github-actions@github.com 18 | git add . 19 | git commit -m "Linkify Changelog" 20 | git push 21 | -------------------------------------------------------------------------------- /makefile: -------------------------------------------------------------------------------- 1 | doc: 2 | RUSTDOCFLAGS="--html-in-header doc/katex-header.html" cargo doc --no-deps 3 | 4 | .PHONY: doc 5 | 6 | # Since the master branch is protected, the current workflow is to create a PR with the version changes, 7 | # and once the PR is merged, run the `make VERSION= release` to publish the new crates. 8 | release: 9 | ifndef VERSION 10 | $(error VERSION is not set. Run with `make VERSION= release`) 11 | endif 12 | git pull 13 | cargo update 14 | git tag v$(VERSION) 15 | git push origin v$(VERSION) 16 | cargo release publish --execute --verbose 17 | -------------------------------------------------------------------------------- /test-curves/src/bn384_small_two_adicity/tests.rs: -------------------------------------------------------------------------------- 1 | #![allow(unused_imports)] 2 | use ark_ec::{ 3 | models::short_weierstrass::SWCurveConfig, pairing::Pairing, AffineRepr, CurveGroup, PrimeGroup, 4 | }; 5 | use ark_ff::{Field, One, UniformRand, Zero}; 6 | use ark_std::{rand::Rng, test_rng}; 7 | 8 | use crate::bn384_small_two_adicity::{Fq, FqConfig, Fr, FrConfig, G1Affine, G1Projective}; 9 | use ark_algebra_test_templates::*; 10 | use ark_std::ops::{AddAssign, MulAssign, SubAssign}; 11 | 12 | test_field!(fr; Fr; mont_prime_field); 13 | test_field!(fq; Fq; mont_prime_field); 14 | test_group!(g1; G1Projective; sw); 15 | -------------------------------------------------------------------------------- /curves/curve25519/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::twisted_edwards::{AffineVar, MontgomeryAffineVar}; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | /// A variable that is the R1CS equivalent of `crate::NonZeroMontgomeryAffine`. 9 | pub type NonZeroMontgomeryVar = MontgomeryAffineVar; 10 | 11 | #[test] 12 | fn test() { 13 | ark_curve_constraint_tests::curves::te_test::().unwrap(); 14 | } 15 | -------------------------------------------------------------------------------- /curves/bn254/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "scalar_field")] 2 | pub mod fr; 3 | #[cfg(feature = "scalar_field")] 4 | pub use self::fr::*; 5 | 6 | #[cfg(feature = "curve")] 7 | pub mod fq; 8 | #[cfg(feature = "curve")] 9 | pub use self::fq::*; 10 | 11 | #[cfg(feature = "curve")] 12 | pub mod fq2; 13 | #[cfg(feature = "curve")] 14 | pub use self::fq2::*; 15 | 16 | #[cfg(feature = "curve")] 17 | pub mod fq6; 18 | #[cfg(feature = "curve")] 19 | pub use self::fq6::*; 20 | 21 | #[cfg(feature = "curve")] 22 | pub mod fq12; 23 | #[cfg(feature = "curve")] 24 | pub use self::fq12::*; 25 | 26 | #[cfg(all(feature = "curve", test))] 27 | mod tests; 28 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use ark_algebra_test_templates::*; 2 | use ark_ff::fields::{models::fp6_2over3::*, quadratic_extension::QuadExtConfig}; 3 | use ark_std::{rand::Rng, test_rng}; 4 | 5 | use crate::*; 6 | 7 | test_field!(fr; Fr; mont_prime_field); 8 | test_field!(fq; Fq; mont_prime_field); 9 | test_field!(fq3; Fq3); 10 | test_field!(fq6; Fq6); 11 | 12 | #[test] 13 | fn test_fq3_more() { 14 | let mut rng = test_rng(); 15 | let mut a: Fq3 = rng.gen(); 16 | assert_eq!( 17 | a * Fq6Config::NONRESIDUE, 18 | *>::mul_base_field_by_nonresidue_in_place(&mut a) 19 | ); 20 | } 21 | -------------------------------------------------------------------------------- /curves/bls12_381/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "scalar_field")] 2 | pub mod fr; 3 | #[cfg(feature = "scalar_field")] 4 | pub use self::fr::*; 5 | 6 | #[cfg(feature = "curve")] 7 | pub mod fq; 8 | #[cfg(feature = "curve")] 9 | pub use self::fq::*; 10 | 11 | #[cfg(feature = "curve")] 12 | pub mod fq2; 13 | #[cfg(feature = "curve")] 14 | pub use self::fq2::*; 15 | 16 | #[cfg(feature = "curve")] 17 | pub mod fq6; 18 | #[cfg(feature = "curve")] 19 | pub use self::fq6::*; 20 | 21 | #[cfg(feature = "curve")] 22 | pub mod fq12; 23 | #[cfg(feature = "curve")] 24 | pub use self::fq12::*; 25 | 26 | #[cfg(all(feature = "curve", test))] 27 | mod tests; 28 | -------------------------------------------------------------------------------- /curves/bls12_377/src/fields/mod.rs: -------------------------------------------------------------------------------- 1 | #[cfg(feature = "scalar_field")] 2 | pub mod fr; 3 | #[cfg(feature = "scalar_field")] 4 | pub use self::fr::*; 5 | 6 | #[cfg(feature = "base_field")] 7 | pub mod fq; 8 | #[cfg(feature = "base_field")] 9 | pub use self::fq::*; 10 | 11 | #[cfg(feature = "curve")] 12 | pub mod fq2; 13 | #[cfg(feature = "curve")] 14 | pub use self::fq2::*; 15 | 16 | #[cfg(feature = "curve")] 17 | pub mod fq6; 18 | #[cfg(feature = "curve")] 19 | pub use self::fq6::*; 20 | 21 | #[cfg(feature = "curve")] 22 | pub mod fq12; 23 | #[cfg(feature = "curve")] 24 | pub use self::fq12::*; 25 | 26 | #[cfg(all(feature = "curve", test))] 27 | mod tests; 28 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/fields/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::*; 2 | use ark_algebra_test_templates::*; 3 | use ark_ff::fields::{models::fp6_2over3::*, quadratic_extension::QuadExtConfig}; 4 | use ark_std::{rand::Rng, test_rng}; 5 | 6 | test_field!(100; fr; Fr; mont_prime_field); 7 | test_field!(100; fq; Fq; mont_prime_field); 8 | test_field!(100; fq3; Fq3); 9 | test_field!(100; fq6; Fq6); 10 | 11 | #[test] 12 | fn test_fq3_more() { 13 | let mut rng = test_rng(); 14 | let mut a: Fq3 = rng.gen(); 15 | assert_eq!( 16 | a * Fq6Config::NONRESIDUE, 17 | *>::mul_base_field_by_nonresidue_in_place(&mut a) 18 | ); 19 | } 20 | -------------------------------------------------------------------------------- /ff-macros/src/montgomery/double.rs: -------------------------------------------------------------------------------- 1 | pub(super) fn double_in_place_impl(modulus_has_spare_bit: bool) -> proc_macro2::TokenStream { 2 | if modulus_has_spare_bit { 3 | quote::quote! { 4 | // This cannot exceed the backing capacity. 5 | a.0.mul2(); 6 | // However, it may need to be reduced. 7 | __subtract_modulus(a); 8 | } 9 | } else { 10 | quote::quote! { 11 | // This cannot exceed the backing capacity. 12 | let c = a.0.mul2(); 13 | // However, it may need to be reduced. 14 | __subtract_modulus_with_carry(a, c); 15 | } 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /curves/bn254/src/fields/fq2.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{fields::*, MontFp}; 2 | 3 | use crate::*; 4 | 5 | pub type Fq2 = Fp2; 6 | 7 | pub struct Fq2Config; 8 | 9 | impl Fp2Config for Fq2Config { 10 | type Fp = Fq; 11 | 12 | /// NONRESIDUE = -1 13 | const NONRESIDUE: Fq = MontFp!("-1"); 14 | 15 | /// Coefficients for the Frobenius automorphism. 16 | const FROBENIUS_COEFF_FP2_C1: &'static [Fq] = &[ 17 | // NONRESIDUE**(((q^0) - 1) / 2) 18 | Fq::ONE, 19 | // NONRESIDUE**(((q^1) - 1) / 2) 20 | MontFp!("-1"), 21 | ]; 22 | 23 | #[inline(always)] 24 | fn mul_fp_by_nonresidue_in_place(fe: &mut Self::Fp) -> &mut Self::Fp { 25 | fe.neg_in_place() 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::{short_weierstrass::ProjectiveVar, twisted_edwards::AffineVar}; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::EdwardsAffine`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | /// A variable that is the R1CS equivalent of `crate::SWProjective` 9 | pub type SWVar = ProjectiveVar; 10 | 11 | #[test] 12 | fn test() { 13 | ark_curve_constraint_tests::curves::te_test::<_, EdwardsVar>().unwrap(); 14 | ark_curve_constraint_tests::curves::sw_test::<_, SWVar>().unwrap(); 15 | ark_curve_constraint_tests::curves::group_test::<_, Fq, EdwardsVar>().unwrap(); 16 | } 17 | -------------------------------------------------------------------------------- /poly/benches/common.rs: -------------------------------------------------------------------------------- 1 | /// Utility function for getting a vector of degrees to benchmark on. 2 | /// returns `vec![2^{min}, 2^{min + interval}, ..., 2^{max}]`, where: 3 | /// * `interval = log_interval` 4 | /// * `min = ceil(log_2(min_degree))` 5 | /// * `max = ceil(log_2(max_degree))` 6 | pub fn size_range( 7 | log_interval: usize, 8 | min_degree: usize, 9 | max_degree: usize, 10 | ) -> ark_std::vec::Vec { 11 | let mut to_ret = vec![min_degree.next_power_of_two()]; 12 | let interval = 1 << log_interval; 13 | while *to_ret.last().unwrap() < max_degree { 14 | let next_elem = usize::min(max_degree, interval * to_ret.last().unwrap()); 15 | to_ret.push(next_elem); 16 | } 17 | to_ret 18 | } 19 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::curves::{short_weierstrass::ProjectiveVar, twisted_edwards::AffineVar}; 2 | 3 | use crate::{constraints::FqVar, *}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::BandersnatchConfig`. 6 | pub type EdwardsVar = AffineVar; 7 | 8 | /// A variable that is the R1CS equivalent of `crate::SWProjective` 9 | pub type SWVar = ProjectiveVar; 10 | 11 | #[test] 12 | fn test() { 13 | ark_curve_constraint_tests::curves::te_test::<_, EdwardsVar>().unwrap(); 14 | ark_curve_constraint_tests::curves::sw_test::<_, SWVar>().unwrap(); 15 | ark_curve_constraint_tests::curves::group_test::<_, Fq, EdwardsVar>().unwrap(); 16 | } 17 | -------------------------------------------------------------------------------- /ff-asm/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-ff-asm" 3 | description = "A library for generating x86-64 assembly for finite field multiplication" 4 | documentation = "https://docs.rs/ark-ff-asm/" 5 | version.workspace = true 6 | authors.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | categories.workspace = true 10 | include.workspace = true 11 | license.workspace = true 12 | edition.workspace = true 13 | rust-version.workspace = true 14 | metadata.docs.rs.workspace = true 15 | metadata.release.workspace = true 16 | keywords = ["cryptography", "finite-fields", "assembly" ] 17 | 18 | [dependencies] 19 | quote.workspace = true 20 | syn = { workspace = true, features = ["full", "parsing", "extra-traits"]} 21 | 22 | [lib] 23 | proc-macro = true 24 | -------------------------------------------------------------------------------- /test-curves/src/bls12_381/fr.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 2 | 3 | #[derive(MontConfig)] 4 | #[modulus = "52435875175126190479447740508185965837690552500527637822603658699938581184513"] 5 | #[generator = "7"] 6 | #[small_subgroup_base = "3"] 7 | #[small_subgroup_power = "1"] 8 | pub struct FrConfig; 9 | pub type Fr = Fp256>; 10 | 11 | #[test] 12 | fn test_inv() { 13 | assert_eq!(FrConfig::INV, 0xffff_fffe_ffff_ffff); 14 | } 15 | 16 | #[test] 17 | fn test_modulus() { 18 | assert_eq!( 19 | FrConfig::MODULUS.0, 20 | [ 21 | 0xffff_ffff_0000_0001, 22 | 0x53bd_a402_fffe_5bfe, 23 | 0x3339_d808_09a1_d805, 24 | 0x73ed_a753_299d_7d48, 25 | ] 26 | ); 27 | } 28 | -------------------------------------------------------------------------------- /curves/secp256k1/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the secp256k1 curve. 12 | //! Source: 13 | //! 14 | //! Curve information: 15 | //! * Base field: q = 16 | //! 115792089237316195423570985008687907853269984665640564039457584007908834671663 17 | //! * Scalar field: r = 18 | //! 115792089237316195423570985008687907852837564279074904382605163141518161494337 19 | //! * Curve equation: y^2 = x^3 + 7 20 | 21 | #[cfg(feature = "r1cs")] 22 | pub mod constraints; 23 | mod curves; 24 | mod fields; 25 | 26 | pub use curves::*; 27 | pub use fields::*; 28 | -------------------------------------------------------------------------------- /curves/curve25519/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the curve25519 Montgomery curve. 12 | //! 13 | //! Curve information: 14 | //! * Base field: q = 15 | //! 57896044618658097711785492504343953926634992332820282019728792003956564819949 16 | //! * Scalar field: r = 17 | //! 7237005577332262213973186563042994240857116359379907606001950938285454250989 18 | //! * Curve equation: B * y^2 = x^3 + A * x^2 + x, where 19 | //! * A = 486662 20 | //! * B = 1 21 | 22 | #[cfg(feature = "r1cs")] 23 | pub mod constraints; 24 | mod curves; 25 | mod fields; 26 | 27 | pub use curves::*; 28 | pub use fields::*; 29 | -------------------------------------------------------------------------------- /curves/ed25519/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the ed25519 twisted Edwards curve. 12 | //! 13 | //! Curve information: 14 | //! * Base field: q = 15 | //! 57896044618658097711785492504343953926634992332820282019728792003956564819949 16 | //! * Scalar field: r = 17 | //! 7237005577332262213973186563042994240857116359379907606001950938285454250989 18 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 19 | //! * a = -1 20 | //! * d = -121665 / 121666 21 | 22 | #[cfg(feature = "r1cs")] 23 | pub mod constraints; 24 | mod curves; 25 | mod fields; 26 | 27 | pub use curves::*; 28 | pub use fields::*; 29 | -------------------------------------------------------------------------------- /curves/secq256k1/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the secq256k1 curve. 12 | //! Source: 13 | //! 14 | //! Curve information: 15 | //! * Base field: q = 16 | //! 115792089237316195423570985008687907852837564279074904382605163141518161494337 17 | //! * Scalar field: r = 18 | //! 115792089237316195423570985008687907853269984665640564039457584007908834671663 19 | //! * Curve equation: y^2 = x^3 + 7 20 | 21 | #[cfg(feature = "r1cs")] 22 | pub mod constraints; 23 | mod curves; 24 | mod fields; 25 | 26 | pub use curves::*; 27 | pub use fields::*; 28 | -------------------------------------------------------------------------------- /ff-macros/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-ff-macros" 3 | description = "A library for generating x86-64 assembly for finite field multiplication" 4 | documentation = "https://docs.rs/ark-ff-macros/" 5 | version.workspace = true 6 | authors.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | categories.workspace = true 10 | include.workspace = true 11 | license.workspace = true 12 | edition.workspace = true 13 | rust-version.workspace = true 14 | metadata.docs.rs.workspace = true 15 | metadata.release.workspace = true 16 | keywords = ["cryptography", "finite-fields", "assembly" ] 17 | 18 | [dependencies] 19 | quote.workspace = true 20 | proc-macro2.workspace = true 21 | syn = { workspace = true, features = ["full", "parsing", "extra-traits"]} 22 | num-bigint.workspace = true 23 | num-traits.workspace = true 24 | 25 | [lib] 26 | proc-macro = true 27 | -------------------------------------------------------------------------------- /curves/secp256r1/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the secp256r1 curve. 12 | //! Source: 13 | //! 14 | //! Curve information: 15 | //! * Base field: q = 16 | //! 0xffffffff00000001000000000000000000000000ffffffffffffffffffffffff 17 | //! * Scalar field: r = 18 | //! 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551 19 | //! * a = -3 20 | //! * b = 0x5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b 21 | //! * Curve equation: y^2 = x^3 + ax + b 22 | 23 | #[cfg(feature = "r1cs")] 24 | pub mod constraints; 25 | mod curves; 26 | mod fields; 27 | 28 | pub use curves::*; 29 | pub use fields::*; 30 | -------------------------------------------------------------------------------- /curves/bls12_381/src/curves/mod.rs: -------------------------------------------------------------------------------- 1 | use ark_ec::bls12::{Bls12, Bls12Config, TwistType}; 2 | 3 | use crate::{Fq, Fq12Config, Fq2Config, Fq6Config}; 4 | 5 | pub mod g1; 6 | pub mod g2; 7 | pub(crate) mod util; 8 | 9 | mod g1_swu_iso; 10 | mod g2_swu_iso; 11 | 12 | #[cfg(test)] 13 | mod tests; 14 | 15 | pub use self::{ 16 | g1::{G1Affine, G1Projective}, 17 | g2::{G2Affine, G2Projective}, 18 | }; 19 | 20 | pub type Bls12_381 = Bls12; 21 | 22 | pub struct Config; 23 | 24 | impl Bls12Config for Config { 25 | const X: &'static [u64] = &[0xd201000000010000]; 26 | const X_IS_NEGATIVE: bool = true; 27 | const TWIST_TYPE: TwistType = TwistType::M; 28 | type Fp = Fq; 29 | type Fp2Config = Fq2Config; 30 | type Fp6Config = Fq6Config; 31 | type Fp12Config = Fq12Config; 32 | type G1Config = self::g1::Config; 33 | type G2Config = self::g2::Config; 34 | } 35 | -------------------------------------------------------------------------------- /serialize-derive/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-serialize-derive" 3 | description = "A library for deriving serialization traits for the arkworks ecosystem" 4 | documentation = "https://docs.rs/ark-serialize-derive/" 5 | version.workspace = true 6 | authors.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | categories.workspace = true 10 | include.workspace = true 11 | license.workspace = true 12 | edition.workspace = true 13 | rust-version.workspace = true 14 | metadata.docs.rs.workspace = true 15 | metadata.release.workspace = true 16 | keywords = ["cryptography", "finite-fields", "elliptic-curves", "serialization"] 17 | 18 | ################################# Dependencies ################################ 19 | 20 | [lib] 21 | proc-macro = true 22 | 23 | [dependencies] 24 | proc-macro2.workspace = true 25 | syn.workspace = true 26 | quote.workspace = true 27 | -------------------------------------------------------------------------------- /curves/bn254/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 21888242871839275222246405745257275088696311157297823662689037894645226208583 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/pallas/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 28948022309329048855892746252171976963363056481941560715954676764349967630337 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/vesta/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 28948022309329048855892746252171976963363056481941647379679742748393362948097 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bls12_377/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 8444461749428370424248824938781546531375899335154063827935233455917409239041 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 30): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bls12_381/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bn254/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 21888242871839275222246405745257275088548364400416034343698204186575808495617 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 21888242871839275222246405745257275088548364400416034343698204186575808495617 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/grumpkin/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 21888242871839275222246405745257275088548364400416034343698204186575808495617 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/grumpkin/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 21888242871839275222246405745257275088696311157297823662689037894645226208583 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/pallas/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 28948022309329048855892746252171976963363056481941647379679742748393362948097 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/vesta/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 28948022309329048855892746252171976963363056481941560715954676764349967630337 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 8444461749428370424248824938781546531375899335154063827935233455917409239041 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 30): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 2111115437357092606062206234695386632838870926408408195193685246394721360383 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 30): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 6554484396890773809930967563523245729705921265872317281365359162392183254199 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 2736030358979909402780800718157159386076813972158567259200215660948447373041 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 40): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt4_298/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 475922286169261325753349249653048451545124879242694725395555128576210262817955800483758081 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt6_298/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt4_298/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt6_298/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 475922286169261325753349249653048451545124879242694725395555128576210262817955800483758081 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381_bandersnatch/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 13108968793781547619861935127046491459309155893440570251786403306729687672801 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bls12_377/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bw6_761/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/cp6_782/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bls12_381/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bw6_767/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 32333053251621136751331591711861691692049189094364332567435817881934511297123972799646723302813083835942624121493 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /test-curves/src/ed_on_bls12_381/mod.rs: -------------------------------------------------------------------------------- 1 | //! This library implements a twisted Edwards curve whose base field is the scalar field of the 2 | //! curve BLS12-377. This allows defining cryptographic primitives that use elliptic curves over 3 | //! the scalar field of the latter curve. This curve was generated by Sean Bowe, and is also known 4 | //! as [Jubjub](https://github.com/zkcrypto/jubjub). 5 | //! 6 | //! Curve information: 7 | //! * Base field: q = 52435875175126190479447740508185965837690552500527637822603658699938581184513 8 | //! * Scalar field: r = 6554484396890773809930967563523245729705921265872317281365359162392183254199 9 | //! * Valuation(q - 1, 2) = 32 10 | //! * Valuation(r - 1, 2) = 1 11 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 12 | //! * a = -1 13 | //! * d = -(10240/10241) 14 | 15 | mod fq; 16 | mod fr; 17 | mod g; 18 | pub use fq::*; 19 | pub use fr::*; 20 | pub use g::*; 21 | 22 | #[cfg(test)] 23 | mod tests; 24 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/fields/fq2.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{ 2 | fields::fp2::{Fp2, Fp2Config}, 3 | Field, MontFp, 4 | }; 5 | 6 | use crate::Fq; 7 | 8 | pub type Fq2 = Fp2; 9 | 10 | pub struct Fq2Config; 11 | 12 | impl Fp2Config for Fq2Config { 13 | type Fp = Fq; 14 | 15 | /// The quadratic non-residue (17) used to construct the extension is 16 | /// the same as that used in [`libff`](https://github.com/scipr-lab/libff/blob/c927821ebe02e0a24b5e0f9170cec5e211a35f08/libff/algebra/curves/mnt/mnt4/mnt4_init.cpp#L102). 17 | const NONRESIDUE: Fq = MontFp!("17"); 18 | 19 | /// Precomputed coefficients: 20 | /// `[1, 475922286169261325753349249653048451545124879242694725395555128576210262817955800483758080]` 21 | const FROBENIUS_COEFF_FP2_C1: &'static [Self::Fp] = &[ 22 | Fq::ONE, 23 | MontFp!("475922286169261325753349249653048451545124879242694725395555128576210262817955800483758080"), 24 | ]; 25 | } 26 | -------------------------------------------------------------------------------- /test-curves/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![no_std] 2 | 3 | pub use ark_ff::{self, fields::models::*, FftField, Field, LegendreSymbol, MontFp, PrimeField}; 4 | 5 | pub use ark_ec::{self, *}; 6 | 7 | #[cfg(any(feature = "bls12_381_scalar_field", feature = "bls12_381_curve"))] 8 | pub mod bls12_381; 9 | 10 | #[cfg(any(feature = "bls12_381_scalar_field", feature = "ed_on_bls12_381"))] 11 | pub mod ed_on_bls12_381; 12 | 13 | #[cfg(feature = "mnt6_753")] 14 | pub mod mnt6_753; 15 | 16 | #[cfg(any( 17 | feature = "mnt4_753_scalar_field", 18 | feature = "mnt4_753_base_field", 19 | feature = "mnt4_753_curve" 20 | ))] 21 | pub mod mnt4_753; 22 | 23 | #[cfg(any( 24 | feature = "bn384_small_two_adicity_scalar_field", 25 | feature = "bn384_small_two_adicity_base_field", 26 | feature = "bn384_small_two_adicity_curve" 27 | ))] 28 | pub mod bn384_small_two_adicity; 29 | 30 | #[cfg(feature = "secp256k1")] 31 | pub mod secp256k1; 32 | 33 | pub mod fp128; 34 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::{fp::FpVar, fp2::Fp2Var, fp4::Fp4Var}; 2 | 3 | use crate::{Fq, Fq2Config, Fq4Config}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | /// A variable that is the R1CS equivalent of `crate::Fq2`. 8 | pub type Fq2Var = Fp2Var; 9 | /// A variable that is the R1CS equivalent of `crate::Fq4`. 10 | pub type Fq4Var = Fp4Var; 11 | 12 | #[test] 13 | fn mnt4_298_field_gadgets_test() { 14 | use super::*; 15 | use crate::{Fq, Fq2, Fq4}; 16 | use ark_curve_constraint_tests::fields::*; 17 | 18 | field_test::<_, _, FqVar>().unwrap(); 19 | frobenius_tests::(13).unwrap(); 20 | 21 | field_test::<_, _, Fq2Var>().unwrap(); 22 | frobenius_tests::(13).unwrap(); 23 | 24 | field_test::<_, _, Fq4Var>().unwrap(); 25 | frobenius_tests::(13).unwrap(); 26 | } 27 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::{fp::FpVar, fp2::Fp2Var, fp4::Fp4Var}; 2 | 3 | use crate::{Fq, Fq2Config, Fq4Config}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | /// A variable that is the R1CS equivalent of `crate::Fq2`. 8 | pub type Fq2Var = Fp2Var; 9 | /// A variable that is the R1CS equivalent of `crate::Fq4`. 10 | pub type Fq4Var = Fp4Var; 11 | 12 | #[test] 13 | fn mnt4_753_field_gadgets_test() { 14 | use super::*; 15 | use crate::{Fq, Fq2, Fq4}; 16 | use ark_curve_constraint_tests::fields::*; 17 | 18 | field_test::<_, _, FqVar>().unwrap(); 19 | frobenius_tests::(13).unwrap(); 20 | 21 | field_test::<_, _, Fq2Var>().unwrap(); 22 | frobenius_tests::(13).unwrap(); 23 | 24 | field_test::<_, _, Fq4Var>().unwrap(); 25 | frobenius_tests::(13).unwrap(); 26 | } 27 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::{fp::FpVar, fp3::Fp3Var, fp6_2over3::Fp6Var}; 2 | 3 | use crate::{Fq, Fq3Config, Fq6Config}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | /// A variable that is the R1CS equivalent of `crate::Fq3`. 8 | pub type Fq3Var = Fp3Var; 9 | /// A variable that is the R1CS equivalent of `crate::Fq6`. 10 | pub type Fq6Var = Fp6Var; 11 | 12 | #[test] 13 | fn mnt6_298_field_gadgets_test() { 14 | use super::*; 15 | use crate::{Fq, Fq3, Fq6}; 16 | use ark_curve_constraint_tests::fields::*; 17 | 18 | field_test::<_, _, FqVar>().unwrap(); 19 | frobenius_tests::(13).unwrap(); 20 | 21 | field_test::<_, _, Fq3Var>().unwrap(); 22 | frobenius_tests::(13).unwrap(); 23 | 24 | field_test::<_, _, Fq6Var>().unwrap(); 25 | frobenius_tests::(13).unwrap(); 26 | } 27 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::{fp::FpVar, fp3::Fp3Var, fp6_2over3::Fp6Var}; 2 | 3 | use crate::{Fq, Fq3Config, Fq6Config}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | /// A variable that is the R1CS equivalent of `crate::Fq3`. 8 | pub type Fq3Var = Fp3Var; 9 | /// A variable that is the R1CS equivalent of `crate::Fq6`. 10 | pub type Fq6Var = Fp6Var; 11 | 12 | #[test] 13 | fn mnt6_753_field_gadgets_test() { 14 | use super::*; 15 | use crate::{Fq, Fq3, Fq6}; 16 | use ark_curve_constraint_tests::fields::*; 17 | 18 | field_test::<_, _, FqVar>().unwrap(); 19 | frobenius_tests::(13).unwrap(); 20 | 21 | field_test::<_, _, Fq3Var>().unwrap(); 22 | frobenius_tests::(13).unwrap(); 23 | 24 | field_test::<_, _, Fq6Var>().unwrap(); 25 | frobenius_tests::(13).unwrap(); 26 | } 27 | -------------------------------------------------------------------------------- /curves/secp384r1/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the secp384r1 curve. 12 | //! Source: 13 | //! 14 | //! Curve information: 15 | //! * Base field: q = 16 | //! 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff 17 | //! * Scalar field: r = 18 | //! 0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973 19 | //! * a = -3 20 | //! * b = 0xb3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef 21 | //! * Curve equation: y^2 = x^3 + ax + b 22 | 23 | #[cfg(feature = "r1cs")] 24 | pub mod constraints; 25 | mod curves; 26 | mod fields; 27 | 28 | pub use curves::*; 29 | pub use fields::*; 30 | -------------------------------------------------------------------------------- /serialize-derive/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![warn( 2 | unused, 3 | future_incompatible, 4 | nonstandard_style, 5 | rust_2018_idioms, 6 | rust_2021_compatibility 7 | )] 8 | #![forbid(unsafe_code)] 9 | 10 | use syn::{parse_macro_input, DeriveInput}; 11 | 12 | mod serialize; 13 | use serialize::impl_canonical_serialize; 14 | 15 | mod deserialize; 16 | use deserialize::impl_canonical_deserialize; 17 | 18 | #[proc_macro_derive(CanonicalSerialize)] 19 | pub fn derive_canonical_serialize(input: proc_macro::TokenStream) -> proc_macro::TokenStream { 20 | let ast = parse_macro_input!(input as DeriveInput); 21 | proc_macro::TokenStream::from(impl_canonical_serialize(&ast)) 22 | } 23 | 24 | #[proc_macro_derive(CanonicalDeserialize)] 25 | pub fn derive_canonical_deserialize(input: proc_macro::TokenStream) -> proc_macro::TokenStream { 26 | let ast = parse_macro_input!(input as DeriveInput); 27 | proc_macro::TokenStream::from(impl_canonical_deserialize(&ast)) 28 | } 29 | -------------------------------------------------------------------------------- /curves/mnt4_298/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::mnt4; 2 | 3 | use crate::Config; 4 | 5 | /// An element of G1 in the MNT4-298 bilinear group. 6 | pub type G1Var = mnt4::G1Var; 7 | /// An element of G2 in the MNT4-298 bilinear group. 8 | pub type G2Var = mnt4::G2Var; 9 | 10 | /// Represents the cached precomputation that can be performed on a G1 element 11 | /// which enables speeding up pairing computation. 12 | pub type G1PreparedVar = mnt4::G1PreparedVar; 13 | /// Represents the cached precomputation that can be performed on a G2 element 14 | /// which enables speeding up pairing computation. 15 | pub type G2PreparedVar = mnt4::G2PreparedVar; 16 | 17 | #[test] 18 | fn test() { 19 | use ark_ec::models::mnt4::MNT4Config; 20 | ark_curve_constraint_tests::curves::sw_test::<::G1Config, G1Var>() 21 | .unwrap(); 22 | ark_curve_constraint_tests::curves::sw_test::<::G2Config, G2Var>() 23 | .unwrap(); 24 | } 25 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::mnt4; 2 | 3 | use crate::Config; 4 | 5 | /// An element of G1 in the MNT4-753 bilinear group. 6 | pub type G1Var = mnt4::G1Var; 7 | /// An element of G2 in the MNT4-753 bilinear group. 8 | pub type G2Var = mnt4::G2Var; 9 | 10 | /// Represents the cached precomputation that can be performed on a G1 element 11 | /// which enables speeding up pairing computation. 12 | pub type G1PreparedVar = mnt4::G1PreparedVar; 13 | /// Represents the cached precomputation that can be performed on a G2 element 14 | /// which enables speeding up pairing computation. 15 | pub type G2PreparedVar = mnt4::G2PreparedVar; 16 | 17 | #[test] 18 | fn test() { 19 | use ark_ec::models::mnt4::MNT4Config; 20 | ark_curve_constraint_tests::curves::sw_test::<::G1Config, G1Var>() 21 | .unwrap(); 22 | ark_curve_constraint_tests::curves::sw_test::<::G2Config, G2Var>() 23 | .unwrap(); 24 | } 25 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::mnt6; 2 | 3 | use crate::Config; 4 | 5 | /// An element of G1 in the MNT6-298 bilinear group. 6 | pub type G1Var = mnt6::G1Var; 7 | /// An element of G2 in the MNT6-298 bilinear group. 8 | pub type G2Var = mnt6::G2Var; 9 | 10 | /// Represents the cached precomputation that can be performed on a G1 element 11 | /// which enables speeding up pairing computation. 12 | pub type G1PreparedVar = mnt6::G1PreparedVar; 13 | /// Represents the cached precomputation that can be performed on a G2 element 14 | /// which enables speeding up pairing computation. 15 | pub type G2PreparedVar = mnt6::G2PreparedVar; 16 | 17 | #[test] 18 | fn test() { 19 | use ark_ec::models::mnt6::MNT6Config; 20 | ark_curve_constraint_tests::curves::sw_test::<::G1Config, G1Var>() 21 | .unwrap(); 22 | ark_curve_constraint_tests::curves::sw_test::<::G2Config, G2Var>() 23 | .unwrap(); 24 | } 25 | -------------------------------------------------------------------------------- /curves/mnt6_753/src/constraints/curves.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::groups::mnt6; 2 | 3 | use crate::Config; 4 | 5 | /// An element of G1 in the MNT6-753 bilinear group. 6 | pub type G1Var = mnt6::G1Var; 7 | /// An element of G2 in the MNT6-753 bilinear group. 8 | pub type G2Var = mnt6::G2Var; 9 | 10 | /// Represents the cached precomputation that can be performed on a G1 element 11 | /// which enables speeding up pairing computation. 12 | pub type G1PreparedVar = mnt6::G1PreparedVar; 13 | /// Represents the cached precomputation that can be performed on a G2 element 14 | /// which enables speeding up pairing computation. 15 | pub type G2PreparedVar = mnt6::G2PreparedVar; 16 | 17 | #[test] 18 | fn test() { 19 | use ark_ec::models::mnt6::MNT6Config; 20 | ark_curve_constraint_tests::curves::sw_test::<::G1Config, G1Var>() 21 | .unwrap(); 22 | ark_curve_constraint_tests::curves::sw_test::<::G2Config, G2Var>() 23 | .unwrap(); 24 | } 25 | -------------------------------------------------------------------------------- /curves/bls12_377/src/curves/mod.rs: -------------------------------------------------------------------------------- 1 | use ark_ec::{ 2 | bls12, 3 | bls12::{Bls12, Bls12Config, TwistType}, 4 | }; 5 | 6 | use crate::*; 7 | 8 | pub mod g1; 9 | pub mod g2; 10 | 11 | mod g1_swu_iso; 12 | mod g2_swu_iso; 13 | 14 | #[cfg(test)] 15 | mod tests; 16 | 17 | pub struct Config; 18 | 19 | impl Bls12Config for Config { 20 | const X: &'static [u64] = &[0x8508c00000000001]; 21 | /// `x` is positive. 22 | const X_IS_NEGATIVE: bool = false; 23 | const TWIST_TYPE: TwistType = TwistType::D; 24 | type Fp = Fq; 25 | type Fp2Config = Fq2Config; 26 | type Fp6Config = Fq6Config; 27 | type Fp12Config = Fq12Config; 28 | type G1Config = g1::Config; 29 | type G2Config = g2::Config; 30 | } 31 | 32 | pub type Bls12_377 = Bls12; 33 | 34 | pub type G1Affine = bls12::G1Affine; 35 | pub type G1Projective = bls12::G1Projective; 36 | pub type G2Affine = bls12::G2Affine; 37 | pub type G2Projective = bls12::G2Projective; 38 | 39 | pub use g1::{G1TEAffine, G1TEProjective}; 40 | -------------------------------------------------------------------------------- /curves/bw6_761/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 6891450384315732539396789682275657542479668912536150109513790160209623422243491736087683183289411687640864567753786613451161759120554247759349511699125301598951605099378508850372543631423596795951899700429969112842764913119068299 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/bw6_767/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 496597749679620867773432037469214230242402307330180853437434581099336634619713640485778675608223760166307530047354464605410050411581079376994803852937842168733702867087556948851016246640584660942486895230518034810309227309966899431 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt4_753/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888253786114353726529584385201591605722013126468931404347949840543007986327743462853720628051692141265303114721689601 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt4_753/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888458477323173057491593855069696241854796396165721416325350064441470418137846398469611935719059908164220784476160001 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt6_753/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888458477323173057491593855069696241854796396165721416325350064441470418137846398469611935719059908164220784476160001 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt6_753/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888253786114353726529584385201591605722013126468931404347949840543007986327743462853720628051692141265303114721689601 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/cp6_782/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/scripts/base_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888458477323173057491593855069696241854796396165721416325350064441470418137846398469611935719059908164220784476160001 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_753/scripts/scalar_field.sage: -------------------------------------------------------------------------------- 1 | modulus = 5237311370989869175293026848905079641021338739994243633972937865128169101571388346632361720473792365177258871486054600656048925740061347509722287043067341250552640264308621296888446513816907173362124418513727200975392177480577 2 | 3 | assert(modulus.is_prime()) 4 | 5 | Fp = GF(modulus) 6 | 7 | generator = Fp(0); 8 | for i in range(0, 20): 9 | i = Fp(i); 10 | neg_i = Fp(-i) 11 | if not(i.is_primitive_root() or neg_i.is_primitive_root()): 12 | continue 13 | elif i.is_primitive_root(): 14 | assert(i.is_primitive_root()); 15 | print("Generator: %d" % i) 16 | generator = i 17 | break 18 | else: 19 | assert(neg_i.is_primitive_root()); 20 | print("Generator: %d" % neg_i) 21 | generator = neg_i 22 | break 23 | 24 | 25 | two_adicity = valuation(modulus - 1, 2); 26 | trace = (modulus - 1) / 2**two_adicity; 27 | two_adic_root_of_unity = generator^trace 28 | print("2-adic Root of Unity: %d " % two_adic_root_of_unity) 29 | -------------------------------------------------------------------------------- /curves/mnt6_298/src/fields/fq6.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{ 2 | fields::fp6_2over3::{Fp6, Fp6Config}, 3 | AdditiveGroup, Field, MontFp, 4 | }; 5 | 6 | use crate::{Fq, Fq3, Fq3Config}; 7 | 8 | pub type Fq6 = Fp6; 9 | 10 | pub struct Fq6Config; 11 | 12 | impl Fp6Config for Fq6Config { 13 | type Fp3Config = Fq3Config; 14 | 15 | const NONRESIDUE: Fq3 = Fq3::new(Fq::ZERO, Fq::ONE, Fq::ZERO); 16 | 17 | const FROBENIUS_COEFF_FP6_C1: &'static [Fq] = &[ 18 | Fq::ONE, 19 | MontFp!("471738898967521029133040851318449165997304108729558973770077319830005517129946578866686957"), 20 | MontFp!("471738898967521029133040851318449165997304108729558973770077319830005517129946578866686956"), 21 | MontFp!("475922286169261325753349249653048451545124878552823515553267735739164647307408490559963136"), 22 | MontFp!("4183387201740296620308398334599285547820769823264541783190415909159130177461911693276180"), 23 | MontFp!("4183387201740296620308398334599285547820769823264541783190415909159130177461911693276181"), 24 | ]; 25 | } 26 | -------------------------------------------------------------------------------- /curves/grumpkin/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the prime-order curve Grumpkin, generated by 12 | //! Zachary J. Williamson from Aztec protocol. The main feature of this 13 | //! curve is that it forms a cycle with bn254, i.e. its scalar field and base 14 | //! field respectively are the base field and scalar field of bn254. 15 | //! 16 | //! 17 | //! Curve information: 18 | //! Grumpkin: 19 | //! * Base field: q = 20 | //! 21888242871839275222246405745257275088548364400416034343698204186575808495617 21 | //! * Scalar field: r = 22 | //! 21888242871839275222246405745257275088696311157297823662689037894645226208583 23 | //! * Curve equation: y^2 = x^3 - 17 24 | //! * Valuation(q - 1, 2) = 28 25 | //! * Valuation(r - 1, 2) = 1 26 | 27 | #[cfg(feature = "r1cs")] 28 | pub mod constraints; 29 | mod curves; 30 | mod fields; 31 | 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /curves/vesta/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the prime-order curve Vesta, generated by 12 | //! [Daira Hopwood](https://github.com/zcash/pasta). The main feature of this 13 | //! curve is that it forms a cycle with Pallas, i.e. its scalar field and base 14 | //! field respectively are the base field and scalar field of Pallas. 15 | //! 16 | //! 17 | //! Curve information: 18 | //! Vesta: 19 | //! * Base field: q = 20 | //! 28948022309329048855892746252171976963363056481941647379679742748393362948097 21 | //! * Scalar field: r = 22 | //! 28948022309329048855892746252171976963363056481941560715954676764349967630337 23 | //! * Curve equation: y^2 = x^3 + 5 24 | //! * Valuation(q - 1, 2) = 32 25 | //! * Valuation(r - 1, 2) = 32 26 | 27 | #[cfg(feature = "r1cs")] 28 | pub mod constraints; 29 | mod curves; 30 | mod fields; 31 | 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /curves/ed_on_bw6_761/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![forbid(unsafe_code)] 3 | //! This library implements a twisted Edwards curve whose base field is the 4 | //! scalar field of the curve BW6_761. *It is the same curve as that in 5 | //! `ark-ed_on_cp6_782`.* This allows defining cryptographic primitives that use 6 | //! elliptic curves over the scalar field of the latter curve. This curve was 7 | //! generated as part of the paper [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962). 8 | //! 9 | //! Curve information: 10 | //! * Base field: q = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 11 | //! * Scalar field: r = 32333053251621136751331591711861691692049189094364332567435817881934511297123972799646723302813083835942624121493 12 | //! * Valuation(q - 1, 2) = 46 13 | //! * Valuation(r - 1, 2) = 2 14 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 15 | //! * a = -1 16 | //! * d = 79743 17 | 18 | pub use ark_ed_on_cp6_782::*; 19 | 20 | #[cfg(feature = "r1cs")] 21 | pub mod constraints; 22 | -------------------------------------------------------------------------------- /curves/ed_on_mnt4_298/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements a twisted Edwards curve whose base field is the 12 | //! scalar field of the curve MNT4-298. This allows defining cryptographic 13 | //! primitives that use elliptic curves over the scalar field of the latter 14 | //! curve. 15 | //! 16 | //! Curve information: 17 | //! * Base field: q = 18 | //! 475922286169261325753349249653048451545124878552823515553267735739164647307408490559963137 19 | //! * Scalar field: r = 20 | //! 118980571542315331438337312413262112886281219744507561120271964887686106682370032123932631 21 | //! * Valuation(q - 1, 2) = 30 22 | //! * Valuation(r - 1, 2) = 1 23 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 24 | //! * a = -1 25 | //! * d = 4212 mod q 26 | 27 | #[cfg(feature = "r1cs")] 28 | pub mod constraints; 29 | mod curves; 30 | mod fields; 31 | 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /LICENSE-MIT: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy 4 | of this software and associated documentation files (the "Software"), to deal 5 | in the Software without restriction, including without limitation the rights 6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 7 | copies of the Software, and to permit persons to whom the Software is 8 | furnished to do so, subject to the following conditions: 9 | 10 | The above copyright notice and this permission notice shall be included in 11 | all copies or substantial portions of the Software. 12 | 13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 19 | THE SOFTWARE. 20 | -------------------------------------------------------------------------------- /bench-templates/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-algebra-bench-templates" 3 | description = "A benchmark library for finite fields and elliptic curves" 4 | keywords = ["cryptography", "finite-fields", "elliptic-curves", "pairing"] 5 | documentation = "https://docs.rs/ark-algebra-bench-templates/" 6 | version.workspace = true 7 | authors.workspace = true 8 | homepage.workspace = true 9 | repository.workspace = true 10 | categories.workspace = true 11 | include.workspace = true 12 | license.workspace = true 13 | edition.workspace = true 14 | rust-version.workspace = true 15 | metadata.docs.rs.workspace = true 16 | metadata.release.workspace = true 17 | 18 | 19 | ################################# Dependencies ################################ 20 | 21 | [dependencies] 22 | criterion = { workspace = true, features = [ "html_reports" ] } 23 | ark-std.workspace = true 24 | ark-ec.workspace = true 25 | ark-ff.workspace = true 26 | ark-serialize.workspace = true 27 | paste.workspace = true 28 | 29 | [features] 30 | asm = [ "ark-ff/asm" ] 31 | parallel = [ "ark-std/parallel", "ark-ff/parallel", "ark-ec/parallel", "ark-serialize/parallel" ] 32 | -------------------------------------------------------------------------------- /curves/ed_on_bw6_761/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-ed-on-bw6-761" 3 | version = "0.4.0" 4 | authors = [ "arkworks contributors" ] 5 | description = "A Twisted Edwards curve defined over the scalar field of the BW6-761 curve" 6 | homepage = "https://arkworks.rs" 7 | repository = "https://github.com/arkworks-rs/algebra" 8 | documentation = "https://docs.rs/ark-ed-on-bw6-761/" 9 | keywords = ["cryptography", "finite-fields", "elliptic-curves" ] 10 | categories = ["cryptography"] 11 | include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"] 12 | license = "MIT/Apache-2.0" 13 | edition = "2021" 14 | 15 | [dependencies] 16 | ark-ed-on-cp6-782 = { version = "0.4.0", path = "../ed_on_cp6_782", default-features = false } 17 | 18 | [dev-dependencies] 19 | ark-relations = { version = "0.4.0", default-features = false } 20 | ark-r1cs-std = { version = "0.4.0", default-features = false } 21 | ark-ff = { version = "0.4.0", default-features = false } 22 | ark-std = { version = "0.4.0", default-features = false } 23 | 24 | [features] 25 | default = [] 26 | std = [ "ark-ed-on-cp6-782/std" ] 27 | r1cs = [ "ark-ed-on-cp6-782/r1cs" ] 28 | -------------------------------------------------------------------------------- /curves/bls12_381/src/fields/fq2.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{fields::*, MontFp}; 2 | 3 | use crate::*; 4 | 5 | pub type Fq2 = Fp2; 6 | 7 | pub struct Fq2Config; 8 | 9 | impl Fp2Config for Fq2Config { 10 | type Fp = Fq; 11 | 12 | /// NONRESIDUE = -1 13 | const NONRESIDUE: Fq = MontFp!("-1"); 14 | 15 | /// Coefficients for the Frobenius automorphism. 16 | const FROBENIUS_COEFF_FP2_C1: &'static [Fq] = &[ 17 | // Fq(-1)**(((q^0) - 1) / 2) 18 | Fq::ONE, 19 | // Fq(-1)**(((q^1) - 1) / 2) 20 | MontFp!("-1"), 21 | ]; 22 | 23 | #[inline(always)] 24 | fn mul_fp_by_nonresidue_in_place(fp: &mut Self::Fp) -> &mut Self::Fp { 25 | fp.neg_in_place() 26 | } 27 | 28 | #[inline(always)] 29 | fn sub_and_mul_fp_by_nonresidue(y: &mut Self::Fp, x: &Self::Fp) { 30 | *y += x; 31 | } 32 | 33 | #[inline(always)] 34 | fn mul_fp_by_nonresidue_plus_one_and_add(y: &mut Self::Fp, x: &Self::Fp) { 35 | *y = *x; 36 | } 37 | 38 | fn mul_fp_by_nonresidue_and_add(y: &mut Self::Fp, x: &Self::Fp) { 39 | y.neg_in_place(); 40 | *y += x; 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /test-templates/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-algebra-test-templates" 3 | description = "A library for tests for finite fields, elliptic curves, and pairings" 4 | keywords = ["cryptography", "finite-fields", "elliptic-curves" ] 5 | documentation = "https://docs.rs/ark-algebra-test-templates/" 6 | version.workspace = true 7 | authors.workspace = true 8 | homepage.workspace = true 9 | repository.workspace = true 10 | categories.workspace = true 11 | include.workspace = true 12 | license.workspace = true 13 | edition.workspace = true 14 | rust-version.workspace = true 15 | metadata.docs.rs.workspace = true 16 | metadata.release.workspace = true 17 | 18 | [dependencies] 19 | ark-std.workspace = true 20 | ark-serialize.workspace = true 21 | ark-ff.workspace = true 22 | ark-ec.workspace = true 23 | num-bigint.workspace = true 24 | num-integer.workspace = true 25 | num-traits.workspace = true 26 | serde.workspace = true 27 | serde_json.workspace = true 28 | serde_derive.workspace = true 29 | hex.workspace = true 30 | sha2.workspace = true 31 | 32 | [features] 33 | default = [] 34 | std = [ "ark-std/std", "ark-ff/std", "ark-serialize/std", "ark-ec/std" ] 35 | -------------------------------------------------------------------------------- /.github/workflows/release_pr.yml: -------------------------------------------------------------------------------- 1 | name: Open a release PR 2 | on: 3 | workflow_dispatch: 4 | inputs: 5 | version: 6 | description: Version to release 7 | required: true 8 | type: choice 9 | # Currently only alpha and patch releases are supported by this workflow, due to https://github.com/rust-lang/cargo/issues/4242 10 | options: 11 | - alpha 12 | - patch 13 | base_branch: 14 | description: Branch to target 15 | required: true 16 | type: string 17 | default: 'releases' 18 | 19 | jobs: 20 | make-release-pr: 21 | runs-on: ubuntu-latest 22 | steps: 23 | - name: Install cargo-release 24 | uses: taiki-e/install-action@v1 25 | with: 26 | tool: cargo-release 27 | 28 | - uses: actions/checkout@v3 29 | - uses: cargo-bins/release-pr@v2 30 | with: 31 | pr-template-file: .github/release-pr-template.ejs 32 | github-token: ${{ secrets.GITHUB_TOKEN }} 33 | version: ${{ inputs.version }} 34 | crate-release-all: true 35 | base-branch: ${{ inputs.base_branch }} 36 | -------------------------------------------------------------------------------- /.hooks/pre-commit: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | if ! command -v rustfmt &> /dev/null; then 4 | printf "[pre_commit] \033[0;31merror\033[0m: \"rustfmt\" not available. \n" 5 | printf "[pre_commit] \033[0;31merror\033[0m: rustfmt can be installed via - \n" 6 | printf "[pre_commit] $ rustup component add rustfmt \n" 7 | exit 1 8 | fi 9 | 10 | problem_files=() 11 | 12 | # collect ill-formatted files 13 | for file in $(git diff --name-only --cached); do 14 | if [ "${file: -3}" == ".rs" ]; then 15 | if rustfmt +stable --check "$file" &>/dev/null; then 16 | problem_files+=("$file") 17 | fi 18 | fi 19 | done 20 | 21 | if [ ${#problem_files[@]} == 0 ]; then 22 | # done 23 | printf "[pre_commit] rustfmt \033[0;32mok\033[0m \n" 24 | else 25 | # reformat the files that need it and re-stage them. 26 | printf "[pre_commit] the following files were rustfmt'd before commit: \n" 27 | for file in "${problem_files[@]}"; do 28 | rustfmt +stable "$file" 29 | git add "$file" 30 | printf "\033[0;32m %s\033[0m \n" "$file" 31 | done 32 | fi 33 | 34 | exit 0 35 | -------------------------------------------------------------------------------- /curves/mnt4_753/src/fields/fq2.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{ 2 | fields::fp2::{Fp2, Fp2Config}, 3 | Field, MontFp, 4 | }; 5 | 6 | use crate::Fq; 7 | 8 | pub type Fq2 = Fp2; 9 | 10 | pub struct Fq2Config; 11 | 12 | impl Fp2Config for Fq2Config { 13 | type Fp = Fq; 14 | 15 | // non_residue = 13 16 | const NONRESIDUE: Fq = MontFp!("13"); 17 | 18 | // Coefficients: 19 | // [1, 41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888253786114353726529584385201591605722013126468931404347949840543007986327743462853720628051692141265303114721689600] 20 | // see https://github.com/o1-labs/snarky/blob/2cf5ef3a14989e57c17518832b3c52590068fc48/src/camlsnark_c/libsnark-caml/depends/libff/libff/algebra/curves/mnt753/mnt4753/mnt4753_init.cpp 21 | const FROBENIUS_COEFF_FP2_C1: &'static [Self::Fp] = &[ 22 | Fq::ONE, 23 | MontFp!("41898490967918953402344214791240637128170709919953949071783502921025352812571106773058893763790338921418070971888253786114353726529584385201591605722013126468931404347949840543007986327743462853720628051692141265303114721689600"), 24 | ]; 25 | } 26 | -------------------------------------------------------------------------------- /curves/bls12_377/src/fields/fr.rs: -------------------------------------------------------------------------------- 1 | //! Bls12-377 scalar field. 2 | /// Roots of unity computed from modulus and R using this sage code: 3 | /// 4 | /// ```ignore 5 | /// q = 8444461749428370424248824938781546531375899335154063827935233455917409239041 6 | /// R = 6014086494747379908336260804527802945383293308637734276299549080986809532403 # Montgomery R 7 | /// s = 47 8 | /// o = q - 1 9 | /// F = GF(q) 10 | /// g = F.multiplicative_generator() 11 | /// g = F.multiplicative_generator() 12 | /// assert g.multiplicative_order() == o 13 | /// g2 = g ** (o/2**s) 14 | /// assert g2.multiplicative_order() == 2**s 15 | /// def into_chunks(val, width, n): 16 | /// return [int(int(val) // (2 ** (width * i)) % 2 ** width) for i in range(n)] 17 | /// print("Gen: ", g * R % q) 18 | /// print("Gen: ", into_chunks(g * R % q, 64, 4)) 19 | /// print("2-adic gen: ", into_chunks(g2 * R % q, 64, 4)) 20 | /// ``` 21 | use ark_ff::fields::{Fp256, MontBackend, MontConfig}; 22 | 23 | #[derive(MontConfig)] 24 | #[modulus = "8444461749428370424248824938781546531375899335154063827935233455917409239041"] 25 | #[generator = "22"] 26 | pub struct FrConfig; 27 | pub type Fr = Fp256>; 28 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_377/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements a twisted Edwards curve whose base field is the 12 | //! scalar field of the curve BLS12-377. This allows defining cryptographic 13 | //! primitives that use elliptic curves over the scalar field of the latter 14 | //! curve. This curve was generated as part of the paper [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962). 15 | //! 16 | //! Curve information: 17 | //! * Base field: q = 18 | //! 8444461749428370424248824938781546531375899335154063827935233455917409239041 19 | //! * Scalar field: r = 20 | //! 2111115437357092606062206234695386632838870926408408195193685246394721360383 21 | //! * Valuation(q - 1, 2) = 47 22 | //! * Valuation(r - 1, 2) = 1 23 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 24 | //! * a = -1 25 | //! * d = 3021 26 | 27 | #[cfg(feature = "r1cs")] 28 | pub mod constraints; 29 | mod curves; 30 | mod fields; 31 | 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /curves/ed_on_bls12_381/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements a twisted Edwards curve whose base field is the 12 | //! scalar field of the curve BLS12-381. This allows defining cryptographic 13 | //! primitives that use elliptic curves over the scalar field of the latter 14 | //! curve. This curve was generated by Sean Bowe, and is also known as [Jubjub](https://github.com/zkcrypto/jubjub). 15 | //! 16 | //! Curve information: 17 | //! * Base field: q = 18 | //! 52435875175126190479447740508185965837690552500527637822603658699938581184513 19 | //! * Scalar field: r = 20 | //! 6554484396890773809930967563523245729705921265872317281365359162392183254199 21 | //! * Valuation(q - 1, 2) = 32 22 | //! * Valuation(r - 1, 2) = 1 23 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 24 | //! * a = -1 25 | //! * d = -(10240/10241) 26 | 27 | #[cfg(feature = "r1cs")] 28 | pub mod constraints; 29 | mod curves; 30 | mod fields; 31 | 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /scripts/linkify_changelog.py: -------------------------------------------------------------------------------- 1 | import fileinput 2 | import os 3 | import re 4 | import sys 5 | 6 | # Set this to the name of the repo, if you don't want it to be read from the filesystem. 7 | # It assumes the changelog file is in the root of the repo. 8 | repo_name = "" 9 | 10 | # This script goes through the provided file, and replaces any " \#", 11 | # with the valid mark down formatted link to it. e.g. 12 | # " [\#number](https://github.com/arkworks-rs/template/pull/) 13 | # Note that if the number is for a an issue, github will auto-redirect you when you click the link. 14 | # It is safe to run the script multiple times in succession. 15 | # 16 | # Example usage $ python3 linkify_changelog.py ../CHANGELOG.md 17 | changelog_path = sys.argv[1] 18 | if repo_name == "": 19 | path = os.path.abspath(changelog_path) 20 | components = path.split(os.path.sep) 21 | repo_name = components[-2] 22 | 23 | for line in fileinput.input(inplace=True): 24 | line = re.sub( 25 | r"\- #([0-9]*)", 26 | r"- [\#\1](https://github.com/arkworks-rs/" + repo_name + r"/pull/\1)", 27 | line.rstrip(), 28 | ) 29 | # edits the current file 30 | print(line) 31 | -------------------------------------------------------------------------------- /serialize/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-serialize" 3 | description = "A library for serializing types in the arkworks ecosystem" 4 | documentation = "https://docs.rs/ark-serialize/" 5 | version.workspace = true 6 | authors.workspace = true 7 | homepage.workspace = true 8 | repository.workspace = true 9 | categories.workspace = true 10 | include.workspace = true 11 | license.workspace = true 12 | edition.workspace = true 13 | rust-version.workspace = true 14 | metadata.docs.rs.workspace = true 15 | metadata.release.workspace = true 16 | keywords = ["cryptography", "serialization" ] 17 | 18 | [dependencies] 19 | ark-serialize-derive = { workspace = true, optional = true } 20 | ark-std.workspace = true 21 | arrayvec.workspace = true 22 | digest.workspace = true 23 | num-bigint.workspace = true 24 | rayon = { workspace = true, optional = true } 25 | 26 | [dev-dependencies] 27 | sha2.workspace = true 28 | sha3.workspace = true 29 | blake2.workspace = true 30 | ark-test-curves = { workspace = true, default-features = false, features = [ "bls12_381_curve"] } 31 | 32 | 33 | [features] 34 | default = [] 35 | parallel = [ "rayon" ] 36 | std = [ "ark-std/std" ] 37 | derive = [ "ark-serialize-derive" ] 38 | -------------------------------------------------------------------------------- /curves/bls12_377/src/constraints/fields.rs: -------------------------------------------------------------------------------- 1 | use ark_r1cs_std::fields::{fp::FpVar, fp12::Fp12Var, fp2::Fp2Var, fp6_3over2::Fp6Var}; 2 | 3 | use crate::{Fq, Fq12Config, Fq2Config, Fq6Config}; 4 | 5 | /// A variable that is the R1CS equivalent of `crate::Fq`. 6 | pub type FqVar = FpVar; 7 | 8 | /// A variable that is the R1CS equivalent of `crate::Fq2`. 9 | pub type Fq2Var = Fp2Var; 10 | /// A variable that is the R1CS equivalent of `crate::Fq6`. 11 | pub type Fq6Var = Fp6Var; 12 | /// A variable that is the R1CS equivalent of `crate::Fq12`. 13 | pub type Fq12Var = Fp12Var; 14 | 15 | #[test] 16 | fn bls12_377_field_test() { 17 | use super::*; 18 | use crate::{Fq, Fq12, Fq2, Fq6}; 19 | use ark_curve_constraint_tests::fields::*; 20 | 21 | field_test::<_, _, FqVar>().unwrap(); 22 | frobenius_tests::(13).unwrap(); 23 | 24 | field_test::<_, _, Fq2Var>().unwrap(); 25 | frobenius_tests::(13).unwrap(); 26 | 27 | field_test::<_, _, Fq6Var>().unwrap(); 28 | frobenius_tests::(13).unwrap(); 29 | 30 | field_test::<_, _, Fq12Var>().unwrap(); 31 | frobenius_tests::(13).unwrap(); 32 | } 33 | -------------------------------------------------------------------------------- /curves/ed_on_cp6_782/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements a twisted Edwards curve whose base field is the 12 | //! scalar field of the curve CP6. This allows defining cryptographic primitives 13 | //! that use elliptic curves over the scalar field of the latter curve. This curve was generated as part of the paper [\[BCGMMW20, “Zexe”\]](https://eprint.iacr.org/2018/962). 14 | //! 15 | //! Curve information: 16 | //! * Base field: q = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177 17 | //! * Scalar field: r = 32333053251621136751331591711861691692049189094364332567435817881934511297123972799646723302813083835942624121493 18 | //! * Valuation(q - 1, 2) = 46 19 | //! * Valuation(r - 1, 2) = 2 20 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 21 | //! * a = -1 22 | //! * d = 79743 23 | 24 | #[cfg(feature = "r1cs")] 25 | pub mod constraints; 26 | mod curves; 27 | mod fields; 28 | 29 | pub use curves::*; 30 | pub use fields::*; 31 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | 6 | 7 | ## Description 8 | 9 | 12 | 13 | closes: #XXXX 14 | 15 | --- 16 | 17 | Before we can merge this PR, please make sure that all the following items have been 18 | checked off. If any of the checklist items are not applicable, please leave them but 19 | write a little note why. 20 | 21 | - [ ] Targeted PR against correct branch (master) 22 | - [ ] Linked to GitHub issue with discussion and accepted design OR have an explanation in the PR that describes this work. 23 | - [ ] Wrote unit tests 24 | - [ ] Updated relevant documentation in the code 25 | - [ ] Added a relevant changelog entry to the `Pending` section in `CHANGELOG.md` 26 | - [ ] Re-reviewed `Files changed` in the GitHub PR explorer 27 | -------------------------------------------------------------------------------- /curves/curve-constraint-tests/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-curve-constraint-tests" 3 | version = "0.4.0" 4 | authors = [ "arkworks contributors" ] 5 | description = "A library for testing constraints for finite fields, elliptic curves, and pairings" 6 | homepage = "https://arkworks.rs" 7 | repository = "https://github.com/arkworks-rs/algebra" 8 | documentation = "https://docs.rs/ark-curve-constraint-tests/" 9 | keywords = ["cryptography", "finite-fields", "elliptic-curves", "r1cs" ] 10 | categories = ["cryptography"] 11 | include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"] 12 | license = "MIT/Apache-2.0" 13 | edition = "2021" 14 | 15 | [dependencies] 16 | ark-std = { version = "0.4.0", default-features = false } 17 | ark-serialize = { version = "0.4.0", default-features = false } 18 | ark-ff = { version = "0.4.0", default-features = false } 19 | ark-relations = { version = "0.4.0", default-features = false } 20 | ark-r1cs-std = { version = "0.4.0", default-features = false } 21 | ark-ec = { version = "0.4.0", default-features = false } 22 | 23 | [features] 24 | default = [] 25 | std = [ "ark-std/std", "ark-ff/std", "ark-serialize/std", "ark-ec/std", "ark-relations/std", "ark-r1cs-std/std" ] 26 | -------------------------------------------------------------------------------- /test-curves/src/bls12_381/tests.rs: -------------------------------------------------------------------------------- 1 | use crate::bls12_381::*; 2 | use ark_algebra_test_templates::*; 3 | 4 | test_field!(fr; Fr; mont_prime_field); 5 | #[cfg(feature = "bls12_381_curve")] 6 | test_field!(fq; Fq; mont_prime_field); 7 | #[cfg(feature = "bls12_381_curve")] 8 | test_field!(fq2; Fq2); 9 | #[cfg(feature = "bls12_381_curve")] 10 | test_field!(fq6; Fq6); 11 | #[cfg(feature = "bls12_381_curve")] 12 | test_field!(fq12; Fq12); 13 | #[cfg(feature = "bls12_381_curve")] 14 | test_group!(g1; G1Projective; sw); 15 | #[cfg(feature = "bls12_381_curve")] 16 | test_group!(g2; G2Projective; sw); 17 | #[cfg(feature = "bls12_381_curve")] 18 | test_group!(pairing_output; ark_ec::pairing::PairingOutput; msm); 19 | #[cfg(feature = "bls12_381_curve")] 20 | test_group!(glv; G1Projective; glv); 21 | #[cfg(feature = "bls12_381_curve")] 22 | test_pairing!(pairing; crate::bls12_381::Bls12_381); 23 | #[cfg(feature = "bls12_381_curve")] 24 | test_h2c!(g1_h2c; "./src/testdata"; "BLS12381G1"; crate::bls12_381::g1::Config; crate::bls12_381::Fq; crate::bls12_381::Fq; 1); 25 | #[cfg(feature = "bls12_381_curve")] 26 | test_h2c!(g2_hc2; "./src/testdata"; "BLS12381G2"; crate::bls12_381::g2::Config; crate::bls12_381::Fq2; crate::bls12_381::Fq; 2); 27 | -------------------------------------------------------------------------------- /curves/ed_on_bn254/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements a twisted Edwards curve whose base field is the 12 | //! scalar field of the curve BN254. This allows defining cryptographic 13 | //! primitives that use elliptic curves over the scalar field of the latter curve. This curve is also known as [Baby-Jubjub](https://github.com/barryWhiteHat/baby_jubjub). 14 | //! 15 | //! Curve information: 16 | //! * Base field: q = 17 | //! 21888242871839275222246405745257275088548364400416034343698204186575808495617 18 | //! * Scalar field: r = 19 | //! 2736030358979909402780800718157159386076813972158567259200215660948447373041 20 | //! * Valuation(q - 1, 2) = 28 21 | //! * Valuation(r - 1, 2) = 4 22 | //! * Curve equation: ax^2 + y^2 =1 + dx^2y^2, where 23 | //! * a = 1 24 | //! * d = 168696/168700 mod q = 25 | //! 9706598848417545097372247223557719406784115219466060233080913168975159366771 26 | 27 | #[cfg(feature = "r1cs")] 28 | pub mod constraints; 29 | mod curves; 30 | mod fields; 31 | 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /curves/bls12_381/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the BLS12_381 curve generated by [Sean Bowe](https://electriccoin.co/blog/new-snark-curve/). 12 | //! The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree 13 | //! 12, defined over a 381-bit (prime) field. 14 | //! This curve was intended to replace the BN254 curve to provide a higher 15 | //! security level without incurring a large performance overhead. 16 | //! 17 | //! 18 | //! Curve information: 19 | //! * Base field: q = 4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787 20 | //! * Scalar field: r = 21 | //! 52435875175126190479447740508185965837690552500527637822603658699938581184513 22 | //! * valuation(q - 1, 2) = 1 23 | //! * valuation(r - 1, 2) = 32 24 | //! * G1 curve equation: y^2 = x^3 + 4 25 | //! * G2 curve equation: y^2 = x^3 + Fq2(4, 4) 26 | 27 | #[cfg(feature = "curve")] 28 | mod curves; 29 | mod fields; 30 | 31 | #[cfg(feature = "curve")] 32 | pub use curves::*; 33 | pub use fields::*; 34 | -------------------------------------------------------------------------------- /ec/src/models/mod.rs: -------------------------------------------------------------------------------- 1 | use ark_ff::{Field, PrimeField}; 2 | 3 | pub mod bls12; 4 | pub mod bn; 5 | pub mod bw6; 6 | pub mod mnt4; 7 | pub mod mnt6; 8 | 9 | pub mod short_weierstrass; 10 | pub mod twisted_edwards; 11 | 12 | /// Elliptic curves can be represented via different "models" with varying 13 | /// efficiency properties. 14 | /// `CurveConfig` bundles together the types that are common 15 | /// to all models of the given curve, namely the `BaseField` over which the 16 | /// curve is defined, and the `ScalarField` defined by the appropriate 17 | /// prime-order subgroup of the curve. 18 | pub trait CurveConfig: Send + Sync + Sized + 'static { 19 | /// Base field that the curve is defined over. 20 | type BaseField: Field; 21 | /// Finite prime field corresponding to an appropriate prime-order subgroup 22 | /// of the curve group. 23 | type ScalarField: PrimeField + Into<::BigInt>; 24 | 25 | /// The cofactor of this curve, represented as a sequence of little-endian limbs. 26 | const COFACTOR: &'static [u64]; 27 | const COFACTOR_INV: Self::ScalarField; 28 | 29 | fn cofactor_is_one() -> bool { 30 | Self::COFACTOR[0] == 1 && Self::COFACTOR.iter().skip(1).all(|&e| e == 0) 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /curves/pallas/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![deny( 3 | warnings, 4 | unused, 5 | future_incompatible, 6 | nonstandard_style, 7 | rust_2018_idioms 8 | )] 9 | #![forbid(unsafe_code)] 10 | 11 | //! This library implements the prime-order curve Pallas, generated by 12 | //! [Daira Hopwood](https://github.com/zcash/pasta). The main feature of this 13 | //! curve is that it forms a cycle with Vesta, i.e. its scalar field and base 14 | //! field respectively are the base field and scalar field of Vesta. 15 | //! 16 | //! 17 | //! Curve information: 18 | //! * Base field: q = 19 | //! 28948022309329048855892746252171976963363056481941560715954676764349967630337 20 | //! * Scalar field: r = 21 | //! 28948022309329048855892746252171976963363056481941647379679742748393362948097 22 | //! * Curve equation: y^2 = x^3 + 5 23 | //! * Valuation(q - 1, 2) = 32 24 | //! * Valuation(r - 1, 2) = 32 25 | 26 | #[cfg(feature = "r1cs")] 27 | pub mod constraints; 28 | #[cfg(feature = "curve")] 29 | mod curves; 30 | #[cfg(any(feature = "scalar_field", feature = "base_field"))] 31 | mod fields; 32 | 33 | #[cfg(feature = "curve")] 34 | pub use curves::*; 35 | #[cfg(any(feature = "scalar_field", feature = "base_field"))] 36 | pub use fields::*; 37 | -------------------------------------------------------------------------------- /ff/src/lib.rs: -------------------------------------------------------------------------------- 1 | #![cfg_attr(not(feature = "std"), no_std)] 2 | #![warn( 3 | unused, 4 | future_incompatible, 5 | nonstandard_style, 6 | rust_2018_idioms, 7 | rust_2021_compatibility 8 | )] 9 | #![allow(clippy::op_ref, clippy::suspicious_op_assign_impl)] 10 | #![deny(unsafe_code)] 11 | #![doc = include_str!("../README.md")] 12 | 13 | #[macro_use] 14 | extern crate ark_std; 15 | 16 | #[macro_use] 17 | extern crate educe; 18 | 19 | #[macro_use] 20 | pub mod biginteger; 21 | pub use biginteger::{ 22 | signed_mod_reduction, BigInt, BigInteger, BigInteger128, BigInteger256, BigInteger320, 23 | BigInteger384, BigInteger448, BigInteger64, BigInteger768, BigInteger832, 24 | }; 25 | 26 | #[macro_use] 27 | pub mod fields; 28 | pub use self::fields::*; 29 | 30 | pub(crate) mod bits; 31 | pub use bits::*; 32 | 33 | pub(crate) mod const_helpers; 34 | 35 | pub use ark_std::UniformRand; 36 | 37 | mod to_field_vec; 38 | pub use to_field_vec::ToConstraintField; 39 | 40 | #[doc(hidden)] 41 | pub use ark_ff_asm::*; 42 | #[doc(hidden)] 43 | pub use ark_std::vec; 44 | 45 | pub mod prelude { 46 | pub use crate::{ 47 | biginteger::BigInteger, 48 | fields::{Field, PrimeField}, 49 | One, Zero, 50 | }; 51 | pub use ark_std::UniformRand; 52 | } 53 | -------------------------------------------------------------------------------- /curves/secp256r1/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-secp256r1" 3 | version = "0.4.0" 4 | authors = [ "arkworks contributors" ] 5 | description = "The secp256r1 curve" 6 | homepage = "https://arkworks.rs" 7 | repository = "https://github.com/arkworks-rs/algebra" 8 | documentation = "https://docs.rs/ark-secp256r1/" 9 | keywords = ["cryptography", "finite-fields", "elliptic-curves" ] 10 | categories = ["cryptography"] 11 | include = ["Cargo.toml", "src", "LICENSE-APACHE", "LICENSE-MIT"] 12 | license = "MIT/Apache-2.0" 13 | edition = "2021" 14 | 15 | [dependencies] 16 | ark-ff = { version = "0.4.0", default-features = false } 17 | ark-ec = { version = "0.4.0", default-features = false } 18 | ark-r1cs-std = { version = "0.4.0", default-features = false, optional = true } 19 | ark-std = { version = "0.4.0", default-features = false } 20 | 21 | [dev-dependencies] 22 | ark-relations = { version = "0.4.0", default-features = false } 23 | ark-serialize = { version = "0.4.0", default-features = false } 24 | ark-algebra-test-templates = { version = "0.4.0", default-features = false } 25 | ark-curve-constraint-tests = { path = "../curve-constraint-tests", default-features = false } 26 | 27 | [features] 28 | default = [] 29 | std = [ "ark-std/std", "ark-ff/std", "ark-ec/std" ] 30 | r1cs = [ "ark-r1cs-std" ] 31 | -------------------------------------------------------------------------------- /curves/secp384r1/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-secp384r1" 3 | version = "0.4.0" 4 | authors = [ "arkworks contributors" ] 5 | description = "The secp384r1 curve" 6 | homepage = "https://arkworks.rs" 7 | repository = "https://github.com/arkworks-rs/algebra" 8 | documentation = "https://docs.rs/ark-secp384r1/" 9 | keywords = ["cryptography", "finite-fields", "elliptic-curves" ] 10 | categories = ["cryptography"] 11 | include = ["Cargo.toml", "src", "LICENSE-APACHE", "LICENSE-MIT"] 12 | license = "MIT/Apache-2.0" 13 | edition = "2021" 14 | 15 | [dependencies] 16 | ark-ff = { version = "0.4.0", default-features = false } 17 | ark-ec = { version = "0.4.0", default-features = false } 18 | ark-r1cs-std = { version = "0.4.0", default-features = false, optional = true } 19 | ark-std = { version = "0.4.0", default-features = false } 20 | 21 | [dev-dependencies] 22 | ark-relations = { version = "0.4.0", default-features = false } 23 | ark-serialize = { version = "0.4.0", default-features = false } 24 | ark-algebra-test-templates = { version = "0.4.0", default-features = false } 25 | ark-curve-constraint-tests = { path = "../curve-constraint-tests", default-features = false } 26 | 27 | [features] 28 | default = [] 29 | std = [ "ark-std/std", "ark-ff/std", "ark-ec/std" ] 30 | r1cs = [ "ark-r1cs-std" ] 31 | -------------------------------------------------------------------------------- /curves/bls12_381/Cargo.toml: -------------------------------------------------------------------------------- 1 | [package] 2 | name = "ark-bls12-381" 3 | version = "0.4.0" 4 | authors = [ "arkworks contributors" ] 5 | description = "The BLS12-381 pairing-friendly elliptic curve" 6 | homepage = "https://arkworks.rs" 7 | repository = "https://github.com/arkworks-rs/algebra" 8 | documentation = "https://docs.rs/ark-bls12-381/" 9 | keywords = ["cryptography", "finite-fields", "elliptic-curves" ] 10 | categories = ["cryptography"] 11 | include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"] 12 | license = "MIT/Apache-2.0" 13 | edition = "2021" 14 | 15 | [dependencies] 16 | ark-ff = { version= "0.4.0", default-features = false } 17 | ark-ec = { version= "0.4.0" } 18 | ark-std = { version = "0.4.0", default-features = false } 19 | ark-serialize = { version = "0.4.0", default-features = false } 20 | 21 | [dev-dependencies] 22 | ark-algebra-test-templates = { version = "0.4.0", default-features = false } 23 | ark-algebra-bench-templates = { version = "0.4.0", default-features = false } 24 | hex = "^0.4.0" 25 | 26 | [features] 27 | default = [ "curve" ] 28 | std = [ "ark-std/std", "ark-ff/std", "ark-ec/std" ] 29 | 30 | curve = [ "scalar_field" ] 31 | scalar_field = [] 32 | 33 | [[bench]] 34 | name = "bls12_381" 35 | path = "benches/bls12_381.rs" 36 | harness = false 37 | --------------------------------------------------------------------------------