orchard/halo2-gadgets/halo2_ecc/src/chip/add_incomplete.rs

use std::{array, collections::HashSet};

use super::{copy, CellValue, EccConfig, NonIdentityEccPoint, Var};
use group::Curve;
use halo2::{
    circuit::Region,
    plonk::{Advice, Column, ConstraintSystem, Error, Selector},
    poly::Rotation,
};
use pasta_curves::{arithmetic::CurveAffine, pallas};

#[derive(Clone, Debug)]
pub struct Config {
    q_add_incomplete: Selector,
    // x-coordinate of P in P + Q = R
    pub x_p: Column<Advice>,
    // y-coordinate of P in P + Q = R
    pub y_p: Column<Advice>,
    // x-coordinate of Q or R in P + Q = R
    pub x_qr: Column<Advice>,
    // y-coordinate of Q or R in P + Q = R
    pub y_qr: Column<Advice>,
}

impl From<&EccConfig> for Config {
    fn from(ecc_config: &EccConfig) -> Self {
        Self {
            q_add_incomplete: ecc_config.q_add_incomplete,
            x_p: ecc_config.advices[0],
            y_p: ecc_config.advices[1],
            x_qr: ecc_config.advices[2],
            y_qr: ecc_config.advices[3],
        }
    }
}

impl Config {
    pub(crate) fn advice_columns(&self) -> HashSet<Column<Advice>> {
        core::array::IntoIter::new([self.x_p, self.y_p, self.x_qr, self.y_qr]).collect()
    }

    pub(super) fn create_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
        meta.create_gate("incomplete addition gates", |meta| {
            let q_add_incomplete = meta.query_selector(self.q_add_incomplete);
            let x_p = meta.query_advice(self.x_p, Rotation::cur());
            let y_p = meta.query_advice(self.y_p, Rotation::cur());
            let x_q = meta.query_advice(self.x_qr, Rotation::cur());
            let y_q = meta.query_advice(self.y_qr, Rotation::cur());
            let x_r = meta.query_advice(self.x_qr, Rotation::next());
            let y_r = meta.query_advice(self.y_qr, Rotation::next());

            // (x_r + x_q + x_p)⋅(x_p − x_q)^2 − (y_p − y_q)^2 = 0
            let poly1 = {
                (x_r.clone() + x_q.clone() + x_p.clone())
                    * (x_p.clone() - x_q.clone())
                    * (x_p.clone() - x_q.clone())
                    - (y_p.clone() - y_q.clone()).square()
            };

            // (y_r + y_q)(x_p − x_q) − (y_p − y_q)(x_q − x_r) = 0
            let poly2 = (y_r + y_q.clone()) * (x_p - x_q.clone()) - (y_p - y_q) * (x_q - x_r);

            array::IntoIter::new([("x_r", poly1), ("y_r", poly2)])
                .map(move |(name, poly)| (name, q_add_incomplete.clone() * poly))
        });
    }

    pub(super) fn assign_region(
        &self,
        p: &NonIdentityEccPoint,
        q: &NonIdentityEccPoint,
        offset: usize,
        region: &mut Region<'_, pallas::Base>,
    ) -> Result<NonIdentityEccPoint, Error> {
        // Enable `q_add_incomplete` selector
        self.q_add_incomplete.enable(region, offset)?;

        // Handle exceptional cases
        let (x_p, y_p) = (p.x.value(), p.y.value());
        let (x_q, y_q) = (q.x.value(), q.y.value());
        x_p.zip(y_p)
            .zip(x_q)
            .zip(y_q)
            .map(|(((x_p, y_p), x_q), y_q)| {
                // P is point at infinity
                if (x_p == pallas::Base::zero() && y_p == pallas::Base::zero())
                // Q is point at infinity
                || (x_q == pallas::Base::zero() && y_q == pallas::Base::zero())
                // x_p = x_q
                || (x_p == x_q)
                {
                    Err(Error::SynthesisError)
                } else {
                    Ok(())
                }
            })
            .transpose()?;

        // Copy point `p` into `x_p`, `y_p` columns
        copy(region, || "x_p", self.x_p, offset, &p.x)?;
        copy(region, || "y_p", self.y_p, offset, &p.y)?;

        // Copy point `q` into `x_qr`, `y_qr` columns
        copy(region, || "x_q", self.x_qr, offset, &q.x)?;
        copy(region, || "y_q", self.y_qr, offset, &q.y)?;

        // Compute the sum `P + Q = R`
        let r = {
            let p = p.point();
            let q = q.point();
            let r = p
                .zip(q)
                .map(|(p, q)| (p + q).to_affine().coordinates().unwrap());
            let r_x = r.map(|r| *r.x());
            let r_y = r.map(|r| *r.y());

            (r_x, r_y)
        };

        // Assign the sum to `x_qr`, `y_qr` columns in the next row
        let x_r = r.0;
        let x_r_var = region.assign_advice(
            || "x_r",
            self.x_qr,
            offset + 1,
            || x_r.ok_or(Error::SynthesisError),
        )?;

        let y_r = r.1;
        let y_r_var = region.assign_advice(
            || "y_r",
            self.y_qr,
            offset + 1,
            || y_r.ok_or(Error::SynthesisError),
        )?;

        let result = NonIdentityEccPoint {
            x: CellValue::<pallas::Base>::new(x_r_var, x_r),
            y: CellValue::<pallas::Base>::new(y_r_var, y_r),
        };

        Ok(result)
    }
}

#[cfg(test)]
pub mod tests {
    use group::Curve;
    use halo2::{circuit::Layouter, plonk::Error};
    use pasta_curves::pallas;

    use crate::circuit::gadget::ecc::{EccInstructions, NonIdentityPoint};

    #[allow(clippy::too_many_arguments)]
    pub fn test_add_incomplete<
        EccChip: EccInstructions<pallas::Affine> + Clone + Eq + std::fmt::Debug,
    >(
        chip: EccChip,
        mut layouter: impl Layouter<pallas::Base>,
        p_val: pallas::Affine,
        p: &NonIdentityPoint<pallas::Affine, EccChip>,
        q_val: pallas::Affine,
        q: &NonIdentityPoint<pallas::Affine, EccChip>,
        p_neg: &NonIdentityPoint<pallas::Affine, EccChip>,
    ) -> Result<(), Error> {
        // P + Q
        {
            let result = p.add_incomplete(layouter.namespace(|| "P + Q"), q)?;
            let witnessed_result = NonIdentityPoint::new(
                chip,
                layouter.namespace(|| "witnessed P + Q"),
                Some((p_val + q_val).to_affine()),
            )?;
            result.constrain_equal(layouter.namespace(|| "constrain P + Q"), &witnessed_result)?;
        }

        // P + P should return an error
        p.add_incomplete(layouter.namespace(|| "P + P"), p)
            .expect_err("P + P should return an error");

        // P + (-P) should return an error
        p.add_incomplete(layouter.namespace(|| "P + (-P)"), p_neg)
            .expect_err("P + (-P) should return an error");

        Ok(())
    }
}
-												mul_fixed::base_field_elem.rs: Check canonicity of base field element used in fixed-base scalar mul.

When using a base field element as the scalar in fixed-base mul,
we check the canonicity of its decomposition.

											
										
										
											2021-07-07 00:53:43 -07:00
+								use std::{array, collections::HashSet};
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								use super::{copy, CellValue, EccConfig, NonIdentityEccPoint, Var};
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								use group::Curve;
 								use halo2::{
 								    circuit::Region,
-												Migrate to latest `halo2` API

- `halo2::plonk::{create_proof, verify_proof}` now take instance columns
  as slices of values.
- `halo2::plonk::Permutation` has been replaced by a global permutation,
  to which columns can be added with `ConstraintSystem::enable_equality`.
- The introduction of blinding rows means that various tests now require
  larger circuit parameters.

											
										
										
											2021-07-15 04:52:15 -07:00
+								    plonk::{Advice, Column, ConstraintSystem, Error, Selector},
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								    poly::Rotation,
 								};
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								use pasta_curves::{arithmetic::CurveAffine, pallas};
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
 								#[derive(Clone, Debug)]
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								pub struct Config {
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								    q_add_incomplete: Selector,
 								    // x-coordinate of P in P + Q = R
 								    pub x_p: Column<Advice>,
 								    // y-coordinate of P in P + Q = R
 								    pub y_p: Column<Advice>,
 								    // x-coordinate of Q or R in P + Q = R
 								    pub x_qr: Column<Advice>,
 								    // y-coordinate of Q or R in P + Q = R
 								    pub y_qr: Column<Advice>,
 								}
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								impl From<&EccConfig> for Config {
 								    fn from(ecc_config: &EccConfig) -> Self {
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        Self {
 								            q_add_incomplete: ecc_config.q_add_incomplete,
 								            x_p: ecc_config.advices[0],
 								            y_p: ecc_config.advices[1],
 								            x_qr: ecc_config.advices[2],
 								            y_qr: ecc_config.advices[3],
 								        }
 								    }
 								}
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								impl Config {
-												mul_fixed::base_field_elem.rs: Check canonicity of base field element used in fixed-base scalar mul.

When using a base field element as the scalar in fixed-base mul,
we check the canonicity of its decomposition.

											
										
										
											2021-07-07 00:53:43 -07:00
+								    pub(crate) fn advice_columns(&self) -> HashSet<Column<Advice>> {
 								        core::array::IntoIter::new([self.x_p, self.y_p, self.x_qr, self.y_qr]).collect()
 								    }
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								    pub(super) fn create_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        meta.create_gate("incomplete addition gates", |meta| {
 								            let q_add_incomplete = meta.query_selector(self.q_add_incomplete);
 								            let x_p = meta.query_advice(self.x_p, Rotation::cur());
 								            let y_p = meta.query_advice(self.y_p, Rotation::cur());
 								            let x_q = meta.query_advice(self.x_qr, Rotation::cur());
 								            let y_q = meta.query_advice(self.y_qr, Rotation::cur());
 								            let x_r = meta.query_advice(self.x_qr, Rotation::next());
 								            let y_r = meta.query_advice(self.y_qr, Rotation::next());
 								            // (x_r + x_q + x_p)⋅(x_p − x_q)^2 − (y_p − y_q)^2 = 0
 								            let poly1 = {
 								                (x_r.clone() + x_q.clone() + x_p.clone())
 								                    * (x_p.clone() - x_q.clone())
 								                    * (x_p.clone() - x_q.clone())
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								                    - (y_p.clone() - y_q.clone()).square()
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								            };
 								            // (y_r + y_q)(x_p − x_q) − (y_p − y_q)(x_q − x_r) = 0
 								            let poly2 = (y_r + y_q.clone()) * (x_p - x_q.clone()) - (y_p - y_q) * (x_q - x_r);
-												Add names to some nameless constraints

											
										
										
											2021-07-28 18:10:32 -07:00
+								            array::IntoIter::new([("x_r", poly1), ("y_r", poly2)])
 								                .map(move |(name, poly)| (name, q_add_incomplete.clone() * poly))
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        });
 								    }
-												ecc::chip.rs: Bound EccConfig on <C: CurveAffine>.

											
										
										
											2021-06-10 10:09:04 -07:00
+								    pub(super) fn assign_region(
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        &self,
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								        p: &NonIdentityEccPoint,
 								        q: &NonIdentityEccPoint,
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        offset: usize,
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								        region: &mut Region<'_, pallas::Base>,
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								    ) -> Result<NonIdentityEccPoint, Error> {
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        // Enable `q_add_incomplete` selector
 								        self.q_add_incomplete.enable(region, offset)?;
 								        // Handle exceptional cases
 								        let (x_p, y_p) = (p.x.value(), p.y.value());
 								        let (x_q, y_q) = (q.x.value(), q.y.value());
 								        x_p.zip(y_p)
 								            .zip(x_q)
 								            .zip(y_q)
 								            .map(|(((x_p, y_p), x_q), y_q)| {
 								                // P is point at infinity
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								                if (x_p == pallas::Base::zero() && y_p == pallas::Base::zero())
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								                // Q is point at infinity
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								                || (x_q == pallas::Base::zero() && y_q == pallas::Base::zero())
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								                // x_p = x_q
 								                || (x_p == x_q)
 								                {
 								                    Err(Error::SynthesisError)
 								                } else {
 								                    Ok(())
 								                }
 								            })
 								            .transpose()?;
 								        // Copy point `p` into `x_p`, `y_p` columns
-												Migrate to latest `halo2` API

- `halo2::plonk::{create_proof, verify_proof}` now take instance columns
  as slices of values.
- `halo2::plonk::Permutation` has been replaced by a global permutation,
  to which columns can be added with `ConstraintSystem::enable_equality`.
- The introduction of blinding rows means that various tests now require
  larger circuit parameters.

											
										
										
											2021-07-15 04:52:15 -07:00
+								        copy(region, || "x_p", self.x_p, offset, &p.x)?;
 								        copy(region, || "y_p", self.y_p, offset, &p.y)?;
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
 								        // Copy point `q` into `x_qr`, `y_qr` columns
-												Migrate to latest `halo2` API

- `halo2::plonk::{create_proof, verify_proof}` now take instance columns
  as slices of values.
- `halo2::plonk::Permutation` has been replaced by a global permutation,
  to which columns can be added with `ConstraintSystem::enable_equality`.
- The introduction of blinding rows means that various tests now require
  larger circuit parameters.

											
										
										
											2021-07-15 04:52:15 -07:00
+								        copy(region, || "x_q", self.x_qr, offset, &q.x)?;
 								        copy(region, || "y_q", self.y_qr, offset, &q.y)?;
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
 								        // Compute the sum `P + Q = R`
 								        let r = {
 								            let p = p.point();
 								            let q = q.point();
 								            let r = p
 								                .zip(q)
 								                .map(|(p, q)| (p + q).to_affine().coordinates().unwrap());
 								            let r_x = r.map(|r| *r.x());
 								            let r_y = r.map(|r| *r.y());
 								            (r_x, r_y)
 								        };
 								        // Assign the sum to `x_qr`, `y_qr` columns in the next row
 								        let x_r = r.0;
 								        let x_r_var = region.assign_advice(
 								            || "x_r",
 								            self.x_qr,
 								            offset + 1,
 								            || x_r.ok_or(Error::SynthesisError),
 								        )?;
 								        let y_r = r.1;
 								        let y_r_var = region.assign_advice(
 								            || "y_r",
 								            self.y_qr,
 								            offset + 1,
 								            || y_r.ok_or(Error::SynthesisError),
 								        )?;
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								        let result = NonIdentityEccPoint {
-												ecc::chip.rs: Use concrete pallas::Affine for Chip impl.

The EccInstructions trait is still generic over C: CurveAffine;
however, the EccChip implementation is specific to the pasta
curves.

											
										
										
											2021-06-11 15:29:05 -07:00
+								            x: CellValue::<pallas::Base>::new(x_r_var, x_r),
 								            y: CellValue::<pallas::Base>::new(y_r_var, y_r),
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								        };
 								        Ok(result)
 								    }
 								}
 								#[cfg(test)]
 								pub mod tests {
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								    use group::Curve;
 								    use halo2::{circuit::Layouter, plonk::Error};
 								    use pasta_curves::pallas;
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								    use crate::circuit::gadget::ecc::{EccInstructions, NonIdentityPoint};
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								    #[allow(clippy::too_many_arguments)]
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								    pub fn test_add_incomplete<
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								        EccChip: EccInstructions<pallas::Affine> + Clone + Eq + std::fmt::Debug,
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								    >(
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								        chip: EccChip,
 								        mut layouter: impl Layouter<pallas::Base>,
 								        p_val: pallas::Affine,
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								        p: &NonIdentityPoint<pallas::Affine, EccChip>,
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								        q_val: pallas::Affine,
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								        q: &NonIdentityPoint<pallas::Affine, EccChip>,
 								        p_neg: &NonIdentityPoint<pallas::Affine, EccChip>,
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								    ) -> Result<(), Error> {
 								        // P + Q
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								        {
 								            let result = p.add_incomplete(layouter.namespace(|| "P + Q"), q)?;
-												ecc::chip: Propagate changes to sub-chips.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

											
										
										
											2021-09-27 01:49:08 -07:00
+								            let witnessed_result = NonIdentityPoint::new(
-												add_incomplete::tests: Constrain output of `P + Q` test.

Also minor docfixes and refactors.

Co-authored-by: Jack Grigg <jack@electriccoin.co>

											
										
										
											2021-06-13 09:19:21 -07:00
+								                chip,
 								                layouter.namespace(|| "witnessed P + Q"),
 								                Some((p_val + q_val).to_affine()),
 								            )?;
 								            result.constrain_equal(layouter.namespace(|| "constrain P + Q"), &witnessed_result)?;
 								        }
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
 								        // P + P should return an error
-												Docfixes and minor refactors.

Co-authored-by: str4d <jack@electriccoin.co>

											
										
										
											2021-06-11 15:36:26 -07:00
+								        p.add_incomplete(layouter.namespace(|| "P + P"), p)
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								            .expect_err("P + P should return an error");
 								        // P + (-P) should return an error
-												Docfixes and minor refactors.

Co-authored-by: str4d <jack@electriccoin.co>

											
										
										
											2021-06-11 15:36:26 -07:00
+								        p.add_incomplete(layouter.namespace(|| "P + (-P)"), p_neg)
-												chip::add_incomplete.rs: Implement add_incomplete() instruction

											
										
										
											2021-06-04 23:11:40 -07:00
+								            .expect_err("P + (-P) should return an error");
 								        Ok(())
 								    }
 								}