From aa19e0f3cfce1a2fed1f111e42bb63c4f4e7be9a Mon Sep 17 00:00:00 2001 From: Youssef El Housni Date: Thu, 17 Jul 2025 13:25:00 -0400 Subject: [PATCH 1/7] feat: batch subgroup membership testing --- ecc/bls12-377/g1.go | 72 +++++++++++++++++ ecc/bls12-377/g1_test.go | 35 +++++++++ ecc/bls12-377/g2.go | 71 +++++++++++++++++ ecc/bls12-377/g2_test.go | 35 +++++++++ ecc/bls12-381/g1.go | 72 +++++++++++++++++ ecc/bls12-381/g1_test.go | 35 +++++++++ ecc/bls12-381/g2.go | 71 +++++++++++++++++ ecc/bls12-381/g2_test.go | 35 +++++++++ ecc/bls24-315/g1.go | 72 +++++++++++++++++ ecc/bls24-315/g1_test.go | 35 +++++++++ ecc/bls24-315/g2.go | 71 +++++++++++++++++ ecc/bls24-315/g2_test.go | 35 +++++++++ ecc/bls24-317/g1.go | 72 +++++++++++++++++ ecc/bls24-317/g1_test.go | 35 +++++++++ ecc/bls24-317/g2.go | 71 +++++++++++++++++ ecc/bls24-317/g2_test.go | 35 +++++++++ ecc/bn254/g1.go | 72 +++++++++++++++++ ecc/bn254/g1_test.go | 35 +++++++++ ecc/bn254/g2.go | 71 +++++++++++++++++ ecc/bn254/g2_test.go | 35 +++++++++ ecc/bw6-633/g1.go | 72 +++++++++++++++++ ecc/bw6-633/g1_test.go | 35 +++++++++ ecc/bw6-633/g2.go | 71 +++++++++++++++++ ecc/bw6-633/g2_test.go | 35 +++++++++ ecc/bw6-761/g1.go | 72 +++++++++++++++++ ecc/bw6-761/g1_test.go | 35 +++++++++ ecc/bw6-761/g2.go | 71 +++++++++++++++++ ecc/bw6-761/g2_test.go | 35 +++++++++ ecc/grumpkin/g1.go | 72 +++++++++++++++++ ecc/grumpkin/g1_test.go | 35 +++++++++ ecc/secp256k1/g1.go | 72 +++++++++++++++++ ecc/secp256k1/g1_test.go | 35 +++++++++ ecc/stark-curve/g1.go | 45 +++++++++++ internal/generator/ecc/template/point.go.tmpl | 77 ++++++++++++++++++- .../ecc/template/tests/point.go.tmpl | 40 +++++++++- 35 files changed, 1863 insertions(+), 4 deletions(-) diff --git a/ecc/bls12-377/g1.go b/ecc/bls12-377/g1.go index 3feef2020..6e1383c43 100644 --- a/ecc/bls12-377/g1.go +++ b/ecc/bls12-377/g1.go @@ -6,12 +6,14 @@ package bls12377 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls12-377/g1_test.go b/ecc/bls12-377/g1_test.go index 91ab2d4a0..fe433a1eb 100644 --- a/ecc/bls12-377/g1_test.go +++ b/ecc/bls12-377/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS12-377] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls12-377/g2.go b/ecc/bls12-377/g2.go index 78b6138c5..d5b9f0be6 100644 --- a/ecc/bls12-377/g2.go +++ b/ecc/bls12-377/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) @@ -212,6 +213,76 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls12-377/g2_test.go b/ecc/bls12-377/g2_test.go index c4de84925..b388044e6 100644 --- a/ecc/bls12-377/g2_test.go +++ b/ecc/bls12-377/g2_test.go @@ -125,6 +125,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS12-377] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls12-381/g1.go b/ecc/bls12-381/g1.go index ab00282af..7d8876177 100644 --- a/ecc/bls12-381/g1.go +++ b/ecc/bls12-381/g1.go @@ -6,6 +6,7 @@ package bls12381 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" @@ -13,6 +14,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -215,6 +217,76 @@ func (p *G1Affine) IsInSubGroup() bool { return res.Equal(&_p) } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls12-381/g1_test.go b/ecc/bls12-381/g1_test.go index ed7508150..026ba16ce 100644 --- a/ecc/bls12-381/g1_test.go +++ b/ecc/bls12-381/g1_test.go @@ -120,6 +120,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS12-381] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls12-381/g2.go b/ecc/bls12-381/g2.go index d3e315c5e..d1a72813e 100644 --- a/ecc/bls12-381/g2.go +++ b/ecc/bls12-381/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" ) @@ -220,6 +221,76 @@ func (p *G2Affine) IsInSubGroup() bool { return res.Equal(&img) } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls12-381/g2_test.go b/ecc/bls12-381/g2_test.go index bc517c632..6016c6445 100644 --- a/ecc/bls12-381/g2_test.go +++ b/ecc/bls12-381/g2_test.go @@ -134,6 +134,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS12-381] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls24-315/g1.go b/ecc/bls24-315/g1.go index 1927391c4..4081b22c4 100644 --- a/ecc/bls24-315/g1.go +++ b/ecc/bls24-315/g1.go @@ -6,12 +6,14 @@ package bls24315 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-315/fp" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls24-315/g1_test.go b/ecc/bls24-315/g1_test.go index d651b5738..fc8c5659b 100644 --- a/ecc/bls24-315/g1_test.go +++ b/ecc/bls24-315/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS24-315] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls24-315/g2.go b/ecc/bls24-315/g2.go index 0c63de104..af303d848 100644 --- a/ecc/bls24-315/g2.go +++ b/ecc/bls24-315/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) @@ -212,6 +213,76 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls24-315/g2_test.go b/ecc/bls24-315/g2_test.go index 28c358e46..38acf2b3f 100644 --- a/ecc/bls24-315/g2_test.go +++ b/ecc/bls24-315/g2_test.go @@ -125,6 +125,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS24-315] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls24-317/g1.go b/ecc/bls24-317/g1.go index e16a9761b..e64c7ba36 100644 --- a/ecc/bls24-317/g1.go +++ b/ecc/bls24-317/g1.go @@ -6,12 +6,14 @@ package bls24317 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-317/fp" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls24-317/g1_test.go b/ecc/bls24-317/g1_test.go index e4e552f8b..771985aa0 100644 --- a/ecc/bls24-317/g1_test.go +++ b/ecc/bls24-317/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS24-317] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bls24-317/g2.go b/ecc/bls24-317/g2.go index 4a04094f3..8fd7a7a90 100644 --- a/ecc/bls24-317/g2.go +++ b/ecc/bls24-317/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) @@ -212,6 +213,76 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bls24-317/g2_test.go b/ecc/bls24-317/g2_test.go index cfcb4e4f5..8ff209bbc 100644 --- a/ecc/bls24-317/g2_test.go +++ b/ecc/bls24-317/g2_test.go @@ -125,6 +125,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BLS24-317] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bn254/g1.go b/ecc/bn254/g1.go index 06d54ff64..bf0249a8f 100644 --- a/ecc/bn254/g1.go +++ b/ecc/bn254/g1.go @@ -6,12 +6,14 @@ package bn254 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bn254/fp" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -204,6 +206,76 @@ func (p *G1Affine) IsInSubGroup() bool { return p.IsOnCurve() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bn254/g1_test.go b/ecc/bn254/g1_test.go index b62a7eb6b..52466cbce 100644 --- a/ecc/bn254/g1_test.go +++ b/ecc/bn254/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BN254] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bn254/g2.go b/ecc/bn254/g2.go index c656b5c2c..73210a0ec 100644 --- a/ecc/bn254/g2.go +++ b/ecc/bn254/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) @@ -225,6 +226,76 @@ func (p *G2Affine) IsInSubGroup() bool { return res.Equal(&c) } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bn254/g2_test.go b/ecc/bn254/g2_test.go index 79767d49f..f564d746f 100644 --- a/ecc/bn254/g2_test.go +++ b/ecc/bn254/g2_test.go @@ -131,6 +131,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BN254] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bw6-633/g1.go b/ecc/bw6-633/g1.go index 4c81ec4de..d376e9bba 100644 --- a/ecc/bw6-633/g1.go +++ b/ecc/bw6-633/g1.go @@ -6,12 +6,14 @@ package bw6633 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bw6-633/g1_test.go b/ecc/bw6-633/g1_test.go index 2ca78bb3f..ec26107e3 100644 --- a/ecc/bw6-633/g1_test.go +++ b/ecc/bw6-633/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BW6-633] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bw6-633/g2.go b/ecc/bw6-633/g2.go index 552552cd7..f5386d650 100644 --- a/ecc/bw6-633/g2.go +++ b/ecc/bw6-633/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) @@ -212,6 +213,76 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bw6-633/g2_test.go b/ecc/bw6-633/g2_test.go index d061f19b8..bf2222658 100644 --- a/ecc/bw6-633/g2_test.go +++ b/ecc/bw6-633/g2_test.go @@ -111,6 +111,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BW6-633] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bw6-761/g1.go b/ecc/bw6-761/g1.go index db3f86389..c5c0ebb8d 100644 --- a/ecc/bw6-761/g1.go +++ b/ecc/bw6-761/g1.go @@ -6,12 +6,14 @@ package bw6761 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bw6-761/g1_test.go b/ecc/bw6-761/g1_test.go index d84f69575..073f9a44f 100644 --- a/ecc/bw6-761/g1_test.go +++ b/ecc/bw6-761/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BW6-761] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/bw6-761/g2.go b/ecc/bw6-761/g2.go index cd732cd35..4366a5bb7 100644 --- a/ecc/bw6-761/g2.go +++ b/ecc/bw6-761/g2.go @@ -13,6 +13,7 @@ import ( "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) @@ -212,6 +213,76 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG2(points []G2Affine) bool { + if len(points) < 160 { + return isInSubGroupBatchG2Naive(points) + } else { + return isInSubGroupBatchG2Prob(points) + } +} + +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG2Naive(points []G2Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG2Prob probabilistically checks if a batch of points P_i are in +// G2. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG2Prob(points []G2Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g2JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G2Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/bw6-761/g2_test.go b/ecc/bw6-761/g2_test.go index 8c7b5106e..e9ba80695 100644 --- a/ecc/bw6-761/g2_test.go +++ b/ecc/bw6-761/g2_test.go @@ -111,6 +111,41 @@ func TestIsOnG2(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG2(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[BW6-761] IsInSubGroupBatchG2 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG2(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG2Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/grumpkin/g1.go b/ecc/grumpkin/g1.go index ea8e99505..c43460584 100644 --- a/ecc/grumpkin/g1.go +++ b/ecc/grumpkin/g1.go @@ -6,12 +6,14 @@ package grumpkin import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/grumpkin/fp" "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/grumpkin/g1_test.go b/ecc/grumpkin/g1_test.go index 43b163062..461c773af 100644 --- a/ecc/grumpkin/g1_test.go +++ b/ecc/grumpkin/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[GRUMPKIN] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/secp256k1/g1.go b/ecc/secp256k1/g1.go index a86a45d4e..b786fed23 100644 --- a/ecc/secp256k1/g1.go +++ b/ecc/secp256k1/g1.go @@ -6,12 +6,14 @@ package secp256k1 import ( + "crypto/rand" "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/secp256k1/fp" "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "runtime" + "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) @@ -206,6 +208,76 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatchG1(points []G1Affine) bool { + if len(points) < 80 { + return isInSubGroupBatchG1Naive(points) + } else { + return isInSubGroupBatchG1Prob(points) + } +} + +// isInSubGroupBatchG1Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatchG1Naive(points []G1Affine) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatchG1Prob probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatchG1Prob(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/ecc/secp256k1/g1_test.go b/ecc/secp256k1/g1_test.go index 626697513..1a163638b 100644 --- a/ecc/secp256k1/g1_test.go +++ b/ecc/secp256k1/g1_test.go @@ -111,6 +111,41 @@ func TestIsOnG1(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatchG1(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[SECP256K1] IsInSubGroupBatchG1 test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + return IsInSubGroupBatchG1(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func TestG1Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() diff --git a/ecc/stark-curve/g1.go b/ecc/stark-curve/g1.go index 2943d9f88..71edbe002 100644 --- a/ecc/stark-curve/g1.go +++ b/ecc/stark-curve/g1.go @@ -6,7 +6,9 @@ package starkcurve import ( + "crypto/rand" "math/big" + "sync/atomic" "github.com/consensys/gnark-crypto/ecc/stark-curve/fp" "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" @@ -139,6 +141,49 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } +// IsInSubGroupBatchG1 probabilistically checks if a batch of points P_i are in +// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func IsInSubGroupBatchG1(points []G1Affine) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum g1JacExtended + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p G1Jac + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} + // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/internal/generator/ecc/template/point.go.tmpl b/internal/generator/ecc/template/point.go.tmpl index df791eb4f..83c6fd5ca 100644 --- a/internal/generator/ecc/template/point.go.tmpl +++ b/internal/generator/ecc/template/point.go.tmpl @@ -6,11 +6,11 @@ import ( - {{- if eq .PointName "g2"}} "crypto/rand" - {{- end}} "math/big" "runtime" + "sync/atomic" + {{- if .GLV}} "github.com/consensys/gnark-crypto/ecc" @@ -290,6 +290,79 @@ func (p *{{ $TAffine }}) IsInSubGroup() bool { {{- end}} } +// IsInSubGroupBatch{{ toUpper .PointName}} checks if a batch of points P_i are in G1. +// It uses a deterministic naive method for batch size < 80 and a probabilistic +// method otherwise. +func IsInSubGroupBatch{{ toUpper .PointName}}(points []{{ $TAffine }}) bool { + {{- if eq .PointName "g1"}} + if len(points) < 80 { + {{- else if eq .PointName "g2"}} + if len(points) < 160 { + {{- end}} + return isInSubGroupBatch{{ toUpper .PointName}}Naive(points) + } else { + return isInSubGroupBatch{{ toUpper .PointName}}Prob(points) + } +} + +// isInSubGroupBatch{{ toUpper .PointName}}Naive checks if a batch of points P_i are in G1. +// This is a naive method that checks each point individually using +// IsInSubGroup method. +func isInSubGroupBatch{{ toUpper .PointName}}Naive(points []{{ $TAffine }}) bool { + var nbErrors int64 + parallel.Execute(len(points), func(start, end int) { + for i := start; i < end; i++ { + if !points[i].IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + }) + return nbErrors == 0 +} + +// isInSubGroupBatch{{ toUpper .PointName}}Prob probabilistically checks if a batch of points P_i are in +// {{ toUpper .PointName}}. It generates random scalars s_i in the range {0,1}, performs 64 MSM +// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using +// IsInSubGroup method. The error probability is < 1/2^64. +func isInSubGroupBatch{{ toUpper .PointName}}Prob(points []{{ $TAffine }}) bool { + var nbErrors int64 + const windowSize = 64 + parallel.Execute(windowSize, func(start, end int) { + + var br [windowSize / 8]byte + + // Check Sj are on E[r] + for i := start; i < end; i++ { + var sum {{ $TJacobianExtended }} + for j := range len(points) { + pos := j % windowSize + if pos == 0 { + // re sample the random bytes every windowSize points + // as per the doc: + // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. + rand.Read(br[:]) + } + // check if the bit is set + if br[pos/8]&(1<<(pos%8)) != 0 { + // add the point to the sum + sum.addMixed(&points[j]) + } + } + + var p {{ $TJacobian }} + p.fromJacExtended(&sum) + if !p.IsInSubGroup() { + atomic.AddInt64(&nbErrors, 1) + return + } + } + + }) + + return nbErrors == 0 + +} // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/internal/generator/ecc/template/tests/point.go.tmpl b/internal/generator/ecc/template/tests/point.go.tmpl index 58fdf55e8..803a9ca29 100644 --- a/internal/generator/ecc/template/tests/point.go.tmpl +++ b/internal/generator/ecc/template/tests/point.go.tmpl @@ -28,9 +28,10 @@ import ( "github.com/consensys/gnark-crypto/ecc/{{.Name}}/fp" {{end}} "github.com/consensys/gnark-crypto/ecc/{{.Name}}/fr" - {{if eq .Name "bls12-381"}} + {{if eq .Name "bls12-381"}} "github.com/consensys/gnark-crypto/ecc/{{.Name}}/hash_to_curve" - {{ end }} + {{end}} + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) @@ -163,6 +164,41 @@ func TestIsOn{{ toUpper .PointName }}(t *testing.T) { properties.TestingRun(t, gopter.ConsoleReporter(false)) } +func TestIsInSubGroupBatch{{ toUpper .PointName}}(t *testing.T) { + t.Parallel() + parameters := gopter.DefaultTestParameters() + if testing.Short() { + parameters.MinSuccessfulTests = 1 + } else { + parameters.MinSuccessfulTests = 100 + } + + properties := gopter.NewProperties(parameters) + + // number of points to test + const nbSamples = 100 + + properties.Property("[{{ toUpper .Name }}] IsInSubGroupBatch{{ toUpper .PointName}} test should pass with high probability", prop.ForAll( + func(mixer fr.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in {{ toUpper .PointName}} + result := BatchScalarMultiplication{{ toUpper .PointName}}(&{{.PointName}}GenAff, sampleScalars[:]) + + return IsInSubGroupBatch{{ toUpper .PointName}}(result) + }, + GenFr(), + )) + + properties.TestingRun(t, gopter.ConsoleReporter(false)) +} + func Test{{ toUpper .PointName }}Conversions(t *testing.T) { t.Parallel() From 5071a2f3f431dad1041c76660c0e64d383b5d0b3 Mon Sep 17 00:00:00 2001 From: Youssef El Housni Date: Thu, 17 Jul 2025 15:07:07 -0400 Subject: [PATCH 2/7] fix: ai review --- ecc/bls12-377/g1.go | 2 +- ecc/bls12-377/g2.go | 6 +-- ecc/bls12-381/g1.go | 2 +- ecc/bls12-381/g2.go | 6 +-- ecc/bls24-315/g1.go | 2 +- ecc/bls24-315/g2.go | 6 +-- ecc/bls24-317/g1.go | 2 +- ecc/bls24-317/g2.go | 6 +-- ecc/bn254/g1.go | 2 +- ecc/bn254/g2.go | 6 +-- ecc/bw6-633/g1.go | 2 +- ecc/bw6-633/g2.go | 6 +-- ecc/bw6-761/g1.go | 2 +- ecc/bw6-761/g2.go | 6 +-- ecc/grumpkin/g1.go | 2 +- ecc/secp256k1/g1.go | 2 +- ecc/stark-curve/g1.go | 45 ------------------- internal/generator/ecc/template/point.go.tmpl | 6 +-- 18 files changed, 33 insertions(+), 78 deletions(-) diff --git a/ecc/bls12-377/g1.go b/ecc/bls12-377/g1.go index 6e1383c43..ae6af0b6e 100644 --- a/ecc/bls12-377/g1.go +++ b/ecc/bls12-377/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls12-377/g2.go b/ecc/bls12-377/g2.go index d5b9f0be6..fc9d6176c 100644 --- a/ecc/bls12-377/g2.go +++ b/ecc/bls12-377/g2.go @@ -213,7 +213,7 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -224,7 +224,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -254,7 +254,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls12-381/g1.go b/ecc/bls12-381/g1.go index 7d8876177..ffffe9ed4 100644 --- a/ecc/bls12-381/g1.go +++ b/ecc/bls12-381/g1.go @@ -258,7 +258,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls12-381/g2.go b/ecc/bls12-381/g2.go index d1a72813e..435bbd21a 100644 --- a/ecc/bls12-381/g2.go +++ b/ecc/bls12-381/g2.go @@ -221,7 +221,7 @@ func (p *G2Affine) IsInSubGroup() bool { return res.Equal(&img) } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -232,7 +232,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -262,7 +262,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls24-315/g1.go b/ecc/bls24-315/g1.go index 4081b22c4..05805e903 100644 --- a/ecc/bls24-315/g1.go +++ b/ecc/bls24-315/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls24-315/g2.go b/ecc/bls24-315/g2.go index af303d848..e3867c4a8 100644 --- a/ecc/bls24-315/g2.go +++ b/ecc/bls24-315/g2.go @@ -213,7 +213,7 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -224,7 +224,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -254,7 +254,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls24-317/g1.go b/ecc/bls24-317/g1.go index e64c7ba36..85ead352e 100644 --- a/ecc/bls24-317/g1.go +++ b/ecc/bls24-317/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bls24-317/g2.go b/ecc/bls24-317/g2.go index 8fd7a7a90..7a27e58e8 100644 --- a/ecc/bls24-317/g2.go +++ b/ecc/bls24-317/g2.go @@ -213,7 +213,7 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -224,7 +224,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -254,7 +254,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bn254/g1.go b/ecc/bn254/g1.go index bf0249a8f..30dae6c97 100644 --- a/ecc/bn254/g1.go +++ b/ecc/bn254/g1.go @@ -247,7 +247,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bn254/g2.go b/ecc/bn254/g2.go index 73210a0ec..2779af0aa 100644 --- a/ecc/bn254/g2.go +++ b/ecc/bn254/g2.go @@ -226,7 +226,7 @@ func (p *G2Affine) IsInSubGroup() bool { return res.Equal(&c) } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -237,7 +237,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -267,7 +267,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bw6-633/g1.go b/ecc/bw6-633/g1.go index d376e9bba..a0130fc71 100644 --- a/ecc/bw6-633/g1.go +++ b/ecc/bw6-633/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bw6-633/g2.go b/ecc/bw6-633/g2.go index f5386d650..12effa8c5 100644 --- a/ecc/bw6-633/g2.go +++ b/ecc/bw6-633/g2.go @@ -213,7 +213,7 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -224,7 +224,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -254,7 +254,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bw6-761/g1.go b/ecc/bw6-761/g1.go index c5c0ebb8d..97be7a7a6 100644 --- a/ecc/bw6-761/g1.go +++ b/ecc/bw6-761/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/bw6-761/g2.go b/ecc/bw6-761/g2.go index 4366a5bb7..ce4f3a249 100644 --- a/ecc/bw6-761/g2.go +++ b/ecc/bw6-761/g2.go @@ -213,7 +213,7 @@ func (p *G2Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } -// IsInSubGroupBatchG2 checks if a batch of points P_i are in G1. +// IsInSubGroupBatchG2 checks if a batch of points P_i are in G2. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatchG2(points []G2Affine) bool { @@ -224,7 +224,7 @@ func IsInSubGroupBatchG2(points []G2Affine) bool { } } -// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatchG2Naive checks if a batch of points P_i are in G2. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatchG2Naive(points []G2Affine) bool { @@ -254,7 +254,7 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g2JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/grumpkin/g1.go b/ecc/grumpkin/g1.go index c43460584..bf8071674 100644 --- a/ecc/grumpkin/g1.go +++ b/ecc/grumpkin/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/secp256k1/g1.go b/ecc/secp256k1/g1.go index b786fed23..691185bb4 100644 --- a/ecc/secp256k1/g1.go +++ b/ecc/secp256k1/g1.go @@ -249,7 +249,7 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { // Check Sj are on E[r] for i := start; i < end; i++ { var sum g1JacExtended - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points diff --git a/ecc/stark-curve/g1.go b/ecc/stark-curve/g1.go index 71edbe002..2943d9f88 100644 --- a/ecc/stark-curve/g1.go +++ b/ecc/stark-curve/g1.go @@ -6,9 +6,7 @@ package starkcurve import ( - "crypto/rand" "math/big" - "sync/atomic" "github.com/consensys/gnark-crypto/ecc/stark-curve/fp" "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" @@ -141,49 +139,6 @@ func (p *G1Affine) IsInSubGroup() bool { return _p.IsInSubGroup() } -// IsInSubGroupBatchG1 probabilistically checks if a batch of points P_i are in -// G1. It generates random scalars s_i in the range {0,1}, performs 64 MSM -// Sj=∑[s_i]P_i of sizes N=len(points) and checks if Sj are on E[r] using -// IsInSubGroup method. The error probability is < 1/2^64. -func IsInSubGroupBatchG1(points []G1Affine) bool { - var nbErrors int64 - const windowSize = 64 - parallel.Execute(windowSize, func(start, end int) { - - var br [windowSize / 8]byte - - // Check Sj are on E[r] - for i := start; i < end; i++ { - var sum g1JacExtended - for j := range len(points) { - pos := j % windowSize - if pos == 0 { - // re sample the random bytes every windowSize points - // as per the doc: - // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) - } - // check if the bit is set - if br[pos/8]&(1<<(pos%8)) != 0 { - // add the point to the sum - sum.addMixed(&points[j]) - } - } - - var p G1Jac - p.fromJacExtended(&sum) - if !p.IsInSubGroup() { - atomic.AddInt64(&nbErrors, 1) - return - } - } - - }) - - return nbErrors == 0 - -} - // ------------------------------------------------------------------------------------------------- // Jacobian coordinates diff --git a/internal/generator/ecc/template/point.go.tmpl b/internal/generator/ecc/template/point.go.tmpl index 83c6fd5ca..7e4b6316f 100644 --- a/internal/generator/ecc/template/point.go.tmpl +++ b/internal/generator/ecc/template/point.go.tmpl @@ -290,7 +290,7 @@ func (p *{{ $TAffine }}) IsInSubGroup() bool { {{- end}} } -// IsInSubGroupBatch{{ toUpper .PointName}} checks if a batch of points P_i are in G1. +// IsInSubGroupBatch{{ toUpper .PointName}} checks if a batch of points P_i are in {{ toUpper .PointName}}. // It uses a deterministic naive method for batch size < 80 and a probabilistic // method otherwise. func IsInSubGroupBatch{{ toUpper .PointName}}(points []{{ $TAffine }}) bool { @@ -305,7 +305,7 @@ func IsInSubGroupBatch{{ toUpper .PointName}}(points []{{ $TAffine }}) bool { } } -// isInSubGroupBatch{{ toUpper .PointName}}Naive checks if a batch of points P_i are in G1. +// isInSubGroupBatch{{ toUpper .PointName}}Naive checks if a batch of points P_i are in {{ toUpper .PointName}}. // This is a naive method that checks each point individually using // IsInSubGroup method. func isInSubGroupBatch{{ toUpper .PointName}}Naive(points []{{ $TAffine }}) bool { @@ -335,7 +335,7 @@ func isInSubGroupBatch{{ toUpper .PointName}}Prob(points []{{ $TAffine }}) bool // Check Sj are on E[r] for i := start; i < end; i++ { var sum {{ $TJacobianExtended }} - for j := range len(points) { + for j := 0; j < len(points); j++ { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points From 9287fc38e6ff4826c3411c9d6d3c58a72550c923 Mon Sep 17 00:00:00 2001 From: Tabaie Date: Thu, 23 Oct 2025 16:17:28 -0500 Subject: [PATCH 3/7] style: sort imports --- ecc/bls12-377/ecdsa/ecdsa.go | 2 +- ecc/bls12-377/ecdsa/ecdsa_test.go | 3 ++- ecc/bls12-377/ecdsa/marshal.go | 3 ++- ecc/bls12-377/fflonk/marshal.go | 2 +- ecc/bls12-377/fp/vector_test.go | 3 ++- ecc/bls12-377/fr/fft/fft.go | 5 +++-- ecc/bls12-377/fr/iop/expressions.go | 3 ++- ecc/bls12-377/fr/pedersen/pedersen.go | 5 +++-- ecc/bls12-377/fr/permutation/permutation.go | 2 +- ecc/bls12-377/fr/polynomial/multilin.go | 3 ++- ecc/bls12-377/fr/polynomial/multilin_test.go | 3 ++- ecc/bls12-377/fr/polynomial/polynomial.go | 5 +++-- ecc/bls12-377/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bls12-377/fr/polynomial/pool.go | 3 ++- ecc/bls12-377/fr/poseidon2/hash.go | 5 +++-- ecc/bls12-377/fr/sis/sis_fft.go | 3 ++- ecc/bls12-377/fr/vector_test.go | 3 ++- ecc/bls12-377/g1.go | 7 ++++--- ecc/bls12-377/g2.go | 7 ++++--- ecc/bls12-377/hash_to_curve/g1_test.go | 3 ++- ecc/bls12-377/hash_to_curve/g2_test.go | 3 ++- ecc/bls12-377/hash_to_g1_test.go | 5 +++-- ecc/bls12-377/hash_to_g2_test.go | 7 ++++--- ecc/bls12-377/internal/fptower/e12.go | 5 +++-- ecc/bls12-377/internal/fptower/e2.go | 3 ++- ecc/bls12-377/kzg/kzg.go | 4 ++-- ecc/bls12-377/kzg/kzg_test.go | 5 +++-- ecc/bls12-377/kzg/marshal.go | 3 ++- ecc/bls12-377/kzg/mpcsetup.go | 5 +++-- ecc/bls12-377/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bls12-377/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bls12-377/multiexp.go | 5 +++-- ecc/bls12-377/shplonk/marshal.go | 2 +- ecc/bls12-377/shplonk/shplonk.go | 2 +- ecc/bls12-377/shplonk/shplonk_test.go | 2 +- ecc/bls12-377/twistededwards/eddsa/marshal.go | 5 +++-- ecc/bls12-381/bandersnatch/eddsa/marshal.go | 5 +++-- ecc/bls12-381/ecdsa/ecdsa.go | 2 +- ecc/bls12-381/ecdsa/ecdsa_test.go | 3 ++- ecc/bls12-381/ecdsa/marshal.go | 3 ++- ecc/bls12-381/fflonk/marshal.go | 2 +- ecc/bls12-381/fp/vector_test.go | 3 ++- ecc/bls12-381/fr/fft/fft.go | 5 +++-- ecc/bls12-381/fr/iop/expressions.go | 3 ++- ecc/bls12-381/fr/pedersen/pedersen.go | 5 +++-- ecc/bls12-381/fr/permutation/permutation.go | 2 +- ecc/bls12-381/fr/polynomial/multilin.go | 3 ++- ecc/bls12-381/fr/polynomial/multilin_test.go | 3 ++- ecc/bls12-381/fr/polynomial/polynomial.go | 5 +++-- ecc/bls12-381/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bls12-381/fr/polynomial/pool.go | 3 ++- ecc/bls12-381/fr/poseidon2/hash.go | 5 +++-- ecc/bls12-381/fr/vector_test.go | 3 ++- ecc/bls12-381/g1.go | 7 ++++--- ecc/bls12-381/g2.go | 7 ++++--- ecc/bls12-381/hash_to_curve/g1_test.go | 3 ++- ecc/bls12-381/hash_to_curve/g2_test.go | 3 ++- ecc/bls12-381/hash_to_g1_test.go | 5 +++-- ecc/bls12-381/hash_to_g2_test.go | 7 ++++--- ecc/bls12-381/internal/fptower/e12.go | 5 +++-- ecc/bls12-381/internal/fptower/e2.go | 3 ++- ecc/bls12-381/kzg/kzg.go | 4 ++-- ecc/bls12-381/kzg/kzg_test.go | 5 +++-- ecc/bls12-381/kzg/marshal.go | 3 ++- ecc/bls12-381/kzg/mpcsetup.go | 5 +++-- ecc/bls12-381/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bls12-381/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bls12-381/multiexp.go | 5 +++-- ecc/bls12-381/shplonk/marshal.go | 2 +- ecc/bls12-381/shplonk/shplonk.go | 2 +- ecc/bls12-381/shplonk/shplonk_test.go | 2 +- ecc/bls12-381/twistededwards/eddsa/marshal.go | 5 +++-- ecc/bls24-315/ecdsa/ecdsa.go | 2 +- ecc/bls24-315/ecdsa/ecdsa_test.go | 3 ++- ecc/bls24-315/ecdsa/marshal.go | 3 ++- ecc/bls24-315/fflonk/marshal.go | 2 +- ecc/bls24-315/fp/vector_test.go | 3 ++- ecc/bls24-315/fr/fft/fft.go | 5 +++-- ecc/bls24-315/fr/iop/expressions.go | 3 ++- ecc/bls24-315/fr/pedersen/pedersen.go | 5 +++-- ecc/bls24-315/fr/permutation/permutation.go | 2 +- ecc/bls24-315/fr/polynomial/multilin.go | 3 ++- ecc/bls24-315/fr/polynomial/multilin_test.go | 3 ++- ecc/bls24-315/fr/polynomial/polynomial.go | 5 +++-- ecc/bls24-315/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bls24-315/fr/polynomial/pool.go | 3 ++- ecc/bls24-315/fr/poseidon2/hash.go | 5 +++-- ecc/bls24-315/fr/vector_test.go | 3 ++- ecc/bls24-315/g1.go | 7 ++++--- ecc/bls24-315/g2.go | 7 ++++--- ecc/bls24-315/hash_to_curve/g1_test.go | 3 ++- ecc/bls24-315/hash_to_g1_test.go | 5 +++-- ecc/bls24-315/kzg/kzg.go | 4 ++-- ecc/bls24-315/kzg/kzg_test.go | 5 +++-- ecc/bls24-315/kzg/marshal.go | 3 ++- ecc/bls24-315/kzg/mpcsetup.go | 5 +++-- ecc/bls24-315/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bls24-315/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bls24-315/multiexp.go | 5 +++-- ecc/bls24-315/shplonk/marshal.go | 2 +- ecc/bls24-315/shplonk/shplonk.go | 2 +- ecc/bls24-315/shplonk/shplonk_test.go | 2 +- ecc/bls24-315/twistededwards/eddsa/marshal.go | 5 +++-- ecc/bls24-317/ecdsa/ecdsa.go | 2 +- ecc/bls24-317/ecdsa/ecdsa_test.go | 3 ++- ecc/bls24-317/ecdsa/marshal.go | 3 ++- ecc/bls24-317/fflonk/marshal.go | 2 +- ecc/bls24-317/fp/vector_test.go | 3 ++- ecc/bls24-317/fr/fft/fft.go | 5 +++-- ecc/bls24-317/fr/iop/expressions.go | 3 ++- ecc/bls24-317/fr/pedersen/pedersen.go | 5 +++-- ecc/bls24-317/fr/permutation/permutation.go | 2 +- ecc/bls24-317/fr/polynomial/multilin.go | 3 ++- ecc/bls24-317/fr/polynomial/multilin_test.go | 3 ++- ecc/bls24-317/fr/polynomial/polynomial.go | 5 +++-- ecc/bls24-317/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bls24-317/fr/polynomial/pool.go | 3 ++- ecc/bls24-317/fr/poseidon2/hash.go | 5 +++-- ecc/bls24-317/fr/vector_test.go | 3 ++- ecc/bls24-317/g1.go | 7 ++++--- ecc/bls24-317/g2.go | 7 ++++--- ecc/bls24-317/hash_to_curve/g1_test.go | 3 ++- ecc/bls24-317/hash_to_g1_test.go | 5 +++-- ecc/bls24-317/kzg/kzg.go | 4 ++-- ecc/bls24-317/kzg/kzg_test.go | 5 +++-- ecc/bls24-317/kzg/marshal.go | 3 ++- ecc/bls24-317/kzg/mpcsetup.go | 5 +++-- ecc/bls24-317/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bls24-317/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bls24-317/multiexp.go | 5 +++-- ecc/bls24-317/shplonk/marshal.go | 2 +- ecc/bls24-317/shplonk/shplonk.go | 2 +- ecc/bls24-317/shplonk/shplonk_test.go | 2 +- ecc/bls24-317/twistededwards/eddsa/marshal.go | 5 +++-- ecc/bn254/ecdsa/ecdsa_test.go | 3 ++- ecc/bn254/ecdsa/marshal.go | 3 ++- ecc/bn254/fp/vector_test.go | 3 ++- ecc/bn254/fr/fft/fft.go | 5 +++-- ecc/bn254/fr/iop/expressions.go | 3 ++- ecc/bn254/fr/pedersen/pedersen.go | 5 +++-- ecc/bn254/fr/polynomial/multilin.go | 3 ++- ecc/bn254/fr/polynomial/multilin_test.go | 3 ++- ecc/bn254/fr/polynomial/polynomial.go | 5 +++-- ecc/bn254/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bn254/fr/polynomial/pool.go | 3 ++- ecc/bn254/fr/poseidon2/hash.go | 5 +++-- ecc/bn254/fr/vector_test.go | 3 ++- ecc/bn254/g1.go | 7 ++++--- ecc/bn254/g2.go | 7 ++++--- ecc/bn254/hash_to_g1_test.go | 5 +++-- ecc/bn254/hash_to_g2_test.go | 7 ++++--- ecc/bn254/internal/fptower/e12.go | 5 +++-- ecc/bn254/internal/fptower/e2.go | 3 ++- ecc/bn254/kzg/kzg.go | 2 +- ecc/bn254/kzg/kzg_test.go | 5 +++-- ecc/bn254/kzg/marshal.go | 3 ++- ecc/bn254/kzg/mpcsetup.go | 5 +++-- ecc/bn254/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bn254/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bn254/multiexp.go | 5 +++-- ecc/bn254/twistededwards/eddsa/marshal.go | 5 +++-- ecc/bw6-633/ecdsa/ecdsa.go | 2 +- ecc/bw6-633/ecdsa/ecdsa_test.go | 3 ++- ecc/bw6-633/ecdsa/marshal.go | 3 ++- ecc/bw6-633/fflonk/marshal.go | 2 +- ecc/bw6-633/fp/vector_test.go | 3 ++- ecc/bw6-633/fr/fft/fft.go | 5 +++-- ecc/bw6-633/fr/iop/expressions.go | 3 ++- ecc/bw6-633/fr/pedersen/pedersen.go | 5 +++-- ecc/bw6-633/fr/permutation/permutation.go | 2 +- ecc/bw6-633/fr/polynomial/multilin.go | 3 ++- ecc/bw6-633/fr/polynomial/multilin_test.go | 3 ++- ecc/bw6-633/fr/polynomial/polynomial.go | 5 +++-- ecc/bw6-633/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bw6-633/fr/polynomial/pool.go | 3 ++- ecc/bw6-633/fr/poseidon2/hash.go | 5 +++-- ecc/bw6-633/fr/vector_test.go | 3 ++- ecc/bw6-633/g1.go | 7 ++++--- ecc/bw6-633/g2.go | 7 ++++--- ecc/bw6-633/hash_to_curve/g1_test.go | 3 ++- ecc/bw6-633/hash_to_curve/g2_test.go | 3 ++- ecc/bw6-633/hash_to_g1_test.go | 5 +++-- ecc/bw6-633/hash_to_g2_test.go | 5 +++-- ecc/bw6-633/kzg/kzg.go | 4 ++-- ecc/bw6-633/kzg/kzg_test.go | 5 +++-- ecc/bw6-633/kzg/marshal.go | 3 ++- ecc/bw6-633/kzg/mpcsetup.go | 5 +++-- ecc/bw6-633/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bw6-633/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bw6-633/multiexp.go | 5 +++-- ecc/bw6-633/shplonk/marshal.go | 2 +- ecc/bw6-633/shplonk/shplonk.go | 2 +- ecc/bw6-633/shplonk/shplonk_test.go | 2 +- ecc/bw6-633/twistededwards/eddsa/marshal.go | 5 +++-- ecc/bw6-761/ecdsa/ecdsa.go | 2 +- ecc/bw6-761/ecdsa/ecdsa_test.go | 3 ++- ecc/bw6-761/ecdsa/marshal.go | 3 ++- ecc/bw6-761/fflonk/marshal.go | 2 +- ecc/bw6-761/fp/vector_test.go | 3 ++- ecc/bw6-761/fr/fft/fft.go | 5 +++-- ecc/bw6-761/fr/iop/expressions.go | 3 ++- ecc/bw6-761/fr/pedersen/pedersen.go | 5 +++-- ecc/bw6-761/fr/permutation/permutation.go | 2 +- ecc/bw6-761/fr/polynomial/multilin.go | 3 ++- ecc/bw6-761/fr/polynomial/multilin_test.go | 3 ++- ecc/bw6-761/fr/polynomial/polynomial.go | 5 +++-- ecc/bw6-761/fr/polynomial/polynomial_test.go | 5 +++-- ecc/bw6-761/fr/polynomial/pool.go | 3 ++- ecc/bw6-761/fr/poseidon2/hash.go | 5 +++-- ecc/bw6-761/fr/vector_test.go | 3 ++- ecc/bw6-761/g1.go | 7 ++++--- ecc/bw6-761/g2.go | 7 ++++--- ecc/bw6-761/hash_to_curve/g1_test.go | 3 ++- ecc/bw6-761/hash_to_curve/g2_test.go | 3 ++- ecc/bw6-761/hash_to_g1_test.go | 5 +++-- ecc/bw6-761/hash_to_g2_test.go | 5 +++-- ecc/bw6-761/kzg/kzg.go | 4 ++-- ecc/bw6-761/kzg/kzg_test.go | 5 +++-- ecc/bw6-761/kzg/marshal.go | 3 ++- ecc/bw6-761/kzg/mpcsetup.go | 5 +++-- ecc/bw6-761/mpcsetup/mpcsetup.go | 7 ++++--- ecc/bw6-761/mpcsetup/mpcsetup_test.go | 5 +++-- ecc/bw6-761/multiexp.go | 5 +++-- ecc/bw6-761/shplonk/marshal.go | 2 +- ecc/bw6-761/shplonk/shplonk.go | 2 +- ecc/bw6-761/shplonk/shplonk_test.go | 2 +- ecc/bw6-761/twistededwards/eddsa/marshal.go | 5 +++-- ecc/grumpkin/ecdsa/ecdsa_test.go | 3 ++- ecc/grumpkin/ecdsa/marshal.go | 3 ++- ecc/grumpkin/fp/vector_test.go | 3 ++- ecc/grumpkin/fr/polynomial/multilin.go | 3 ++- ecc/grumpkin/fr/polynomial/multilin_test.go | 3 ++- ecc/grumpkin/fr/polynomial/polynomial.go | 5 +++-- ecc/grumpkin/fr/polynomial/polynomial_test.go | 5 +++-- ecc/grumpkin/fr/polynomial/pool.go | 3 ++- ecc/grumpkin/fr/poseidon2/hash.go | 5 +++-- ecc/grumpkin/fr/vector_test.go | 3 ++- ecc/grumpkin/g1.go | 7 ++++--- ecc/grumpkin/hash_to_g1_test.go | 5 +++-- ecc/grumpkin/multiexp.go | 5 +++-- ecc/secp256k1/ecdsa/ecdsa_test.go | 3 ++- ecc/secp256k1/ecdsa/marshal.go | 3 ++- ecc/secp256k1/fp/vector_test.go | 3 ++- ecc/secp256k1/fr/vector_test.go | 3 ++- ecc/secp256k1/g1.go | 7 ++++--- ecc/secp256k1/hash_to_g1_test.go | 5 +++-- ecc/secp256k1/multiexp.go | 5 +++-- ecc/stark-curve/ecdsa/ecdsa.go | 2 +- ecc/stark-curve/ecdsa/ecdsa_test.go | 3 ++- ecc/stark-curve/ecdsa/marshal.go | 4 ++-- ecc/stark-curve/fp/vector_test.go | 3 ++- ecc/stark-curve/fr/vector_test.go | 3 ++- field/babybear/fft/fft.go | 5 +++-- field/babybear/fft/fft_test.go | 3 ++- field/babybear/fft/fftext_test.go | 3 ++- field/babybear/poseidon2/hash.go | 5 +++-- field/babybear/sis/sis_test.go | 3 ++- field/babybear/vector_test.go | 3 ++- field/goldilocks/fft/fft.go | 5 +++-- field/goldilocks/poseidon2/hash.go | 5 +++-- field/goldilocks/vector_test.go | 3 ++- field/koalabear/fft/fft.go | 5 +++-- field/koalabear/fft/fft_test.go | 3 ++- field/koalabear/fft/fftext_test.go | 3 ++- field/koalabear/poseidon2/hash.go | 5 +++-- field/koalabear/sis/sis_test.go | 3 ++- field/koalabear/vector_test.go | 3 ++- internal/generator/hash_to_field/generate.go | 3 ++- internal/generator/mpcsetup/generate.go | 3 ++- internal/generator/polynomial/generate.go | 3 ++- 270 files changed, 650 insertions(+), 425 deletions(-) diff --git a/ecc/bls12-377/ecdsa/ecdsa.go b/ecc/bls12-377/ecdsa/ecdsa.go index cf6510d50..c80a14058 100644 --- a/ecc/bls12-377/ecdsa/ecdsa.go +++ b/ecc/bls12-377/ecdsa/ecdsa.go @@ -15,7 +15,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/bls12-377/ecdsa/ecdsa_test.go b/ecc/bls12-377/ecdsa/ecdsa_test.go index 630c0fa00..481ac8a11 100644 --- a/ecc/bls12-377/ecdsa/ecdsa_test.go +++ b/ecc/bls12-377/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls12-377/ecdsa/marshal.go b/ecc/bls12-377/ecdsa/marshal.go index a7ab2f490..4f618f3e4 100644 --- a/ecc/bls12-377/ecdsa/marshal.go +++ b/ecc/bls12-377/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/bls12-377/fflonk/marshal.go b/ecc/bls12-377/fflonk/marshal.go index 4ce930609..85fb0846b 100644 --- a/ecc/bls12-377/fflonk/marshal.go +++ b/ecc/bls12-377/fflonk/marshal.go @@ -8,7 +8,7 @@ package fflonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" ) // ReadFrom decodes OpeningProof data from reader. diff --git a/ecc/bls12-377/fp/vector_test.go b/ecc/bls12-377/fp/vector_test.go index e92e47997..79dbd9e34 100644 --- a/ecc/bls12-377/fp/vector_test.go +++ b/ecc/bls12-377/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls12-377/fr/fft/fft.go b/ecc/bls12-377/fr/fft/fft.go index 17d02eac1..654d2246f 100644 --- a/ecc/bls12-377/fr/fft/fft.go +++ b/ecc/bls12-377/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" ) diff --git a/ecc/bls12-377/fr/iop/expressions.go b/ecc/bls12-377/fr/iop/expressions.go index 3dc9d8b21..9a0d30724 100644 --- a/ecc/bls12-377/fr/iop/expressions.go +++ b/ecc/bls12-377/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bls12-377/fr/pedersen/pedersen.go b/ecc/bls12-377/fr/pedersen/pedersen.go index fb1b41b90..b73db01e4 100644 --- a/ecc/bls12-377/fr/pedersen/pedersen.go +++ b/ecc/bls12-377/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bls12-377/fr/permutation/permutation.go b/ecc/bls12-377/fr/permutation/permutation.go index 46cc3d9f5..fdb0cd035 100644 --- a/ecc/bls12-377/fr/permutation/permutation.go +++ b/ecc/bls12-377/fr/permutation/permutation.go @@ -11,7 +11,7 @@ import ( "math/big" "math/bits" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr/fft" "github.com/consensys/gnark-crypto/ecc/bls12-377/kzg" diff --git a/ecc/bls12-377/fr/polynomial/multilin.go b/ecc/bls12-377/fr/polynomial/multilin.go index c1be573bb..c9f2de8e6 100644 --- a/ecc/bls12-377/fr/polynomial/multilin.go +++ b/ecc/bls12-377/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bls12-377/fr/polynomial/multilin_test.go b/ecc/bls12-377/fr/polynomial/multilin_test.go index 0273ed8e9..abe4f6400 100644 --- a/ecc/bls12-377/fr/polynomial/multilin_test.go +++ b/ecc/bls12-377/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bls12-377/fr/polynomial/polynomial.go b/ecc/bls12-377/fr/polynomial/polynomial.go index 8abb93044..44e3beee0 100644 --- a/ecc/bls12-377/fr/polynomial/polynomial.go +++ b/ecc/bls12-377/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bls12-377/fr/polynomial/polynomial_test.go b/ecc/bls12-377/fr/polynomial/polynomial_test.go index 33f528d93..8780cbda8 100644 --- a/ecc/bls12-377/fr/polynomial/polynomial_test.go +++ b/ecc/bls12-377/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bls12-377/fr/polynomial/pool.go b/ecc/bls12-377/fr/polynomial/pool.go index 37c598ee6..449054ec2 100644 --- a/ecc/bls12-377/fr/polynomial/pool.go +++ b/ecc/bls12-377/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" ) // Memory management for polynomials diff --git a/ecc/bls12-377/fr/poseidon2/hash.go b/ecc/bls12-377/fr/poseidon2/hash.go index 755c9c64d..631cd02da 100644 --- a/ecc/bls12-377/fr/poseidon2/hash.go +++ b/ecc/bls12-377/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bls12-377/fr/sis/sis_fft.go b/ecc/bls12-377/fr/sis/sis_fft.go index e7d86e8f2..6b41dd0e2 100644 --- a/ecc/bls12-377/fr/sis/sis_fft.go +++ b/ecc/bls12-377/fr/sis/sis_fft.go @@ -6,8 +6,9 @@ package sis import ( - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" ) // precomputeTwiddlesCoset precomputes twiddlesCoset from twiddles and coset table diff --git a/ecc/bls12-377/fr/vector_test.go b/ecc/bls12-377/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/bls12-377/fr/vector_test.go +++ b/ecc/bls12-377/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls12-377/g1.go b/ecc/bls12-377/g1.go index ae6af0b6e..c526e1a98 100644 --- a/ecc/bls12-377/g1.go +++ b/ecc/bls12-377/g1.go @@ -7,13 +7,14 @@ package bls12377 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls12-377/g2.go b/ecc/bls12-377/g2.go index fc9d6176c..ec7c2f349 100644 --- a/ecc/bls12-377/g2.go +++ b/ecc/bls12-377/g2.go @@ -7,13 +7,14 @@ package bls12377 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/ecc/bls12-377/internal/fptower" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls12-377/hash_to_curve/g1_test.go b/ecc/bls12-377/hash_to_curve/g1_test.go index 7a5d51cae..3f6af2322 100644 --- a/ecc/bls12-377/hash_to_curve/g1_test.go +++ b/ecc/bls12-377/hash_to_curve/g1_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenFp generates an Fp element diff --git a/ecc/bls12-377/hash_to_curve/g2_test.go b/ecc/bls12-377/hash_to_curve/g2_test.go index 6d106880c..d6dbdcfbc 100644 --- a/ecc/bls12-377/hash_to_curve/g2_test.go +++ b/ecc/bls12-377/hash_to_curve/g2_test.go @@ -6,11 +6,12 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/consensys/gnark-crypto/ecc/bls12-377/internal/fptower" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenE2 generates an fptower.E2 elmt diff --git a/ecc/bls12-377/hash_to_g1_test.go b/ecc/bls12-377/hash_to_g1_test.go index 804f71525..6628fdf58 100644 --- a/ecc/bls12-377/hash_to_g1_test.go +++ b/ecc/bls12-377/hash_to_g1_test.go @@ -8,11 +8,12 @@ package bls12377 import ( "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bls12-377/hash_to_g2_test.go b/ecc/bls12-377/hash_to_g2_test.go index b47ae8bb2..8e333fd4b 100644 --- a/ecc/bls12-377/hash_to_g2_test.go +++ b/ecc/bls12-377/hash_to_g2_test.go @@ -8,13 +8,14 @@ package bls12377 import ( "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" + "math/rand" + "strings" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-377/hash_to_curve" "github.com/consensys/gnark-crypto/ecc/bls12-377/internal/fptower" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "strings" - "testing" ) func TestHashToFpG2(t *testing.T) { diff --git a/ecc/bls12-377/internal/fptower/e12.go b/ecc/bls12-377/internal/fptower/e12.go index 14e111341..a2006fb98 100644 --- a/ecc/bls12-377/internal/fptower/e12.go +++ b/ecc/bls12-377/internal/fptower/e12.go @@ -7,11 +7,12 @@ package fptower import ( "errors" + "math/big" + "sync" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" - "math/big" - "sync" ) var bigIntPool = sync.Pool{ diff --git a/ecc/bls12-377/internal/fptower/e2.go b/ecc/bls12-377/internal/fptower/e2.go index e8793a0c7..26adbfe04 100644 --- a/ecc/bls12-377/internal/fptower/e2.go +++ b/ecc/bls12-377/internal/fptower/e2.go @@ -6,8 +6,9 @@ package fptower import ( - "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" ) // E2 is a degree two finite field extension of fp.Element diff --git a/ecc/bls12-377/kzg/kzg.go b/ecc/bls12-377/kzg/kzg.go index d6c4c5b47..a8966d30a 100644 --- a/ecc/bls12-377/kzg/kzg.go +++ b/ecc/bls12-377/kzg/kzg.go @@ -12,9 +12,9 @@ import ( "sync" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bls12-377/kzg/kzg_test.go b/ecc/bls12-377/kzg/kzg_test.go index df2527ff5..c314d65ff 100644 --- a/ecc/bls12-377/kzg/kzg_test.go +++ b/ecc/bls12-377/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" diff --git a/ecc/bls12-377/kzg/marshal.go b/ecc/bls12-377/kzg/marshal.go index e9315a3cf..e66088ba5 100644 --- a/ecc/bls12-377/kzg/marshal.go +++ b/ecc/bls12-377/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bls12-377" "io" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bls12-377/kzg/mpcsetup.go b/ecc/bls12-377/kzg/mpcsetup.go index c8243506f..642b9c196 100644 --- a/ecc/bls12-377/kzg/mpcsetup.go +++ b/ecc/bls12-377/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/ecc/bls12-377/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bls12-377/mpcsetup/mpcsetup.go b/ecc/bls12-377/mpcsetup/mpcsetup.go index 9a71cdc46..9fc55c1c8 100644 --- a/ecc/bls12-377/mpcsetup/mpcsetup.go +++ b/ecc/bls12-377/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bls12-377/mpcsetup/mpcsetup_test.go b/ecc/bls12-377/mpcsetup/mpcsetup_test.go index 591dceca6..11339dc8e 100644 --- a/ecc/bls12-377/mpcsetup/mpcsetup_test.go +++ b/ecc/bls12-377/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bls12-377/multiexp.go b/ecc/bls12-377/multiexp.go index 93bbfa633..65d3ee459 100644 --- a/ecc/bls12-377/multiexp.go +++ b/ecc/bls12-377/multiexp.go @@ -7,11 +7,12 @@ package bls12377 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bls12-377/shplonk/marshal.go b/ecc/bls12-377/shplonk/marshal.go index a1c5b31ff..a924be5c7 100644 --- a/ecc/bls12-377/shplonk/marshal.go +++ b/ecc/bls12-377/shplonk/marshal.go @@ -8,7 +8,7 @@ package shplonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" ) func (proof *OpeningProof) ReadFrom(r io.Reader) (int64, error) { diff --git a/ecc/bls12-377/shplonk/shplonk.go b/ecc/bls12-377/shplonk/shplonk.go index f4da6dfd9..7ce4852f6 100644 --- a/ecc/bls12-377/shplonk/shplonk.go +++ b/ecc/bls12-377/shplonk/shplonk.go @@ -11,7 +11,7 @@ import ( "math/big" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/ecc/bls12-377/kzg" fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" diff --git a/ecc/bls12-377/shplonk/shplonk_test.go b/ecc/bls12-377/shplonk/shplonk_test.go index 95f11f53e..4258b7591 100644 --- a/ecc/bls12-377/shplonk/shplonk_test.go +++ b/ecc/bls12-377/shplonk/shplonk_test.go @@ -12,7 +12,7 @@ import ( "testing" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls12-377" + bls12377 "github.com/consensys/gnark-crypto/ecc/bls12-377" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" "github.com/consensys/gnark-crypto/ecc/bls12-377/kzg" "github.com/consensys/gnark-crypto/utils/testutils" diff --git a/ecc/bls12-377/twistededwards/eddsa/marshal.go b/ecc/bls12-377/twistededwards/eddsa/marshal.go index afa43e5d9..8afcdc1d5 100644 --- a/ecc/bls12-377/twistededwards/eddsa/marshal.go +++ b/ecc/bls12-377/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" - "github.com/consensys/gnark-crypto/ecc/bls12-377/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" + "github.com/consensys/gnark-crypto/ecc/bls12-377/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bls12-381/bandersnatch/eddsa/marshal.go b/ecc/bls12-381/bandersnatch/eddsa/marshal.go index ecc5b5084..454264a42 100644 --- a/ecc/bls12-381/bandersnatch/eddsa/marshal.go +++ b/ecc/bls12-381/bandersnatch/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "github.com/consensys/gnark-crypto/ecc/bls12-381/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" + "github.com/consensys/gnark-crypto/ecc/bls12-381/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bls12-381/ecdsa/ecdsa.go b/ecc/bls12-381/ecdsa/ecdsa.go index fc7c8f4f2..005f4cbf6 100644 --- a/ecc/bls12-381/ecdsa/ecdsa.go +++ b/ecc/bls12-381/ecdsa/ecdsa.go @@ -15,7 +15,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/bls12-381/ecdsa/ecdsa_test.go b/ecc/bls12-381/ecdsa/ecdsa_test.go index 16dd1fad9..d622b00ed 100644 --- a/ecc/bls12-381/ecdsa/ecdsa_test.go +++ b/ecc/bls12-381/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls12-381/ecdsa/marshal.go b/ecc/bls12-381/ecdsa/marshal.go index c25eefd7c..72b6e5e8f 100644 --- a/ecc/bls12-381/ecdsa/marshal.go +++ b/ecc/bls12-381/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/bls12-381/fflonk/marshal.go b/ecc/bls12-381/fflonk/marshal.go index 91a45ae3b..f73d8b8a1 100644 --- a/ecc/bls12-381/fflonk/marshal.go +++ b/ecc/bls12-381/fflonk/marshal.go @@ -8,7 +8,7 @@ package fflonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" ) // ReadFrom decodes OpeningProof data from reader. diff --git a/ecc/bls12-381/fp/vector_test.go b/ecc/bls12-381/fp/vector_test.go index e92e47997..79dbd9e34 100644 --- a/ecc/bls12-381/fp/vector_test.go +++ b/ecc/bls12-381/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls12-381/fr/fft/fft.go b/ecc/bls12-381/fr/fft/fft.go index 73bb64f62..d2c778730 100644 --- a/ecc/bls12-381/fr/fft/fft.go +++ b/ecc/bls12-381/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" ) diff --git a/ecc/bls12-381/fr/iop/expressions.go b/ecc/bls12-381/fr/iop/expressions.go index c2300c0df..d806eb5f5 100644 --- a/ecc/bls12-381/fr/iop/expressions.go +++ b/ecc/bls12-381/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bls12-381/fr/pedersen/pedersen.go b/ecc/bls12-381/fr/pedersen/pedersen.go index e894a675e..fa87d1428 100644 --- a/ecc/bls12-381/fr/pedersen/pedersen.go +++ b/ecc/bls12-381/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bls12-381/fr/permutation/permutation.go b/ecc/bls12-381/fr/permutation/permutation.go index eb6935d70..588eb2ece 100644 --- a/ecc/bls12-381/fr/permutation/permutation.go +++ b/ecc/bls12-381/fr/permutation/permutation.go @@ -11,7 +11,7 @@ import ( "math/big" "math/bits" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr/fft" "github.com/consensys/gnark-crypto/ecc/bls12-381/kzg" diff --git a/ecc/bls12-381/fr/polynomial/multilin.go b/ecc/bls12-381/fr/polynomial/multilin.go index 8fca55c5d..66fce8e47 100644 --- a/ecc/bls12-381/fr/polynomial/multilin.go +++ b/ecc/bls12-381/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bls12-381/fr/polynomial/multilin_test.go b/ecc/bls12-381/fr/polynomial/multilin_test.go index 514cef4a3..3c3149a54 100644 --- a/ecc/bls12-381/fr/polynomial/multilin_test.go +++ b/ecc/bls12-381/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bls12-381/fr/polynomial/polynomial.go b/ecc/bls12-381/fr/polynomial/polynomial.go index ef8b242c8..a803d7c61 100644 --- a/ecc/bls12-381/fr/polynomial/polynomial.go +++ b/ecc/bls12-381/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bls12-381/fr/polynomial/polynomial_test.go b/ecc/bls12-381/fr/polynomial/polynomial_test.go index b55714688..615da0fcc 100644 --- a/ecc/bls12-381/fr/polynomial/polynomial_test.go +++ b/ecc/bls12-381/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bls12-381/fr/polynomial/pool.go b/ecc/bls12-381/fr/polynomial/pool.go index a899a7493..2c5dc37d1 100644 --- a/ecc/bls12-381/fr/polynomial/pool.go +++ b/ecc/bls12-381/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" ) // Memory management for polynomials diff --git a/ecc/bls12-381/fr/poseidon2/hash.go b/ecc/bls12-381/fr/poseidon2/hash.go index 45e0df670..c5788f80d 100644 --- a/ecc/bls12-381/fr/poseidon2/hash.go +++ b/ecc/bls12-381/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bls12-381/fr/vector_test.go b/ecc/bls12-381/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/bls12-381/fr/vector_test.go +++ b/ecc/bls12-381/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls12-381/g1.go b/ecc/bls12-381/g1.go index ffffe9ed4..df0b96456 100644 --- a/ecc/bls12-381/g1.go +++ b/ecc/bls12-381/g1.go @@ -7,14 +7,15 @@ package bls12381 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls12-381/g2.go b/ecc/bls12-381/g2.go index 435bbd21a..95d42af1e 100644 --- a/ecc/bls12-381/g2.go +++ b/ecc/bls12-381/g2.go @@ -7,13 +7,14 @@ package bls12381 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/ecc/bls12-381/internal/fptower" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" ) diff --git a/ecc/bls12-381/hash_to_curve/g1_test.go b/ecc/bls12-381/hash_to_curve/g1_test.go index 0c03d70b3..808897f8a 100644 --- a/ecc/bls12-381/hash_to_curve/g1_test.go +++ b/ecc/bls12-381/hash_to_curve/g1_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenFp generates an Fp element diff --git a/ecc/bls12-381/hash_to_curve/g2_test.go b/ecc/bls12-381/hash_to_curve/g2_test.go index 3691b2847..7a7b1bed6 100644 --- a/ecc/bls12-381/hash_to_curve/g2_test.go +++ b/ecc/bls12-381/hash_to_curve/g2_test.go @@ -6,11 +6,12 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/consensys/gnark-crypto/ecc/bls12-381/internal/fptower" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenE2 generates an fptower.E2 elmt diff --git a/ecc/bls12-381/hash_to_g1_test.go b/ecc/bls12-381/hash_to_g1_test.go index 4ccccbc71..7c074dac3 100644 --- a/ecc/bls12-381/hash_to_g1_test.go +++ b/ecc/bls12-381/hash_to_g1_test.go @@ -8,11 +8,12 @@ package bls12381 import ( "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bls12-381/hash_to_g2_test.go b/ecc/bls12-381/hash_to_g2_test.go index d4231cdf4..132e8986e 100644 --- a/ecc/bls12-381/hash_to_g2_test.go +++ b/ecc/bls12-381/hash_to_g2_test.go @@ -8,13 +8,14 @@ package bls12381 import ( "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" + "math/rand" + "strings" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" "github.com/consensys/gnark-crypto/ecc/bls12-381/internal/fptower" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "strings" - "testing" ) func TestHashToFpG2(t *testing.T) { diff --git a/ecc/bls12-381/internal/fptower/e12.go b/ecc/bls12-381/internal/fptower/e12.go index 4a32bf255..4704c999b 100644 --- a/ecc/bls12-381/internal/fptower/e12.go +++ b/ecc/bls12-381/internal/fptower/e12.go @@ -7,11 +7,12 @@ package fptower import ( "errors" + "math/big" + "sync" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "math/big" - "sync" ) var bigIntPool = sync.Pool{ diff --git a/ecc/bls12-381/internal/fptower/e2.go b/ecc/bls12-381/internal/fptower/e2.go index 3e50a6380..958e079c7 100644 --- a/ecc/bls12-381/internal/fptower/e2.go +++ b/ecc/bls12-381/internal/fptower/e2.go @@ -6,8 +6,9 @@ package fptower import ( - "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" ) // E2 is a degree two finite field extension of fp.Element diff --git a/ecc/bls12-381/kzg/kzg.go b/ecc/bls12-381/kzg/kzg.go index 571f9beb9..50b4c9d7c 100644 --- a/ecc/bls12-381/kzg/kzg.go +++ b/ecc/bls12-381/kzg/kzg.go @@ -12,9 +12,9 @@ import ( "sync" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bls12-381/kzg/kzg_test.go b/ecc/bls12-381/kzg/kzg_test.go index 7e29fe1cd..8db7566cf 100644 --- a/ecc/bls12-381/kzg/kzg_test.go +++ b/ecc/bls12-381/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" diff --git a/ecc/bls12-381/kzg/marshal.go b/ecc/bls12-381/kzg/marshal.go index dfd546ee4..bcca52d95 100644 --- a/ecc/bls12-381/kzg/marshal.go +++ b/ecc/bls12-381/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bls12-381" "io" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bls12-381/kzg/mpcsetup.go b/ecc/bls12-381/kzg/mpcsetup.go index f44826135..2d896157e 100644 --- a/ecc/bls12-381/kzg/mpcsetup.go +++ b/ecc/bls12-381/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/ecc/bls12-381/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bls12-381/mpcsetup/mpcsetup.go b/ecc/bls12-381/mpcsetup/mpcsetup.go index 5a1112265..3ba108d7a 100644 --- a/ecc/bls12-381/mpcsetup/mpcsetup.go +++ b/ecc/bls12-381/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bls12-381/mpcsetup/mpcsetup_test.go b/ecc/bls12-381/mpcsetup/mpcsetup_test.go index b261b898c..c9bb78f5d 100644 --- a/ecc/bls12-381/mpcsetup/mpcsetup_test.go +++ b/ecc/bls12-381/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bls12-381/multiexp.go b/ecc/bls12-381/multiexp.go index bd0427c04..851d494ed 100644 --- a/ecc/bls12-381/multiexp.go +++ b/ecc/bls12-381/multiexp.go @@ -7,11 +7,12 @@ package bls12381 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bls12-381/shplonk/marshal.go b/ecc/bls12-381/shplonk/marshal.go index 04e4c4496..7e83bded6 100644 --- a/ecc/bls12-381/shplonk/marshal.go +++ b/ecc/bls12-381/shplonk/marshal.go @@ -8,7 +8,7 @@ package shplonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" ) func (proof *OpeningProof) ReadFrom(r io.Reader) (int64, error) { diff --git a/ecc/bls12-381/shplonk/shplonk.go b/ecc/bls12-381/shplonk/shplonk.go index b8bf72ddb..ed44b79bb 100644 --- a/ecc/bls12-381/shplonk/shplonk.go +++ b/ecc/bls12-381/shplonk/shplonk.go @@ -11,7 +11,7 @@ import ( "math/big" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/ecc/bls12-381/kzg" fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" diff --git a/ecc/bls12-381/shplonk/shplonk_test.go b/ecc/bls12-381/shplonk/shplonk_test.go index 54a8df5d8..eb6ea15ec 100644 --- a/ecc/bls12-381/shplonk/shplonk_test.go +++ b/ecc/bls12-381/shplonk/shplonk_test.go @@ -12,7 +12,7 @@ import ( "testing" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls12-381" + bls12381 "github.com/consensys/gnark-crypto/ecc/bls12-381" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" "github.com/consensys/gnark-crypto/ecc/bls12-381/kzg" "github.com/consensys/gnark-crypto/utils/testutils" diff --git a/ecc/bls12-381/twistededwards/eddsa/marshal.go b/ecc/bls12-381/twistededwards/eddsa/marshal.go index ecc5b5084..454264a42 100644 --- a/ecc/bls12-381/twistededwards/eddsa/marshal.go +++ b/ecc/bls12-381/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "github.com/consensys/gnark-crypto/ecc/bls12-381/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" + "github.com/consensys/gnark-crypto/ecc/bls12-381/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bls24-315/ecdsa/ecdsa.go b/ecc/bls24-315/ecdsa/ecdsa.go index 71e42a9ce..b0d05d302 100644 --- a/ecc/bls24-315/ecdsa/ecdsa.go +++ b/ecc/bls24-315/ecdsa/ecdsa.go @@ -15,7 +15,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fp" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/bls24-315/ecdsa/ecdsa_test.go b/ecc/bls24-315/ecdsa/ecdsa_test.go index 2363cb0b4..ce46a19ea 100644 --- a/ecc/bls24-315/ecdsa/ecdsa_test.go +++ b/ecc/bls24-315/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls24-315/ecdsa/marshal.go b/ecc/bls24-315/ecdsa/marshal.go index b354f186e..1dd831a0f 100644 --- a/ecc/bls24-315/ecdsa/marshal.go +++ b/ecc/bls24-315/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/bls24-315/fflonk/marshal.go b/ecc/bls24-315/fflonk/marshal.go index a174b9fcf..c38cc11d3 100644 --- a/ecc/bls24-315/fflonk/marshal.go +++ b/ecc/bls24-315/fflonk/marshal.go @@ -8,7 +8,7 @@ package fflonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" ) // ReadFrom decodes OpeningProof data from reader. diff --git a/ecc/bls24-315/fp/vector_test.go b/ecc/bls24-315/fp/vector_test.go index 814916a16..ce47022ed 100644 --- a/ecc/bls24-315/fp/vector_test.go +++ b/ecc/bls24-315/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls24-315/fr/fft/fft.go b/ecc/bls24-315/fr/fft/fft.go index fef72bd9a..5114d4da8 100644 --- a/ecc/bls24-315/fr/fft/fft.go +++ b/ecc/bls24-315/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" ) diff --git a/ecc/bls24-315/fr/iop/expressions.go b/ecc/bls24-315/fr/iop/expressions.go index df6e899c1..eec9a1c69 100644 --- a/ecc/bls24-315/fr/iop/expressions.go +++ b/ecc/bls24-315/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bls24-315/fr/pedersen/pedersen.go b/ecc/bls24-315/fr/pedersen/pedersen.go index d7c0b129c..21d880cc0 100644 --- a/ecc/bls24-315/fr/pedersen/pedersen.go +++ b/ecc/bls24-315/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bls24-315/fr/permutation/permutation.go b/ecc/bls24-315/fr/permutation/permutation.go index 0531c415d..18fdc7a9d 100644 --- a/ecc/bls24-315/fr/permutation/permutation.go +++ b/ecc/bls24-315/fr/permutation/permutation.go @@ -11,7 +11,7 @@ import ( "math/big" "math/bits" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr/fft" "github.com/consensys/gnark-crypto/ecc/bls24-315/kzg" diff --git a/ecc/bls24-315/fr/polynomial/multilin.go b/ecc/bls24-315/fr/polynomial/multilin.go index 0a2bb7ebd..33cba7f0c 100644 --- a/ecc/bls24-315/fr/polynomial/multilin.go +++ b/ecc/bls24-315/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bls24-315/fr/polynomial/multilin_test.go b/ecc/bls24-315/fr/polynomial/multilin_test.go index f47acb4c4..1f1cd50a2 100644 --- a/ecc/bls24-315/fr/polynomial/multilin_test.go +++ b/ecc/bls24-315/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bls24-315/fr/polynomial/polynomial.go b/ecc/bls24-315/fr/polynomial/polynomial.go index a429b842a..5db743fc3 100644 --- a/ecc/bls24-315/fr/polynomial/polynomial.go +++ b/ecc/bls24-315/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bls24-315/fr/polynomial/polynomial_test.go b/ecc/bls24-315/fr/polynomial/polynomial_test.go index 6e84f26e6..715fa87ae 100644 --- a/ecc/bls24-315/fr/polynomial/polynomial_test.go +++ b/ecc/bls24-315/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bls24-315/fr/polynomial/pool.go b/ecc/bls24-315/fr/polynomial/pool.go index 77390a9a5..8eeaf81b2 100644 --- a/ecc/bls24-315/fr/polynomial/pool.go +++ b/ecc/bls24-315/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" ) // Memory management for polynomials diff --git a/ecc/bls24-315/fr/poseidon2/hash.go b/ecc/bls24-315/fr/poseidon2/hash.go index 25608d310..23285b149 100644 --- a/ecc/bls24-315/fr/poseidon2/hash.go +++ b/ecc/bls24-315/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bls24-315/fr/vector_test.go b/ecc/bls24-315/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/bls24-315/fr/vector_test.go +++ b/ecc/bls24-315/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls24-315/g1.go b/ecc/bls24-315/g1.go index 05805e903..fbc662761 100644 --- a/ecc/bls24-315/g1.go +++ b/ecc/bls24-315/g1.go @@ -7,13 +7,14 @@ package bls24315 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-315/fp" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls24-315/g2.go b/ecc/bls24-315/g2.go index e3867c4a8..c0055a1e5 100644 --- a/ecc/bls24-315/g2.go +++ b/ecc/bls24-315/g2.go @@ -7,13 +7,14 @@ package bls24315 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/ecc/bls24-315/internal/fptower" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls24-315/hash_to_curve/g1_test.go b/ecc/bls24-315/hash_to_curve/g1_test.go index f43eda357..f8c9df500 100644 --- a/ecc/bls24-315/hash_to_curve/g1_test.go +++ b/ecc/bls24-315/hash_to_curve/g1_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-315/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenFp generates an Fp element diff --git a/ecc/bls24-315/hash_to_g1_test.go b/ecc/bls24-315/hash_to_g1_test.go index f0f232d0f..9b0f706f4 100644 --- a/ecc/bls24-315/hash_to_g1_test.go +++ b/ecc/bls24-315/hash_to_g1_test.go @@ -8,11 +8,12 @@ package bls24315 import ( "github.com/consensys/gnark-crypto/ecc/bls24-315/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-315/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bls24-315/kzg/kzg.go b/ecc/bls24-315/kzg/kzg.go index 6872ccfce..ece108d90 100644 --- a/ecc/bls24-315/kzg/kzg.go +++ b/ecc/bls24-315/kzg/kzg.go @@ -12,9 +12,9 @@ import ( "sync" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bls24-315/kzg/kzg_test.go b/ecc/bls24-315/kzg/kzg_test.go index e33ae4a72..43b47cac3 100644 --- a/ecc/bls24-315/kzg/kzg_test.go +++ b/ecc/bls24-315/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" diff --git a/ecc/bls24-315/kzg/marshal.go b/ecc/bls24-315/kzg/marshal.go index 1d725192a..fcd4e7311 100644 --- a/ecc/bls24-315/kzg/marshal.go +++ b/ecc/bls24-315/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bls24-315" "io" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bls24-315/kzg/mpcsetup.go b/ecc/bls24-315/kzg/mpcsetup.go index 7d41f3d74..4c6f32689 100644 --- a/ecc/bls24-315/kzg/mpcsetup.go +++ b/ecc/bls24-315/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/ecc/bls24-315/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bls24-315/mpcsetup/mpcsetup.go b/ecc/bls24-315/mpcsetup/mpcsetup.go index 70c78780d..4a69eac74 100644 --- a/ecc/bls24-315/mpcsetup/mpcsetup.go +++ b/ecc/bls24-315/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bls24-315/mpcsetup/mpcsetup_test.go b/ecc/bls24-315/mpcsetup/mpcsetup_test.go index bd23cd157..a6ae9c81b 100644 --- a/ecc/bls24-315/mpcsetup/mpcsetup_test.go +++ b/ecc/bls24-315/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bls24-315/multiexp.go b/ecc/bls24-315/multiexp.go index 9c6bbc8e3..4dae086fc 100644 --- a/ecc/bls24-315/multiexp.go +++ b/ecc/bls24-315/multiexp.go @@ -7,11 +7,12 @@ package bls24315 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bls24-315/shplonk/marshal.go b/ecc/bls24-315/shplonk/marshal.go index c1bef1dfa..b44a64773 100644 --- a/ecc/bls24-315/shplonk/marshal.go +++ b/ecc/bls24-315/shplonk/marshal.go @@ -8,7 +8,7 @@ package shplonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" ) func (proof *OpeningProof) ReadFrom(r io.Reader) (int64, error) { diff --git a/ecc/bls24-315/shplonk/shplonk.go b/ecc/bls24-315/shplonk/shplonk.go index a65189013..c0ab0a4e6 100644 --- a/ecc/bls24-315/shplonk/shplonk.go +++ b/ecc/bls24-315/shplonk/shplonk.go @@ -11,7 +11,7 @@ import ( "math/big" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/ecc/bls24-315/kzg" fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" diff --git a/ecc/bls24-315/shplonk/shplonk_test.go b/ecc/bls24-315/shplonk/shplonk_test.go index 64da4b6ab..3ffe8b74d 100644 --- a/ecc/bls24-315/shplonk/shplonk_test.go +++ b/ecc/bls24-315/shplonk/shplonk_test.go @@ -12,7 +12,7 @@ import ( "testing" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls24-315" + bls24315 "github.com/consensys/gnark-crypto/ecc/bls24-315" "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" "github.com/consensys/gnark-crypto/ecc/bls24-315/kzg" "github.com/consensys/gnark-crypto/utils/testutils" diff --git a/ecc/bls24-315/twistededwards/eddsa/marshal.go b/ecc/bls24-315/twistededwards/eddsa/marshal.go index fc29eaf59..2da8fcd30 100644 --- a/ecc/bls24-315/twistededwards/eddsa/marshal.go +++ b/ecc/bls24-315/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" - "github.com/consensys/gnark-crypto/ecc/bls24-315/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls24-315/fr" + "github.com/consensys/gnark-crypto/ecc/bls24-315/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bls24-317/ecdsa/ecdsa.go b/ecc/bls24-317/ecdsa/ecdsa.go index 848f88fcc..b8b76401d 100644 --- a/ecc/bls24-317/ecdsa/ecdsa.go +++ b/ecc/bls24-317/ecdsa/ecdsa.go @@ -15,7 +15,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fp" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/bls24-317/ecdsa/ecdsa_test.go b/ecc/bls24-317/ecdsa/ecdsa_test.go index e5f28417c..ce4ff4ce9 100644 --- a/ecc/bls24-317/ecdsa/ecdsa_test.go +++ b/ecc/bls24-317/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls24-317/ecdsa/marshal.go b/ecc/bls24-317/ecdsa/marshal.go index 5f6d4bf4d..135ae54ca 100644 --- a/ecc/bls24-317/ecdsa/marshal.go +++ b/ecc/bls24-317/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/bls24-317/fflonk/marshal.go b/ecc/bls24-317/fflonk/marshal.go index ccbb0fcbd..3caa76ddd 100644 --- a/ecc/bls24-317/fflonk/marshal.go +++ b/ecc/bls24-317/fflonk/marshal.go @@ -8,7 +8,7 @@ package fflonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" ) // ReadFrom decodes OpeningProof data from reader. diff --git a/ecc/bls24-317/fp/vector_test.go b/ecc/bls24-317/fp/vector_test.go index 814916a16..ce47022ed 100644 --- a/ecc/bls24-317/fp/vector_test.go +++ b/ecc/bls24-317/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls24-317/fr/fft/fft.go b/ecc/bls24-317/fr/fft/fft.go index 818c45844..23f624226 100644 --- a/ecc/bls24-317/fr/fft/fft.go +++ b/ecc/bls24-317/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" ) diff --git a/ecc/bls24-317/fr/iop/expressions.go b/ecc/bls24-317/fr/iop/expressions.go index 4648a888e..5bf0d0332 100644 --- a/ecc/bls24-317/fr/iop/expressions.go +++ b/ecc/bls24-317/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bls24-317/fr/pedersen/pedersen.go b/ecc/bls24-317/fr/pedersen/pedersen.go index 2ff5965a6..66fa869cc 100644 --- a/ecc/bls24-317/fr/pedersen/pedersen.go +++ b/ecc/bls24-317/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bls24-317/fr/permutation/permutation.go b/ecc/bls24-317/fr/permutation/permutation.go index b9e7f3d74..0fe6a74f2 100644 --- a/ecc/bls24-317/fr/permutation/permutation.go +++ b/ecc/bls24-317/fr/permutation/permutation.go @@ -11,7 +11,7 @@ import ( "math/big" "math/bits" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr/fft" "github.com/consensys/gnark-crypto/ecc/bls24-317/kzg" diff --git a/ecc/bls24-317/fr/polynomial/multilin.go b/ecc/bls24-317/fr/polynomial/multilin.go index b2857cec7..510eb38ae 100644 --- a/ecc/bls24-317/fr/polynomial/multilin.go +++ b/ecc/bls24-317/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bls24-317/fr/polynomial/multilin_test.go b/ecc/bls24-317/fr/polynomial/multilin_test.go index 453d0017a..fb4d71b68 100644 --- a/ecc/bls24-317/fr/polynomial/multilin_test.go +++ b/ecc/bls24-317/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bls24-317/fr/polynomial/polynomial.go b/ecc/bls24-317/fr/polynomial/polynomial.go index 8e0fce5bc..476c5ac35 100644 --- a/ecc/bls24-317/fr/polynomial/polynomial.go +++ b/ecc/bls24-317/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bls24-317/fr/polynomial/polynomial_test.go b/ecc/bls24-317/fr/polynomial/polynomial_test.go index 5ab358604..fa53186f4 100644 --- a/ecc/bls24-317/fr/polynomial/polynomial_test.go +++ b/ecc/bls24-317/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bls24-317/fr/polynomial/pool.go b/ecc/bls24-317/fr/polynomial/pool.go index 2955c1969..759d08d51 100644 --- a/ecc/bls24-317/fr/polynomial/pool.go +++ b/ecc/bls24-317/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" ) // Memory management for polynomials diff --git a/ecc/bls24-317/fr/poseidon2/hash.go b/ecc/bls24-317/fr/poseidon2/hash.go index 864307d85..e416f0615 100644 --- a/ecc/bls24-317/fr/poseidon2/hash.go +++ b/ecc/bls24-317/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bls24-317/fr/vector_test.go b/ecc/bls24-317/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/bls24-317/fr/vector_test.go +++ b/ecc/bls24-317/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bls24-317/g1.go b/ecc/bls24-317/g1.go index 85ead352e..bd8592817 100644 --- a/ecc/bls24-317/g1.go +++ b/ecc/bls24-317/g1.go @@ -7,13 +7,14 @@ package bls24317 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-317/fp" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls24-317/g2.go b/ecc/bls24-317/g2.go index 7a27e58e8..10c358fa9 100644 --- a/ecc/bls24-317/g2.go +++ b/ecc/bls24-317/g2.go @@ -7,13 +7,14 @@ package bls24317 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/ecc/bls24-317/internal/fptower" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) diff --git a/ecc/bls24-317/hash_to_curve/g1_test.go b/ecc/bls24-317/hash_to_curve/g1_test.go index 8e07f11e3..16d300421 100644 --- a/ecc/bls24-317/hash_to_curve/g1_test.go +++ b/ecc/bls24-317/hash_to_curve/g1_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-317/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenFp generates an Fp element diff --git a/ecc/bls24-317/hash_to_g1_test.go b/ecc/bls24-317/hash_to_g1_test.go index d67be199e..2ff22c100 100644 --- a/ecc/bls24-317/hash_to_g1_test.go +++ b/ecc/bls24-317/hash_to_g1_test.go @@ -8,11 +8,12 @@ package bls24317 import ( "github.com/consensys/gnark-crypto/ecc/bls24-317/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bls24-317/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bls24-317/kzg/kzg.go b/ecc/bls24-317/kzg/kzg.go index 2cd246edf..2ccb66328 100644 --- a/ecc/bls24-317/kzg/kzg.go +++ b/ecc/bls24-317/kzg/kzg.go @@ -12,9 +12,9 @@ import ( "sync" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bls24-317/kzg/kzg_test.go b/ecc/bls24-317/kzg/kzg_test.go index be55d4d6e..899206e4c 100644 --- a/ecc/bls24-317/kzg/kzg_test.go +++ b/ecc/bls24-317/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" diff --git a/ecc/bls24-317/kzg/marshal.go b/ecc/bls24-317/kzg/marshal.go index f631b5c6c..93a0f6a68 100644 --- a/ecc/bls24-317/kzg/marshal.go +++ b/ecc/bls24-317/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bls24-317" "io" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bls24-317/kzg/mpcsetup.go b/ecc/bls24-317/kzg/mpcsetup.go index a460fe934..dd286e7cc 100644 --- a/ecc/bls24-317/kzg/mpcsetup.go +++ b/ecc/bls24-317/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/ecc/bls24-317/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bls24-317/mpcsetup/mpcsetup.go b/ecc/bls24-317/mpcsetup/mpcsetup.go index 6ab6177d1..991374878 100644 --- a/ecc/bls24-317/mpcsetup/mpcsetup.go +++ b/ecc/bls24-317/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bls24-317/mpcsetup/mpcsetup_test.go b/ecc/bls24-317/mpcsetup/mpcsetup_test.go index 4b224dae3..5e5292604 100644 --- a/ecc/bls24-317/mpcsetup/mpcsetup_test.go +++ b/ecc/bls24-317/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bls24-317/multiexp.go b/ecc/bls24-317/multiexp.go index a0321ad09..c7bc3f5ff 100644 --- a/ecc/bls24-317/multiexp.go +++ b/ecc/bls24-317/multiexp.go @@ -7,11 +7,12 @@ package bls24317 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bls24-317/shplonk/marshal.go b/ecc/bls24-317/shplonk/marshal.go index 733d7b082..ef36e1f80 100644 --- a/ecc/bls24-317/shplonk/marshal.go +++ b/ecc/bls24-317/shplonk/marshal.go @@ -8,7 +8,7 @@ package shplonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" ) func (proof *OpeningProof) ReadFrom(r io.Reader) (int64, error) { diff --git a/ecc/bls24-317/shplonk/shplonk.go b/ecc/bls24-317/shplonk/shplonk.go index f949b5f19..cf6c59327 100644 --- a/ecc/bls24-317/shplonk/shplonk.go +++ b/ecc/bls24-317/shplonk/shplonk.go @@ -11,7 +11,7 @@ import ( "math/big" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/ecc/bls24-317/kzg" fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" diff --git a/ecc/bls24-317/shplonk/shplonk_test.go b/ecc/bls24-317/shplonk/shplonk_test.go index 78c0cf61f..e7c845556 100644 --- a/ecc/bls24-317/shplonk/shplonk_test.go +++ b/ecc/bls24-317/shplonk/shplonk_test.go @@ -12,7 +12,7 @@ import ( "testing" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bls24-317" + bls24317 "github.com/consensys/gnark-crypto/ecc/bls24-317" "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" "github.com/consensys/gnark-crypto/ecc/bls24-317/kzg" "github.com/consensys/gnark-crypto/utils/testutils" diff --git a/ecc/bls24-317/twistededwards/eddsa/marshal.go b/ecc/bls24-317/twistededwards/eddsa/marshal.go index c148504fd..9c9fec618 100644 --- a/ecc/bls24-317/twistededwards/eddsa/marshal.go +++ b/ecc/bls24-317/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" - "github.com/consensys/gnark-crypto/ecc/bls24-317/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bls24-317/fr" + "github.com/consensys/gnark-crypto/ecc/bls24-317/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bn254/ecdsa/ecdsa_test.go b/ecc/bn254/ecdsa/ecdsa_test.go index f5593addc..e28bddc3f 100644 --- a/ecc/bn254/ecdsa/ecdsa_test.go +++ b/ecc/bn254/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bn254/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bn254/ecdsa/marshal.go b/ecc/bn254/ecdsa/marshal.go index ec405a2f1..5dc2dcfb8 100644 --- a/ecc/bn254/ecdsa/marshal.go +++ b/ecc/bn254/ecdsa/marshal.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bn254/fr" "io" "math/big" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" + "github.com/consensys/gnark-crypto/ecc/bn254" ) diff --git a/ecc/bn254/fp/vector_test.go b/ecc/bn254/fp/vector_test.go index d57fe2a0a..445d2cc52 100644 --- a/ecc/bn254/fp/vector_test.go +++ b/ecc/bn254/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bn254/fr/fft/fft.go b/ecc/bn254/fr/fft/fft.go index 62a50009d..84fd024ec 100644 --- a/ecc/bn254/fr/fft/fft.go +++ b/ecc/bn254/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" ) diff --git a/ecc/bn254/fr/iop/expressions.go b/ecc/bn254/fr/iop/expressions.go index a8bbfd501..3313bf6c2 100644 --- a/ecc/bn254/fr/iop/expressions.go +++ b/ecc/bn254/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bn254/fr/pedersen/pedersen.go b/ecc/bn254/fr/pedersen/pedersen.go index ec973971c..9c51724ee 100644 --- a/ecc/bn254/fr/pedersen/pedersen.go +++ b/ecc/bn254/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bn254/fr/polynomial/multilin.go b/ecc/bn254/fr/polynomial/multilin.go index f352cb558..b9f8a75ef 100644 --- a/ecc/bn254/fr/polynomial/multilin.go +++ b/ecc/bn254/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bn254/fr/polynomial/multilin_test.go b/ecc/bn254/fr/polynomial/multilin_test.go index 3992b69a7..fdfd46a15 100644 --- a/ecc/bn254/fr/polynomial/multilin_test.go +++ b/ecc/bn254/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bn254/fr/polynomial/polynomial.go b/ecc/bn254/fr/polynomial/polynomial.go index 8cfd2c00c..585956841 100644 --- a/ecc/bn254/fr/polynomial/polynomial.go +++ b/ecc/bn254/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bn254/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bn254/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bn254/fr/polynomial/polynomial_test.go b/ecc/bn254/fr/polynomial/polynomial_test.go index bf8abba16..7f08ab581 100644 --- a/ecc/bn254/fr/polynomial/polynomial_test.go +++ b/ecc/bn254/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bn254/fr/polynomial/pool.go b/ecc/bn254/fr/polynomial/pool.go index baabae0ed..909141d31 100644 --- a/ecc/bn254/fr/polynomial/pool.go +++ b/ecc/bn254/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bn254/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bn254/fr" ) // Memory management for polynomials diff --git a/ecc/bn254/fr/poseidon2/hash.go b/ecc/bn254/fr/poseidon2/hash.go index e62c640ef..2930ce251 100644 --- a/ecc/bn254/fr/poseidon2/hash.go +++ b/ecc/bn254/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bn254/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bn254/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bn254/fr/vector_test.go b/ecc/bn254/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/bn254/fr/vector_test.go +++ b/ecc/bn254/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bn254/g1.go b/ecc/bn254/g1.go index 30dae6c97..849e7508c 100644 --- a/ecc/bn254/g1.go +++ b/ecc/bn254/g1.go @@ -7,13 +7,14 @@ package bn254 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bn254/fp" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bn254/g2.go b/ecc/bn254/g2.go index 2779af0aa..fe311b135 100644 --- a/ecc/bn254/g2.go +++ b/ecc/bn254/g2.go @@ -7,13 +7,14 @@ package bn254 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/ecc/bn254/internal/fptower" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) diff --git a/ecc/bn254/hash_to_g1_test.go b/ecc/bn254/hash_to_g1_test.go index 0eaaf3add..f19f3364d 100644 --- a/ecc/bn254/hash_to_g1_test.go +++ b/ecc/bn254/hash_to_g1_test.go @@ -8,10 +8,11 @@ package bn254 import ( "github.com/consensys/gnark-crypto/ecc/bn254/fp" - "github.com/leanovate/gopter" - "github.com/leanovate/gopter/prop" "math/rand" "testing" + + "github.com/leanovate/gopter" + "github.com/leanovate/gopter/prop" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bn254/hash_to_g2_test.go b/ecc/bn254/hash_to_g2_test.go index 5e4da4b28..4105751dd 100644 --- a/ecc/bn254/hash_to_g2_test.go +++ b/ecc/bn254/hash_to_g2_test.go @@ -8,12 +8,13 @@ package bn254 import ( "github.com/consensys/gnark-crypto/ecc/bn254/fp" - "github.com/consensys/gnark-crypto/ecc/bn254/internal/fptower" - "github.com/leanovate/gopter" - "github.com/leanovate/gopter/prop" "math/rand" "strings" "testing" + + "github.com/consensys/gnark-crypto/ecc/bn254/internal/fptower" + "github.com/leanovate/gopter" + "github.com/leanovate/gopter/prop" ) func TestHashToFpG2(t *testing.T) { diff --git a/ecc/bn254/internal/fptower/e12.go b/ecc/bn254/internal/fptower/e12.go index a0a74e3da..0436ad82b 100644 --- a/ecc/bn254/internal/fptower/e12.go +++ b/ecc/bn254/internal/fptower/e12.go @@ -7,11 +7,12 @@ package fptower import ( "errors" + "math/big" + "sync" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bn254/fp" "github.com/consensys/gnark-crypto/ecc/bn254/fr" - "math/big" - "sync" ) var bigIntPool = sync.Pool{ diff --git a/ecc/bn254/internal/fptower/e2.go b/ecc/bn254/internal/fptower/e2.go index 75c9de264..7d551d03b 100644 --- a/ecc/bn254/internal/fptower/e2.go +++ b/ecc/bn254/internal/fptower/e2.go @@ -6,8 +6,9 @@ package fptower import ( - "github.com/consensys/gnark-crypto/ecc/bn254/fp" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bn254/fp" ) // E2 is a degree two finite field extension of fp.Element diff --git a/ecc/bn254/kzg/kzg.go b/ecc/bn254/kzg/kzg.go index b888c74d1..ab17bb61f 100644 --- a/ecc/bn254/kzg/kzg.go +++ b/ecc/bn254/kzg/kzg.go @@ -14,7 +14,7 @@ import ( "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bn254/kzg/kzg_test.go b/ecc/bn254/kzg/kzg_test.go index 830c69371..ac0aec32e 100644 --- a/ecc/bn254/kzg/kzg_test.go +++ b/ecc/bn254/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" diff --git a/ecc/bn254/kzg/marshal.go b/ecc/bn254/kzg/marshal.go index 060bfda94..912666574 100644 --- a/ecc/bn254/kzg/marshal.go +++ b/ecc/bn254/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bn254" "io" + "github.com/consensys/gnark-crypto/ecc/bn254" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bn254/kzg/mpcsetup.go b/ecc/bn254/kzg/mpcsetup.go index c5bc0a954..782425b9a 100644 --- a/ecc/bn254/kzg/mpcsetup.go +++ b/ecc/bn254/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/ecc/bn254/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bn254/mpcsetup/mpcsetup.go b/ecc/bn254/mpcsetup/mpcsetup.go index 9a413d89b..db08cc114 100644 --- a/ecc/bn254/mpcsetup/mpcsetup.go +++ b/ecc/bn254/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bn254/mpcsetup/mpcsetup_test.go b/ecc/bn254/mpcsetup/mpcsetup_test.go index 941d22776..4891925ba 100644 --- a/ecc/bn254/mpcsetup/mpcsetup_test.go +++ b/ecc/bn254/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bn254/multiexp.go b/ecc/bn254/multiexp.go index 9bb0a8d48..9801970c8 100644 --- a/ecc/bn254/multiexp.go +++ b/ecc/bn254/multiexp.go @@ -7,11 +7,12 @@ package bn254 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bn254/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bn254/twistededwards/eddsa/marshal.go b/ecc/bn254/twistededwards/eddsa/marshal.go index 9bf8024f7..4b030241d 100644 --- a/ecc/bn254/twistededwards/eddsa/marshal.go +++ b/ecc/bn254/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bn254/fr" - "github.com/consensys/gnark-crypto/ecc/bn254/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bn254/fr" + "github.com/consensys/gnark-crypto/ecc/bn254/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bw6-633/ecdsa/ecdsa.go b/ecc/bw6-633/ecdsa/ecdsa.go index 60ee76577..3b200e433 100644 --- a/ecc/bw6-633/ecdsa/ecdsa.go +++ b/ecc/bw6-633/ecdsa/ecdsa.go @@ -15,7 +15,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/bw6-633/ecdsa/ecdsa_test.go b/ecc/bw6-633/ecdsa/ecdsa_test.go index a27bd4eb0..044eebe78 100644 --- a/ecc/bw6-633/ecdsa/ecdsa_test.go +++ b/ecc/bw6-633/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bw6-633/ecdsa/marshal.go b/ecc/bw6-633/ecdsa/marshal.go index 61a8df484..89cc51b9c 100644 --- a/ecc/bw6-633/ecdsa/marshal.go +++ b/ecc/bw6-633/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/bw6-633/fflonk/marshal.go b/ecc/bw6-633/fflonk/marshal.go index 40178d222..a36619993 100644 --- a/ecc/bw6-633/fflonk/marshal.go +++ b/ecc/bw6-633/fflonk/marshal.go @@ -8,7 +8,7 @@ package fflonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" ) // ReadFrom decodes OpeningProof data from reader. diff --git a/ecc/bw6-633/fp/vector_test.go b/ecc/bw6-633/fp/vector_test.go index ec4b0072c..8eceb7236 100644 --- a/ecc/bw6-633/fp/vector_test.go +++ b/ecc/bw6-633/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bw6-633/fr/fft/fft.go b/ecc/bw6-633/fr/fft/fft.go index 0f44afcd7..49b157131 100644 --- a/ecc/bw6-633/fr/fft/fft.go +++ b/ecc/bw6-633/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" ) diff --git a/ecc/bw6-633/fr/iop/expressions.go b/ecc/bw6-633/fr/iop/expressions.go index 17e29b4d9..369072732 100644 --- a/ecc/bw6-633/fr/iop/expressions.go +++ b/ecc/bw6-633/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bw6-633/fr/pedersen/pedersen.go b/ecc/bw6-633/fr/pedersen/pedersen.go index 0f3484ee3..76804e4e6 100644 --- a/ecc/bw6-633/fr/pedersen/pedersen.go +++ b/ecc/bw6-633/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bw6-633/fr/permutation/permutation.go b/ecc/bw6-633/fr/permutation/permutation.go index 909c84c4c..00b60c2d2 100644 --- a/ecc/bw6-633/fr/permutation/permutation.go +++ b/ecc/bw6-633/fr/permutation/permutation.go @@ -11,7 +11,7 @@ import ( "math/big" "math/bits" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr/fft" "github.com/consensys/gnark-crypto/ecc/bw6-633/kzg" diff --git a/ecc/bw6-633/fr/polynomial/multilin.go b/ecc/bw6-633/fr/polynomial/multilin.go index 4ea3a9a61..416184459 100644 --- a/ecc/bw6-633/fr/polynomial/multilin.go +++ b/ecc/bw6-633/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bw6-633/fr/polynomial/multilin_test.go b/ecc/bw6-633/fr/polynomial/multilin_test.go index 8bb9c199a..3ab828e3f 100644 --- a/ecc/bw6-633/fr/polynomial/multilin_test.go +++ b/ecc/bw6-633/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bw6-633/fr/polynomial/polynomial.go b/ecc/bw6-633/fr/polynomial/polynomial.go index 861d69c2d..e204807ea 100644 --- a/ecc/bw6-633/fr/polynomial/polynomial.go +++ b/ecc/bw6-633/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bw6-633/fr/polynomial/polynomial_test.go b/ecc/bw6-633/fr/polynomial/polynomial_test.go index 75a8e7526..b9b572ecf 100644 --- a/ecc/bw6-633/fr/polynomial/polynomial_test.go +++ b/ecc/bw6-633/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bw6-633/fr/polynomial/pool.go b/ecc/bw6-633/fr/polynomial/pool.go index 5355ecd21..8cb7f07b1 100644 --- a/ecc/bw6-633/fr/polynomial/pool.go +++ b/ecc/bw6-633/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" ) // Memory management for polynomials diff --git a/ecc/bw6-633/fr/poseidon2/hash.go b/ecc/bw6-633/fr/poseidon2/hash.go index 44d1df7e0..f5eb25338 100644 --- a/ecc/bw6-633/fr/poseidon2/hash.go +++ b/ecc/bw6-633/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bw6-633/fr/vector_test.go b/ecc/bw6-633/fr/vector_test.go index 4e89a23da..28e9e7da8 100644 --- a/ecc/bw6-633/fr/vector_test.go +++ b/ecc/bw6-633/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bw6-633/g1.go b/ecc/bw6-633/g1.go index a0130fc71..0ee261ccc 100644 --- a/ecc/bw6-633/g1.go +++ b/ecc/bw6-633/g1.go @@ -7,13 +7,14 @@ package bw6633 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bw6-633/g2.go b/ecc/bw6-633/g2.go index 12effa8c5..6853b2d97 100644 --- a/ecc/bw6-633/g2.go +++ b/ecc/bw6-633/g2.go @@ -7,13 +7,14 @@ package bw6633 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) diff --git a/ecc/bw6-633/hash_to_curve/g1_test.go b/ecc/bw6-633/hash_to_curve/g1_test.go index 431c32500..10885751b 100644 --- a/ecc/bw6-633/hash_to_curve/g1_test.go +++ b/ecc/bw6-633/hash_to_curve/g1_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenFp generates an Fp element diff --git a/ecc/bw6-633/hash_to_curve/g2_test.go b/ecc/bw6-633/hash_to_curve/g2_test.go index e3388a20d..5675995a1 100644 --- a/ecc/bw6-633/hash_to_curve/g2_test.go +++ b/ecc/bw6-633/hash_to_curve/g2_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) func TestG2SqrtRatio(t *testing.T) { diff --git a/ecc/bw6-633/hash_to_g1_test.go b/ecc/bw6-633/hash_to_g1_test.go index 52668760a..0767a936b 100644 --- a/ecc/bw6-633/hash_to_g1_test.go +++ b/ecc/bw6-633/hash_to_g1_test.go @@ -8,11 +8,12 @@ package bw6633 import ( "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bw6-633/hash_to_g2_test.go b/ecc/bw6-633/hash_to_g2_test.go index dabfed126..9298b52e8 100644 --- a/ecc/bw6-633/hash_to_g2_test.go +++ b/ecc/bw6-633/hash_to_g2_test.go @@ -8,11 +8,12 @@ package bw6633 import ( "github.com/consensys/gnark-crypto/ecc/bw6-633/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-633/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG2(t *testing.T) { diff --git a/ecc/bw6-633/kzg/kzg.go b/ecc/bw6-633/kzg/kzg.go index f70d0ed61..eacf3a718 100644 --- a/ecc/bw6-633/kzg/kzg.go +++ b/ecc/bw6-633/kzg/kzg.go @@ -12,9 +12,9 @@ import ( "sync" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bw6-633/kzg/kzg_test.go b/ecc/bw6-633/kzg/kzg_test.go index 6701bb204..981da5496 100644 --- a/ecc/bw6-633/kzg/kzg_test.go +++ b/ecc/bw6-633/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" diff --git a/ecc/bw6-633/kzg/marshal.go b/ecc/bw6-633/kzg/marshal.go index 1ba36b4ca..3f9dbe76d 100644 --- a/ecc/bw6-633/kzg/marshal.go +++ b/ecc/bw6-633/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bw6-633" "io" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bw6-633/kzg/mpcsetup.go b/ecc/bw6-633/kzg/mpcsetup.go index 2fdc65557..d3d92f828 100644 --- a/ecc/bw6-633/kzg/mpcsetup.go +++ b/ecc/bw6-633/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/ecc/bw6-633/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bw6-633/mpcsetup/mpcsetup.go b/ecc/bw6-633/mpcsetup/mpcsetup.go index 408f029ac..37fc08348 100644 --- a/ecc/bw6-633/mpcsetup/mpcsetup.go +++ b/ecc/bw6-633/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bw6-633/mpcsetup/mpcsetup_test.go b/ecc/bw6-633/mpcsetup/mpcsetup_test.go index 75b0de41d..eb306ba9f 100644 --- a/ecc/bw6-633/mpcsetup/mpcsetup_test.go +++ b/ecc/bw6-633/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bw6-633/multiexp.go b/ecc/bw6-633/multiexp.go index 744b983cc..95fe757de 100644 --- a/ecc/bw6-633/multiexp.go +++ b/ecc/bw6-633/multiexp.go @@ -7,11 +7,12 @@ package bw6633 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bw6-633/shplonk/marshal.go b/ecc/bw6-633/shplonk/marshal.go index 04964c4a2..24fe40c24 100644 --- a/ecc/bw6-633/shplonk/marshal.go +++ b/ecc/bw6-633/shplonk/marshal.go @@ -8,7 +8,7 @@ package shplonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" ) func (proof *OpeningProof) ReadFrom(r io.Reader) (int64, error) { diff --git a/ecc/bw6-633/shplonk/shplonk.go b/ecc/bw6-633/shplonk/shplonk.go index db15afaf8..71e72a337 100644 --- a/ecc/bw6-633/shplonk/shplonk.go +++ b/ecc/bw6-633/shplonk/shplonk.go @@ -11,7 +11,7 @@ import ( "math/big" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/ecc/bw6-633/kzg" fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" diff --git a/ecc/bw6-633/shplonk/shplonk_test.go b/ecc/bw6-633/shplonk/shplonk_test.go index 15ecc5020..acf1b19b7 100644 --- a/ecc/bw6-633/shplonk/shplonk_test.go +++ b/ecc/bw6-633/shplonk/shplonk_test.go @@ -12,7 +12,7 @@ import ( "testing" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bw6-633" + bw6633 "github.com/consensys/gnark-crypto/ecc/bw6-633" "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" "github.com/consensys/gnark-crypto/ecc/bw6-633/kzg" "github.com/consensys/gnark-crypto/utils/testutils" diff --git a/ecc/bw6-633/twistededwards/eddsa/marshal.go b/ecc/bw6-633/twistededwards/eddsa/marshal.go index bc182446f..a8179ac64 100644 --- a/ecc/bw6-633/twistededwards/eddsa/marshal.go +++ b/ecc/bw6-633/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" - "github.com/consensys/gnark-crypto/ecc/bw6-633/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bw6-633/fr" + "github.com/consensys/gnark-crypto/ecc/bw6-633/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/bw6-761/ecdsa/ecdsa.go b/ecc/bw6-761/ecdsa/ecdsa.go index 204cfe742..16ce8cab3 100644 --- a/ecc/bw6-761/ecdsa/ecdsa.go +++ b/ecc/bw6-761/ecdsa/ecdsa.go @@ -15,7 +15,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/bw6-761/ecdsa/ecdsa_test.go b/ecc/bw6-761/ecdsa/ecdsa_test.go index fc7b4508c..1fc6e09c7 100644 --- a/ecc/bw6-761/ecdsa/ecdsa_test.go +++ b/ecc/bw6-761/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bw6-761/ecdsa/marshal.go b/ecc/bw6-761/ecdsa/marshal.go index ba89271b2..259e649a3 100644 --- a/ecc/bw6-761/ecdsa/marshal.go +++ b/ecc/bw6-761/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/bw6-761/fflonk/marshal.go b/ecc/bw6-761/fflonk/marshal.go index 896b85201..677a2d341 100644 --- a/ecc/bw6-761/fflonk/marshal.go +++ b/ecc/bw6-761/fflonk/marshal.go @@ -8,7 +8,7 @@ package fflonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" ) // ReadFrom decodes OpeningProof data from reader. diff --git a/ecc/bw6-761/fp/vector_test.go b/ecc/bw6-761/fp/vector_test.go index 812a4dbd9..5cf1e4891 100644 --- a/ecc/bw6-761/fp/vector_test.go +++ b/ecc/bw6-761/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bw6-761/fr/fft/fft.go b/ecc/bw6-761/fr/fft/fft.go index fe178218b..48ec20f1f 100644 --- a/ecc/bw6-761/fr/fft/fft.go +++ b/ecc/bw6-761/fr/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" ) diff --git a/ecc/bw6-761/fr/iop/expressions.go b/ecc/bw6-761/fr/iop/expressions.go index 5aa08577e..0e14d4a9d 100644 --- a/ecc/bw6-761/fr/iop/expressions.go +++ b/ecc/bw6-761/fr/iop/expressions.go @@ -7,9 +7,10 @@ package iop import ( "errors" + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/bits" ) // Expression represents a multivariate polynomial. diff --git a/ecc/bw6-761/fr/pedersen/pedersen.go b/ecc/bw6-761/fr/pedersen/pedersen.go index 50918d61e..dfc704ee7 100644 --- a/ecc/bw6-761/fr/pedersen/pedersen.go +++ b/ecc/bw6-761/fr/pedersen/pedersen.go @@ -8,11 +8,12 @@ package pedersen import ( "crypto/rand" "errors" + "io" + "math/big" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" - "io" - "math/big" ) // ProvingKey for committing and proofs of knowledge diff --git a/ecc/bw6-761/fr/permutation/permutation.go b/ecc/bw6-761/fr/permutation/permutation.go index 6ad794407..27ba1502d 100644 --- a/ecc/bw6-761/fr/permutation/permutation.go +++ b/ecc/bw6-761/fr/permutation/permutation.go @@ -11,7 +11,7 @@ import ( "math/big" "math/bits" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr/fft" "github.com/consensys/gnark-crypto/ecc/bw6-761/kzg" diff --git a/ecc/bw6-761/fr/polynomial/multilin.go b/ecc/bw6-761/fr/polynomial/multilin.go index b1fc60e88..b95fe3c37 100644 --- a/ecc/bw6-761/fr/polynomial/multilin.go +++ b/ecc/bw6-761/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/bw6-761/fr/polynomial/multilin_test.go b/ecc/bw6-761/fr/polynomial/multilin_test.go index 2c802e063..0b5ddb1df 100644 --- a/ecc/bw6-761/fr/polynomial/multilin_test.go +++ b/ecc/bw6-761/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/bw6-761/fr/polynomial/polynomial.go b/ecc/bw6-761/fr/polynomial/polynomial.go index f5162f531..70f8077f8 100644 --- a/ecc/bw6-761/fr/polynomial/polynomial.go +++ b/ecc/bw6-761/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/bw6-761/fr/polynomial/polynomial_test.go b/ecc/bw6-761/fr/polynomial/polynomial_test.go index 5ff7251f5..413f2bb28 100644 --- a/ecc/bw6-761/fr/polynomial/polynomial_test.go +++ b/ecc/bw6-761/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/bw6-761/fr/polynomial/pool.go b/ecc/bw6-761/fr/polynomial/pool.go index f0385da89..5a5d8abff 100644 --- a/ecc/bw6-761/fr/polynomial/pool.go +++ b/ecc/bw6-761/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" ) // Memory management for polynomials diff --git a/ecc/bw6-761/fr/poseidon2/hash.go b/ecc/bw6-761/fr/poseidon2/hash.go index 68fe533e3..da5d124ca 100644 --- a/ecc/bw6-761/fr/poseidon2/hash.go +++ b/ecc/bw6-761/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/bw6-761/fr/vector_test.go b/ecc/bw6-761/fr/vector_test.go index 87df419d3..3cc1f5cac 100644 --- a/ecc/bw6-761/fr/vector_test.go +++ b/ecc/bw6-761/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/bw6-761/g1.go b/ecc/bw6-761/g1.go index 97be7a7a6..664d73751 100644 --- a/ecc/bw6-761/g1.go +++ b/ecc/bw6-761/g1.go @@ -7,13 +7,14 @@ package bw6761 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/bw6-761/g2.go b/ecc/bw6-761/g2.go index ce4f3a249..8ab7c3536 100644 --- a/ecc/bw6-761/g2.go +++ b/ecc/bw6-761/g2.go @@ -7,13 +7,14 @@ package bw6761 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G2Affine is a point in affine coordinates (x,y) diff --git a/ecc/bw6-761/hash_to_curve/g1_test.go b/ecc/bw6-761/hash_to_curve/g1_test.go index cbbd8a7e7..bb1fc8234 100644 --- a/ecc/bw6-761/hash_to_curve/g1_test.go +++ b/ecc/bw6-761/hash_to_curve/g1_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) // GenFp generates an Fp element diff --git a/ecc/bw6-761/hash_to_curve/g2_test.go b/ecc/bw6-761/hash_to_curve/g2_test.go index 742283913..bbaebfb86 100644 --- a/ecc/bw6-761/hash_to_curve/g2_test.go +++ b/ecc/bw6-761/hash_to_curve/g2_test.go @@ -6,10 +6,11 @@ package hash_to_curve import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "testing" ) func TestG2SqrtRatio(t *testing.T) { diff --git a/ecc/bw6-761/hash_to_g1_test.go b/ecc/bw6-761/hash_to_g1_test.go index 83356db32..5709a9d9d 100644 --- a/ecc/bw6-761/hash_to_g1_test.go +++ b/ecc/bw6-761/hash_to_g1_test.go @@ -8,11 +8,12 @@ package bw6761 import ( "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/bw6-761/hash_to_g2_test.go b/ecc/bw6-761/hash_to_g2_test.go index 838a0c171..e09f814aa 100644 --- a/ecc/bw6-761/hash_to_g2_test.go +++ b/ecc/bw6-761/hash_to_g2_test.go @@ -8,11 +8,12 @@ package bw6761 import ( "github.com/consensys/gnark-crypto/ecc/bw6-761/fp" + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/bw6-761/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG2(t *testing.T) { diff --git a/ecc/bw6-761/kzg/kzg.go b/ecc/bw6-761/kzg/kzg.go index cb986386a..df21e240d 100644 --- a/ecc/bw6-761/kzg/kzg.go +++ b/ecc/bw6-761/kzg/kzg.go @@ -12,9 +12,9 @@ import ( "sync" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" - "github.com/consensys/gnark-crypto/fiat-shamir" + fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" "github.com/consensys/gnark-crypto/internal/parallel" ) diff --git a/ecc/bw6-761/kzg/kzg_test.go b/ecc/bw6-761/kzg/kzg_test.go index 804b9793c..ad49321a4 100644 --- a/ecc/bw6-761/kzg/kzg_test.go +++ b/ecc/bw6-761/kzg/kzg_test.go @@ -8,13 +8,14 @@ package kzg import ( "bytes" "crypto/sha256" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" "math/big" "slices" "sync" "testing" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" diff --git a/ecc/bw6-761/kzg/marshal.go b/ecc/bw6-761/kzg/marshal.go index 54ab8473c..66c5c6da4 100644 --- a/ecc/bw6-761/kzg/marshal.go +++ b/ecc/bw6-761/kzg/marshal.go @@ -6,9 +6,10 @@ package kzg import ( - "github.com/consensys/gnark-crypto/ecc/bw6-761" "io" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" + "github.com/consensys/gnark-crypto/utils/unsafe" ) diff --git a/ecc/bw6-761/kzg/mpcsetup.go b/ecc/bw6-761/kzg/mpcsetup.go index f85644f4c..843524d1f 100644 --- a/ecc/bw6-761/kzg/mpcsetup.go +++ b/ecc/bw6-761/kzg/mpcsetup.go @@ -11,12 +11,13 @@ import ( "encoding/binary" "errors" "fmt" + "io" + "math/big" + curve "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/ecc/bw6-761/mpcsetup" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" ) type MpcSetup struct { diff --git a/ecc/bw6-761/mpcsetup/mpcsetup.go b/ecc/bw6-761/mpcsetup/mpcsetup.go index 0222cdcd3..443be7341 100644 --- a/ecc/bw6-761/mpcsetup/mpcsetup.go +++ b/ecc/bw6-761/mpcsetup/mpcsetup.go @@ -9,13 +9,14 @@ import ( "bytes" "errors" "fmt" + "io" + "math/big" + "runtime" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/utils" - "io" - "math/big" - "runtime" ) // Generate R∈𝔾₂ as Hash(gˢ, challenge, dst) diff --git a/ecc/bw6-761/mpcsetup/mpcsetup_test.go b/ecc/bw6-761/mpcsetup/mpcsetup_test.go index f90e1ca07..a1bba840f 100644 --- a/ecc/bw6-761/mpcsetup/mpcsetup_test.go +++ b/ecc/bw6-761/mpcsetup/mpcsetup_test.go @@ -7,12 +7,13 @@ package mpcsetup import ( "bytes" + "slices" + "testing" + "github.com/consensys/gnark-crypto/ecc" curve "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/stretchr/testify/require" - "slices" - "testing" ) func TestContributionPok(t *testing.T) { diff --git a/ecc/bw6-761/multiexp.go b/ecc/bw6-761/multiexp.go index a1b9bcec2..2f63ded31 100644 --- a/ecc/bw6-761/multiexp.go +++ b/ecc/bw6-761/multiexp.go @@ -7,11 +7,12 @@ package bw6761 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/bw6-761/shplonk/marshal.go b/ecc/bw6-761/shplonk/marshal.go index c3ab5ad68..916ed7bae 100644 --- a/ecc/bw6-761/shplonk/marshal.go +++ b/ecc/bw6-761/shplonk/marshal.go @@ -8,7 +8,7 @@ package shplonk import ( "io" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" ) func (proof *OpeningProof) ReadFrom(r io.Reader) (int64, error) { diff --git a/ecc/bw6-761/shplonk/shplonk.go b/ecc/bw6-761/shplonk/shplonk.go index 33b82305b..9d5193bc1 100644 --- a/ecc/bw6-761/shplonk/shplonk.go +++ b/ecc/bw6-761/shplonk/shplonk.go @@ -11,7 +11,7 @@ import ( "math/big" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/ecc/bw6-761/kzg" fiatshamir "github.com/consensys/gnark-crypto/fiat-shamir" diff --git a/ecc/bw6-761/shplonk/shplonk_test.go b/ecc/bw6-761/shplonk/shplonk_test.go index d31b78e11..4f6077bde 100644 --- a/ecc/bw6-761/shplonk/shplonk_test.go +++ b/ecc/bw6-761/shplonk/shplonk_test.go @@ -12,7 +12,7 @@ import ( "testing" "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/ecc/bw6-761" + bw6761 "github.com/consensys/gnark-crypto/ecc/bw6-761" "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" "github.com/consensys/gnark-crypto/ecc/bw6-761/kzg" "github.com/consensys/gnark-crypto/utils/testutils" diff --git a/ecc/bw6-761/twistededwards/eddsa/marshal.go b/ecc/bw6-761/twistededwards/eddsa/marshal.go index 7d8259083..2d70a27d5 100644 --- a/ecc/bw6-761/twistededwards/eddsa/marshal.go +++ b/ecc/bw6-761/twistededwards/eddsa/marshal.go @@ -8,10 +8,11 @@ package eddsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" - "github.com/consensys/gnark-crypto/ecc/bw6-761/twistededwards" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/bw6-761/fr" + "github.com/consensys/gnark-crypto/ecc/bw6-761/twistededwards" ) // cf point.go (ugly copy) diff --git a/ecc/grumpkin/ecdsa/ecdsa_test.go b/ecc/grumpkin/ecdsa/ecdsa_test.go index c7660b478..7d33068b4 100644 --- a/ecc/grumpkin/ecdsa/ecdsa_test.go +++ b/ecc/grumpkin/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/grumpkin/ecdsa/marshal.go b/ecc/grumpkin/ecdsa/marshal.go index fabbc8a28..3f4167bb7 100644 --- a/ecc/grumpkin/ecdsa/marshal.go +++ b/ecc/grumpkin/ecdsa/marshal.go @@ -8,9 +8,10 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "io" "math/big" + + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/grumpkin/fp/vector_test.go b/ecc/grumpkin/fp/vector_test.go index d57fe2a0a..445d2cc52 100644 --- a/ecc/grumpkin/fp/vector_test.go +++ b/ecc/grumpkin/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/grumpkin/fr/polynomial/multilin.go b/ecc/grumpkin/fr/polynomial/multilin.go index 70bd7fc22..c73d5fbf2 100644 --- a/ecc/grumpkin/fr/polynomial/multilin.go +++ b/ecc/grumpkin/fr/polynomial/multilin.go @@ -6,9 +6,10 @@ package polynomial import ( + "math/bits" + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "github.com/consensys/gnark-crypto/utils" - "math/bits" ) // MultiLin tracks the values of a (dense i.e. not sparse) multilinear polynomial diff --git a/ecc/grumpkin/fr/polynomial/multilin_test.go b/ecc/grumpkin/fr/polynomial/multilin_test.go index 0f1a68d69..278be1e82 100644 --- a/ecc/grumpkin/fr/polynomial/multilin_test.go +++ b/ecc/grumpkin/fr/polynomial/multilin_test.go @@ -6,9 +6,10 @@ package polynomial import ( + "testing" + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "github.com/stretchr/testify/assert" - "testing" ) // TODO: Property based tests? diff --git a/ecc/grumpkin/fr/polynomial/polynomial.go b/ecc/grumpkin/fr/polynomial/polynomial.go index 52183633d..883a45618 100644 --- a/ecc/grumpkin/fr/polynomial/polynomial.go +++ b/ecc/grumpkin/fr/polynomial/polynomial.go @@ -6,11 +6,12 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" - "github.com/consensys/gnark-crypto/utils" "strconv" "strings" "sync" + + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" + "github.com/consensys/gnark-crypto/utils" ) // Polynomial represented by coefficients in the field. diff --git a/ecc/grumpkin/fr/polynomial/polynomial_test.go b/ecc/grumpkin/fr/polynomial/polynomial_test.go index 730292c3b..f79da1b61 100644 --- a/ecc/grumpkin/fr/polynomial/polynomial_test.go +++ b/ecc/grumpkin/fr/polynomial/polynomial_test.go @@ -6,13 +6,14 @@ package polynomial import ( + "math/big" + "testing" + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "github.com/leanovate/gopter" "github.com/leanovate/gopter/gen" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/assert" - "math/big" - "testing" ) func TestPolynomialEval(t *testing.T) { diff --git a/ecc/grumpkin/fr/polynomial/pool.go b/ecc/grumpkin/fr/polynomial/pool.go index 4cf6e6ec0..f45c11ea7 100644 --- a/ecc/grumpkin/fr/polynomial/pool.go +++ b/ecc/grumpkin/fr/polynomial/pool.go @@ -8,11 +8,12 @@ package polynomial import ( "encoding/json" "fmt" - "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "runtime" "sort" "sync" "unsafe" + + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" ) // Memory management for polynomials diff --git a/ecc/grumpkin/fr/poseidon2/hash.go b/ecc/grumpkin/fr/poseidon2/hash.go index 7619c16f0..5cf8077e7 100644 --- a/ecc/grumpkin/fr/poseidon2/hash.go +++ b/ecc/grumpkin/fr/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/ecc/grumpkin/fr/vector_test.go b/ecc/grumpkin/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/grumpkin/fr/vector_test.go +++ b/ecc/grumpkin/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/grumpkin/g1.go b/ecc/grumpkin/g1.go index bf8071674..29b983774 100644 --- a/ecc/grumpkin/g1.go +++ b/ecc/grumpkin/g1.go @@ -7,13 +7,14 @@ package grumpkin import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/grumpkin/fp" "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/grumpkin/hash_to_g1_test.go b/ecc/grumpkin/hash_to_g1_test.go index 61f563b11..df5d22169 100644 --- a/ecc/grumpkin/hash_to_g1_test.go +++ b/ecc/grumpkin/hash_to_g1_test.go @@ -8,10 +8,11 @@ package grumpkin import ( "github.com/consensys/gnark-crypto/ecc/grumpkin/fp" - "github.com/leanovate/gopter" - "github.com/leanovate/gopter/prop" "math/rand" "testing" + + "github.com/leanovate/gopter" + "github.com/leanovate/gopter/prop" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/grumpkin/multiexp.go b/ecc/grumpkin/multiexp.go index 68c0b9825..9ddb0555d 100644 --- a/ecc/grumpkin/multiexp.go +++ b/ecc/grumpkin/multiexp.go @@ -7,11 +7,12 @@ package grumpkin import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/grumpkin/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/secp256k1/ecdsa/ecdsa_test.go b/ecc/secp256k1/ecdsa/ecdsa_test.go index 15d6336f8..173309835 100644 --- a/ecc/secp256k1/ecdsa/ecdsa_test.go +++ b/ecc/secp256k1/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/secp256k1/ecdsa/marshal.go b/ecc/secp256k1/ecdsa/marshal.go index 49791fc5f..6dce7e4e8 100644 --- a/ecc/secp256k1/ecdsa/marshal.go +++ b/ecc/secp256k1/ecdsa/marshal.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" "io" "math/big" + "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" + "github.com/consensys/gnark-crypto/ecc/secp256k1" ) diff --git a/ecc/secp256k1/fp/vector_test.go b/ecc/secp256k1/fp/vector_test.go index d57fe2a0a..445d2cc52 100644 --- a/ecc/secp256k1/fp/vector_test.go +++ b/ecc/secp256k1/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/secp256k1/fr/vector_test.go b/ecc/secp256k1/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/secp256k1/fr/vector_test.go +++ b/ecc/secp256k1/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/secp256k1/g1.go b/ecc/secp256k1/g1.go index 691185bb4..5d09fc3f7 100644 --- a/ecc/secp256k1/g1.go +++ b/ecc/secp256k1/g1.go @@ -7,13 +7,14 @@ package secp256k1 import ( "crypto/rand" + "math/big" + "runtime" + "sync/atomic" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/secp256k1/fp" "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math/big" - "runtime" - "sync/atomic" ) // G1Affine is a point in affine coordinates (x,y) diff --git a/ecc/secp256k1/hash_to_g1_test.go b/ecc/secp256k1/hash_to_g1_test.go index e4426b2e5..d77b70ffb 100644 --- a/ecc/secp256k1/hash_to_g1_test.go +++ b/ecc/secp256k1/hash_to_g1_test.go @@ -6,11 +6,12 @@ package secp256k1 import ( + "math/rand" + "testing" + "github.com/consensys/gnark-crypto/ecc/secp256k1/fp" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" - "math/rand" - "testing" ) func TestHashToFpG1(t *testing.T) { diff --git a/ecc/secp256k1/multiexp.go b/ecc/secp256k1/multiexp.go index 38ddd80e0..edaa0db11 100644 --- a/ecc/secp256k1/multiexp.go +++ b/ecc/secp256k1/multiexp.go @@ -7,11 +7,12 @@ package secp256k1 import ( "errors" + "math" + "runtime" + "github.com/consensys/gnark-crypto/ecc" "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" "github.com/consensys/gnark-crypto/internal/parallel" - "math" - "runtime" ) // MultiExp implements section 4 of https://eprint.iacr.org/2012/549.pdf diff --git a/ecc/stark-curve/ecdsa/ecdsa.go b/ecc/stark-curve/ecdsa/ecdsa.go index 645ecb479..878094215 100644 --- a/ecc/stark-curve/ecdsa/ecdsa.go +++ b/ecc/stark-curve/ecdsa/ecdsa.go @@ -16,7 +16,7 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/stark-curve" + starkcurve "github.com/consensys/gnark-crypto/ecc/stark-curve" "github.com/consensys/gnark-crypto/ecc/stark-curve/fp" "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" "github.com/consensys/gnark-crypto/signature" diff --git a/ecc/stark-curve/ecdsa/ecdsa_test.go b/ecc/stark-curve/ecdsa/ecdsa_test.go index d9809f210..23ec481df 100644 --- a/ecc/stark-curve/ecdsa/ecdsa_test.go +++ b/ecc/stark-curve/ecdsa/ecdsa_test.go @@ -8,10 +8,11 @@ package ecdsa import ( "crypto/rand" "crypto/sha256" - "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" "math/big" "testing" + "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/stark-curve/ecdsa/marshal.go b/ecc/stark-curve/ecdsa/marshal.go index c82c8b344..6b33cd40f 100644 --- a/ecc/stark-curve/ecdsa/marshal.go +++ b/ecc/stark-curve/ecdsa/marshal.go @@ -8,11 +8,11 @@ package ecdsa import ( "crypto/subtle" "errors" - "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/stark-curve" + starkcurve "github.com/consensys/gnark-crypto/ecc/stark-curve" + "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" ) var errWrongSize = errors.New("wrong size buffer") diff --git a/ecc/stark-curve/fp/vector_test.go b/ecc/stark-curve/fp/vector_test.go index d57fe2a0a..445d2cc52 100644 --- a/ecc/stark-curve/fp/vector_test.go +++ b/ecc/stark-curve/fp/vector_test.go @@ -8,12 +8,13 @@ package fp import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/ecc/stark-curve/fr/vector_test.go b/ecc/stark-curve/fr/vector_test.go index 1deb81e8c..0b71d8001 100644 --- a/ecc/stark-curve/fr/vector_test.go +++ b/ecc/stark-curve/fr/vector_test.go @@ -8,12 +8,13 @@ package fr import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/field/babybear/fft/fft.go b/field/babybear/fft/fft.go index 8a7abb50d..cd11ab31c 100644 --- a/field/babybear/fft/fft.go +++ b/field/babybear/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/field/babybear" ) diff --git a/field/babybear/fft/fft_test.go b/field/babybear/fft/fft_test.go index c6724d4b9..e8e2179d8 100644 --- a/field/babybear/fft/fft_test.go +++ b/field/babybear/fft/fft_test.go @@ -18,8 +18,9 @@ import ( "encoding/binary" "fmt" - "github.com/stretchr/testify/require" "math/rand/v2" + + "github.com/stretchr/testify/require" ) func TestFFT(t *testing.T) { diff --git a/field/babybear/fft/fftext_test.go b/field/babybear/fft/fftext_test.go index 51a70e5f5..ef5f2b96f 100644 --- a/field/babybear/fft/fftext_test.go +++ b/field/babybear/fft/fftext_test.go @@ -19,8 +19,9 @@ import ( "encoding/binary" "fmt" - "github.com/stretchr/testify/require" "math/rand/v2" + + "github.com/stretchr/testify/require" ) func TestFFTExt(t *testing.T) { diff --git a/field/babybear/poseidon2/hash.go b/field/babybear/poseidon2/hash.go index 20ccdf112..cf37f0c12 100644 --- a/field/babybear/poseidon2/hash.go +++ b/field/babybear/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - fr "github.com/consensys/gnark-crypto/field/babybear" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + fr "github.com/consensys/gnark-crypto/field/babybear" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/field/babybear/sis/sis_test.go b/field/babybear/sis/sis_test.go index 71121a7f6..6488425e6 100644 --- a/field/babybear/sis/sis_test.go +++ b/field/babybear/sis/sis_test.go @@ -14,10 +14,11 @@ import ( "testing" "encoding/binary" + "math/rand/v2" + "github.com/consensys/gnark-crypto/field/babybear" "github.com/consensys/gnark-crypto/field/babybear/fft" "github.com/stretchr/testify/require" - "math/rand/v2" ) type sisParams struct { diff --git a/field/babybear/vector_test.go b/field/babybear/vector_test.go index 09927f160..5167bc47f 100644 --- a/field/babybear/vector_test.go +++ b/field/babybear/vector_test.go @@ -8,12 +8,13 @@ package babybear import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/field/goldilocks/fft/fft.go b/field/goldilocks/fft/fft.go index 0a5c6d387..6e615f6e1 100644 --- a/field/goldilocks/fft/fft.go +++ b/field/goldilocks/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/field/goldilocks" ) diff --git a/field/goldilocks/poseidon2/hash.go b/field/goldilocks/poseidon2/hash.go index 508fc62da..3c4b7456a 100644 --- a/field/goldilocks/poseidon2/hash.go +++ b/field/goldilocks/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - fr "github.com/consensys/gnark-crypto/field/goldilocks" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + fr "github.com/consensys/gnark-crypto/field/goldilocks" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/field/goldilocks/vector_test.go b/field/goldilocks/vector_test.go index fb4e3a2b6..afd2bd82d 100644 --- a/field/goldilocks/vector_test.go +++ b/field/goldilocks/vector_test.go @@ -8,12 +8,13 @@ package goldilocks import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/field/koalabear/fft/fft.go b/field/koalabear/fft/fft.go index b5c4fdef5..809a61de5 100644 --- a/field/koalabear/fft/fft.go +++ b/field/koalabear/fft/fft.go @@ -6,11 +6,12 @@ package fft import ( - "github.com/consensys/gnark-crypto/ecc" - "github.com/consensys/gnark-crypto/internal/parallel" "math/big" "math/bits" + "github.com/consensys/gnark-crypto/ecc" + "github.com/consensys/gnark-crypto/internal/parallel" + "github.com/consensys/gnark-crypto/field/koalabear" ) diff --git a/field/koalabear/fft/fft_test.go b/field/koalabear/fft/fft_test.go index eb99fb8c3..5e1655835 100644 --- a/field/koalabear/fft/fft_test.go +++ b/field/koalabear/fft/fft_test.go @@ -18,8 +18,9 @@ import ( "encoding/binary" "fmt" - "github.com/stretchr/testify/require" "math/rand/v2" + + "github.com/stretchr/testify/require" ) func TestFFT(t *testing.T) { diff --git a/field/koalabear/fft/fftext_test.go b/field/koalabear/fft/fftext_test.go index 3bada0049..0dd59fa7d 100644 --- a/field/koalabear/fft/fftext_test.go +++ b/field/koalabear/fft/fftext_test.go @@ -19,8 +19,9 @@ import ( "encoding/binary" "fmt" - "github.com/stretchr/testify/require" "math/rand/v2" + + "github.com/stretchr/testify/require" ) func TestFFTExt(t *testing.T) { diff --git a/field/koalabear/poseidon2/hash.go b/field/koalabear/poseidon2/hash.go index 149040cf3..e37239348 100644 --- a/field/koalabear/poseidon2/hash.go +++ b/field/koalabear/poseidon2/hash.go @@ -6,10 +6,11 @@ package poseidon2 import ( - fr "github.com/consensys/gnark-crypto/field/koalabear" - gnarkHash "github.com/consensys/gnark-crypto/hash" "hash" "sync" + + fr "github.com/consensys/gnark-crypto/field/koalabear" + gnarkHash "github.com/consensys/gnark-crypto/hash" ) // NewMerkleDamgardHasher returns a Poseidon2 hasher using the Merkle-Damgard diff --git a/field/koalabear/sis/sis_test.go b/field/koalabear/sis/sis_test.go index b7d828bb2..49227e9b3 100644 --- a/field/koalabear/sis/sis_test.go +++ b/field/koalabear/sis/sis_test.go @@ -14,10 +14,11 @@ import ( "testing" "encoding/binary" + "math/rand/v2" + "github.com/consensys/gnark-crypto/field/koalabear" "github.com/consensys/gnark-crypto/field/koalabear/fft" "github.com/stretchr/testify/require" - "math/rand/v2" ) type sisParams struct { diff --git a/field/koalabear/vector_test.go b/field/koalabear/vector_test.go index 6df2a976e..8bde79607 100644 --- a/field/koalabear/vector_test.go +++ b/field/koalabear/vector_test.go @@ -8,12 +8,13 @@ package koalabear import ( "bytes" "fmt" - "github.com/stretchr/testify/require" "os" "reflect" "sort" "testing" + "github.com/stretchr/testify/require" + "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" ) diff --git a/internal/generator/hash_to_field/generate.go b/internal/generator/hash_to_field/generate.go index 5ba0e4f25..fc3854f50 100644 --- a/internal/generator/hash_to_field/generate.go +++ b/internal/generator/hash_to_field/generate.go @@ -1,9 +1,10 @@ package hash_to_field import ( - "github.com/consensys/gnark-crypto/field/generator/config" "path/filepath" + "github.com/consensys/gnark-crypto/field/generator/config" + "github.com/consensys/bavard" ) diff --git a/internal/generator/mpcsetup/generate.go b/internal/generator/mpcsetup/generate.go index 654ebb34e..49953c8b3 100644 --- a/internal/generator/mpcsetup/generate.go +++ b/internal/generator/mpcsetup/generate.go @@ -1,9 +1,10 @@ package mpcsetup import ( + "path/filepath" + "github.com/consensys/bavard" "github.com/consensys/gnark-crypto/internal/generator/config" - "path/filepath" ) func Generate(conf config.Curve, baseDir string, bgen *bavard.BatchGenerator) error { diff --git a/internal/generator/polynomial/generate.go b/internal/generator/polynomial/generate.go index 61421a017..5a9777674 100644 --- a/internal/generator/polynomial/generate.go +++ b/internal/generator/polynomial/generate.go @@ -1,9 +1,10 @@ package polynomial import ( - "github.com/consensys/gnark-crypto/field/generator/config" "path/filepath" + "github.com/consensys/gnark-crypto/field/generator/config" + "github.com/consensys/bavard" ) From 6e86902d15ccaa47267c89781e98d3049546c79e Mon Sep 17 00:00:00 2001 From: Tabaie Date: Thu, 23 Oct 2025 16:25:05 -0500 Subject: [PATCH 4/7] build: go generate --- ecc/bls12-377/fp/vector_test.go | 2 -- ecc/bls12-377/fr/vector_test.go | 2 -- ecc/bls12-381/fp/vector_test.go | 2 -- ecc/bls12-381/fr/vector_test.go | 2 -- ecc/bls24-315/fp/vector_test.go | 2 -- ecc/bls24-315/fr/vector_test.go | 2 -- ecc/bls24-317/fp/vector_test.go | 2 -- ecc/bls24-317/fr/vector_test.go | 2 -- ecc/bn254/ecdsa/marshal.go | 2 -- ecc/bn254/fp/vector_test.go | 2 -- ecc/bn254/fr/vector_test.go | 2 -- ecc/bw6-633/fp/vector_test.go | 2 -- ecc/bw6-633/fr/vector_test.go | 2 -- ecc/bw6-761/fp/vector_test.go | 2 -- ecc/bw6-761/fr/vector_test.go | 2 -- ecc/grumpkin/fp/vector_test.go | 2 -- ecc/grumpkin/fr/vector_test.go | 2 -- ecc/secp256k1/ecdsa/marshal.go | 2 -- ecc/secp256k1/fp/vector_test.go | 2 -- ecc/secp256k1/fr/vector_test.go | 2 -- ecc/stark-curve/fp/vector_test.go | 2 -- ecc/stark-curve/fr/vector_test.go | 2 -- field/babybear/vector_test.go | 2 -- field/goldilocks/vector_test.go | 2 -- field/koalabear/vector_test.go | 2 -- 25 files changed, 50 deletions(-) diff --git a/ecc/bls12-377/fp/vector_test.go b/ecc/bls12-377/fp/vector_test.go index 16eddaa6c..5110adb36 100644 --- a/ecc/bls12-377/fp/vector_test.go +++ b/ecc/bls12-377/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls12-377/fr/vector_test.go b/ecc/bls12-377/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/bls12-377/fr/vector_test.go +++ b/ecc/bls12-377/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls12-381/fp/vector_test.go b/ecc/bls12-381/fp/vector_test.go index 16eddaa6c..5110adb36 100644 --- a/ecc/bls12-381/fp/vector_test.go +++ b/ecc/bls12-381/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls12-381/fr/vector_test.go b/ecc/bls12-381/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/bls12-381/fr/vector_test.go +++ b/ecc/bls12-381/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls24-315/fp/vector_test.go b/ecc/bls24-315/fp/vector_test.go index 593e665c6..f966c4d7d 100644 --- a/ecc/bls24-315/fp/vector_test.go +++ b/ecc/bls24-315/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls24-315/fr/vector_test.go b/ecc/bls24-315/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/bls24-315/fr/vector_test.go +++ b/ecc/bls24-315/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls24-317/fp/vector_test.go b/ecc/bls24-317/fp/vector_test.go index 593e665c6..f966c4d7d 100644 --- a/ecc/bls24-317/fp/vector_test.go +++ b/ecc/bls24-317/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bls24-317/fr/vector_test.go b/ecc/bls24-317/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/bls24-317/fr/vector_test.go +++ b/ecc/bls24-317/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bn254/ecdsa/marshal.go b/ecc/bn254/ecdsa/marshal.go index 50cdb6564..a86a91bb0 100644 --- a/ecc/bn254/ecdsa/marshal.go +++ b/ecc/bn254/ecdsa/marshal.go @@ -11,8 +11,6 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/bn254/fr" - "github.com/consensys/gnark-crypto/ecc/bn254" "github.com/consensys/gnark-crypto/ecc/bn254/fr" ) diff --git a/ecc/bn254/fp/vector_test.go b/ecc/bn254/fp/vector_test.go index 0f972bc4e..4fa7f77d1 100644 --- a/ecc/bn254/fp/vector_test.go +++ b/ecc/bn254/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bn254/fr/vector_test.go b/ecc/bn254/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/bn254/fr/vector_test.go +++ b/ecc/bn254/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bw6-633/fp/vector_test.go b/ecc/bw6-633/fp/vector_test.go index f8b96e4a5..5999bba43 100644 --- a/ecc/bw6-633/fp/vector_test.go +++ b/ecc/bw6-633/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bw6-633/fr/vector_test.go b/ecc/bw6-633/fr/vector_test.go index 81c5cad16..33da6ec7d 100644 --- a/ecc/bw6-633/fr/vector_test.go +++ b/ecc/bw6-633/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bw6-761/fp/vector_test.go b/ecc/bw6-761/fp/vector_test.go index 93142178a..6b4994e84 100644 --- a/ecc/bw6-761/fp/vector_test.go +++ b/ecc/bw6-761/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/bw6-761/fr/vector_test.go b/ecc/bw6-761/fr/vector_test.go index f2adcb802..f0eea9efb 100644 --- a/ecc/bw6-761/fr/vector_test.go +++ b/ecc/bw6-761/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/grumpkin/fp/vector_test.go b/ecc/grumpkin/fp/vector_test.go index 0f972bc4e..4fa7f77d1 100644 --- a/ecc/grumpkin/fp/vector_test.go +++ b/ecc/grumpkin/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/grumpkin/fr/vector_test.go b/ecc/grumpkin/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/grumpkin/fr/vector_test.go +++ b/ecc/grumpkin/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/secp256k1/ecdsa/marshal.go b/ecc/secp256k1/ecdsa/marshal.go index e39c45231..71cd97cd5 100644 --- a/ecc/secp256k1/ecdsa/marshal.go +++ b/ecc/secp256k1/ecdsa/marshal.go @@ -11,8 +11,6 @@ import ( "io" "math/big" - "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" - "github.com/consensys/gnark-crypto/ecc/secp256k1" "github.com/consensys/gnark-crypto/ecc/secp256k1/fr" ) diff --git a/ecc/secp256k1/fp/vector_test.go b/ecc/secp256k1/fp/vector_test.go index 0f972bc4e..4fa7f77d1 100644 --- a/ecc/secp256k1/fp/vector_test.go +++ b/ecc/secp256k1/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/secp256k1/fr/vector_test.go b/ecc/secp256k1/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/secp256k1/fr/vector_test.go +++ b/ecc/secp256k1/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/stark-curve/fp/vector_test.go b/ecc/stark-curve/fp/vector_test.go index 0f972bc4e..4fa7f77d1 100644 --- a/ecc/stark-curve/fp/vector_test.go +++ b/ecc/stark-curve/fp/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/ecc/stark-curve/fr/vector_test.go b/ecc/stark-curve/fr/vector_test.go index b1803cfd8..8daad141c 100644 --- a/ecc/stark-curve/fr/vector_test.go +++ b/ecc/stark-curve/fr/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/field/babybear/vector_test.go b/field/babybear/vector_test.go index 85844adfb..c6ba504b8 100644 --- a/field/babybear/vector_test.go +++ b/field/babybear/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/field/goldilocks/vector_test.go b/field/goldilocks/vector_test.go index ebfdb9711..73f3102bc 100644 --- a/field/goldilocks/vector_test.go +++ b/field/goldilocks/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" diff --git a/field/koalabear/vector_test.go b/field/koalabear/vector_test.go index be12834e3..b295cd10d 100644 --- a/field/koalabear/vector_test.go +++ b/field/koalabear/vector_test.go @@ -13,8 +13,6 @@ import ( "sort" "testing" - "github.com/stretchr/testify/require" - "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" "github.com/stretchr/testify/require" From 619527ed82a02053203951f8857f483eeb56574e Mon Sep 17 00:00:00 2001 From: Tabaie Date: Thu, 23 Oct 2025 16:43:24 -0500 Subject: [PATCH 5/7] style: modernize a few loops --- ecc/bls12-377/g1.go | 8 +++++--- ecc/bls12-377/g2.go | 8 +++++--- ecc/bls12-381/g1.go | 8 +++++--- ecc/bls12-381/g2.go | 8 +++++--- ecc/bls24-315/g1.go | 8 +++++--- ecc/bls24-315/g2.go | 8 +++++--- ecc/bls24-317/g1.go | 8 +++++--- ecc/bls24-317/g2.go | 8 +++++--- ecc/bn254/g1.go | 8 +++++--- ecc/bn254/g2.go | 8 +++++--- ecc/bw6-633/g1.go | 8 +++++--- ecc/bw6-633/g2.go | 8 +++++--- ecc/bw6-761/g1.go | 8 +++++--- ecc/bw6-761/g2.go | 8 +++++--- ecc/grumpkin/g1.go | 8 +++++--- ecc/secp256k1/g1.go | 8 +++++--- internal/generator/ecc/template/point.go.tmpl | 8 +++++--- 17 files changed, 85 insertions(+), 51 deletions(-) diff --git a/ecc/bls12-377/g1.go b/ecc/bls12-377/g1.go index 3c9d05d69..39ccb7509 100644 --- a/ecc/bls12-377/g1.go +++ b/ecc/bls12-377/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls12-377/g2.go b/ecc/bls12-377/g2.go index 22322e9de..b58f23918 100644 --- a/ecc/bls12-377/g2.go +++ b/ecc/bls12-377/g2.go @@ -255,15 +255,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls12-381/g1.go b/ecc/bls12-381/g1.go index 2879cc911..4db5e0638 100644 --- a/ecc/bls12-381/g1.go +++ b/ecc/bls12-381/g1.go @@ -259,15 +259,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls12-381/g2.go b/ecc/bls12-381/g2.go index aceffd231..cade032dc 100644 --- a/ecc/bls12-381/g2.go +++ b/ecc/bls12-381/g2.go @@ -263,15 +263,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls24-315/g1.go b/ecc/bls24-315/g1.go index 888ad1f88..6f6495403 100644 --- a/ecc/bls24-315/g1.go +++ b/ecc/bls24-315/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls24-315/g2.go b/ecc/bls24-315/g2.go index 258d01796..0f7495779 100644 --- a/ecc/bls24-315/g2.go +++ b/ecc/bls24-315/g2.go @@ -255,15 +255,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls24-317/g1.go b/ecc/bls24-317/g1.go index adaeda99d..81e8d40b3 100644 --- a/ecc/bls24-317/g1.go +++ b/ecc/bls24-317/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bls24-317/g2.go b/ecc/bls24-317/g2.go index 6c59a6d23..823e4e59f 100644 --- a/ecc/bls24-317/g2.go +++ b/ecc/bls24-317/g2.go @@ -255,15 +255,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bn254/g1.go b/ecc/bn254/g1.go index 080674c89..930bf8603 100644 --- a/ecc/bn254/g1.go +++ b/ecc/bn254/g1.go @@ -248,15 +248,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bn254/g2.go b/ecc/bn254/g2.go index f50a6f8ac..8897af64a 100644 --- a/ecc/bn254/g2.go +++ b/ecc/bn254/g2.go @@ -268,15 +268,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bw6-633/g1.go b/ecc/bw6-633/g1.go index 00b6d52a3..19564726f 100644 --- a/ecc/bw6-633/g1.go +++ b/ecc/bw6-633/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bw6-633/g2.go b/ecc/bw6-633/g2.go index 8a0b65947..3885b29de 100644 --- a/ecc/bw6-633/g2.go +++ b/ecc/bw6-633/g2.go @@ -255,15 +255,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bw6-761/g1.go b/ecc/bw6-761/g1.go index 877ff9659..1700bca34 100644 --- a/ecc/bw6-761/g1.go +++ b/ecc/bw6-761/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/bw6-761/g2.go b/ecc/bw6-761/g2.go index 64bc5b899..b4fa9578d 100644 --- a/ecc/bw6-761/g2.go +++ b/ecc/bw6-761/g2.go @@ -255,15 +255,17 @@ func isInSubGroupBatchG2Prob(points []G2Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g2JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/grumpkin/g1.go b/ecc/grumpkin/g1.go index 5dce9d5f3..b738418e1 100644 --- a/ecc/grumpkin/g1.go +++ b/ecc/grumpkin/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/ecc/secp256k1/g1.go b/ecc/secp256k1/g1.go index 991b814d5..e1a17001e 100644 --- a/ecc/secp256k1/g1.go +++ b/ecc/secp256k1/g1.go @@ -250,15 +250,17 @@ func isInSubGroupBatchG1Prob(points []G1Affine) bool { var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum g1JacExtended - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { diff --git a/internal/generator/ecc/template/point.go.tmpl b/internal/generator/ecc/template/point.go.tmpl index e1989aba9..c599f7a76 100644 --- a/internal/generator/ecc/template/point.go.tmpl +++ b/internal/generator/ecc/template/point.go.tmpl @@ -335,15 +335,17 @@ func isInSubGroupBatch{{ toUpper .PointName}}Prob(points []{{ $TAffine }}) bool var br [windowSize / 8]byte // Check Sj are on E[r] - for i := start; i < end; i++ { + for range end - start { var sum {{ $TJacobianExtended }} - for j := 0; j < len(points); j++ { + for j := range points { pos := j % windowSize if pos == 0 { // re sample the random bytes every windowSize points // as per the doc: // Read fills b with cryptographically secure random bytes. It never returns an error, and always fills b entirely. - rand.Read(br[:]) + if _, err := rand.Read(br[:]); err != nil { + panic(err) + } } // check if the bit is set if br[pos/8]&(1<<(pos%8)) != 0 { From 424638957c2a22c80f7424cc72e236130f945320 Mon Sep 17 00:00:00 2001 From: Tabaie Date: Thu, 23 Oct 2025 16:46:49 -0500 Subject: [PATCH 6/7] style: modernize another loop --- ecc/bls12-377/g1_test.go | 6 +++--- ecc/bls12-377/g2_test.go | 6 +++--- ecc/bls12-381/g1_test.go | 6 +++--- ecc/bls12-381/g2_test.go | 6 +++--- ecc/bls24-315/g1_test.go | 6 +++--- ecc/bls24-315/g2_test.go | 6 +++--- ecc/bls24-317/g1_test.go | 6 +++--- ecc/bls24-317/g2_test.go | 6 +++--- ecc/bn254/g1_test.go | 6 +++--- ecc/bn254/g2_test.go | 6 +++--- ecc/bw6-633/g1_test.go | 6 +++--- ecc/bw6-633/g2_test.go | 6 +++--- ecc/bw6-761/g1_test.go | 6 +++--- ecc/bw6-761/g2_test.go | 6 +++--- ecc/grumpkin/g1_test.go | 6 +++--- ecc/secp256k1/g1_test.go | 6 +++--- internal/generator/ecc/template/tests/point.go.tmpl | 6 +++--- 17 files changed, 51 insertions(+), 51 deletions(-) diff --git a/ecc/bls12-377/g1_test.go b/ecc/bls12-377/g1_test.go index 4b32f396e..5e0e8add1 100644 --- a/ecc/bls12-377/g1_test.go +++ b/ecc/bls12-377/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bls12-377/g2_test.go b/ecc/bls12-377/g2_test.go index 21f955f35..1234ee341 100644 --- a/ecc/bls12-377/g2_test.go +++ b/ecc/bls12-377/g2_test.go @@ -158,9 +158,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/bls12-381/g1_test.go b/ecc/bls12-381/g1_test.go index ae93bde6c..92b66e68f 100644 --- a/ecc/bls12-381/g1_test.go +++ b/ecc/bls12-381/g1_test.go @@ -153,9 +153,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bls12-381/g2_test.go b/ecc/bls12-381/g2_test.go index 7b25a99d3..a17046a9d 100644 --- a/ecc/bls12-381/g2_test.go +++ b/ecc/bls12-381/g2_test.go @@ -167,9 +167,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/bls24-315/g1_test.go b/ecc/bls24-315/g1_test.go index d6e4e81d1..38376bb04 100644 --- a/ecc/bls24-315/g1_test.go +++ b/ecc/bls24-315/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bls24-315/g2_test.go b/ecc/bls24-315/g2_test.go index daf6b4d5c..19a5384e3 100644 --- a/ecc/bls24-315/g2_test.go +++ b/ecc/bls24-315/g2_test.go @@ -158,9 +158,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/bls24-317/g1_test.go b/ecc/bls24-317/g1_test.go index d7fb3735b..245f001a1 100644 --- a/ecc/bls24-317/g1_test.go +++ b/ecc/bls24-317/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bls24-317/g2_test.go b/ecc/bls24-317/g2_test.go index d971ccd00..e1972b591 100644 --- a/ecc/bls24-317/g2_test.go +++ b/ecc/bls24-317/g2_test.go @@ -158,9 +158,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/bn254/g1_test.go b/ecc/bn254/g1_test.go index 05a043c98..9dd9db062 100644 --- a/ecc/bn254/g1_test.go +++ b/ecc/bn254/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bn254/g2_test.go b/ecc/bn254/g2_test.go index d796a71e2..ab2e40379 100644 --- a/ecc/bn254/g2_test.go +++ b/ecc/bn254/g2_test.go @@ -164,9 +164,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/bw6-633/g1_test.go b/ecc/bw6-633/g1_test.go index 7074b618d..d9e8923f6 100644 --- a/ecc/bw6-633/g1_test.go +++ b/ecc/bw6-633/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bw6-633/g2_test.go b/ecc/bw6-633/g2_test.go index 99a77869a..b9e8e5b43 100644 --- a/ecc/bw6-633/g2_test.go +++ b/ecc/bw6-633/g2_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/bw6-761/g1_test.go b/ecc/bw6-761/g1_test.go index bbf80d8e5..53e520351 100644 --- a/ecc/bw6-761/g1_test.go +++ b/ecc/bw6-761/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/bw6-761/g2_test.go b/ecc/bw6-761/g2_test.go index 690d5abba..944ec3733 100644 --- a/ecc/bw6-761/g2_test.go +++ b/ecc/bw6-761/g2_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG2(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G2 diff --git a/ecc/grumpkin/g1_test.go b/ecc/grumpkin/g1_test.go index 68182a2c0..82231173e 100644 --- a/ecc/grumpkin/g1_test.go +++ b/ecc/grumpkin/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/ecc/secp256k1/g1_test.go b/ecc/secp256k1/g1_test.go index 40cf66477..312511fd0 100644 --- a/ecc/secp256k1/g1_test.go +++ b/ecc/secp256k1/g1_test.go @@ -144,9 +144,9 @@ func TestIsInSubGroupBatchG1(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in G1 diff --git a/internal/generator/ecc/template/tests/point.go.tmpl b/internal/generator/ecc/template/tests/point.go.tmpl index 18faa9b4f..db01da953 100644 --- a/internal/generator/ecc/template/tests/point.go.tmpl +++ b/internal/generator/ecc/template/tests/point.go.tmpl @@ -198,9 +198,9 @@ func TestIsInSubGroupBatch{{ toUpper .PointName}}(t *testing.T) { // mixer ensures that all the words of a frElement are set var sampleScalars [nbSamples]fr.Element - for i := 1; i <= nbSamples; i++ { - sampleScalars[i-1].SetUint64(uint64(i)). - Mul(&sampleScalars[i-1], &mixer) + for i := range uint64(nbSamples) { + sampleScalars[i].SetUint64(i+1). + Mul(&sampleScalars[i], &mixer) } // random points in {{ toUpper .PointName}} From fec8f67227309608e69ec7a6a06a7e9d478d5d84 Mon Sep 17 00:00:00 2001 From: Youssef El Housni Date: Fri, 24 Oct 2025 17:32:20 +0100 Subject: [PATCH 7/7] test(bls12-381, bls12-377, bn254): false negative batch subgroup check --- ecc/bls12-377/g1_test.go | 44 +++++++++++++++++++ ecc/bls12-377/g2_test.go | 43 ++++++++++++++++++ ecc/bls12-381/g1_test.go | 25 ++++++++++- ecc/bls12-381/g2_test.go | 25 ++++++++++- ecc/bn254/g2_test.go | 24 ++++++++++ .../ecc/template/tests/point.go.tmpl | 36 ++++++++++++--- 6 files changed, 190 insertions(+), 7 deletions(-) diff --git a/ecc/bls12-377/g1_test.go b/ecc/bls12-377/g1_test.go index 5e0e8add1..80439506f 100644 --- a/ecc/bls12-377/g1_test.go +++ b/ecc/bls12-377/g1_test.go @@ -15,6 +15,7 @@ import ( "github.com/consensys/gnark-crypto/ecc/bls12-377/fp" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" + "github.com/consensys/gnark-crypto/ecc/bls12-377/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" @@ -121,6 +122,13 @@ func TestIsOnG1(t *testing.T) { }, GenFp(), )) + properties.Property("[BLS12-377] IsInSubGroup should return false for a point on the cofactor-torsion", prop.ForAll( + func(a fp.Element) bool { + op := fuzzCofactorOfG1(a) + return op.IsOnCurve() && !op.IsInSubGroup() + }, + GenFp(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } @@ -156,6 +164,30 @@ func TestIsInSubGroupBatchG1(t *testing.T) { }, GenFr(), )) + properties.Property("[BLS12-377] IsInSubGroupBatch test should not pass with high probability", prop.ForAll( + func(mixer fr.Element, a fp.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + // random points in the h-torsion + h := fuzzCofactorOfG1(a) + result[0].FromJacobian(&h) + h = fuzzCofactorOfG1(a) + result[nbSamples-1].FromJacobian(&h) + + return !IsInSubGroupBatchG1(result) + }, + GenFr(), + GenFp(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } @@ -954,6 +986,18 @@ func BenchmarkG1AffineDouble(b *testing.B) { a.Double(&a) } } +func fuzzCofactorOfG1(f fp.Element) G1Jac { + var res, jac G1Jac + aff := MapToCurve1(&f) + hash_to_curve.G1Isogeny(&aff.X, &aff.Y) + jac.FromAffine(&aff) + // p+x²ϕ(p) = [r]p + res.phi(&jac). + mulBySeed(&res). + mulBySeed(&res). + AddAssign(&jac) + return res +} func fuzzG1Jac(p *G1Jac, f fp.Element) G1Jac { var res G1Jac diff --git a/ecc/bls12-377/g2_test.go b/ecc/bls12-377/g2_test.go index 1234ee341..44052be1d 100644 --- a/ecc/bls12-377/g2_test.go +++ b/ecc/bls12-377/g2_test.go @@ -15,6 +15,7 @@ import ( "github.com/consensys/gnark-crypto/ecc/bls12-377/internal/fptower" "github.com/consensys/gnark-crypto/ecc/bls12-377/fr" + "github.com/consensys/gnark-crypto/ecc/bls12-377/hash_to_curve" "github.com/leanovate/gopter" "github.com/leanovate/gopter/prop" @@ -135,6 +136,13 @@ func TestIsOnG2(t *testing.T) { }, GenE2(), )) + properties.Property("[BLS12-377] IsInSubGroup should return false for a point on the cofactor-torsion", prop.ForAll( + func(a fptower.E2) bool { + op := fuzzCofactorOfG2(a) + return op.IsOnCurve() && !op.IsInSubGroup() + }, + GenE2(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } @@ -170,6 +178,30 @@ func TestIsInSubGroupBatchG2(t *testing.T) { }, GenFr(), )) + properties.Property("[BLS12-377] IsInSubGroupBatch test should not pass with high probability", prop.ForAll( + func(mixer fr.Element, a fptower.E2) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + // random points in the h-torsion + h := fuzzCofactorOfG2(a) + result[0].FromJacobian(&h) + h = fuzzCofactorOfG2(a) + result[nbSamples-1].FromJacobian(&h) + + return !IsInSubGroupBatchG2(result) + }, + GenFr(), + GenE2(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } @@ -943,6 +975,17 @@ func BenchmarkG2AffineDouble(b *testing.B) { a.Double(&a) } } +func fuzzCofactorOfG2(f fptower.E2) G2Jac { + var res, jac G2Jac + aff := MapToCurve2(&f) + hash_to_curve.G2Isogeny(&aff.X, &aff.Y) + jac.FromAffine(&aff) + // ψ(p)-[x₀]P = [r]p + res.mulBySeed(&jac) + jac.psi(&jac) + res.AddAssign(&jac) + return res +} func fuzzG2Jac(p *G2Jac, f fptower.E2) G2Jac { var res G2Jac diff --git a/ecc/bls12-381/g1_test.go b/ecc/bls12-381/g1_test.go index 92b66e68f..94ef50a25 100644 --- a/ecc/bls12-381/g1_test.go +++ b/ecc/bls12-381/g1_test.go @@ -15,7 +15,6 @@ import ( "github.com/consensys/gnark-crypto/ecc/bls12-381/fp" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" "github.com/leanovate/gopter" @@ -165,6 +164,30 @@ func TestIsInSubGroupBatchG1(t *testing.T) { }, GenFr(), )) + properties.Property("[BLS12-381] IsInSubGroupBatch test should not pass with high probability", prop.ForAll( + func(mixer fr.Element, a fp.Element) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G1 + result := BatchScalarMultiplicationG1(&g1GenAff, sampleScalars[:]) + + // random points in the h-torsion + h := fuzzCofactorOfG1(a) + result[0].FromJacobian(&h) + h = fuzzCofactorOfG1(a) + result[nbSamples-1].FromJacobian(&h) + + return !IsInSubGroupBatchG1(result) + }, + GenFr(), + GenFp(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } diff --git a/ecc/bls12-381/g2_test.go b/ecc/bls12-381/g2_test.go index a17046a9d..44830326c 100644 --- a/ecc/bls12-381/g2_test.go +++ b/ecc/bls12-381/g2_test.go @@ -15,7 +15,6 @@ import ( "github.com/consensys/gnark-crypto/ecc/bls12-381/internal/fptower" "github.com/consensys/gnark-crypto/ecc/bls12-381/fr" - "github.com/consensys/gnark-crypto/ecc/bls12-381/hash_to_curve" "github.com/leanovate/gopter" @@ -179,6 +178,30 @@ func TestIsInSubGroupBatchG2(t *testing.T) { }, GenFr(), )) + properties.Property("[BLS12-381] IsInSubGroupBatch test should not pass with high probability", prop.ForAll( + func(mixer fr.Element, a fptower.E2) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + // random points in the h-torsion + h := fuzzCofactorOfG2(a) + result[0].FromJacobian(&h) + h = fuzzCofactorOfG2(a) + result[nbSamples-1].FromJacobian(&h) + + return !IsInSubGroupBatchG2(result) + }, + GenFr(), + GenE2(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } diff --git a/ecc/bn254/g2_test.go b/ecc/bn254/g2_test.go index ab2e40379..120b1c7a1 100644 --- a/ecc/bn254/g2_test.go +++ b/ecc/bn254/g2_test.go @@ -176,6 +176,30 @@ func TestIsInSubGroupBatchG2(t *testing.T) { }, GenFr(), )) + properties.Property("[BN254] IsInSubGroupBatch test should not pass with high probability", prop.ForAll( + func(mixer fr.Element, a fptower.E2) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in G2 + result := BatchScalarMultiplicationG2(&g2GenAff, sampleScalars[:]) + + // random points in the h-torsion + h := fuzzCofactorOfG2(a) + result[0].FromJacobian(&h) + h = fuzzCofactorOfG2(a) + result[nbSamples-1].FromJacobian(&h) + + return !IsInSubGroupBatchG2(result) + }, + GenFr(), + GenE2(), + )) properties.TestingRun(t, gopter.ConsoleReporter(false)) } diff --git a/internal/generator/ecc/template/tests/point.go.tmpl b/internal/generator/ecc/template/tests/point.go.tmpl index db01da953..8b091d710 100644 --- a/internal/generator/ecc/template/tests/point.go.tmpl +++ b/internal/generator/ecc/template/tests/point.go.tmpl @@ -28,7 +28,7 @@ import ( "github.com/consensys/gnark-crypto/ecc/{{.Name}}/fp" {{end}} "github.com/consensys/gnark-crypto/ecc/{{.Name}}/fr" - {{if eq .Name "bls12-381"}} + {{- if or (eq .Name "bls12-381") (eq .Name "bls12-377")}} "github.com/consensys/gnark-crypto/ecc/{{.Name}}/hash_to_curve" {{end}} @@ -166,7 +166,7 @@ func TestIsOn{{ toUpper .PointName }}(t *testing.T) { {{$fuzzer}}, )) - {{- if or (eq .Name "bls12-381") (and (eq .Name "bn254") (eq .PointName "g2"))}} + {{- if or (eq .Name "bls12-377") (eq .Name "bls12-381") (and (eq .Name "bn254") (eq .PointName "g2"))}} properties.Property("[{{ toUpper .Name }}] IsInSubGroup should return false for a point on the cofactor-torsion", prop.ForAll( func(a {{ .CoordType}}) bool { op := fuzzCofactorOf{{ toUpper .PointName}}(a) @@ -211,10 +211,36 @@ func TestIsInSubGroupBatch{{ toUpper .PointName}}(t *testing.T) { GenFr(), )) + {{- if or (eq .Name "bls12-377") (eq .Name "bls12-381") (and (eq .Name "bn254") (eq .PointName "g2"))}} + properties.Property("[{{ toUpper .Name }}] IsInSubGroupBatch test should not pass with high probability", prop.ForAll( + func(mixer fr.Element, a {{ .CoordType}}) bool { + // mixer ensures that all the words of a frElement are set + var sampleScalars [nbSamples]fr.Element + + for i := 1; i <= nbSamples; i++ { + sampleScalars[i-1].SetUint64(uint64(i)). + Mul(&sampleScalars[i-1], &mixer) + } + + // random points in {{ toUpper .PointName}} + result := BatchScalarMultiplication{{ toUpper .PointName}}(&{{.PointName}}GenAff, sampleScalars[:]) + + // random points in the h-torsion + h := fuzzCofactorOf{{ toUpper .PointName}}(a) + result[0].FromJacobian(&h) + h = fuzzCofactorOf{{ toUpper .PointName}}(a) + result[nbSamples-1].FromJacobian(&h) + + return !IsInSubGroupBatch{{ toUpper .PointName}}(result) + }, + GenFr(), + {{$fuzzer}}, + )) + {{- end}} + properties.TestingRun(t, gopter.ConsoleReporter(false)) } - func Test{{ toUpper .PointName }}Conversions(t *testing.T) { t.Parallel() parameters := gopter.DefaultTestParameters() @@ -735,7 +761,7 @@ func Test{{ toUpper .PointName }}BatchScalarMultiplication(t *testing.T) { func Test{{ $TJacobian }}Triple(t *testing.T) { // test triple on the generator and the infinity point - // against double and add + // against double and add var a {{ $TJacobian }} a.Set(&{{.PointName}}Gen) var infinity {{ $TJacobian }} @@ -1054,7 +1080,7 @@ func Benchmark{{ toUpper .PointName}}AffineDouble(b *testing.B) { } } -{{- if eq .Name "bls12-381"}} +{{- if or (eq .Name "bls12-381") (eq .Name "bls12-377")}} func fuzzCofactorOf{{ toUpper .PointName}}(f {{ .CoordType}}) {{ $TJacobian }} { var res, jac {{ $TJacobian }} {{- if eq .PointName "g1" }}