mirror of https://github.com/zcash/halo2.git
Repair test vectors and add tests for map_to_curve_simple_swu.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
24def7ce02
commit
7dc21f4727
|
@ -54,6 +54,14 @@ fn test_iso_map() {
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", z) == "0x1e049436efa754f5f189aec69c2c3a4a559eca6a12b45c3f2e4a769deeca6187"
|
format!("{:?}", z) == "0x1e049436efa754f5f189aec69c2c3a4a559eca6a12b45c3f2e4a769deeca6187"
|
||||||
);
|
);
|
||||||
|
|
||||||
|
// check that iso_map([2] r) = [2] iso_map(r)
|
||||||
|
let r2 = r.double();
|
||||||
|
assert!(bool::from(r2.is_on_curve()));
|
||||||
|
let p2 =
|
||||||
|
super::hashtocurve::iso_map::<_, Affine, super::IsoEpAffine>(&r2, &Ep::ISOGENY_CONSTANTS);
|
||||||
|
assert!(bool::from(p2.is_on_curve()));
|
||||||
|
assert!(bool::from(p2 == p.double()));
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -83,29 +91,71 @@ fn test_iso_map_identity() {
|
||||||
.unwrap();
|
.unwrap();
|
||||||
let r = (r * -Fq::one()) + r;
|
let r = (r * -Fq::one()) + r;
|
||||||
assert!(bool::from(r.is_on_curve()));
|
assert!(bool::from(r.is_on_curve()));
|
||||||
|
assert!(bool::from(r.is_zero()));
|
||||||
let p =
|
let p =
|
||||||
super::hashtocurve::iso_map::<_, Affine, super::IsoEpAffine>(&r, &Ep::ISOGENY_CONSTANTS);
|
super::hashtocurve::iso_map::<_, Affine, super::IsoEpAffine>(&r, &Ep::ISOGENY_CONSTANTS);
|
||||||
assert!(bool::from(p.is_on_curve()));
|
assert!(bool::from(p.is_on_curve()));
|
||||||
|
assert!(bool::from(p.is_zero()));
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_map_to_curve_pallas() {
|
fn test_map_to_curve_simple_swu() {
|
||||||
use crate::arithmetic::Curve;
|
use crate::arithmetic::Curve;
|
||||||
|
use crate::pasta::curves::{IsoEp, IsoEpAffine};
|
||||||
|
use crate::pasta::hashtocurve::map_to_curve_simple_swu;
|
||||||
|
|
||||||
let hash = Point::hash_to_curve("z.cash:test");
|
// The zero input is a special case.
|
||||||
let p: Point = hash(b"hello");
|
let p: IsoEp =
|
||||||
|
map_to_curve_simple_swu::<Fp, EpAffine, IsoEpAffine>(&Fp::zero(), Ep::THETA, Ep::Z);
|
||||||
let (x, y, z) = p.jacobian_coordinates();
|
let (x, y, z) = p.jacobian_coordinates();
|
||||||
println!("{:?}", p);
|
println!("{:?}", p);
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", x) == "0x318cc15f281662b3f26d0175cab97b924870c837879cac647e877be51a85e898"
|
format!("{:?}", x) == "0x28c1a6a534f56c52e25295b339129a8af5f42525dea727f485ca3433519b096e"
|
||||||
);
|
);
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", y) == "0x1e91e2fa2a5a6a5bc86ff9564ae9336084470e7119dffcb85ae8c1383a3defd7"
|
format!("{:?}", y) == "0x3bfc658bee6653c63c7d7f0927083fd315d29c270207b7c7084fa1ee6ac5ae8d"
|
||||||
);
|
);
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", z) == "0x1e049436efa754f5f189aec69c2c3a4a559eca6a12b45c3f2e4a769deeca6187"
|
format!("{:?}", z) == "0x054b3ba10416dc104157b1318534a19d5d115472da7d746f8a5f250cd8cdef36"
|
||||||
|
);
|
||||||
|
|
||||||
|
let p: IsoEp =
|
||||||
|
map_to_curve_simple_swu::<Fp, EpAffine, IsoEpAffine>(&Fp::one(), Ep::THETA, Ep::Z);
|
||||||
|
let (x, y, z) = p.jacobian_coordinates();
|
||||||
|
println!("{:?}", p);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", x) == "0x010cba5957e876534af5e967c026a1856d64b071068280837913b9a5a3561505"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", y) == "0x062fc61f9cd3118e7d6e65a065ebf46a547514d6b08078e976fa6d515dcc9c81"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", z) == "0x3f86cb8c311250c3101c4e523e7793605ccff5623de1753a7c75bc9a29a73688"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_hash_to_curve() {
|
||||||
|
use crate::arithmetic::Curve;
|
||||||
|
|
||||||
|
// This test vector is chosen so that the first map_to_curve_simple_swu takes the gx1 square
|
||||||
|
// "branch" and the second takes the gx1 non-square "branch" (opposite to the Vesta test vector).
|
||||||
|
let hash = Point::hash_to_curve("z.cash:test");
|
||||||
|
let p: Point = hash(b"world");
|
||||||
|
let (x, y, z) = p.jacobian_coordinates();
|
||||||
|
println!("{:?}", p);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", x) == "0x2ae2d9bde5a5b4bc1f1e7154f18a407ac826c9d7cd23c3b33efa0f237e99cd35"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", y) == "0x3ca16b5bf2e6c41cdf781ead8ba61400becbc16430d026b65b707560b98f8b31"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", z) == "0x2502d25cc3b1129d933af3ac34822111bfd070609fdebdfb778dd25cf40f9b82"
|
||||||
);
|
);
|
||||||
assert!(bool::from(p.is_on_curve()));
|
assert!(bool::from(p.is_on_curve()));
|
||||||
|
|
||||||
let p = (p * -Fq::one()) + p;
|
let p = (p * -Fq::one()) + p;
|
||||||
assert!(bool::from(p.is_on_curve()));
|
assert!(bool::from(p.is_on_curve()));
|
||||||
|
assert!(bool::from(p.is_zero()));
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,20 +15,58 @@ pub type Point = Eq;
|
||||||
pub type Affine = EqAffine;
|
pub type Affine = EqAffine;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_map_to_curve_vesta() {
|
fn test_map_to_curve_simple_swu() {
|
||||||
|
use crate::arithmetic::Curve;
|
||||||
|
use crate::pasta::curves::{IsoEq, IsoEqAffine};
|
||||||
|
use crate::pasta::hashtocurve::map_to_curve_simple_swu;
|
||||||
|
|
||||||
|
// The zero input is a special case.
|
||||||
|
let p: IsoEq =
|
||||||
|
map_to_curve_simple_swu::<Fq, EqAffine, IsoEqAffine>(&Fq::zero(), Eq::THETA, Eq::Z);
|
||||||
|
let (x, y, z) = p.jacobian_coordinates();
|
||||||
|
println!("{:?}", p);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", x) == "0x2ccc4c6ec2660e5644305bc52527d904d408f92407f599df8f158d50646a2e78"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", y) == "0x29a34381321d13d72d50b6b462bb4ea6a9e47393fa28a47227bf35bc0ee7aa59"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", z) == "0x0b851e9e579403a76df1100f556e1f226e5656bdf38f3bf8601d8a3a9a15890b"
|
||||||
|
);
|
||||||
|
|
||||||
|
let p: IsoEq =
|
||||||
|
map_to_curve_simple_swu::<Fq, EqAffine, IsoEqAffine>(&Fq::one(), Eq::THETA, Eq::Z);
|
||||||
|
let (x, y, z) = p.jacobian_coordinates();
|
||||||
|
println!("{:?}", p);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", x) == "0x165f8b71841c5abc3d742ec13fb16f099d596b781e6f5c7d0b6682b1216a8258"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", y) == "0x0dadef21de74ed7337a37dd74f126a92e4df73c3a704da501e36eaf59cf03120"
|
||||||
|
);
|
||||||
|
assert!(
|
||||||
|
format!("{:?}", z) == "0x0a3d6f6c1af02bd9274cc0b80129759ce77edeef578d7de968d4a47d39026c82"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_hash_to_curve() {
|
||||||
use crate::arithmetic::Curve;
|
use crate::arithmetic::Curve;
|
||||||
|
|
||||||
|
// This test vector is chosen so that the first map_to_curve_simple_swu takes the gx1 non-square
|
||||||
|
// "branch" and the second takes the gx1 square "branch" (opposite to the Pallas test vector).
|
||||||
let hash = Point::hash_to_curve("z.cash:test");
|
let hash = Point::hash_to_curve("z.cash:test");
|
||||||
let p: Point = hash(b"hello");
|
let p: Point = hash(b"hello");
|
||||||
let (x, y, z) = p.jacobian_coordinates();
|
let (x, y, z) = p.jacobian_coordinates();
|
||||||
println!("{:?}", p);
|
println!("{:?}", p);
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", x) == "0x3984612258b3b43b4f6e046f7f796bbd35ffd8908804bcf47b9537d3ec7645c9"
|
format!("{:?}", x) == "0x24c3431db13111fcba2f214a0662ae48e675801988c5705877525750b65f7ad8"
|
||||||
);
|
);
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", y) == "0x2573c035293d745a288a65a7a37709ef99bcf31b77cfb3a1126a61e3adeebc4b"
|
format!("{:?}", y) == "0x0df21621bf38070d79193ec5959fc2bb09468e71c0190d0217b0984fc92282f3"
|
||||||
);
|
);
|
||||||
assert!(
|
assert!(
|
||||||
format!("{:?}", z) == "0x1cb99da94a634842b09a3ee1e5b462233e1fc23d0b357ec7fb0d1c409be30720"
|
format!("{:?}", z) == "0x3e95ef9cbe5a9978c0d82635b242cf773ecfbc764ae9b936aba64c43f67091c6"
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue