Port arith SM changes from JS for Etrog

0xPolygonHermez · Nov 28, 2023 · 6b48447 · 6b48447
1 parent 13ec056
commit 6b48447
Show file tree

Hide file tree

Showing 16 changed files with 3,958 additions and 1,475 deletions.
diff --git a/src/main.cpp b/src/main.cpp
@@ -355,10 +355,10 @@ int main(int argc, char **argv)
     PoseidonGoldilocks poseidon;
 
 #ifdef DEBUG
-    zklog.info("BN128 p-1=" + bn128.toString(bn128.negOne(),16));
-    zklog.info("FQ p-1=" + fq.toString(fq.negOne(),16));
-    zklog.info("FEC p-1=" + fec.toString(fec.negOne(),16));
-    zklog.info("FNEC p-1=" + fnec.toString(fnec.negOne(),16));
+    zklog.info("BN128 p-1 =" + bn128.toString(bn128.negOne(),16) + " = " + bn128.toString(bn128.negOne(),10));
+    zklog.info("FQ    p-1 =" + fq.toString(fq.negOne(),16) + " = " + fq.toString(fq.negOne(),10));
+    zklog.info("FEC   p-1 =" + fec.toString(fec.negOne(),16) + " = " + fec.toString(fec.negOne(),10));
+    zklog.info("FNEC  p-1 =" + fnec.toString(fnec.negOne(),16) + " = " + fnec.toString(fnec.negOne(),10));
 #endif
 
     // Generate account zero keys

diff --git a/src/sm/arith/arith_action_bytes.hpp b/src/sm/arith/arith_action_bytes.hpp
@@ -17,6 +17,9 @@ class ArithActionBytes
     uint64_t selEq1;
     uint64_t selEq2;
     uint64_t selEq3;
+    uint64_t selEq4;
+    uint64_t selEq5;
+    uint64_t selEq6;
 
     // These arrays will contain 16-bit numbers, except the last (15) one, which can be up to 20-bits long
     // For this reason, we use 64-bit numbers, to have room for all possible values
@@ -30,6 +33,9 @@ class ArithActionBytes
     uint64_t _selEq1[16];
     uint64_t _selEq2[16];
     uint64_t _selEq3[16];
+    uint64_t _selEq4[16];
+    uint64_t _selEq5[16];
+    uint64_t _selEq6[16];
     uint64_t _s[16];
     uint64_t _q0[16];
     uint64_t _q1[16];

diff --git a/src/sm/arith/arith_executor.cpp b/src/sm/arith/arith_executor.cpp
diff --git a/src/sm/arith/sm_arith_eq0.cpp b/src/sm/arith/sm_arith_eq0.cpp
@@ -1,7 +1,7 @@
 /* code generated with arith_eq_gen.js
 * equation: x1*y1-p2_256*y2+x2-y3
 * 
-* p2_256=115792089237316195423570985008687907853269984665640564039457584007913129639936
+* p2_256=0x10000000000000000000000000000000000000000000000000000000000000000
 */
 
 #include <stdint.h>
@@ -14,33 +14,33 @@ USING_PROVER_FORK_NAMESPACE;
 Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint64_t _o)
 {
 	switch(step) {
-	case 0: 
+		case 0: 
 		return (
 		(p.x1[0][_o]  * p.y1[0][_o] )
 		 + p.x2[0][_o]  - p.y3[0][_o] );
 
-	case 1: 
+		case 1: 
 		return (
 		(p.x1[0][_o]  * p.y1[1][_o] ) +
 		(p.x1[1][_o]  * p.y1[0][_o] )
 		 + p.x2[1][_o]  - p.y3[1][_o] );
 
-	case 2: 
+		case 2: 
 		return (
 		(p.x1[0][_o]  * p.y1[2][_o] ) +
 		(p.x1[1][_o]  * p.y1[1][_o] ) +
 		(p.x1[2][_o]  * p.y1[0][_o] )
 		 + p.x2[2][_o]  - p.y3[2][_o] );
 
-	case 3: 
+		case 3: 
 		return (
 		(p.x1[0][_o]  * p.y1[3][_o] ) +
 		(p.x1[1][_o]  * p.y1[2][_o] ) +
 		(p.x1[2][_o]  * p.y1[1][_o] ) +
 		(p.x1[3][_o]  * p.y1[0][_o] )
 		 + p.x2[3][_o]  - p.y3[3][_o] );
 
-	case 4: 
+		case 4: 
 		return (
 		(p.x1[0][_o]  * p.y1[4][_o] ) +
 		(p.x1[1][_o]  * p.y1[3][_o] ) +
@@ -49,7 +49,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[4][_o]  * p.y1[0][_o] )
 		 + p.x2[4][_o]  - p.y3[4][_o] );
 
-	case 5: 
+		case 5: 
 		return (
 		(p.x1[0][_o]  * p.y1[5][_o] ) +
 		(p.x1[1][_o]  * p.y1[4][_o] ) +
@@ -59,7 +59,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[5][_o]  * p.y1[0][_o] )
 		 + p.x2[5][_o]  - p.y3[5][_o] );
 
-	case 6: 
+		case 6: 
 		return (
 		(p.x1[0][_o]  * p.y1[6][_o] ) +
 		(p.x1[1][_o]  * p.y1[5][_o] ) +
@@ -70,7 +70,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[6][_o]  * p.y1[0][_o] )
 		 + p.x2[6][_o]  - p.y3[6][_o] );
 
-	case 7: 
+		case 7: 
 		return (
 		(p.x1[0][_o]  * p.y1[7][_o] ) +
 		(p.x1[1][_o]  * p.y1[6][_o] ) +
@@ -82,7 +82,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[7][_o]  * p.y1[0][_o] )
 		 + p.x2[7][_o]  - p.y3[7][_o] );
 
-	case 8: 
+		case 8: 
 		return (
 		(p.x1[0][_o]  * p.y1[8][_o] ) +
 		(p.x1[1][_o]  * p.y1[7][_o] ) +
@@ -95,7 +95,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[8][_o]  * p.y1[0][_o] )
 		 + p.x2[8][_o]  - p.y3[8][_o] );
 
-	case 9: 
+		case 9: 
 		return (
 		(p.x1[0][_o]  * p.y1[9][_o] ) +
 		(p.x1[1][_o]  * p.y1[8][_o] ) +
@@ -109,7 +109,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[9][_o]  * p.y1[0][_o] )
 		 + p.x2[9][_o]  - p.y3[9][_o] );
 
-	case 10: 
+		case 10: 
 		return (
 		(p.x1[0][_o]  * p.y1[10][_o]) +
 		(p.x1[1][_o]  * p.y1[9][_o] ) +
@@ -124,7 +124,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[10][_o] * p.y1[0][_o] )
 		 + p.x2[10][_o] - p.y3[10][_o]);
 
-	case 11: 
+		case 11: 
 		return (
 		(p.x1[0][_o]  * p.y1[11][_o]) +
 		(p.x1[1][_o]  * p.y1[10][_o]) +
@@ -140,7 +140,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[11][_o] * p.y1[0][_o] )
 		 + p.x2[11][_o] - p.y3[11][_o]);
 
-	case 12: 
+		case 12: 
 		return (
 		(p.x1[0][_o]  * p.y1[12][_o]) +
 		(p.x1[1][_o]  * p.y1[11][_o]) +
@@ -157,7 +157,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[12][_o] * p.y1[0][_o] )
 		 + p.x2[12][_o] - p.y3[12][_o]);
 
-	case 13: 
+		case 13: 
 		return (
 		(p.x1[0][_o]  * p.y1[13][_o]) +
 		(p.x1[1][_o]  * p.y1[12][_o]) +
@@ -175,7 +175,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[13][_o] * p.y1[0][_o] )
 		 + p.x2[13][_o] - p.y3[13][_o]);
 
-	case 14: 
+		case 14: 
 		return (
 		(p.x1[0][_o]  * p.y1[14][_o]) +
 		(p.x1[1][_o]  * p.y1[13][_o]) +
@@ -194,7 +194,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[14][_o] * p.y1[0][_o] )
 		 + p.x2[14][_o] - p.y3[14][_o]);
 
-	case 15: 
+		case 15: 
 		return (
 		(p.x1[0][_o]  * p.y1[15][_o]) +
 		(p.x1[1][_o]  * p.y1[14][_o]) +
@@ -214,7 +214,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[0][_o] )
 		 + p.x2[15][_o] - p.y3[15][_o]);
 
-	case 16: 
+		case 16: 
 		return (
 		(p.x1[1][_o]  * p.y1[15][_o]) +
 		(p.x1[2][_o]  * p.y1[14][_o]) +
@@ -233,7 +233,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[1][_o] )
 		    - p.y2[0][_o] );
 
-	case 17: 
+		case 17: 
 		return (
 		(p.x1[2][_o]  * p.y1[15][_o]) +
 		(p.x1[3][_o]  * p.y1[14][_o]) +
@@ -251,7 +251,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[2][_o] )
 		    - p.y2[1][_o] );
 
-	case 18: 
+		case 18: 
 		return (
 		(p.x1[3][_o]  * p.y1[15][_o]) +
 		(p.x1[4][_o]  * p.y1[14][_o]) +
@@ -268,7 +268,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[3][_o] )
 		    - p.y2[2][_o] );
 
-	case 19: 
+		case 19: 
 		return (
 		(p.x1[4][_o]  * p.y1[15][_o]) +
 		(p.x1[5][_o]  * p.y1[14][_o]) +
@@ -284,7 +284,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[4][_o] )
 		    - p.y2[3][_o] );
 
-	case 20: 
+		case 20: 
 		return (
 		(p.x1[5][_o]  * p.y1[15][_o]) +
 		(p.x1[6][_o]  * p.y1[14][_o]) +
@@ -299,7 +299,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[5][_o] )
 		    - p.y2[4][_o] );
 
-	case 21: 
+		case 21: 
 		return (
 		(p.x1[6][_o]  * p.y1[15][_o]) +
 		(p.x1[7][_o]  * p.y1[14][_o]) +
@@ -313,7 +313,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[6][_o] )
 		    - p.y2[5][_o] );
 
-	case 22: 
+		case 22: 
 		return (
 		(p.x1[7][_o]  * p.y1[15][_o]) +
 		(p.x1[8][_o]  * p.y1[14][_o]) +
@@ -326,7 +326,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[7][_o] )
 		    - p.y2[6][_o] );
 
-	case 23: 
+		case 23: 
 		return (
 		(p.x1[8][_o]  * p.y1[15][_o]) +
 		(p.x1[9][_o]  * p.y1[14][_o]) +
@@ -338,7 +338,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[8][_o] )
 		    - p.y2[7][_o] );
 
-	case 24: 
+		case 24: 
 		return (
 		(p.x1[9][_o]  * p.y1[15][_o]) +
 		(p.x1[10][_o] * p.y1[14][_o]) +
@@ -349,7 +349,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[9][_o] )
 		    - p.y2[8][_o] );
 
-	case 25: 
+		case 25: 
 		return (
 		(p.x1[10][_o] * p.y1[15][_o]) +
 		(p.x1[11][_o] * p.y1[14][_o]) +
@@ -359,7 +359,7 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[10][_o])
 		    - p.y2[9][_o] );
 
-	case 26: 
+		case 26: 
 		return (
 		(p.x1[11][_o] * p.y1[15][_o]) +
 		(p.x1[12][_o] * p.y1[14][_o]) +
@@ -368,35 +368,34 @@ Goldilocks::Element eq0 (Goldilocks &fr, ArithCommitPols &p, uint64_t step, uint
 		(p.x1[15][_o] * p.y1[11][_o])
 		    - p.y2[10][_o]);
 
-	case 27: 
+		case 27: 
 		return (
 		(p.x1[12][_o] * p.y1[15][_o]) +
 		(p.x1[13][_o] * p.y1[14][_o]) +
 		(p.x1[14][_o] * p.y1[13][_o]) +
 		(p.x1[15][_o] * p.y1[12][_o])
 		    - p.y2[11][_o]);
 
-	case 28: 
+		case 28: 
 		return (
 		(p.x1[13][_o] * p.y1[15][_o]) +
 		(p.x1[14][_o] * p.y1[14][_o]) +
 		(p.x1[15][_o] * p.y1[13][_o])
 		    - p.y2[12][_o]);
 
-	case 29: 
+		case 29: 
 		return (
 		(p.x1[14][_o] * p.y1[15][_o]) +
 		(p.x1[15][_o] * p.y1[14][_o])
 		    - p.y2[13][_o]);
 
-	case 30: 
+		case 30: 
 		return (
 		(p.x1[15][_o] * p.y1[15][_o])
 		    - p.y2[14][_o]);
 
-	case 31: 
-		return (
-		    - p.y2[15][_o]);
+		case 31: 
+		return ( - p.y2[15][_o]);
 	}
 	return fr.zero();
 }