sqrt added in ZqField

2018-11-11 19:48:02 +01:00 · 2018-11-11 19:48:02 +01:00 · ceb9a7f58e
commit ceb9a7f58e
parent 448dc345ad
6 changed files with 96 additions and 9 deletions
--- a/index.js
+++ b/index.js
@ -29,3 +29,7 @@ exports.groth = {
    isValid: require("./src/verifier_groth.js")
 };
 exports.bigInt = require("./src/bigint.js");
+exports.ZqField = require("./src/zqfield.js");
+
+const Bn128 = require("./src/bn128.js");
+exports.bn128 = new Bn128();
--- a/src/bn128.js
+++ b/src/bn128.js
@ -52,6 +52,7 @@ class BN128 {
        this.G2 = new GCurve(this.F2, this.g2);
        this.F6 = new F3Field(this.F2, this.nonResidueF6);
        this.F12 = new F2Field(this.F6, this.nonResidueF6);
+        this.Fr = new F1Field(this.r);
        const self = this;
        this.F12._mulByNonResidue = function(a) {
            return [self.F2.mul(this.nonResidue, a[2]), a[0], a[1]];
--- a/src/zqfield.js
+++ b/src/zqfield.js
@ -24,9 +24,10 @@ const fUtils = require("./futils.js");

 class ZqField {
    constructor(q) {
-        this.q = q;
+        this.q = bigInt(q);
        this.zero = bigInt.zero;
        this.one = bigInt.one;
+        this.minusone = this.q.sub(this.one);
        this.add = bigInt.genAdd();
        this.double = bigInt.genDouble();
        this.sub = bigInt.genSub();
@ -39,6 +40,24 @@ class ZqField {
        this.isZero = bigInt.genIsZero(q);
        this.two = this.add(this.one, this.one);
        this.twoinv = this.inverse(this.two);
+
+        const e = this.minusone.shr(this.one);
+        this.nqr = this.two;
+        let r = this.exp(this.nqr, e);
+        while (!r.equals(this.minusone)) {
+            this.nqr = this.nqr.add(this.one);
+            r = this.exp(this.nqr, e);
+        }
+
+        this.s = this.zero;
+        this.t = this.minusone;
+
+        while (!this.t.isOdd()) {
+            this.s = this.s.add(this.one);
+            this.t = this.t.shr(this.one);
+        }
+
+        this.nqr_to_t = this.exp(this.nqr, this.t);
    }

    copy(a) {
@ -71,6 +90,47 @@ class ZqField {
        }
        return res;
    }
+
+    sqrt(n) {
+
+        n = this.affine(n);
+
+        if (n.equals(this.zero)) return this.zero;
+
+        // Test that have solution
+        const res = this.exp(n, this.minusone.shr(this.one));
+        if (!res.equals(this.one)) return null;
+
+        let m = parseInt(this.s);
+        let c = this.nqr_to_t;
+        let t = this.exp(n, this.t);
+        let r = this.exp(n, this.add(this.t, this.one).shr(this.one) );
+
+        while (!t.equals(this.one)) {
+            let sq = this.square(t);
+            let i = 1;
+            while (!sq.equals(this.one)) {
+                i++;
+                sq = this.square(sq);
+            }
+
+            // b = c ^ m-i-1
+            let b = c;
+            for (let j=0; j< m-i-1; j ++) b = this.square(b);
+
+            m = i;
+            c = this.square(b);
+            t = this.mul(t, c);
+            r = this.mul(r, b);
+        }
+
+        if (r.greater(this.q.shr(this.one))) {
+            r = this.neg(r);
+        }
+
+        return r;
+    }
+
 }


--- a/test/algebra.js
+++ b/test/algebra.js
@ -43,6 +43,28 @@ describe("F1 testing", () => {

        assert(bn128.F1.equals(a, d));
    });
+
+    it("Should compute sqrts", () => {
+        const bn128 = new BN128();
+        const F = new F1Field(bn128.r);
+        const a = bigInt("4");
+        let b = F.sqrt(a);
+        assert(F.equals(bigInt(0), F.sqrt(bigInt("0"))));
+        assert(F.equals(b, bigInt("2")));
+        assert(F.sqrt(F.nqr) === null);
+    });
+
+    it("Should compute sqrt of 100 random numbers", () => {
+        const bn128 = new BN128();
+        const F = new F1Field(bn128.r);
+        for (let j=0;j<100; j++) {
+            let a = F.random();
+            let s = F.sqrt(a);
+            if (s != null) {
+                assert(F.equals(F.square(s), a));
+            }
+        }
+    });
 });

 describe("Curve G1 Test", () => {
--- a/vk_proof.json
+++ b/vk_proof.json
--- a/vk_verifier.json
+++ b/vk_verifier.json
@ -1 +1 @@
-{"protocol":"original","nPublic":2,"IC":[["8576214033540765746842371044606415301996418658271131870010054843723125163599","6341586104423260990679666539888111771038590989830860832895739252684050857707","1"],["15965749752898192947949203569369046733334441167283696622057886266799413427301","2923294366489694707913989169803315514830365425557160936060478290028119985650","1"],["7665320522958326350241374389379617045227126617343912001068756442073187713151","16937313025308113974092602028496797364239833856912463403728694496750412757538","1"]],"vk_a":[["3077982983963123319793719127530918395964362371665929870764367633238119486171","10624095704253675484950110288768135448751925925397705744445034274470877571540"],["11223362065478924443549715710933863673280794406631767082774645916652066279620","8337303782475651751238621200032482701595413914475156108205195808465067782279"],["1","0"]],"vk_b":["21564332231353345084812731105505859926291540020010209070828241581510575981361","12811195542841792594989162567316414585491137627361662320857051029637227214375","1"],"vk_c":[["19363023180056795628459533284881872720326658174081788262267940216199137656570","5359479215742140254894625739314368559215232189770028818973166302624793559662"],["5187488231426445386134004945862512998731236294362858853152004154989502945485","17318067103531560956632275402153347927836013608148619363574266960244666419321"],["1","0"]],"vk_gb_1":["13737850238192771532086098218362386191676025312053065674387897049554183714895","258437624375537354893318850011642077381094913426153928052848023008663588967","1"],"vk_gb_2":[["20913086464866824409816176346029303914897145075292440377103410617064950551322","11968128624576981916297332896923117639178526628339597211407604428593282315380"],["21502773962397802833840010558276426068561764138489279214768725069584289910777","5965528328875401985902369254259185228639060740935479481669241063329338432524"],["1","0"]],"vk_g":[["1421964931962045670203169891741553307915101481355771768590757853405478618657","18344258226310817730803896348763784823599742300007390070956950541714752264594"],["84572320859600481810744445647071373623359906260999813141892498206365049722","17232762898384488387547345327643231467979450189903835933795160671651120045038"],["1","0"]],"vk_z":[["10267283293805156712473859167140009309675016274438754125335111954220207367714","16337057180792535646473469361191381596052094521156035083114407475052456206736"],["8437712429457291876807475578260323834614411158149818941874257329388894255364","15389184070055161803675113258684887402795693485388956653591015728117764501181"],["1","0"]]}
+{"protocol":"original","nPublic":2,"IC":[["8849055511082207197386816220933697359788971969723311105914207102749058732262","16959719579845113100884343214094921890994800988324717557455180752030411170003","1"],["2484443707386195254509798174506364533244136674881306666282125111587938066433","19427682058362356154903959035863203819006762969409806927732486823153723237810","1"],["7130785916432156053719609234300145030816421804617499884567479079011422988955","6189201216535197259817162464187743592146560869870792185911497850033335074298","1"]],"vk_a":[["9872559917844294477536347504934832320655533991650169902417802683379346119997","843772301140357563436689776827970926589741902080524202569657734909662469474"],["7531191948728096398667205760901764150746858276390769174947239681261174603496","19390457837724221793002986178650274717908327325393349077639674652630431124169"],["1","0"]],"vk_b":["501420461369693852599229883919204710886593732833724468965832578166009925713","10317710816126649044200749005377880660464978872377653125422472992191645650124","1"],"vk_c":[["10051649206767283312353552575431286293027310220624929913814364593030185419531","14791785180254274883514790322022956673529295334754985355268675419718338162079"],["7936893319622378351783826963378019679916863061363731322724584049671768481832","14935855848155905276829387453433187422477676703547349346896558674964769292707"],["1","0"]],"vk_gb_1":["16883378629371629842761088081108977348103248355774740955500038886325479370413","1920838522949484267352900228504548578245603817578514439559866317386119521003","1"],"vk_gb_2":[["11108842905356484096288635838337079212811899426526012687887143514045721790804","21031591569096646322506103672254640960873689370092824091794804577786886967908"],["817213165866263014069075203124784173584879880614844748456154653668382729159","864218259110131214014552546475739264317537208733507094863210326585244180593"],["1","0"]],"vk_g":[["14650542782728886534422292348945287981512706836643134176709351124791472680543","18960277976951274828172086500759014849906184580071220971216975068158250858162"],["14398341775515438116369872062699814349975225443081016536963355934433867545051","7430323674093579778297501612631986638268006525016526795405658142628213235594"],["1","0"]],"vk_z":[["9232595145194514136236063963352093468662621616460757765591947153028653483170","21870021077089796283233323883357370909479704574901541789297553490533610487318"],["1344881225032961007807685156782552847773328464965034725847677510387048101542","17695086597077289574292295853159694727053610025432390166769224554889027950018"],["1","0"]]}