Skip to content

Commit

Permalink
add on curve check on groth16 proof points
Browse files Browse the repository at this point in the history
  • Loading branch information
feltroidprime committed Aug 6, 2024
1 parent e169823 commit 12285e7
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 9 deletions.
5 changes: 0 additions & 5 deletions src/cairo/src/definitions.cairo
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,6 @@ struct G2Line {
r1a1: u384,
}


trait G2PointTrait {
fn is_on_curve(self: @G2Point, curve_index: usize) -> bool;
}

#[derive(Copy, Drop, Debug, PartialEq)]
struct G1G2Pair {
p: G1Point,
Expand Down
3 changes: 2 additions & 1 deletion src/cairo/src/ec_ops.cairo
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ use core::circuit::{
AddInputResultTrait, CircuitInputs, CircuitDefinition, CircuitData, CircuitInputAccumulator
};
use garaga::definitions::{
get_a, get_b, get_p, get_g, get_min_one, get_b2, get_n, G1Point, G2Point, G2PointTrait,
get_a, get_b, get_p, get_g, get_min_one, get_b2, get_n, G1Point, G2Point,
BLS_X_SEED_SQ_EPNS, G1PointInfinity, THIRD_ROOT_OF_UNITY_BLS12_381_G1
};
use core::option::Option;
Expand Down Expand Up @@ -66,6 +66,7 @@ impl G1PointImpl of G1PointTrait {
}
}

#[generate_trait]
impl G2PointImpl of G2PointTrait {
fn is_on_curve(self: @G2Point, curve_index: usize) -> bool {
let (b20, b21) = get_b2(curve_index).unwrap();
Expand Down
10 changes: 7 additions & 3 deletions src/cairo/src/groth16.cairo
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ use core::poseidon::hades_permutation;


use garaga::basic_field_ops::{neg_mod_p};
use garaga::ec_ops::{msm_g1, MSMHint, DerivePointFromXHint};
use garaga::ec_ops::{msm_g1, MSMHint, DerivePointFromXHint, G1PointTrait, G2PointTrait};

use garaga::pairing_check::{MPCheckHintBN254, MPCheckHintBLS12_381};

Expand Down Expand Up @@ -97,7 +97,9 @@ fn verify_groth16_bn254(
public_inputs_msm_derive_point_from_x_hint.unbox(),
0
);

assert!(proof.a.is_in_subgroup(0, Option::None, Option::None));
assert!(proof.b.is_on_curve(0));
assert!(proof.c.is_in_subgroup(0, Option::None, Option::None));
return multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result(
G1G2Pair { p: vk_x, q: verification_key.gamma_g2 },
G1G2Pair { p: proof.c, q: verification_key.delta_g2 },
Expand Down Expand Up @@ -143,7 +145,9 @@ fn verify_groth16_bls12_381(
public_inputs_msm_derive_point_from_x_hint.unbox(),
1
);

assert!(proof.a.is_in_subgroup(0, Option::None, Option::None));
assert!(proof.b.is_on_curve(0));
assert!(proof.c.is_in_subgroup(0, Option::None, Option::None));
return multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result(
G1G2Pair { p: vk_x, q: verification_key.gamma_g2 },
G1G2Pair { p: proof.c, q: verification_key.delta_g2 },
Expand Down

0 comments on commit 12285e7

Please sign in to comment.