diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index e87acc5c7..18d909e8b 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -118,10 +118,10 @@ jobs: run: | rustc --version cargo --version - - uses: stellar/binaries@v51 + - uses: stellar/binaries@v55 with: name: cargo-semver-checks - version: 0.45.0 + version: 0.46.0 - run: > cargo semver-checks --exclude soroban-meta diff --git a/soroban-sdk-macros/src/map_type.rs b/soroban-sdk-macros/src/map_type.rs index b1b81b91a..f0acdb17c 100644 --- a/soroban-sdk-macros/src/map_type.rs +++ b/soroban-sdk-macros/src/map_type.rs @@ -116,16 +116,18 @@ pub fn map_type(t: &Type, allow_ref: bool, allow_hash: bool) -> Result BytesN, Fr => U256. This approach - // simplifies integration with contract development tooling, as it - // avoids introducing new spec types for these constructs. + // Bls12381Fp/Bls12381Fp2/Bls12381G1Affine/Bls12381G2Affine => BytesN, + // Bls12381Fr/Bn254Fr => U256. This approach simplifies integration with + // contract development tooling, as it avoids introducing new spec types + // for these constructs. // // While this is functionally sound because the types are // essentially newtypes over their inner representations, it means - // that the specific semantic meaning of `G1Affine`, `G2Affine`, or - // `Fr` is not directly visible in the compiled WASM interface. For - // example, a contract function expecting a `G1Affine` will appear - // in the WASM interface as expecting a `BytesN<96>`. + // that the specific semantic meaning of `Bls12381G1Affine`, + // `Bls12381G2Affine`, `Bls12381Fr`, or `Bn254Fr` is not directly visible + // in the compiled WASM interface. For example, a contract function + // expecting a `Bls12381G1Affine` will appear in the WASM interface as + // expecting a `BytesN<96>`. // // Future enhancements might allow the macro to automatically deduce // and utilize the inner types for types defined using the New Type @@ -133,8 +135,8 @@ pub fn map_type(t: &Type, allow_ref: bool, allow_hash: bool) -> Result Ok(ScSpecTypeDef::BytesN(ScSpecTypeBytesN { n: FP_SERIALIZED_SIZE, })), @@ -147,6 +149,8 @@ pub fn map_type(t: &Type, allow_ref: bool, allow_hash: bool) -> Result Ok(ScSpecTypeDef::BytesN(ScSpecTypeBytesN { n: G2_SERIALIZED_SIZE, })), + // Deprecated: `Fr` maps to BLS12-381 Fr for backward compat. + // Use `Bls12381Fr` or `Bn254Fr` instead. "Fr" => Ok(ScSpecTypeDef::U256), // BLS12-381 prefixed type names "Bls12381Fp" => Ok(ScSpecTypeDef::BytesN(ScSpecTypeBytesN { @@ -161,6 +165,7 @@ pub fn map_type(t: &Type, allow_ref: bool, allow_hash: bool) -> Result Ok(ScSpecTypeDef::BytesN(ScSpecTypeBytesN { n: G2_SERIALIZED_SIZE, })), + "Bls12381Fr" => Ok(ScSpecTypeDef::U256), // BN254 prefixed type names "Bn254Fp" => Ok(ScSpecTypeDef::BytesN(ScSpecTypeBytesN { n: BN254_FP_SERIALIZED_SIZE, @@ -171,6 +176,9 @@ pub fn map_type(t: &Type, allow_ref: bool, allow_hash: bool) -> Result Ok(ScSpecTypeDef::BytesN(ScSpecTypeBytesN { n: BN254_G2_SERIALIZED_SIZE, })), + "Bn254Fr" => Ok(ScSpecTypeDef::U256), + // Deprecated alias for Bn254Fr + "BnScalar" => Ok(ScSpecTypeDef::U256), s => Ok(ScSpecTypeDef::Udt(ScSpecTypeUdt { name: s.try_into().map_err(|e| { Error::new( diff --git a/soroban-sdk/src/_migrating/v25_bn254.rs b/soroban-sdk/src/_migrating/v25_bn254.rs index cd560c209..4fb7a3ed0 100644 --- a/soroban-sdk/src/_migrating/v25_bn254.rs +++ b/soroban-sdk/src/_migrating/v25_bn254.rs @@ -9,7 +9,7 @@ //! //! - [`Bn254G1Affine`] - A point in the G1 group (64 bytes, Ethereum-compatible format) //! - [`Bn254G2Affine`] - A point in the G2 group (128 bytes, Ethereum-compatible format) -//! - [`Fr`] - A scalar field element (32 bytes, internally a `U256`) +//! - [`Bn254Fr`] - A scalar field element (32 bytes, internally a `U256`) //! - [`Bn254Fp`] - A base field element (32 bytes) //! //! ## New Operations @@ -20,14 +20,14 @@ //! //! G1 points also support arithmetic operations via Rust traits: //! - `Add` - Add two G1 points -//! - `Mul` - Multiply a G1 point by a scalar +//! - `Mul` - Multiply a G1 point by a scalar //! - `Neg` - Negate a G1 point //! //! ## Example: Basic G1 Operations //! //! ``` //! use soroban_sdk::{Env, BytesN, U256}; -//! use soroban_sdk::crypto::bn254::{Bn254G1Affine, Fr}; +//! use soroban_sdk::crypto::bn254::{Bn254Fr, Bn254G1Affine}; //! //! # fn main() { //! let env = Env::default(); @@ -51,7 +51,7 @@ //! assert_eq!(g1_doubled, g1_doubled_alt); //! //! // Scalar multiplication: 2 * G should equal G + G -//! let scalar: Fr = U256::from_u32(&env, 2).into(); +//! let scalar: Bn254Fr = U256::from_u32(&env, 2).into(); //! let g1_times_2 = bn254.g1_mul(&g1, &scalar); //! assert_eq!(g1_doubled, g1_times_2); //! @@ -134,5 +134,5 @@ //! //! [`Bn254G1Affine`]: crate::crypto::bn254::Bn254G1Affine //! [`Bn254G2Affine`]: crate::crypto::bn254::Bn254G2Affine -//! [`Fr`]: crate::crypto::bn254::Fr +//! [`Bn254Fr`]: crate::crypto::bn254::Bn254Fr //! [`Bn254Fp`]: crate::crypto::bn254::Bn254Fp diff --git a/soroban-sdk/src/crypto.rs b/soroban-sdk/src/crypto.rs index c53ec0ae7..08406b01d 100644 --- a/soroban-sdk/src/crypto.rs +++ b/soroban-sdk/src/crypto.rs @@ -9,7 +9,10 @@ use crate::{ pub mod bls12_381; pub mod bn254; pub(crate) mod utils; -pub use bn254::Fr as BnScalar; +/// Deprecated alias for `bn254::Bn254Fr`. +/// Use `bn254::Bn254Fr` directly instead. +#[deprecated(note = "use `bn254::Bn254Fr` instead")] +pub use bn254::Bn254Fr as BnScalar; /// A `BytesN` generated by a cryptographic hash function. /// diff --git a/soroban-sdk/src/crypto/bls12_381.rs b/soroban-sdk/src/crypto/bls12_381.rs index ff97f74a1..12179475a 100644 --- a/soroban-sdk/src/crypto/bls12_381.rs +++ b/soroban-sdk/src/crypto/bls12_381.rs @@ -24,7 +24,13 @@ pub struct Bls12_381 { } /// `Bls12381G1Affine` is a point in the G1 group (subgroup defined over the base field -/// `Fq`) of the BLS12-381 elliptic curve +/// `Fq`) of the BLS12-381 elliptic curve. +/// +/// This type is a thin wrapper around `BytesN<96>`. The [`from_bytes`](Self::from_bytes) +/// constructor does **not** validate the contents — it accepts any 96 bytes. +/// The serialization requirements below are enforced by the Soroban host when +/// the value is passed to a host function (e.g. `g1_add`, `g1_mul`, `pairing`). +/// Invalid bytes will cause the host call to trap, not construction. /// /// # Serialization: /// - The 96 bytes represent the **uncompressed encoding** of a point in G1. The @@ -53,11 +59,19 @@ pub struct Bls12_381 { #[repr(transparent)] pub struct Bls12381G1Affine(BytesN); -/// Type alias for `Bls12381G1Affine` for convenience +/// Deprecated type alias for `Bls12381G1Affine`. +/// Use the fully-qualified `Bls12381G1Affine` to avoid ambiguity with BN254 types. +#[deprecated(note = "use `Bls12381G1Affine` instead")] pub type G1Affine = Bls12381G1Affine; /// `Bls12381G2Affine` is a point in the G2 group (subgroup defined over the quadratic -/// extension field `Fq2`) of the BLS12-381 elliptic curve +/// extension field `Fq2`) of the BLS12-381 elliptic curve. +/// +/// This type is a thin wrapper around `BytesN<192>`. The [`from_bytes`](Self::from_bytes) +/// constructor does **not** validate the contents — it accepts any 192 bytes. +/// The serialization requirements below are enforced by the Soroban host when +/// the value is passed to a host function (e.g. `g2_add`, `g2_mul`, `pairing`). +/// Invalid bytes will cause the host call to trap, not construction. /// /// # Serialization: /// - The 192 bytes represent the **uncompressed encoding** of a point in G2. @@ -76,7 +90,9 @@ pub type G1Affine = Bls12381G1Affine; #[repr(transparent)] pub struct Bls12381G2Affine(BytesN); -/// Type alias for `Bls12381G2Affine` for convenience +/// Deprecated type alias for `Bls12381G2Affine`. +/// Use the fully-qualified `Bls12381G2Affine` to avoid ambiguity with BN254 types. +#[deprecated(note = "use `Bls12381G2Affine` instead")] pub type G2Affine = Bls12381G2Affine; /// `Bls12381Fp` represents an element of the base field `Fq` of the BLS12-381 elliptic @@ -89,7 +105,9 @@ pub type G2Affine = Bls12381G2Affine; #[repr(transparent)] pub struct Bls12381Fp(BytesN); -/// Type alias for `Bls12381Fp` for convenience +/// Deprecated type alias for `Bls12381Fp`. +/// Use the fully-qualified `Bls12381Fp` to avoid ambiguity with BN254 types. +#[deprecated(note = "use `Bls12381Fp` instead")] pub type Fp = Bls12381Fp; /// `Bls12381Fp2` represents an element of the quadratic extension field `Fq2` of the @@ -104,16 +122,23 @@ pub type Fp = Bls12381Fp; #[repr(transparent)] pub struct Bls12381Fp2(BytesN); -/// Type alias for `Bls12381Fp2` for convenience +/// Deprecated type alias for `Bls12381Fp2`. +/// Use the fully-qualified `Bls12381Fp2` to avoid ambiguity with BN254 types. +#[deprecated(note = "use `Bls12381Fp2` instead")] pub type Fp2 = Bls12381Fp2; -/// `Fr` represents an element in the BLS12-381 scalar field, which is a prime -/// field of order `r` (the order of the G1 and G2 groups). The struct is +/// `Bls12381Fr` represents an element in the BLS12-381 scalar field, which is a +/// prime field of order `r` (the order of the G1 and G2 groups). The struct is /// internally represented with an `U256`, all arithmetic operations follow /// modulo `r`. #[derive(Clone)] #[repr(transparent)] -pub struct Fr(U256); +pub struct Bls12381Fr(U256); + +/// Deprecated type alias for `Bls12381Fr`. +/// Use `Bls12381Fr` to avoid ambiguity with `Bn254Fr`. +#[deprecated(note = "use `Bls12381Fr` instead to avoid ambiguity with `Bn254Fr`")] +pub type Fr = Bls12381Fr; impl_bytesn_repr!(Bls12381G1Affine, G1_SERIALIZED_SIZE); impl_bytesn_repr!(Bls12381G2Affine, G2_SERIALIZED_SIZE); @@ -140,12 +165,16 @@ fn validate_fp2(bytes: &[u8; FP2_SERIALIZED_SIZE]) { } impl Bls12381G1Affine { + /// Wraps raw bytes as a G1 point without validation. + /// See [`Bls12381G1Affine`] for serialization requirements enforced by the host. pub fn from_bytes(bytes: BytesN) -> Self { Self(bytes) } } impl Bls12381G2Affine { + /// Wraps raw bytes as a G2 point without validation. + /// See [`Bls12381G2Affine`] for serialization requirements enforced by the host. pub fn from_bytes(bytes: BytesN) -> Self { Self(bytes) } @@ -165,17 +194,17 @@ impl Bls12381Fp2 { } } -impl Fp { +impl Bls12381Fp { pub fn env(&self) -> &Env { self.0.env() } - // `Fp` represents an element in the base field of the BLS12-381 elliptic curve. + // `Bls12381Fp` represents an element in the base field of the BLS12-381 elliptic curve. // For an element a ∈ Fp, its negation `-a` is defined as: // a + (-a) = 0 (mod p) // where `p` is the field modulus, and to make a valid point coordinate on the // curve, `a` also must be within the field range (i.e., 0 ≤ a < p). - fn checked_neg(&self) -> Option { + fn checked_neg(&self) -> Option { let fp_bigint: BigInt<6> = (&self.0).into(); if fp_bigint.is_zero() { return Some(self.clone()); @@ -200,10 +229,10 @@ impl Fp { let mut bytes = [0u8; FP_SERIALIZED_SIZE]; res.copy_into_array(&mut bytes); - Some(Fp::from_array(self.env(), &bytes)) + Some(Bls12381Fp::from_array(self.env(), &bytes)) } - /// Maps this `Fp` element to a `G1Affine` point using the [simplified SWU + /// Maps this `Bls12381Fp` element to a `Bls12381G1Affine` point using the [simplified SWU /// mapping](https://www.rfc-editor.org/rfc/rfc9380.html#name-simplified-swu-for-ab-0). /// ///
@@ -215,13 +244,13 @@ impl Fp { /// For applications requiring a point directly in the prime-order subgroup, consider using /// `hash_to_g1`, which handles subgroup checks and cofactor clearing internally. ///
- pub fn map_to_g1(&self) -> G1Affine { + pub fn map_to_g1(&self) -> Bls12381G1Affine { self.env().crypto().bls12_381().map_fp_to_g1(self) } } -impl From for BigInt<6> { - fn from(fp: Fp) -> Self { +impl From for BigInt<6> { + fn from(fp: Bls12381Fp) -> Self { let inner: Bytes = fp.0.into(); let mut limbs = [0u64; 6]; for i in 0..6u32 { @@ -234,26 +263,26 @@ impl From for BigInt<6> { } } -impl Neg for &Fp { - type Output = Fp; +impl Neg for &Bls12381Fp { + type Output = Bls12381Fp; fn neg(self) -> Self::Output { match self.checked_neg() { Some(v) => v, - None => sdk_panic!("invalid input - Fp is larger than the field modulus"), + None => sdk_panic!("invalid input - Bls12381Fp is larger than the field modulus"), } } } -impl Neg for Fp { - type Output = Fp; +impl Neg for Bls12381Fp { + type Output = Bls12381Fp; fn neg(self) -> Self::Output { (&self).neg() } } -impl G1Affine { +impl Bls12381G1Affine { pub fn env(&self) -> &Env { self.0.env() } @@ -267,80 +296,82 @@ impl G1Affine { } } -impl Add for G1Affine { - type Output = G1Affine; +impl Add for Bls12381G1Affine { + type Output = Bls12381G1Affine; fn add(self, rhs: Self) -> Self::Output { self.env().crypto().bls12_381().g1_add(&self, &rhs) } } -impl Mul for G1Affine { - type Output = G1Affine; +impl Mul for Bls12381G1Affine { + type Output = Bls12381G1Affine; - fn mul(self, rhs: Fr) -> Self::Output { + fn mul(self, rhs: Bls12381Fr) -> Self::Output { self.env().crypto().bls12_381().g1_mul(&self, &rhs) } } -// G1Affine represents a point (X, Y) on the BLS12-381 curve where X, Y ∈ Fp +// Bls12381G1Affine represents a point (X, Y) on the BLS12-381 curve where X, Y ∈ Bls12381Fp // Negation of (X, Y) is defined as (X, -Y) -impl Neg for &G1Affine { - type Output = G1Affine; +impl Neg for &Bls12381G1Affine { + type Output = Bls12381G1Affine; fn neg(self) -> Self::Output { let mut inner: Bytes = (&self.0).into(); - let y = Fp::try_from_val( + let y = Bls12381Fp::try_from_val( inner.env(), inner.slice(FP_SERIALIZED_SIZE as u32..).as_val(), ) .unwrap_optimized(); let neg_y = -y; inner.copy_from_slice(FP_SERIALIZED_SIZE as u32, &neg_y.to_array()); - G1Affine::from_bytes(BytesN::try_from_val(inner.env(), inner.as_val()).unwrap_optimized()) + Bls12381G1Affine::from_bytes( + BytesN::try_from_val(inner.env(), inner.as_val()).unwrap_optimized(), + ) } } -impl Neg for G1Affine { - type Output = G1Affine; +impl Neg for Bls12381G1Affine { + type Output = Bls12381G1Affine; fn neg(self) -> Self::Output { (&self).neg() } } -impl Fp2 { +impl Bls12381Fp2 { pub fn env(&self) -> &Env { self.0.env() } - // An Fp2 element is represented as c0 + c1 * X, where: - // - c0, c1 are base field elements (Fp) + // An Bls12381Fp2 element is represented as c0 + c1 * X, where: + // - c0, c1 are base field elements (Bls12381Fp) // - X is the quadratic non-residue used to construct the field extension // The negation of c0 + c1 * X is (-c0) + (-c1) * X. - fn checked_neg(&self) -> Option { + fn checked_neg(&self) -> Option { let mut inner = self.to_array(); let mut slice0 = [0; FP_SERIALIZED_SIZE]; let mut slice1 = [0; FP_SERIALIZED_SIZE]; slice0.copy_from_slice(&inner[0..FP_SERIALIZED_SIZE]); slice1.copy_from_slice(&inner[FP_SERIALIZED_SIZE..FP2_SERIALIZED_SIZE]); - // Convert both components to Fp and negate them - let c0 = Fp::from_array(self.env(), &slice0); - let c1 = Fp::from_array(self.env(), &slice1); + // Convert both components to Bls12381Fp and negate them + let c0 = Bls12381Fp::from_array(self.env(), &slice0); + let c1 = Bls12381Fp::from_array(self.env(), &slice1); // If either component's negation fails, the whole operation fails let neg_c0 = c0.checked_neg()?; let neg_c1 = c1.checked_neg()?; - // Reconstruct the Fp2 element from negated components + // Reconstruct the Bls12381Fp2 element from negated components inner[0..FP_SERIALIZED_SIZE].copy_from_slice(&neg_c0.to_array()); inner[FP_SERIALIZED_SIZE..FP2_SERIALIZED_SIZE].copy_from_slice(&neg_c1.to_array()); - Some(Fp2::from_array(self.env(), &inner)) + Some(Bls12381Fp2::from_array(self.env(), &inner)) } - /// Maps this `Fp2` element to a `G2Affine` point using the [simplified SWU + /// Maps this `Bls12381Fp2` element to a `Bls12381G2Affine` point using the [simplified SWU /// mapping](https://www.rfc-editor.org/rfc/rfc9380.html#name-simplified-swu-for-ab-0). /// ///
@@ -352,31 +383,33 @@ impl Fp2 { /// For applications requiring a point directly in the prime-order subgroup, consider using /// `hash_to_g2`, which handles subgroup checks and cofactor clearing internally. ///
- pub fn map_to_g2(&self) -> G2Affine { + pub fn map_to_g2(&self) -> Bls12381G2Affine { self.env().crypto().bls12_381().map_fp2_to_g2(self) } } -impl Neg for &Fp2 { - type Output = Fp2; +impl Neg for &Bls12381Fp2 { + type Output = Bls12381Fp2; fn neg(self) -> Self::Output { match self.checked_neg() { Some(v) => v, - None => sdk_panic!("invalid input - Fp2 component is larger than the field modulus"), + None => { + sdk_panic!("invalid input - Bls12381Fp2 component is larger than the field modulus") + } } } } -impl Neg for Fp2 { - type Output = Fp2; +impl Neg for Bls12381Fp2 { + type Output = Bls12381Fp2; fn neg(self) -> Self::Output { (&self).neg() } } -impl G2Affine { +impl Bls12381G2Affine { pub fn env(&self) -> &Env { self.0.env() } @@ -390,49 +423,51 @@ impl G2Affine { } } -impl Add for G2Affine { - type Output = G2Affine; +impl Add for Bls12381G2Affine { + type Output = Bls12381G2Affine; fn add(self, rhs: Self) -> Self::Output { self.env().crypto().bls12_381().g2_add(&self, &rhs) } } -impl Mul for G2Affine { - type Output = G2Affine; +impl Mul for Bls12381G2Affine { + type Output = Bls12381G2Affine; - fn mul(self, rhs: Fr) -> Self::Output { + fn mul(self, rhs: Bls12381Fr) -> Self::Output { self.env().crypto().bls12_381().g2_mul(&self, &rhs) } } -// G2Affine represents a point (X, Y) on the BLS12-381 quadratic extension curve where X, Y ∈ Fp2 +// Bls12381G2Affine represents a point (X, Y) on the BLS12-381 quadratic extension curve where X, Y ∈ Bls12381Fp2 // Negation of (X, Y) is defined as (X, -Y) -impl Neg for &G2Affine { - type Output = G2Affine; +impl Neg for &Bls12381G2Affine { + type Output = Bls12381G2Affine; fn neg(self) -> Self::Output { let mut inner: Bytes = (&self.0).into(); - let y = Fp2::try_from_val( + let y = Bls12381Fp2::try_from_val( inner.env(), inner.slice(FP2_SERIALIZED_SIZE as u32..).as_val(), ) .unwrap_optimized(); let neg_y = -y; inner.copy_from_slice(FP2_SERIALIZED_SIZE as u32, &neg_y.to_array()); - G2Affine::from_bytes(BytesN::try_from_val(inner.env(), inner.as_val()).unwrap_optimized()) + Bls12381G2Affine::from_bytes( + BytesN::try_from_val(inner.env(), inner.as_val()).unwrap_optimized(), + ) } } -impl Neg for G2Affine { - type Output = G2Affine; +impl Neg for Bls12381G2Affine { + type Output = Bls12381G2Affine; fn neg(self) -> Self::Output { (&self).neg() } } -impl Fr { +impl Bls12381Fr { pub fn env(&self) -> &Env { self.0.env() } @@ -485,7 +520,7 @@ fn fr_modulus(env: &Env) -> U256 { U256::from_be_bytes(env, &Bytes::from_array(env, &BLS12_381_FR_MODULUS_BE)) } -impl From for Fr { +impl From for Bls12381Fr { fn from(value: U256) -> Self { // Keep all Fr construction paths canonical by reducing modulo r here. // Constructors and deserialization paths should route through this impl. @@ -500,13 +535,13 @@ impl From for Fr { } } -impl From<&Fr> for U256Val { - fn from(value: &Fr) -> Self { +impl From<&Bls12381Fr> for U256Val { + fn from(value: &Bls12381Fr) -> Self { value.as_u256().into() } } -impl TryFromVal for Fr { +impl TryFromVal for Bls12381Fr { type Error = ConversionError; fn try_from_val(env: &Env, val: &Val) -> Result { @@ -515,68 +550,68 @@ impl TryFromVal for Fr { } } -impl TryFromVal for Val { +impl TryFromVal for Val { type Error = ConversionError; - fn try_from_val(_env: &Env, fr: &Fr) -> Result { + fn try_from_val(_env: &Env, fr: &Bls12381Fr) -> Result { Ok(fr.to_val()) } } -impl TryFromVal for Val { +impl TryFromVal for Val { type Error = ConversionError; - fn try_from_val(_env: &Env, fr: &&Fr) -> Result { + fn try_from_val(_env: &Env, fr: &&Bls12381Fr) -> Result { Ok(fr.to_val()) } } #[cfg(not(target_family = "wasm"))] -impl From<&Fr> for ScVal { - fn from(v: &Fr) -> Self { +impl From<&Bls12381Fr> for ScVal { + fn from(v: &Bls12381Fr) -> Self { Self::from(&v.0) } } #[cfg(not(target_family = "wasm"))] -impl From for ScVal { - fn from(v: Fr) -> Self { +impl From for ScVal { + fn from(v: Bls12381Fr) -> Self { (&v).into() } } -impl Eq for Fr {} +impl Eq for Bls12381Fr {} -impl PartialEq for Fr { +impl PartialEq for Bls12381Fr { fn eq(&self, other: &Self) -> bool { self.as_u256().partial_cmp(other.as_u256()) == Some(Ordering::Equal) } } -impl Debug for Fr { +impl Debug for Bls12381Fr { fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result { - write!(f, "Fr({:?})", self.as_u256()) + write!(f, "Bls12381Fr({:?})", self.as_u256()) } } -impl Add for Fr { - type Output = Fr; +impl Add for Bls12381Fr { + type Output = Bls12381Fr; fn add(self, rhs: Self) -> Self::Output { self.env().crypto().bls12_381().fr_add(&self, &rhs) } } -impl Sub for Fr { - type Output = Fr; +impl Sub for Bls12381Fr { + type Output = Bls12381Fr; fn sub(self, rhs: Self) -> Self::Output { self.env().crypto().bls12_381().fr_sub(&self, &rhs) } } -impl Mul for Fr { - type Output = Fr; +impl Mul for Bls12381Fr { + type Output = Bls12381Fr; fn mul(self, rhs: Self) -> Self::Output { self.env().crypto().bls12_381().fr_mul(&self, &rhs) @@ -595,7 +630,7 @@ impl Bls12_381 { // g1 /// Checks if a point `p` in G1 is in the correct subgroup. - pub fn g1_is_in_subgroup(&self, p: &G1Affine) -> bool { + pub fn g1_is_in_subgroup(&self, p: &Bls12381G1Affine) -> bool { let env = self.env(); let res = internal::Env::bls12_381_check_g1_is_in_subgroup(env, p.to_object()) .unwrap_infallible(); @@ -603,7 +638,7 @@ impl Bls12_381 { } /// Checks if a G1 point is on the BLS12-381 curve (no subgroup check). - pub fn g1_is_on_curve(&self, point: &G1Affine) -> bool { + pub fn g1_is_on_curve(&self, point: &Bls12381G1Affine) -> bool { let env = self.env(); internal::Env::bls12_381_g1_is_on_curve(env, point.to_object()) .unwrap_infallible() @@ -611,11 +646,11 @@ impl Bls12_381 { } /// Adds two points `p0` and `p1` in G1. - pub fn g1_add(&self, p0: &G1Affine, p1: &G1Affine) -> G1Affine { + pub fn g1_add(&self, p0: &Bls12381G1Affine, p1: &Bls12381G1Affine) -> Bls12381G1Affine { let env = self.env(); let bin = internal::Env::bls12_381_g1_add(env, p0.to_object(), p1.to_object()) .unwrap_infallible(); - unsafe { G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } /// Adds two points `p0` and `p1` in G1, ensuring that the result is in the @@ -623,11 +658,15 @@ impl Bls12_381 { /// so if want to perform a series of additions i.e. `agg = p0 + p1 + .. + pn`, /// it may make sense to only call g1_checked_add on the final addition, /// while using `g1_add` (non-checked version) on the intermediate ones. - pub fn g1_checked_add(&self, p0: &G1Affine, p1: &G1Affine) -> Option { + pub fn g1_checked_add( + &self, + p0: &Bls12381G1Affine, + p1: &Bls12381G1Affine, + ) -> Option { let env = self.env(); let bin = internal::Env::bls12_381_g1_add(env, p0.to_object(), p1.to_object()) .unwrap_infallible(); - let res = unsafe { G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) }; + let res = unsafe { Bls12381G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) }; let is_in_correct_subgroup: bool = internal::Env::bls12_381_check_g1_is_in_subgroup(env, res.to_object()) .unwrap_optimized() @@ -639,39 +678,39 @@ impl Bls12_381 { } /// Multiplies a point `p0` in G1 by a scalar. - pub fn g1_mul(&self, p0: &G1Affine, scalar: &Fr) -> G1Affine { + pub fn g1_mul(&self, p0: &Bls12381G1Affine, scalar: &Bls12381Fr) -> Bls12381G1Affine { let env = self.env(); let bin = internal::Env::bls12_381_g1_mul(env, p0.to_object(), scalar.into()).unwrap_infallible(); - unsafe { G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } /// Performs a multi-scalar multiplication (MSM) operation in G1. - pub fn g1_msm(&self, vp: Vec, vs: Vec) -> G1Affine { + pub fn g1_msm(&self, vp: Vec, vs: Vec) -> Bls12381G1Affine { let env = self.env(); let bin = internal::Env::bls12_381_g1_msm(env, vp.into(), vs.into()).unwrap_infallible(); - unsafe { G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } - /// Maps an element in the base field `Fp` to a point in G1. - pub fn map_fp_to_g1(&self, fp: &Fp) -> G1Affine { + /// Maps an element in the base field `Bls12381Fp` to a point in G1. + pub fn map_fp_to_g1(&self, fp: &Bls12381Fp) -> Bls12381G1Affine { let env = self.env(); let bin = internal::Env::bls12_381_map_fp_to_g1(env, fp.to_object()).unwrap_infallible(); - unsafe { G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } /// Hashes a message `msg` to a point in G1, using a domain separation tag `dst`. - pub fn hash_to_g1(&self, msg: &Bytes, dst: &Bytes) -> G1Affine { + pub fn hash_to_g1(&self, msg: &Bytes, dst: &Bytes) -> Bls12381G1Affine { let env = self.env(); let bin = internal::Env::bls12_381_hash_to_g1(env, msg.into(), dst.to_object()) .unwrap_infallible(); - unsafe { G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } // g2 /// Checks if a point `p` in G2 is in the correct subgroup. - pub fn g2_is_in_subgroup(&self, p: &G2Affine) -> bool { + pub fn g2_is_in_subgroup(&self, p: &Bls12381G2Affine) -> bool { let env = self.env(); let res = internal::Env::bls12_381_check_g2_is_in_subgroup(env, p.to_object()) .unwrap_infallible(); @@ -679,7 +718,7 @@ impl Bls12_381 { } /// Checks if a G2 point is on the BLS12-381 curve (no subgroup check). - pub fn g2_is_on_curve(&self, point: &G2Affine) -> bool { + pub fn g2_is_on_curve(&self, point: &Bls12381G2Affine) -> bool { let env = self.env(); internal::Env::bls12_381_g2_is_on_curve(env, point.to_object()) .unwrap_infallible() @@ -687,11 +726,11 @@ impl Bls12_381 { } /// Adds two points `p0` and `p1` in G2. - pub fn g2_add(&self, p0: &G2Affine, p1: &G2Affine) -> G2Affine { + pub fn g2_add(&self, p0: &Bls12381G2Affine, p1: &Bls12381G2Affine) -> Bls12381G2Affine { let env = self.env(); let bin = internal::Env::bls12_381_g2_add(env, p0.to_object(), p1.to_object()) .unwrap_infallible(); - unsafe { G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } /// Adds two points `p0` and `p1` in G2, ensuring that the result is in the @@ -699,11 +738,15 @@ impl Bls12_381 { /// so if want to perform a series of additions i.e. `agg = p0 + p1 + .. +pn`, /// it may make sense to only call g2_checked_add on the final addition, /// while using `g2_add` (non-checked version) on the intermediate ones. - pub fn g2_checked_add(&self, p0: &G2Affine, p1: &G2Affine) -> Option { + pub fn g2_checked_add( + &self, + p0: &Bls12381G2Affine, + p1: &Bls12381G2Affine, + ) -> Option { let env = self.env(); let bin = internal::Env::bls12_381_g2_add(env, p0.to_object(), p1.to_object()) .unwrap_infallible(); - let res = unsafe { G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) }; + let res = unsafe { Bls12381G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) }; let is_in_correct_subgroup: bool = internal::Env::bls12_381_check_g2_is_in_subgroup(env, res.to_object()) .unwrap_optimized() @@ -715,33 +758,33 @@ impl Bls12_381 { } /// Multiplies a point `p0` in G2 by a scalar. - pub fn g2_mul(&self, p0: &G2Affine, scalar: &Fr) -> G2Affine { + pub fn g2_mul(&self, p0: &Bls12381G2Affine, scalar: &Bls12381Fr) -> Bls12381G2Affine { let env = self.env(); let bin = internal::Env::bls12_381_g2_mul(env, p0.to_object(), scalar.into()).unwrap_infallible(); - unsafe { G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } /// Performs a multi-scalar multiplication (MSM) operation in G2. - pub fn g2_msm(&self, vp: Vec, vs: Vec) -> G2Affine { + pub fn g2_msm(&self, vp: Vec, vs: Vec) -> Bls12381G2Affine { let env = self.env(); let bin = internal::Env::bls12_381_g2_msm(env, vp.into(), vs.into()).unwrap_infallible(); - unsafe { G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } - /// Maps an element in the base field `Fp2` to a point in G2. - pub fn map_fp2_to_g2(&self, fp2: &Fp2) -> G2Affine { + /// Maps an element in the base field `Bls12381Fp2` to a point in G2. + pub fn map_fp2_to_g2(&self, fp2: &Bls12381Fp2) -> Bls12381G2Affine { let env = self.env(); let bin = internal::Env::bls12_381_map_fp2_to_g2(env, fp2.to_object()).unwrap_infallible(); - unsafe { G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } /// Hashes a message `msg` to a point in G2, using a domain separation tag `dst`. - pub fn hash_to_g2(&self, msg: &Bytes, dst: &Bytes) -> G2Affine { + pub fn hash_to_g2(&self, msg: &Bytes, dst: &Bytes) -> Bls12381G2Affine { let env = self.env(); let bin = internal::Env::bls12_381_hash_to_g2(env, msg.into(), dst.to_object()) .unwrap_infallible(); - unsafe { G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } + unsafe { Bls12381G2Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } } // pairing @@ -758,7 +801,7 @@ impl Bls12_381 { /// /// # Panics: /// - If the lengths of `vp1` and `vp2` are not equal or if they are empty. - pub fn pairing_check(&self, vp1: Vec, vp2: Vec) -> bool { + pub fn pairing_check(&self, vp1: Vec, vp2: Vec) -> bool { let env = self.env(); internal::Env::bls12_381_multi_pairing_check(env, vp1.into(), vp2.into()) .unwrap_infallible() @@ -767,37 +810,37 @@ impl Bls12_381 { // scalar arithmetic - /// Adds two scalars in the BLS12-381 scalar field `Fr`. - pub fn fr_add(&self, lhs: &Fr, rhs: &Fr) -> Fr { + /// Adds two scalars in the BLS12-381 scalar field `Bls12381Fr`. + pub fn fr_add(&self, lhs: &Bls12381Fr, rhs: &Bls12381Fr) -> Bls12381Fr { let env = self.env(); let v = internal::Env::bls12_381_fr_add(env, lhs.into(), rhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Subtracts one scalar from another in the BLS12-381 scalar field `Fr`. - pub fn fr_sub(&self, lhs: &Fr, rhs: &Fr) -> Fr { + /// Subtracts one scalar from another in the BLS12-381 scalar field `Bls12381Fr`. + pub fn fr_sub(&self, lhs: &Bls12381Fr, rhs: &Bls12381Fr) -> Bls12381Fr { let env = self.env(); let v = internal::Env::bls12_381_fr_sub(env, lhs.into(), rhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Multiplies two scalars in the BLS12-381 scalar field `Fr`. - pub fn fr_mul(&self, lhs: &Fr, rhs: &Fr) -> Fr { + /// Multiplies two scalars in the BLS12-381 scalar field `Bls12381Fr`. + pub fn fr_mul(&self, lhs: &Bls12381Fr, rhs: &Bls12381Fr) -> Bls12381Fr { let env = self.env(); let v = internal::Env::bls12_381_fr_mul(env, lhs.into(), rhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Raises a scalar to the power of a given exponent in the BLS12-381 scalar field `Fr`. - pub fn fr_pow(&self, lhs: &Fr, rhs: u64) -> Fr { + /// Raises a scalar to the power of a given exponent in the BLS12-381 scalar field `Bls12381Fr`. + pub fn fr_pow(&self, lhs: &Bls12381Fr, rhs: u64) -> Bls12381Fr { let env = self.env(); let rhs = U64Val::try_from_val(env, &rhs).unwrap_optimized(); let v = internal::Env::bls12_381_fr_pow(env, lhs.into(), rhs).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Computes the multiplicative inverse of a scalar in the BLS12-381 scalar field `Fr`. - pub fn fr_inv(&self, lhs: &Fr) -> Fr { + /// Computes the multiplicative inverse of a scalar in the BLS12-381 scalar field `Bls12381Fr`. + pub fn fr_inv(&self, lhs: &Bls12381Fr) -> Bls12381Fr { let env = self.env(); let v = internal::Env::bls12_381_fr_inv(env, lhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() @@ -812,9 +855,9 @@ mod test { fn test_g1affine_to_val() { let env = Env::default(); - let g1 = G1Affine::from_bytes(BytesN::from_array(&env, &[1; 96])); + let g1 = Bls12381G1Affine::from_bytes(BytesN::from_array(&env, &[1; 96])); let val: Val = g1.clone().into_val(&env); - let rt: G1Affine = val.into_val(&env); + let rt: Bls12381G1Affine = val.into_val(&env); assert_eq!(g1, rt); } @@ -823,9 +866,9 @@ mod test { fn test_ref_g1affine_to_val() { let env = Env::default(); - let g1 = G1Affine::from_bytes(BytesN::from_array(&env, &[1; 96])); + let g1 = Bls12381G1Affine::from_bytes(BytesN::from_array(&env, &[1; 96])); let val: Val = (&g1).into_val(&env); - let rt: G1Affine = val.into_val(&env); + let rt: Bls12381G1Affine = val.into_val(&env); assert_eq!(g1, rt); } @@ -834,9 +877,9 @@ mod test { fn test_doule_ref_g1affine_to_val() { let env = Env::default(); - let g1 = G1Affine::from_bytes(BytesN::from_array(&env, &[1; 96])); + let g1 = Bls12381G1Affine::from_bytes(BytesN::from_array(&env, &[1; 96])); let val: Val = (&&g1).into_val(&env); - let rt: G1Affine = val.into_val(&env); + let rt: Bls12381G1Affine = val.into_val(&env); assert_eq!(g1, rt); } @@ -845,9 +888,9 @@ mod test { fn test_fr_to_val() { let env = Env::default(); - let fr = Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); + let fr = Bls12381Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); let val: Val = fr.clone().into_val(&env); - let rt: Fr = val.into_val(&env); + let rt: Bls12381Fr = val.into_val(&env); assert_eq!(fr, rt); } @@ -856,9 +899,9 @@ mod test { fn test_ref_fr_to_val() { let env = Env::default(); - let fr = Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); + let fr = Bls12381Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); let val: Val = (&fr).into_val(&env); - let rt: Fr = val.into_val(&env); + let rt: Bls12381Fr = val.into_val(&env); assert_eq!(fr, rt); } @@ -867,9 +910,9 @@ mod test { fn test_double_ref_fr_to_val() { let env = Env::default(); - let fr = Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); + let fr = Bls12381Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); let val: Val = (&&fr).into_val(&env); - let rt: Fr = val.into_val(&env); + let rt: Bls12381Fr = val.into_val(&env); assert_eq!(fr, rt); } @@ -880,12 +923,12 @@ mod test { let r = fr_modulus(&env); let one = U256::from_u32(&env, 1); - let a = Fr::from_u256(r.add(&one)); - let b = Fr::from_u256(one.clone()); + let a = Bls12381Fr::from_u256(r.add(&one)); + let b = Bls12381Fr::from_u256(one.clone()); assert_eq!(a, b); let two_r_plus_one = r.add(&r).add(&one); - let c = Fr::from_u256(two_r_plus_one); + let c = Bls12381Fr::from_u256(two_r_plus_one); assert_eq!(a, c); assert_eq!(b, c); } @@ -896,8 +939,8 @@ mod test { let r = fr_modulus(&env); let zero = U256::from_u32(&env, 0); - let a = Fr::from_u256(r); - let b = Fr::from_u256(zero); + let a = Bls12381Fr::from_u256(r); + let b = Bls12381Fr::from_u256(zero); assert_eq!(a, b); } @@ -907,20 +950,20 @@ mod test { let r = fr_modulus(&env); let val = r.sub(&U256::from_u32(&env, 1)); - let fr = Fr::from_u256(val.clone()); + let fr = Bls12381Fr::from_u256(val.clone()); assert_eq!(fr.to_u256(), val); - let fr42 = Fr::from_u256(U256::from_u32(&env, 42)); + let fr42 = Bls12381Fr::from_u256(U256::from_u32(&env, 42)); assert_eq!(fr42.to_u256(), U256::from_u32(&env, 42)); } #[test] fn test_fr_from_bytes_reduces() { let env = Env::default(); - let one_fr = Fr::from_u256(U256::from_u32(&env, 1)); + let one_fr = Bls12381Fr::from_u256(U256::from_u32(&env, 1)); // BLS12-381 r+1 as big-endian bytes - let fr_from_bytes = Fr::from_bytes(bytesn!( + let fr_from_bytes = Bls12381Fr::from_bytes(bytesn!( &env, 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000002 )); @@ -935,8 +978,8 @@ mod test { let unreduced_u256 = r.add(&one); let val: Val = unreduced_u256.into_val(&env); - let fr_from_val: Fr = val.into_val(&env); - let fr_one = Fr::from_u256(one); + let fr_from_val: Bls12381Fr = val.into_val(&env); + let fr_one = Bls12381Fr::from_u256(one); assert_eq!(fr_from_val, fr_one); } @@ -947,8 +990,8 @@ mod test { let r = fr_modulus(&env); let one = U256::from_u32(&env, 1); - let fr: Fr = r.add(&one).into(); // r+1 via .into() - let fr_one: Fr = one.into(); + let fr: Bls12381Fr = r.add(&one).into(); // r+1 via .into() + let fr_one: Bls12381Fr = one.into(); assert_eq!(fr, fr_one); } @@ -961,11 +1004,11 @@ mod test { let five = U256::from_u32(&env, 5); // User provides r+5 (unreduced) - let user_fr = Fr::from_u256(r.add(&five)); + let user_fr = Bls12381Fr::from_u256(r.add(&five)); // Host computes 2+3 = 5 (always reduced) let host_fr = bls.fr_add( - &Fr::from_u256(U256::from_u32(&env, 2)), - &Fr::from_u256(U256::from_u32(&env, 3)), + &Bls12381Fr::from_u256(U256::from_u32(&env, 2)), + &Bls12381Fr::from_u256(U256::from_u32(&env, 3)), ); assert_eq!(user_fr, host_fr); } @@ -978,14 +1021,14 @@ mod test { // p - 1 (last byte 0xaa instead of 0xab) let mut p_minus_1 = BLS12_381_FP_MODULUS_BE; p_minus_1[FP_SERIALIZED_SIZE - 1] -= 1; - let _ = Fp::from_array(&env, &p_minus_1); + let _ = Bls12381Fp::from_array(&env, &p_minus_1); } #[test] #[should_panic(expected = "Bls12-381: Invalid Fp")] fn test_fp_at_modulus_panics() { let env = Env::default(); - let _ = Fp::from_array(&env, &BLS12_381_FP_MODULUS_BE); + let _ = Bls12381Fp::from_array(&env, &BLS12_381_FP_MODULUS_BE); } #[test] @@ -994,21 +1037,21 @@ mod test { let env = Env::default(); let mut above = BLS12_381_FP_MODULUS_BE; above[FP_SERIALIZED_SIZE - 1] += 1; // p + 1 - let _ = Fp::from_array(&env, &above); + let _ = Bls12381Fp::from_array(&env, &above); } #[test] fn test_fp_from_bytes_validates() { let env = Env::default(); // Zero should be valid - let _ = Fp::from_bytes(BytesN::from_array(&env, &[0u8; FP_SERIALIZED_SIZE])); + let _ = Bls12381Fp::from_bytes(BytesN::from_array(&env, &[0u8; FP_SERIALIZED_SIZE])); } #[test] #[should_panic(expected = "Bls12-381: Invalid Fp")] fn test_fp_from_bytes_rejects_modulus() { let env = Env::default(); - let _ = Fp::from_bytes(BytesN::from_array(&env, &BLS12_381_FP_MODULUS_BE)); + let _ = Bls12381Fp::from_bytes(BytesN::from_array(&env, &BLS12_381_FP_MODULUS_BE)); } #[test] @@ -1017,7 +1060,7 @@ mod test { let env = Env::default(); let bytes = BytesN::from_array(&env, &BLS12_381_FP_MODULUS_BE); let val: Val = bytes.into_val(&env); - let _: Fp = val.into_val(&env); + let _: Bls12381Fp = val.into_val(&env); } #[test] @@ -1027,7 +1070,7 @@ mod test { // First Fp component is the modulus (invalid), second is zero (valid) let mut fp2_bytes = [0u8; FP2_SERIALIZED_SIZE]; fp2_bytes[0..FP_SERIALIZED_SIZE].copy_from_slice(&BLS12_381_FP_MODULUS_BE); - let _ = Fp2::from_array(&env, &fp2_bytes); + let _ = Bls12381Fp2::from_array(&env, &fp2_bytes); } #[test] @@ -1037,7 +1080,7 @@ mod test { // First Fp component is zero (valid), second is the modulus (invalid) let mut fp2_bytes = [0u8; FP2_SERIALIZED_SIZE]; fp2_bytes[FP_SERIALIZED_SIZE..].copy_from_slice(&BLS12_381_FP_MODULUS_BE); - let _ = Fp2::from_array(&env, &fp2_bytes); + let _ = Bls12381Fp2::from_array(&env, &fp2_bytes); } #[test] @@ -1049,7 +1092,7 @@ mod test { let mut fp2_bytes = [0u8; FP2_SERIALIZED_SIZE]; fp2_bytes[0..FP_SERIALIZED_SIZE].copy_from_slice(&p_minus_1); fp2_bytes[FP_SERIALIZED_SIZE..].copy_from_slice(&p_minus_1); - let _ = Fp2::from_array(&env, &fp2_bytes); + let _ = Bls12381Fp2::from_array(&env, &fp2_bytes); } #[test] diff --git a/soroban-sdk/src/crypto/bn254.rs b/soroban-sdk/src/crypto/bn254.rs index 7d9ffc2a6..6185700ee 100644 --- a/soroban-sdk/src/crypto/bn254.rs +++ b/soroban-sdk/src/crypto/bn254.rs @@ -25,7 +25,13 @@ pub struct Bn254 { /// `Bn254G1Affine` is a point in the G1 group (subgroup defined over the base field /// `Fq` with prime order `q = /// 0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47`) of the -/// BN254 elliptic curve +/// BN254 elliptic curve. +/// +/// This type is a thin wrapper around `BytesN<64>`. The [`from_bytes`](Self::from_bytes) +/// constructor does **not** validate the contents — it accepts any 64 bytes. +/// The serialization requirements below are enforced by the Soroban host when +/// the value is passed to a host function (e.g. `g1_add`, `g1_mul`, `pairing`). +/// Invalid bytes will cause the host call to trap, not construction. /// /// # Serialization (Ethereum-compatible format): /// - The 64 bytes represent the **uncompressed encoding** of a point in G1 @@ -39,7 +45,13 @@ pub struct Bn254 { pub struct Bn254G1Affine(BytesN); /// `Bn254G2Affine` is a point in the G2 group (subgroup defined over the quadratic -/// extension field `Fq2`) of the BN254 elliptic curve +/// extension field `Fq2`) of the BN254 elliptic curve. +/// +/// This type is a thin wrapper around `BytesN<128>`. The [`from_bytes`](Self::from_bytes) +/// constructor does **not** validate the contents — it accepts any 128 bytes. +/// The serialization requirements below are enforced by the Soroban host when +/// the value is passed to a host function (e.g. `g2_add`, `g2_mul`, `pairing`). +/// Invalid bytes will cause the host call to trap, not construction. /// /// # Serialization (Ethereum-compatible format): /// - The 128 bytes represent the **uncompressed encoding** of a point in G2 @@ -55,14 +67,19 @@ pub struct Bn254G1Affine(BytesN); #[repr(transparent)] pub struct Bn254G2Affine(BytesN); -/// `Fr` represents an element in the BN254 scalar field, which is a prime field -/// of order `r = +/// `Bn254Fr` represents an element in the BN254 scalar field, which is a prime +/// field of order `r = /// 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001`. The /// struct is internally represented with a `U256`, all arithmetic operations /// follow modulo `r`. #[derive(Clone)] #[repr(transparent)] -pub struct Fr(U256); +pub struct Bn254Fr(U256); + +/// Deprecated type alias for `Bn254Fr`. +/// Use `Bn254Fr` to avoid ambiguity with `Bls12381Fr`. +#[deprecated(note = "use `Bn254Fr` instead to avoid ambiguity with `Bls12381Fr`")] +pub type Fr = Bn254Fr; /// `Bn254Fp` represents an element of the base field `Bn254Fp` of the BN254 elliptic curve /// @@ -91,12 +108,16 @@ fn validate_bn254_fp(bytes: &[u8; BN254_FP_SERIALIZED_SIZE]) { } impl Bn254G1Affine { + /// Wraps raw bytes as a G1 point without validation. + /// See [`Bn254G1Affine`] for serialization requirements enforced by the host. pub fn from_bytes(bytes: BytesN) -> Self { Self(bytes) } } impl Bn254G2Affine { + /// Wraps raw bytes as a G2 point without validation. + /// See [`Bn254G2Affine`] for serialization requirements enforced by the host. pub fn from_bytes(bytes: BytesN) -> Self { Self(bytes) } @@ -179,15 +200,15 @@ impl Add for Bn254G1Affine { } } -impl Mul for Bn254G1Affine { +impl Mul for Bn254G1Affine { type Output = Bn254G1Affine; - fn mul(self, rhs: Fr) -> Self::Output { + fn mul(self, rhs: Bn254Fr) -> Self::Output { self.env().crypto().bn254().g1_mul(&self, &rhs) } } -// Bn254G1Affine represents a point (X, Y) on the BN254 curve where X, Y ∈ Fr +// Bn254G1Affine represents a point (X, Y) on the BN254 curve where X, Y ∈ Bn254Fp // Negation of (X, Y) is defined as (X, -Y) impl Neg for &Bn254G1Affine { type Output = Bn254G1Affine; @@ -221,7 +242,7 @@ impl Bn254G2Affine { } } -impl Fr { +impl Bn254Fr { pub fn env(&self) -> &Env { self.0.env() } @@ -263,24 +284,24 @@ impl Fr { } } -impl Add for Fr { - type Output = Fr; +impl Add for Bn254Fr { + type Output = Bn254Fr; fn add(self, rhs: Self) -> Self::Output { self.env().crypto().bn254().fr_add(&self, &rhs) } } -impl Sub for Fr { - type Output = Fr; +impl Sub for Bn254Fr { + type Output = Bn254Fr; fn sub(self, rhs: Self) -> Self::Output { self.env().crypto().bn254().fr_sub(&self, &rhs) } } -impl Mul for Fr { - type Output = Fr; +impl Mul for Bn254Fr { + type Output = Bn254Fr; fn mul(self, rhs: Self) -> Self::Output { self.env().crypto().bn254().fr_mul(&self, &rhs) @@ -298,9 +319,9 @@ fn fr_modulus(env: &Env) -> U256 { U256::from_be_bytes(env, &Bytes::from_array(env, &BN254_FR_MODULUS_BE)) } -impl From for Fr { +impl From for Bn254Fr { fn from(value: U256) -> Self { - // Keep all Fr construction paths canonical by reducing modulo r here. + // Keep all Bn254Fr construction paths canonical by reducing modulo r here. // Constructors and deserialization paths should route through this impl. // Skip the expensive rem_euclid when value is already canonical (< r), // which is always the case for host-returned arithmetic results. @@ -313,13 +334,13 @@ impl From for Fr { } } -impl From<&Fr> for U256Val { - fn from(value: &Fr) -> Self { +impl From<&Bn254Fr> for U256Val { + fn from(value: &Bn254Fr) -> Self { value.as_u256().into() } } -impl TryFromVal for Fr { +impl TryFromVal for Bn254Fr { type Error = ConversionError; fn try_from_val(env: &Env, val: &Val) -> Result { @@ -328,47 +349,47 @@ impl TryFromVal for Fr { } } -impl TryFromVal for Val { +impl TryFromVal for Val { type Error = ConversionError; - fn try_from_val(_env: &Env, fr: &Fr) -> Result { + fn try_from_val(_env: &Env, fr: &Bn254Fr) -> Result { Ok(fr.to_val()) } } -impl TryFromVal for Val { +impl TryFromVal for Val { type Error = ConversionError; - fn try_from_val(_env: &Env, fr: &&Fr) -> Result { + fn try_from_val(_env: &Env, fr: &&Bn254Fr) -> Result { Ok(fr.to_val()) } } #[cfg(not(target_family = "wasm"))] -impl From<&Fr> for ScVal { - fn from(v: &Fr) -> Self { +impl From<&Bn254Fr> for ScVal { + fn from(v: &Bn254Fr) -> Self { Self::from(&v.0) } } #[cfg(not(target_family = "wasm"))] -impl From for ScVal { - fn from(v: Fr) -> Self { +impl From for ScVal { + fn from(v: Bn254Fr) -> Self { (&v).into() } } -impl Eq for Fr {} +impl Eq for Bn254Fr {} -impl PartialEq for Fr { +impl PartialEq for Bn254Fr { fn eq(&self, other: &Self) -> bool { self.as_u256().partial_cmp(other.as_u256()) == Some(core::cmp::Ordering::Equal) } } -impl Debug for Fr { +impl Debug for Bn254Fr { fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result { - write!(f, "Fr({:?})", self.as_u256()) + write!(f, "Bn254Fr({:?})", self.as_u256()) } } @@ -390,7 +411,7 @@ impl Bn254 { } /// Multiplies a point `p0` in G1 by a scalar. - pub fn g1_mul(&self, p0: &Bn254G1Affine, scalar: &Fr) -> Bn254G1Affine { + pub fn g1_mul(&self, p0: &Bn254G1Affine, scalar: &Bn254Fr) -> Bn254G1Affine { let env = self.env(); let bin = internal::Env::bn254_g1_mul(env, p0.to_object(), scalar.into()).unwrap_infallible(); @@ -419,7 +440,7 @@ impl Bn254 { } /// Performs a multi-scalar multiplication (MSM) operation in G1. - pub fn g1_msm(&self, vp: Vec, vs: Vec) -> Bn254G1Affine { + pub fn g1_msm(&self, vp: Vec, vs: Vec) -> Bn254G1Affine { let env = self.env(); let bin = internal::Env::bn254_g1_msm(env, vp.into(), vs.into()).unwrap_infallible(); unsafe { Bn254G1Affine::from_bytes(BytesN::unchecked_new(env.clone(), bin)) } @@ -435,37 +456,37 @@ impl Bn254 { // scalar arithmetic - /// Adds two scalars in the BN254 scalar field `Fr`. - pub fn fr_add(&self, lhs: &Fr, rhs: &Fr) -> Fr { + /// Adds two scalars in the BN254 scalar field `Bn254Fr`. + pub fn fr_add(&self, lhs: &Bn254Fr, rhs: &Bn254Fr) -> Bn254Fr { let env = self.env(); let v = internal::Env::bn254_fr_add(env, lhs.into(), rhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Subtracts one scalar from another in the BN254 scalar field `Fr`. - pub fn fr_sub(&self, lhs: &Fr, rhs: &Fr) -> Fr { + /// Subtracts one scalar from another in the BN254 scalar field `Bn254Fr`. + pub fn fr_sub(&self, lhs: &Bn254Fr, rhs: &Bn254Fr) -> Bn254Fr { let env = self.env(); let v = internal::Env::bn254_fr_sub(env, lhs.into(), rhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Multiplies two scalars in the BN254 scalar field `Fr`. - pub fn fr_mul(&self, lhs: &Fr, rhs: &Fr) -> Fr { + /// Multiplies two scalars in the BN254 scalar field `Bn254Fr`. + pub fn fr_mul(&self, lhs: &Bn254Fr, rhs: &Bn254Fr) -> Bn254Fr { let env = self.env(); let v = internal::Env::bn254_fr_mul(env, lhs.into(), rhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Raises a scalar to the power of a given exponent in the BN254 scalar field `Fr`. - pub fn fr_pow(&self, lhs: &Fr, rhs: u64) -> Fr { + /// Raises a scalar to the power of a given exponent in the BN254 scalar field `Bn254Fr`. + pub fn fr_pow(&self, lhs: &Bn254Fr, rhs: u64) -> Bn254Fr { let env = self.env(); let rhs = U64Val::try_from_val(env, &rhs).unwrap_optimized(); let v = internal::Env::bn254_fr_pow(env, lhs.into(), rhs).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() } - /// Computes the multiplicative inverse of a scalar in the BN254 scalar field `Fr`. - pub fn fr_inv(&self, lhs: &Fr) -> Fr { + /// Computes the multiplicative inverse of a scalar in the BN254 scalar field `Bn254Fr`. + pub fn fr_inv(&self, lhs: &Bn254Fr) -> Bn254Fr { let env = self.env(); let v = internal::Env::bn254_fr_inv(env, lhs.into()).unwrap_infallible(); U256::try_from_val(env, &v).unwrap_infallible().into() @@ -513,9 +534,9 @@ mod test { fn test_fr_to_val() { let env = Env::default(); - let fr = Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); + let fr = Bn254Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); let val: Val = fr.clone().into_val(&env); - let rt: Fr = val.into_val(&env); + let rt: Bn254Fr = val.into_val(&env); assert_eq!(fr, rt); } @@ -524,9 +545,9 @@ mod test { fn test_ref_fr_to_val() { let env = Env::default(); - let fr = Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); + let fr = Bn254Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); let val: Val = (&fr).into_val(&env); - let rt: Fr = val.into_val(&env); + let rt: Bn254Fr = val.into_val(&env); assert_eq!(fr, rt); } @@ -535,9 +556,9 @@ mod test { fn test_double_ref_fr_to_val() { let env = Env::default(); - let fr = Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); + let fr = Bn254Fr::from_bytes(BytesN::from_array(&env, &[1; 32])); let val: Val = (&&fr).into_val(&env); - let rt: Fr = val.into_val(&env); + let rt: Bn254Fr = val.into_val(&env); assert_eq!(fr, rt); } @@ -549,13 +570,13 @@ mod test { let r = fr_modulus(&env); let one = U256::from_u32(&env, 1); - let a = Fr::from_u256(r.add(&one)); // r+1 ≡ 1 (mod r) - let b = Fr::from_u256(one.clone()); // 1 + let a = Bn254Fr::from_u256(r.add(&one)); // r+1 ≡ 1 (mod r) + let b = Bn254Fr::from_u256(one.clone()); // 1 assert_eq!(a, b); // Both unreduced by different multiples of r let two_r_plus_one = r.add(&r).add(&one); - let c = Fr::from_u256(two_r_plus_one); // 2r+1 ≡ 1 (mod r) + let c = Bn254Fr::from_u256(two_r_plus_one); // 2r+1 ≡ 1 (mod r) assert_eq!(a, c); assert_eq!(b, c); } @@ -567,8 +588,8 @@ mod test { let r = fr_modulus(&env); let zero = U256::from_u32(&env, 0); - let a = Fr::from_u256(r); - let b = Fr::from_u256(zero); + let a = Bn254Fr::from_u256(r); + let b = Bn254Fr::from_u256(zero); assert_eq!(a, b); } @@ -579,11 +600,11 @@ mod test { let r = fr_modulus(&env); let val = r.sub(&U256::from_u32(&env, 1)); // r-1 - let fr = Fr::from_u256(val.clone()); + let fr = Bn254Fr::from_u256(val.clone()); assert_eq!(fr.to_u256(), val); // small values - let fr42 = Fr::from_u256(U256::from_u32(&env, 42)); + let fr42 = Bn254Fr::from_u256(U256::from_u32(&env, 42)); assert_eq!(fr42.to_u256(), U256::from_u32(&env, 42)); } @@ -591,10 +612,10 @@ mod test { fn test_fr_from_bytes_reduces() { // from_bytes should also reduce since it goes through From let env = Env::default(); - let one_fr = Fr::from_u256(U256::from_u32(&env, 1)); + let one_fr = Bn254Fr::from_u256(U256::from_u32(&env, 1)); // BN254 r+1 as big-endian bytes - let fr_from_bytes = Fr::from_bytes(bytesn!( + let fr_from_bytes = Bn254Fr::from_bytes(bytesn!( &env, 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000002 )); @@ -611,8 +632,8 @@ mod test { // Create an unreduced U256 value (r+1), convert to Val, then to Fr let unreduced_u256 = r.add(&one); let val: Val = unreduced_u256.into_val(&env); - let fr_from_val: Fr = val.into_val(&env); - let fr_one = Fr::from_u256(one); + let fr_from_val: Bn254Fr = val.into_val(&env); + let fr_one = Bn254Fr::from_u256(one); assert_eq!(fr_from_val, fr_one); } @@ -623,8 +644,8 @@ mod test { let r = fr_modulus(&env); let one = U256::from_u32(&env, 1); - let fr: Fr = r.add(&one).into(); // r+1 via .into() - let fr_one: Fr = one.into(); + let fr: Bn254Fr = r.add(&one).into(); // r+1 via .into() + let fr_one: Bn254Fr = one.into(); assert_eq!(fr, fr_one); } diff --git a/soroban-sdk/src/spec_shaking.rs b/soroban-sdk/src/spec_shaking.rs index 4ea439574..e8a21db34 100644 --- a/soroban-sdk/src/spec_shaking.rs +++ b/soroban-sdk/src/spec_shaking.rs @@ -387,15 +387,15 @@ impl SpecShakingMarker for crate::Ma // Additional SDK types impl SpecShakingMarker for crate::MuxedAddress {} impl SpecShakingMarker for crate::crypto::Hash {} -impl SpecShakingMarker for crate::crypto::bls12_381::G1Affine {} -impl SpecShakingMarker for crate::crypto::bls12_381::G2Affine {} -impl SpecShakingMarker for crate::crypto::bls12_381::Fp {} -impl SpecShakingMarker for crate::crypto::bls12_381::Fp2 {} -impl SpecShakingMarker for crate::crypto::bls12_381::Fr {} +impl SpecShakingMarker for crate::crypto::bls12_381::Bls12381G1Affine {} +impl SpecShakingMarker for crate::crypto::bls12_381::Bls12381G2Affine {} +impl SpecShakingMarker for crate::crypto::bls12_381::Bls12381Fp {} +impl SpecShakingMarker for crate::crypto::bls12_381::Bls12381Fp2 {} +impl SpecShakingMarker for crate::crypto::bls12_381::Bls12381Fr {} impl SpecShakingMarker for crate::crypto::bn254::Bn254G1Affine {} impl SpecShakingMarker for crate::crypto::bn254::Bn254G2Affine {} impl SpecShakingMarker for crate::crypto::bn254::Bn254Fp {} -impl SpecShakingMarker for crate::crypto::bn254::Fr {} +impl SpecShakingMarker for crate::crypto::bn254::Bn254Fr {} // Auth types - these have export=false but are legitimately used at external // boundaries (as inputs to __check_auth in custom account contracts). diff --git a/soroban-sdk/src/tests/crypto_bls12_381.rs b/soroban-sdk/src/tests/crypto_bls12_381.rs index 54af624bc..74437a4a0 100644 --- a/soroban-sdk/src/tests/crypto_bls12_381.rs +++ b/soroban-sdk/src/tests/crypto_bls12_381.rs @@ -1,7 +1,9 @@ use crate::{self as soroban_sdk}; use soroban_sdk::{ contract, contractimpl, - crypto::bls12_381::{Bls12_381, Fp, Fp2, Fr, G1Affine, G2Affine}, + crypto::bls12_381::{ + Bls12381Fp, Bls12381Fp2, Bls12381Fr, Bls12381G1Affine, Bls12381G2Affine, Bls12_381, + }, vec, Address, Bytes, BytesN, Env, Vec, U256, }; @@ -9,26 +11,26 @@ use soroban_sdk::{ fn test_g1_negation() { let env = Env::default(); // Test case 1: infinity point - let infinity = G1Affine::from_bytes(bytesn!(&env, + let infinity = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 )); assert_eq!(-infinity.clone(), infinity); // Test case 1: Generator point (G1) - let g1_generator = G1Affine::from_bytes(bytesn!(&env, + let g1_generator = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1 )); - let neg_g1_generator = G1Affine::from_bytes(bytesn!(&env, + let neg_g1_generator = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb114d1d6855d545a8aa7d76c8cf2e21f267816aef1db507c96655b9d5caac42364e6f38ba0ecb751bad54dcd6b939c2ca )); assert_eq!(-g1_generator.clone(), neg_g1_generator.clone()); assert_eq!(infinity, g1_generator + neg_g1_generator); // Test case 3: Random point - let random_point = G1Affine::from_bytes(bytesn!(&env, + let random_point = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x00b2ea3a6c75f43ff24d0a93f4302b4e2cf8f5eb2980eb7bb0f65af703c72c19e293cfe7cd98d3645a5d7c5f467d629213b7a1d9aa5e09c52eb2d5590b3b74ebb42bf3631a022a283dcf4ec73087fce37725ba5d9d483f84f0ea725acc853b4e )); - let neg_random_point = G1Affine::from_bytes(bytesn!(&env, + let neg_random_point = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x00b2ea3a6c75f43ff24d0a93f4302b4e2cf8f5eb2980eb7bb0f65af703c72c19e293cfe7cd98d3645a5d7c5f467d6292064970108f21dcd51c68d25d381037ebb04b5821d982e897296183d9c628f940a78645a1140bc07ac9148da5337a6f5d )); assert_eq!(-random_point.clone(), neg_random_point.clone()); @@ -39,27 +41,27 @@ fn test_g1_negation() { fn test_g2_negation() { let env = Env::default(); // Test case 1: infinity point - let infinity = G2Affine::from_bytes(bytesn!(&env, + let infinity = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 )); let neg_infinity = -infinity.clone(); assert_eq!(neg_infinity, infinity); // Test case 2: Generator point (G2) - let g2_generator = G2Affine::from_bytes(bytesn!(&env, + let g2_generator = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801 )); - let neg_g2_generator = G2Affine::from_bytes(bytesn!(&env, + let neg_g2_generator = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb813fa4d4a0ad8b1ce186ed5061789213d993923066dddaf1040bc3ff59f825c78df74f2d75467e25e0f55f8a00fa030ed0d1b3cc2c7027888be51d9ef691d77bcb679afda66c73f17f9ee3837a55024f78c71363275a75d75d86bab79f74782aa )); assert_eq!(-g2_generator.clone(), neg_g2_generator.clone()); assert_eq!(infinity, g2_generator + neg_g2_generator); // Test case 3: Random point - let random_point = G2Affine::from_bytes(bytesn!(&env, + let random_point = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x04de7359c488ccf4753d08b99f3fb44de6c4c46b5872c45ddd90a37442dc679591a40ab8ee539b2aa30c333774c71ed01676197052a7a651e5618151d8374fdf4c25ce3f57c06f65b81dbaf0373b67d7be97e7f4f1f87cf71d761ecf04c05b150499bf4cf6242da563d185c2bce880ae59e5f3816b34f70d0a6f30e9ca3064ba179dd4ccda8dd025cb3a2c9628fe0c0b09defb3faaae69a59510cd90badf0b87a82e52a4876837e29466fced187483012c900b4d4a693b2347cab3f9cdd86035 )); - let neg_random_point = G2Affine::from_bytes(bytesn!(&env, + let neg_random_point = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x04de7359c488ccf4753d08b99f3fb44de6c4c46b5872c45ddd90a37442dc679591a40ab8ee539b2aa30c333774c71ed01676197052a7a651e5618151d8374fdf4c25ce3f57c06f65b81dbaf0373b67d7be97e7f4f1f87cf71d761ecf04c05b151567529d435bb8f4e74a21f386632c290a91580388501bb25cc1a1b72c80916a070e2b31d6c62fd9eec4d369d7019ea0102216aa8ed17cf4b60ada25886ca14fbc48f8e06c1cdadcd2c9d5b3de3c7322f21bf4b166eac4dc72344c0632274a76 )); assert_eq!(-random_point.clone(), neg_random_point.clone()); @@ -71,8 +73,8 @@ fn test_bls_g1() { let env = Env::default(); let bls12_381 = Bls12_381::new(&env); const DST_G1: &str = "QUUX-V01-CS02-with-BLS12381G1_XMD:SHA-256_SSWU_RO_"; - let zero = G1Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); - let one = G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); + let zero = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); + let one = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); // subgroup check assert!(bls12_381.g1_is_in_subgroup(&zero)); @@ -91,8 +93,8 @@ fn test_bls_g1() { assert_eq!(res, zero); // msm - let vp: Vec = vec![&env, one.clone(), one.clone()]; - let vs: Vec = vec![ + let vp: Vec = vec![&env, one.clone(), one.clone()]; + let vs: Vec = vec![ &env, U256::from_u32(&env, 1).into(), U256::from_u32(&env, 0).into(), @@ -102,14 +104,14 @@ fn test_bls_g1() { // map to curve (test case from https://datatracker.ietf.org/doc/html/rfc9380) let dst = Bytes::from_slice(&env, DST_G1.as_bytes()); - let fp = Fp::from_bytes(bytesn!(&env, 0x0d921c33f2bad966478a03ca35d05719bdf92d347557ea166e5bba579eea9b83e9afa5c088573c2281410369fbd32951)); - let expected = G1Affine::from_bytes(bytesn!(&env, 0x125435adce8e1cbd1c803e7123f45392dc6e326d292499c2c45c5865985fd74fe8f042ecdeeec5ecac80680d04317d800e8828948c989126595ee30e4f7c931cbd6f4570735624fd25aef2fa41d3f79cfb4b4ee7b7e55a8ce013af2a5ba20bf2)); + let fp = Bls12381Fp::from_bytes(bytesn!(&env, 0x0d921c33f2bad966478a03ca35d05719bdf92d347557ea166e5bba579eea9b83e9afa5c088573c2281410369fbd32951)); + let expected = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x125435adce8e1cbd1c803e7123f45392dc6e326d292499c2c45c5865985fd74fe8f042ecdeeec5ecac80680d04317d800e8828948c989126595ee30e4f7c931cbd6f4570735624fd25aef2fa41d3f79cfb4b4ee7b7e55a8ce013af2a5ba20bf2)); let res = bls12_381.map_fp_to_g1(&fp); assert_eq!(res, expected); // hash msg to curve (test case from https://datatracker.ietf.org/doc/html/rfc9380) let msg = Bytes::from_slice(&env, "abc".as_bytes()); - let expected = G1Affine::from_bytes(bytesn!(&env, 0x03567bc5ef9c690c2ab2ecdf6a96ef1c139cc0b2f284dca0a9a7943388a49a3aee664ba5379a7655d3c68900be2f69030b9c15f3fe6e5cf4211f346271d7b01c8f3b28be689c8429c85b67af215533311f0b8dfaaa154fa6b88176c229f2885d)); + let expected = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x03567bc5ef9c690c2ab2ecdf6a96ef1c139cc0b2f284dca0a9a7943388a49a3aee664ba5379a7655d3c68900be2f69030b9c15f3fe6e5cf4211f346271d7b01c8f3b28be689c8429c85b67af215533311f0b8dfaaa154fa6b88176c229f2885d)); let res = bls12_381.hash_to_g1(&msg, &dst); assert_eq!(res, expected); } @@ -119,8 +121,8 @@ fn test_bls_g2() { let env = Env::default(); let bls12_381 = Bls12_381::new(&env); const DST_G2: &str = "QUUX-V01-CS02-with-BLS12381G2_XMD:SHA-256_SSWU_RO_"; - let zero = G2Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); - let one = G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); + let zero = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); + let one = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); // subgroup check assert!(bls12_381.g2_is_in_subgroup(&zero)); @@ -139,14 +141,14 @@ fn test_bls_g2() { assert_eq!(res, zero); // msm - let vp: Vec = vec![&env, one.clone(), one.clone()]; - let vs: Vec = vec![ + let vp: Vec = vec![&env, one.clone(), one.clone()]; + let vs: Vec = vec![ &env, - Fr::from_bytes(bytesn!( + Bls12381Fr::from_bytes(bytesn!( &env, 0x0000000000000000000000000000000000000000000000000000000000000001 )), - Fr::from_bytes(bytesn!( + Bls12381Fr::from_bytes(bytesn!( &env, 0x0000000000000000000000000000000000000000000000000000000000000000 )), @@ -156,14 +158,14 @@ fn test_bls_g2() { // map to curve (test case from https://datatracker.ietf.org/doc/html/rfc9380) let dst = Bytes::from_slice(&env, DST_G2.as_bytes()); - let fp2 = Fp2::from_bytes(bytesn!(&env, 0x01c8067bf4c0ba709aa8b9abc3d1cef589a4758e09ef53732d670fd8739a7274e111ba2fcaa71b3d33df2a3a0c8529dd15f7c0aa8f6b296ab5ff9c2c7581ade64f4ee6f1bf18f55179ff44a2cf355fa53dd2a2158c5ecb17d7c52f63e7195771)); - let expected = G2Affine::from_bytes(bytesn!(&env, 0x05d8a724db78e570e34100c0bc4a5fa84ad5839359b40398151f37cff5a51de945c563463c9efbdda569850ee5a53e7712b2e525281b5f4d2276954e84ac4f42cf4e13b6ac4228624e17760faf94ce5706d53f0ca1952f1c5ef75239aeed55ad04bbe48bfd5814648d0b9e30f0717b34015d45a861425fabc1ee06fdfce36384ae2c808185e693ae97dcde118f34de4102eacdc556d0bdb5d18d22f23dcb086dd106cad713777c7e6407943edbe0b3d1efe391eedf11e977fac55f9b94f2489c)); + let fp2 = Bls12381Fp2::from_bytes(bytesn!(&env, 0x01c8067bf4c0ba709aa8b9abc3d1cef589a4758e09ef53732d670fd8739a7274e111ba2fcaa71b3d33df2a3a0c8529dd15f7c0aa8f6b296ab5ff9c2c7581ade64f4ee6f1bf18f55179ff44a2cf355fa53dd2a2158c5ecb17d7c52f63e7195771)); + let expected = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x05d8a724db78e570e34100c0bc4a5fa84ad5839359b40398151f37cff5a51de945c563463c9efbdda569850ee5a53e7712b2e525281b5f4d2276954e84ac4f42cf4e13b6ac4228624e17760faf94ce5706d53f0ca1952f1c5ef75239aeed55ad04bbe48bfd5814648d0b9e30f0717b34015d45a861425fabc1ee06fdfce36384ae2c808185e693ae97dcde118f34de4102eacdc556d0bdb5d18d22f23dcb086dd106cad713777c7e6407943edbe0b3d1efe391eedf11e977fac55f9b94f2489c)); let res = bls12_381.map_fp2_to_g2(&fp2); assert_eq!(res, expected); // hash msg to curve (test case from https://datatracker.ietf.org/doc/html/rfc9380) let msg = Bytes::from_slice(&env, "abc".as_bytes()); - let expected = G2Affine::from_bytes(bytesn!(&env, 0x139cddbccdc5e91b9623efd38c49f81a6f83f175e80b06fc374de9eb4b41dfe4ca3a230ed250fbe3a2acf73a41177fd802c2d18e033b960562aae3cab37a27ce00d80ccd5ba4b7fe0e7a210245129dbec7780ccc7954725f4168aff2787776e600aa65dae3c8d732d10ecd2c50f8a1baf3001578f71c694e03866e9f3d49ac1e1ce70dd94a733534f106d4cec0eddd161787327b68159716a37440985269cf584bcb1e621d3a7202be6ea05c4cfe244aeb197642555a0645fb87bf7466b2ba48)); + let expected = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x139cddbccdc5e91b9623efd38c49f81a6f83f175e80b06fc374de9eb4b41dfe4ca3a230ed250fbe3a2acf73a41177fd802c2d18e033b960562aae3cab37a27ce00d80ccd5ba4b7fe0e7a210245129dbec7780ccc7954725f4168aff2787776e600aa65dae3c8d732d10ecd2c50f8a1baf3001578f71c694e03866e9f3d49ac1e1ce70dd94a733534f106d4cec0eddd161787327b68159716a37440985269cf584bcb1e621d3a7202be6ea05c4cfe244aeb197642555a0645fb87bf7466b2ba48)); let res = bls12_381.hash_to_g2(&msg, &dst); assert_eq!(res, expected); } @@ -175,14 +177,14 @@ fn test_pairing() { // test case from one of the ethereum tests "verify_valid_case_195246ee3bd3b6ec.json" const DST_ETHEREUM: &str = "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_"; let dst = Bytes::from_slice(&env, DST_ETHEREUM.as_bytes()); - let neg_g1 = G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb114d1d6855d545a8aa7d76c8cf2e21f267816aef1db507c96655b9d5caac42364e6f38ba0ecb751bad54dcd6b939c2ca)); - let pk = G1Affine::from_bytes(bytesn!(&env, 0x153d21a4cfd562c469cc81514d4ce5a6b577d8403d32a394dc265dd190b47fa9f829fdd7963afdf972e5e77854051f6f14e22fd412a826a329fb40cbdc01b5e4e2f931ed84d8e45932ec62a039f9d61a9dbf2c6eedc5db6fa585b6e0bdde100c)); + let neg_g1 = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb114d1d6855d545a8aa7d76c8cf2e21f267816aef1db507c96655b9d5caac42364e6f38ba0ecb751bad54dcd6b939c2ca)); + let pk = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x153d21a4cfd562c469cc81514d4ce5a6b577d8403d32a394dc265dd190b47fa9f829fdd7963afdf972e5e77854051f6f14e22fd412a826a329fb40cbdc01b5e4e2f931ed84d8e45932ec62a039f9d61a9dbf2c6eedc5db6fa585b6e0bdde100c)); let msg = bytes!( &env, 0xabababababababababababababababababababababababababababababababab ); let msg = bls12_381.hash_to_g2(&msg, &dst); - let sig = G2Affine::from_bytes(bytesn!(&env, 0x0e82747ddeefe4fd64cf9cedb9b04ae3e8a43420cd255e3c7cd06a8d88b7c7f8638543719981c5d16fa3527c468c25f0026704a6951bde891360c7e8d12ddee0559004ccdbe6046b55bae1b257ee97f7cdb955773d7cf29adf3ccbb9975e4eb915e60d5b66a43e074b801a07df931a17505048f7f96dc80f857b638e505868dc008cc9c26ed5b8495e9c181b67dc4c2317d9d447337a9cc6d2956b9c6dd7c23c0bfb73855e902061bcb9cb9d40e43c38140091e638ffcffc7261366018900047)); + let sig = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x0e82747ddeefe4fd64cf9cedb9b04ae3e8a43420cd255e3c7cd06a8d88b7c7f8638543719981c5d16fa3527c468c25f0026704a6951bde891360c7e8d12ddee0559004ccdbe6046b55bae1b257ee97f7cdb955773d7cf29adf3ccbb9975e4eb915e60d5b66a43e074b801a07df931a17505048f7f96dc80f857b638e505868dc008cc9c26ed5b8495e9c181b67dc4c2317d9d447337a9cc6d2956b9c6dd7c23c0bfb73855e902061bcb9cb9d40e43c38140091e638ffcffc7261366018900047)); let vp1 = vec![&env, pk, neg_g1]; let vp2 = vec![&env, msg, sig]; @@ -193,10 +195,10 @@ fn test_pairing() { fn test_g1_is_on_curve() { let env = Env::default(); let bls12_381 = Bls12_381::new(&env); - let zero = G1Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); - let one = G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); + let zero = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); + let one = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); // (1, 1) is not on the curve: 1 != 1 + 4 - let not_on_curve = G1Affine::from_bytes(bytesn!(&env, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); + let not_on_curve = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); assert!(bls12_381.g1_is_on_curve(&zero)); assert!(bls12_381.g1_is_on_curve(&one)); assert!(!bls12_381.g1_is_on_curve(¬_on_curve)); @@ -206,10 +208,10 @@ fn test_g1_is_on_curve() { fn test_g2_is_on_curve() { let env = Env::default(); let bls12_381 = Bls12_381::new(&env); - let zero = G2Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); - let one = G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); + let zero = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); + let one = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); // (1, 0, 1, 0) is not on the curve - let not_on_curve = G2Affine::from_bytes(bytesn!(&env, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); + let not_on_curve = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); assert!(bls12_381.g2_is_on_curve(&zero)); assert!(bls12_381.g2_is_on_curve(&one)); assert!(!bls12_381.g2_is_on_curve(¬_on_curve)); @@ -287,20 +289,20 @@ fn test_invoke_contract() { let client = ContractClient::new(&e, &contract_id); // G1 generator and zero scalar - let g1 = G1Affine::from_bytes(bytesn!(&e, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); - let zero = Fr::from_bytes(bytesn!( + let g1 = Bls12381G1Affine::from_bytes(bytesn!(&e, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); + let zero = Bls12381Fr::from_bytes(bytesn!( &e, 0x0000000000000000000000000000000000000000000000000000000000000000 )); - let inf = G1Affine::from_bytes(bytesn!(&e, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); + let inf = Bls12381G1Affine::from_bytes(bytesn!(&e, 0x400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)); let res = client.g1_mul_with(&bls_contract_id, &g1.as_bytes(), &zero.to_u256()); assert_eq!(&res, inf.as_bytes()); - let fp_val = Fp::from_bytes(bytesn!(&e, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); - let fp2_val = Fp2::from_bytes(bytesn!(&e, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); - let g1_point = G1Affine::from_bytes(bytesn!(&e, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); - let g2_point = G2Affine::from_bytes(bytesn!(&e, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); - let fr_scalar = Fr::from_bytes(bytesn!( + let fp_val = Bls12381Fp::from_bytes(bytesn!(&e, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); + let fp2_val = Bls12381Fp2::from_bytes(bytesn!(&e, 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001)); + let g1_point = Bls12381G1Affine::from_bytes(bytesn!(&e, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); + let g2_point = Bls12381G2Affine::from_bytes(bytesn!(&e, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); + let fr_scalar = Bls12381Fr::from_bytes(bytesn!( &e, 0x0000000000000000000000000000000000000000000000000000000000000001 )); diff --git a/soroban-sdk/src/tests/crypto_bn254.rs b/soroban-sdk/src/tests/crypto_bn254.rs index 643e92d36..4dc2c0634 100644 --- a/soroban-sdk/src/tests/crypto_bn254.rs +++ b/soroban-sdk/src/tests/crypto_bn254.rs @@ -1,6 +1,6 @@ use crate::{self as soroban_sdk}; use soroban_sdk::{ - crypto::bn254::{Bn254, Bn254G1Affine, Fr}, + crypto::bn254::{Bn254, Bn254Fr, Bn254G1Affine}, vec, Env, Vec, U256, }; @@ -43,7 +43,7 @@ fn test_g1_msm() { // 1*G + 0*G = G let vp: Vec = vec![&env, one.clone(), one.clone()]; - let vs: Vec = vec![ + let vs: Vec = vec![ &env, U256::from_u32(&env, 1).into(), U256::from_u32(&env, 0).into(), @@ -53,7 +53,7 @@ fn test_g1_msm() { // 0*G + 0*G = 0 let vp: Vec = vec![&env, one.clone(), one.clone()]; - let vs: Vec = vec![ + let vs: Vec = vec![ &env, U256::from_u32(&env, 0).into(), U256::from_u32(&env, 0).into(), @@ -72,7 +72,7 @@ fn test_g1_msm_mismatched_lengths() { 0x00000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000002 )); let vp: Vec = vec![&env, one.clone(), one.clone()]; - let vs: Vec = vec![&env, U256::from_u32(&env, 1).into()]; + let vs: Vec = vec![&env, U256::from_u32(&env, 1).into()]; bn254.g1_msm(vp, vs); } @@ -82,7 +82,7 @@ fn test_g1_msm_empty_vectors() { let env = Env::default(); let bn254 = Bn254::new(&env); let vp: Vec = vec![&env]; - let vs: Vec = vec![&env]; + let vs: Vec = vec![&env]; bn254.g1_msm(vp, vs); } @@ -153,8 +153,8 @@ fn test_fr_inv_zero() { fn test_fr_operator_traits() { let env = Env::default(); - let a: Fr = U256::from_u32(&env, 10).into(); - let b: Fr = U256::from_u32(&env, 3).into(); + let a: Bn254Fr = U256::from_u32(&env, 10).into(); + let b: Bn254Fr = U256::from_u32(&env, 3).into(); // Add assert_eq!(a.clone() + b.clone(), U256::from_u32(&env, 13).into()); diff --git a/soroban-sdk/src/testutils/arbitrary.rs b/soroban-sdk/src/testutils/arbitrary.rs index 0543131ff..ea8c695d6 100644 --- a/soroban-sdk/src/testutils/arbitrary.rs +++ b/soroban-sdk/src/testutils/arbitrary.rs @@ -319,14 +319,14 @@ mod objects { use crate::{Env, IntoVal, TryFromVal, TryIntoVal}; use crate::crypto::bn254::{ - Bn254G1Affine, Bn254G2Affine, Fr as Bn254Fr, BN254_G1_SERIALIZED_SIZE, - BN254_G2_SERIALIZED_SIZE, + Bn254Fp, Bn254Fr, Bn254G1Affine, Bn254G2Affine, BN254_FP_SERIALIZED_SIZE, + BN254_G1_SERIALIZED_SIZE, BN254_G2_SERIALIZED_SIZE, }; use crate::xdr::{Int256Parts, ScVal, UInt256Parts}; use crate::{ crypto::bls12_381::{ - Fp, Fp2, Fr, G1Affine, G2Affine, FP2_SERIALIZED_SIZE, FP_SERIALIZED_SIZE, - G1_SERIALIZED_SIZE, G2_SERIALIZED_SIZE, + Bls12381Fp, Bls12381Fp2, Bls12381Fr, Bls12381G1Affine, Bls12381G2Affine, + FP2_SERIALIZED_SIZE, FP_SERIALIZED_SIZE, G1_SERIALIZED_SIZE, G2_SERIALIZED_SIZE, }, Address, Bytes, BytesN, Duration, Map, MuxedAddress, String, Symbol, Timepoint, Val, Vec, I256, U256, @@ -723,64 +723,64 @@ mod objects { } } - // For Fp (48 bytes) + // For Bls12381Fp (48 bytes) #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] - pub struct ArbitraryFp { + pub struct ArbitraryBls12381Fp { bytes: [u8; FP_SERIALIZED_SIZE], } - impl SorobanArbitrary for Fp { - type Prototype = ArbitraryFp; + impl SorobanArbitrary for Bls12381Fp { + type Prototype = ArbitraryBls12381Fp; } - impl TryFromVal for Fp { + impl TryFromVal for Bls12381Fp { type Error = ConversionError; - fn try_from_val(env: &Env, v: &ArbitraryFp) -> Result { + fn try_from_val(env: &Env, v: &ArbitraryBls12381Fp) -> Result { let mut bytes = v.bytes; // Ensure the value is strictly less than the BLS12-381 base field modulus // p = 0x1a0111ea... by restricting the most significant byte. bytes[0] %= 0x1a; - Ok(Fp::from_array(env, &bytes)) + Ok(Bls12381Fp::from_array(env, &bytes)) } } - // For Fp2 (96 bytes) + // For Bls12381Fp2 (96 bytes) #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] - pub struct ArbitraryFp2 { + pub struct ArbitraryBls12381Fp2 { bytes: [u8; FP2_SERIALIZED_SIZE], } - impl SorobanArbitrary for Fp2 { - type Prototype = ArbitraryFp2; + impl SorobanArbitrary for Bls12381Fp2 { + type Prototype = ArbitraryBls12381Fp2; } - impl TryFromVal for Fp2 { + impl TryFromVal for Bls12381Fp2 { type Error = ConversionError; - fn try_from_val(env: &Env, v: &ArbitraryFp2) -> Result { + fn try_from_val(env: &Env, v: &ArbitraryBls12381Fp2) -> Result { let mut bytes = v.bytes; // Ensure both Fp components are strictly less than the modulus bytes[0] %= 0x1a; bytes[FP_SERIALIZED_SIZE] %= 0x1a; - Ok(Fp2::from_array(env, &bytes)) + Ok(Bls12381Fp2::from_array(env, &bytes)) } } - // For G1Affine (96 bytes) + // For Bls12381G1Affine (96 bytes) #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] - pub struct ArbitraryG1Affine { + pub struct ArbitraryBls12381G1Affine { bytes: [u8; G1_SERIALIZED_SIZE], } - impl SorobanArbitrary for G1Affine { - type Prototype = ArbitraryG1Affine; + impl SorobanArbitrary for Bls12381G1Affine { + type Prototype = ArbitraryBls12381G1Affine; } - impl TryFromVal for G1Affine { + impl TryFromVal for Bls12381G1Affine { type Error = ConversionError; - fn try_from_val(env: &Env, v: &ArbitraryG1Affine) -> Result { + fn try_from_val(env: &Env, v: &ArbitraryBls12381G1Affine) -> Result { let mut bytes = v.bytes; // the top 3 bits in a G1 point are reserved for flags: // compression_flag (bit 0), infinity_flag (bit 1) and sort_flag @@ -798,24 +798,24 @@ mod objects { // not an infinity point, we clear the flag bits bytes[0] &= !FLAG_MASK } - Ok(G1Affine::from_array(env, &bytes)) + Ok(Bls12381G1Affine::from_array(env, &bytes)) } } - // For G2Affine (192 bytes) + // For Bls12381G2Affine (192 bytes) #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] - pub struct ArbitraryG2Affine { + pub struct ArbitraryBls12381G2Affine { bytes: [u8; G2_SERIALIZED_SIZE], } - impl SorobanArbitrary for G2Affine { - type Prototype = ArbitraryG2Affine; + impl SorobanArbitrary for Bls12381G2Affine { + type Prototype = ArbitraryBls12381G2Affine; } - impl TryFromVal for G2Affine { + impl TryFromVal for Bls12381G2Affine { type Error = ConversionError; - fn try_from_val(env: &Env, v: &ArbitraryG2Affine) -> Result { + fn try_from_val(env: &Env, v: &ArbitraryBls12381G2Affine) -> Result { let mut bytes = v.bytes; // the top 3 bits in a G1 point are reserved for flags: // compression_flag (bit 0), infinity_flag (bit 1) and sort_flag @@ -833,25 +833,25 @@ mod objects { // not an infinity point, we clear the flag bits bytes[0] &= !FLAG_MASK } - Ok(G2Affine::from_array(env, &bytes)) + Ok(Bls12381G2Affine::from_array(env, &bytes)) } } #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] - pub struct ArbitraryFr { + pub struct ArbitraryBls12381Fr { bytes: [u8; 32], } - impl SorobanArbitrary for Fr { - type Prototype = ArbitraryFr; + impl SorobanArbitrary for Bls12381Fr { + type Prototype = ArbitraryBls12381Fr; } - impl TryFromVal for Fr { + impl TryFromVal for Bls12381Fr { type Error = ConversionError; - fn try_from_val(env: &Env, v: &ArbitraryFr) -> Result { - // Convert bytes to Fr via U256 - Ok(Fr::from_bytes(BytesN::from_array(env, &v.bytes))) + fn try_from_val(env: &Env, v: &ArbitraryBls12381Fr) -> Result { + // Convert bytes to Bls12381Fr via U256 + Ok(Bls12381Fr::from_bytes(BytesN::from_array(env, &v.bytes))) } } @@ -893,6 +893,28 @@ mod objects { } } + // For Bn254Fp (32 bytes) + #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] + pub struct ArbitraryBn254Fp { + bytes: [u8; BN254_FP_SERIALIZED_SIZE], + } + + impl SorobanArbitrary for Bn254Fp { + type Prototype = ArbitraryBn254Fp; + } + + impl TryFromVal for Bn254Fp { + type Error = ConversionError; + + fn try_from_val(env: &Env, v: &ArbitraryBn254Fp) -> Result { + let mut bytes = v.bytes; + // Ensure the value is strictly less than the BN254 base field modulus + // p = 0x30644e72... by restricting the most significant byte. + bytes[0] %= 0x30; + Ok(Bn254Fp::from_array(env, &bytes)) + } + } + // For BN254 Fr (32 bytes) #[derive(Arbitrary, Debug, Clone, Eq, PartialEq, Ord, PartialOrd)] pub struct ArbitraryBn254Fr { diff --git a/tests-expanded/test_bls_tests.rs b/tests-expanded/test_bls_tests.rs index f6f51b1cd..cd51b804d 100644 --- a/tests-expanded/test_bls_tests.rs +++ b/tests-expanded/test_bls_tests.rs @@ -6,7 +6,7 @@ extern crate core; use core::prelude::rust_2021::*; use soroban_sdk::{ contract, contractimpl, contracttype, - crypto::bls12_381::{Bls12381Fp, Bls12381Fp2, Bls12381G1Affine, Bls12381G2Affine, Fr}, + crypto::bls12_381::{Bls12381Fp, Bls12381Fp2, Bls12381Fr, Bls12381G1Affine, Bls12381G2Affine}, log, Env, Vec, }; pub struct DummyProof { @@ -14,7 +14,7 @@ pub struct DummyProof { pub fp2: Bls12381Fp2, pub g1: Bls12381G1Affine, pub g2: Bls12381G2Affine, - pub fr: Fr, + pub fr: Bls12381Fr, } pub static __SPEC_XDR_TYPE_DUMMYPROOF: [u8; 128usize] = DummyProof::spec_xdr(); impl DummyProof { @@ -282,7 +282,7 @@ const _: () = { fp2: ::Prototype, g1: ::Prototype, g2: ::Prototype, - fr: ::Prototype, + fr: ::Prototype, } #[automatically_derived] impl ::core::fmt::Debug for ArbitraryDummyProof { @@ -336,7 +336,7 @@ const _: () = { ::Prototype, >; let _: ::core::cmp::AssertParamIsEq< - ::Prototype, + ::Prototype, >; } } @@ -521,7 +521,7 @@ const _: () = { <::Prototype as arbitrary::Arbitrary>::size_hint( depth, ), - <::Prototype as arbitrary::Arbitrary>::size_hint( + <::Prototype as arbitrary::Arbitrary>::size_hint( depth, ), ], @@ -694,10 +694,10 @@ impl soroban_sdk::testutils::ContractFunctionSet for Contract { } } impl Contract { - pub fn g1_mul(env: Env, p: Bls12381G1Affine, s: Fr) -> Bls12381G1Affine { + pub fn g1_mul(env: Env, p: Bls12381G1Affine, s: Bls12381Fr) -> Bls12381G1Affine { env.crypto().bls12_381().g1_mul(&p, &s) } - pub fn g2_mul(env: Env, p: Bls12381G2Affine, s: Fr) -> Bls12381G2Affine { + pub fn g2_mul(env: Env, p: Bls12381G2Affine, s: Bls12381Fr) -> Bls12381G2Affine { env.crypto().bls12_381().g2_mul(&p, &s) } pub fn dummy_verify(env: Env, proof: DummyProof) -> bool { @@ -723,7 +723,7 @@ impl Contract { let vp2 = soroban_sdk::Vec::from_array(&env, [g2_mul]); env.crypto().bls12_381().pairing_check(vp1, vp2) } - pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Fr { + pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Bls12381Fr { values.get(index).unwrap() } } @@ -784,7 +784,7 @@ impl Contract { } } impl<'a> ContractClient<'a> { - pub fn g1_mul(&self, p: &Bls12381G1Affine, s: &Fr) -> Bls12381G1Affine { + pub fn g1_mul(&self, p: &Bls12381G1Affine, s: &Bls12381Fr) -> Bls12381G1Affine { use core::ops::Not; let old_auth_manager = self .env @@ -827,7 +827,7 @@ impl<'a> ContractClient<'a> { pub fn try_g1_mul( &self, p: &Bls12381G1Affine, - s: &Fr, + s: &Bls12381Fr, ) -> Result< Result< Bls12381G1Affine, @@ -877,7 +877,7 @@ impl<'a> ContractClient<'a> { } res } - pub fn g2_mul(&self, p: &Bls12381G2Affine, s: &Fr) -> Bls12381G2Affine { + pub fn g2_mul(&self, p: &Bls12381G2Affine, s: &Bls12381Fr) -> Bls12381G2Affine { use core::ops::Not; let old_auth_manager = self .env @@ -920,7 +920,7 @@ impl<'a> ContractClient<'a> { pub fn try_g2_mul( &self, p: &Bls12381G2Affine, - s: &Fr, + s: &Bls12381Fr, ) -> Result< Result< Bls12381G2Affine, @@ -1042,7 +1042,7 @@ impl<'a> ContractClient<'a> { } res } - pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Fr { + pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Bls12381Fr { use core::ops::Not; let old_auth_manager = self .env @@ -1080,10 +1080,13 @@ impl<'a> ContractClient<'a> { } pub fn try_fr_vec_get( &self, - values: &Vec, + values: &Vec, index: &u32, ) -> Result< - Result>::Error>, + Result< + Bls12381Fr, + >::Error, + >, Result, > { use core::ops::Not; @@ -1125,12 +1128,18 @@ impl<'a> ContractClient<'a> { impl ContractArgs { #[inline(always)] #[allow(clippy::unused_unit)] - pub fn g1_mul<'i>(p: &'i Bls12381G1Affine, s: &'i Fr) -> (&'i Bls12381G1Affine, &'i Fr) { + pub fn g1_mul<'i>( + p: &'i Bls12381G1Affine, + s: &'i Bls12381Fr, + ) -> (&'i Bls12381G1Affine, &'i Bls12381Fr) { (p, s) } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn g2_mul<'i>(p: &'i Bls12381G2Affine, s: &'i Fr) -> (&'i Bls12381G2Affine, &'i Fr) { + pub fn g2_mul<'i>( + p: &'i Bls12381G2Affine, + s: &'i Bls12381Fr, + ) -> (&'i Bls12381G2Affine, &'i Bls12381Fr) { (p, s) } #[inline(always)] @@ -1140,7 +1149,10 @@ impl ContractArgs { } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn fr_vec_get<'i>(values: &'i Vec, index: &'i u32) -> (&'i Vec, &'i u32) { + pub fn fr_vec_get<'i>( + values: &'i Vec, + index: &'i u32, + ) -> (&'i Vec, &'i u32) { (values, index) } } @@ -1453,7 +1465,7 @@ mod test { 136u8, 138u8, 228u8, 12u8, 170u8, 35u8, 41u8, 70u8, 197u8, 231u8, 225u8, ], )); - let zero = Fr::from_bytes(::soroban_sdk::BytesN::from_array( + let zero = Bls12381Fr::from_bytes(::soroban_sdk::BytesN::from_array( &env, &[ 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, @@ -1534,7 +1546,7 @@ mod test { 84u8, 134u8, 8u8, 184u8, 40u8, 1u8, ], )); - let zero = Fr::from_bytes(::soroban_sdk::BytesN::from_array( + let zero = Bls12381Fr::from_bytes(::soroban_sdk::BytesN::from_array( &env, &[ 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, @@ -1653,7 +1665,7 @@ mod test { 84u8, 134u8, 8u8, 184u8, 40u8, 1u8, ], )); - let fr = Fr::from_bytes(::soroban_sdk::BytesN::from_array( + let fr = Bls12381Fr::from_bytes(::soroban_sdk::BytesN::from_array( &env, &[ 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, 0u8, @@ -1726,7 +1738,7 @@ mod test { modulus.add(&nine).into_val(&env), ], ); - let first: Fr = env.invoke_contract( + let first: Bls12381Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), ::soroban_sdk::Vec::from_array( @@ -1734,12 +1746,12 @@ mod test { [raw_vals.clone().into_val(&env), 0_u32.into_val(&env)], ), ); - let second: Fr = env.invoke_contract( + let second: Bls12381Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), ::soroban_sdk::Vec::from_array(&env, [raw_vals.into_val(&env), 1_u32.into_val(&env)]), ); - match (&first, &Fr::from_u256(two)) { + match (&first, &Bls12381Fr::from_u256(two)) { (left_val, right_val) => { if !(*left_val == *right_val) { let kind = ::core::panicking::AssertKind::Eq; @@ -1752,7 +1764,7 @@ mod test { } } }; - match (&second, &Fr::from_u256(nine)) { + match (&second, &Bls12381Fr::from_u256(nine)) { (left_val, right_val) => { if !(*left_val == *right_val) { let kind = ::core::panicking::AssertKind::Eq; diff --git a/tests-expanded/test_bls_wasm32v1-none.rs b/tests-expanded/test_bls_wasm32v1-none.rs index eed04cba1..1bc77fcf7 100644 --- a/tests-expanded/test_bls_wasm32v1-none.rs +++ b/tests-expanded/test_bls_wasm32v1-none.rs @@ -6,7 +6,7 @@ extern crate core; use core::prelude::rust_2021::*; use soroban_sdk::{ contract, contractimpl, contracttype, - crypto::bls12_381::{Bls12381Fp, Bls12381Fp2, Bls12381G1Affine, Bls12381G2Affine, Fr}, + crypto::bls12_381::{Bls12381Fp, Bls12381Fp2, Bls12381Fr, Bls12381G1Affine, Bls12381G2Affine}, log, Env, Vec, }; pub struct DummyProof { @@ -14,7 +14,7 @@ pub struct DummyProof { pub fp2: Bls12381Fp2, pub g1: Bls12381G1Affine, pub g2: Bls12381G2Affine, - pub fr: Fr, + pub fr: Bls12381Fr, } #[link_section = "contractspecv0"] pub static __SPEC_XDR_TYPE_DUMMYPROOF: [u8; 128usize] = DummyProof::spec_xdr(); @@ -29,7 +29,7 @@ impl soroban_sdk::SpecShakingMarker for DummyProof { fn spec_shaking_marker() { ::spec_shaking_marker(); ::spec_shaking_marker(); - ::spec_shaking_marker(); + ::spec_shaking_marker(); ::spec_shaking_marker(); ::spec_shaking_marker(); { @@ -133,10 +133,10 @@ impl<'a> ContractClient<'a> { } } impl Contract { - pub fn g1_mul(env: Env, p: Bls12381G1Affine, s: Fr) -> Bls12381G1Affine { + pub fn g1_mul(env: Env, p: Bls12381G1Affine, s: Bls12381Fr) -> Bls12381G1Affine { env.crypto().bls12_381().g1_mul(&p, &s) } - pub fn g2_mul(env: Env, p: Bls12381G2Affine, s: Fr) -> Bls12381G2Affine { + pub fn g2_mul(env: Env, p: Bls12381G2Affine, s: Bls12381Fr) -> Bls12381G2Affine { env.crypto().bls12_381().g2_mul(&p, &s) } pub fn dummy_verify(env: Env, proof: DummyProof) -> bool { @@ -162,7 +162,7 @@ impl Contract { let vp2 = soroban_sdk::Vec::from_array(&env, [g2_mul]); env.crypto().bls12_381().pairing_check(vp1, vp2) } - pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Fr { + pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Bls12381Fr { values.get(index).unwrap() } } @@ -227,7 +227,7 @@ impl Contract { } } impl<'a> ContractClient<'a> { - pub fn g1_mul(&self, p: &Bls12381G1Affine, s: &Fr) -> Bls12381G1Affine { + pub fn g1_mul(&self, p: &Bls12381G1Affine, s: &Bls12381Fr) -> Bls12381G1Affine { use core::ops::Not; use soroban_sdk::{FromVal, IntoVal}; let res = self.env.invoke_contract( @@ -247,7 +247,7 @@ impl<'a> ContractClient<'a> { pub fn try_g1_mul( &self, p: &Bls12381G1Affine, - s: &Fr, + s: &Bls12381Fr, ) -> Result< Result< Bls12381G1Affine, @@ -273,7 +273,7 @@ impl<'a> ContractClient<'a> { ); res } - pub fn g2_mul(&self, p: &Bls12381G2Affine, s: &Fr) -> Bls12381G2Affine { + pub fn g2_mul(&self, p: &Bls12381G2Affine, s: &Bls12381Fr) -> Bls12381G2Affine { use core::ops::Not; use soroban_sdk::{FromVal, IntoVal}; let res = self.env.invoke_contract( @@ -293,7 +293,7 @@ impl<'a> ContractClient<'a> { pub fn try_g2_mul( &self, p: &Bls12381G2Affine, - s: &Fr, + s: &Bls12381Fr, ) -> Result< Result< Bls12381G2Affine, @@ -344,7 +344,7 @@ impl<'a> ContractClient<'a> { ); res } - pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Fr { + pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Bls12381Fr { use core::ops::Not; use soroban_sdk::{FromVal, IntoVal}; let res = self.env.invoke_contract( @@ -359,10 +359,13 @@ impl<'a> ContractClient<'a> { } pub fn try_fr_vec_get( &self, - values: &Vec, + values: &Vec, index: &u32, ) -> Result< - Result>::Error>, + Result< + Bls12381Fr, + >::Error, + >, Result, > { use soroban_sdk::{FromVal, IntoVal}; @@ -380,12 +383,18 @@ impl<'a> ContractClient<'a> { impl ContractArgs { #[inline(always)] #[allow(clippy::unused_unit)] - pub fn g1_mul<'i>(p: &'i Bls12381G1Affine, s: &'i Fr) -> (&'i Bls12381G1Affine, &'i Fr) { + pub fn g1_mul<'i>( + p: &'i Bls12381G1Affine, + s: &'i Bls12381Fr, + ) -> (&'i Bls12381G1Affine, &'i Bls12381Fr) { (p, s) } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn g2_mul<'i>(p: &'i Bls12381G2Affine, s: &'i Fr) -> (&'i Bls12381G2Affine, &'i Fr) { + pub fn g2_mul<'i>( + p: &'i Bls12381G2Affine, + s: &'i Bls12381Fr, + ) -> (&'i Bls12381G2Affine, &'i Bls12381Fr) { (p, s) } #[inline(always)] @@ -395,7 +404,10 @@ impl ContractArgs { } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn fr_vec_get<'i>(values: &'i Vec, index: &'i u32) -> (&'i Vec, &'i u32) { + pub fn fr_vec_get<'i>( + values: &'i Vec, + index: &'i u32, + ) -> (&'i Vec, &'i u32) { (values, index) } } diff --git a/tests-expanded/test_bn254_tests.rs b/tests-expanded/test_bn254_tests.rs index 21d87d2c8..e8ca8c86c 100644 --- a/tests-expanded/test_bn254_tests.rs +++ b/tests-expanded/test_bn254_tests.rs @@ -6,7 +6,7 @@ extern crate core; use core::prelude::rust_2021::*; use soroban_sdk::{ contract, contractimpl, contracttype, - crypto::bn254::{Bn254G1Affine, Bn254G2Affine, Fr}, + crypto::bn254::{Bn254Fr, Bn254G1Affine, Bn254G2Affine}, Env, Vec, }; pub struct MockProof { @@ -535,10 +535,10 @@ impl Contract { pub fn g1_add(a: Bn254G1Affine, b: Bn254G1Affine) -> Bn254G1Affine { a + b } - pub fn g1_mul(p: Bn254G1Affine, s: Fr) -> Bn254G1Affine { + pub fn g1_mul(p: Bn254G1Affine, s: Bn254Fr) -> Bn254G1Affine { p * s } - pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Fr { + pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Bn254Fr { values.get(index).unwrap() } } @@ -762,7 +762,7 @@ impl<'a> ContractClient<'a> { } res } - pub fn g1_mul(&self, p: &Bn254G1Affine, s: &Fr) -> Bn254G1Affine { + pub fn g1_mul(&self, p: &Bn254G1Affine, s: &Bn254Fr) -> Bn254G1Affine { use core::ops::Not; let old_auth_manager = self .env @@ -805,7 +805,7 @@ impl<'a> ContractClient<'a> { pub fn try_g1_mul( &self, p: &Bn254G1Affine, - s: &Fr, + s: &Bn254Fr, ) -> Result< Result< Bn254G1Affine, @@ -852,7 +852,7 @@ impl<'a> ContractClient<'a> { } res } - pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Fr { + pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Bn254Fr { use core::ops::Not; let old_auth_manager = self .env @@ -890,10 +890,13 @@ impl<'a> ContractClient<'a> { } pub fn try_fr_vec_get( &self, - values: &Vec, + values: &Vec, index: &u32, ) -> Result< - Result>::Error>, + Result< + Bn254Fr, + >::Error, + >, Result, > { use core::ops::Not; @@ -948,12 +951,12 @@ impl ContractArgs { } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn g1_mul<'i>(p: &'i Bn254G1Affine, s: &'i Fr) -> (&'i Bn254G1Affine, &'i Fr) { + pub fn g1_mul<'i>(p: &'i Bn254G1Affine, s: &'i Bn254Fr) -> (&'i Bn254G1Affine, &'i Bn254Fr) { (p, s) } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn fr_vec_get<'i>(values: &'i Vec, index: &'i u32) -> (&'i Vec, &'i u32) { + pub fn fr_vec_get<'i>(values: &'i Vec, index: &'i u32) -> (&'i Vec, &'i u32) { (values, index) } } @@ -1322,7 +1325,7 @@ mod test { } } }; - let scalar: Fr = U256::from_u32(&env, 2).into(); + let scalar: Bn254Fr = U256::from_u32(&env, 2).into(); match ( &client.g1_add(&x_bn254, &x_bn254), &client.g1_mul(&x_bn254, &scalar), @@ -1503,7 +1506,7 @@ mod test { modulus.add(&seven).into_val(&env), ], ); - let first: Fr = env.invoke_contract( + let first: Bn254Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), ::soroban_sdk::Vec::from_array( @@ -1511,12 +1514,12 @@ mod test { [raw_vals.clone().into_val(&env), 0_u32.into_val(&env)], ), ); - let second: Fr = env.invoke_contract( + let second: Bn254Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), ::soroban_sdk::Vec::from_array(&env, [raw_vals.into_val(&env), 1_u32.into_val(&env)]), ); - match (&first, &Fr::from_u256(three)) { + match (&first, &Bn254Fr::from_u256(three)) { (left_val, right_val) => { if !(*left_val == *right_val) { let kind = ::core::panicking::AssertKind::Eq; @@ -1529,7 +1532,7 @@ mod test { } } }; - match (&second, &Fr::from_u256(seven)) { + match (&second, &Bn254Fr::from_u256(seven)) { (left_val, right_val) => { if !(*left_val == *right_val) { let kind = ::core::panicking::AssertKind::Eq; diff --git a/tests-expanded/test_bn254_wasm32v1-none.rs b/tests-expanded/test_bn254_wasm32v1-none.rs index 9795eaa34..ebd06e40e 100644 --- a/tests-expanded/test_bn254_wasm32v1-none.rs +++ b/tests-expanded/test_bn254_wasm32v1-none.rs @@ -6,7 +6,7 @@ extern crate core; use core::prelude::rust_2021::*; use soroban_sdk::{ contract, contractimpl, contracttype, - crypto::bn254::{Bn254G1Affine, Bn254G2Affine, Fr}, + crypto::bn254::{Bn254Fr, Bn254G1Affine, Bn254G2Affine}, Env, Vec, }; pub struct MockProof { @@ -118,10 +118,10 @@ impl Contract { pub fn g1_add(a: Bn254G1Affine, b: Bn254G1Affine) -> Bn254G1Affine { a + b } - pub fn g1_mul(p: Bn254G1Affine, s: Fr) -> Bn254G1Affine { + pub fn g1_mul(p: Bn254G1Affine, s: Bn254Fr) -> Bn254G1Affine { p * s } - pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Fr { + pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Bn254Fr { values.get(index).unwrap() } } @@ -255,7 +255,7 @@ impl<'a> ContractClient<'a> { ); res } - pub fn g1_mul(&self, p: &Bn254G1Affine, s: &Fr) -> Bn254G1Affine { + pub fn g1_mul(&self, p: &Bn254G1Affine, s: &Bn254Fr) -> Bn254G1Affine { use core::ops::Not; use soroban_sdk::{FromVal, IntoVal}; let res = self.env.invoke_contract( @@ -275,7 +275,7 @@ impl<'a> ContractClient<'a> { pub fn try_g1_mul( &self, p: &Bn254G1Affine, - s: &Fr, + s: &Bn254Fr, ) -> Result< Result< Bn254G1Affine, @@ -298,7 +298,7 @@ impl<'a> ContractClient<'a> { ); res } - pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Fr { + pub fn fr_vec_get(&self, values: &Vec, index: &u32) -> Bn254Fr { use core::ops::Not; use soroban_sdk::{FromVal, IntoVal}; let res = self.env.invoke_contract( @@ -313,10 +313,13 @@ impl<'a> ContractClient<'a> { } pub fn try_fr_vec_get( &self, - values: &Vec, + values: &Vec, index: &u32, ) -> Result< - Result>::Error>, + Result< + Bn254Fr, + >::Error, + >, Result, > { use soroban_sdk::{FromVal, IntoVal}; @@ -347,12 +350,12 @@ impl ContractArgs { } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn g1_mul<'i>(p: &'i Bn254G1Affine, s: &'i Fr) -> (&'i Bn254G1Affine, &'i Fr) { + pub fn g1_mul<'i>(p: &'i Bn254G1Affine, s: &'i Bn254Fr) -> (&'i Bn254G1Affine, &'i Bn254Fr) { (p, s) } #[inline(always)] #[allow(clippy::unused_unit)] - pub fn fr_vec_get<'i>(values: &'i Vec, index: &'i u32) -> (&'i Vec, &'i u32) { + pub fn fr_vec_get<'i>(values: &'i Vec, index: &'i u32) -> (&'i Vec, &'i u32) { (values, index) } } diff --git a/tests/bls/src/lib.rs b/tests/bls/src/lib.rs index 95f0338ac..2ccde5b52 100644 --- a/tests/bls/src/lib.rs +++ b/tests/bls/src/lib.rs @@ -1,7 +1,7 @@ #![no_std] use soroban_sdk::{ contract, contractimpl, contracttype, - crypto::bls12_381::{Bls12381Fp, Bls12381Fp2, Bls12381G1Affine, Bls12381G2Affine, Fr}, + crypto::bls12_381::{Bls12381Fp, Bls12381Fp2, Bls12381Fr, Bls12381G1Affine, Bls12381G2Affine}, log, Env, Vec, }; @@ -12,7 +12,7 @@ pub struct DummyProof { pub fp2: Bls12381Fp2, pub g1: Bls12381G1Affine, pub g2: Bls12381G2Affine, - pub fr: Fr, + pub fr: Bls12381Fr, } #[contract] @@ -20,11 +20,11 @@ pub struct Contract; #[contractimpl] impl Contract { - pub fn g1_mul(env: Env, p: Bls12381G1Affine, s: Fr) -> Bls12381G1Affine { + pub fn g1_mul(env: Env, p: Bls12381G1Affine, s: Bls12381Fr) -> Bls12381G1Affine { env.crypto().bls12_381().g1_mul(&p, &s) } - pub fn g2_mul(env: Env, p: Bls12381G2Affine, s: Fr) -> Bls12381G2Affine { + pub fn g2_mul(env: Env, p: Bls12381G2Affine, s: Bls12381Fr) -> Bls12381G2Affine { env.crypto().bls12_381().g2_mul(&p, &s) } @@ -44,7 +44,7 @@ impl Contract { env.crypto().bls12_381().pairing_check(vp1, vp2) } - pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Fr { + pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Bls12381Fr { values.get(index).unwrap() } } @@ -64,7 +64,7 @@ mod test { // G1 generator and zero scalar let g1 = Bls12381G1Affine::from_bytes(bytesn!(&env, 0x17f1d3a73197d7942695638c4fa9ac0fc3688c4f9774b905a14e3a3f171bac586c55e83ff97a1aeffb3af00adb22c6bb08b3f481e3aaa0f1a09e30ed741d8ae4fcf5e095d5d00af600db18cb2c04b3edd03cc744a2888ae40caa232946c5e7e1)); - let zero = Fr::from_bytes(bytesn!( + let zero = Bls12381Fr::from_bytes(bytesn!( &env, 0x0000000000000000000000000000000000000000000000000000000000000000 )); @@ -81,7 +81,7 @@ mod test { // G2 generator and zero scalar let g2 = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); - let zero = Fr::from_bytes(bytesn!( + let zero = Bls12381Fr::from_bytes(bytesn!( &env, 0x0000000000000000000000000000000000000000000000000000000000000000 )); @@ -103,7 +103,7 @@ mod test { let g2 = Bls12381G2Affine::from_bytes(bytesn!(&env, 0x13e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb80606c4a02ea734cc32acd2b02bc28b99cb3e287e85a763af267492ab572e99ab3f370d275cec1da1aaa9075ff05f79be0ce5d527727d6e118cc9cdc6da2e351aadfd9baa8cbdd3a76d429a695160d12c923ac9cc3baca289e193548608b82801)); // Create a scalar value - let fr = Fr::from_bytes(bytesn!( + let fr = Bls12381Fr::from_bytes(bytesn!( &env, 0x0000000000000000000000000000000000000000000000000000000000000001 )); @@ -141,18 +141,18 @@ mod test { modulus.add(&nine).into_val(&env), ]; - let first: Fr = env.invoke_contract( + let first: Bls12381Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), vec![&env, raw_vals.clone().into_val(&env), 0_u32.into_val(&env)], ); - let second: Fr = env.invoke_contract( + let second: Bls12381Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), vec![&env, raw_vals.into_val(&env), 1_u32.into_val(&env)], ); - assert_eq!(first, Fr::from_u256(two)); - assert_eq!(second, Fr::from_u256(nine)); + assert_eq!(first, Bls12381Fr::from_u256(two)); + assert_eq!(second, Bls12381Fr::from_u256(nine)); } } diff --git a/tests/bn254/src/lib.rs b/tests/bn254/src/lib.rs index 946bd9ed2..0e627a5d6 100644 --- a/tests/bn254/src/lib.rs +++ b/tests/bn254/src/lib.rs @@ -1,7 +1,7 @@ #![no_std] use soroban_sdk::{ contract, contractimpl, contracttype, - crypto::bn254::{Bn254G1Affine, Bn254G2Affine, Fr}, + crypto::bn254::{Bn254Fr, Bn254G1Affine, Bn254G2Affine}, Env, Vec, }; @@ -25,11 +25,11 @@ impl Contract { a + b } - pub fn g1_mul(p: Bn254G1Affine, s: Fr) -> Bn254G1Affine { + pub fn g1_mul(p: Bn254G1Affine, s: Bn254Fr) -> Bn254G1Affine { p * s } - pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Fr { + pub fn fr_vec_get(_env: Env, values: Vec, index: u32) -> Bn254Fr { values.get(index).unwrap() } } @@ -88,7 +88,7 @@ mod test { expected_x_plus_y.as_slice() ); - let scalar: Fr = U256::from_u32(&env, 2).into(); + let scalar: Bn254Fr = U256::from_u32(&env, 2).into(); // G + G = 2G assert_eq!( @@ -170,18 +170,18 @@ mod test { modulus.add(&seven).into_val(&env), ]; - let first: Fr = env.invoke_contract( + let first: Bn254Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), vec![&env, raw_vals.clone().into_val(&env), 0_u32.into_val(&env)], ); - let second: Fr = env.invoke_contract( + let second: Bn254Fr = env.invoke_contract( &contract_id, &Symbol::new(&env, "fr_vec_get"), vec![&env, raw_vals.into_val(&env), 1_u32.into_val(&env)], ); - assert_eq!(first, Fr::from_u256(three)); - assert_eq!(second, Fr::from_u256(seven)); + assert_eq!(first, Bn254Fr::from_u256(three)); + assert_eq!(second, Bn254Fr::from_u256(seven)); } }