@sabaaa1/common 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/assets/{snarkjsWorkerLauncher-B7rmy0gx.js → snarkjsWorkerLauncher-Dsmwcy9L.js} +1 -1
- package/assets/{snarkjsWorkerLogic-C3GGRlcw.js → snarkjsWorkerLogic-B9NbAQYW.js} +844 -892
- package/assets/{utxoWorkerLauncher-BP1uNzSU.js → utxoWorkerLauncher-Bvb09Ewh.js} +1 -1
- package/assets/{utxoWorkerLogic-KxVg3qs6.js → utxoWorkerLogic-IHmQBHcc.js} +3718 -3755
- package/assets/{zkProofWorkerLauncher-D-WqUrAW.js → zkProofWorkerLauncher-CoKmCKjC.js} +1 -1
- package/assets/{zkProofWorkerLogic-CenLarOM.js → zkProofWorkerLogic-DB9cbXu-.js} +1586 -1634
- package/package.json +1 -1
- package/webworker/snarkjsWorker/snarkjsWorkerLauncher.cjs +1 -1
- package/webworker/snarkjsWorker/snarkjsWorkerLauncher.mjs +1 -1
- package/webworker/utxoWorker/utxoWorkerLauncher.cjs +1 -1
- package/webworker/utxoWorker/utxoWorkerLauncher.mjs +1 -1
- package/webworker/utxoWorker/utxoWorkerLogic.cjs +1 -1
- package/webworker/utxoWorker/utxoWorkerLogic.mjs +53 -40
- package/webworker/workerProxy.cjs +1 -1
- package/webworker/workerProxy.d.ts +0 -2
- package/webworker/workerProxy.mjs +10 -58
- package/webworker/zkProofWorker/zkProofWorkerLauncher.cjs +1 -1
- package/webworker/zkProofWorker/zkProofWorkerLauncher.mjs +1 -1
|
@@ -1,8 +1,6 @@
|
|
|
1
1
|
class nc {
|
|
2
2
|
isNode = !1;
|
|
3
3
|
isSandbox = !1;
|
|
4
|
-
errorCount = 0;
|
|
5
|
-
MAX_ERRORS = 5;
|
|
6
4
|
/**
|
|
7
5
|
* This allow browser or main thread to listen for worker response message
|
|
8
6
|
* using the normal `worker.onmessage = () => {}` syntax. Is should only be side on the
|
|
@@ -37,70 +35,24 @@ class nc {
|
|
|
37
35
|
}
|
|
38
36
|
postMessageToMainThread(t) {
|
|
39
37
|
const n = { data: t };
|
|
40
|
-
|
|
41
|
-
this.onmessage(n);
|
|
42
|
-
return;
|
|
43
|
-
}
|
|
44
|
-
const e = typeof self < "u" ? self : globalThis;
|
|
45
|
-
e.postMessage && e.postMessage(t);
|
|
38
|
+
this.onmessage ? this.onmessage(n) : postMessage(t);
|
|
46
39
|
}
|
|
47
40
|
postErrorToMainThread(t) {
|
|
48
|
-
if (this.errorCount++, this.errorCount > this.MAX_ERRORS) {
|
|
49
|
-
console.error("Too many errors, stopping error reporting"), typeof self < "u" && self.close && self.close();
|
|
50
|
-
return;
|
|
51
|
-
}
|
|
52
41
|
const n = { data: { error: t } };
|
|
53
|
-
|
|
54
|
-
try {
|
|
55
|
-
this.onerror(n);
|
|
56
|
-
} catch (i) {
|
|
57
|
-
console.error("Error in onerror handler:", i);
|
|
58
|
-
}
|
|
59
|
-
return;
|
|
60
|
-
}
|
|
61
|
-
const e = {
|
|
62
|
-
error: !0,
|
|
63
|
-
message: t instanceof Error ? t.message : String(t),
|
|
64
|
-
stack: t instanceof Error ? t.stack : void 0
|
|
65
|
-
};
|
|
66
|
-
try {
|
|
67
|
-
const i = typeof self < "u" ? self : globalThis;
|
|
68
|
-
i.postMessage && i.postMessage(e);
|
|
69
|
-
} catch (i) {
|
|
70
|
-
console.error("Failed to post error:", i);
|
|
71
|
-
}
|
|
42
|
+
this.onerror ? this.onerror(n) : postMessage(t);
|
|
72
43
|
}
|
|
73
44
|
attachWorkerSideOnMessage(t) {
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
return;
|
|
79
|
-
}
|
|
80
|
-
if (this.isSandbox) {
|
|
81
|
-
this.eventEmitter.addEventListener("worker-message", (e) => {
|
|
82
|
-
t(e.detail);
|
|
83
|
-
});
|
|
84
|
-
return;
|
|
85
|
-
}
|
|
86
|
-
const n = typeof self < "u" ? self : globalThis;
|
|
87
|
-
n.addEventListener && n.addEventListener("message", (e) => {
|
|
88
|
-
if (this.errorCount = 0, !e || !e.data) {
|
|
89
|
-
console.warn("Worker received invalid message:", e);
|
|
90
|
-
return;
|
|
91
|
-
}
|
|
92
|
-
try {
|
|
93
|
-
t(e.data);
|
|
94
|
-
} catch (i) {
|
|
95
|
-
console.error("Error in message handler:", i), this.postErrorToMainThread(i);
|
|
96
|
-
}
|
|
45
|
+
this.isNode ? this.eventEmitter.on("message", (n) => {
|
|
46
|
+
t(n);
|
|
47
|
+
}) : this.isSandbox && this.eventEmitter.addEventListener("worker-message", (n) => {
|
|
48
|
+
t(n.detail);
|
|
97
49
|
});
|
|
98
50
|
}
|
|
99
51
|
}
|
|
100
52
|
function ec(o, t) {
|
|
101
53
|
return Object.values(o).includes(t);
|
|
102
54
|
}
|
|
103
|
-
function
|
|
55
|
+
function qi(o, t, n = !1) {
|
|
104
56
|
if (ec(o, t))
|
|
105
57
|
return t;
|
|
106
58
|
const e = `Value ${JSON.stringify(t)} is not a valid member of enum ${JSON.stringify(o)}.`;
|
|
@@ -119,13 +71,13 @@ function Fe(o, t) {
|
|
|
119
71
|
const oc = () => (require("dotenv").config({
|
|
120
72
|
// allow overriding .env file path, see startServer.sh script for explenation on why it is needed
|
|
121
73
|
path: "DOTENV_OVERRIDE" in process.env ? process.env.DOTENV_OVERRIDE : void 0
|
|
122
|
-
}),
|
|
74
|
+
}), qi(uo, process.env.DEPLOYMENT_MODE) || "development"), ic = () => {
|
|
123
75
|
if (!So && typeof window > "u")
|
|
124
76
|
return;
|
|
125
77
|
if (So)
|
|
126
78
|
return oc();
|
|
127
79
|
if (window?.location?.protocol === "chrome-extension:") {
|
|
128
|
-
const t =
|
|
80
|
+
const t = qi(uo, WALLET_DEPLOYMENT_MODE);
|
|
129
81
|
return t || "staging";
|
|
130
82
|
}
|
|
131
83
|
const o = window?.location?.host;
|
|
@@ -139,7 +91,7 @@ function Le(o, t) {
|
|
|
139
91
|
if (t == 16)
|
|
140
92
|
return o.slice(0, 2) == "0x" ? BigInt(o) : BigInt("0x" + o);
|
|
141
93
|
}
|
|
142
|
-
const
|
|
94
|
+
const Tt = Le;
|
|
143
95
|
function cc(o, t) {
|
|
144
96
|
let n = BigInt(0);
|
|
145
97
|
t = BigInt(t);
|
|
@@ -151,19 +103,19 @@ function Wn(o) {
|
|
|
151
103
|
const t = o.toString(16);
|
|
152
104
|
return (t.length - 1) * 4 + ac[parseInt(t[0], 16)];
|
|
153
105
|
}
|
|
154
|
-
function
|
|
106
|
+
function Qi(o) {
|
|
155
107
|
return BigInt(o) < BigInt(0);
|
|
156
108
|
}
|
|
157
|
-
function
|
|
109
|
+
function Mi(o) {
|
|
158
110
|
return !o;
|
|
159
111
|
}
|
|
160
112
|
function ge(o, t) {
|
|
161
113
|
return BigInt(o) << BigInt(t);
|
|
162
114
|
}
|
|
163
|
-
function
|
|
115
|
+
function Qn(o, t) {
|
|
164
116
|
return BigInt(o) >> BigInt(t);
|
|
165
117
|
}
|
|
166
|
-
const sc = ge, lc =
|
|
118
|
+
const sc = ge, lc = Qn;
|
|
167
119
|
function _o(o) {
|
|
168
120
|
return (BigInt(o) & BigInt(1)) == BigInt(1);
|
|
169
121
|
}
|
|
@@ -187,7 +139,7 @@ function Ui(o) {
|
|
|
187
139
|
t & BigInt(1) ? n.push(1) : n.push(0), t = t >> BigInt(1);
|
|
188
140
|
return n;
|
|
189
141
|
}
|
|
190
|
-
function
|
|
142
|
+
function zi(o) {
|
|
191
143
|
if (o > BigInt(Number.MAX_SAFE_INTEGER))
|
|
192
144
|
throw new Error("Number too big");
|
|
193
145
|
return Number(o);
|
|
@@ -205,7 +157,7 @@ function go(o, t) {
|
|
|
205
157
|
function _n(o, t) {
|
|
206
158
|
return BigInt(o) - BigInt(t);
|
|
207
159
|
}
|
|
208
|
-
function
|
|
160
|
+
function Ti(o) {
|
|
209
161
|
return -BigInt(o);
|
|
210
162
|
}
|
|
211
163
|
function Ri(o, t) {
|
|
@@ -223,7 +175,7 @@ function _c(o, t) {
|
|
|
223
175
|
function gc(o) {
|
|
224
176
|
return BigInt(o) >= 0 ? BigInt(o) : -BigInt(o);
|
|
225
177
|
}
|
|
226
|
-
function
|
|
178
|
+
function Mn(o, t) {
|
|
227
179
|
return BigInt(o) / BigInt(t);
|
|
228
180
|
}
|
|
229
181
|
function an(o, t) {
|
|
@@ -272,7 +224,7 @@ function Yn(o, t, n, e) {
|
|
|
272
224
|
for (let r = d; r < s.length; r++)
|
|
273
225
|
s[r] = 0;
|
|
274
226
|
for (let r = s.length * 4; r < e; r++)
|
|
275
|
-
o[r] =
|
|
227
|
+
o[r] = zi(fo(Qn(n, r * 8), 255));
|
|
276
228
|
}
|
|
277
229
|
function ki(o, t, n, e) {
|
|
278
230
|
const i = "0000000" + n.toString(16), s = new DataView(o.buffer, o.byteOffset + t, e), d = ((i.length - 7) * 4 - 1 >> 5) + 1;
|
|
@@ -300,7 +252,7 @@ function Un(o) {
|
|
|
300
252
|
const t = new Uint8Array(Math.floor((Wn(o) - 1) / 8) + 1);
|
|
301
253
|
return Yn(t, 0, o, t.byteLength), t;
|
|
302
254
|
}
|
|
303
|
-
const Ki =
|
|
255
|
+
const Ki = Tt(0), Fn = Tt(1);
|
|
304
256
|
var Cc = /* @__PURE__ */ Object.freeze({
|
|
305
257
|
__proto__: null,
|
|
306
258
|
abs: gc,
|
|
@@ -310,8 +262,8 @@ var Cc = /* @__PURE__ */ Object.freeze({
|
|
|
310
262
|
bits: Ui,
|
|
311
263
|
bor: Lc,
|
|
312
264
|
bxor: Ac,
|
|
313
|
-
div:
|
|
314
|
-
e:
|
|
265
|
+
div: Mn,
|
|
266
|
+
e: Tt,
|
|
315
267
|
eq: En,
|
|
316
268
|
exp: _c,
|
|
317
269
|
fromArray: cc,
|
|
@@ -320,9 +272,9 @@ var Cc = /* @__PURE__ */ Object.freeze({
|
|
|
320
272
|
fromString: Le,
|
|
321
273
|
geq: Di,
|
|
322
274
|
gt: He,
|
|
323
|
-
isNegative:
|
|
275
|
+
isNegative: Qi,
|
|
324
276
|
isOdd: _o,
|
|
325
|
-
isZero:
|
|
277
|
+
isZero: Mi,
|
|
326
278
|
land: bc,
|
|
327
279
|
leq: pc,
|
|
328
280
|
lnot: Ic,
|
|
@@ -331,26 +283,26 @@ var Cc = /* @__PURE__ */ Object.freeze({
|
|
|
331
283
|
mod: an,
|
|
332
284
|
mul: Ri,
|
|
333
285
|
naf: rc,
|
|
334
|
-
neg:
|
|
286
|
+
neg: Ti,
|
|
335
287
|
neq: fc,
|
|
336
288
|
one: Fn,
|
|
337
289
|
pow: Xn,
|
|
338
290
|
shiftLeft: ge,
|
|
339
|
-
shiftRight:
|
|
291
|
+
shiftRight: Qn,
|
|
340
292
|
shl: sc,
|
|
341
293
|
shr: lc,
|
|
342
294
|
square: uc,
|
|
343
295
|
sub: _n,
|
|
344
296
|
toArray: dc,
|
|
345
297
|
toLEBuff: Un,
|
|
346
|
-
toNumber:
|
|
298
|
+
toNumber: zi,
|
|
347
299
|
toRprBE: ki,
|
|
348
300
|
toRprLE: Yn,
|
|
349
301
|
toString: Gi,
|
|
350
302
|
zero: Ki
|
|
351
303
|
});
|
|
352
304
|
function vo(o, t, n) {
|
|
353
|
-
if (
|
|
305
|
+
if (Mi(n))
|
|
354
306
|
return o.one;
|
|
355
307
|
const e = Ui(n);
|
|
356
308
|
if (e.length == 0)
|
|
@@ -383,13 +335,13 @@ function mc(o) {
|
|
|
383
335
|
}
|
|
384
336
|
function wc(o) {
|
|
385
337
|
for (o.sqrt_q = Xn(o.p, o.m), o.sqrt_s = 0, o.sqrt_t = _n(o.sqrt_q, 1); !_o(o.sqrt_t); )
|
|
386
|
-
o.sqrt_s = o.sqrt_s + 1, o.sqrt_t =
|
|
338
|
+
o.sqrt_s = o.sqrt_s + 1, o.sqrt_t = Mn(o.sqrt_t, 2);
|
|
387
339
|
let t = o.one;
|
|
388
340
|
for (; o.eq(t, o.one); ) {
|
|
389
341
|
const n = o.random();
|
|
390
342
|
o.sqrt_z = o.pow(n, o.sqrt_t), t = o.pow(o.sqrt_z, 2 ** (o.sqrt_s - 1));
|
|
391
343
|
}
|
|
392
|
-
o.sqrt_tm1d2 =
|
|
344
|
+
o.sqrt_tm1d2 = Mn(_n(o.sqrt_t, 1), 2), o.sqrt = function(n) {
|
|
393
345
|
const e = this;
|
|
394
346
|
if (e.isZero(n))
|
|
395
347
|
return e.zero;
|
|
@@ -421,7 +373,7 @@ function Ec(o) {
|
|
|
421
373
|
};
|
|
422
374
|
}
|
|
423
375
|
function Fc(o) {
|
|
424
|
-
o.sqrt_q = Xn(o.p, o.m), o.sqrt_e1 =
|
|
376
|
+
o.sqrt_q = Xn(o.p, o.m), o.sqrt_e1 = Mn(_n(o.sqrt_q, 3), 4), o.sqrt = function(t) {
|
|
425
377
|
if (this.isZero(t))
|
|
426
378
|
return this.zero;
|
|
427
379
|
const n = this.pow(t, this.sqrt_e1), e = this.mul(this.square(n), t);
|
|
@@ -437,7 +389,7 @@ function xc(o) {
|
|
|
437
389
|
};
|
|
438
390
|
}
|
|
439
391
|
function Sc(o) {
|
|
440
|
-
o.sqrt_q = Xn(o.p, o.m / 2), o.sqrt_e34 =
|
|
392
|
+
o.sqrt_q = Xn(o.p, o.m / 2), o.sqrt_e34 = Mn(_n(o.sqrt_q, 3), 4), o.sqrt_e12 = Mn(_n(o.sqrt_q, 1), 2), o.frobenius = function(t, n) {
|
|
441
393
|
return t % 2 == 1 ? o.conjugate(n) : n;
|
|
442
394
|
}, o.sqrt = function(t) {
|
|
443
395
|
const n = this, e = n.pow(t, n.sqrt_e34), i = n.mul(n.square(e), t), s = n.mul(n.frobenius(1, i), i);
|
|
@@ -514,7 +466,7 @@ function Hi(o) {
|
|
|
514
466
|
t[n] = Math.random() * 4294967296 >>> 0;
|
|
515
467
|
return t;
|
|
516
468
|
}
|
|
517
|
-
function
|
|
469
|
+
function qc() {
|
|
518
470
|
const o = Hi(32), t = new Uint32Array(o.buffer), n = [];
|
|
519
471
|
for (let e = 0; e < 8; e++)
|
|
520
472
|
n.push(t[e]);
|
|
@@ -522,9 +474,9 @@ function Mc() {
|
|
|
522
474
|
}
|
|
523
475
|
let se = null;
|
|
524
476
|
function ho() {
|
|
525
|
-
return se || (se = new Pc(
|
|
477
|
+
return se || (se = new Pc(qc()), se);
|
|
526
478
|
}
|
|
527
|
-
class
|
|
479
|
+
class Qc {
|
|
528
480
|
constructor(t, n, e) {
|
|
529
481
|
this.F = n, this.G = t, this.opMulGF = e;
|
|
530
482
|
let i = n.sqrt_t || n.t, s = n.sqrt_s || n.s, d = n.one;
|
|
@@ -586,7 +538,7 @@ function fe(o, t, n, e, i) {
|
|
|
586
538
|
u[l] = o.G.add(r[l], o.opMulGF(b[l], o.roots[n][l])), u[l + d] = o.G.sub(r[l], o.opMulGF(b[l], o.roots[n][l]));
|
|
587
539
|
return u;
|
|
588
540
|
}
|
|
589
|
-
class
|
|
541
|
+
class Mc {
|
|
590
542
|
constructor(t) {
|
|
591
543
|
this.type = "F1", this.one = BigInt(1), this.zero = BigInt(0), this.p = BigInt(t), this.m = 1, this.negone = this.p - this.one, this.two = BigInt(2), this.half = this.p >> this.one, this.bitLength = Wn(this.p), this.mask = (this.one << BigInt(this.bitLength)) - this.one, this.n64 = Math.floor((this.bitLength - 1) / 64) + 1, this.n32 = this.n64 * 2, this.n8 = this.n64 * 8, this.R = this.e(this.one << BigInt(this.n64 * 64)), this.Ri = this.inv(this.R);
|
|
592
544
|
const n = this.negone >> this.one;
|
|
@@ -596,7 +548,7 @@ class Qc {
|
|
|
596
548
|
this.nqr = this.nqr + this.one, e = this.pow(this.nqr, n);
|
|
597
549
|
for (this.s = 0, this.t = this.negone; (this.t & this.one) == this.zero; )
|
|
598
550
|
this.s = this.s + 1, this.t = this.t >> this.one;
|
|
599
|
-
this.nqr_to_t = this.pow(this.nqr, this.t), mc(this), this.FFT = new
|
|
551
|
+
this.nqr_to_t = this.pow(this.nqr, this.t), mc(this), this.FFT = new Qc(this, this, this.mul.bind(this)), this.fft = this.FFT.fft.bind(this.FFT), this.ifft = this.FFT.ifft.bind(this.FFT), this.w = this.FFT.w, this.wi = this.FFT.wi, this.shift = this.square(this.nqr), this.k = this.exp(this.nqr, 2 ** this.s);
|
|
600
552
|
}
|
|
601
553
|
e(t, n) {
|
|
602
554
|
let e;
|
|
@@ -1018,7 +970,7 @@ var Uc = function(t, n, e) {
|
|
|
1018
970
|
let D, it;
|
|
1019
971
|
return L[y] ? D = f.getLocal("x" + y) : (D = f.teeLocal("x" + y, f.i64_load32_u(f.getLocal("x"), y * 4)), L[y] = !0), V[v] ? it = f.getLocal("y" + v) : (it = f.teeLocal("y" + v, f.i64_load32_u(f.getLocal("y"), v * 4)), V[v] = !0), f.i64_mul(D, it);
|
|
1020
972
|
}
|
|
1021
|
-
let X = "c0",
|
|
973
|
+
let X = "c0", Q = "c1";
|
|
1022
974
|
for (let y = 0; y < s * 2 - 1; y++) {
|
|
1023
975
|
for (let v = Math.max(0, y - s + 1); v <= y && v < s; v++) {
|
|
1024
976
|
const D = y - v;
|
|
@@ -1035,9 +987,9 @@ var Uc = function(t, n, e) {
|
|
|
1035
987
|
)
|
|
1036
988
|
), F.addCode(
|
|
1037
989
|
f.setLocal(
|
|
1038
|
-
|
|
990
|
+
Q,
|
|
1039
991
|
f.i64_add(
|
|
1040
|
-
f.getLocal(
|
|
992
|
+
f.getLocal(Q),
|
|
1041
993
|
f.i64_shr_u(
|
|
1042
994
|
f.getLocal(X),
|
|
1043
995
|
f.i64_const(32)
|
|
@@ -1052,9 +1004,9 @@ var Uc = function(t, n, e) {
|
|
|
1052
1004
|
y * 4,
|
|
1053
1005
|
f.getLocal(X)
|
|
1054
1006
|
)
|
|
1055
|
-
), [X,
|
|
1007
|
+
), [X, Q] = [Q, X], F.addCode(
|
|
1056
1008
|
f.setLocal(
|
|
1057
|
-
|
|
1009
|
+
Q,
|
|
1058
1010
|
f.i64_shr_u(
|
|
1059
1011
|
f.getLocal(X),
|
|
1060
1012
|
f.i64_const(32)
|
|
@@ -1080,7 +1032,7 @@ var Uc = function(t, n, e) {
|
|
|
1080
1032
|
let it, nt;
|
|
1081
1033
|
return L[v] ? it = f.getLocal("x" + v) : (it = f.teeLocal("x" + v, f.i64_load32_u(f.getLocal("x"), v * 4)), L[v] = !0), L[D] ? nt = f.getLocal("x" + D) : (nt = f.teeLocal("x" + D, f.i64_load32_u(f.getLocal("x"), D * 4)), L[D] = !0), f.i64_mul(it, nt);
|
|
1082
1034
|
}
|
|
1083
|
-
let $ = "c0", X = "c1",
|
|
1035
|
+
let $ = "c0", X = "c1", Q = "c0_old", y = "c1_old";
|
|
1084
1036
|
for (let v = 0; v < s * 2 - 1; v++) {
|
|
1085
1037
|
F.addCode(
|
|
1086
1038
|
f.setLocal($, f.i64_const(0)),
|
|
@@ -1168,7 +1120,7 @@ var Uc = function(t, n, e) {
|
|
|
1168
1120
|
f.i64_const(4294967295)
|
|
1169
1121
|
),
|
|
1170
1122
|
f.i64_and(
|
|
1171
|
-
f.getLocal(
|
|
1123
|
+
f.getLocal(Q),
|
|
1172
1124
|
f.i64_const(4294967295)
|
|
1173
1125
|
)
|
|
1174
1126
|
)
|
|
@@ -1195,13 +1147,13 @@ var Uc = function(t, n, e) {
|
|
|
1195
1147
|
)
|
|
1196
1148
|
), F.addCode(
|
|
1197
1149
|
f.setLocal(
|
|
1198
|
-
|
|
1150
|
+
Q,
|
|
1199
1151
|
f.getLocal(X)
|
|
1200
1152
|
),
|
|
1201
1153
|
f.setLocal(
|
|
1202
1154
|
y,
|
|
1203
1155
|
f.i64_shr_u(
|
|
1204
|
-
f.getLocal(
|
|
1156
|
+
f.getLocal(Q),
|
|
1205
1157
|
f.i64_const(32)
|
|
1206
1158
|
)
|
|
1207
1159
|
)
|
|
@@ -1211,11 +1163,11 @@ var Uc = function(t, n, e) {
|
|
|
1211
1163
|
f.i64_store32(
|
|
1212
1164
|
f.getLocal("r"),
|
|
1213
1165
|
s * 4 * 2 - 4,
|
|
1214
|
-
f.getLocal(
|
|
1166
|
+
f.getLocal(Q)
|
|
1215
1167
|
)
|
|
1216
1168
|
);
|
|
1217
1169
|
}
|
|
1218
|
-
function
|
|
1170
|
+
function z() {
|
|
1219
1171
|
const F = t.addFunction(i + "_squareOld");
|
|
1220
1172
|
F.addParam("x", "i32"), F.addParam("r", "i32");
|
|
1221
1173
|
const f = F.getCodeBuilder();
|
|
@@ -1310,11 +1262,11 @@ var Uc = function(t, n, e) {
|
|
|
1310
1262
|
f.br(0)
|
|
1311
1263
|
)));
|
|
1312
1264
|
}
|
|
1313
|
-
function
|
|
1265
|
+
function T() {
|
|
1314
1266
|
x(), ot();
|
|
1315
1267
|
const F = t.addFunction(i + "_div");
|
|
1316
1268
|
F.addParam("x", "i32"), F.addParam("y", "i32"), F.addParam("c", "i32"), F.addParam("r", "i32"), F.addLocal("rr", "i32"), F.addLocal("cc", "i32"), F.addLocal("eX", "i32"), F.addLocal("eY", "i32"), F.addLocal("sy", "i64"), F.addLocal("sx", "i64"), F.addLocal("ec", "i32");
|
|
1317
|
-
const f = F.getCodeBuilder(), L = f.i32_const(t.alloc(d)), V = f.i32_const(t.alloc(d)), $ = f.i32_const(t.alloc(d)), X = f.getLocal("cc"),
|
|
1269
|
+
const f = F.getCodeBuilder(), L = f.i32_const(t.alloc(d)), V = f.i32_const(t.alloc(d)), $ = f.i32_const(t.alloc(d)), X = f.getLocal("cc"), Q = f.getLocal("rr"), y = t.alloc(d * 2), v = f.i32_const(y), D = f.i32_const(y + d);
|
|
1318
1270
|
F.addCode(f.if(
|
|
1319
1271
|
f.getLocal("c"),
|
|
1320
1272
|
f.setLocal("cc", f.getLocal("c")),
|
|
@@ -1323,7 +1275,7 @@ var Uc = function(t, n, e) {
|
|
|
1323
1275
|
f.getLocal("r"),
|
|
1324
1276
|
f.setLocal("rr", f.getLocal("r")),
|
|
1325
1277
|
f.setLocal("rr", $)
|
|
1326
|
-
)), F.addCode(f.call(i + "_copy", f.getLocal("x"),
|
|
1278
|
+
)), F.addCode(f.call(i + "_copy", f.getLocal("x"), Q)), F.addCode(f.call(i + "_copy", f.getLocal("y"), L)), F.addCode(f.call(i + "_zero", X)), F.addCode(f.call(i + "_zero", v)), F.addCode(f.setLocal("eX", f.i32_const(d - 1))), F.addCode(f.setLocal("eY", f.i32_const(d - 1))), F.addCode(f.block(f.loop(
|
|
1327
1279
|
f.br_if(
|
|
1328
1280
|
1,
|
|
1329
1281
|
f.i32_or(
|
|
@@ -1370,7 +1322,7 @@ var Uc = function(t, n, e) {
|
|
|
1370
1322
|
1,
|
|
1371
1323
|
f.i32_or(
|
|
1372
1324
|
f.i32_load8_u(
|
|
1373
|
-
f.i32_add(
|
|
1325
|
+
f.i32_add(Q, f.getLocal("eX")),
|
|
1374
1326
|
0,
|
|
1375
1327
|
0
|
|
1376
1328
|
),
|
|
@@ -1387,7 +1339,7 @@ var Uc = function(t, n, e) {
|
|
|
1387
1339
|
"sx",
|
|
1388
1340
|
f.i64_load(
|
|
1389
1341
|
f.i32_sub(
|
|
1390
|
-
f.i32_add(
|
|
1342
|
+
f.i32_add(Q, f.getLocal("eX")),
|
|
1391
1343
|
f.i32_const(7)
|
|
1392
1344
|
),
|
|
1393
1345
|
0,
|
|
@@ -1449,7 +1401,7 @@ var Uc = function(t, n, e) {
|
|
|
1449
1401
|
[
|
|
1450
1402
|
...f.br_if(
|
|
1451
1403
|
2,
|
|
1452
|
-
f.i32_eqz(f.call(i + "_gte",
|
|
1404
|
+
f.i32_eqz(f.call(i + "_gte", Q, L))
|
|
1453
1405
|
),
|
|
1454
1406
|
...f.setLocal("sx", f.i64_const(1)),
|
|
1455
1407
|
...f.setLocal("ec", f.i32_const(0))
|
|
@@ -1458,9 +1410,9 @@ var Uc = function(t, n, e) {
|
|
|
1458
1410
|
f.call(i + "__mul1", L, f.getLocal("sx"), D),
|
|
1459
1411
|
f.drop(f.call(
|
|
1460
1412
|
i + "_sub",
|
|
1461
|
-
|
|
1413
|
+
Q,
|
|
1462
1414
|
f.i32_sub(D, f.getLocal("ec")),
|
|
1463
|
-
|
|
1415
|
+
Q
|
|
1464
1416
|
)),
|
|
1465
1417
|
f.call(
|
|
1466
1418
|
i + "__add1",
|
|
@@ -1473,7 +1425,7 @@ var Uc = function(t, n, e) {
|
|
|
1473
1425
|
function rt() {
|
|
1474
1426
|
const F = t.addFunction(i + "_inverseMod");
|
|
1475
1427
|
F.addParam("px", "i32"), F.addParam("pm", "i32"), F.addParam("pr", "i32"), F.addLocal("t", "i32"), F.addLocal("newt", "i32"), F.addLocal("r", "i32"), F.addLocal("qq", "i32"), F.addLocal("qr", "i32"), F.addLocal("newr", "i32"), F.addLocal("swp", "i32"), F.addLocal("x", "i32"), F.addLocal("signt", "i32"), F.addLocal("signnewt", "i32"), F.addLocal("signx", "i32");
|
|
1476
|
-
const f = F.getCodeBuilder(), L = f.i32_const(t.alloc(d)), V = f.i32_const(t.alloc(d)), $ = f.i32_const(t.alloc(d)), X = f.i32_const(t.alloc(d)),
|
|
1428
|
+
const f = F.getCodeBuilder(), L = f.i32_const(t.alloc(d)), V = f.i32_const(t.alloc(d)), $ = f.i32_const(t.alloc(d)), X = f.i32_const(t.alloc(d)), Q = f.i32_const(t.alloc(d)), y = f.i32_const(t.alloc(d)), v = f.i32_const(t.alloc(d * 2)), D = f.i32_const(t.alloc(d));
|
|
1477
1429
|
F.addCode(
|
|
1478
1430
|
f.setLocal("t", L),
|
|
1479
1431
|
f.call(i + "_zero", L),
|
|
@@ -1488,7 +1440,7 @@ var Uc = function(t, n, e) {
|
|
|
1488
1440
|
), F.addCode(
|
|
1489
1441
|
f.setLocal("newr", X),
|
|
1490
1442
|
f.call(i + "_copy", f.getLocal("px"), X)
|
|
1491
|
-
), F.addCode(f.setLocal("qq",
|
|
1443
|
+
), F.addCode(f.setLocal("qq", Q)), F.addCode(f.setLocal("qr", y)), F.addCode(f.setLocal("x", D)), F.addCode(f.block(f.loop(
|
|
1492
1444
|
f.br_if(
|
|
1493
1445
|
1,
|
|
1494
1446
|
f.call(i + "_isZero", f.getLocal("newr"))
|
|
@@ -1551,7 +1503,7 @@ var Uc = function(t, n, e) {
|
|
|
1551
1503
|
f.call(i + "_copy", f.getLocal("t"), f.getLocal("pr"))
|
|
1552
1504
|
));
|
|
1553
1505
|
}
|
|
1554
|
-
return r(), b(), l(), u(), C(), B(), A(), O(), P(), E(),
|
|
1506
|
+
return r(), b(), l(), u(), C(), B(), A(), O(), P(), E(), z(), T(), rt(), t.exportFunction(i + "_copy"), t.exportFunction(i + "_zero"), t.exportFunction(i + "_one"), t.exportFunction(i + "_isZero"), t.exportFunction(i + "_eq"), t.exportFunction(i + "_gte"), t.exportFunction(i + "_add"), t.exportFunction(i + "_sub"), t.exportFunction(i + "_mul"), t.exportFunction(i + "_square"), t.exportFunction(i + "_squareOld"), t.exportFunction(i + "_div"), t.exportFunction(i + "_inverseMod"), i;
|
|
1555
1507
|
}, po = function(t, n, e, i, s, d, r) {
|
|
1556
1508
|
const b = t.addFunction(n);
|
|
1557
1509
|
b.addParam("base", "i32"), b.addParam("scalar", "i32"), b.addParam("scalarLength", "i32"), b.addParam("r", "i32"), b.addLocal("i", "i32"), b.addLocal("b", "i32");
|
|
@@ -1600,8 +1552,8 @@ var Uc = function(t, n, e) {
|
|
|
1600
1552
|
);
|
|
1601
1553
|
return B;
|
|
1602
1554
|
}
|
|
1603
|
-
}, Lo =
|
|
1604
|
-
function
|
|
1555
|
+
}, Lo = zc;
|
|
1556
|
+
function zc(o, t) {
|
|
1605
1557
|
const n = o.modules[t].n64 * 8, e = o.addFunction(t + "_batchInverse");
|
|
1606
1558
|
e.addParam("pIn", "i32"), e.addParam("inStep", "i32"), e.addParam("n", "i32"), e.addParam("pOut", "i32"), e.addParam("outStep", "i32"), e.addLocal("itAux", "i32"), e.addLocal("itIn", "i32"), e.addLocal("itOut", "i32"), e.addLocal("i", "i32");
|
|
1607
1559
|
const i = e.getCodeBuilder(), s = i.i32_const(o.alloc(n));
|
|
@@ -1708,8 +1660,8 @@ function Tc(o, t) {
|
|
|
1708
1660
|
)
|
|
1709
1661
|
);
|
|
1710
1662
|
}
|
|
1711
|
-
var Vi =
|
|
1712
|
-
function
|
|
1663
|
+
var Vi = Tc;
|
|
1664
|
+
function Tc(o, t, n, e, i, s) {
|
|
1713
1665
|
typeof s > "u" && (e < i ? s = !0 : s = !1);
|
|
1714
1666
|
const d = o.addFunction(t);
|
|
1715
1667
|
d.addParam("pIn", "i32"), d.addParam("n", "i32"), d.addParam("pOut", "i32"), d.addLocal("i", "i32"), d.addLocal("itIn", "i32"), d.addLocal("itOut", "i32");
|
|
@@ -1861,13 +1813,13 @@ function Yi(o) {
|
|
|
1861
1813
|
function te(o) {
|
|
1862
1814
|
return o < 0n ? -o : o;
|
|
1863
1815
|
}
|
|
1864
|
-
function
|
|
1816
|
+
function zn(o) {
|
|
1865
1817
|
return te(o) === 1n;
|
|
1866
1818
|
}
|
|
1867
1819
|
function Zi(o, t) {
|
|
1868
1820
|
for (var n = 0n, e = 1n, i = t, s = te(o), d, r, b; s !== 0n; )
|
|
1869
1821
|
d = i / s, r = n, b = i, n = e, i = s, e = r - d * e, s = b - d * s;
|
|
1870
|
-
if (!
|
|
1822
|
+
if (!zn(i))
|
|
1871
1823
|
throw new Error(o.toString() + " and " + t.toString() + " are not co-prime");
|
|
1872
1824
|
return ji(n, 0n) === -1 && (n = n + t), Ae(o) ? -n : n;
|
|
1873
1825
|
}
|
|
@@ -1885,16 +1837,16 @@ function Ji(o, t, n) {
|
|
|
1885
1837
|
function Nc(o, t) {
|
|
1886
1838
|
return o = o >= 0n ? o : -o, t = t >= 0n ? t : -t, o === t ? 0 : o > t ? 1 : -1;
|
|
1887
1839
|
}
|
|
1888
|
-
function
|
|
1889
|
-
return t === 0n ? !1 :
|
|
1840
|
+
function qo(o, t) {
|
|
1841
|
+
return t === 0n ? !1 : zn(t) ? !0 : Nc(t, 2n) === 0 ? bo(o) : o % t === 0n;
|
|
1890
1842
|
}
|
|
1891
1843
|
function Gc(o) {
|
|
1892
1844
|
var t = te(o);
|
|
1893
|
-
if (
|
|
1845
|
+
if (zn(t))
|
|
1894
1846
|
return !1;
|
|
1895
1847
|
if (t === 2n || t === 3n || t === 5n)
|
|
1896
1848
|
return !0;
|
|
1897
|
-
if (bo(t) ||
|
|
1849
|
+
if (bo(t) || qo(t, 3n) || qo(t, 5n))
|
|
1898
1850
|
return !1;
|
|
1899
1851
|
if (t < 49n)
|
|
1900
1852
|
return !0;
|
|
@@ -1902,14 +1854,14 @@ function Gc(o) {
|
|
|
1902
1854
|
function Kc(o) {
|
|
1903
1855
|
return o - 1n;
|
|
1904
1856
|
}
|
|
1905
|
-
function
|
|
1857
|
+
function Qo(o, t) {
|
|
1906
1858
|
for (var n = Kc(o), e = n, i = 0, s, d, r; bo(e); )
|
|
1907
1859
|
e = e / 2n, i++;
|
|
1908
1860
|
t:
|
|
1909
1861
|
for (d = 0; d < t.length; d++)
|
|
1910
|
-
if (!(o < t[d]) && (r = Ji(BigInt(t[d]), e, o), !(
|
|
1862
|
+
if (!(o < t[d]) && (r = Ji(BigInt(t[d]), e, o), !(zn(r) || r === n))) {
|
|
1911
1863
|
for (s = i - 1; s != 0; s--) {
|
|
1912
|
-
if (r = Ao(r) % o,
|
|
1864
|
+
if (r = Ao(r) % o, zn(r))
|
|
1913
1865
|
return !1;
|
|
1914
1866
|
if (r === n)
|
|
1915
1867
|
continue t;
|
|
@@ -1924,27 +1876,27 @@ function Hc(o) {
|
|
|
1924
1876
|
return t;
|
|
1925
1877
|
var n = te(o), e = Yi(n);
|
|
1926
1878
|
if (e <= 64)
|
|
1927
|
-
return
|
|
1879
|
+
return Qo(n, [2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37]);
|
|
1928
1880
|
for (var i = Math.log(2) * Number(e), s = Math.ceil(i), d = [], r = 0; r < s; r++)
|
|
1929
1881
|
d.push(BigInt(r + 2));
|
|
1930
|
-
return
|
|
1882
|
+
return Qo(n, d);
|
|
1931
1883
|
}
|
|
1932
1884
|
Yt.bitLength = Yi;
|
|
1933
1885
|
Yt.isOdd = $i;
|
|
1934
1886
|
Yt.isNegative = Ae;
|
|
1935
1887
|
Yt.abs = te;
|
|
1936
|
-
Yt.isUnit =
|
|
1888
|
+
Yt.isUnit = zn;
|
|
1937
1889
|
Yt.compare = ji;
|
|
1938
1890
|
Yt.modInv = Zi;
|
|
1939
1891
|
Yt.modPow = Ji;
|
|
1940
1892
|
Yt.isPrime = Hc;
|
|
1941
1893
|
Yt.square = Ao;
|
|
1942
|
-
const Vc = Uc, rn = mn, jc = po, $c = Lo, xe = Vi, Se = Rc, { bitLength: Yc, modInv: Oe, modPow:
|
|
1894
|
+
const Vc = Uc, rn = mn, jc = po, $c = Lo, xe = Vi, Se = Rc, { bitLength: Yc, modInv: Oe, modPow: Mo, isPrime: Uo, isOdd: Zc, square: Jc } = Yt;
|
|
1943
1895
|
var yo = function(t, n, e, i) {
|
|
1944
1896
|
const s = BigInt(n), d = Math.floor((Yc(s - 1n) - 1) / 64) + 1, r = d * 2, b = d * 8, u = e || "f1m";
|
|
1945
1897
|
if (t.modules[u])
|
|
1946
1898
|
return u;
|
|
1947
|
-
const l = Vc(t, d, i), C = t.alloc(b, rn.bigInt2BytesLE(s, b)), B = t.alloc(rn.bigInt2BytesLE(Jc(1n << BigInt(d * 64)) % s, b)), A = t.alloc(rn.bigInt2BytesLE((1n << BigInt(d * 64)) % s, b)), O = t.alloc(rn.bigInt2BytesLE(0n, b)), P = s - 1n, E = P >> 1n,
|
|
1899
|
+
const l = Vc(t, d, i), C = t.alloc(b, rn.bigInt2BytesLE(s, b)), B = t.alloc(rn.bigInt2BytesLE(Jc(1n << BigInt(d * 64)) % s, b)), A = t.alloc(rn.bigInt2BytesLE((1n << BigInt(d * 64)) % s, b)), O = t.alloc(rn.bigInt2BytesLE(0n, b)), P = s - 1n, E = P >> 1n, z = t.alloc(b, rn.bigInt2BytesLE(E, b)), x = E + 1n, ot = t.alloc(b, rn.bigInt2BytesLE(x, b));
|
|
1948
1900
|
t.modules[u] = {
|
|
1949
1901
|
pq: C,
|
|
1950
1902
|
pR2: B,
|
|
@@ -1954,7 +1906,7 @@ var yo = function(t, n, e, i) {
|
|
|
1954
1906
|
pZero: O,
|
|
1955
1907
|
pePlusOne: ot
|
|
1956
1908
|
};
|
|
1957
|
-
function
|
|
1909
|
+
function T() {
|
|
1958
1910
|
const I = t.addFunction(u + "_one");
|
|
1959
1911
|
I.addParam("pr", "i32");
|
|
1960
1912
|
const h = I.getCodeBuilder();
|
|
@@ -2219,7 +2171,7 @@ var yo = function(t, n, e, i) {
|
|
|
2219
2171
|
)
|
|
2220
2172
|
);
|
|
2221
2173
|
}
|
|
2222
|
-
function
|
|
2174
|
+
function Q() {
|
|
2223
2175
|
const I = t.addFunction(u + "_square");
|
|
2224
2176
|
I.addParam("x", "i32"), I.addParam("r", "i32"), I.addLocal("c0", "i64"), I.addLocal("c1", "i64"), I.addLocal("c0_old", "i64"), I.addLocal("c1_old", "i64"), I.addLocal("np32", "i64");
|
|
2225
2177
|
for (let dt = 0; dt < r; dt++)
|
|
@@ -2468,12 +2420,12 @@ var yo = function(t, n, e, i) {
|
|
|
2468
2420
|
}
|
|
2469
2421
|
let nt = 2n;
|
|
2470
2422
|
if (Uo(s))
|
|
2471
|
-
for (;
|
|
2423
|
+
for (; Mo(nt, E, s) !== P; )
|
|
2472
2424
|
nt = nt + 1n;
|
|
2473
2425
|
let K = 0, ct = P;
|
|
2474
2426
|
for (; !Zc(ct) && ct !== 0n; )
|
|
2475
2427
|
K++, ct = ct >> 1n;
|
|
2476
|
-
const J = t.alloc(b, rn.bigInt2BytesLE(ct, b)), st =
|
|
2428
|
+
const J = t.alloc(b, rn.bigInt2BytesLE(ct, b)), st = Mo(nt, ct, s), At = t.alloc(rn.bigInt2BytesLE((st << BigInt(d * 64)) % s, b)), Bt = ct + 1n >> 1n, pt = t.alloc(b, rn.bigInt2BytesLE(Bt, b));
|
|
2477
2429
|
function p() {
|
|
2478
2430
|
const I = t.addFunction(u + "_sqrt");
|
|
2479
2431
|
I.addParam("n", "i32"), I.addParam("r", "i32"), I.addLocal("m", "i32"), I.addLocal("i", "i32"), I.addLocal("j", "i32");
|
|
@@ -2530,7 +2482,7 @@ var yo = function(t, n, e, i) {
|
|
|
2530
2482
|
h.call(u + "_isZero", h.getLocal("n")),
|
|
2531
2483
|
h.ret(h.i32_const(1))
|
|
2532
2484
|
),
|
|
2533
|
-
h.call(u + "_exp", h.getLocal("n"), h.i32_const(
|
|
2485
|
+
h.call(u + "_exp", h.getLocal("n"), h.i32_const(z), h.i32_const(b), W),
|
|
2534
2486
|
h.call(u + "_eq", W, S)
|
|
2535
2487
|
);
|
|
2536
2488
|
}
|
|
@@ -2597,7 +2549,7 @@ var yo = function(t, n, e, i) {
|
|
|
2597
2549
|
h.ret(h.call(l + "_eq", h.getLocal("x"), h.i32_const(A)))
|
|
2598
2550
|
);
|
|
2599
2551
|
}
|
|
2600
|
-
return t.exportFunction(l + "_copy", u + "_copy"), t.exportFunction(l + "_zero", u + "_zero"), t.exportFunction(l + "_isZero", u + "_isZero"), t.exportFunction(l + "_eq", u + "_eq"), w(), rt(), F(), f(), $(), X(),
|
|
2552
|
+
return t.exportFunction(l + "_copy", u + "_copy"), t.exportFunction(l + "_zero", u + "_zero"), t.exportFunction(l + "_isZero", u + "_isZero"), t.exportFunction(l + "_eq", u + "_eq"), w(), rt(), F(), f(), $(), X(), Q(), y(), v(), D(), L(), V(), it(), T(), m(), c(), $c(t, u), xe(t, u + "_batchToMontgomery", u + "_toMontgomery", b, b), xe(t, u + "_batchFromMontgomery", u + "_fromMontgomery", b, b), xe(t, u + "_batchNeg", u + "_neg", b, b), Se(t, u + "_batchAdd", u + "_add", b, b), Se(t, u + "_batchSub", u + "_sub", b, b), Se(t, u + "_batchMul", u + "_mul", b, b), t.exportFunction(u + "_add"), t.exportFunction(u + "_sub"), t.exportFunction(u + "_neg"), t.exportFunction(u + "_isNegative"), t.exportFunction(u + "_isOne"), t.exportFunction(u + "_sign"), t.exportFunction(u + "_mReduct"), t.exportFunction(u + "_mul"), t.exportFunction(u + "_square"), t.exportFunction(u + "_squareOld"), t.exportFunction(u + "_fromMontgomery"), t.exportFunction(u + "_toMontgomery"), t.exportFunction(u + "_inverse"), t.exportFunction(u + "_one"), t.exportFunction(u + "_load"), t.exportFunction(u + "_timesScalar"), jc(
|
|
2601
2553
|
t,
|
|
2602
2554
|
u + "_exp",
|
|
2603
2555
|
b,
|
|
@@ -2617,32 +2569,32 @@ var Wi = function(t, n, e, i, s) {
|
|
|
2617
2569
|
};
|
|
2618
2570
|
const l = s || "int", C = Wc(t, d, i, l), B = t.modules[C].pR2, A = t.modules[C].pq, O = t.modules[C].pePlusOne;
|
|
2619
2571
|
function P() {
|
|
2620
|
-
const ot = t.alloc(b),
|
|
2621
|
-
|
|
2622
|
-
const rt =
|
|
2623
|
-
|
|
2572
|
+
const ot = t.alloc(b), T = t.addFunction(u + "_mul");
|
|
2573
|
+
T.addParam("x", "i32"), T.addParam("y", "i32"), T.addParam("r", "i32");
|
|
2574
|
+
const rt = T.getCodeBuilder();
|
|
2575
|
+
T.addCode(rt.call(C + "_mul", rt.getLocal("x"), rt.getLocal("y"), rt.i32_const(ot))), T.addCode(rt.call(C + "_mul", rt.i32_const(ot), rt.i32_const(B), rt.getLocal("r")));
|
|
2624
2576
|
}
|
|
2625
2577
|
function E() {
|
|
2626
2578
|
const ot = t.addFunction(u + "_square");
|
|
2627
2579
|
ot.addParam("x", "i32"), ot.addParam("r", "i32");
|
|
2628
|
-
const
|
|
2629
|
-
ot.addCode(
|
|
2580
|
+
const T = ot.getCodeBuilder();
|
|
2581
|
+
ot.addCode(T.call(u + "_mul", T.getLocal("x"), T.getLocal("x"), T.getLocal("r")));
|
|
2630
2582
|
}
|
|
2631
|
-
function
|
|
2583
|
+
function z() {
|
|
2632
2584
|
const ot = t.addFunction(u + "_inverse");
|
|
2633
2585
|
ot.addParam("x", "i32"), ot.addParam("r", "i32");
|
|
2634
|
-
const
|
|
2635
|
-
ot.addCode(
|
|
2586
|
+
const T = ot.getCodeBuilder();
|
|
2587
|
+
ot.addCode(T.call(l + "_inverseMod", T.getLocal("x"), T.i32_const(A), T.getLocal("r")));
|
|
2636
2588
|
}
|
|
2637
2589
|
function x() {
|
|
2638
2590
|
const ot = t.addFunction(u + "_isNegative");
|
|
2639
2591
|
ot.addParam("x", "i32"), ot.setReturnType("i32");
|
|
2640
|
-
const
|
|
2592
|
+
const T = ot.getCodeBuilder();
|
|
2641
2593
|
ot.addCode(
|
|
2642
|
-
|
|
2594
|
+
T.call(l + "_gte", T.getLocal("x"), T.i32_const(O))
|
|
2643
2595
|
);
|
|
2644
2596
|
}
|
|
2645
|
-
return P(), E(),
|
|
2597
|
+
return P(), E(), z(), x(), t.exportFunction(C + "_add", u + "_add"), t.exportFunction(C + "_sub", u + "_sub"), t.exportFunction(C + "_neg", u + "_neg"), t.exportFunction(u + "_mul"), t.exportFunction(u + "_square"), t.exportFunction(u + "_inverse"), t.exportFunction(u + "_isNegative"), t.exportFunction(C + "_copy", u + "_copy"), t.exportFunction(C + "_zero", u + "_zero"), t.exportFunction(C + "_one", u + "_one"), t.exportFunction(C + "_isZero", u + "_isZero"), t.exportFunction(C + "_eq", u + "_eq"), u;
|
|
2646
2598
|
};
|
|
2647
2599
|
const ts = po, ns = Lo, ve = mn;
|
|
2648
2600
|
var Xi = function(t, n, e, i) {
|
|
@@ -2653,55 +2605,55 @@ var Xi = function(t, n, e, i) {
|
|
|
2653
2605
|
n64: t.modules[i].n64 * 2
|
|
2654
2606
|
};
|
|
2655
2607
|
function r() {
|
|
2656
|
-
const
|
|
2657
|
-
|
|
2658
|
-
const y =
|
|
2659
|
-
|
|
2608
|
+
const Q = t.addFunction(e + "_add");
|
|
2609
|
+
Q.addParam("x", "i32"), Q.addParam("y", "i32"), Q.addParam("r", "i32");
|
|
2610
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("y"), nt = y.i32_add(y.getLocal("y"), y.i32_const(s)), K = y.getLocal("r"), ct = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2611
|
+
Q.addCode(
|
|
2660
2612
|
y.call(i + "_add", v, it, K),
|
|
2661
2613
|
y.call(i + "_add", D, nt, ct)
|
|
2662
2614
|
);
|
|
2663
2615
|
}
|
|
2664
2616
|
function b() {
|
|
2665
|
-
const
|
|
2666
|
-
|
|
2667
|
-
const y =
|
|
2668
|
-
|
|
2617
|
+
const Q = t.addFunction(e + "_timesScalar");
|
|
2618
|
+
Q.addParam("x", "i32"), Q.addParam("scalar", "i32"), Q.addParam("scalarLen", "i32"), Q.addParam("r", "i32");
|
|
2619
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2620
|
+
Q.addCode(
|
|
2669
2621
|
y.call(i + "_timesScalar", v, y.getLocal("scalar"), y.getLocal("scalarLen"), it),
|
|
2670
2622
|
y.call(i + "_timesScalar", D, y.getLocal("scalar"), y.getLocal("scalarLen"), nt)
|
|
2671
2623
|
);
|
|
2672
2624
|
}
|
|
2673
2625
|
function u() {
|
|
2674
|
-
const
|
|
2675
|
-
|
|
2676
|
-
const y =
|
|
2677
|
-
|
|
2626
|
+
const Q = t.addFunction(e + "_sub");
|
|
2627
|
+
Q.addParam("x", "i32"), Q.addParam("y", "i32"), Q.addParam("r", "i32");
|
|
2628
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("y"), nt = y.i32_add(y.getLocal("y"), y.i32_const(s)), K = y.getLocal("r"), ct = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2629
|
+
Q.addCode(
|
|
2678
2630
|
y.call(i + "_sub", v, it, K),
|
|
2679
2631
|
y.call(i + "_sub", D, nt, ct)
|
|
2680
2632
|
);
|
|
2681
2633
|
}
|
|
2682
2634
|
function l() {
|
|
2683
|
-
const
|
|
2684
|
-
|
|
2685
|
-
const y =
|
|
2686
|
-
|
|
2635
|
+
const Q = t.addFunction(e + "_neg");
|
|
2636
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2637
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2638
|
+
Q.addCode(
|
|
2687
2639
|
y.call(i + "_neg", v, it),
|
|
2688
2640
|
y.call(i + "_neg", D, nt)
|
|
2689
2641
|
);
|
|
2690
2642
|
}
|
|
2691
2643
|
function C() {
|
|
2692
|
-
const
|
|
2693
|
-
|
|
2694
|
-
const y =
|
|
2695
|
-
|
|
2644
|
+
const Q = t.addFunction(e + "_conjugate");
|
|
2645
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2646
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2647
|
+
Q.addCode(
|
|
2696
2648
|
y.call(i + "_copy", v, it),
|
|
2697
2649
|
y.call(i + "_neg", D, nt)
|
|
2698
2650
|
);
|
|
2699
2651
|
}
|
|
2700
2652
|
function B() {
|
|
2701
|
-
const
|
|
2702
|
-
|
|
2703
|
-
const y =
|
|
2704
|
-
|
|
2653
|
+
const Q = t.addFunction(e + "_isNegative");
|
|
2654
|
+
Q.addParam("x", "i32"), Q.setReturnType("i32");
|
|
2655
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s));
|
|
2656
|
+
Q.addCode(
|
|
2705
2657
|
y.if(
|
|
2706
2658
|
y.call(i + "_isZero", D),
|
|
2707
2659
|
y.ret(y.call(i + "_isNegative", v))
|
|
@@ -2710,10 +2662,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2710
2662
|
);
|
|
2711
2663
|
}
|
|
2712
2664
|
function A() {
|
|
2713
|
-
const
|
|
2714
|
-
|
|
2715
|
-
const y =
|
|
2716
|
-
|
|
2665
|
+
const Q = t.addFunction(e + "_mul");
|
|
2666
|
+
Q.addParam("x", "i32"), Q.addParam("y", "i32"), Q.addParam("r", "i32");
|
|
2667
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("y"), nt = y.i32_add(y.getLocal("y"), y.i32_const(s)), K = y.getLocal("r"), ct = y.i32_add(y.getLocal("r"), y.i32_const(s)), J = y.i32_const(t.alloc(s)), st = y.i32_const(t.alloc(s)), At = y.i32_const(t.alloc(s)), Bt = y.i32_const(t.alloc(s));
|
|
2668
|
+
Q.addCode(
|
|
2717
2669
|
y.call(i + "_mul", v, it, J),
|
|
2718
2670
|
// A = x0*y0
|
|
2719
2671
|
y.call(i + "_mul", D, nt, st),
|
|
@@ -2736,10 +2688,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2736
2688
|
);
|
|
2737
2689
|
}
|
|
2738
2690
|
function O() {
|
|
2739
|
-
const
|
|
2740
|
-
|
|
2741
|
-
const y =
|
|
2742
|
-
|
|
2691
|
+
const Q = t.addFunction(e + "_mul1");
|
|
2692
|
+
Q.addParam("x", "i32"), Q.addParam("y", "i32"), Q.addParam("r", "i32");
|
|
2693
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("y"), nt = y.getLocal("r"), K = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2694
|
+
Q.addCode(
|
|
2743
2695
|
y.call(i + "_mul", v, it, nt),
|
|
2744
2696
|
// A = x0*y
|
|
2745
2697
|
y.call(i + "_mul", D, it, K)
|
|
@@ -2747,10 +2699,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2747
2699
|
);
|
|
2748
2700
|
}
|
|
2749
2701
|
function P() {
|
|
2750
|
-
const
|
|
2751
|
-
|
|
2752
|
-
const y =
|
|
2753
|
-
|
|
2702
|
+
const Q = t.addFunction(e + "_square");
|
|
2703
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2704
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s)), K = y.i32_const(t.alloc(s)), ct = y.i32_const(t.alloc(s)), J = y.i32_const(t.alloc(s)), st = y.i32_const(t.alloc(s));
|
|
2705
|
+
Q.addCode(
|
|
2754
2706
|
// AB = x0*y1
|
|
2755
2707
|
y.call(i + "_mul", v, D, K),
|
|
2756
2708
|
// APB = x0+y1
|
|
@@ -2769,55 +2721,55 @@ var Xi = function(t, n, e, i) {
|
|
|
2769
2721
|
);
|
|
2770
2722
|
}
|
|
2771
2723
|
function E() {
|
|
2772
|
-
const
|
|
2773
|
-
|
|
2774
|
-
const y =
|
|
2775
|
-
|
|
2724
|
+
const Q = t.addFunction(e + "_toMontgomery");
|
|
2725
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2726
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2727
|
+
Q.addCode(
|
|
2776
2728
|
y.call(i + "_toMontgomery", v, it),
|
|
2777
2729
|
y.call(i + "_toMontgomery", D, nt)
|
|
2778
2730
|
);
|
|
2779
2731
|
}
|
|
2780
|
-
function
|
|
2781
|
-
const
|
|
2782
|
-
|
|
2783
|
-
const y =
|
|
2784
|
-
|
|
2732
|
+
function z() {
|
|
2733
|
+
const Q = t.addFunction(e + "_fromMontgomery");
|
|
2734
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2735
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2736
|
+
Q.addCode(
|
|
2785
2737
|
y.call(i + "_fromMontgomery", v, it),
|
|
2786
2738
|
y.call(i + "_fromMontgomery", D, nt)
|
|
2787
2739
|
);
|
|
2788
2740
|
}
|
|
2789
2741
|
function x() {
|
|
2790
|
-
const
|
|
2791
|
-
|
|
2792
|
-
const y =
|
|
2793
|
-
|
|
2742
|
+
const Q = t.addFunction(e + "_copy");
|
|
2743
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2744
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s));
|
|
2745
|
+
Q.addCode(
|
|
2794
2746
|
y.call(i + "_copy", v, it),
|
|
2795
2747
|
y.call(i + "_copy", D, nt)
|
|
2796
2748
|
);
|
|
2797
2749
|
}
|
|
2798
2750
|
function ot() {
|
|
2799
|
-
const
|
|
2800
|
-
|
|
2801
|
-
const y =
|
|
2802
|
-
|
|
2751
|
+
const Q = t.addFunction(e + "_zero");
|
|
2752
|
+
Q.addParam("x", "i32");
|
|
2753
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s));
|
|
2754
|
+
Q.addCode(
|
|
2803
2755
|
y.call(i + "_zero", v),
|
|
2804
2756
|
y.call(i + "_zero", D)
|
|
2805
2757
|
);
|
|
2806
2758
|
}
|
|
2807
|
-
function
|
|
2808
|
-
const
|
|
2809
|
-
|
|
2810
|
-
const y =
|
|
2811
|
-
|
|
2759
|
+
function T() {
|
|
2760
|
+
const Q = t.addFunction(e + "_one");
|
|
2761
|
+
Q.addParam("x", "i32");
|
|
2762
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s));
|
|
2763
|
+
Q.addCode(
|
|
2812
2764
|
y.call(i + "_one", v),
|
|
2813
2765
|
y.call(i + "_zero", D)
|
|
2814
2766
|
);
|
|
2815
2767
|
}
|
|
2816
2768
|
function rt() {
|
|
2817
|
-
const
|
|
2818
|
-
|
|
2819
|
-
const y =
|
|
2820
|
-
|
|
2769
|
+
const Q = t.addFunction(e + "_eq");
|
|
2770
|
+
Q.addParam("x", "i32"), Q.addParam("y", "i32"), Q.setReturnType("i32");
|
|
2771
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("y"), nt = y.i32_add(y.getLocal("y"), y.i32_const(s));
|
|
2772
|
+
Q.addCode(
|
|
2821
2773
|
y.i32_and(
|
|
2822
2774
|
y.call(i + "_eq", v, it),
|
|
2823
2775
|
y.call(i + "_eq", D, nt)
|
|
@@ -2825,10 +2777,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2825
2777
|
);
|
|
2826
2778
|
}
|
|
2827
2779
|
function F() {
|
|
2828
|
-
const
|
|
2829
|
-
|
|
2830
|
-
const y =
|
|
2831
|
-
|
|
2780
|
+
const Q = t.addFunction(e + "_isZero");
|
|
2781
|
+
Q.addParam("x", "i32"), Q.setReturnType("i32");
|
|
2782
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s));
|
|
2783
|
+
Q.addCode(
|
|
2832
2784
|
y.i32_and(
|
|
2833
2785
|
y.call(i + "_isZero", v),
|
|
2834
2786
|
y.call(i + "_isZero", D)
|
|
@@ -2836,10 +2788,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2836
2788
|
);
|
|
2837
2789
|
}
|
|
2838
2790
|
function f() {
|
|
2839
|
-
const
|
|
2840
|
-
|
|
2841
|
-
const y =
|
|
2842
|
-
|
|
2791
|
+
const Q = t.addFunction(e + "_inverse");
|
|
2792
|
+
Q.addParam("x", "i32"), Q.addParam("r", "i32");
|
|
2793
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s)), it = y.getLocal("r"), nt = y.i32_add(y.getLocal("r"), y.i32_const(s)), K = y.i32_const(t.alloc(s)), ct = y.i32_const(t.alloc(s)), J = y.i32_const(t.alloc(s)), st = y.i32_const(t.alloc(s));
|
|
2794
|
+
Q.addCode(
|
|
2843
2795
|
y.call(i + "_square", v, K),
|
|
2844
2796
|
y.call(i + "_square", D, ct),
|
|
2845
2797
|
// c.call(f1mPrefix+"_mul", t1, c.i32_const(pNonResidue), t2),
|
|
@@ -2852,10 +2804,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2852
2804
|
);
|
|
2853
2805
|
}
|
|
2854
2806
|
function L() {
|
|
2855
|
-
const
|
|
2856
|
-
|
|
2857
|
-
const y =
|
|
2858
|
-
|
|
2807
|
+
const Q = t.addFunction(e + "_sign");
|
|
2808
|
+
Q.addParam("x", "i32"), Q.addLocal("s", "i32"), Q.setReturnType("i32");
|
|
2809
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s));
|
|
2810
|
+
Q.addCode(
|
|
2859
2811
|
y.setLocal("s", y.call(i + "_sign", D)),
|
|
2860
2812
|
y.if(
|
|
2861
2813
|
y.getLocal("s"),
|
|
@@ -2865,10 +2817,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2865
2817
|
);
|
|
2866
2818
|
}
|
|
2867
2819
|
function V() {
|
|
2868
|
-
const
|
|
2869
|
-
|
|
2870
|
-
const y =
|
|
2871
|
-
|
|
2820
|
+
const Q = t.addFunction(e + "_isOne");
|
|
2821
|
+
Q.addParam("x", "i32"), Q.setReturnType("i32");
|
|
2822
|
+
const y = Q.getCodeBuilder(), v = y.getLocal("x"), D = y.i32_add(y.getLocal("x"), y.i32_const(s));
|
|
2823
|
+
Q.addCode(
|
|
2872
2824
|
y.ret(y.i32_and(
|
|
2873
2825
|
y.call(i + "_isOne", v),
|
|
2874
2826
|
y.call(i + "_isZero", D)
|
|
@@ -2876,10 +2828,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2876
2828
|
);
|
|
2877
2829
|
}
|
|
2878
2830
|
function $() {
|
|
2879
|
-
const
|
|
2880
|
-
|
|
2881
|
-
const y =
|
|
2882
|
-
|
|
2831
|
+
const Q = t.addFunction(e + "_sqrt");
|
|
2832
|
+
Q.addParam("a", "i32"), Q.addParam("pr", "i32");
|
|
2833
|
+
const y = Q.getCodeBuilder(), v = y.i32_const(t.alloc(ve.bigInt2BytesLE((BigInt(d || 0) - 3n) / 4n, s))), D = y.i32_const(t.alloc(ve.bigInt2BytesLE((BigInt(d || 0) - 1n) / 2n, s))), it = y.getLocal("a"), nt = y.i32_const(t.alloc(s * 2)), K = y.i32_const(t.alloc(s * 2)), ct = y.i32_const(t.alloc(s * 2)), J = t.alloc(s * 2), st = y.i32_const(J), At = y.i32_const(J), Bt = y.i32_const(J + s), pt = y.i32_const(t.alloc(s * 2)), p = y.i32_const(t.alloc(s * 2));
|
|
2834
|
+
Q.addCode(
|
|
2883
2835
|
y.call(e + "_one", st),
|
|
2884
2836
|
y.call(e + "_neg", st, st),
|
|
2885
2837
|
// const a1 = F.pow(a, F.sqrt_e34);
|
|
@@ -2915,10 +2867,10 @@ var Xi = function(t, n, e, i) {
|
|
|
2915
2867
|
);
|
|
2916
2868
|
}
|
|
2917
2869
|
function X() {
|
|
2918
|
-
const
|
|
2919
|
-
|
|
2920
|
-
const y =
|
|
2921
|
-
|
|
2870
|
+
const Q = t.addFunction(e + "_isSquare");
|
|
2871
|
+
Q.addParam("a", "i32"), Q.setReturnType("i32");
|
|
2872
|
+
const y = Q.getCodeBuilder(), v = y.i32_const(t.alloc(ve.bigInt2BytesLE((BigInt(d || 0) - 3n) / 4n, s))), D = y.getLocal("a"), it = y.i32_const(t.alloc(s * 2)), nt = y.i32_const(t.alloc(s * 2)), K = y.i32_const(t.alloc(s * 2)), ct = t.alloc(s * 2), J = y.i32_const(ct);
|
|
2873
|
+
Q.addCode(
|
|
2922
2874
|
y.call(e + "_one", J),
|
|
2923
2875
|
y.call(e + "_neg", J, J),
|
|
2924
2876
|
// const a1 = F.pow(a, F.sqrt_e34);
|
|
@@ -2941,7 +2893,7 @@ var Xi = function(t, n, e, i) {
|
|
|
2941
2893
|
y.ret(y.i32_const(1))
|
|
2942
2894
|
);
|
|
2943
2895
|
}
|
|
2944
|
-
return F(), V(), ot(),
|
|
2896
|
+
return F(), V(), ot(), T(), x(), A(), O(), P(), r(), u(), l(), C(), E(), z(), rt(), f(), b(), L(), B(), t.exportFunction(e + "_isZero"), t.exportFunction(e + "_isOne"), t.exportFunction(e + "_zero"), t.exportFunction(e + "_one"), t.exportFunction(e + "_copy"), t.exportFunction(e + "_mul"), t.exportFunction(e + "_mul1"), t.exportFunction(e + "_square"), t.exportFunction(e + "_add"), t.exportFunction(e + "_sub"), t.exportFunction(e + "_neg"), t.exportFunction(e + "_sign"), t.exportFunction(e + "_conjugate"), t.exportFunction(e + "_fromMontgomery"), t.exportFunction(e + "_toMontgomery"), t.exportFunction(e + "_eq"), t.exportFunction(e + "_inverse"), ns(t, e), ts(
|
|
2945
2897
|
t,
|
|
2946
2898
|
e + "_exp",
|
|
2947
2899
|
s * 2,
|
|
@@ -2962,9 +2914,9 @@ var ta = function(t, n, e, i) {
|
|
|
2962
2914
|
function d() {
|
|
2963
2915
|
const f = t.addFunction(e + "_add");
|
|
2964
2916
|
f.addParam("x", "i32"), f.addParam("y", "i32"), f.addParam("r", "i32");
|
|
2965
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
2917
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("y"), y = L.i32_add(L.getLocal("y"), L.i32_const(s)), v = L.i32_add(L.getLocal("y"), L.i32_const(2 * s)), D = L.getLocal("r"), it = L.i32_add(L.getLocal("r"), L.i32_const(s)), nt = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
2966
2918
|
f.addCode(
|
|
2967
|
-
L.call(i + "_add", V,
|
|
2919
|
+
L.call(i + "_add", V, Q, D),
|
|
2968
2920
|
L.call(i + "_add", $, y, it),
|
|
2969
2921
|
L.call(i + "_add", X, v, nt)
|
|
2970
2922
|
);
|
|
@@ -2972,9 +2924,9 @@ var ta = function(t, n, e, i) {
|
|
|
2972
2924
|
function r() {
|
|
2973
2925
|
const f = t.addFunction(e + "_timesScalar");
|
|
2974
2926
|
f.addParam("x", "i32"), f.addParam("scalar", "i32"), f.addParam("scalarLen", "i32"), f.addParam("r", "i32");
|
|
2975
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
2927
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
2976
2928
|
f.addCode(
|
|
2977
|
-
L.call(i + "_timesScalar", V, L.getLocal("scalar"), L.getLocal("scalarLen"),
|
|
2929
|
+
L.call(i + "_timesScalar", V, L.getLocal("scalar"), L.getLocal("scalarLen"), Q),
|
|
2978
2930
|
L.call(i + "_timesScalar", $, L.getLocal("scalar"), L.getLocal("scalarLen"), y),
|
|
2979
2931
|
L.call(i + "_timesScalar", X, L.getLocal("scalar"), L.getLocal("scalarLen"), v)
|
|
2980
2932
|
);
|
|
@@ -2982,9 +2934,9 @@ var ta = function(t, n, e, i) {
|
|
|
2982
2934
|
function b() {
|
|
2983
2935
|
const f = t.addFunction(e + "_sub");
|
|
2984
2936
|
f.addParam("x", "i32"), f.addParam("y", "i32"), f.addParam("r", "i32");
|
|
2985
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
2937
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("y"), y = L.i32_add(L.getLocal("y"), L.i32_const(s)), v = L.i32_add(L.getLocal("y"), L.i32_const(2 * s)), D = L.getLocal("r"), it = L.i32_add(L.getLocal("r"), L.i32_const(s)), nt = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
2986
2938
|
f.addCode(
|
|
2987
|
-
L.call(i + "_sub", V,
|
|
2939
|
+
L.call(i + "_sub", V, Q, D),
|
|
2988
2940
|
L.call(i + "_sub", $, y, it),
|
|
2989
2941
|
L.call(i + "_sub", X, v, nt)
|
|
2990
2942
|
);
|
|
@@ -2992,9 +2944,9 @@ var ta = function(t, n, e, i) {
|
|
|
2992
2944
|
function u() {
|
|
2993
2945
|
const f = t.addFunction(e + "_neg");
|
|
2994
2946
|
f.addParam("x", "i32"), f.addParam("r", "i32");
|
|
2995
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
2947
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
2996
2948
|
f.addCode(
|
|
2997
|
-
L.call(i + "_neg", V,
|
|
2949
|
+
L.call(i + "_neg", V, Q),
|
|
2998
2950
|
L.call(i + "_neg", $, y),
|
|
2999
2951
|
L.call(i + "_neg", X, v)
|
|
3000
2952
|
);
|
|
@@ -3018,15 +2970,15 @@ var ta = function(t, n, e, i) {
|
|
|
3018
2970
|
function C() {
|
|
3019
2971
|
const f = t.addFunction(e + "_mul");
|
|
3020
2972
|
f.addParam("x", "i32"), f.addParam("y", "i32"), f.addParam("r", "i32");
|
|
3021
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
2973
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("y"), y = L.i32_add(L.getLocal("y"), L.i32_const(s)), v = L.i32_add(L.getLocal("y"), L.i32_const(2 * s)), D = L.getLocal("r"), it = L.i32_add(L.getLocal("r"), L.i32_const(s)), nt = L.i32_add(L.getLocal("r"), L.i32_const(2 * s)), K = L.i32_const(t.alloc(s)), ct = L.i32_const(t.alloc(s)), J = L.i32_const(t.alloc(s)), st = L.i32_const(t.alloc(s)), At = L.i32_const(t.alloc(s)), Bt = L.i32_const(t.alloc(s)), pt = L.i32_const(t.alloc(s)), p = L.i32_const(t.alloc(s)), a = L.i32_const(t.alloc(s)), m = L.i32_const(t.alloc(s)), c = L.i32_const(t.alloc(s)), w = L.i32_const(t.alloc(s)), I = L.i32_const(t.alloc(s));
|
|
3022
2974
|
f.addCode(
|
|
3023
|
-
L.call(i + "_mul", V,
|
|
2975
|
+
L.call(i + "_mul", V, Q, K),
|
|
3024
2976
|
L.call(i + "_mul", $, y, ct),
|
|
3025
2977
|
L.call(i + "_mul", X, v, J),
|
|
3026
2978
|
L.call(i + "_add", V, $, st),
|
|
3027
|
-
L.call(i + "_add",
|
|
2979
|
+
L.call(i + "_add", Q, y, At),
|
|
3028
2980
|
L.call(i + "_add", V, X, Bt),
|
|
3029
|
-
L.call(i + "_add",
|
|
2981
|
+
L.call(i + "_add", Q, v, pt),
|
|
3030
2982
|
L.call(i + "_add", $, X, p),
|
|
3031
2983
|
L.call(i + "_add", y, v, a),
|
|
3032
2984
|
L.call(i + "_add", K, ct, m),
|
|
@@ -3048,7 +3000,7 @@ var ta = function(t, n, e, i) {
|
|
|
3048
3000
|
function B() {
|
|
3049
3001
|
const f = t.addFunction(e + "_square");
|
|
3050
3002
|
f.addParam("x", "i32"), f.addParam("r", "i32");
|
|
3051
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
3003
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s)), D = L.i32_const(t.alloc(s)), it = L.i32_const(t.alloc(s)), nt = L.i32_const(t.alloc(s)), K = L.i32_const(t.alloc(s)), ct = L.i32_const(t.alloc(s)), J = L.i32_const(t.alloc(s)), st = L.i32_const(t.alloc(s));
|
|
3052
3004
|
f.addCode(
|
|
3053
3005
|
L.call(i + "_square", V, D),
|
|
3054
3006
|
L.call(i + "_mul", V, $, it),
|
|
@@ -3059,8 +3011,8 @@ var ta = function(t, n, e, i) {
|
|
|
3059
3011
|
L.call(i + "_mul", $, X, ct),
|
|
3060
3012
|
L.call(i + "_add", ct, ct, J),
|
|
3061
3013
|
L.call(i + "_square", X, st),
|
|
3062
|
-
L.call(n, J,
|
|
3063
|
-
L.call(i + "_add", D,
|
|
3014
|
+
L.call(n, J, Q),
|
|
3015
|
+
L.call(i + "_add", D, Q, Q),
|
|
3064
3016
|
L.call(n, st, y),
|
|
3065
3017
|
L.call(i + "_add", nt, y, y),
|
|
3066
3018
|
L.call(i + "_add", D, st, v),
|
|
@@ -3072,9 +3024,9 @@ var ta = function(t, n, e, i) {
|
|
|
3072
3024
|
function A() {
|
|
3073
3025
|
const f = t.addFunction(e + "_toMontgomery");
|
|
3074
3026
|
f.addParam("x", "i32"), f.addParam("r", "i32");
|
|
3075
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
3027
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
3076
3028
|
f.addCode(
|
|
3077
|
-
L.call(i + "_toMontgomery", V,
|
|
3029
|
+
L.call(i + "_toMontgomery", V, Q),
|
|
3078
3030
|
L.call(i + "_toMontgomery", $, y),
|
|
3079
3031
|
L.call(i + "_toMontgomery", X, v)
|
|
3080
3032
|
);
|
|
@@ -3082,9 +3034,9 @@ var ta = function(t, n, e, i) {
|
|
|
3082
3034
|
function O() {
|
|
3083
3035
|
const f = t.addFunction(e + "_fromMontgomery");
|
|
3084
3036
|
f.addParam("x", "i32"), f.addParam("r", "i32");
|
|
3085
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
3037
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
3086
3038
|
f.addCode(
|
|
3087
|
-
L.call(i + "_fromMontgomery", V,
|
|
3039
|
+
L.call(i + "_fromMontgomery", V, Q),
|
|
3088
3040
|
L.call(i + "_fromMontgomery", $, y),
|
|
3089
3041
|
L.call(i + "_fromMontgomery", X, v)
|
|
3090
3042
|
);
|
|
@@ -3092,9 +3044,9 @@ var ta = function(t, n, e, i) {
|
|
|
3092
3044
|
function P() {
|
|
3093
3045
|
const f = t.addFunction(e + "_copy");
|
|
3094
3046
|
f.addParam("x", "i32"), f.addParam("r", "i32");
|
|
3095
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
3047
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s));
|
|
3096
3048
|
f.addCode(
|
|
3097
|
-
L.call(i + "_copy", V,
|
|
3049
|
+
L.call(i + "_copy", V, Q),
|
|
3098
3050
|
L.call(i + "_copy", $, y),
|
|
3099
3051
|
L.call(i + "_copy", X, v)
|
|
3100
3052
|
);
|
|
@@ -3109,7 +3061,7 @@ var ta = function(t, n, e, i) {
|
|
|
3109
3061
|
L.call(i + "_zero", X)
|
|
3110
3062
|
);
|
|
3111
3063
|
}
|
|
3112
|
-
function
|
|
3064
|
+
function z() {
|
|
3113
3065
|
const f = t.addFunction(e + "_one");
|
|
3114
3066
|
f.addParam("x", "i32");
|
|
3115
3067
|
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s));
|
|
@@ -3122,11 +3074,11 @@ var ta = function(t, n, e, i) {
|
|
|
3122
3074
|
function x() {
|
|
3123
3075
|
const f = t.addFunction(e + "_eq");
|
|
3124
3076
|
f.addParam("x", "i32"), f.addParam("y", "i32"), f.setReturnType("i32");
|
|
3125
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
3077
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("y"), y = L.i32_add(L.getLocal("y"), L.i32_const(s)), v = L.i32_add(L.getLocal("y"), L.i32_const(2 * s));
|
|
3126
3078
|
f.addCode(
|
|
3127
3079
|
L.i32_and(
|
|
3128
3080
|
L.i32_and(
|
|
3129
|
-
L.call(i + "_eq", V,
|
|
3081
|
+
L.call(i + "_eq", V, Q),
|
|
3130
3082
|
L.call(i + "_eq", $, y)
|
|
3131
3083
|
),
|
|
3132
3084
|
L.call(i + "_eq", X, v)
|
|
@@ -3147,10 +3099,10 @@ var ta = function(t, n, e, i) {
|
|
|
3147
3099
|
)
|
|
3148
3100
|
);
|
|
3149
3101
|
}
|
|
3150
|
-
function
|
|
3102
|
+
function T() {
|
|
3151
3103
|
const f = t.addFunction(e + "_inverse");
|
|
3152
3104
|
f.addParam("x", "i32"), f.addParam("r", "i32");
|
|
3153
|
-
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)),
|
|
3105
|
+
const L = f.getCodeBuilder(), V = L.getLocal("x"), $ = L.i32_add(L.getLocal("x"), L.i32_const(s)), X = L.i32_add(L.getLocal("x"), L.i32_const(2 * s)), Q = L.getLocal("r"), y = L.i32_add(L.getLocal("r"), L.i32_const(s)), v = L.i32_add(L.getLocal("r"), L.i32_const(2 * s)), D = L.i32_const(t.alloc(s)), it = L.i32_const(t.alloc(s)), nt = L.i32_const(t.alloc(s)), K = L.i32_const(t.alloc(s)), ct = L.i32_const(t.alloc(s)), J = L.i32_const(t.alloc(s)), st = L.i32_const(t.alloc(s)), At = L.i32_const(t.alloc(s)), Bt = L.i32_const(t.alloc(s)), pt = L.i32_const(t.alloc(s)), p = L.i32_const(t.alloc(s));
|
|
3154
3106
|
f.addCode(
|
|
3155
3107
|
L.call(i + "_square", V, D),
|
|
3156
3108
|
L.call(i + "_square", $, it),
|
|
@@ -3170,7 +3122,7 @@ var ta = function(t, n, e, i) {
|
|
|
3170
3122
|
L.call(i + "_mul", V, st, p),
|
|
3171
3123
|
L.call(i + "_add", p, pt, pt),
|
|
3172
3124
|
L.call(i + "_inverse", pt, pt),
|
|
3173
|
-
L.call(i + "_mul", pt, st,
|
|
3125
|
+
L.call(i + "_mul", pt, st, Q),
|
|
3174
3126
|
L.call(i + "_mul", pt, At, y),
|
|
3175
3127
|
L.call(i + "_mul", pt, Bt, v)
|
|
3176
3128
|
);
|
|
@@ -3209,7 +3161,7 @@ var ta = function(t, n, e, i) {
|
|
|
3209
3161
|
)
|
|
3210
3162
|
);
|
|
3211
3163
|
}
|
|
3212
|
-
return ot(), F(), E(),
|
|
3164
|
+
return ot(), F(), E(), z(), P(), C(), B(), d(), b(), u(), rt(), A(), O(), x(), T(), r(), l(), t.exportFunction(e + "_isZero"), t.exportFunction(e + "_isOne"), t.exportFunction(e + "_zero"), t.exportFunction(e + "_one"), t.exportFunction(e + "_copy"), t.exportFunction(e + "_mul"), t.exportFunction(e + "_square"), t.exportFunction(e + "_add"), t.exportFunction(e + "_sub"), t.exportFunction(e + "_neg"), t.exportFunction(e + "_sign"), t.exportFunction(e + "_fromMontgomery"), t.exportFunction(e + "_toMontgomery"), t.exportFunction(e + "_eq"), t.exportFunction(e + "_inverse"), os(t, e), es(
|
|
3213
3165
|
t,
|
|
3214
3166
|
e + "_exp",
|
|
3215
3167
|
s * 3,
|
|
@@ -3793,7 +3745,7 @@ var ta = function(t, n, e, i) {
|
|
|
3793
3745
|
}
|
|
3794
3746
|
b(), C(), u(), l(), t.exportFunction(e), t.exportFunction(e + "_chunk");
|
|
3795
3747
|
};
|
|
3796
|
-
const
|
|
3748
|
+
const zo = is, kn = Vi, To = as;
|
|
3797
3749
|
var na = function(t, n, e, i) {
|
|
3798
3750
|
const s = t.modules[e].n64, d = s * 8;
|
|
3799
3751
|
if (t.modules[n])
|
|
@@ -4062,7 +4014,7 @@ var na = function(t, n, e, i) {
|
|
|
4062
4014
|
a.call(e + "_sub", I, ut, I)
|
|
4063
4015
|
);
|
|
4064
4016
|
}
|
|
4065
|
-
function
|
|
4017
|
+
function z() {
|
|
4066
4018
|
const p = t.addFunction(n + "_eqAffine");
|
|
4067
4019
|
p.addParam("p1", "i32"), p.addParam("p2", "i32"), p.setReturnType("i32"), p.addLocal("z1", "i32");
|
|
4068
4020
|
const a = p.getCodeBuilder();
|
|
@@ -4113,7 +4065,7 @@ var na = function(t, n, e, i) {
|
|
|
4113
4065
|
a.i32_add(a.getLocal("pr"), a.i32_const(m * d))
|
|
4114
4066
|
));
|
|
4115
4067
|
}
|
|
4116
|
-
function
|
|
4068
|
+
function T() {
|
|
4117
4069
|
const p = t.addFunction(n + "_fromMontgomery");
|
|
4118
4070
|
p.addParam("p1", "i32"), p.addParam("pr", "i32");
|
|
4119
4071
|
const a = p.getCodeBuilder();
|
|
@@ -4152,7 +4104,7 @@ var na = function(t, n, e, i) {
|
|
|
4152
4104
|
p.addCode(a.setLocal("z1", a.i32_add(a.getLocal("p1"), a.i32_const(d * 2))));
|
|
4153
4105
|
const w = a.getLocal("z1"), I = a.getLocal("p2"), h = a.i32_add(a.getLocal("p2"), a.i32_const(d));
|
|
4154
4106
|
p.addCode(a.setLocal("z2", a.i32_add(a.getLocal("p2"), a.i32_const(d * 2))));
|
|
4155
|
-
const S = a.getLocal("z2"), W = a.getLocal("pr"), N = a.i32_add(a.getLocal("pr"), a.i32_const(d)), at = a.i32_add(a.getLocal("pr"), a.i32_const(d * 2)), It = a.i32_const(t.alloc(d)), ut = a.i32_const(t.alloc(d)), Lt = a.i32_const(t.alloc(d)), St = a.i32_const(t.alloc(d)), gt = a.i32_const(t.alloc(d)), dt = a.i32_const(t.alloc(d)), yt = a.i32_const(t.alloc(d)), vt = a.i32_const(t.alloc(d)), Ut = a.i32_const(t.alloc(d)), Vt = a.i32_const(t.alloc(d)), Dt = a.i32_const(t.alloc(d)), jt = a.i32_const(t.alloc(d)),
|
|
4107
|
+
const S = a.getLocal("z2"), W = a.getLocal("pr"), N = a.i32_add(a.getLocal("pr"), a.i32_const(d)), at = a.i32_add(a.getLocal("pr"), a.i32_const(d * 2)), It = a.i32_const(t.alloc(d)), ut = a.i32_const(t.alloc(d)), Lt = a.i32_const(t.alloc(d)), St = a.i32_const(t.alloc(d)), gt = a.i32_const(t.alloc(d)), dt = a.i32_const(t.alloc(d)), yt = a.i32_const(t.alloc(d)), vt = a.i32_const(t.alloc(d)), Ut = a.i32_const(t.alloc(d)), Vt = a.i32_const(t.alloc(d)), Dt = a.i32_const(t.alloc(d)), jt = a.i32_const(t.alloc(d)), zt = a.i32_const(t.alloc(d)), Nt = a.i32_const(t.alloc(d)), Kt = a.i32_const(t.alloc(d)), en = a.i32_const(t.alloc(d)), Zt = a.i32_const(t.alloc(d));
|
|
4156
4108
|
p.addCode(
|
|
4157
4109
|
a.if(
|
|
4158
4110
|
a.call(n + "_isZero", a.getLocal("p1")),
|
|
@@ -4205,16 +4157,16 @@ var na = function(t, n, e, i) {
|
|
|
4205
4157
|
a.call(e + "_add", Ut, Ut, Dt),
|
|
4206
4158
|
a.call(e + "_square", Dt, Dt),
|
|
4207
4159
|
a.call(e + "_mul", Ut, Dt, jt),
|
|
4208
|
-
a.call(e + "_add", Vt, Vt,
|
|
4160
|
+
a.call(e + "_add", Vt, Vt, zt),
|
|
4209
4161
|
a.call(e + "_mul", Lt, Dt, Kt),
|
|
4210
|
-
a.call(e + "_square",
|
|
4162
|
+
a.call(e + "_square", zt, Nt),
|
|
4211
4163
|
a.call(e + "_add", Kt, Kt, en),
|
|
4212
4164
|
a.call(e + "_sub", Nt, jt, W),
|
|
4213
4165
|
a.call(e + "_sub", W, en, W),
|
|
4214
4166
|
a.call(e + "_mul", yt, jt, Zt),
|
|
4215
4167
|
a.call(e + "_add", Zt, Zt, Zt),
|
|
4216
4168
|
a.call(e + "_sub", Kt, W, N),
|
|
4217
|
-
a.call(e + "_mul", N,
|
|
4169
|
+
a.call(e + "_mul", N, zt, N),
|
|
4218
4170
|
a.call(e + "_sub", N, Zt, N),
|
|
4219
4171
|
a.call(e + "_add", w, S, at),
|
|
4220
4172
|
a.call(e + "_square", at, at),
|
|
@@ -4228,7 +4180,7 @@ var na = function(t, n, e, i) {
|
|
|
4228
4180
|
p.addParam("p1", "i32"), p.addParam("p2", "i32"), p.addParam("pr", "i32"), p.addLocal("z1", "i32");
|
|
4229
4181
|
const a = p.getCodeBuilder(), m = a.getLocal("p1"), c = a.i32_add(a.getLocal("p1"), a.i32_const(d));
|
|
4230
4182
|
p.addCode(a.setLocal("z1", a.i32_add(a.getLocal("p1"), a.i32_const(d * 2))));
|
|
4231
|
-
const w = a.getLocal("z1"), I = a.getLocal("p2"), h = a.i32_add(a.getLocal("p2"), a.i32_const(d)), S = a.getLocal("pr"), W = a.i32_add(a.getLocal("pr"), a.i32_const(d)), N = a.i32_add(a.getLocal("pr"), a.i32_const(d * 2)), at = a.i32_const(t.alloc(d)), It = a.i32_const(t.alloc(d)), ut = a.i32_const(t.alloc(d)), Lt = a.i32_const(t.alloc(d)), St = a.i32_const(t.alloc(d)), gt = a.i32_const(t.alloc(d)), dt = a.i32_const(t.alloc(d)), yt = a.i32_const(t.alloc(d)), vt = a.i32_const(t.alloc(d)), Ut = a.i32_const(t.alloc(d)), Vt = a.i32_const(t.alloc(d)), Dt = a.i32_const(t.alloc(d)), jt = a.i32_const(t.alloc(d)),
|
|
4183
|
+
const w = a.getLocal("z1"), I = a.getLocal("p2"), h = a.i32_add(a.getLocal("p2"), a.i32_const(d)), S = a.getLocal("pr"), W = a.i32_add(a.getLocal("pr"), a.i32_const(d)), N = a.i32_add(a.getLocal("pr"), a.i32_const(d * 2)), at = a.i32_const(t.alloc(d)), It = a.i32_const(t.alloc(d)), ut = a.i32_const(t.alloc(d)), Lt = a.i32_const(t.alloc(d)), St = a.i32_const(t.alloc(d)), gt = a.i32_const(t.alloc(d)), dt = a.i32_const(t.alloc(d)), yt = a.i32_const(t.alloc(d)), vt = a.i32_const(t.alloc(d)), Ut = a.i32_const(t.alloc(d)), Vt = a.i32_const(t.alloc(d)), Dt = a.i32_const(t.alloc(d)), jt = a.i32_const(t.alloc(d)), zt = a.i32_const(t.alloc(d));
|
|
4232
4184
|
p.addCode(
|
|
4233
4185
|
a.if(
|
|
4234
4186
|
a.call(n + "_isZero", a.getLocal("p1")),
|
|
@@ -4278,11 +4230,11 @@ var na = function(t, n, e, i) {
|
|
|
4278
4230
|
a.call(e + "_add", Dt, Dt, jt),
|
|
4279
4231
|
a.call(e + "_sub", Vt, vt, S),
|
|
4280
4232
|
a.call(e + "_sub", S, jt, S),
|
|
4281
|
-
a.call(e + "_mul", c, vt,
|
|
4282
|
-
a.call(e + "_add",
|
|
4233
|
+
a.call(e + "_mul", c, vt, zt),
|
|
4234
|
+
a.call(e + "_add", zt, zt, zt),
|
|
4283
4235
|
a.call(e + "_sub", Dt, S, W),
|
|
4284
4236
|
a.call(e + "_mul", W, Ut, W),
|
|
4285
|
-
a.call(e + "_sub", W,
|
|
4237
|
+
a.call(e + "_sub", W, zt, W),
|
|
4286
4238
|
a.call(e + "_add", w, St, N),
|
|
4287
4239
|
a.call(e + "_square", N, N),
|
|
4288
4240
|
a.call(e + "_sub", N, at, N),
|
|
@@ -4370,7 +4322,7 @@ var na = function(t, n, e, i) {
|
|
|
4370
4322
|
a.call(n + "_add", a.getLocal("p1"), m, a.getLocal("pr"))
|
|
4371
4323
|
);
|
|
4372
4324
|
}
|
|
4373
|
-
function
|
|
4325
|
+
function Q() {
|
|
4374
4326
|
const p = t.addFunction(n + "_subMixed");
|
|
4375
4327
|
p.addParam("p1", "i32"), p.addParam("p2", "i32"), p.addParam("pr", "i32");
|
|
4376
4328
|
const a = p.getCodeBuilder(), m = a.i32_const(t.alloc(d * 3));
|
|
@@ -4688,7 +4640,7 @@ var na = function(t, n, e, i) {
|
|
|
4688
4640
|
)
|
|
4689
4641
|
);
|
|
4690
4642
|
}
|
|
4691
|
-
return b(), r(), B(), C(), l(), u(), it(),
|
|
4643
|
+
return b(), r(), B(), C(), l(), u(), it(), z(), O(), A(), E(), P(), L(), f(), F(), $(), V(), y(), Q(), X(), rt(), T(), ot(), x(), D(), Bt(), pt(), nt(), v(), K(), J(), ct(), st(), At(), kn(t, n + "_batchLEMtoU", n + "_LEMtoU", d * 2, d * 2), kn(t, n + "_batchLEMtoC", n + "_LEMtoC", d * 2, d), kn(t, n + "_batchUtoLEM", n + "_UtoLEM", d * 2, d * 2), kn(t, n + "_batchCtoLEM", n + "_CtoLEM", d, d * 2, !0), kn(t, n + "_batchToJacobian", n + "_toJacobian", d * 2, d * 3, !0), To(t, n, n + "_multiexp", n + "_add", d * 3), To(t, n, n + "_multiexpAffine", n + "_addMixed", d * 2), zo(
|
|
4692
4644
|
t,
|
|
4693
4645
|
n + "_timesScalar",
|
|
4694
4646
|
d * 3,
|
|
@@ -4697,7 +4649,7 @@ var na = function(t, n, e, i) {
|
|
|
4697
4649
|
n + "_sub",
|
|
4698
4650
|
n + "_copy",
|
|
4699
4651
|
n + "_zero"
|
|
4700
|
-
),
|
|
4652
|
+
), zo(
|
|
4701
4653
|
t,
|
|
4702
4654
|
n + "_timesScalarAffine",
|
|
4703
4655
|
d * 2,
|
|
@@ -4722,24 +4674,24 @@ var ea = function(t, n, e, i, s) {
|
|
|
4722
4674
|
let P = B - 1;
|
|
4723
4675
|
for (; P >= 0; )
|
|
4724
4676
|
O[P] = Nn(O[P + 1], 2n, l), P--;
|
|
4725
|
-
const E = [],
|
|
4677
|
+
const E = [], z = (1n << BigInt(r * 8)) % l;
|
|
4726
4678
|
for (let m = 0; m < O.length; m++) {
|
|
4727
|
-
const c = O[m] *
|
|
4679
|
+
const c = O[m] * z % l;
|
|
4728
4680
|
E.push(...le.bigInt2BytesLE(c, r));
|
|
4729
4681
|
}
|
|
4730
4682
|
const x = t.alloc(E), ot = new Array(B + 1);
|
|
4731
4683
|
ot[0] = 1n;
|
|
4732
4684
|
for (let m = 1; m <= B; m++)
|
|
4733
4685
|
ot[m] = ot[m - 1] * 2n;
|
|
4734
|
-
const
|
|
4686
|
+
const T = [];
|
|
4735
4687
|
for (let m = 0; m <= B; m++) {
|
|
4736
|
-
const c = Ro(ot[m], l) *
|
|
4737
|
-
|
|
4688
|
+
const c = Ro(ot[m], l) * z % l;
|
|
4689
|
+
T.push(...le.bigInt2BytesLE(c, r));
|
|
4738
4690
|
}
|
|
4739
|
-
const rt = t.alloc(
|
|
4691
|
+
const rt = t.alloc(T), F = Nn(A, 2n, l), f = [], L = [];
|
|
4740
4692
|
for (let m = 0; m <= B; m++) {
|
|
4741
4693
|
const c = Nn(F, 2n ** BigInt(m), l), w = Ro(l + 1n - c, l);
|
|
4742
|
-
f.push(...le.bigInt2BytesLE(c *
|
|
4694
|
+
f.push(...le.bigInt2BytesLE(c * z % l, r)), L.push(...le.bigInt2BytesLE(w * z % l, r));
|
|
4743
4695
|
}
|
|
4744
4696
|
const V = t.alloc(f), $ = t.alloc(L);
|
|
4745
4697
|
function X(m) {
|
|
@@ -4748,10 +4700,10 @@ var ea = function(t, n, e, i, s) {
|
|
|
4748
4700
|
m & 1 << w && (c = c | 128 >> w);
|
|
4749
4701
|
return c;
|
|
4750
4702
|
}
|
|
4751
|
-
const
|
|
4703
|
+
const Q = Array(256);
|
|
4752
4704
|
for (let m = 0; m < 256; m++)
|
|
4753
|
-
|
|
4754
|
-
const y = t.alloc(
|
|
4705
|
+
Q[m] = X(m);
|
|
4706
|
+
const y = t.alloc(Q);
|
|
4755
4707
|
function v() {
|
|
4756
4708
|
const m = t.addFunction(n + "__log2");
|
|
4757
4709
|
m.addParam("n", "i32"), m.setReturnType("i32"), m.addLocal("bits", "i32"), m.addLocal("aux", "i32");
|
|
@@ -6138,29 +6090,29 @@ var hs = function(t, n) {
|
|
|
6138
6090
|
return e;
|
|
6139
6091
|
const i = 21888242871839275222246405745257275088696311157297823662689037894645226208583n, s = 21888242871839275222246405745257275088548364400416034343698204186575808495617n, d = Math.floor((_s(i - 1n) - 1) / 64) + 1, r = d * 8, b = r, u = r, l = u * 2, C = u * 12, B = t.alloc(xt.bigInt2BytesLE(s, b)), A = ss(t, i, "f1m");
|
|
6140
6092
|
ls(t, s, "fr", "frm");
|
|
6141
|
-
const O = t.alloc(xt.bigInt2BytesLE(
|
|
6093
|
+
const O = t.alloc(xt.bigInt2BytesLE(T(3n), u)), P = ko(t, "g1m", "f1m", O);
|
|
6142
6094
|
Pe(t, "frm", "frm", "frm", "frm_mul"), ds(t, "pol", "frm"), us(t, "qap", "frm");
|
|
6143
|
-
const E = Do(t, "f1m_neg", "f2m", "f1m"),
|
|
6144
|
-
...xt.bigInt2BytesLE(
|
|
6145
|
-
...xt.bigInt2BytesLE(
|
|
6146
|
-
]), x = ko(t, "g2m", "f2m",
|
|
6095
|
+
const E = Do(t, "f1m_neg", "f2m", "f1m"), z = t.alloc([
|
|
6096
|
+
...xt.bigInt2BytesLE(T(19485874751759354771024239261021720505790618469301721065564631296452457478373n), u),
|
|
6097
|
+
...xt.bigInt2BytesLE(T(266929791119991161246907387137283842545076965332900288569378510910307636690n), u)
|
|
6098
|
+
]), x = ko(t, "g2m", "f2m", z);
|
|
6147
6099
|
function ot(G, _) {
|
|
6148
6100
|
const g = t.addFunction(G);
|
|
6149
6101
|
g.addParam("pG", "i32"), g.addParam("pFr", "i32"), g.addParam("pr", "i32");
|
|
6150
|
-
const
|
|
6102
|
+
const M = g.getCodeBuilder(), R = M.i32_const(t.alloc(r));
|
|
6151
6103
|
g.addCode(
|
|
6152
|
-
|
|
6153
|
-
|
|
6104
|
+
M.call("frm_fromMontgomery", M.getLocal("pFr"), R),
|
|
6105
|
+
M.call(
|
|
6154
6106
|
_,
|
|
6155
|
-
|
|
6107
|
+
M.getLocal("pG"),
|
|
6156
6108
|
R,
|
|
6157
|
-
|
|
6158
|
-
|
|
6109
|
+
M.i32_const(r),
|
|
6110
|
+
M.getLocal("pr")
|
|
6159
6111
|
)
|
|
6160
6112
|
), t.exportFunction(G);
|
|
6161
6113
|
}
|
|
6162
6114
|
ot("g1m_timesFr", "g1m_timesScalar"), Pe(t, "g1m", "g1m", "frm", "g1m_timesFr"), ot("g2m_timesFr", "g2m_timesScalar"), Pe(t, "g2m", "g2m", "frm", "g2m_timesFr"), ot("g1m_timesFrAffine", "g1m_timesScalarAffine"), ot("g2m_timesFrAffine", "g2m_timesScalarAffine"), Gn(t, "frm_batchApplyKey", "fmr", "frm", r, r, r, "frm_mul"), Gn(t, "g1m_batchApplyKey", "g1m", "frm", r * 3, r * 3, r, "g1m_timesFr"), Gn(t, "g1m_batchApplyKeyMixed", "g1m", "frm", r * 2, r * 3, r, "g1m_timesFrAffine"), Gn(t, "g2m_batchApplyKey", "g2m", "frm", r * 2 * 3, r * 3 * 2, r, "g2m_timesFr"), Gn(t, "g2m_batchApplyKeyMixed", "g2m", "frm", r * 2 * 2, r * 3 * 2, r, "g2m_timesFrAffine");
|
|
6163
|
-
function
|
|
6115
|
+
function T(G) {
|
|
6164
6116
|
return BigInt(G) * (1n << BigInt(u * 8)) % i;
|
|
6165
6117
|
}
|
|
6166
6118
|
const rt = [
|
|
@@ -6169,9 +6121,9 @@ var hs = function(t, n) {
|
|
|
6169
6121
|
1n
|
|
6170
6122
|
], F = t.alloc(
|
|
6171
6123
|
[
|
|
6172
|
-
...xt.bigInt2BytesLE(
|
|
6173
|
-
...xt.bigInt2BytesLE(
|
|
6174
|
-
...xt.bigInt2BytesLE(
|
|
6124
|
+
...xt.bigInt2BytesLE(T(rt[0]), u),
|
|
6125
|
+
...xt.bigInt2BytesLE(T(rt[1]), u),
|
|
6126
|
+
...xt.bigInt2BytesLE(T(rt[2]), u)
|
|
6175
6127
|
]
|
|
6176
6128
|
), f = [
|
|
6177
6129
|
0n,
|
|
@@ -6179,9 +6131,9 @@ var hs = function(t, n) {
|
|
|
6179
6131
|
0n
|
|
6180
6132
|
], L = t.alloc(
|
|
6181
6133
|
[
|
|
6182
|
-
...xt.bigInt2BytesLE(
|
|
6183
|
-
...xt.bigInt2BytesLE(
|
|
6184
|
-
...xt.bigInt2BytesLE(
|
|
6134
|
+
...xt.bigInt2BytesLE(T(f[0]), u),
|
|
6135
|
+
...xt.bigInt2BytesLE(T(f[1]), u),
|
|
6136
|
+
...xt.bigInt2BytesLE(T(f[2]), u)
|
|
6185
6137
|
]
|
|
6186
6138
|
), V = [
|
|
6187
6139
|
[
|
|
@@ -6198,12 +6150,12 @@ var hs = function(t, n) {
|
|
|
6198
6150
|
]
|
|
6199
6151
|
], $ = t.alloc(
|
|
6200
6152
|
[
|
|
6201
|
-
...xt.bigInt2BytesLE(
|
|
6202
|
-
...xt.bigInt2BytesLE(
|
|
6203
|
-
...xt.bigInt2BytesLE(
|
|
6204
|
-
...xt.bigInt2BytesLE(
|
|
6205
|
-
...xt.bigInt2BytesLE(
|
|
6206
|
-
...xt.bigInt2BytesLE(
|
|
6153
|
+
...xt.bigInt2BytesLE(T(V[0][0]), u),
|
|
6154
|
+
...xt.bigInt2BytesLE(T(V[0][1]), u),
|
|
6155
|
+
...xt.bigInt2BytesLE(T(V[1][0]), u),
|
|
6156
|
+
...xt.bigInt2BytesLE(T(V[1][1]), u),
|
|
6157
|
+
...xt.bigInt2BytesLE(T(V[2][0]), u),
|
|
6158
|
+
...xt.bigInt2BytesLE(T(V[2][1]), u)
|
|
6207
6159
|
]
|
|
6208
6160
|
), X = [
|
|
6209
6161
|
[
|
|
@@ -6218,37 +6170,37 @@ var hs = function(t, n) {
|
|
|
6218
6170
|
0n,
|
|
6219
6171
|
0n
|
|
6220
6172
|
]
|
|
6221
|
-
],
|
|
6173
|
+
], Q = t.alloc(
|
|
6222
6174
|
[
|
|
6223
|
-
...xt.bigInt2BytesLE(
|
|
6224
|
-
...xt.bigInt2BytesLE(
|
|
6225
|
-
...xt.bigInt2BytesLE(
|
|
6226
|
-
...xt.bigInt2BytesLE(
|
|
6227
|
-
...xt.bigInt2BytesLE(
|
|
6228
|
-
...xt.bigInt2BytesLE(
|
|
6175
|
+
...xt.bigInt2BytesLE(T(X[0][0]), u),
|
|
6176
|
+
...xt.bigInt2BytesLE(T(X[0][1]), u),
|
|
6177
|
+
...xt.bigInt2BytesLE(T(X[1][0]), u),
|
|
6178
|
+
...xt.bigInt2BytesLE(T(X[1][1]), u),
|
|
6179
|
+
...xt.bigInt2BytesLE(T(X[2][0]), u),
|
|
6180
|
+
...xt.bigInt2BytesLE(T(X[2][1]), u)
|
|
6229
6181
|
]
|
|
6230
6182
|
), y = t.alloc([
|
|
6231
|
-
...xt.bigInt2BytesLE(
|
|
6232
|
-
...xt.bigInt2BytesLE(
|
|
6233
|
-
...xt.bigInt2BytesLE(
|
|
6234
|
-
...xt.bigInt2BytesLE(
|
|
6235
|
-
...xt.bigInt2BytesLE(
|
|
6236
|
-
...xt.bigInt2BytesLE(
|
|
6237
|
-
...xt.bigInt2BytesLE(
|
|
6238
|
-
...xt.bigInt2BytesLE(
|
|
6239
|
-
...xt.bigInt2BytesLE(
|
|
6240
|
-
...xt.bigInt2BytesLE(
|
|
6241
|
-
...xt.bigInt2BytesLE(
|
|
6242
|
-
...xt.bigInt2BytesLE(
|
|
6183
|
+
...xt.bigInt2BytesLE(T(1), u),
|
|
6184
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6185
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6186
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6187
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6188
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6189
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6190
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6191
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6192
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6193
|
+
...xt.bigInt2BytesLE(T(0), u),
|
|
6194
|
+
...xt.bigInt2BytesLE(T(0), u)
|
|
6243
6195
|
]), v = t.alloc([
|
|
6244
|
-
...xt.bigInt2BytesLE(
|
|
6245
|
-
...xt.bigInt2BytesLE(
|
|
6196
|
+
...xt.bigInt2BytesLE(T(9), u),
|
|
6197
|
+
...xt.bigInt2BytesLE(T(1), u)
|
|
6246
6198
|
]), D = t.alloc([
|
|
6247
|
-
...xt.bigInt2BytesLE(
|
|
6199
|
+
...xt.bigInt2BytesLE(T(gs(2n, i)), u),
|
|
6248
6200
|
...xt.bigInt2BytesLE(0n, u)
|
|
6249
6201
|
]), it = v, nt = t.alloc([
|
|
6250
|
-
...xt.bigInt2BytesLE(
|
|
6251
|
-
...xt.bigInt2BytesLE(
|
|
6202
|
+
...xt.bigInt2BytesLE(T(19485874751759354771024239261021720505790618469301721065564631296452457478373n), u),
|
|
6203
|
+
...xt.bigInt2BytesLE(T(266929791119991161246907387137283842545076965332900288569378510910307636690n), u)
|
|
6252
6204
|
]);
|
|
6253
6205
|
function K() {
|
|
6254
6206
|
const G = t.addFunction(e + "_mulNR6");
|
|
@@ -6296,8 +6248,8 @@ var hs = function(t, n) {
|
|
|
6296
6248
|
pG1zero: L,
|
|
6297
6249
|
pG1b: O,
|
|
6298
6250
|
pG2gen: $,
|
|
6299
|
-
pG2zero:
|
|
6300
|
-
pG2b:
|
|
6251
|
+
pG2zero: Q,
|
|
6252
|
+
pG2b: z,
|
|
6301
6253
|
pq: t.modules.f1m.pq,
|
|
6302
6254
|
pr: B,
|
|
6303
6255
|
pOneT: y,
|
|
@@ -6312,8 +6264,8 @@ var hs = function(t, n) {
|
|
|
6312
6264
|
const g = [];
|
|
6313
6265
|
for (; _ > 0n; ) {
|
|
6314
6266
|
if (No(_)) {
|
|
6315
|
-
const
|
|
6316
|
-
g.push(
|
|
6267
|
+
const M = 2 - Number(_ % 4n);
|
|
6268
|
+
g.push(M), _ = _ - BigInt(M);
|
|
6317
6269
|
} else
|
|
6318
6270
|
g.push(0);
|
|
6319
6271
|
_ = _ >> 1n;
|
|
@@ -6339,14 +6291,14 @@ var hs = function(t, n) {
|
|
|
6339
6291
|
function at() {
|
|
6340
6292
|
const G = t.addFunction(e + "_prepAddStep");
|
|
6341
6293
|
G.addParam("pQ", "i32"), G.addParam("pR", "i32"), G.addParam("pCoef", "i32");
|
|
6342
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("pQ"),
|
|
6294
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("pQ"), M = _.i32_add(_.getLocal("pQ"), _.i32_const(l)), R = _.getLocal("pR"), q = _.i32_add(_.getLocal("pR"), _.i32_const(l)), k = _.i32_add(_.getLocal("pR"), _.i32_const(2 * l)), U = _.getLocal("pCoef"), j = _.i32_add(_.getLocal("pCoef"), _.i32_const(l)), Y = _.i32_add(_.getLocal("pCoef"), _.i32_const(2 * l)), Z = j, H = _.i32_const(t.alloc(l)), et = _.i32_const(t.alloc(l)), ft = _.i32_const(t.alloc(l)), _t = _.i32_const(t.alloc(l)), lt = _.i32_const(t.alloc(l)), bt = _.i32_const(t.alloc(l)), mt = _.i32_const(t.alloc(l));
|
|
6343
6295
|
G.addCode(
|
|
6344
6296
|
// D = X1 - X2*Z1
|
|
6345
6297
|
_.call(E + "_mul", g, k, Z),
|
|
6346
6298
|
_.call(E + "_sub", R, Z, Z),
|
|
6347
6299
|
// E = Y1 - Y2*Z1
|
|
6348
|
-
_.call(E + "_mul",
|
|
6349
|
-
_.call(E + "_sub",
|
|
6300
|
+
_.call(E + "_mul", M, k, H),
|
|
6301
|
+
_.call(E + "_sub", q, H, H),
|
|
6350
6302
|
// F = D^2
|
|
6351
6303
|
_.call(E + "_square", Z, et),
|
|
6352
6304
|
// G = E^2
|
|
@@ -6363,14 +6315,14 @@ var hs = function(t, n) {
|
|
|
6363
6315
|
// X3 (X1) = D*J
|
|
6364
6316
|
_.call(E + "_mul", Z, bt, R),
|
|
6365
6317
|
// Y3 (Y1) = E*(I-J)-(H*Y1)
|
|
6366
|
-
_.call(E + "_mul", _t,
|
|
6318
|
+
_.call(E + "_mul", _t, q, q),
|
|
6367
6319
|
_.call(E + "_sub", lt, bt, mt),
|
|
6368
6320
|
_.call(E + "_mul", H, mt, mt),
|
|
6369
|
-
_.call(E + "_sub", mt,
|
|
6321
|
+
_.call(E + "_sub", mt, q, q),
|
|
6370
6322
|
// Z3 (Z1) = Z1*H
|
|
6371
6323
|
_.call(E + "_mul", k, _t, k),
|
|
6372
6324
|
// ell_0 = xi * (E * X2 - D * Y2)
|
|
6373
|
-
_.call(E + "_mul", Z,
|
|
6325
|
+
_.call(E + "_mul", Z, M, mt),
|
|
6374
6326
|
_.call(E + "_mul", H, g, U),
|
|
6375
6327
|
_.call(E + "_sub", U, mt, U),
|
|
6376
6328
|
_.call(E + "_mul", U, _.i32_const(it), U),
|
|
@@ -6383,13 +6335,13 @@ var hs = function(t, n) {
|
|
|
6383
6335
|
function It() {
|
|
6384
6336
|
const G = t.addFunction(e + "_prepDblStep");
|
|
6385
6337
|
G.addParam("pR", "i32"), G.addParam("pCoef", "i32");
|
|
6386
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("pR"),
|
|
6338
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("pR"), M = _.i32_add(_.getLocal("pR"), _.i32_const(l)), R = _.i32_add(_.getLocal("pR"), _.i32_const(2 * l)), q = _.getLocal("pCoef"), k = _.i32_add(_.getLocal("pCoef"), _.i32_const(l)), U = _.i32_add(_.getLocal("pCoef"), _.i32_const(2 * l)), j = _.i32_const(t.alloc(l)), Y = _.i32_const(t.alloc(l)), Z = _.i32_const(t.alloc(l)), H = _.i32_const(t.alloc(l)), et = _.i32_const(t.alloc(l)), ft = _.i32_const(t.alloc(l)), _t = _.i32_const(t.alloc(l)), lt = _.i32_const(t.alloc(l)), bt = _.i32_const(t.alloc(l)), mt = _.i32_const(t.alloc(l)), Ot = _.i32_const(t.alloc(l)), Ct = _.i32_const(t.alloc(l));
|
|
6387
6339
|
G.addCode(
|
|
6388
6340
|
// A = X1 * Y1 / 2
|
|
6389
|
-
_.call(E + "_mul",
|
|
6341
|
+
_.call(E + "_mul", M, _.i32_const(D), j),
|
|
6390
6342
|
_.call(E + "_mul", g, j, j),
|
|
6391
6343
|
// B = Y1^2
|
|
6392
|
-
_.call(E + "_square",
|
|
6344
|
+
_.call(E + "_square", M, Y),
|
|
6393
6345
|
// C = Z1^2
|
|
6394
6346
|
_.call(E + "_square", R, Z),
|
|
6395
6347
|
// D = 3 * C
|
|
@@ -6405,7 +6357,7 @@ var hs = function(t, n) {
|
|
|
6405
6357
|
_.call(E + "_mul", _t, _.i32_const(D), _t),
|
|
6406
6358
|
// H = (Y1+Z1)^2-(B+C)
|
|
6407
6359
|
_.call(E + "_add", Y, Z, Ct),
|
|
6408
|
-
_.call(E + "_add",
|
|
6360
|
+
_.call(E + "_add", M, R, lt),
|
|
6409
6361
|
_.call(E + "_square", lt, lt),
|
|
6410
6362
|
_.call(E + "_sub", lt, Ct, lt),
|
|
6411
6363
|
// I = E-B
|
|
@@ -6420,12 +6372,12 @@ var hs = function(t, n) {
|
|
|
6420
6372
|
// Y3 (Y1) = G^2 - 3*E^2
|
|
6421
6373
|
_.call(E + "_add", Ot, Ot, Ct),
|
|
6422
6374
|
_.call(E + "_add", Ot, Ct, Ct),
|
|
6423
|
-
_.call(E + "_square", _t,
|
|
6424
|
-
_.call(E + "_sub",
|
|
6375
|
+
_.call(E + "_square", _t, M),
|
|
6376
|
+
_.call(E + "_sub", M, Ct, M),
|
|
6425
6377
|
// Z3 (Z1) = B * H
|
|
6426
6378
|
_.call(E + "_mul", Y, lt, R),
|
|
6427
6379
|
// ell_0 = xi * I
|
|
6428
|
-
_.call(E + "_mul", _.i32_const(it), bt,
|
|
6380
|
+
_.call(E + "_mul", _.i32_const(it), bt, q),
|
|
6429
6381
|
// ell_VW = - H (later: * yP)
|
|
6430
6382
|
_.call(E + "_neg", lt, k),
|
|
6431
6383
|
// ell_VV = 3*J (later: * xP)
|
|
@@ -6436,18 +6388,18 @@ var hs = function(t, n) {
|
|
|
6436
6388
|
function ut() {
|
|
6437
6389
|
const G = t.addFunction(e + "_mulByQ");
|
|
6438
6390
|
G.addParam("p1", "i32"), G.addParam("pr", "i32");
|
|
6439
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("p1"),
|
|
6440
|
-
...xt.bigInt2BytesLE(
|
|
6441
|
-
...xt.bigInt2BytesLE(
|
|
6391
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("p1"), M = _.i32_add(_.getLocal("p1"), _.i32_const(l)), R = _.i32_add(_.getLocal("p1"), _.i32_const(l * 2)), q = _.getLocal("pr"), k = _.i32_add(_.getLocal("pr"), _.i32_const(l)), U = _.i32_add(_.getLocal("pr"), _.i32_const(l * 2)), j = _.i32_const(t.alloc([
|
|
6392
|
+
...xt.bigInt2BytesLE(T("21575463638280843010398324269430826099269044274347216827212613867836435027261"), u),
|
|
6393
|
+
...xt.bigInt2BytesLE(T("10307601595873709700152284273816112264069230130616436755625194854815875713954"), u)
|
|
6442
6394
|
])), Y = _.i32_const(t.alloc([
|
|
6443
|
-
...xt.bigInt2BytesLE(
|
|
6444
|
-
...xt.bigInt2BytesLE(
|
|
6395
|
+
...xt.bigInt2BytesLE(T("2821565182194536844548159561693502659359617185244120367078079554186484126554"), u),
|
|
6396
|
+
...xt.bigInt2BytesLE(T("3505843767911556378687030309984248845540243509899259641013678093033130930403"), u)
|
|
6445
6397
|
]));
|
|
6446
6398
|
G.addCode(
|
|
6447
6399
|
// The frobeniusMap(1) in this field, is the conjugate
|
|
6448
|
-
_.call(E + "_conjugate", g,
|
|
6449
|
-
_.call(E + "_mul", j,
|
|
6450
|
-
_.call(E + "_conjugate",
|
|
6400
|
+
_.call(E + "_conjugate", g, q),
|
|
6401
|
+
_.call(E + "_mul", j, q, q),
|
|
6402
|
+
_.call(E + "_conjugate", M, k),
|
|
6451
6403
|
_.call(E + "_mul", Y, k, k),
|
|
6452
6404
|
_.call(E + "_conjugate", R, U)
|
|
6453
6405
|
);
|
|
@@ -6456,11 +6408,11 @@ var hs = function(t, n) {
|
|
|
6456
6408
|
ut();
|
|
6457
6409
|
const G = t.addFunction(e + "_prepareG2");
|
|
6458
6410
|
G.addParam("pQ", "i32"), G.addParam("ppreQ", "i32"), G.addLocal("pCoef", "i32"), G.addLocal("i", "i32");
|
|
6459
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("pQ"),
|
|
6411
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("pQ"), M = t.alloc(l * 3), R = _.i32_const(M), q = _.i32_const(M), k = _.i32_const(M + l), U = _.i32_const(M + 2 * l), j = _.i32_add(_.getLocal("ppreQ"), _.i32_const(0)), Y = _.i32_add(_.getLocal("ppreQ"), _.i32_const(l)), Z = t.alloc(l * 3), H = _.i32_const(Z), et = t.alloc(l * 3), ft = _.i32_const(et), _t = _.i32_const(et + l);
|
|
6460
6412
|
G.addCode(
|
|
6461
6413
|
_.call(x + "_normalize", g, j),
|
|
6462
6414
|
// TODO Remove if already in affine
|
|
6463
|
-
_.call(E + "_copy", j,
|
|
6415
|
+
_.call(E + "_copy", j, q),
|
|
6464
6416
|
_.call(E + "_copy", Y, k),
|
|
6465
6417
|
_.call(E + "_one", U)
|
|
6466
6418
|
), G.addCode(
|
|
@@ -6494,43 +6446,43 @@ var hs = function(t, n) {
|
|
|
6494
6446
|
function St() {
|
|
6495
6447
|
const G = t.addFunction(e + "__mulBy024Old");
|
|
6496
6448
|
G.addParam("pEll0", "i32"), G.addParam("pEllVW", "i32"), G.addParam("pEllVV", "i32"), G.addParam("pR", "i32");
|
|
6497
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("pEll0"),
|
|
6449
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("pEll0"), M = _.getLocal("pEllVV"), R = _.getLocal("pEllVW"), q = _.getLocal("pR"), k = t.alloc(C), U = _.i32_const(k), j = _.i32_const(k), Y = _.i32_const(k + l), Z = _.i32_const(k + l * 2), H = _.i32_const(k + l * 3), et = _.i32_const(k + l * 4), ft = _.i32_const(k + l * 5);
|
|
6498
6450
|
G.addCode(
|
|
6499
6451
|
_.call(E + "_copy", g, j),
|
|
6500
6452
|
_.call(E + "_zero", Y),
|
|
6501
|
-
_.call(E + "_copy",
|
|
6453
|
+
_.call(E + "_copy", M, Z),
|
|
6502
6454
|
_.call(E + "_zero", H),
|
|
6503
6455
|
_.call(E + "_copy", R, et),
|
|
6504
6456
|
_.call(E + "_zero", ft),
|
|
6505
|
-
_.call(st + "_mul", U,
|
|
6457
|
+
_.call(st + "_mul", U, q, q)
|
|
6506
6458
|
);
|
|
6507
6459
|
}
|
|
6508
6460
|
function gt() {
|
|
6509
6461
|
const G = t.addFunction(e + "__mulBy024");
|
|
6510
6462
|
G.addParam("pEll0", "i32"), G.addParam("pEllVW", "i32"), G.addParam("pEllVV", "i32"), G.addParam("pR", "i32");
|
|
6511
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("pEll0"),
|
|
6463
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("pEll0"), M = _.getLocal("pEllVV"), R = _.getLocal("pEllVW"), q = _.getLocal("pR"), k = _.i32_add(_.getLocal("pR"), _.i32_const(2 * r)), U = _.i32_add(_.getLocal("pR"), _.i32_const(4 * r)), j = _.i32_add(_.getLocal("pR"), _.i32_const(6 * r)), Y = _.i32_add(_.getLocal("pR"), _.i32_const(8 * r)), Z = _.i32_add(_.getLocal("pR"), _.i32_const(10 * r)), H = _.i32_const(t.alloc(l)), et = _.i32_const(t.alloc(l)), ft = _.i32_const(t.alloc(l)), _t = _.i32_const(t.alloc(l)), lt = _.i32_const(t.alloc(l)), bt = _.i32_const(t.alloc(l)), mt = _.i32_const(t.alloc(l)), Ot = _.i32_const(t.alloc(l)), Ct = _.i32_const(t.alloc(l)), wt = _.i32_const(t.alloc(l)), ht = _.i32_const(t.alloc(l));
|
|
6512
6464
|
G.addCode(
|
|
6513
6465
|
// D0 = z0 * x0;
|
|
6514
|
-
_.call(E + "_mul",
|
|
6466
|
+
_.call(E + "_mul", q, g, mt),
|
|
6515
6467
|
// D2 = z2 * x2;
|
|
6516
|
-
_.call(E + "_mul", U,
|
|
6468
|
+
_.call(E + "_mul", U, M, Ot),
|
|
6517
6469
|
// D4 = z4 * x4;
|
|
6518
6470
|
_.call(E + "_mul", Y, R, Ct),
|
|
6519
6471
|
// t2 = z0 + z4;
|
|
6520
|
-
_.call(E + "_add",
|
|
6472
|
+
_.call(E + "_add", q, Y, ft),
|
|
6521
6473
|
// t1 = z0 + z2;
|
|
6522
|
-
_.call(E + "_add",
|
|
6474
|
+
_.call(E + "_add", q, U, et),
|
|
6523
6475
|
// s0 = z1 + z3 + z5;
|
|
6524
6476
|
_.call(E + "_add", k, j, _t),
|
|
6525
6477
|
_.call(E + "_add", _t, Z, _t),
|
|
6526
6478
|
// For z.a_.a_ = z0.
|
|
6527
6479
|
// S1 = z1 * x2;
|
|
6528
|
-
_.call(E + "_mul", k,
|
|
6480
|
+
_.call(E + "_mul", k, M, wt),
|
|
6529
6481
|
// T3 = S1 + D4;
|
|
6530
6482
|
_.call(E + "_add", wt, Ct, lt),
|
|
6531
6483
|
// T4 = my_Fp6::non_residue * T3 + D0;
|
|
6532
6484
|
_.call(E + "_mul", _.i32_const(v), lt, bt),
|
|
6533
|
-
_.call(E + "_add", bt, mt,
|
|
6485
|
+
_.call(E + "_add", bt, mt, q),
|
|
6534
6486
|
// z0 = T4;
|
|
6535
6487
|
// For z.a_.b_ = z1
|
|
6536
6488
|
// T3 = z5 * x4;
|
|
@@ -6550,7 +6502,7 @@ var hs = function(t, n) {
|
|
|
6550
6502
|
// z1 = T4;
|
|
6551
6503
|
// For z.a_.c_ = z2
|
|
6552
6504
|
// t0 = x0 + x2;
|
|
6553
|
-
_.call(E + "_add", g,
|
|
6505
|
+
_.call(E + "_add", g, M, H),
|
|
6554
6506
|
// T3 = t1 * t0 - D0 - D2;
|
|
6555
6507
|
_.call(E + "_mul", et, H, lt),
|
|
6556
6508
|
_.call(E + "_add", mt, Ot, ht),
|
|
@@ -6566,7 +6518,7 @@ var hs = function(t, n) {
|
|
|
6566
6518
|
// z2 = T3;
|
|
6567
6519
|
_.call(E + "_add", lt, bt, U),
|
|
6568
6520
|
// t1 = x2 + x4;
|
|
6569
|
-
_.call(E + "_add",
|
|
6521
|
+
_.call(E + "_add", M, R, et),
|
|
6570
6522
|
// T3 = t0 * t1 - D2 - D4;
|
|
6571
6523
|
_.call(E + "_mul", et, H, lt),
|
|
6572
6524
|
_.call(E + "_add", Ot, Ct, ht),
|
|
@@ -6582,7 +6534,7 @@ var hs = function(t, n) {
|
|
|
6582
6534
|
// z3 = T4;
|
|
6583
6535
|
// For z.b_.b_ = z4
|
|
6584
6536
|
// T3 = z5 * x2;
|
|
6585
|
-
_.call(E + "_mul", Z,
|
|
6537
|
+
_.call(E + "_mul", Z, M, lt),
|
|
6586
6538
|
// S1 = S1 + T3;
|
|
6587
6539
|
_.call(E + "_add", wt, lt, wt),
|
|
6588
6540
|
// T4 = my_Fp6::non_residue * T3;
|
|
@@ -6598,7 +6550,7 @@ var hs = function(t, n) {
|
|
|
6598
6550
|
// z4 = T4;
|
|
6599
6551
|
// For z.b_.c_ = z5.
|
|
6600
6552
|
// t0 = x0 + x2 + x4;
|
|
6601
|
-
_.call(E + "_add", g,
|
|
6553
|
+
_.call(E + "_add", g, M, H),
|
|
6602
6554
|
_.call(E + "_add", H, R, H),
|
|
6603
6555
|
// T3 = s0 * t0 - S1;
|
|
6604
6556
|
_.call(E + "_mul", _t, H, lt),
|
|
@@ -6609,21 +6561,21 @@ var hs = function(t, n) {
|
|
|
6609
6561
|
function dt() {
|
|
6610
6562
|
const G = t.addFunction(e + "_millerLoop");
|
|
6611
6563
|
G.addParam("ppreP", "i32"), G.addParam("ppreQ", "i32"), G.addParam("r", "i32"), G.addLocal("pCoef", "i32"), G.addLocal("i", "i32");
|
|
6612
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("ppreP"),
|
|
6564
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("ppreP"), M = _.i32_add(_.getLocal("ppreP"), _.i32_const(u)), R = _.getLocal("pCoef"), q = _.i32_add(_.getLocal("pCoef"), _.i32_const(l)), k = _.i32_add(_.getLocal("pCoef"), _.i32_const(2 * l)), U = t.alloc(l), j = _.i32_const(U), Y = t.alloc(l), Z = _.i32_const(Y), H = _.getLocal("r");
|
|
6613
6565
|
G.addCode(
|
|
6614
6566
|
_.call(st + "_one", H),
|
|
6615
6567
|
_.setLocal("pCoef", _.i32_add(_.getLocal("ppreQ"), _.i32_const(l * 3))),
|
|
6616
6568
|
_.setLocal("i", _.i32_const(Bt.length - 2)),
|
|
6617
6569
|
_.block(_.loop(
|
|
6618
6570
|
_.call(st + "_square", H, H),
|
|
6619
|
-
_.call(E + "_mul1",
|
|
6571
|
+
_.call(E + "_mul1", q, M, j),
|
|
6620
6572
|
_.call(E + "_mul1", k, g, Z),
|
|
6621
6573
|
_.call(e + "__mulBy024", R, j, Z, H),
|
|
6622
6574
|
_.setLocal("pCoef", _.i32_add(_.getLocal("pCoef"), _.i32_const(p))),
|
|
6623
6575
|
_.if(
|
|
6624
6576
|
_.i32_load8_s(_.getLocal("i"), pt),
|
|
6625
6577
|
[
|
|
6626
|
-
..._.call(E + "_mul1",
|
|
6578
|
+
..._.call(E + "_mul1", q, M, j),
|
|
6627
6579
|
..._.call(E + "_mul1", k, g, Z),
|
|
6628
6580
|
..._.call(e + "__mulBy024", R, j, Z, H),
|
|
6629
6581
|
..._.setLocal("pCoef", _.i32_add(_.getLocal("pCoef"), _.i32_const(p)))
|
|
@@ -6634,11 +6586,11 @@ var hs = function(t, n) {
|
|
|
6634
6586
|
_.br(0)
|
|
6635
6587
|
))
|
|
6636
6588
|
), G.addCode(
|
|
6637
|
-
_.call(E + "_mul1",
|
|
6589
|
+
_.call(E + "_mul1", q, M, j),
|
|
6638
6590
|
_.call(E + "_mul1", k, g, Z),
|
|
6639
6591
|
_.call(e + "__mulBy024", R, j, Z, H),
|
|
6640
6592
|
_.setLocal("pCoef", _.i32_add(_.getLocal("pCoef"), _.i32_const(p))),
|
|
6641
|
-
_.call(E + "_mul1",
|
|
6593
|
+
_.call(E + "_mul1", q, M, j),
|
|
6642
6594
|
_.call(E + "_mul1", k, g, Z),
|
|
6643
6595
|
_.call(e + "__mulBy024", R, j, Z, H),
|
|
6644
6596
|
_.setLocal("pCoef", _.i32_add(_.getLocal("pCoef"), _.i32_const(p)))
|
|
@@ -6699,21 +6651,21 @@ var hs = function(t, n) {
|
|
|
6699
6651
|
[21888242871839275220042445260109153167277707414472061641714758635765020556616n, 0n],
|
|
6700
6652
|
[13981852324922362344252311234282257507216387789820983642040889267519694726527n, 7629828391165209371577384193250820201684255241773809077146787135900891633097n]
|
|
6701
6653
|
]
|
|
6702
|
-
],
|
|
6703
|
-
|
|
6704
|
-
const R =
|
|
6654
|
+
], M = t.addFunction(e + "__frobeniusMap" + G);
|
|
6655
|
+
M.addParam("x", "i32"), M.addParam("r", "i32");
|
|
6656
|
+
const R = M.getCodeBuilder();
|
|
6705
6657
|
for (let k = 0; k < 6; k++) {
|
|
6706
|
-
const U = k == 0 ? R.getLocal("x") : R.i32_add(R.getLocal("x"), R.i32_const(k * l)), j = U, Y = R.i32_add(R.getLocal("x"), R.i32_const(k * l + u)), Z = k == 0 ? R.getLocal("r") : R.i32_add(R.getLocal("r"), R.i32_const(k * l)), H = Z, et = R.i32_add(R.getLocal("r"), R.i32_const(k * l + u)), ft =
|
|
6707
|
-
...xt.bigInt2BytesLE(
|
|
6708
|
-
...xt.bigInt2BytesLE(
|
|
6658
|
+
const U = k == 0 ? R.getLocal("x") : R.i32_add(R.getLocal("x"), R.i32_const(k * l)), j = U, Y = R.i32_add(R.getLocal("x"), R.i32_const(k * l + u)), Z = k == 0 ? R.getLocal("r") : R.i32_add(R.getLocal("r"), R.i32_const(k * l)), H = Z, et = R.i32_add(R.getLocal("r"), R.i32_const(k * l + u)), ft = q(_[Math.floor(k / 3)][G % 12], g[k % 3][G % 6]), _t = t.alloc([
|
|
6659
|
+
...xt.bigInt2BytesLE(T(ft[0]), 32),
|
|
6660
|
+
...xt.bigInt2BytesLE(T(ft[1]), 32)
|
|
6709
6661
|
]);
|
|
6710
|
-
G % 2 == 1 ?
|
|
6662
|
+
G % 2 == 1 ? M.addCode(
|
|
6711
6663
|
R.call(A + "_copy", j, H),
|
|
6712
6664
|
R.call(A + "_neg", Y, et),
|
|
6713
6665
|
R.call(E + "_mul", Z, R.i32_const(_t), Z)
|
|
6714
|
-
) :
|
|
6666
|
+
) : M.addCode(R.call(E + "_mul", U, R.i32_const(_t), Z));
|
|
6715
6667
|
}
|
|
6716
|
-
function
|
|
6668
|
+
function q(k, U) {
|
|
6717
6669
|
const j = BigInt(k[0]), Y = BigInt(k[1]), Z = BigInt(U[0]), H = BigInt(U[1]), et = [
|
|
6718
6670
|
(j * Z - Y * H) % i,
|
|
6719
6671
|
(j * H + Y * Z) % i
|
|
@@ -6724,10 +6676,10 @@ var hs = function(t, n) {
|
|
|
6724
6676
|
function vt() {
|
|
6725
6677
|
const G = t.addFunction(e + "__finalExponentiationFirstChunk");
|
|
6726
6678
|
G.addParam("x", "i32"), G.addParam("r", "i32");
|
|
6727
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("x"),
|
|
6679
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("x"), M = g, R = _.i32_add(g, _.i32_const(r * 6)), q = _.getLocal("r"), k = t.alloc(C), U = _.i32_const(k), j = U, Y = _.i32_const(k + r * 6), Z = _.i32_const(t.alloc(C)), H = _.i32_const(t.alloc(C)), et = _.i32_const(t.alloc(C));
|
|
6728
6680
|
G.addCode(
|
|
6729
6681
|
// const alt_bn128_Fq12 A = alt_bn128_Fq12(elt.c0,-elt.c1);
|
|
6730
|
-
_.call(ct + "_copy",
|
|
6682
|
+
_.call(ct + "_copy", M, j),
|
|
6731
6683
|
_.call(ct + "_neg", R, Y),
|
|
6732
6684
|
// const alt_bn128_Fq12 B = elt.inverse();
|
|
6733
6685
|
_.call(st + "_inverse", g, Z),
|
|
@@ -6736,13 +6688,13 @@ var hs = function(t, n) {
|
|
|
6736
6688
|
// const alt_bn128_Fq12 D = C.Frobenius_map(2);
|
|
6737
6689
|
_.call(e + "__frobeniusMap2", H, et),
|
|
6738
6690
|
// const alt_bn128_Fq12 result = D * C;
|
|
6739
|
-
_.call(st + "_mul", H, et,
|
|
6691
|
+
_.call(st + "_mul", H, et, q)
|
|
6740
6692
|
);
|
|
6741
6693
|
}
|
|
6742
6694
|
function Ut() {
|
|
6743
6695
|
const G = t.addFunction(e + "__cyclotomicSquare");
|
|
6744
6696
|
G.addParam("x", "i32"), G.addParam("r", "i32");
|
|
6745
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("x"),
|
|
6697
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("x"), M = _.i32_add(_.getLocal("x"), _.i32_const(l)), R = _.i32_add(_.getLocal("x"), _.i32_const(2 * l)), q = _.i32_add(_.getLocal("x"), _.i32_const(3 * l)), k = _.i32_add(_.getLocal("x"), _.i32_const(4 * l)), U = _.i32_add(_.getLocal("x"), _.i32_const(5 * l)), j = _.getLocal("r"), Y = _.i32_add(_.getLocal("r"), _.i32_const(l)), Z = _.i32_add(_.getLocal("r"), _.i32_const(2 * l)), H = _.i32_add(_.getLocal("r"), _.i32_const(3 * l)), et = _.i32_add(_.getLocal("r"), _.i32_const(4 * l)), ft = _.i32_add(_.getLocal("r"), _.i32_const(5 * l)), _t = _.i32_const(t.alloc(l)), lt = _.i32_const(t.alloc(l)), bt = _.i32_const(t.alloc(l)), mt = _.i32_const(t.alloc(l)), Ot = _.i32_const(t.alloc(l)), Ct = _.i32_const(t.alloc(l)), wt = _.i32_const(t.alloc(l)), ht = _.i32_const(t.alloc(l));
|
|
6746
6698
|
G.addCode(
|
|
6747
6699
|
// // t0 + t1*y = (z0 + z1*y)^2 = a^2
|
|
6748
6700
|
// tmp = z0 * z1;
|
|
@@ -6761,10 +6713,10 @@ var hs = function(t, n) {
|
|
|
6761
6713
|
// tmp = z2 * z3;
|
|
6762
6714
|
// t2 = (z2 + z3) * (z2 + my_Fp6::non_residue * z3) - tmp - my_Fp6::non_residue * tmp;
|
|
6763
6715
|
// t3 = tmp + tmp;
|
|
6764
|
-
_.call(E + "_mul",
|
|
6716
|
+
_.call(E + "_mul", q, R, wt),
|
|
6765
6717
|
_.call(E + "_mul", R, _.i32_const(v), bt),
|
|
6766
|
-
_.call(E + "_add",
|
|
6767
|
-
_.call(E + "_add",
|
|
6718
|
+
_.call(E + "_add", q, bt, bt),
|
|
6719
|
+
_.call(E + "_add", q, R, ht),
|
|
6768
6720
|
_.call(E + "_mul", ht, bt, bt),
|
|
6769
6721
|
_.call(E + "_mul", _.i32_const(v), wt, ht),
|
|
6770
6722
|
_.call(E + "_add", wt, ht, ht),
|
|
@@ -6774,10 +6726,10 @@ var hs = function(t, n) {
|
|
|
6774
6726
|
// tmp = z4 * z5;
|
|
6775
6727
|
// t4 = (z4 + z5) * (z4 + my_Fp6::non_residue * z5) - tmp - my_Fp6::non_residue * tmp;
|
|
6776
6728
|
// t5 = tmp + tmp;
|
|
6777
|
-
_.call(E + "_mul",
|
|
6729
|
+
_.call(E + "_mul", M, U, wt),
|
|
6778
6730
|
_.call(E + "_mul", U, _.i32_const(v), Ot),
|
|
6779
|
-
_.call(E + "_add",
|
|
6780
|
-
_.call(E + "_add",
|
|
6731
|
+
_.call(E + "_add", M, Ot, Ot),
|
|
6732
|
+
_.call(E + "_add", M, U, ht),
|
|
6781
6733
|
_.call(E + "_mul", ht, Ot, Ot),
|
|
6782
6734
|
_.call(E + "_mul", _.i32_const(v), wt, ht),
|
|
6783
6735
|
_.call(E + "_add", wt, ht, ht),
|
|
@@ -6795,7 +6747,7 @@ var hs = function(t, n) {
|
|
|
6795
6747
|
// For B
|
|
6796
6748
|
// z2 = 3 * (xi * t5) + 2 * z2
|
|
6797
6749
|
_.call(E + "_mul", Ct, _.i32_const(it), ht),
|
|
6798
|
-
_.call(E + "_add", ht,
|
|
6750
|
+
_.call(E + "_add", ht, q, H),
|
|
6799
6751
|
_.call(E + "_add", H, H, H),
|
|
6800
6752
|
_.call(E + "_add", ht, H, H),
|
|
6801
6753
|
// z3 = 3 * t4 - 2 * z3
|
|
@@ -6804,7 +6756,7 @@ var hs = function(t, n) {
|
|
|
6804
6756
|
_.call(E + "_add", Ot, Z, Z),
|
|
6805
6757
|
// For C
|
|
6806
6758
|
// z4 = 3 * t2 - 2 * z4
|
|
6807
|
-
_.call(E + "_sub", bt,
|
|
6759
|
+
_.call(E + "_sub", bt, M, Y),
|
|
6808
6760
|
_.call(E + "_add", Y, Y, Y),
|
|
6809
6761
|
_.call(E + "_add", bt, Y, Y),
|
|
6810
6762
|
// z5 = 3 * t3 + 2 * z5
|
|
@@ -6814,40 +6766,40 @@ var hs = function(t, n) {
|
|
|
6814
6766
|
);
|
|
6815
6767
|
}
|
|
6816
6768
|
function Vt(G, _) {
|
|
6817
|
-
const g = S(G).map((Y) => Y == -1 ? 255 : Y),
|
|
6769
|
+
const g = S(G).map((Y) => Y == -1 ? 255 : Y), M = t.alloc(g), R = t.addFunction(e + "__cyclotomicExp_" + _);
|
|
6818
6770
|
R.addParam("x", "i32"), R.addParam("r", "i32"), R.addLocal("bit", "i32"), R.addLocal("i", "i32");
|
|
6819
|
-
const
|
|
6771
|
+
const q = R.getCodeBuilder(), k = q.getLocal("x"), U = q.getLocal("r"), j = q.i32_const(t.alloc(C));
|
|
6820
6772
|
R.addCode(
|
|
6821
|
-
|
|
6822
|
-
|
|
6823
|
-
|
|
6824
|
-
|
|
6825
|
-
|
|
6826
|
-
|
|
6827
|
-
|
|
6828
|
-
|
|
6773
|
+
q.call(st + "_conjugate", k, j),
|
|
6774
|
+
q.call(st + "_one", U),
|
|
6775
|
+
q.if(
|
|
6776
|
+
q.teeLocal("bit", q.i32_load8_s(q.i32_const(g.length - 1), M)),
|
|
6777
|
+
q.if(
|
|
6778
|
+
q.i32_eq(
|
|
6779
|
+
q.getLocal("bit"),
|
|
6780
|
+
q.i32_const(1)
|
|
6829
6781
|
),
|
|
6830
|
-
|
|
6831
|
-
|
|
6782
|
+
q.call(st + "_mul", U, k, U),
|
|
6783
|
+
q.call(st + "_mul", U, j, U)
|
|
6832
6784
|
)
|
|
6833
6785
|
),
|
|
6834
|
-
|
|
6835
|
-
|
|
6836
|
-
|
|
6837
|
-
|
|
6838
|
-
|
|
6839
|
-
|
|
6840
|
-
|
|
6841
|
-
|
|
6842
|
-
|
|
6786
|
+
q.setLocal("i", q.i32_const(g.length - 2)),
|
|
6787
|
+
q.block(q.loop(
|
|
6788
|
+
q.call(e + "__cyclotomicSquare", U, U),
|
|
6789
|
+
q.if(
|
|
6790
|
+
q.teeLocal("bit", q.i32_load8_s(q.getLocal("i"), M)),
|
|
6791
|
+
q.if(
|
|
6792
|
+
q.i32_eq(
|
|
6793
|
+
q.getLocal("bit"),
|
|
6794
|
+
q.i32_const(1)
|
|
6843
6795
|
),
|
|
6844
|
-
|
|
6845
|
-
|
|
6796
|
+
q.call(st + "_mul", U, k, U),
|
|
6797
|
+
q.call(st + "_mul", U, j, U)
|
|
6846
6798
|
)
|
|
6847
6799
|
),
|
|
6848
|
-
|
|
6849
|
-
|
|
6850
|
-
|
|
6800
|
+
q.br_if(1, q.i32_eqz(q.getLocal("i"))),
|
|
6801
|
+
q.setLocal("i", q.i32_sub(q.getLocal("i"), q.i32_const(1))),
|
|
6802
|
+
q.br(0)
|
|
6851
6803
|
))
|
|
6852
6804
|
);
|
|
6853
6805
|
}
|
|
@@ -6855,17 +6807,17 @@ var hs = function(t, n) {
|
|
|
6855
6807
|
Ut(), Vt(h, "w0");
|
|
6856
6808
|
const G = t.addFunction(e + "__finalExponentiationLastChunk");
|
|
6857
6809
|
G.addParam("x", "i32"), G.addParam("r", "i32");
|
|
6858
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("x"),
|
|
6810
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("x"), M = _.getLocal("r"), R = _.i32_const(t.alloc(C)), q = _.i32_const(t.alloc(C)), k = _.i32_const(t.alloc(C)), U = _.i32_const(t.alloc(C)), j = _.i32_const(t.alloc(C)), Y = _.i32_const(t.alloc(C)), Z = _.i32_const(t.alloc(C)), H = _.i32_const(t.alloc(C)), et = _.i32_const(t.alloc(C)), ft = _.i32_const(t.alloc(C)), _t = _.i32_const(t.alloc(C)), lt = _.i32_const(t.alloc(C)), bt = _.i32_const(t.alloc(C)), mt = _.i32_const(t.alloc(C)), Ot = _.i32_const(t.alloc(C)), Ct = _.i32_const(t.alloc(C)), wt = _.i32_const(t.alloc(C)), ht = _.i32_const(t.alloc(C)), qt = _.i32_const(t.alloc(C)), Ht = _.i32_const(t.alloc(C)), Wt = _.i32_const(t.alloc(C));
|
|
6859
6811
|
G.addCode(
|
|
6860
6812
|
// A = exp_by_neg_z(elt) // = elt^(-z)
|
|
6861
6813
|
_.call(e + "__cyclotomicExp_w0", g, R),
|
|
6862
6814
|
_.call(st + "_conjugate", R, R),
|
|
6863
6815
|
// B = A^2 // = elt^(-2*z)
|
|
6864
|
-
_.call(e + "__cyclotomicSquare", R,
|
|
6816
|
+
_.call(e + "__cyclotomicSquare", R, q),
|
|
6865
6817
|
// C = B^2 // = elt^(-4*z)
|
|
6866
|
-
_.call(e + "__cyclotomicSquare",
|
|
6818
|
+
_.call(e + "__cyclotomicSquare", q, k),
|
|
6867
6819
|
// D = C * B // = elt^(-6*z)
|
|
6868
|
-
_.call(st + "_mul", k,
|
|
6820
|
+
_.call(st + "_mul", k, q, U),
|
|
6869
6821
|
// E = exp_by_neg_z(D) // = elt^(6*z^2)
|
|
6870
6822
|
_.call(e + "__cyclotomicExp_w0", U, j),
|
|
6871
6823
|
_.call(st + "_conjugate", j, j),
|
|
@@ -6883,7 +6835,7 @@ var hs = function(t, n) {
|
|
|
6883
6835
|
// K = J * H // = elt^(12*z^3 + 6*z^2 + 6*z)
|
|
6884
6836
|
_.call(st + "_mul", ft, H, _t),
|
|
6885
6837
|
// L = K * B // = elt^(12*z^3 + 6*z^2 + 4*z)
|
|
6886
|
-
_.call(st + "_mul", _t,
|
|
6838
|
+
_.call(st + "_mul", _t, q, lt),
|
|
6887
6839
|
// M = K * E // = elt^(12*z^3 + 12*z^2 + 6*z)
|
|
6888
6840
|
_.call(st + "_mul", _t, j, bt),
|
|
6889
6841
|
// N = M * elt // = elt^(12*z^3 + 12*z^2 + 6*z + 1)
|
|
@@ -6897,13 +6849,13 @@ var hs = function(t, n) {
|
|
|
6897
6849
|
// R = Q * P // = elt^(q^2 * (12*z^3 + 6*z^2 + 6*z) + q*(12*z^3 + 6*z^2 + 4*z) * (12*z^3 + 12*z^2 + 6*z + 1))
|
|
6898
6850
|
_.call(st + "_mul", wt, Ct, ht),
|
|
6899
6851
|
// S = conj(elt) // = elt^(-1)
|
|
6900
|
-
_.call(st + "_conjugate", g,
|
|
6852
|
+
_.call(st + "_conjugate", g, qt),
|
|
6901
6853
|
// T = S * L // = elt^(12*z^3 + 6*z^2 + 4*z - 1)
|
|
6902
|
-
_.call(st + "_mul",
|
|
6854
|
+
_.call(st + "_mul", qt, lt, Ht),
|
|
6903
6855
|
// U = T.Frobenius_map(3) // = elt^(q^3(12*z^3 + 6*z^2 + 4*z - 1))
|
|
6904
6856
|
_.call(e + "__frobeniusMap3", Ht, Wt),
|
|
6905
6857
|
// V = U * R // = elt^(q^3(12*z^3 + 6*z^2 + 4*z - 1) + q^2 * (12*z^3 + 6*z^2 + 6*z) + q*(12*z^3 + 6*z^2 + 4*z) * (12*z^3 + 12*z^2 + 6*z + 1))
|
|
6906
|
-
_.call(st + "_mul", Wt, ht,
|
|
6858
|
+
_.call(st + "_mul", Wt, ht, M)
|
|
6907
6859
|
// result = V
|
|
6908
6860
|
);
|
|
6909
6861
|
}
|
|
@@ -6911,31 +6863,31 @@ var hs = function(t, n) {
|
|
|
6911
6863
|
vt(), Dt();
|
|
6912
6864
|
const G = t.addFunction(e + "_finalExponentiation");
|
|
6913
6865
|
G.addParam("x", "i32"), G.addParam("r", "i32");
|
|
6914
|
-
const _ = G.getCodeBuilder(), g = _.getLocal("x"),
|
|
6866
|
+
const _ = G.getCodeBuilder(), g = _.getLocal("x"), M = _.getLocal("r"), R = _.i32_const(t.alloc(C));
|
|
6915
6867
|
G.addCode(
|
|
6916
6868
|
_.call(e + "__finalExponentiationFirstChunk", g, R),
|
|
6917
|
-
_.call(e + "__finalExponentiationLastChunk", R,
|
|
6869
|
+
_.call(e + "__finalExponentiationLastChunk", R, M)
|
|
6918
6870
|
);
|
|
6919
6871
|
}
|
|
6920
|
-
function
|
|
6872
|
+
function zt() {
|
|
6921
6873
|
const G = t.addFunction(e + "_finalExponentiationOld");
|
|
6922
6874
|
G.addParam("x", "i32"), G.addParam("r", "i32");
|
|
6923
|
-
const g = t.alloc(xt.bigInt2BytesLE(552484233613224096312617126783173147097382103762957654188882734314196910839907541213974502761540629817009608548654680343627701153829446747810907373256841551006201639677726139946029199968412598804882391702273019083653272047566316584365559776493027495458238373902875937659943504873220554161550525926302303331747463515644711876653177129578303191095900909191624817826566688241804408081892785725967931714097716709526092261278071952560171111444072049229123565057483750161460024353346284167282452756217662335528813519139808291170539072125381230815729071544861602750936964829313608137325426383735122175229541155376346436093930287402089517426973178917569713384748081827255472576937471496195752727188261435633271238710131736096299798168852925540549342330775279877006784354801422249722573783561685179618816480037695005515426162362431072245638324744480n, 352)),
|
|
6875
|
+
const g = t.alloc(xt.bigInt2BytesLE(552484233613224096312617126783173147097382103762957654188882734314196910839907541213974502761540629817009608548654680343627701153829446747810907373256841551006201639677726139946029199968412598804882391702273019083653272047566316584365559776493027495458238373902875937659943504873220554161550525926302303331747463515644711876653177129578303191095900909191624817826566688241804408081892785725967931714097716709526092261278071952560171111444072049229123565057483750161460024353346284167282452756217662335528813519139808291170539072125381230815729071544861602750936964829313608137325426383735122175229541155376346436093930287402089517426973178917569713384748081827255472576937471496195752727188261435633271238710131736096299798168852925540549342330775279877006784354801422249722573783561685179618816480037695005515426162362431072245638324744480n, 352)), M = G.getCodeBuilder();
|
|
6924
6876
|
G.addCode(
|
|
6925
|
-
|
|
6877
|
+
M.call(st + "_exp", M.getLocal("x"), M.i32_const(g), M.i32_const(352), M.getLocal("r"))
|
|
6926
6878
|
);
|
|
6927
6879
|
}
|
|
6928
6880
|
const Nt = t.alloc(w), Kt = t.alloc(I);
|
|
6929
6881
|
function en(G) {
|
|
6930
6882
|
const _ = t.addFunction(e + "_pairingEq" + G);
|
|
6931
|
-
for (let
|
|
6932
|
-
_.addParam("p_" +
|
|
6883
|
+
for (let q = 0; q < G; q++)
|
|
6884
|
+
_.addParam("p_" + q, "i32"), _.addParam("q_" + q, "i32");
|
|
6933
6885
|
_.addParam("c", "i32"), _.setReturnType("i32");
|
|
6934
|
-
const g = _.getCodeBuilder(),
|
|
6935
|
-
_.addCode(g.call(st + "_one",
|
|
6936
|
-
for (let
|
|
6937
|
-
_.addCode(g.call(e + "_prepareG1", g.getLocal("p_" +
|
|
6938
|
-
_.addCode(g.call(e + "_finalExponentiation",
|
|
6886
|
+
const g = _.getCodeBuilder(), M = g.i32_const(t.alloc(C)), R = g.i32_const(t.alloc(C));
|
|
6887
|
+
_.addCode(g.call(st + "_one", M));
|
|
6888
|
+
for (let q = 0; q < G; q++)
|
|
6889
|
+
_.addCode(g.call(e + "_prepareG1", g.getLocal("p_" + q), g.i32_const(Nt))), _.addCode(g.call(e + "_prepareG2", g.getLocal("q_" + q), g.i32_const(Kt))), _.addCode(g.call(e + "_millerLoop", g.i32_const(Nt), g.i32_const(Kt), R)), _.addCode(g.call(st + "_mul", M, R, M));
|
|
6890
|
+
_.addCode(g.call(e + "_finalExponentiation", M, M)), _.addCode(g.call(st + "_eq", M, g.getLocal("c")));
|
|
6939
6891
|
}
|
|
6940
6892
|
function Zt() {
|
|
6941
6893
|
const G = t.addFunction(e + "_pairing");
|
|
@@ -6946,40 +6898,40 @@ var hs = function(t, n) {
|
|
|
6946
6898
|
at(), It(), N(), Lt(), gt(), St(), dt();
|
|
6947
6899
|
for (let G = 0; G < 10; G++)
|
|
6948
6900
|
yt(G), t.exportFunction(e + "__frobeniusMap" + G);
|
|
6949
|
-
|
|
6901
|
+
zt(), jt();
|
|
6950
6902
|
for (let G = 1; G <= 5; G++)
|
|
6951
6903
|
en(G), t.exportFunction(e + "_pairingEq" + G);
|
|
6952
6904
|
Zt(), t.exportFunction(e + "_pairing"), t.exportFunction(e + "_prepareG1"), t.exportFunction(e + "_prepareG2"), t.exportFunction(e + "_millerLoop"), t.exportFunction(e + "_finalExponentiation"), t.exportFunction(e + "_finalExponentiationOld"), t.exportFunction(e + "__mulBy024"), t.exportFunction(e + "__mulBy024Old"), t.exportFunction(e + "__cyclotomicSquare"), t.exportFunction(e + "__cyclotomicExp_w0");
|
|
6953
6905
|
};
|
|
6954
|
-
const Et = mn, ps = yo, Ls = Wi, Go = Xi, As = ta, Ko = na,
|
|
6906
|
+
const Et = mn, ps = yo, Ls = Wi, Go = Xi, As = ta, Ko = na, qe = ea, bs = oa, ys = ia, Kn = aa, { bitLength: Ho, isOdd: Vo, isNegative: Is } = Yt;
|
|
6955
6907
|
var Cs = function(t, n) {
|
|
6956
6908
|
const e = n || "bls12381";
|
|
6957
6909
|
if (t.modules[e])
|
|
6958
6910
|
return e;
|
|
6959
6911
|
const i = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn, s = 0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001n, d = Math.floor((Ho(i - 1n) - 1) / 64) + 1, r = d * 8, b = r, u = b * 2, l = b * 12, C = Math.floor((Ho(s - 1n) - 1) / 64) + 1, B = C * 8, A = B, O = t.alloc(Et.bigInt2BytesLE(s, A)), P = ps(t, i, "f1m", "intq");
|
|
6960
6912
|
Ls(t, s, "fr", "frm", "intr");
|
|
6961
|
-
const E = t.alloc(Et.bigInt2BytesLE(F(4n), b)),
|
|
6962
|
-
|
|
6913
|
+
const E = t.alloc(Et.bigInt2BytesLE(F(4n), b)), z = Ko(t, "g1m", "f1m", E);
|
|
6914
|
+
qe(t, "frm", "frm", "frm", "frm_mul"), bs(t, "pol", "frm"), ys(t, "qap", "frm");
|
|
6963
6915
|
const x = Go(t, "f1m_neg", "f2m", "f1m"), ot = t.alloc([
|
|
6964
6916
|
...Et.bigInt2BytesLE(F(4n), b),
|
|
6965
6917
|
...Et.bigInt2BytesLE(F(4n), b)
|
|
6966
|
-
]),
|
|
6918
|
+
]), T = Ko(t, "g2m", "f2m", ot);
|
|
6967
6919
|
function rt(_, g) {
|
|
6968
|
-
const
|
|
6969
|
-
|
|
6970
|
-
const R =
|
|
6971
|
-
|
|
6972
|
-
R.call("frm_fromMontgomery", R.getLocal("pFr"),
|
|
6920
|
+
const M = t.addFunction(_);
|
|
6921
|
+
M.addParam("pG", "i32"), M.addParam("pFr", "i32"), M.addParam("pr", "i32");
|
|
6922
|
+
const R = M.getCodeBuilder(), q = R.i32_const(t.alloc(B));
|
|
6923
|
+
M.addCode(
|
|
6924
|
+
R.call("frm_fromMontgomery", R.getLocal("pFr"), q),
|
|
6973
6925
|
R.call(
|
|
6974
6926
|
g,
|
|
6975
6927
|
R.getLocal("pG"),
|
|
6976
|
-
|
|
6928
|
+
q,
|
|
6977
6929
|
R.i32_const(B),
|
|
6978
6930
|
R.getLocal("pr")
|
|
6979
6931
|
)
|
|
6980
6932
|
), t.exportFunction(_);
|
|
6981
6933
|
}
|
|
6982
|
-
rt("g1m_timesFr", "g1m_timesScalar"),
|
|
6934
|
+
rt("g1m_timesFr", "g1m_timesScalar"), qe(t, "g1m", "g1m", "frm", "g1m_timesFr"), rt("g2m_timesFr", "g2m_timesScalar"), qe(t, "g2m", "g2m", "frm", "g2m_timesFr"), rt("g1m_timesFrAffine", "g1m_timesScalarAffine"), rt("g2m_timesFrAffine", "g2m_timesScalarAffine"), Kn(t, "frm_batchApplyKey", "fmr", "frm", B, B, B, "frm_mul"), Kn(t, "g1m_batchApplyKey", "g1m", "frm", r * 3, r * 3, B, "g1m_timesFr"), Kn(t, "g1m_batchApplyKeyMixed", "g1m", "frm", r * 2, r * 3, B, "g1m_timesFrAffine"), Kn(t, "g2m_batchApplyKey", "g2m", "frm", r * 2 * 3, r * 3 * 2, B, "g2m_timesFr"), Kn(t, "g2m_batchApplyKeyMixed", "g2m", "frm", r * 2 * 2, r * 3 * 2, B, "g2m_timesFrAffine");
|
|
6983
6935
|
function F(_) {
|
|
6984
6936
|
return BigInt(_) * (1n << BigInt(b * 8)) % i;
|
|
6985
6937
|
}
|
|
@@ -7016,7 +6968,7 @@ var Cs = function(t, n) {
|
|
|
7016
6968
|
1n,
|
|
7017
6969
|
0n
|
|
7018
6970
|
]
|
|
7019
|
-
],
|
|
6971
|
+
], Q = t.alloc(
|
|
7020
6972
|
[
|
|
7021
6973
|
...Et.bigInt2BytesLE(F(X[0][0]), b),
|
|
7022
6974
|
...Et.bigInt2BytesLE(F(X[0][1]), b),
|
|
@@ -7067,11 +7019,11 @@ var Cs = function(t, n) {
|
|
|
7067
7019
|
function nt() {
|
|
7068
7020
|
const _ = t.addFunction(x + "_mulNR");
|
|
7069
7021
|
_.addParam("x", "i32"), _.addParam("pr", "i32");
|
|
7070
|
-
const g = _.getCodeBuilder(),
|
|
7022
|
+
const g = _.getCodeBuilder(), M = g.i32_const(t.alloc(b)), R = g.getLocal("x"), q = g.i32_add(g.getLocal("x"), g.i32_const(b)), k = g.getLocal("pr"), U = g.i32_add(g.getLocal("pr"), g.i32_const(b));
|
|
7071
7023
|
_.addCode(
|
|
7072
|
-
g.call(P + "_copy", R,
|
|
7073
|
-
g.call(P + "_sub", R,
|
|
7074
|
-
g.call(P + "_add",
|
|
7024
|
+
g.call(P + "_copy", R, M),
|
|
7025
|
+
g.call(P + "_sub", R, q, k),
|
|
7026
|
+
g.call(P + "_add", M, q, U)
|
|
7075
7027
|
);
|
|
7076
7028
|
}
|
|
7077
7029
|
nt();
|
|
@@ -7079,12 +7031,12 @@ var Cs = function(t, n) {
|
|
|
7079
7031
|
function ct() {
|
|
7080
7032
|
const _ = t.addFunction(K + "_mulNR");
|
|
7081
7033
|
_.addParam("x", "i32"), _.addParam("pr", "i32");
|
|
7082
|
-
const g = _.getCodeBuilder(),
|
|
7034
|
+
const g = _.getCodeBuilder(), M = g.i32_const(t.alloc(b * 2));
|
|
7083
7035
|
_.addCode(
|
|
7084
7036
|
g.call(
|
|
7085
7037
|
x + "_copy",
|
|
7086
7038
|
g.getLocal("x"),
|
|
7087
|
-
|
|
7039
|
+
M
|
|
7088
7040
|
),
|
|
7089
7041
|
g.call(
|
|
7090
7042
|
x + "_mulNR",
|
|
@@ -7098,7 +7050,7 @@ var Cs = function(t, n) {
|
|
|
7098
7050
|
),
|
|
7099
7051
|
g.call(
|
|
7100
7052
|
x + "_copy",
|
|
7101
|
-
|
|
7053
|
+
M,
|
|
7102
7054
|
g.i32_add(g.getLocal("pr"), g.i32_const(r * 2))
|
|
7103
7055
|
)
|
|
7104
7056
|
);
|
|
@@ -7113,7 +7065,7 @@ var Cs = function(t, n) {
|
|
|
7113
7065
|
pG1gen: L,
|
|
7114
7066
|
pG1zero: $,
|
|
7115
7067
|
pG1b: E,
|
|
7116
|
-
pG2gen:
|
|
7068
|
+
pG2gen: Q,
|
|
7117
7069
|
pG2zero: v,
|
|
7118
7070
|
pG2b: ot,
|
|
7119
7071
|
pq: t.modules.f1m.pq,
|
|
@@ -7126,46 +7078,46 @@ var Cs = function(t, n) {
|
|
|
7126
7078
|
};
|
|
7127
7079
|
function S(_) {
|
|
7128
7080
|
let g = _;
|
|
7129
|
-
const
|
|
7081
|
+
const M = [];
|
|
7130
7082
|
for (; g > 0n; ) {
|
|
7131
7083
|
if (Vo(g)) {
|
|
7132
7084
|
const R = 2 - Number(g % 4n);
|
|
7133
|
-
|
|
7085
|
+
M.push(R), g = g - BigInt(R);
|
|
7134
7086
|
} else
|
|
7135
|
-
|
|
7087
|
+
M.push(0);
|
|
7136
7088
|
g = g >> 1n;
|
|
7137
7089
|
}
|
|
7138
|
-
return
|
|
7090
|
+
return M;
|
|
7139
7091
|
}
|
|
7140
7092
|
function W(_) {
|
|
7141
7093
|
let g = _;
|
|
7142
|
-
const
|
|
7094
|
+
const M = [];
|
|
7143
7095
|
for (; g > 0n; )
|
|
7144
|
-
Vo(g) ?
|
|
7145
|
-
return
|
|
7096
|
+
Vo(g) ? M.push(1) : M.push(0), g = g >> 1n;
|
|
7097
|
+
return M;
|
|
7146
7098
|
}
|
|
7147
7099
|
function N() {
|
|
7148
7100
|
const _ = t.addFunction(e + "_prepareG1");
|
|
7149
7101
|
_.addParam("pP", "i32"), _.addParam("ppreP", "i32");
|
|
7150
7102
|
const g = _.getCodeBuilder();
|
|
7151
7103
|
_.addCode(
|
|
7152
|
-
g.call(
|
|
7104
|
+
g.call(z + "_normalize", g.getLocal("pP"), g.getLocal("ppreP"))
|
|
7153
7105
|
// TODO Remove if already in affine
|
|
7154
7106
|
);
|
|
7155
7107
|
}
|
|
7156
7108
|
function at() {
|
|
7157
7109
|
const _ = t.addFunction(e + "_prepDblStep");
|
|
7158
7110
|
_.addParam("R", "i32"), _.addParam("r", "i32");
|
|
7159
|
-
const g = _.getCodeBuilder(),
|
|
7111
|
+
const g = _.getCodeBuilder(), M = g.getLocal("R"), R = g.i32_add(g.getLocal("R"), g.i32_const(2 * r)), q = g.i32_add(g.getLocal("R"), g.i32_const(4 * r)), k = g.getLocal("r"), U = g.i32_add(g.getLocal("r"), g.i32_const(2 * r)), j = g.i32_add(g.getLocal("r"), g.i32_const(4 * r)), Y = g.i32_const(t.alloc(u)), Z = g.i32_const(t.alloc(u)), H = g.i32_const(t.alloc(u)), et = g.i32_const(t.alloc(u)), ft = g.i32_const(t.alloc(u));
|
|
7160
7112
|
_.addCode(
|
|
7161
7113
|
// tmp0 = r.x.square();
|
|
7162
|
-
g.call(x + "_square",
|
|
7114
|
+
g.call(x + "_square", M, k),
|
|
7163
7115
|
// tmp1 = r.y.square();
|
|
7164
7116
|
g.call(x + "_square", R, Z),
|
|
7165
7117
|
// tmp2 = tmp1.square();
|
|
7166
7118
|
g.call(x + "_square", Z, H),
|
|
7167
7119
|
// tmp3 = (tmp1 + r.x).square() - tmp0 - tmp2;
|
|
7168
|
-
g.call(x + "_add", Z,
|
|
7120
|
+
g.call(x + "_add", Z, M, U),
|
|
7169
7121
|
g.call(x + "_square", U, U),
|
|
7170
7122
|
g.call(x + "_sub", U, k, U),
|
|
7171
7123
|
g.call(x + "_sub", U, H, U),
|
|
@@ -7175,21 +7127,21 @@ var Cs = function(t, n) {
|
|
|
7175
7127
|
g.call(x + "_add", k, k, et),
|
|
7176
7128
|
g.call(x + "_add", et, k, et),
|
|
7177
7129
|
// tmp6 = r.x + tmp4;
|
|
7178
|
-
g.call(x + "_add",
|
|
7130
|
+
g.call(x + "_add", M, et, j),
|
|
7179
7131
|
// tmp5 = tmp4.square();
|
|
7180
7132
|
g.call(x + "_square", et, ft),
|
|
7181
7133
|
// zsquared = r.z.square();
|
|
7182
|
-
g.call(x + "_square",
|
|
7134
|
+
g.call(x + "_square", q, Y),
|
|
7183
7135
|
// r.x = tmp5 - tmp3 - tmp3;
|
|
7184
|
-
g.call(x + "_sub", ft, U,
|
|
7185
|
-
g.call(x + "_sub",
|
|
7136
|
+
g.call(x + "_sub", ft, U, M),
|
|
7137
|
+
g.call(x + "_sub", M, U, M),
|
|
7186
7138
|
// r.z = (r.z + r.y).square() - tmp1 - zsquared;
|
|
7187
|
-
g.call(x + "_add",
|
|
7188
|
-
g.call(x + "_square",
|
|
7189
|
-
g.call(x + "_sub",
|
|
7190
|
-
g.call(x + "_sub",
|
|
7139
|
+
g.call(x + "_add", q, R, q),
|
|
7140
|
+
g.call(x + "_square", q, q),
|
|
7141
|
+
g.call(x + "_sub", q, Z, q),
|
|
7142
|
+
g.call(x + "_sub", q, Y, q),
|
|
7191
7143
|
// r.y = (tmp3 - r.x) * tmp4;
|
|
7192
|
-
g.call(x + "_sub", U,
|
|
7144
|
+
g.call(x + "_sub", U, M, R),
|
|
7193
7145
|
g.call(x + "_mul", R, et, R),
|
|
7194
7146
|
// tmp2 = tmp2 + tmp2;
|
|
7195
7147
|
g.call(x + "_add", H, H, H),
|
|
@@ -7216,7 +7168,7 @@ var Cs = function(t, n) {
|
|
|
7216
7168
|
// tmp6 = tmp6 - tmp1;
|
|
7217
7169
|
g.call(x + "_sub", j, Z, j),
|
|
7218
7170
|
// tmp0 = r.z * zsquared;
|
|
7219
|
-
g.call(x + "_mul",
|
|
7171
|
+
g.call(x + "_mul", q, Y, k),
|
|
7220
7172
|
// tmp0 = tmp0 + tmp0;
|
|
7221
7173
|
g.call(x + "_add", k, k, k)
|
|
7222
7174
|
);
|
|
@@ -7224,22 +7176,22 @@ var Cs = function(t, n) {
|
|
|
7224
7176
|
function It() {
|
|
7225
7177
|
const _ = t.addFunction(e + "_prepAddStep");
|
|
7226
7178
|
_.addParam("R", "i32"), _.addParam("Q", "i32"), _.addParam("r", "i32");
|
|
7227
|
-
const g = _.getCodeBuilder(),
|
|
7179
|
+
const g = _.getCodeBuilder(), M = g.getLocal("R"), R = g.i32_add(g.getLocal("R"), g.i32_const(2 * r)), q = g.i32_add(g.getLocal("R"), g.i32_const(4 * r)), k = g.getLocal("Q"), U = g.i32_add(g.getLocal("Q"), g.i32_const(2 * r)), j = g.getLocal("r"), Y = g.i32_add(g.getLocal("r"), g.i32_const(2 * r)), Z = g.i32_add(g.getLocal("r"), g.i32_const(4 * r)), H = g.i32_const(t.alloc(u)), et = g.i32_const(t.alloc(u)), ft = g.i32_const(t.alloc(u)), _t = g.i32_const(t.alloc(u)), lt = g.i32_const(t.alloc(u)), bt = g.i32_const(t.alloc(u)), mt = g.i32_const(t.alloc(u)), Ot = g.i32_const(t.alloc(u)), Ct = g.i32_const(t.alloc(u)), wt = g.i32_const(t.alloc(u)), ht = g.i32_const(t.alloc(u));
|
|
7228
7180
|
_.addCode(
|
|
7229
7181
|
// zsquared = r.z.square();
|
|
7230
|
-
g.call(x + "_square",
|
|
7182
|
+
g.call(x + "_square", q, H),
|
|
7231
7183
|
// ysquared = q.y.square();
|
|
7232
7184
|
g.call(x + "_square", U, et),
|
|
7233
7185
|
// t0 = zsquared * q.x;
|
|
7234
7186
|
g.call(x + "_mul", H, k, _t),
|
|
7235
7187
|
// t1 = ((q.y + r.z).square() - ysquared - zsquared) * zsquared;
|
|
7236
|
-
g.call(x + "_add", U,
|
|
7188
|
+
g.call(x + "_add", U, q, Y),
|
|
7237
7189
|
g.call(x + "_square", Y, Y),
|
|
7238
7190
|
g.call(x + "_sub", Y, et, Y),
|
|
7239
7191
|
g.call(x + "_sub", Y, H, Y),
|
|
7240
7192
|
g.call(x + "_mul", Y, H, Y),
|
|
7241
7193
|
// t2 = t0 - r.x;
|
|
7242
|
-
g.call(x + "_sub", _t,
|
|
7194
|
+
g.call(x + "_sub", _t, M, lt),
|
|
7243
7195
|
// t3 = t2.square();
|
|
7244
7196
|
g.call(x + "_square", lt, bt),
|
|
7245
7197
|
// t4 = t3 + t3;
|
|
@@ -7254,21 +7206,21 @@ var Cs = function(t, n) {
|
|
|
7254
7206
|
// t9 = t6 * q.x;
|
|
7255
7207
|
g.call(x + "_mul", Ct, k, Z),
|
|
7256
7208
|
// t7 = t4 * r.x;
|
|
7257
|
-
g.call(x + "_mul", mt,
|
|
7209
|
+
g.call(x + "_mul", mt, M, wt),
|
|
7258
7210
|
// r.x = t6.square() - t5 - t7 - t7;
|
|
7259
|
-
g.call(x + "_square", Ct,
|
|
7260
|
-
g.call(x + "_sub",
|
|
7261
|
-
g.call(x + "_sub",
|
|
7262
|
-
g.call(x + "_sub",
|
|
7211
|
+
g.call(x + "_square", Ct, M),
|
|
7212
|
+
g.call(x + "_sub", M, Ot, M),
|
|
7213
|
+
g.call(x + "_sub", M, wt, M),
|
|
7214
|
+
g.call(x + "_sub", M, wt, M),
|
|
7263
7215
|
// r.z = (r.z + t2).square() - zsquared - t3;
|
|
7264
|
-
g.call(x + "_add",
|
|
7265
|
-
g.call(x + "_square",
|
|
7266
|
-
g.call(x + "_sub",
|
|
7267
|
-
g.call(x + "_sub",
|
|
7216
|
+
g.call(x + "_add", q, lt, q),
|
|
7217
|
+
g.call(x + "_square", q, q),
|
|
7218
|
+
g.call(x + "_sub", q, H, q),
|
|
7219
|
+
g.call(x + "_sub", q, bt, q),
|
|
7268
7220
|
// t10 = q.y + r.z;
|
|
7269
|
-
g.call(x + "_add", U,
|
|
7221
|
+
g.call(x + "_add", U, q, j),
|
|
7270
7222
|
// t8 = (t7 - r.x) * t6;
|
|
7271
|
-
g.call(x + "_sub", wt,
|
|
7223
|
+
g.call(x + "_sub", wt, M, ht),
|
|
7272
7224
|
g.call(x + "_mul", ht, Ct, ht),
|
|
7273
7225
|
// t0 = r.y * t5;
|
|
7274
7226
|
g.call(x + "_mul", R, Ot, _t),
|
|
@@ -7280,14 +7232,14 @@ var Cs = function(t, n) {
|
|
|
7280
7232
|
g.call(x + "_square", j, j),
|
|
7281
7233
|
g.call(x + "_sub", j, et, j),
|
|
7282
7234
|
// ztsquared = r.z.square();
|
|
7283
|
-
g.call(x + "_square",
|
|
7235
|
+
g.call(x + "_square", q, ft),
|
|
7284
7236
|
// t10 = t10 - ztsquared;
|
|
7285
7237
|
g.call(x + "_sub", j, ft, j),
|
|
7286
7238
|
// t9 = t9 + t9 - t10;
|
|
7287
7239
|
g.call(x + "_add", Z, Z, Z),
|
|
7288
7240
|
g.call(x + "_sub", Z, j, Z),
|
|
7289
7241
|
// t10 = r.z + r.z;
|
|
7290
|
-
g.call(x + "_add",
|
|
7242
|
+
g.call(x + "_add", q, q, j),
|
|
7291
7243
|
// t6 = -t6;
|
|
7292
7244
|
g.call(x + "_neg", Ct, Ct),
|
|
7293
7245
|
// t1 = t6 + t6;
|
|
@@ -7297,24 +7249,24 @@ var Cs = function(t, n) {
|
|
|
7297
7249
|
function ut() {
|
|
7298
7250
|
const _ = t.addFunction(e + "_prepareG2");
|
|
7299
7251
|
_.addParam("pQ", "i32"), _.addParam("ppreQ", "i32"), _.addLocal("pCoef", "i32"), _.addLocal("i", "i32");
|
|
7300
|
-
const g = _.getCodeBuilder(),
|
|
7252
|
+
const g = _.getCodeBuilder(), M = g.getLocal("pQ"), R = t.alloc(u * 3), q = g.i32_const(R), k = g.getLocal("ppreQ");
|
|
7301
7253
|
_.addCode(
|
|
7302
|
-
g.call(
|
|
7254
|
+
g.call(T + "_normalize", M, k),
|
|
7303
7255
|
g.if(
|
|
7304
|
-
g.call(
|
|
7256
|
+
g.call(T + "_isZero", k),
|
|
7305
7257
|
g.ret([])
|
|
7306
7258
|
),
|
|
7307
|
-
g.call(
|
|
7259
|
+
g.call(T + "_copy", k, q),
|
|
7308
7260
|
g.setLocal("pCoef", g.i32_add(g.getLocal("ppreQ"), g.i32_const(u * 3)))
|
|
7309
7261
|
), _.addCode(
|
|
7310
7262
|
g.setLocal("i", g.i32_const(At.length - 2)),
|
|
7311
7263
|
g.block(g.loop(
|
|
7312
|
-
g.call(e + "_prepDblStep",
|
|
7264
|
+
g.call(e + "_prepDblStep", q, g.getLocal("pCoef")),
|
|
7313
7265
|
g.setLocal("pCoef", g.i32_add(g.getLocal("pCoef"), g.i32_const(pt))),
|
|
7314
7266
|
g.if(
|
|
7315
7267
|
g.i32_load8_s(g.getLocal("i"), Bt),
|
|
7316
7268
|
[
|
|
7317
|
-
...g.call(e + "_prepAddStep",
|
|
7269
|
+
...g.call(e + "_prepAddStep", q, k, g.getLocal("pCoef")),
|
|
7318
7270
|
...g.setLocal("pCoef", g.i32_add(g.getLocal("pCoef"), g.i32_const(pt)))
|
|
7319
7271
|
]
|
|
7320
7272
|
),
|
|
@@ -7327,10 +7279,10 @@ var Cs = function(t, n) {
|
|
|
7327
7279
|
function Lt() {
|
|
7328
7280
|
const _ = t.addFunction(K + "_mul1");
|
|
7329
7281
|
_.addParam("pA", "i32"), _.addParam("pC1", "i32"), _.addParam("pR", "i32");
|
|
7330
|
-
const g = _.getCodeBuilder(),
|
|
7282
|
+
const g = _.getCodeBuilder(), M = g.getLocal("pA"), R = g.i32_add(g.getLocal("pA"), g.i32_const(b * 2)), q = g.i32_add(g.getLocal("pA"), g.i32_const(b * 4)), k = g.getLocal("pC1"), U = g.getLocal("pR"), j = g.i32_add(g.getLocal("pR"), g.i32_const(b * 2)), Y = g.i32_add(g.getLocal("pR"), g.i32_const(b * 4)), Z = g.i32_const(t.alloc(b * 2)), H = g.i32_const(t.alloc(b * 2));
|
|
7331
7283
|
_.addCode(
|
|
7332
|
-
g.call(x + "_add",
|
|
7333
|
-
g.call(x + "_add", R,
|
|
7284
|
+
g.call(x + "_add", M, R, Z),
|
|
7285
|
+
g.call(x + "_add", R, q, H),
|
|
7334
7286
|
// let b_b = self.c1 * c1;
|
|
7335
7287
|
g.call(x + "_mul", R, k, Y),
|
|
7336
7288
|
// let t1 = (self.c1 + self.c2) * c1 - b_b;
|
|
@@ -7347,16 +7299,16 @@ var Cs = function(t, n) {
|
|
|
7347
7299
|
function St() {
|
|
7348
7300
|
const _ = t.addFunction(K + "_mul01");
|
|
7349
7301
|
_.addParam("pA", "i32"), _.addParam("pC0", "i32"), _.addParam("pC1", "i32"), _.addParam("pR", "i32");
|
|
7350
|
-
const g = _.getCodeBuilder(),
|
|
7302
|
+
const g = _.getCodeBuilder(), M = g.getLocal("pA"), R = g.i32_add(g.getLocal("pA"), g.i32_const(b * 2)), q = g.i32_add(g.getLocal("pA"), g.i32_const(b * 4)), k = g.getLocal("pC0"), U = g.getLocal("pC1"), j = g.getLocal("pR"), Y = g.i32_add(g.getLocal("pR"), g.i32_const(b * 2)), Z = g.i32_add(g.getLocal("pR"), g.i32_const(b * 4)), H = g.i32_const(t.alloc(b * 2)), et = g.i32_const(t.alloc(b * 2)), ft = g.i32_const(t.alloc(b * 2)), _t = g.i32_const(t.alloc(b * 2));
|
|
7351
7303
|
_.addCode(
|
|
7352
7304
|
// let a_a = self.c0 * c0;
|
|
7353
|
-
g.call(x + "_mul",
|
|
7305
|
+
g.call(x + "_mul", M, k, H),
|
|
7354
7306
|
// let b_b = self.c1 * c1;
|
|
7355
7307
|
g.call(x + "_mul", R, U, et),
|
|
7356
|
-
g.call(x + "_add",
|
|
7357
|
-
g.call(x + "_add",
|
|
7308
|
+
g.call(x + "_add", M, R, ft),
|
|
7309
|
+
g.call(x + "_add", M, q, _t),
|
|
7358
7310
|
// let t1 = (self.c1 + self.c2) * c1 - b_b;
|
|
7359
|
-
g.call(x + "_add", R,
|
|
7311
|
+
g.call(x + "_add", R, q, j),
|
|
7360
7312
|
g.call(x + "_mul", j, U, j),
|
|
7361
7313
|
g.call(x + "_sub", j, et, j),
|
|
7362
7314
|
// let t1 = t1.mul_by_nonresidue() + a_a;
|
|
@@ -7377,18 +7329,18 @@ var Cs = function(t, n) {
|
|
|
7377
7329
|
function gt() {
|
|
7378
7330
|
const _ = t.addFunction(J + "_mul014");
|
|
7379
7331
|
_.addParam("pA", "i32"), _.addParam("pC0", "i32"), _.addParam("pC1", "i32"), _.addParam("pC4", "i32"), _.addParam("pR", "i32");
|
|
7380
|
-
const g = _.getCodeBuilder(),
|
|
7332
|
+
const g = _.getCodeBuilder(), M = g.getLocal("pA"), R = g.i32_add(g.getLocal("pA"), g.i32_const(b * 6)), q = g.getLocal("pC0"), k = g.getLocal("pC1"), U = g.getLocal("pC4"), j = g.i32_const(t.alloc(b * 6)), Y = g.i32_const(t.alloc(b * 6)), Z = g.i32_const(t.alloc(b * 2)), H = g.getLocal("pR"), et = g.i32_add(g.getLocal("pR"), g.i32_const(b * 6));
|
|
7381
7333
|
_.addCode(
|
|
7382
7334
|
// let aa = self.c0.mul_by_01(c0, c1);
|
|
7383
|
-
g.call(K + "_mul01",
|
|
7335
|
+
g.call(K + "_mul01", M, q, k, j),
|
|
7384
7336
|
// let bb = self.c1.mul_by_1(c4);
|
|
7385
7337
|
g.call(K + "_mul1", R, U, Y),
|
|
7386
7338
|
// let o = c1 + c4;
|
|
7387
7339
|
g.call(x + "_add", k, U, Z),
|
|
7388
7340
|
// let c1 = self.c1 + self.c0;
|
|
7389
|
-
g.call(K + "_add", R,
|
|
7341
|
+
g.call(K + "_add", R, M, et),
|
|
7390
7342
|
// let c1 = c1.mul_by_01(c0, &o);
|
|
7391
|
-
g.call(K + "_mul01", et,
|
|
7343
|
+
g.call(K + "_mul01", et, q, Z, et),
|
|
7392
7344
|
// let c1 = c1 - aa - bb;
|
|
7393
7345
|
g.call(K + "_sub", et, j, et),
|
|
7394
7346
|
g.call(K + "_sub", et, Y, et),
|
|
@@ -7404,7 +7356,7 @@ var Cs = function(t, n) {
|
|
|
7404
7356
|
function dt() {
|
|
7405
7357
|
const _ = t.addFunction(e + "_ell");
|
|
7406
7358
|
_.addParam("pP", "i32"), _.addParam("pCoefs", "i32"), _.addParam("pF", "i32");
|
|
7407
|
-
const g = _.getCodeBuilder(),
|
|
7359
|
+
const g = _.getCodeBuilder(), M = g.getLocal("pP"), R = g.i32_add(g.getLocal("pP"), g.i32_const(r)), q = g.getLocal("pF"), k = g.getLocal("pCoefs"), U = g.i32_add(g.getLocal("pCoefs"), g.i32_const(b)), j = g.i32_add(g.getLocal("pCoefs"), g.i32_const(b * 2)), Y = g.i32_add(g.getLocal("pCoefs"), g.i32_const(b * 3)), Z = g.i32_add(g.getLocal("pCoefs"), g.i32_const(b * 4)), H = t.alloc(b * 2), et = g.i32_const(H), ft = g.i32_const(H), _t = g.i32_const(H + b), lt = t.alloc(b * 2), bt = g.i32_const(lt), mt = g.i32_const(lt), Ot = g.i32_const(lt + b);
|
|
7408
7360
|
_.addCode(
|
|
7409
7361
|
// let mut c0 = coeffs.0;
|
|
7410
7362
|
// let mut c1 = coeffs.1;
|
|
@@ -7418,46 +7370,46 @@ var Cs = function(t, n) {
|
|
|
7418
7370
|
// f.mul_by_014(&coeffs.2, &c1, &c0)
|
|
7419
7371
|
g.call(P + "_mul", k, R, ft),
|
|
7420
7372
|
g.call(P + "_mul", U, R, _t),
|
|
7421
|
-
g.call(P + "_mul", j,
|
|
7422
|
-
g.call(P + "_mul", Y,
|
|
7423
|
-
g.call(J + "_mul014",
|
|
7373
|
+
g.call(P + "_mul", j, M, mt),
|
|
7374
|
+
g.call(P + "_mul", Y, M, Ot),
|
|
7375
|
+
g.call(J + "_mul014", q, Z, bt, et, q)
|
|
7424
7376
|
);
|
|
7425
7377
|
}
|
|
7426
7378
|
dt();
|
|
7427
7379
|
function yt() {
|
|
7428
7380
|
const _ = t.addFunction(e + "_millerLoop");
|
|
7429
7381
|
_.addParam("ppreP", "i32"), _.addParam("ppreQ", "i32"), _.addParam("r", "i32"), _.addLocal("pCoef", "i32"), _.addLocal("i", "i32");
|
|
7430
|
-
const g = _.getCodeBuilder(),
|
|
7382
|
+
const g = _.getCodeBuilder(), M = g.getLocal("ppreP"), R = g.getLocal("pCoef"), q = g.getLocal("r");
|
|
7431
7383
|
_.addCode(
|
|
7432
|
-
g.call(J + "_one",
|
|
7384
|
+
g.call(J + "_one", q),
|
|
7433
7385
|
g.if(
|
|
7434
|
-
g.call(
|
|
7386
|
+
g.call(z + "_isZero", M),
|
|
7435
7387
|
g.ret([])
|
|
7436
7388
|
),
|
|
7437
7389
|
g.if(
|
|
7438
|
-
g.call(
|
|
7390
|
+
g.call(z + "_isZero", g.getLocal("ppreQ")),
|
|
7439
7391
|
g.ret([])
|
|
7440
7392
|
),
|
|
7441
7393
|
g.setLocal("pCoef", g.i32_add(g.getLocal("ppreQ"), g.i32_const(u * 3))),
|
|
7442
7394
|
g.setLocal("i", g.i32_const(At.length - 2)),
|
|
7443
7395
|
g.block(g.loop(
|
|
7444
|
-
g.call(e + "_ell",
|
|
7396
|
+
g.call(e + "_ell", M, R, q),
|
|
7445
7397
|
g.setLocal("pCoef", g.i32_add(g.getLocal("pCoef"), g.i32_const(pt))),
|
|
7446
7398
|
g.if(
|
|
7447
7399
|
g.i32_load8_s(g.getLocal("i"), Bt),
|
|
7448
7400
|
[
|
|
7449
|
-
...g.call(e + "_ell",
|
|
7401
|
+
...g.call(e + "_ell", M, R, q),
|
|
7450
7402
|
...g.setLocal("pCoef", g.i32_add(g.getLocal("pCoef"), g.i32_const(pt)))
|
|
7451
7403
|
]
|
|
7452
7404
|
),
|
|
7453
|
-
g.call(J + "_square",
|
|
7405
|
+
g.call(J + "_square", q, q),
|
|
7454
7406
|
g.br_if(1, g.i32_eq(g.getLocal("i"), g.i32_const(1))),
|
|
7455
7407
|
g.setLocal("i", g.i32_sub(g.getLocal("i"), g.i32_const(1))),
|
|
7456
7408
|
g.br(0)
|
|
7457
7409
|
)),
|
|
7458
|
-
g.call(e + "_ell",
|
|
7410
|
+
g.call(e + "_ell", M, R, q)
|
|
7459
7411
|
), _.addCode(
|
|
7460
|
-
g.call(J + "_conjugate",
|
|
7412
|
+
g.call(J + "_conjugate", q, q)
|
|
7461
7413
|
);
|
|
7462
7414
|
}
|
|
7463
7415
|
function vt(_) {
|
|
@@ -7490,7 +7442,7 @@ var Cs = function(t, n) {
|
|
|
7490
7442
|
[4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939437n, 0n],
|
|
7491
7443
|
[877076961050607968509681729531255177986764537961432449499635504522207616027455086505066378536590128544573588734230n, 3125332594171059424908108096204648978570118281977575435832422631601824034463382777937621250592425535493320683825557n]
|
|
7492
7444
|
]
|
|
7493
|
-
],
|
|
7445
|
+
], M = [
|
|
7494
7446
|
[
|
|
7495
7447
|
[1n, 0n],
|
|
7496
7448
|
[1n, 0n],
|
|
@@ -7517,17 +7469,17 @@ var Cs = function(t, n) {
|
|
|
7517
7469
|
]
|
|
7518
7470
|
], R = t.addFunction(J + "_frobeniusMap" + _);
|
|
7519
7471
|
R.addParam("x", "i32"), R.addParam("r", "i32");
|
|
7520
|
-
const
|
|
7472
|
+
const q = R.getCodeBuilder();
|
|
7521
7473
|
for (let U = 0; U < 6; U++) {
|
|
7522
|
-
const j = U == 0 ?
|
|
7474
|
+
const j = U == 0 ? q.getLocal("x") : q.i32_add(q.getLocal("x"), q.i32_const(U * u)), Y = j, Z = q.i32_add(q.getLocal("x"), q.i32_const(U * u + b)), H = U == 0 ? q.getLocal("r") : q.i32_add(q.getLocal("r"), q.i32_const(U * u)), et = H, ft = q.i32_add(q.getLocal("r"), q.i32_const(U * u + b)), _t = k(g[Math.floor(U / 3)][_ % 12], M[U % 3][_ % 6]), lt = t.alloc([
|
|
7523
7475
|
...Et.bigInt2BytesLE(F(_t[0]), r),
|
|
7524
7476
|
...Et.bigInt2BytesLE(F(_t[1]), r)
|
|
7525
7477
|
]);
|
|
7526
7478
|
_ % 2 == 1 ? R.addCode(
|
|
7527
|
-
|
|
7528
|
-
|
|
7529
|
-
|
|
7530
|
-
) : R.addCode(
|
|
7479
|
+
q.call(P + "_copy", Y, et),
|
|
7480
|
+
q.call(P + "_neg", Z, ft),
|
|
7481
|
+
q.call(x + "_mul", H, q.i32_const(lt), H)
|
|
7482
|
+
) : R.addCode(q.call(x + "_mul", j, q.i32_const(lt), H));
|
|
7531
7483
|
}
|
|
7532
7484
|
function k(U, j) {
|
|
7533
7485
|
const Y = U[0], Z = U[1], H = j[0], et = j[1], ft = [
|
|
@@ -7540,33 +7492,33 @@ var Cs = function(t, n) {
|
|
|
7540
7492
|
function Ut() {
|
|
7541
7493
|
const _ = t.addFunction(e + "__cyclotomicSquare");
|
|
7542
7494
|
_.addParam("x", "i32"), _.addParam("r", "i32");
|
|
7543
|
-
const g = _.getCodeBuilder(),
|
|
7495
|
+
const g = _.getCodeBuilder(), M = g.getLocal("x"), R = g.i32_add(g.getLocal("x"), g.i32_const(u)), q = g.i32_add(g.getLocal("x"), g.i32_const(2 * u)), k = g.i32_add(g.getLocal("x"), g.i32_const(3 * u)), U = g.i32_add(g.getLocal("x"), g.i32_const(4 * u)), j = g.i32_add(g.getLocal("x"), g.i32_const(5 * u)), Y = g.getLocal("r"), Z = g.i32_add(g.getLocal("r"), g.i32_const(u)), H = g.i32_add(g.getLocal("r"), g.i32_const(2 * u)), et = g.i32_add(g.getLocal("r"), g.i32_const(3 * u)), ft = g.i32_add(g.getLocal("r"), g.i32_const(4 * u)), _t = g.i32_add(g.getLocal("r"), g.i32_const(5 * u)), lt = g.i32_const(t.alloc(u)), bt = g.i32_const(t.alloc(u)), mt = g.i32_const(t.alloc(u)), Ot = g.i32_const(t.alloc(u)), Ct = g.i32_const(t.alloc(u)), wt = g.i32_const(t.alloc(u)), ht = g.i32_const(t.alloc(u)), qt = g.i32_const(t.alloc(u));
|
|
7544
7496
|
_.addCode(
|
|
7545
7497
|
// // t0 + t1*y = (z0 + z1*y)^2 = a^2
|
|
7546
7498
|
// tmp = z0 * z1;
|
|
7547
7499
|
// t0 = (z0 + z1) * (z0 + my_Fp6::non_residue * z1) - tmp - my_Fp6::non_residue * tmp;
|
|
7548
7500
|
// t1 = tmp + tmp;
|
|
7549
|
-
g.call(x + "_mul",
|
|
7501
|
+
g.call(x + "_mul", M, U, ht),
|
|
7550
7502
|
g.call(x + "_mulNR", U, lt),
|
|
7551
|
-
g.call(x + "_add",
|
|
7552
|
-
g.call(x + "_add",
|
|
7553
|
-
g.call(x + "_mul",
|
|
7554
|
-
g.call(x + "_mulNR", ht,
|
|
7555
|
-
g.call(x + "_add", ht,
|
|
7556
|
-
g.call(x + "_sub", lt,
|
|
7503
|
+
g.call(x + "_add", M, lt, lt),
|
|
7504
|
+
g.call(x + "_add", M, U, qt),
|
|
7505
|
+
g.call(x + "_mul", qt, lt, lt),
|
|
7506
|
+
g.call(x + "_mulNR", ht, qt),
|
|
7507
|
+
g.call(x + "_add", ht, qt, qt),
|
|
7508
|
+
g.call(x + "_sub", lt, qt, lt),
|
|
7557
7509
|
g.call(x + "_add", ht, ht, bt),
|
|
7558
7510
|
// // t2 + t3*y = (z2 + z3*y)^2 = b^2
|
|
7559
7511
|
// tmp = z2 * z3;
|
|
7560
7512
|
// t2 = (z2 + z3) * (z2 + my_Fp6::non_residue * z3) - tmp - my_Fp6::non_residue * tmp;
|
|
7561
7513
|
// t3 = tmp + tmp;
|
|
7562
|
-
g.call(x + "_mul", k,
|
|
7563
|
-
g.call(x + "_mulNR",
|
|
7514
|
+
g.call(x + "_mul", k, q, ht),
|
|
7515
|
+
g.call(x + "_mulNR", q, mt),
|
|
7564
7516
|
g.call(x + "_add", k, mt, mt),
|
|
7565
|
-
g.call(x + "_add", k,
|
|
7566
|
-
g.call(x + "_mul",
|
|
7567
|
-
g.call(x + "_mulNR", ht,
|
|
7568
|
-
g.call(x + "_add", ht,
|
|
7569
|
-
g.call(x + "_sub", mt,
|
|
7517
|
+
g.call(x + "_add", k, q, qt),
|
|
7518
|
+
g.call(x + "_mul", qt, mt, mt),
|
|
7519
|
+
g.call(x + "_mulNR", ht, qt),
|
|
7520
|
+
g.call(x + "_add", ht, qt, qt),
|
|
7521
|
+
g.call(x + "_sub", mt, qt, mt),
|
|
7570
7522
|
g.call(x + "_add", ht, ht, Ot),
|
|
7571
7523
|
// // t4 + t5*y = (z4 + z5*y)^2 = c^2
|
|
7572
7524
|
// tmp = z4 * z5;
|
|
@@ -7575,15 +7527,15 @@ var Cs = function(t, n) {
|
|
|
7575
7527
|
g.call(x + "_mul", R, j, ht),
|
|
7576
7528
|
g.call(x + "_mulNR", j, Ct),
|
|
7577
7529
|
g.call(x + "_add", R, Ct, Ct),
|
|
7578
|
-
g.call(x + "_add", R, j,
|
|
7579
|
-
g.call(x + "_mul",
|
|
7580
|
-
g.call(x + "_mulNR", ht,
|
|
7581
|
-
g.call(x + "_add", ht,
|
|
7582
|
-
g.call(x + "_sub", Ct,
|
|
7530
|
+
g.call(x + "_add", R, j, qt),
|
|
7531
|
+
g.call(x + "_mul", qt, Ct, Ct),
|
|
7532
|
+
g.call(x + "_mulNR", ht, qt),
|
|
7533
|
+
g.call(x + "_add", ht, qt, qt),
|
|
7534
|
+
g.call(x + "_sub", Ct, qt, Ct),
|
|
7583
7535
|
g.call(x + "_add", ht, ht, wt),
|
|
7584
7536
|
// For A
|
|
7585
7537
|
// z0 = 3 * t0 - 2 * z0
|
|
7586
|
-
g.call(x + "_sub", lt,
|
|
7538
|
+
g.call(x + "_sub", lt, M, Y),
|
|
7587
7539
|
g.call(x + "_add", Y, Y, Y),
|
|
7588
7540
|
g.call(x + "_add", lt, Y, Y),
|
|
7589
7541
|
// z1 = 3 * t1 + 2 * z1
|
|
@@ -7592,12 +7544,12 @@ var Cs = function(t, n) {
|
|
|
7592
7544
|
g.call(x + "_add", bt, ft, ft),
|
|
7593
7545
|
// For B
|
|
7594
7546
|
// z2 = 3 * (xi * t5) + 2 * z2
|
|
7595
|
-
g.call(x + "_mul", wt, g.i32_const(it),
|
|
7596
|
-
g.call(x + "_add",
|
|
7547
|
+
g.call(x + "_mul", wt, g.i32_const(it), qt),
|
|
7548
|
+
g.call(x + "_add", qt, k, et),
|
|
7597
7549
|
g.call(x + "_add", et, et, et),
|
|
7598
|
-
g.call(x + "_add",
|
|
7550
|
+
g.call(x + "_add", qt, et, et),
|
|
7599
7551
|
// z3 = 3 * t4 - 2 * z3
|
|
7600
|
-
g.call(x + "_sub", Ct,
|
|
7552
|
+
g.call(x + "_sub", Ct, q, H),
|
|
7601
7553
|
g.call(x + "_add", H, H, H),
|
|
7602
7554
|
g.call(x + "_add", Ct, H, H),
|
|
7603
7555
|
// For C
|
|
@@ -7611,15 +7563,15 @@ var Cs = function(t, n) {
|
|
|
7611
7563
|
g.call(x + "_add", Ot, _t, _t)
|
|
7612
7564
|
);
|
|
7613
7565
|
}
|
|
7614
|
-
function Vt(_, g,
|
|
7615
|
-
const R = S(_).map((H) => H == -1 ? 255 : H),
|
|
7566
|
+
function Vt(_, g, M) {
|
|
7567
|
+
const R = S(_).map((H) => H == -1 ? 255 : H), q = t.alloc(R), k = t.addFunction(e + "__cyclotomicExp_" + M);
|
|
7616
7568
|
k.addParam("x", "i32"), k.addParam("r", "i32"), k.addLocal("bit", "i32"), k.addLocal("i", "i32");
|
|
7617
7569
|
const U = k.getCodeBuilder(), j = U.getLocal("x"), Y = U.getLocal("r"), Z = U.i32_const(t.alloc(l));
|
|
7618
7570
|
k.addCode(
|
|
7619
7571
|
U.call(J + "_conjugate", j, Z),
|
|
7620
7572
|
U.call(J + "_one", Y),
|
|
7621
7573
|
U.if(
|
|
7622
|
-
U.teeLocal("bit", U.i32_load8_s(U.i32_const(R.length - 1),
|
|
7574
|
+
U.teeLocal("bit", U.i32_load8_s(U.i32_const(R.length - 1), q)),
|
|
7623
7575
|
U.if(
|
|
7624
7576
|
U.i32_eq(
|
|
7625
7577
|
U.getLocal("bit"),
|
|
@@ -7633,7 +7585,7 @@ var Cs = function(t, n) {
|
|
|
7633
7585
|
U.block(U.loop(
|
|
7634
7586
|
U.call(e + "__cyclotomicSquare", Y, Y),
|
|
7635
7587
|
U.if(
|
|
7636
|
-
U.teeLocal("bit", U.i32_load8_s(U.getLocal("i"),
|
|
7588
|
+
U.teeLocal("bit", U.i32_load8_s(U.getLocal("i"), q)),
|
|
7637
7589
|
U.if(
|
|
7638
7590
|
U.i32_eq(
|
|
7639
7591
|
U.getLocal("bit"),
|
|
@@ -7655,14 +7607,14 @@ var Cs = function(t, n) {
|
|
|
7655
7607
|
Ut(), Vt(h, I, "w0");
|
|
7656
7608
|
const _ = t.addFunction(e + "_finalExponentiation");
|
|
7657
7609
|
_.addParam("x", "i32"), _.addParam("r", "i32");
|
|
7658
|
-
const g = _.getCodeBuilder(),
|
|
7610
|
+
const g = _.getCodeBuilder(), M = g.getLocal("x"), R = g.getLocal("r"), q = g.i32_const(t.alloc(l)), k = g.i32_const(t.alloc(l)), U = g.i32_const(t.alloc(l)), j = g.i32_const(t.alloc(l)), Y = g.i32_const(t.alloc(l)), Z = g.i32_const(t.alloc(l)), H = g.i32_const(t.alloc(l));
|
|
7659
7611
|
_.addCode(
|
|
7660
7612
|
// let mut t0 = f.frobenius_map(6)
|
|
7661
|
-
g.call(J + "_frobeniusMap6",
|
|
7613
|
+
g.call(J + "_frobeniusMap6", M, q),
|
|
7662
7614
|
// let t1 = f.invert()
|
|
7663
|
-
g.call(J + "_inverse",
|
|
7615
|
+
g.call(J + "_inverse", M, k),
|
|
7664
7616
|
// let mut t2 = t0 * t1;
|
|
7665
|
-
g.call(J + "_mul",
|
|
7617
|
+
g.call(J + "_mul", q, k, U),
|
|
7666
7618
|
// t1 = t2.clone();
|
|
7667
7619
|
g.call(J + "_copy", U, k),
|
|
7668
7620
|
// t2 = t2.frobenius_map().frobenius_map();
|
|
@@ -7681,9 +7633,9 @@ var Cs = function(t, n) {
|
|
|
7681
7633
|
// t1 = cycolotomic_exp(t5);
|
|
7682
7634
|
g.call(e + "__cyclotomicExp_w0", Z, k),
|
|
7683
7635
|
// t0 = cycolotomic_exp(t1);
|
|
7684
|
-
g.call(e + "__cyclotomicExp_w0", k,
|
|
7636
|
+
g.call(e + "__cyclotomicExp_w0", k, q),
|
|
7685
7637
|
// let mut t6 = cycolotomic_exp(t0);
|
|
7686
|
-
g.call(e + "__cyclotomicExp_w0",
|
|
7638
|
+
g.call(e + "__cyclotomicExp_w0", q, H),
|
|
7687
7639
|
// t6 *= t4;
|
|
7688
7640
|
g.call(J + "_mul", H, Y, H),
|
|
7689
7641
|
// t4 = cycolotomic_exp(t6);
|
|
@@ -7704,7 +7656,7 @@ var Cs = function(t, n) {
|
|
|
7704
7656
|
// t6 = t6.frobenius_map();
|
|
7705
7657
|
g.call(J + "_frobeniusMap1", H, H),
|
|
7706
7658
|
// t3 *= t0;
|
|
7707
|
-
g.call(J + "_mul", j,
|
|
7659
|
+
g.call(J + "_mul", j, q, j),
|
|
7708
7660
|
// t3 = t3.frobenius_map().frobenius_map();
|
|
7709
7661
|
g.call(J + "_frobeniusMap2", j, j),
|
|
7710
7662
|
// t3 *= t1;
|
|
@@ -7718,61 +7670,61 @@ var Cs = function(t, n) {
|
|
|
7718
7670
|
function jt() {
|
|
7719
7671
|
const _ = t.addFunction(e + "_finalExponentiationOld");
|
|
7720
7672
|
_.addParam("x", "i32"), _.addParam("r", "i32");
|
|
7721
|
-
const
|
|
7673
|
+
const M = t.alloc(Et.bigInt2BytesLE(322277361516934140462891564586510139908379969514828494218366688025288661041104682794998680497580008899973249814104447692778988208376779573819485263026159588510513834876303014016798809919343532899164848730280942609956670917565618115867287399623286813270357901731510188149934363360381614501334086825442271920079363289954510565375378443704372994881406797882676971082200626541916413184642520269678897559532260949334760604962086348898118982248842634379637598665468817769075878555493752214492790122785850202957575200176084204422751485957336465472324810982833638490904279282696134323072515220044451592646885410572234451732790590013479358343841220074174848221722017083597872017638514103174122784843925578370430843522959600095676285723737049438346544753168912974976791528535276317256904336520179281145394686565050419250614107803233314658825463117900250701199181529205942363159325765991819433914303908860460720581408201373164047773794825411011922305820065611121544561808414055302212057471395719432072209245600258134364584636810093520285711072578721435517884103526483832733289802426157301542744476740008494780363354305116978805620671467071400711358839553375340724899735460480144599782014906586543813292157922220645089192130209334926661588737007768565838519456601560804957985667880395221049249803753582637708560n, 544)), R = _.getCodeBuilder();
|
|
7722
7674
|
_.addCode(
|
|
7723
|
-
R.call(J + "_exp", R.getLocal("x"), R.i32_const(
|
|
7675
|
+
R.call(J + "_exp", R.getLocal("x"), R.i32_const(M), R.i32_const(544), R.getLocal("r"))
|
|
7724
7676
|
);
|
|
7725
7677
|
}
|
|
7726
|
-
const
|
|
7678
|
+
const zt = t.alloc(c), Nt = t.alloc(w);
|
|
7727
7679
|
function Kt(_) {
|
|
7728
7680
|
const g = t.addFunction(e + "_pairingEq" + _);
|
|
7729
7681
|
for (let k = 0; k < _; k++)
|
|
7730
7682
|
g.addParam("p_" + k, "i32"), g.addParam("q_" + k, "i32");
|
|
7731
7683
|
g.addParam("c", "i32"), g.setReturnType("i32");
|
|
7732
|
-
const
|
|
7733
|
-
g.addCode(
|
|
7684
|
+
const M = g.getCodeBuilder(), R = M.i32_const(t.alloc(l)), q = M.i32_const(t.alloc(l));
|
|
7685
|
+
g.addCode(M.call(J + "_one", R));
|
|
7734
7686
|
for (let k = 0; k < _; k++)
|
|
7735
|
-
g.addCode(
|
|
7736
|
-
|
|
7737
|
-
|
|
7738
|
-
|
|
7687
|
+
g.addCode(M.call(e + "_prepareG1", M.getLocal("p_" + k), M.i32_const(zt))), g.addCode(M.call(e + "_prepareG2", M.getLocal("q_" + k), M.i32_const(Nt))), g.addCode(
|
|
7688
|
+
M.if(
|
|
7689
|
+
M.i32_eqz(M.call(z + "_inGroupAffine", M.i32_const(zt))),
|
|
7690
|
+
M.ret(M.i32_const(0))
|
|
7739
7691
|
),
|
|
7740
|
-
|
|
7741
|
-
|
|
7742
|
-
|
|
7692
|
+
M.if(
|
|
7693
|
+
M.i32_eqz(M.call(T + "_inGroupAffine", M.i32_const(Nt))),
|
|
7694
|
+
M.ret(M.i32_const(0))
|
|
7743
7695
|
)
|
|
7744
|
-
), g.addCode(
|
|
7745
|
-
g.addCode(
|
|
7696
|
+
), g.addCode(M.call(e + "_millerLoop", M.i32_const(zt), M.i32_const(Nt), q)), g.addCode(M.call(J + "_mul", R, q, R));
|
|
7697
|
+
g.addCode(M.call(e + "_finalExponentiation", R, R)), g.addCode(M.call(J + "_eq", R, M.getLocal("c")));
|
|
7746
7698
|
}
|
|
7747
7699
|
function en() {
|
|
7748
7700
|
const _ = t.addFunction(e + "_pairing");
|
|
7749
7701
|
_.addParam("p", "i32"), _.addParam("q", "i32"), _.addParam("r", "i32");
|
|
7750
|
-
const g = _.getCodeBuilder(),
|
|
7751
|
-
_.addCode(g.call(e + "_prepareG1", g.getLocal("p"), g.i32_const(
|
|
7702
|
+
const g = _.getCodeBuilder(), M = g.i32_const(t.alloc(l));
|
|
7703
|
+
_.addCode(g.call(e + "_prepareG1", g.getLocal("p"), g.i32_const(zt))), _.addCode(g.call(e + "_prepareG2", g.getLocal("q"), g.i32_const(Nt))), _.addCode(g.call(e + "_millerLoop", g.i32_const(zt), g.i32_const(Nt), M)), _.addCode(g.call(e + "_finalExponentiation", M, g.getLocal("r")));
|
|
7752
7704
|
}
|
|
7753
7705
|
function Zt() {
|
|
7754
|
-
const _ = t.addFunction(
|
|
7706
|
+
const _ = t.addFunction(T + "_inGroupAffine");
|
|
7755
7707
|
_.addParam("p", "i32"), _.setReturnType("i32");
|
|
7756
|
-
const g = _.getCodeBuilder(),
|
|
7708
|
+
const g = _.getCodeBuilder(), M = [
|
|
7757
7709
|
2001204777610833696708894912867952078278441409969503942666029068062015825245418932221343814564507832018947136279894n,
|
|
7758
7710
|
2001204777610833696708894912867952078278441409969503942666029068062015825245418932221343814564507832018947136279893n
|
|
7759
|
-
], R = 4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436n,
|
|
7711
|
+
], R = 4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436n, q = [
|
|
7760
7712
|
2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530n,
|
|
7761
7713
|
2973677408986561043442465346520108879172042883009249989176415018091420807192182638567116318576472649347015917690530n
|
|
7762
7714
|
], k = g.i32_const(t.alloc([
|
|
7763
|
-
...Et.bigInt2BytesLE(F(Q[0]), r),
|
|
7764
|
-
...Et.bigInt2BytesLE(F(Q[1]), r)
|
|
7765
|
-
])), U = g.i32_const(t.alloc(Et.bigInt2BytesLE(F(R), r))), j = g.i32_const(t.alloc([
|
|
7766
7715
|
...Et.bigInt2BytesLE(F(M[0]), r),
|
|
7767
7716
|
...Et.bigInt2BytesLE(F(M[1]), r)
|
|
7768
|
-
])),
|
|
7717
|
+
])), U = g.i32_const(t.alloc(Et.bigInt2BytesLE(F(R), r))), j = g.i32_const(t.alloc([
|
|
7718
|
+
...Et.bigInt2BytesLE(F(q[0]), r),
|
|
7719
|
+
...Et.bigInt2BytesLE(F(q[1]), r)
|
|
7720
|
+
])), Y = g.i32_const(t.alloc(Et.bigInt2BytesLE(h, 8))), Z = g.getLocal("p"), H = g.i32_add(g.getLocal("p"), g.i32_const(u)), et = g.i32_const(t.alloc(b)), ft = g.i32_const(t.alloc(u)), _t = g.i32_const(t.alloc(u)), lt = t.alloc(u * 2), bt = g.i32_const(lt), mt = g.i32_const(lt), Ot = g.i32_const(lt), Ct = g.i32_const(lt + b), wt = g.i32_const(lt + u), ht = g.i32_const(lt + u), qt = g.i32_const(lt + u + b), Ht = t.alloc(u * 3), Wt = g.i32_const(Ht), On = g.i32_const(Ht), pn = g.i32_const(Ht), Ln = g.i32_const(Ht + b), vn = g.i32_const(Ht + u), An = g.i32_const(Ht + u), bn = g.i32_const(Ht + u + b), Pn = g.i32_const(Ht + u * 2);
|
|
7769
7721
|
_.addCode(
|
|
7770
7722
|
g.if(
|
|
7771
|
-
g.call(
|
|
7723
|
+
g.call(T + "_isZeroAffine", g.getLocal("p")),
|
|
7772
7724
|
g.ret(g.i32_const(1))
|
|
7773
7725
|
),
|
|
7774
7726
|
g.if(
|
|
7775
|
-
g.i32_eqz(g.call(
|
|
7727
|
+
g.i32_eqz(g.call(T + "_inCurveAffine", g.getLocal("p"))),
|
|
7776
7728
|
g.ret(g.i32_const(0))
|
|
7777
7729
|
),
|
|
7778
7730
|
g.call(x + "_mul", Z, k, ft),
|
|
@@ -7784,8 +7736,8 @@ var Cs = function(t, n) {
|
|
|
7784
7736
|
g.call(P + "_sub", Ot, Ct, et),
|
|
7785
7737
|
g.call(P + "_add", Ot, Ct, Ct),
|
|
7786
7738
|
g.call(P + "_copy", et, Ot),
|
|
7787
|
-
g.call(P + "_sub", ht,
|
|
7788
|
-
g.call(P + "_add", ht,
|
|
7739
|
+
g.call(P + "_sub", ht, qt, et),
|
|
7740
|
+
g.call(P + "_add", ht, qt, qt),
|
|
7789
7741
|
g.call(P + "_copy", et, ht),
|
|
7790
7742
|
g.call(P + "_add", pn, Ln, et),
|
|
7791
7743
|
g.call(P + "_sub", pn, Ln, Ln),
|
|
@@ -7794,54 +7746,54 @@ var Cs = function(t, n) {
|
|
|
7794
7746
|
g.call(P + "_add", An, bn, bn),
|
|
7795
7747
|
g.call(P + "_copy", et, An),
|
|
7796
7748
|
g.call(x + "_one", Pn),
|
|
7797
|
-
g.call(
|
|
7798
|
-
g.call(
|
|
7749
|
+
g.call(T + "_timesScalar", Wt, Y, g.i32_const(8), Wt),
|
|
7750
|
+
g.call(T + "_addMixed", Wt, bt, Wt),
|
|
7799
7751
|
g.ret(
|
|
7800
|
-
g.call(
|
|
7752
|
+
g.call(T + "_eqMixed", Wt, g.getLocal("p"))
|
|
7801
7753
|
)
|
|
7802
7754
|
);
|
|
7803
|
-
const ln = t.addFunction(
|
|
7755
|
+
const ln = t.addFunction(T + "_inGroup");
|
|
7804
7756
|
ln.addParam("pIn", "i32"), ln.setReturnType("i32");
|
|
7805
7757
|
const on = ln.getCodeBuilder(), wn = on.i32_const(t.alloc(u * 2));
|
|
7806
7758
|
ln.addCode(
|
|
7807
|
-
on.call(
|
|
7759
|
+
on.call(T + "_toAffine", on.getLocal("pIn"), wn),
|
|
7808
7760
|
on.ret(
|
|
7809
|
-
on.call(
|
|
7761
|
+
on.call(T + "_inGroupAffine", wn)
|
|
7810
7762
|
)
|
|
7811
7763
|
);
|
|
7812
7764
|
}
|
|
7813
7765
|
function G() {
|
|
7814
|
-
const _ = t.addFunction(
|
|
7766
|
+
const _ = t.addFunction(z + "_inGroupAffine");
|
|
7815
7767
|
_.addParam("p", "i32"), _.setReturnType("i32");
|
|
7816
|
-
const g = _.getCodeBuilder(),
|
|
7768
|
+
const g = _.getCodeBuilder(), M = 4002409555221667392624310435006688643935503118305586438271171395842971157480381377015405980053539358417135540939436n, R = 793479390729215512621379701633421447060886740281060493010456487427281649075476305620758731620350n, q = (h * h - 1n) / 3n, k = g.i32_const(t.alloc(Et.bigInt2BytesLE(F(M), r))), U = g.i32_const(t.alloc(Et.bigInt2BytesLE(F(R), r))), j = g.i32_const(t.alloc(Et.bigInt2BytesLE(q, 16))), Y = g.getLocal("p"), Z = g.i32_add(g.getLocal("p"), g.i32_const(b)), H = t.alloc(b * 3), et = g.i32_const(H), ft = g.i32_const(H), _t = g.i32_const(H + b), lt = t.alloc(b * 2), bt = g.i32_const(lt), mt = g.i32_const(lt), Ot = g.i32_const(lt + b);
|
|
7817
7769
|
_.addCode(
|
|
7818
7770
|
g.if(
|
|
7819
|
-
g.call(
|
|
7771
|
+
g.call(z + "_isZeroAffine", g.getLocal("p")),
|
|
7820
7772
|
g.ret(g.i32_const(1))
|
|
7821
7773
|
),
|
|
7822
7774
|
g.if(
|
|
7823
|
-
g.i32_eqz(g.call(
|
|
7775
|
+
g.i32_eqz(g.call(z + "_inCurveAffine", g.getLocal("p"))),
|
|
7824
7776
|
g.ret(g.i32_const(0))
|
|
7825
7777
|
),
|
|
7826
7778
|
g.call(P + "_mul", Y, k, ft),
|
|
7827
7779
|
g.call(P + "_copy", Z, _t),
|
|
7828
7780
|
g.call(P + "_mul", Y, U, mt),
|
|
7829
7781
|
g.call(P + "_copy", Z, Ot),
|
|
7830
|
-
g.call(
|
|
7831
|
-
g.call(
|
|
7832
|
-
g.call(
|
|
7833
|
-
g.call(
|
|
7782
|
+
g.call(z + "_doubleAffine", et, et),
|
|
7783
|
+
g.call(z + "_subMixed", et, g.getLocal("p"), et),
|
|
7784
|
+
g.call(z + "_subMixed", et, bt, et),
|
|
7785
|
+
g.call(z + "_timesScalar", et, j, g.i32_const(16), et),
|
|
7834
7786
|
g.ret(
|
|
7835
|
-
g.call(
|
|
7787
|
+
g.call(z + "_eqMixed", et, bt)
|
|
7836
7788
|
)
|
|
7837
7789
|
);
|
|
7838
|
-
const Ct = t.addFunction(
|
|
7790
|
+
const Ct = t.addFunction(z + "_inGroup");
|
|
7839
7791
|
Ct.addParam("pIn", "i32"), Ct.setReturnType("i32");
|
|
7840
7792
|
const wt = Ct.getCodeBuilder(), ht = wt.i32_const(t.alloc(b * 2));
|
|
7841
7793
|
Ct.addCode(
|
|
7842
|
-
wt.call(
|
|
7794
|
+
wt.call(z + "_toAffine", wt.getLocal("pIn"), ht),
|
|
7843
7795
|
wt.ret(
|
|
7844
|
-
wt.call(
|
|
7796
|
+
wt.call(z + "_inGroupAffine", ht)
|
|
7845
7797
|
)
|
|
7846
7798
|
);
|
|
7847
7799
|
}
|
|
@@ -7850,7 +7802,7 @@ var Cs = function(t, n) {
|
|
|
7850
7802
|
G(), Zt(), It(), at(), N(), ut(), yt(), jt(), Dt();
|
|
7851
7803
|
for (let _ = 1; _ <= 5; _++)
|
|
7852
7804
|
Kt(_), t.exportFunction(e + "_pairingEq" + _);
|
|
7853
|
-
en(), t.exportFunction(e + "_pairing"), t.exportFunction(e + "_prepareG1"), t.exportFunction(e + "_prepareG2"), t.exportFunction(e + "_millerLoop"), t.exportFunction(e + "_finalExponentiation"), t.exportFunction(e + "_finalExponentiationOld"), t.exportFunction(e + "__cyclotomicSquare"), t.exportFunction(e + "__cyclotomicExp_w0"), t.exportFunction(K + "_mul1"), t.exportFunction(K + "_mul01"), t.exportFunction(J + "_mul014"), t.exportFunction(
|
|
7805
|
+
en(), t.exportFunction(e + "_pairing"), t.exportFunction(e + "_prepareG1"), t.exportFunction(e + "_prepareG2"), t.exportFunction(e + "_millerLoop"), t.exportFunction(e + "_finalExponentiation"), t.exportFunction(e + "_finalExponentiationOld"), t.exportFunction(e + "__cyclotomicSquare"), t.exportFunction(e + "__cyclotomicExp_w0"), t.exportFunction(K + "_mul1"), t.exportFunction(K + "_mul01"), t.exportFunction(J + "_mul014"), t.exportFunction(z + "_inGroupAffine"), t.exportFunction(z + "_inGroup"), t.exportFunction(T + "_inGroupAffine"), t.exportFunction(T + "_inGroup");
|
|
7854
7806
|
}, ms = hs, ws = Cs;
|
|
7855
7807
|
function Ve(o) {
|
|
7856
7808
|
if (typeof o == "bigint" || o.eq !== void 0)
|
|
@@ -8007,7 +7959,7 @@ var Ss = /* @__PURE__ */ Object.freeze({
|
|
|
8007
7959
|
unstringifyFElements: Ye
|
|
8008
7960
|
});
|
|
8009
7961
|
const Gt = 1 << 30;
|
|
8010
|
-
class
|
|
7962
|
+
class Qt {
|
|
8011
7963
|
constructor(t) {
|
|
8012
7964
|
this.buffers = [], this.byteLength = t;
|
|
8013
7965
|
for (let n = 0; n < t; n += Gt) {
|
|
@@ -8025,7 +7977,7 @@ class qt {
|
|
|
8025
7977
|
const l = b + u > Gt ? Gt - b : u, C = new Uint8Array(this.buffers[r].buffer, this.buffers[r].byteOffset + b, l);
|
|
8026
7978
|
if (l == e)
|
|
8027
7979
|
return C.slice();
|
|
8028
|
-
d || (e <= Gt ? d = new Uint8Array(e) : d = new
|
|
7980
|
+
d || (e <= Gt ? d = new Uint8Array(e) : d = new Qt(e)), d.set(C, e - u), u = u - l, r++, b = 0;
|
|
8029
7981
|
}
|
|
8030
7982
|
return d;
|
|
8031
7983
|
}
|
|
@@ -8036,7 +7988,7 @@ class qt {
|
|
|
8036
7988
|
return;
|
|
8037
7989
|
const i = Math.floor(n / Gt), s = Math.floor((n + e - 1) / Gt);
|
|
8038
7990
|
if (i == s)
|
|
8039
|
-
return t instanceof
|
|
7991
|
+
return t instanceof Qt && t.buffers.length == 1 ? this.buffers[i].set(t.buffers[0], n % Gt) : this.buffers[i].set(t, n % Gt);
|
|
8040
7992
|
let d = i, r = n % Gt, b = e;
|
|
8041
7993
|
for (; b > 0; ) {
|
|
8042
7994
|
const u = r + b > Gt ? Gt - r : b, l = t.slice(e - b, e - b + u);
|
|
@@ -8070,7 +8022,7 @@ function Cn(o, t, n, e) {
|
|
|
8070
8022
|
}
|
|
8071
8023
|
const u = await Promise.all(b);
|
|
8072
8024
|
let l;
|
|
8073
|
-
s instanceof
|
|
8025
|
+
s instanceof Qt ? l = new Qt(d * e) : l = new Uint8Array(d * e);
|
|
8074
8026
|
let C = 0;
|
|
8075
8027
|
for (let B = 0; B < u.length; B++)
|
|
8076
8028
|
l.set(u[B][0], C), C += u[B][0].byteLength;
|
|
@@ -8079,16 +8031,16 @@ function Cn(o, t, n, e) {
|
|
|
8079
8031
|
}
|
|
8080
8032
|
class jo {
|
|
8081
8033
|
constructor(t, n, e, i) {
|
|
8082
|
-
if (this.tm = t, this.prefix = n, this.p = i, this.n8 = e, this.type = "F1", this.m = 1, this.half =
|
|
8034
|
+
if (this.tm = t, this.prefix = n, this.p = i, this.n8 = e, this.type = "F1", this.m = 1, this.half = Qn(i, Fn), this.bitLength = Wn(i), this.mask = _n(ge(Fn, this.bitLength), Fn), this.pOp1 = t.alloc(e), this.pOp2 = t.alloc(e), this.pOp3 = t.alloc(e), this.tm.instance.exports[n + "_zero"](this.pOp1), this.zero = this.tm.getBuff(this.pOp1, this.n8), this.tm.instance.exports[n + "_one"](this.pOp1), this.one = this.tm.getBuff(this.pOp1, this.n8), this.negone = this.neg(this.one), this.two = this.add(this.one, this.one), this.n64 = Math.floor(e / 8), this.n32 = Math.floor(e / 4), this.n64 * 8 != this.n8)
|
|
8083
8035
|
throw new Error("n8 must be a multiple of 8");
|
|
8084
|
-
this.half =
|
|
8036
|
+
this.half = Qn(this.p, Fn), this.nqr = this.two;
|
|
8085
8037
|
let s = this.exp(this.nqr, this.half);
|
|
8086
8038
|
for (; !this.eq(s, this.negone); )
|
|
8087
8039
|
this.nqr = this.add(this.nqr, this.one), s = this.exp(this.nqr, this.half);
|
|
8088
8040
|
this.shift = this.mul(this.nqr, this.nqr), this.shiftInv = this.inv(this.shift), this.s = 0;
|
|
8089
8041
|
let d = _n(this.p, Fn);
|
|
8090
8042
|
for (; !_o(d); )
|
|
8091
|
-
this.s = this.s + 1, d =
|
|
8043
|
+
this.s = this.s + 1, d = Qn(d, Fn);
|
|
8092
8044
|
this.w = [], this.w[this.s] = this.exp(this.nqr, d);
|
|
8093
8045
|
for (let r = this.s - 1; r >= 0; r--)
|
|
8094
8046
|
this.w[r] = this.square(this.w[r + 1]);
|
|
@@ -8148,7 +8100,7 @@ class jo {
|
|
|
8148
8100
|
return this.op1("_sqrt", t);
|
|
8149
8101
|
}
|
|
8150
8102
|
exp(t, n) {
|
|
8151
|
-
return n instanceof Uint8Array || (n = Un(
|
|
8103
|
+
return n instanceof Uint8Array || (n = Un(Tt(n))), this.tm.setBuff(this.pOp1, t), this.tm.setBuff(this.pOp2, n), this.tm.instance.exports[this.prefix + "_exp"](this.pOp1, this.pOp2, n.byteLength, this.pOp3), this.tm.getBuff(this.pOp3, this.n8);
|
|
8152
8104
|
}
|
|
8153
8105
|
isNegative(t) {
|
|
8154
8106
|
return this.op1Bool("_isNegative", t);
|
|
@@ -8156,8 +8108,8 @@ class jo {
|
|
|
8156
8108
|
e(t, n) {
|
|
8157
8109
|
if (t instanceof Uint8Array)
|
|
8158
8110
|
return t;
|
|
8159
|
-
let e =
|
|
8160
|
-
|
|
8111
|
+
let e = Tt(t, n);
|
|
8112
|
+
Qi(e) ? (e = Ti(e), He(e, this.p) && (e = an(e, this.p)), e = _n(this.p, e)) : He(e, this.p) && (e = an(e, this.p));
|
|
8161
8113
|
const i = ca(e, this.n8);
|
|
8162
8114
|
return this.toMontgomery(i);
|
|
8163
8115
|
}
|
|
@@ -8233,7 +8185,7 @@ class jo {
|
|
|
8233
8185
|
}
|
|
8234
8186
|
const b = await Promise.all(r);
|
|
8235
8187
|
let u;
|
|
8236
|
-
t instanceof
|
|
8188
|
+
t instanceof Qt ? u = new Qt(s * i) : u = new Uint8Array(s * i);
|
|
8237
8189
|
let l = 0;
|
|
8238
8190
|
for (let C = 0; C < b.length; C++)
|
|
8239
8191
|
u.set(b[C][0], l), l += b[C][0].byteLength;
|
|
@@ -8302,7 +8254,7 @@ class $o {
|
|
|
8302
8254
|
return this.op1("_sqrt", t);
|
|
8303
8255
|
}
|
|
8304
8256
|
exp(t, n) {
|
|
8305
|
-
return n instanceof Uint8Array || (n = Un(
|
|
8257
|
+
return n instanceof Uint8Array || (n = Un(Tt(n))), this.tm.setBuff(this.pOp1, t), this.tm.setBuff(this.pOp2, n), this.tm.instance.exports[this.prefix + "_exp"](this.pOp1, this.pOp2, n.byteLength, this.pOp3), this.tm.getBuff(this.pOp3, this.n8);
|
|
8306
8258
|
}
|
|
8307
8259
|
e(t, n) {
|
|
8308
8260
|
if (t instanceof Uint8Array)
|
|
@@ -8398,7 +8350,7 @@ class Os {
|
|
|
8398
8350
|
return this.op1("_sqrt", t);
|
|
8399
8351
|
}
|
|
8400
8352
|
exp(t, n) {
|
|
8401
|
-
return n instanceof Uint8Array || (n = Un(
|
|
8353
|
+
return n instanceof Uint8Array || (n = Un(Tt(n))), this.tm.setBuff(this.pOp1, t), this.tm.setBuff(this.pOp2, n), this.tm.instance.exports[this.prefix + "_exp"](this.pOp1, this.pOp2, n.byteLength, this.pOp3), this.getBuff(this.pOp3, this.n8);
|
|
8402
8354
|
}
|
|
8403
8355
|
e(t, n) {
|
|
8404
8356
|
if (t instanceof Uint8Array)
|
|
@@ -8511,7 +8463,7 @@ class Yo {
|
|
|
8511
8463
|
throw new Error("invalid point size");
|
|
8512
8464
|
}
|
|
8513
8465
|
timesScalar(t, n) {
|
|
8514
|
-
n instanceof Uint8Array || (n = Un(
|
|
8466
|
+
n instanceof Uint8Array || (n = Un(Tt(n)));
|
|
8515
8467
|
let e;
|
|
8516
8468
|
if (t.byteLength == this.F.n8 * 3)
|
|
8517
8469
|
e = this.prefix + "_timesScalar";
|
|
@@ -8733,8 +8685,8 @@ function vs(o) {
|
|
|
8733
8685
|
break;
|
|
8734
8686
|
case "CALL": {
|
|
8735
8687
|
const E = [];
|
|
8736
|
-
for (let
|
|
8737
|
-
const x = l[P].params[
|
|
8688
|
+
for (let z = 0; z < l[P].params.length; z++) {
|
|
8689
|
+
const x = l[P].params[z];
|
|
8738
8690
|
typeof x.var < "u" ? E.push(C.vars[x.var] + (x.offset || 0)) : typeof x.val < "u" && E.push(x.val);
|
|
8739
8691
|
}
|
|
8740
8692
|
n.exports[l[P].fnName](...E);
|
|
@@ -8751,7 +8703,7 @@ function vs(o) {
|
|
|
8751
8703
|
}
|
|
8752
8704
|
return u;
|
|
8753
8705
|
}
|
|
8754
|
-
const
|
|
8706
|
+
const Qe = 25;
|
|
8755
8707
|
class Zo {
|
|
8756
8708
|
constructor() {
|
|
8757
8709
|
this.promise = new Promise((t, n) => {
|
|
@@ -8888,9 +8840,9 @@ if (globalThis?.Blob) {
|
|
|
8888
8840
|
Ze = URL.createObjectURL(t);
|
|
8889
8841
|
} else
|
|
8890
8842
|
Ze = "data:application/javascript;base64," + globalThis.btoa(Jo);
|
|
8891
|
-
async function
|
|
8892
|
-
const n = new
|
|
8893
|
-
n.memory = new WebAssembly.Memory({ initial:
|
|
8843
|
+
async function qs(o, t) {
|
|
8844
|
+
const n = new Qs();
|
|
8845
|
+
n.memory = new WebAssembly.Memory({ initial: Qe }), n.u8 = new Uint8Array(n.memory.buffer), n.u32 = new Uint32Array(n.memory.buffer);
|
|
8894
8846
|
const e = await WebAssembly.compile(o.code);
|
|
8895
8847
|
if (n.instance = await WebAssembly.instantiate(e, {
|
|
8896
8848
|
env: {
|
|
@@ -8899,7 +8851,7 @@ async function Ms(o, t) {
|
|
|
8899
8851
|
}), globalThis?.Worker || (t = !0), n.singleThread = t, n.initalPFree = n.u32[0], n.pq = o.pq, n.pr = o.pr, n.pG1gen = o.pG1gen, n.pG1zero = o.pG1zero, n.pG2gen = o.pG2gen, n.pG2zero = o.pG2zero, n.pOneT = o.pOneT, t)
|
|
8900
8852
|
n.code = o.code, n.taskManager = vs(), await n.taskManager([{
|
|
8901
8853
|
cmd: "INIT",
|
|
8902
|
-
init:
|
|
8854
|
+
init: Qe,
|
|
8903
8855
|
code: n.code.slice()
|
|
8904
8856
|
}]), n.concurrency = 1;
|
|
8905
8857
|
else {
|
|
@@ -8913,7 +8865,7 @@ async function Ms(o, t) {
|
|
|
8913
8865
|
const b = o.code.slice();
|
|
8914
8866
|
d.push(n.postAction(r, [{
|
|
8915
8867
|
cmd: "INIT",
|
|
8916
|
-
init:
|
|
8868
|
+
init: Qe,
|
|
8917
8869
|
code: b
|
|
8918
8870
|
}], [b.buffer]));
|
|
8919
8871
|
}
|
|
@@ -8927,7 +8879,7 @@ async function Ms(o, t) {
|
|
|
8927
8879
|
};
|
|
8928
8880
|
}
|
|
8929
8881
|
}
|
|
8930
|
-
class
|
|
8882
|
+
class Qs {
|
|
8931
8883
|
constructor() {
|
|
8932
8884
|
this.actionQueue = [], this.oldPFree = 0;
|
|
8933
8885
|
}
|
|
@@ -8991,7 +8943,7 @@ class qs {
|
|
|
8991
8943
|
await Ps(200);
|
|
8992
8944
|
}
|
|
8993
8945
|
}
|
|
8994
|
-
function
|
|
8946
|
+
function Me(o, t) {
|
|
8995
8947
|
const n = o[t], e = o.Fr, i = o.tm;
|
|
8996
8948
|
o[t].batchApplyKey = async function(s, d, r, b, u) {
|
|
8997
8949
|
b = b || "affine", u = u || "affine";
|
|
@@ -9004,7 +8956,7 @@ function Qe(o, t) {
|
|
|
9004
8956
|
l = "frm_batchApplyKey", B = n.n8, A = n.n8, O = n.n8;
|
|
9005
8957
|
else
|
|
9006
8958
|
throw new Error("Invalid group: " + t);
|
|
9007
|
-
const P = Math.floor(s.byteLength / B), E = Math.floor(P / i.concurrency),
|
|
8959
|
+
const P = Math.floor(s.byteLength / B), E = Math.floor(P / i.concurrency), z = [];
|
|
9008
8960
|
r = e.e(r);
|
|
9009
8961
|
let x = e.e(d);
|
|
9010
8962
|
for (let F = 0; F < i.concurrency; F++) {
|
|
@@ -9034,18 +8986,18 @@ function Qe(o, t) {
|
|
|
9034
8986
|
{ val: f },
|
|
9035
8987
|
{ var: 3 }
|
|
9036
8988
|
]
|
|
9037
|
-
}), L.push({ cmd: "GET", out: 0, var: 3, len: f * O }),
|
|
8989
|
+
}), L.push({ cmd: "GET", out: 0, var: 3, len: f * O }), z.push(i.queueAction(L)), x = e.mul(x, e.exp(r, f));
|
|
9038
8990
|
}
|
|
9039
|
-
const ot = await Promise.all(
|
|
9040
|
-
let
|
|
9041
|
-
s instanceof
|
|
8991
|
+
const ot = await Promise.all(z);
|
|
8992
|
+
let T;
|
|
8993
|
+
s instanceof Qt ? T = new Qt(P * O) : T = new Uint8Array(P * O);
|
|
9042
8994
|
let rt = 0;
|
|
9043
8995
|
for (let F = 0; F < ot.length; F++)
|
|
9044
|
-
|
|
9045
|
-
return
|
|
8996
|
+
T.set(ot[F][0], rt), rt += ot[F][0].byteLength;
|
|
8997
|
+
return T;
|
|
9046
8998
|
};
|
|
9047
8999
|
}
|
|
9048
|
-
function
|
|
9000
|
+
function Ms(o) {
|
|
9049
9001
|
const t = o.tm;
|
|
9050
9002
|
o.pairing = function(e, i) {
|
|
9051
9003
|
t.startSyncOp();
|
|
@@ -9167,8 +9119,8 @@ function Xo(o, t) {
|
|
|
9167
9119
|
const O = Math.floor(r.byteLength / A);
|
|
9168
9120
|
if (O * A != r.byteLength)
|
|
9169
9121
|
throw new Error("Scalar size does not match");
|
|
9170
|
-
const P = Wo[Jt(A)], E = Math.floor((O * 8 - 1) / P) + 1,
|
|
9171
|
-
for (let
|
|
9122
|
+
const P = Wo[Jt(A)], E = Math.floor((O * 8 - 1) / P) + 1, z = [];
|
|
9123
|
+
for (let T = 0; T < E; T++) {
|
|
9172
9124
|
const rt = [
|
|
9173
9125
|
{ cmd: "ALLOCSET", var: 0, buff: d },
|
|
9174
9126
|
{ cmd: "ALLOCSET", var: 1, buff: r },
|
|
@@ -9178,23 +9130,23 @@ function Xo(o, t) {
|
|
|
9178
9130
|
{ var: 1 },
|
|
9179
9131
|
{ val: O },
|
|
9180
9132
|
{ val: A },
|
|
9181
|
-
{ val:
|
|
9182
|
-
{ val: Math.min(O * 8 -
|
|
9133
|
+
{ val: T * P },
|
|
9134
|
+
{ val: Math.min(O * 8 - T * P, P) },
|
|
9183
9135
|
{ var: 2 }
|
|
9184
9136
|
] },
|
|
9185
9137
|
{ cmd: "GET", out: 0, var: 2, len: n.F.n8 * 3 }
|
|
9186
9138
|
];
|
|
9187
|
-
|
|
9139
|
+
z.push(
|
|
9188
9140
|
n.tm.queueAction(rt)
|
|
9189
9141
|
);
|
|
9190
9142
|
}
|
|
9191
|
-
const x = await Promise.all(
|
|
9143
|
+
const x = await Promise.all(z);
|
|
9192
9144
|
let ot = n.zero;
|
|
9193
|
-
for (let
|
|
9145
|
+
for (let T = x.length - 1; T >= 0; T--) {
|
|
9194
9146
|
if (!n.isZero(ot))
|
|
9195
9147
|
for (let rt = 0; rt < P; rt++)
|
|
9196
9148
|
ot = n.double(ot);
|
|
9197
|
-
ot = n.add(ot, x[
|
|
9149
|
+
ot = n.add(ot, x[T][0]);
|
|
9198
9150
|
}
|
|
9199
9151
|
return ot;
|
|
9200
9152
|
}
|
|
@@ -9212,19 +9164,19 @@ function Xo(o, t) {
|
|
|
9212
9164
|
const P = Math.floor(r.byteLength / O);
|
|
9213
9165
|
if (P * O != r.byteLength)
|
|
9214
9166
|
throw new Error("Scalar size does not match");
|
|
9215
|
-
const E = Wo[Jt(O)],
|
|
9167
|
+
const E = Wo[Jt(O)], z = Math.floor((P * 8 - 1) / E) + 1;
|
|
9216
9168
|
let x;
|
|
9217
|
-
x = Math.floor(O / (e.concurrency /
|
|
9169
|
+
x = Math.floor(O / (e.concurrency / z)), x > 4194304 && (x = 4194304), x < 1024 && (x = 1024);
|
|
9218
9170
|
const ot = [];
|
|
9219
9171
|
for (let F = 0; F < O; F += x) {
|
|
9220
9172
|
u && u.debug(`Multiexp start: ${l}: ${F}/${O}`);
|
|
9221
9173
|
const f = Math.min(O - F, x), L = d.slice(F * A, (F + f) * A), V = r.slice(F * P, (F + f) * P);
|
|
9222
9174
|
ot.push(i(L, V, b, u, l).then(($) => (u && u.debug(`Multiexp end: ${l}: ${F}/${O}`), $)));
|
|
9223
9175
|
}
|
|
9224
|
-
const
|
|
9176
|
+
const T = await Promise.all(ot);
|
|
9225
9177
|
let rt = n.zero;
|
|
9226
|
-
for (let F =
|
|
9227
|
-
rt = n.add(rt,
|
|
9178
|
+
for (let F = T.length - 1; F >= 0; F--)
|
|
9179
|
+
rt = n.add(rt, T[F]);
|
|
9228
9180
|
return rt;
|
|
9229
9181
|
}
|
|
9230
9182
|
n.multiExp = async function(r, b, u, l) {
|
|
@@ -9238,8 +9190,8 @@ function Ue(o, t) {
|
|
|
9238
9190
|
async function s(u, l, C, B, A, O) {
|
|
9239
9191
|
C = C || "affine", B = B || "affine";
|
|
9240
9192
|
const P = 14;
|
|
9241
|
-
let E,
|
|
9242
|
-
t == "G1" ? (C == "affine" ? (E = n.F.n8 * 2, ot = "g1m_batchToJacobian") : E = n.F.n8 * 3,
|
|
9193
|
+
let E, z, x, ot, T, rt, F, f;
|
|
9194
|
+
t == "G1" ? (C == "affine" ? (E = n.F.n8 * 2, ot = "g1m_batchToJacobian") : E = n.F.n8 * 3, z = n.F.n8 * 3, l && (f = "g1m_fftFinal"), F = "g1m_fftJoin", rt = "g1m_fftMix", B == "affine" ? (x = n.F.n8 * 2, T = "g1m_batchToAffine") : x = n.F.n8 * 3) : t == "G2" ? (C == "affine" ? (E = n.F.n8 * 2, ot = "g2m_batchToJacobian") : E = n.F.n8 * 3, z = n.F.n8 * 3, l && (f = "g2m_fftFinal"), F = "g2m_fftJoin", rt = "g2m_fftMix", B == "affine" ? (x = n.F.n8 * 2, T = "g2m_batchToAffine") : x = n.F.n8 * 3) : t == "Fr" && (E = n.n8, z = n.n8, x = n.n8, l && (f = "frm_fftFinal"), rt = "frm_fftMix", F = "frm_fftJoin");
|
|
9243
9195
|
let L = !1;
|
|
9244
9196
|
Array.isArray(u) ? (u = Io(u, E), L = !0) : u = u.slice(0, u.byteLength);
|
|
9245
9197
|
const V = u.byteLength / E, $ = Jt(V);
|
|
@@ -9251,7 +9203,7 @@ function Ue(o, t) {
|
|
|
9251
9203
|
}
|
|
9252
9204
|
let X;
|
|
9253
9205
|
l && (X = e.inv(e.e(V)));
|
|
9254
|
-
let
|
|
9206
|
+
let Q;
|
|
9255
9207
|
la(u, E);
|
|
9256
9208
|
let y, v = Math.min(1 << P, V), D = V / v;
|
|
9257
9209
|
for (; D < i.concurrency && v >= 16; )
|
|
@@ -9260,7 +9212,7 @@ function Ue(o, t) {
|
|
|
9260
9212
|
for (let K = 0; K < D; K++) {
|
|
9261
9213
|
A && A.debug(`${O}: fft ${$} mix start: ${K}/${D}`);
|
|
9262
9214
|
const ct = [];
|
|
9263
|
-
ct.push({ cmd: "ALLOC", var: 0, len:
|
|
9215
|
+
ct.push({ cmd: "ALLOC", var: 0, len: z * v });
|
|
9264
9216
|
const J = u.slice(v * K * E, v * (K + 1) * E);
|
|
9265
9217
|
ct.push({ cmd: "SET", var: 0, buff: J }), ot && ct.push({ cmd: "CALL", fnName: ot, params: [{ var: 0 }, { val: v }, { var: 0 }] });
|
|
9266
9218
|
for (let st = 1; st <= it; st++)
|
|
@@ -9269,7 +9221,7 @@ function Ue(o, t) {
|
|
|
9269
9221
|
{ var: 0 },
|
|
9270
9222
|
{ val: v },
|
|
9271
9223
|
{ var: 1 }
|
|
9272
|
-
] })),
|
|
9224
|
+
] })), T && ct.push({ cmd: "CALL", fnName: T, params: [{ var: 0 }, { val: v }, { var: 0 }] }), ct.push({ cmd: "GET", out: 0, var: 0, len: v * x })) : ct.push({ cmd: "GET", out: 0, var: 0, len: z * v }), nt.push(i.queueAction(ct).then((st) => (A && A.debug(`${O}: fft ${$} mix end: ${K}/${D}`), st)));
|
|
9273
9225
|
}
|
|
9274
9226
|
y = await Promise.all(nt);
|
|
9275
9227
|
for (let K = 0; K < D; K++)
|
|
@@ -9294,7 +9246,7 @@ function Ue(o, t) {
|
|
|
9294
9246
|
{ var: 1 },
|
|
9295
9247
|
{ val: v },
|
|
9296
9248
|
{ var: 4 }
|
|
9297
|
-
] })),
|
|
9249
|
+
] })), T && (w.push({ cmd: "CALL", fnName: T, params: [{ var: 0 }, { val: v }, { var: 0 }] }), w.push({ cmd: "CALL", fnName: T, params: [{ var: 1 }, { val: v }, { var: 1 }] })), w.push({ cmd: "GET", out: 0, var: 0, len: v * x }), w.push({ cmd: "GET", out: 1, var: 1, len: v * x })) : (w.push({ cmd: "GET", out: 0, var: 0, len: v * z }), w.push({ cmd: "GET", out: 1, var: 1, len: v * z })), st.push(i.queueAction(w).then((I) => (A && A.debug(`${O}: fft ${$} join ${K}/${$} ${Bt + 1}/${ct} ${pt}/${J / 2}`), I)));
|
|
9298
9250
|
}
|
|
9299
9251
|
const At = await Promise.all(st);
|
|
9300
9252
|
for (let Bt = 0; Bt < ct; Bt++)
|
|
@@ -9303,43 +9255,43 @@ function Ue(o, t) {
|
|
|
9303
9255
|
y[p] = m[0], y[a] = m[1];
|
|
9304
9256
|
}
|
|
9305
9257
|
}
|
|
9306
|
-
if (u instanceof
|
|
9307
|
-
|
|
9258
|
+
if (u instanceof Qt ? Q = new Qt(V * x) : Q = new Uint8Array(V * x), l) {
|
|
9259
|
+
Q.set(y[0].slice((v - 1) * x));
|
|
9308
9260
|
let K = x;
|
|
9309
9261
|
for (let ct = D - 1; ct > 0; ct--)
|
|
9310
|
-
|
|
9311
|
-
|
|
9262
|
+
Q.set(y[ct], K), K += v * x, delete y[ct];
|
|
9263
|
+
Q.set(y[0].slice(0, (v - 1) * x), K), delete y[0];
|
|
9312
9264
|
} else
|
|
9313
9265
|
for (let K = 0; K < D; K++)
|
|
9314
|
-
|
|
9315
|
-
return L ? he(
|
|
9266
|
+
Q.set(y[K], v * x * K), delete y[K];
|
|
9267
|
+
return L ? he(Q, x) : Q;
|
|
9316
9268
|
}
|
|
9317
9269
|
async function d(u, l, C, B, A) {
|
|
9318
9270
|
let O, P;
|
|
9319
9271
|
O = u.slice(0, u.byteLength / 2), P = u.slice(u.byteLength / 2, u.byteLength);
|
|
9320
9272
|
const E = [];
|
|
9321
9273
|
[O, P] = await b(O, P, "fftJoinExt", e.one, e.shift, l, "jacobian", B, A), E.push(s(O, !1, "jacobian", C, B, A)), E.push(s(P, !1, "jacobian", C, B, A));
|
|
9322
|
-
const
|
|
9274
|
+
const z = await Promise.all(E);
|
|
9323
9275
|
let x;
|
|
9324
|
-
return
|
|
9276
|
+
return z[0].byteLength > 1 << 28 ? x = new Qt(z[0].byteLength * 2) : x = new Uint8Array(z[0].byteLength * 2), x.set(z[0]), x.set(z[1], z[0].byteLength), x;
|
|
9325
9277
|
}
|
|
9326
9278
|
async function r(u, l, C, B, A) {
|
|
9327
9279
|
let O, P;
|
|
9328
9280
|
O = u.slice(0, u.byteLength / 2), P = u.slice(u.byteLength / 2, u.byteLength);
|
|
9329
9281
|
const E = [];
|
|
9330
9282
|
E.push(s(O, !0, l, "jacobian", B, A)), E.push(s(P, !0, l, "jacobian", B, A)), [O, P] = await Promise.all(E);
|
|
9331
|
-
const
|
|
9283
|
+
const z = await b(O, P, "fftJoinExtInv", e.one, e.shiftInv, "jacobian", C, B, A);
|
|
9332
9284
|
let x;
|
|
9333
|
-
return
|
|
9285
|
+
return z[0].byteLength > 1 << 28 ? x = new Qt(z[0].byteLength * 2) : x = new Uint8Array(z[0].byteLength * 2), x.set(z[0]), x.set(z[1], z[0].byteLength), x;
|
|
9334
9286
|
}
|
|
9335
|
-
async function b(u, l, C, B, A, O, P, E,
|
|
9336
|
-
let
|
|
9287
|
+
async function b(u, l, C, B, A, O, P, E, z) {
|
|
9288
|
+
let T, rt, F, f, L, V;
|
|
9337
9289
|
if (t == "G1")
|
|
9338
|
-
O == "affine" ? (L = n.F.n8 * 2, rt = "g1m_batchToJacobian") : L = n.F.n8 * 3, V = n.F.n8 * 3,
|
|
9290
|
+
O == "affine" ? (L = n.F.n8 * 2, rt = "g1m_batchToJacobian") : L = n.F.n8 * 3, V = n.F.n8 * 3, T = "g1m_" + C, P == "affine" ? (F = "g1m_batchToAffine", f = n.F.n8 * 2) : f = n.F.n8 * 3;
|
|
9339
9291
|
else if (t == "G2")
|
|
9340
|
-
O == "affine" ? (L = n.F.n8 * 2, rt = "g2m_batchToJacobian") : L = n.F.n8 * 3,
|
|
9292
|
+
O == "affine" ? (L = n.F.n8 * 2, rt = "g2m_batchToJacobian") : L = n.F.n8 * 3, T = "g2m_" + C, V = n.F.n8 * 3, P == "affine" ? (F = "g2m_batchToAffine", f = n.F.n8 * 2) : f = n.F.n8 * 3;
|
|
9341
9293
|
else if (t == "Fr")
|
|
9342
|
-
L = e.n8, f = e.n8, V = e.n8,
|
|
9294
|
+
L = e.n8, f = e.n8, V = e.n8, T = "frm_" + C;
|
|
9343
9295
|
else
|
|
9344
9296
|
throw new Error("Invalid group");
|
|
9345
9297
|
if (u.byteLength != l.byteLength)
|
|
@@ -9349,24 +9301,24 @@ function Ue(o, t) {
|
|
|
9349
9301
|
throw new Error("Invalid number of points");
|
|
9350
9302
|
let X = Math.floor($ / i.concurrency);
|
|
9351
9303
|
X < 16 && (X = 16), X > 65536 && (X = 65536);
|
|
9352
|
-
const
|
|
9304
|
+
const Q = [];
|
|
9353
9305
|
for (let nt = 0; nt < $; nt += X) {
|
|
9354
|
-
E && E.debug(`${
|
|
9306
|
+
E && E.debug(`${z}: fftJoinExt Start: ${nt}/${$}`);
|
|
9355
9307
|
const K = Math.min($ - nt, X), ct = e.mul(B, e.exp(A, nt)), J = [], st = u.slice(nt * L, (nt + K) * L), At = l.slice(nt * L, (nt + K) * L);
|
|
9356
|
-
J.push({ cmd: "ALLOC", var: 0, len: V * K }), J.push({ cmd: "SET", var: 0, buff: st }), J.push({ cmd: "ALLOC", var: 1, len: V * K }), J.push({ cmd: "SET", var: 1, buff: At }), J.push({ cmd: "ALLOCSET", var: 2, buff: ct }), J.push({ cmd: "ALLOCSET", var: 3, buff: A }), rt && (J.push({ cmd: "CALL", fnName: rt, params: [{ var: 0 }, { val: K }, { var: 0 }] }), J.push({ cmd: "CALL", fnName: rt, params: [{ var: 1 }, { val: K }, { var: 1 }] })), J.push({ cmd: "CALL", fnName:
|
|
9308
|
+
J.push({ cmd: "ALLOC", var: 0, len: V * K }), J.push({ cmd: "SET", var: 0, buff: st }), J.push({ cmd: "ALLOC", var: 1, len: V * K }), J.push({ cmd: "SET", var: 1, buff: At }), J.push({ cmd: "ALLOCSET", var: 2, buff: ct }), J.push({ cmd: "ALLOCSET", var: 3, buff: A }), rt && (J.push({ cmd: "CALL", fnName: rt, params: [{ var: 0 }, { val: K }, { var: 0 }] }), J.push({ cmd: "CALL", fnName: rt, params: [{ var: 1 }, { val: K }, { var: 1 }] })), J.push({ cmd: "CALL", fnName: T, params: [
|
|
9357
9309
|
{ var: 0 },
|
|
9358
9310
|
{ var: 1 },
|
|
9359
9311
|
{ val: K },
|
|
9360
9312
|
{ var: 2 },
|
|
9361
9313
|
{ var: 3 },
|
|
9362
9314
|
{ val: e.s }
|
|
9363
|
-
] }), F && (J.push({ cmd: "CALL", fnName: F, params: [{ var: 0 }, { val: K }, { var: 0 }] }), J.push({ cmd: "CALL", fnName: F, params: [{ var: 1 }, { val: K }, { var: 1 }] })), J.push({ cmd: "GET", out: 0, var: 0, len: K * f }), J.push({ cmd: "GET", out: 1, var: 1, len: K * f }),
|
|
9364
|
-
i.queueAction(J).then((Bt) => (E && E.debug(`${
|
|
9315
|
+
] }), F && (J.push({ cmd: "CALL", fnName: F, params: [{ var: 0 }, { val: K }, { var: 0 }] }), J.push({ cmd: "CALL", fnName: F, params: [{ var: 1 }, { val: K }, { var: 1 }] })), J.push({ cmd: "GET", out: 0, var: 0, len: K * f }), J.push({ cmd: "GET", out: 1, var: 1, len: K * f }), Q.push(
|
|
9316
|
+
i.queueAction(J).then((Bt) => (E && E.debug(`${z}: fftJoinExt End: ${nt}/${$}`), Bt))
|
|
9365
9317
|
);
|
|
9366
9318
|
}
|
|
9367
|
-
const y = await Promise.all(
|
|
9319
|
+
const y = await Promise.all(Q);
|
|
9368
9320
|
let v, D;
|
|
9369
|
-
$ * f > 1 << 28 ? (v = new
|
|
9321
|
+
$ * f > 1 << 28 ? (v = new Qt($ * f), D = new Qt($ * f)) : (v = new Uint8Array($ * f), D = new Uint8Array($ * f));
|
|
9370
9322
|
let it = 0;
|
|
9371
9323
|
for (let nt = 0; nt < y.length; nt++)
|
|
9372
9324
|
v.set(y[nt][0], it), D.set(y[nt][1], it), it += y[nt][0].byteLength;
|
|
@@ -9394,13 +9346,13 @@ function Ue(o, t) {
|
|
|
9394
9346
|
return await n.ifft(u, l, C, B, A);
|
|
9395
9347
|
if (E > e.s + 1)
|
|
9396
9348
|
throw B && B.error("lagrangeEvaluations input too big"), new Error("lagrangeEvaluations input too big");
|
|
9397
|
-
let
|
|
9398
|
-
const ot = e.exp(e.shift, P / 2),
|
|
9399
|
-
[
|
|
9349
|
+
let z = u.slice(0, u.byteLength / 2), x = u.slice(u.byteLength / 2, u.byteLength);
|
|
9350
|
+
const ot = e.exp(e.shift, P / 2), T = e.inv(e.sub(e.one, ot));
|
|
9351
|
+
[z, x] = await b(z, x, "prepareLagrangeEvaluation", T, e.shiftInv, l, "jacobian", B, A + " prep");
|
|
9400
9352
|
const rt = [];
|
|
9401
|
-
rt.push(s(
|
|
9353
|
+
rt.push(s(z, !0, "jacobian", C, B, A + " t0")), rt.push(s(x, !0, "jacobian", C, B, A + " t1")), [z, x] = await Promise.all(rt);
|
|
9402
9354
|
let F;
|
|
9403
|
-
return
|
|
9355
|
+
return z.byteLength > 1 << 28 ? F = new Qt(z.byteLength * 2) : F = new Uint8Array(z.byteLength * 2), F.set(z), F.set(x, z.byteLength), F;
|
|
9404
9356
|
}, n.fftMix = async function(l) {
|
|
9405
9357
|
const C = n.F.n8 * 3;
|
|
9406
9358
|
let B, A;
|
|
@@ -9415,45 +9367,45 @@ function Ue(o, t) {
|
|
|
9415
9367
|
const O = Math.floor(l.byteLength / C), P = Jt(O);
|
|
9416
9368
|
let E = 1 << Jt(i.concurrency);
|
|
9417
9369
|
O <= E * 2 && (E = 1);
|
|
9418
|
-
const
|
|
9370
|
+
const z = O / E, x = Jt(z), ot = [];
|
|
9419
9371
|
for (let L = 0; L < E; L++) {
|
|
9420
|
-
const V = [], $ = l.slice(L *
|
|
9372
|
+
const V = [], $ = l.slice(L * z * C, (L + 1) * z * C);
|
|
9421
9373
|
V.push({ cmd: "ALLOCSET", var: 0, buff: $ });
|
|
9422
9374
|
for (let X = 1; X <= x; X++)
|
|
9423
9375
|
V.push({ cmd: "CALL", fnName: B, params: [
|
|
9424
9376
|
{ var: 0 },
|
|
9425
|
-
{ val:
|
|
9377
|
+
{ val: z },
|
|
9426
9378
|
{ val: X }
|
|
9427
9379
|
] });
|
|
9428
|
-
V.push({ cmd: "GET", out: 0, var: 0, len:
|
|
9380
|
+
V.push({ cmd: "GET", out: 0, var: 0, len: z * C }), ot.push(
|
|
9429
9381
|
i.queueAction(V)
|
|
9430
9382
|
);
|
|
9431
9383
|
}
|
|
9432
|
-
const
|
|
9433
|
-
for (let L = 0; L <
|
|
9434
|
-
rt[L] =
|
|
9384
|
+
const T = await Promise.all(ot), rt = [];
|
|
9385
|
+
for (let L = 0; L < T.length; L++)
|
|
9386
|
+
rt[L] = T[L][0];
|
|
9435
9387
|
for (let L = x + 1; L <= P; L++) {
|
|
9436
9388
|
const V = 1 << P - L, $ = E / V, X = [];
|
|
9437
9389
|
for (let y = 0; y < V; y++)
|
|
9438
9390
|
for (let v = 0; v < $ / 2; v++) {
|
|
9439
|
-
const D = e.exp(e.w[L], v *
|
|
9391
|
+
const D = e.exp(e.w[L], v * z), it = e.w[L], nt = y * $ + v, K = y * $ + v + $ / 2, ct = [];
|
|
9440
9392
|
ct.push({ cmd: "ALLOCSET", var: 0, buff: rt[nt] }), ct.push({ cmd: "ALLOCSET", var: 1, buff: rt[K] }), ct.push({ cmd: "ALLOCSET", var: 2, buff: D }), ct.push({ cmd: "ALLOCSET", var: 3, buff: it }), ct.push({ cmd: "CALL", fnName: A, params: [
|
|
9441
9393
|
{ var: 0 },
|
|
9442
9394
|
{ var: 1 },
|
|
9443
|
-
{ val:
|
|
9395
|
+
{ val: z },
|
|
9444
9396
|
{ var: 2 },
|
|
9445
9397
|
{ var: 3 }
|
|
9446
|
-
] }), ct.push({ cmd: "GET", out: 0, var: 0, len:
|
|
9398
|
+
] }), ct.push({ cmd: "GET", out: 0, var: 0, len: z * C }), ct.push({ cmd: "GET", out: 1, var: 1, len: z * C }), X.push(i.queueAction(ct));
|
|
9447
9399
|
}
|
|
9448
|
-
const
|
|
9400
|
+
const Q = await Promise.all(X);
|
|
9449
9401
|
for (let y = 0; y < V; y++)
|
|
9450
9402
|
for (let v = 0; v < $ / 2; v++) {
|
|
9451
|
-
const D = y * $ + v, it = y * $ + v + $ / 2, nt =
|
|
9403
|
+
const D = y * $ + v, it = y * $ + v + $ / 2, nt = Q.shift();
|
|
9452
9404
|
rt[D] = nt[0], rt[it] = nt[1];
|
|
9453
9405
|
}
|
|
9454
9406
|
}
|
|
9455
9407
|
let F;
|
|
9456
|
-
l instanceof
|
|
9408
|
+
l instanceof Qt ? F = new Qt(O * C) : F = new Uint8Array(O * C);
|
|
9457
9409
|
let f = 0;
|
|
9458
9410
|
for (let L = 0; L < E; L++)
|
|
9459
9411
|
F.set(rt[L], f), f += rt[L].byteLength;
|
|
@@ -9474,12 +9426,12 @@ function Ue(o, t) {
|
|
|
9474
9426
|
const E = Math.floor(l.byteLength / O);
|
|
9475
9427
|
if (E != 1 << Jt(E))
|
|
9476
9428
|
throw new Error("Invalid number of points");
|
|
9477
|
-
let
|
|
9478
|
-
E <=
|
|
9479
|
-
const x = E /
|
|
9480
|
-
for (let L = 0; L <
|
|
9481
|
-
const V = [], $ = e.mul(B, e.exp(A, L * x)), X = l.slice(L * x * O, (L + 1) * x * O),
|
|
9482
|
-
V.push({ cmd: "ALLOCSET", var: 0, buff: X }), V.push({ cmd: "ALLOCSET", var: 1, buff:
|
|
9429
|
+
let z = 1 << Jt(i.concurrency);
|
|
9430
|
+
E <= z * 2 && (z = 1);
|
|
9431
|
+
const x = E / z, ot = [];
|
|
9432
|
+
for (let L = 0; L < z; L++) {
|
|
9433
|
+
const V = [], $ = e.mul(B, e.exp(A, L * x)), X = l.slice(L * x * O, (L + 1) * x * O), Q = C.slice(L * x * O, (L + 1) * x * O);
|
|
9434
|
+
V.push({ cmd: "ALLOCSET", var: 0, buff: X }), V.push({ cmd: "ALLOCSET", var: 1, buff: Q }), V.push({ cmd: "ALLOCSET", var: 2, buff: $ }), V.push({ cmd: "ALLOCSET", var: 3, buff: A }), V.push({ cmd: "CALL", fnName: P, params: [
|
|
9483
9435
|
{ var: 0 },
|
|
9484
9436
|
{ var: 1 },
|
|
9485
9437
|
{ val: x },
|
|
@@ -9489,12 +9441,12 @@ function Ue(o, t) {
|
|
|
9489
9441
|
i.queueAction(V)
|
|
9490
9442
|
);
|
|
9491
9443
|
}
|
|
9492
|
-
const
|
|
9444
|
+
const T = await Promise.all(ot);
|
|
9493
9445
|
let rt, F;
|
|
9494
|
-
l instanceof
|
|
9446
|
+
l instanceof Qt ? (rt = new Qt(E * O), F = new Qt(E * O)) : (rt = new Uint8Array(E * O), F = new Uint8Array(E * O));
|
|
9495
9447
|
let f = 0;
|
|
9496
|
-
for (let L = 0; L <
|
|
9497
|
-
rt.set(
|
|
9448
|
+
for (let L = 0; L < T.length; L++)
|
|
9449
|
+
rt.set(T[L][0], f), F.set(T[L][1], f), f += T[L][0].byteLength;
|
|
9498
9450
|
return [rt, F];
|
|
9499
9451
|
}, n.fftFinal = async function(l, C) {
|
|
9500
9452
|
const B = n.F.n8 * 3, A = n.F.n8 * 2;
|
|
@@ -9508,12 +9460,12 @@ function Ue(o, t) {
|
|
|
9508
9460
|
const E = Math.floor(l.byteLength / B);
|
|
9509
9461
|
if (E != 1 << Jt(E))
|
|
9510
9462
|
throw new Error("Invalid number of points");
|
|
9511
|
-
const
|
|
9463
|
+
const z = Math.floor(E / i.concurrency), x = [];
|
|
9512
9464
|
for (let F = 0; F < i.concurrency; F++) {
|
|
9513
9465
|
let f;
|
|
9514
|
-
if (F < i.concurrency - 1 ? f =
|
|
9466
|
+
if (F < i.concurrency - 1 ? f = z : f = E - F * z, f == 0)
|
|
9515
9467
|
continue;
|
|
9516
|
-
const L = [], V = l.slice(F *
|
|
9468
|
+
const L = [], V = l.slice(F * z * B, (F * z + f) * B);
|
|
9517
9469
|
L.push({ cmd: "ALLOCSET", var: 0, buff: V }), L.push({ cmd: "ALLOCSET", var: 1, buff: C }), L.push({ cmd: "CALL", fnName: O, params: [
|
|
9518
9470
|
{ var: 0 },
|
|
9519
9471
|
{ val: f },
|
|
@@ -9527,17 +9479,17 @@ function Ue(o, t) {
|
|
|
9527
9479
|
);
|
|
9528
9480
|
}
|
|
9529
9481
|
const ot = await Promise.all(x);
|
|
9530
|
-
let
|
|
9531
|
-
l instanceof
|
|
9482
|
+
let T;
|
|
9483
|
+
l instanceof Qt ? T = new Qt(E * A) : T = new Uint8Array(E * A);
|
|
9532
9484
|
let rt = 0;
|
|
9533
9485
|
for (let F = ot.length - 1; F >= 0; F--)
|
|
9534
|
-
|
|
9535
|
-
return
|
|
9486
|
+
T.set(ot[F][0], rt), rt += ot[F][0].byteLength;
|
|
9487
|
+
return T;
|
|
9536
9488
|
};
|
|
9537
9489
|
}
|
|
9538
9490
|
async function ra(o) {
|
|
9539
|
-
const t = await
|
|
9540
|
-
return n.q =
|
|
9491
|
+
const t = await qs(o.wasm, o.singleThread), n = {};
|
|
9492
|
+
return n.q = Tt(o.wasm.q.toString()), n.r = Tt(o.wasm.r.toString()), n.name = o.name, n.tm = t, n.prePSize = o.wasm.prePSize, n.preQSize = o.wasm.preQSize, n.Fr = new jo(t, "frm", o.n8r, o.r), n.F1 = new jo(t, "f1m", o.n8q, o.q), n.F2 = new $o(t, "f2m", n.F1), n.G1 = new Yo(t, "g1m", n.F1, o.wasm.pG1gen, o.wasm.pG1b, o.cofactorG1), n.G2 = new Yo(t, "g2m", n.F2, o.wasm.pG2gen, o.wasm.pG2b, o.cofactorG2), n.F6 = new Os(t, "f6m", n.F2), n.F12 = new $o(t, "ftm", n.F6), n.Gt = n.F12, Me(n, "G1"), Me(n, "G2"), Me(n, "Fr"), Xo(n, "G1"), Xo(n, "G2"), Ue(n, "G1"), Ue(n, "G2"), Ue(n, "Fr"), Ms(n), n.array2buffer = function(e, i) {
|
|
9541
9493
|
const s = new Uint8Array(i * e.length);
|
|
9542
9494
|
for (let d = 0; d < e.length; d++)
|
|
9543
9495
|
s.set(e[d], d * i);
|
|
@@ -9558,14 +9510,14 @@ function da(o) {
|
|
|
9558
9510
|
function Us(o) {
|
|
9559
9511
|
return o === 0n;
|
|
9560
9512
|
}
|
|
9561
|
-
function
|
|
9513
|
+
function zs(o) {
|
|
9562
9514
|
return da(o) ? o.toString(2).length - 1 : o.toString(2).length;
|
|
9563
9515
|
}
|
|
9564
|
-
function
|
|
9516
|
+
function ze(o) {
|
|
9565
9517
|
const t = [], n = Rn(o);
|
|
9566
9518
|
return t.push(Number(n & 0xFFn)), t.push(Number(n >> 8n & 0xFFn)), t.push(Number(n >> 16n & 0xFFn)), t.push(Number(n >> 24n & 0xFFn)), t;
|
|
9567
9519
|
}
|
|
9568
|
-
function
|
|
9520
|
+
function Ts(o) {
|
|
9569
9521
|
for (var t = [], n = 0; n < o.length; n++) {
|
|
9570
9522
|
var e = o.charCodeAt(n);
|
|
9571
9523
|
e < 128 ? t.push(e) : e < 2048 ? t.push(
|
|
@@ -9585,7 +9537,7 @@ function zs(o) {
|
|
|
9585
9537
|
return t;
|
|
9586
9538
|
}
|
|
9587
9539
|
function Hn(o) {
|
|
9588
|
-
const t =
|
|
9540
|
+
const t = Ts(o);
|
|
9589
9541
|
return [...Ft(t.length), ...t];
|
|
9590
9542
|
}
|
|
9591
9543
|
function ua(o) {
|
|
@@ -9602,7 +9554,7 @@ function ua(o) {
|
|
|
9602
9554
|
}
|
|
9603
9555
|
function _a(o) {
|
|
9604
9556
|
let t, n;
|
|
9605
|
-
const e =
|
|
9557
|
+
const e = zs(o);
|
|
9606
9558
|
o < 0 ? (n = !0, t = (1n << BigInt(e)) + o) : (n = !1, t = Rn(o));
|
|
9607
9559
|
const i = 7 - e % 7, s = (1n << BigInt(i)) - 1n << BigInt(e), d = (1 << 7 - i) - 1 | 128, r = ua(t + s);
|
|
9608
9560
|
return n || (r[r.length - 1] = r[r.length - 1] & d), r;
|
|
@@ -9949,7 +9901,7 @@ class Ds {
|
|
|
9949
9901
|
return [];
|
|
9950
9902
|
}
|
|
9951
9903
|
}
|
|
9952
|
-
const
|
|
9904
|
+
const Te = {
|
|
9953
9905
|
i32: 127,
|
|
9954
9906
|
i64: 126,
|
|
9955
9907
|
f32: 125,
|
|
@@ -9992,13 +9944,13 @@ class ni {
|
|
|
9992
9944
|
this.returnType = t;
|
|
9993
9945
|
}
|
|
9994
9946
|
getSignature() {
|
|
9995
|
-
const t = [...Ft(this.params.length), ...this.params.map((e) =>
|
|
9947
|
+
const t = [...Ft(this.params.length), ...this.params.map((e) => Te[e.type])], n = this.returnType ? [1, Te[this.returnType]] : [0];
|
|
9996
9948
|
return [96, ...t, ...n];
|
|
9997
9949
|
}
|
|
9998
9950
|
getBody() {
|
|
9999
9951
|
const t = this.locals.map((e) => [
|
|
10000
9952
|
...Ft(e.length),
|
|
10001
|
-
|
|
9953
|
+
Te[e.type]
|
|
10002
9954
|
]), n = [
|
|
10003
9955
|
...Ft(this.locals.length),
|
|
10004
9956
|
...[].concat(...t),
|
|
@@ -10027,8 +9979,8 @@ class ga {
|
|
|
10027
9979
|
}
|
|
10028
9980
|
build() {
|
|
10029
9981
|
return this._setSignatures(), new Uint8Array([
|
|
10030
|
-
...
|
|
10031
|
-
...
|
|
9982
|
+
...ze(1836278016),
|
|
9983
|
+
...ze(1),
|
|
10032
9984
|
...this._buildType(),
|
|
10033
9985
|
...this._buildImport(),
|
|
10034
9986
|
...this._buildFunctionDeclarations(),
|
|
@@ -10212,7 +10164,7 @@ class ga {
|
|
|
10212
10164
|
0,
|
|
10213
10165
|
11,
|
|
10214
10166
|
4,
|
|
10215
|
-
...
|
|
10167
|
+
...ze(this.free)
|
|
10216
10168
|
]);
|
|
10217
10169
|
for (let n = 0; n < this.datas.length; n++)
|
|
10218
10170
|
t.push([
|
|
@@ -10240,11 +10192,11 @@ async function fa(o, t) {
|
|
|
10240
10192
|
const i = {
|
|
10241
10193
|
name: "bn128",
|
|
10242
10194
|
wasm: e,
|
|
10243
|
-
q:
|
|
10244
|
-
r:
|
|
10195
|
+
q: Tt("21888242871839275222246405745257275088696311157297823662689037894645226208583"),
|
|
10196
|
+
r: Tt("21888242871839275222246405745257275088548364400416034343698204186575808495617"),
|
|
10245
10197
|
n8q: 32,
|
|
10246
10198
|
n8r: 32,
|
|
10247
|
-
cofactorG2:
|
|
10199
|
+
cofactorG2: Tt("30644e72e131a029b85045b68181585e06ceecda572a2489345f2299c0f9fa8d", 16),
|
|
10248
10200
|
singleThread: !!o
|
|
10249
10201
|
}, s = await ra(i);
|
|
10250
10202
|
return s.terminate = async function() {
|
|
@@ -10262,23 +10214,23 @@ async function ha(o, t) {
|
|
|
10262
10214
|
const i = {
|
|
10263
10215
|
name: "bls12381",
|
|
10264
10216
|
wasm: e,
|
|
10265
|
-
q:
|
|
10266
|
-
r:
|
|
10217
|
+
q: Tt("1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab", 16),
|
|
10218
|
+
r: Tt("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001", 16),
|
|
10267
10219
|
n8q: 48,
|
|
10268
10220
|
n8r: 32,
|
|
10269
|
-
cofactorG1:
|
|
10270
|
-
cofactorG2:
|
|
10221
|
+
cofactorG1: Tt("0x396c8c005555e1568c00aaab0000aaab", 16),
|
|
10222
|
+
cofactorG2: Tt("0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5", 16),
|
|
10271
10223
|
singleThread: !!o
|
|
10272
10224
|
}, s = await ra(i);
|
|
10273
10225
|
return s.terminate = async function() {
|
|
10274
10226
|
i.singleThread || (globalThis.curve_bls12381 = null, await this.tm.terminate());
|
|
10275
10227
|
}, o || (globalThis.curve_bls12381 = s), s;
|
|
10276
10228
|
}
|
|
10277
|
-
|
|
10278
|
-
|
|
10279
|
-
|
|
10280
|
-
|
|
10281
|
-
const
|
|
10229
|
+
Tt("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001", 16);
|
|
10230
|
+
Tt("21888242871839275222246405745257275088548364400416034343698204186575808495617");
|
|
10231
|
+
Tt("1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab", 16);
|
|
10232
|
+
Tt("21888242871839275222246405745257275088696311157297823662689037894645226208583");
|
|
10233
|
+
const Mt = Cc, ne = Ss;
|
|
10282
10234
|
var pa = {};
|
|
10283
10235
|
async function La(o, t, n, e) {
|
|
10284
10236
|
if (n = n || 4096 * 64, typeof t != "number" && ["w+", "wx+", "r", "ax+", "a+"].indexOf(t) < 0)
|
|
@@ -10789,29 +10741,29 @@ async function oe(o, t) {
|
|
|
10789
10741
|
}
|
|
10790
10742
|
async function Xs(o, t, n, e) {
|
|
10791
10743
|
const i = new Uint8Array(n);
|
|
10792
|
-
|
|
10744
|
+
Mt.toRprLE(i, 0, t, n), await o.write(i, e);
|
|
10793
10745
|
}
|
|
10794
10746
|
async function Sn(o, t, n) {
|
|
10795
10747
|
const e = await o.read(t, n);
|
|
10796
|
-
return
|
|
10748
|
+
return Mt.fromRprLE(e, 0, t);
|
|
10797
10749
|
}
|
|
10798
10750
|
async function Bn(o, t, n, e, i) {
|
|
10799
10751
|
if (e = typeof e > "u" ? 0 : e, i = typeof i > "u" ? t[n][0].size - e : i, e + i > t[n][0].size)
|
|
10800
10752
|
throw new Error("Reading out of the range of the section");
|
|
10801
10753
|
let s;
|
|
10802
|
-
return i < 1 << 30 ? s = new Uint8Array(i) : s = new
|
|
10754
|
+
return i < 1 << 30 ? s = new Uint8Array(i) : s = new Qt(i), await o.readToBuffer(s, 0, i, t[n][0].p + e), s;
|
|
10803
10755
|
}
|
|
10804
|
-
|
|
10805
|
-
|
|
10806
|
-
const tl =
|
|
10756
|
+
Mt.e("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001", 16);
|
|
10757
|
+
Mt.e("21888242871839275222246405745257275088548364400416034343698204186575808495617");
|
|
10758
|
+
const tl = Mt.e("1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab", 16), nl = Mt.e("21888242871839275222246405745257275088696311157297823662689037894645226208583");
|
|
10807
10759
|
async function Co(o, t) {
|
|
10808
10760
|
let n, e = t && t.singleThread;
|
|
10809
|
-
if (
|
|
10761
|
+
if (Mt.eq(o, nl))
|
|
10810
10762
|
n = await fa(e);
|
|
10811
|
-
else if (
|
|
10763
|
+
else if (Mt.eq(o, tl))
|
|
10812
10764
|
n = await ha(e);
|
|
10813
10765
|
else
|
|
10814
|
-
throw new Error(`Curve not supported: ${
|
|
10766
|
+
throw new Error(`Curve not supported: ${Mt.toString(o)}`);
|
|
10815
10767
|
return n;
|
|
10816
10768
|
}
|
|
10817
10769
|
async function el(o, t) {
|
|
@@ -10860,9 +10812,9 @@ var sl = {
|
|
|
10860
10812
|
toString: al,
|
|
10861
10813
|
write: cl
|
|
10862
10814
|
};
|
|
10863
|
-
const
|
|
10864
|
-
for (let o = 0; o <
|
|
10865
|
-
xn[
|
|
10815
|
+
const qn = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", xn = new Uint8Array(256);
|
|
10816
|
+
for (let o = 0; o < qn.length; o++)
|
|
10817
|
+
xn[qn.charCodeAt(o)] = o;
|
|
10866
10818
|
xn[
|
|
10867
10819
|
/* - */
|
|
10868
10820
|
45
|
|
@@ -10879,7 +10831,7 @@ function ll(o) {
|
|
|
10879
10831
|
const t = o.byteLength;
|
|
10880
10832
|
let n = "";
|
|
10881
10833
|
for (let e = 0; e < t; e += 3)
|
|
10882
|
-
n +=
|
|
10834
|
+
n += qn[o[e] >> 2] + qn[(o[e] & 3) << 4 | o[e + 1] >> 4] + qn[(o[e + 1] & 15) << 2 | o[e + 2] >> 6] + qn[o[e + 2] & 63];
|
|
10883
10835
|
return t % 3 === 2 ? n = n.substring(0, n.length - 1) + "=" : t % 3 === 1 && (n = n.substring(0, n.length - 2) + "=="), n;
|
|
10884
10836
|
}
|
|
10885
10837
|
function rl(o, t, n = 0, e = Fa(t)) {
|
|
@@ -11106,7 +11058,7 @@ var Ll = {
|
|
|
11106
11058
|
}
|
|
11107
11059
|
return I;
|
|
11108
11060
|
}
|
|
11109
|
-
function
|
|
11061
|
+
function z(c, w, I = 0, h = 0, S = c.byteLength) {
|
|
11110
11062
|
if (S > 0 && S < h || S === h || c.byteLength === 0 || w.byteLength === 0)
|
|
11111
11063
|
return 0;
|
|
11112
11064
|
if (I < 0)
|
|
@@ -11144,14 +11096,14 @@ var Ll = {
|
|
|
11144
11096
|
for (let W = I; W < h; ++W)
|
|
11145
11097
|
c[W] = w;
|
|
11146
11098
|
else {
|
|
11147
|
-
w = u(w) ? w :
|
|
11099
|
+
w = u(w) ? w : T(w, S);
|
|
11148
11100
|
const W = w.byteLength;
|
|
11149
11101
|
for (let N = 0; N < h - I; ++N)
|
|
11150
11102
|
c[N + I] = w[N % W];
|
|
11151
11103
|
}
|
|
11152
11104
|
return c;
|
|
11153
11105
|
}
|
|
11154
|
-
function
|
|
11106
|
+
function T(c, w, I) {
|
|
11155
11107
|
return typeof c == "string" ? rt(c, w) : Array.isArray(c) ? F(c) : ArrayBuffer.isView(c) ? f(c) : L(c, w, I);
|
|
11156
11108
|
}
|
|
11157
11109
|
function rt(c, w) {
|
|
@@ -11185,7 +11137,7 @@ var Ll = {
|
|
|
11185
11137
|
else
|
|
11186
11138
|
return -1;
|
|
11187
11139
|
if (typeof w == "string")
|
|
11188
|
-
w =
|
|
11140
|
+
w = T(w, h);
|
|
11189
11141
|
else if (typeof w == "number")
|
|
11190
11142
|
return w = w & 255, S ? c.indexOf(w, I) : c.lastIndexOf(w, I);
|
|
11191
11143
|
if (w.byteLength === 0)
|
|
@@ -11223,7 +11175,7 @@ var Ll = {
|
|
|
11223
11175
|
/* first */
|
|
11224
11176
|
);
|
|
11225
11177
|
}
|
|
11226
|
-
function
|
|
11178
|
+
function Q(c, w, I, h) {
|
|
11227
11179
|
return $(
|
|
11228
11180
|
c,
|
|
11229
11181
|
w,
|
|
@@ -11304,13 +11256,13 @@ var Ll = {
|
|
|
11304
11256
|
byteLength: O,
|
|
11305
11257
|
compare: P,
|
|
11306
11258
|
concat: E,
|
|
11307
|
-
copy:
|
|
11259
|
+
copy: z,
|
|
11308
11260
|
equals: x,
|
|
11309
11261
|
fill: ot,
|
|
11310
|
-
from:
|
|
11262
|
+
from: T,
|
|
11311
11263
|
includes: V,
|
|
11312
11264
|
indexOf: X,
|
|
11313
|
-
lastIndexOf:
|
|
11265
|
+
lastIndexOf: Q,
|
|
11314
11266
|
swap16: v,
|
|
11315
11267
|
swap32: D,
|
|
11316
11268
|
swap64: it,
|
|
@@ -11447,7 +11399,7 @@ async function Fl(o, t, n, e) {
|
|
|
11447
11399
|
}
|
|
11448
11400
|
async function xl(o, t, n) {
|
|
11449
11401
|
await si(o, 1);
|
|
11450
|
-
const e = (Math.floor((
|
|
11402
|
+
const e = (Math.floor((Mt.bitLength(n) - 1) / 64) + 1) * 8;
|
|
11451
11403
|
if (await o.writeULE32(e), await Xs(o, n, e), t.byteLength % e != 0)
|
|
11452
11404
|
throw new Error("Invalid witness length");
|
|
11453
11405
|
await o.writeULE32(t.byteLength / e), await li(o), await si(o, 2), await o.write(t), await li(o);
|
|
@@ -11462,7 +11414,7 @@ async function va(o, t, n, e) {
|
|
|
11462
11414
|
const { fd: i, sections: s } = await ci(t, "wtns", 2), d = await Sl(i, s), { fd: r, sections: b } = await ci(o, "zkey", 2), u = await wl(r, b, void 0, e);
|
|
11463
11415
|
if (u.protocol != "groth16")
|
|
11464
11416
|
throw new Error("zkey file is not groth16");
|
|
11465
|
-
if (!
|
|
11417
|
+
if (!Mt.eq(u.r, d.q))
|
|
11466
11418
|
throw new Error("Curve of the witness does not match the curve of the proving key");
|
|
11467
11419
|
if (d.nWitness != u.nVars)
|
|
11468
11420
|
throw new Error(`Invalid witness length. Circuit: ${u.nVars}, witness: ${d.nWitness}`);
|
|
@@ -11472,7 +11424,7 @@ async function va(o, t, n, e) {
|
|
|
11472
11424
|
n && n.debug("Reading Coeffs");
|
|
11473
11425
|
const E = await Bn(r, b, 4);
|
|
11474
11426
|
n && n.debug("Building ABC");
|
|
11475
|
-
const [
|
|
11427
|
+
const [z, x, ot] = await Ol(l, u, P, E, n), T = O == C.s ? l.Fr.shift : l.Fr.w[O + 1], rt = await C.ifft(z, "", "", n, "IFFT_A"), F = await C.batchApplyKey(rt, C.e(1), T), f = await C.fft(F, "", "", n, "FFT_A"), L = await C.ifft(x, "", "", n, "IFFT_B"), V = await C.batchApplyKey(L, C.e(1), T), $ = await C.fft(V, "", "", n, "FFT_B"), X = await C.ifft(ot, "", "", n, "IFFT_C"), Q = await C.batchApplyKey(X, C.e(1), T), y = await C.fft(Q, "", "", n, "FFT_C");
|
|
11476
11428
|
n && n.debug("Join ABC");
|
|
11477
11429
|
const v = await vl(l, u, f, $, y, n);
|
|
11478
11430
|
let D = {};
|
|
@@ -11491,19 +11443,19 @@ async function va(o, t, n, e) {
|
|
|
11491
11443
|
let p = [];
|
|
11492
11444
|
for (let a = 1; a <= u.nPublic; a++) {
|
|
11493
11445
|
const m = P.slice(a * C.n8, a * C.n8 + C.n8);
|
|
11494
|
-
p.push(
|
|
11446
|
+
p.push(Mt.fromRprLE(m));
|
|
11495
11447
|
}
|
|
11496
11448
|
return D.pi_a = B.toObject(B.toAffine(D.pi_a)), D.pi_b = A.toObject(A.toAffine(D.pi_b)), D.pi_c = B.toObject(B.toAffine(D.pi_c)), D.protocol = "groth16", D.curve = l.name, await r.close(), await i.close(), D = Ai(D), p = Ai(p), { proof: D, publicSignals: p };
|
|
11497
11449
|
}
|
|
11498
11450
|
async function Ol(o, t, n, e, i) {
|
|
11499
|
-
const s = o.Fr.n8, d = 4 * 3 + t.n8r, r = (e.byteLength - 4) / d, b = new
|
|
11451
|
+
const s = o.Fr.n8, d = 4 * 3 + t.n8r, r = (e.byteLength - 4) / d, b = new Qt(t.domainSize * s), u = new Qt(t.domainSize * s), l = new Qt(t.domainSize * s), C = [b, u];
|
|
11500
11452
|
for (let B = 0; B < r; B++) {
|
|
11501
11453
|
i && B % 1e6 == 0 && i.debug(`QAP AB: ${B}/${r}`);
|
|
11502
|
-
const A = e.slice(4 + B * d, 4 + B * d + d), O = new DataView(A.buffer), P = O.getUint32(0, !0), E = O.getUint32(4, !0),
|
|
11454
|
+
const A = e.slice(4 + B * d, 4 + B * d + d), O = new DataView(A.buffer), P = O.getUint32(0, !0), E = O.getUint32(4, !0), z = O.getUint32(8, !0), x = A.slice(12, 12 + s);
|
|
11503
11455
|
C[P].set(
|
|
11504
11456
|
o.Fr.add(
|
|
11505
11457
|
C[P].slice(E * s, E * s + s),
|
|
11506
|
-
o.Fr.mul(x, n.slice(
|
|
11458
|
+
o.Fr.mul(x, n.slice(z * s, z * s + s))
|
|
11507
11459
|
),
|
|
11508
11460
|
E * s
|
|
11509
11461
|
);
|
|
@@ -11522,8 +11474,8 @@ async function vl(o, t, n, e, i, s) {
|
|
|
11522
11474
|
const r = o.Fr.n8, b = Math.floor(n.byteLength / o.Fr.n8), u = [];
|
|
11523
11475
|
for (let A = 0; A < b; A += 4194304) {
|
|
11524
11476
|
s && s.debug(`JoinABC: ${A}/${b}`);
|
|
11525
|
-
const O = Math.min(b - A, 4194304), P = [], E = n.slice(A * r, (A + O) * r),
|
|
11526
|
-
P.push({ cmd: "ALLOCSET", var: 0, buff: E }), P.push({ cmd: "ALLOCSET", var: 1, buff:
|
|
11477
|
+
const O = Math.min(b - A, 4194304), P = [], E = n.slice(A * r, (A + O) * r), z = e.slice(A * r, (A + O) * r), x = i.slice(A * r, (A + O) * r);
|
|
11478
|
+
P.push({ cmd: "ALLOCSET", var: 0, buff: E }), P.push({ cmd: "ALLOCSET", var: 1, buff: z }), P.push({ cmd: "ALLOCSET", var: 2, buff: x }), P.push({ cmd: "ALLOC", var: 3, len: O * r }), P.push({ cmd: "CALL", fnName: "qap_joinABC", params: [
|
|
11527
11479
|
{ var: 0 },
|
|
11528
11480
|
{ var: 1 },
|
|
11529
11481
|
{ var: 2 },
|
|
@@ -11537,7 +11489,7 @@ async function vl(o, t, n, e, i, s) {
|
|
|
11537
11489
|
}
|
|
11538
11490
|
const l = await Promise.all(u);
|
|
11539
11491
|
let C;
|
|
11540
|
-
n instanceof
|
|
11492
|
+
n instanceof Qt ? C = new Qt(n.byteLength) : C = new Uint8Array(n.byteLength);
|
|
11541
11493
|
let B = 0;
|
|
11542
11494
|
for (let A = 0; A < l.length; A++)
|
|
11543
11495
|
C.set(l[A][0], B), B += l[A][0].byteLength;
|
|
@@ -11558,7 +11510,7 @@ function Pl(o, t) {
|
|
|
11558
11510
|
let n = BigInt(o) % t;
|
|
11559
11511
|
return n < 0 && (n += t), n;
|
|
11560
11512
|
}
|
|
11561
|
-
function
|
|
11513
|
+
function qa(o) {
|
|
11562
11514
|
const t = BigInt(2) ** BigInt(64);
|
|
11563
11515
|
let n = BigInt("0xCBF29CE484222325");
|
|
11564
11516
|
for (let s = 0; s < o.length; s++)
|
|
@@ -11566,7 +11518,7 @@ function Ma(o) {
|
|
|
11566
11518
|
let e = n.toString(16), i = 16 - e.length;
|
|
11567
11519
|
return e = "0".repeat(i).concat(e), e;
|
|
11568
11520
|
}
|
|
11569
|
-
function
|
|
11521
|
+
function ql(o, t) {
|
|
11570
11522
|
const n = [];
|
|
11571
11523
|
let e = BigInt(o);
|
|
11572
11524
|
const i = BigInt(4294967296);
|
|
@@ -11579,7 +11531,7 @@ function Ml(o, t) {
|
|
|
11579
11531
|
}
|
|
11580
11532
|
return n;
|
|
11581
11533
|
}
|
|
11582
|
-
async function
|
|
11534
|
+
async function Ql(o, t) {
|
|
11583
11535
|
let n, e, i;
|
|
11584
11536
|
t = t || {};
|
|
11585
11537
|
let s = 1, d = 0, r = 0, b = !1;
|
|
@@ -11593,9 +11545,9 @@ async function ql(o, t) {
|
|
|
11593
11545
|
for (; !A; )
|
|
11594
11546
|
try {
|
|
11595
11547
|
i = new WebAssembly.Memory({ initial: B }), A = !0;
|
|
11596
|
-
} catch (
|
|
11548
|
+
} catch (z) {
|
|
11597
11549
|
if (B <= 1)
|
|
11598
|
-
throw
|
|
11550
|
+
throw z;
|
|
11599
11551
|
console.warn("Could not allocate " + B * 1024 * 64 + " bytes. This may cause severe instability. Trying with " + B * 1024 * 64 / 2 + " bytes"), B = Math.floor(B / 2);
|
|
11600
11552
|
}
|
|
11601
11553
|
const O = await WebAssembly.compile(o);
|
|
@@ -11605,12 +11557,12 @@ async function ql(o, t) {
|
|
|
11605
11557
|
memory: i
|
|
11606
11558
|
},
|
|
11607
11559
|
runtime: {
|
|
11608
|
-
printDebug: function(
|
|
11609
|
-
console.log("printDebug:",
|
|
11560
|
+
printDebug: function(z) {
|
|
11561
|
+
console.log("printDebug:", z);
|
|
11610
11562
|
},
|
|
11611
|
-
exceptionHandler: function(
|
|
11563
|
+
exceptionHandler: function(z) {
|
|
11612
11564
|
let x;
|
|
11613
|
-
throw
|
|
11565
|
+
throw z === 1 ? x = "Signal not found. " : z === 2 ? x = "Too many signals set. " : z === 3 ? x = "Signal already set. " : z === 4 ? x = "Assert Failed. " : z === 5 ? x = "Not enough memory. " : z === 6 ? x = "Input signal array access exceeds the size. " : x = "Unknown error. ", console.error("ERROR: ", z, P), new Error(x + P);
|
|
11614
11566
|
},
|
|
11615
11567
|
// A new way of logging messages was added in Circom 2.0.7 that requires 2 new imports
|
|
11616
11568
|
// `printErrorMessage` and `writeBufferMessage`.
|
|
@@ -11619,39 +11571,39 @@ async function ql(o, t) {
|
|
|
11619
11571
|
`;
|
|
11620
11572
|
},
|
|
11621
11573
|
writeBufferMessage: function() {
|
|
11622
|
-
const
|
|
11623
|
-
|
|
11624
|
-
` ? (console.log(E), E = "") : (E !== "" && (E += " "), E +=
|
|
11574
|
+
const z = l();
|
|
11575
|
+
z === `
|
|
11576
|
+
` ? (console.log(E), E = "") : (E !== "" && (E += " "), E += z);
|
|
11625
11577
|
},
|
|
11626
11578
|
showSharedRWMemory: function() {
|
|
11627
|
-
const
|
|
11628
|
-
for (let ot = 0; ot <
|
|
11629
|
-
x[
|
|
11579
|
+
const z = n.exports.getFieldNumLen32(), x = new Uint32Array(z);
|
|
11580
|
+
for (let ot = 0; ot < z; ot++)
|
|
11581
|
+
x[z - 1 - ot] = n.exports.readSharedRWMemory(ot);
|
|
11630
11582
|
if (s >= 2 && (d >= 1 || r >= 7)) {
|
|
11631
11583
|
E !== "" && (E += " ");
|
|
11632
|
-
const ot =
|
|
11584
|
+
const ot = Mt.fromArray(x, 4294967296).toString();
|
|
11633
11585
|
E += ot;
|
|
11634
11586
|
} else
|
|
11635
|
-
console.log(
|
|
11587
|
+
console.log(Mt.fromArray(x, 4294967296));
|
|
11636
11588
|
},
|
|
11637
|
-
error: function(
|
|
11589
|
+
error: function(z, x, ot, T, rt, F) {
|
|
11638
11590
|
let f;
|
|
11639
|
-
throw
|
|
11591
|
+
throw z === 7 ? f = C(x) + " " + e.getFr(T).toString() + " != " + e.getFr(rt).toString() + " " + C(F) : z === 9 ? f = C(x) + " " + e.getFr(T).toString() + " " + C(rt) : z === 5 && t.sym ? f = C(x) + " " + t.sym.labelIdx2Name[rt] : f = C(x) + " " + ot + " " + T + " " + rt + " " + F, console.log("ERROR: ", z, f), new Error(f);
|
|
11640
11592
|
},
|
|
11641
|
-
log: function(
|
|
11642
|
-
console.log(e.getFr(
|
|
11593
|
+
log: function(z) {
|
|
11594
|
+
console.log(e.getFr(z).toString());
|
|
11643
11595
|
},
|
|
11644
|
-
logGetSignal: function(
|
|
11645
|
-
t.logGetSignal && t.logGetSignal(
|
|
11596
|
+
logGetSignal: function(z, x) {
|
|
11597
|
+
t.logGetSignal && t.logGetSignal(z, e.getFr(x));
|
|
11646
11598
|
},
|
|
11647
|
-
logSetSignal: function(
|
|
11648
|
-
t.logSetSignal && t.logSetSignal(
|
|
11599
|
+
logSetSignal: function(z, x) {
|
|
11600
|
+
t.logSetSignal && t.logSetSignal(z, e.getFr(x));
|
|
11649
11601
|
},
|
|
11650
|
-
logStartComponent: function(
|
|
11651
|
-
t.logStartComponent && t.logStartComponent(
|
|
11602
|
+
logStartComponent: function(z) {
|
|
11603
|
+
t.logStartComponent && t.logStartComponent(z);
|
|
11652
11604
|
},
|
|
11653
|
-
logFinishComponent: function(
|
|
11654
|
-
t.logFinishComponent && t.logFinishComponent(
|
|
11605
|
+
logFinishComponent: function(z) {
|
|
11606
|
+
t.logFinishComponent && t.logFinishComponent(z);
|
|
11655
11607
|
}
|
|
11656
11608
|
}
|
|
11657
11609
|
});
|
|
@@ -11663,7 +11615,7 @@ async function ql(o, t) {
|
|
|
11663
11615
|
else if (s === 1) {
|
|
11664
11616
|
if (b)
|
|
11665
11617
|
throw new Error("Loading code from WebAssembly instance is not supported for circom version 1");
|
|
11666
|
-
e = new
|
|
11618
|
+
e = new Ml(i, n, u);
|
|
11667
11619
|
} else
|
|
11668
11620
|
throw new Error(`Unsupported circom version: ${s}`);
|
|
11669
11621
|
return e;
|
|
@@ -11680,13 +11632,13 @@ async function ql(o, t) {
|
|
|
11680
11632
|
return String.fromCharCode.apply(null, O);
|
|
11681
11633
|
}
|
|
11682
11634
|
}
|
|
11683
|
-
class
|
|
11635
|
+
class Ml {
|
|
11684
11636
|
constructor(t, n, e) {
|
|
11685
11637
|
this.memory = t, this.i32 = new Uint32Array(t.buffer), this.instance = n, this.n32 = (this.instance.exports.getFrLen() >> 2) - 2;
|
|
11686
11638
|
const i = this.instance.exports.getPRawPrime(), s = new Array(this.n32);
|
|
11687
11639
|
for (let d = 0; d < this.n32; d++)
|
|
11688
11640
|
s[this.n32 - 1 - d] = this.i32[(i >> 2) + d];
|
|
11689
|
-
this.prime =
|
|
11641
|
+
this.prime = Mt.fromArray(s, 4294967296), this.Fr = new Mc(this.prime), this.mask32 = Mt.fromString("FFFFFFFF", 16), this.NVars = this.instance.exports.getNVars(), this.n64 = Math.floor((this.Fr.bitLength - 1) / 64) + 1, this.R = this.Fr.e(Mt.shiftLeft(1, this.n64 * 64)), this.RInv = this.Fr.inv(this.R), this.sanityCheck = e;
|
|
11690
11642
|
}
|
|
11691
11643
|
circom_version() {
|
|
11692
11644
|
return 1;
|
|
@@ -11695,7 +11647,7 @@ class Ql {
|
|
|
11695
11647
|
this.instance.exports.init(this.sanityCheck || n ? 1 : 0);
|
|
11696
11648
|
const e = this.allocInt(), i = this.allocFr();
|
|
11697
11649
|
Object.keys(t).forEach((d) => {
|
|
11698
|
-
const r =
|
|
11650
|
+
const r = qa(d), b = parseInt(r.slice(0, 8), 16), u = parseInt(r.slice(8, 16), 16);
|
|
11699
11651
|
try {
|
|
11700
11652
|
this.instance.exports.getSignalOffset32(e, 0, b, u);
|
|
11701
11653
|
} catch {
|
|
@@ -11743,7 +11695,7 @@ class Ql {
|
|
|
11743
11695
|
const s = new Array(n.n32);
|
|
11744
11696
|
for (let r = 0; r < n.n32; r++)
|
|
11745
11697
|
s[n.n32 - 1 - r] = n.i32[e + 2 + r];
|
|
11746
|
-
const d = n.Fr.e(
|
|
11698
|
+
const d = n.Fr.e(Mt.fromArray(s, 4294967296));
|
|
11747
11699
|
return n.i32[e + 1] & 1073741824 ? i(d) : d;
|
|
11748
11700
|
} else
|
|
11749
11701
|
return n.i32[e] & 2147483648 ? n.Fr.e(n.i32[e] - 4294967296) : n.Fr.e(n.i32[e]);
|
|
@@ -11757,11 +11709,11 @@ class Ql {
|
|
|
11757
11709
|
const i = e.Fr.neg(e.Fr.e("80000000", 16)), s = e.Fr.e("7FFFFFFF", 16);
|
|
11758
11710
|
if (e.Fr.geq(n, i) && e.Fr.leq(n, s)) {
|
|
11759
11711
|
let r;
|
|
11760
|
-
e.Fr.geq(n, e.Fr.zero) ? r =
|
|
11712
|
+
e.Fr.geq(n, e.Fr.zero) ? r = Mt.toNumber(n) : (r = Mt.toNumber(e.Fr.sub(n, i)), r = r - 2147483648, r = 4294967296 + r), e.i32[t >> 2] = r, e.i32[(t >> 2) + 1] = 0;
|
|
11761
11713
|
return;
|
|
11762
11714
|
}
|
|
11763
11715
|
e.i32[t >> 2] = 0, e.i32[(t >> 2) + 1] = 2147483648;
|
|
11764
|
-
const d =
|
|
11716
|
+
const d = Mt.toArray(n, 4294967296);
|
|
11765
11717
|
for (let r = 0; r < e.n32; r++) {
|
|
11766
11718
|
const b = d.length - 1 - r;
|
|
11767
11719
|
b >= 0 ? e.i32[(t >> 2) + 2 + r] = d[b] : e.i32[(t >> 2) + 2 + r] = 0;
|
|
@@ -11774,7 +11726,7 @@ class Ul {
|
|
|
11774
11726
|
const e = new Uint32Array(this.n32);
|
|
11775
11727
|
for (let i = 0; i < this.n32; i++)
|
|
11776
11728
|
e[this.n32 - 1 - i] = this.instance.exports.readSharedRWMemory(i);
|
|
11777
|
-
this.prime =
|
|
11729
|
+
this.prime = Mt.fromArray(e, 4294967296), this.witnessSize = this.instance.exports.getWitnessSize(), this.sanityCheck = n;
|
|
11778
11730
|
}
|
|
11779
11731
|
circom_version() {
|
|
11780
11732
|
return this.instance.exports.getVersion();
|
|
@@ -11784,7 +11736,7 @@ class Ul {
|
|
|
11784
11736
|
const e = Object.keys(t);
|
|
11785
11737
|
let i = 0;
|
|
11786
11738
|
if (e.forEach((s) => {
|
|
11787
|
-
const d =
|
|
11739
|
+
const d = qa(s), r = parseInt(d.slice(0, 8), 16), b = parseInt(d.slice(8, 16), 16), u = Pa(t[s]);
|
|
11788
11740
|
if (typeof this.instance.exports.getInputSignalSize == "function") {
|
|
11789
11741
|
let l = this.instance.exports.getInputSignalSize(r, b);
|
|
11790
11742
|
if (l < 0)
|
|
@@ -11798,7 +11750,7 @@ class Ul {
|
|
|
11798
11750
|
`);
|
|
11799
11751
|
}
|
|
11800
11752
|
for (let l = 0; l < u.length; l++) {
|
|
11801
|
-
const C =
|
|
11753
|
+
const C = ql(Pl(u[l], this.prime), this.n32);
|
|
11802
11754
|
for (let B = 0; B < this.n32; B++)
|
|
11803
11755
|
this.instance.exports.writeSharedRWMemory(B, C[this.n32 - 1 - B]);
|
|
11804
11756
|
try {
|
|
@@ -11818,7 +11770,7 @@ class Ul {
|
|
|
11818
11770
|
const s = new Uint32Array(this.n32);
|
|
11819
11771
|
for (let d = 0; d < this.n32; d++)
|
|
11820
11772
|
s[this.n32 - 1 - d] = this.instance.exports.readSharedRWMemory(d);
|
|
11821
|
-
e.push(
|
|
11773
|
+
e.push(Mt.fromArray(s, 4294967296));
|
|
11822
11774
|
}
|
|
11823
11775
|
return e;
|
|
11824
11776
|
}
|
|
@@ -11842,11 +11794,11 @@ class Ul {
|
|
|
11842
11794
|
return i;
|
|
11843
11795
|
}
|
|
11844
11796
|
}
|
|
11845
|
-
const { unstringifyBigInts:
|
|
11846
|
-
async function
|
|
11847
|
-
const i =
|
|
11797
|
+
const { unstringifyBigInts: zl } = ne;
|
|
11798
|
+
async function Tl(o, t, n, e) {
|
|
11799
|
+
const i = zl(o), s = await ma(t), d = await s.read(s.totalSize);
|
|
11848
11800
|
await s.close();
|
|
11849
|
-
const r = await
|
|
11801
|
+
const r = await Ql(d, e);
|
|
11850
11802
|
if (r.circom_version() === 1) {
|
|
11851
11803
|
const b = await r.calculateBinWitness(i), u = await Ws(n, "wtns", 2, 2);
|
|
11852
11804
|
await xl(u, b, r.prime), await u.close();
|
|
@@ -11860,23 +11812,23 @@ async function Dl(o, t, n, e, i, s) {
|
|
|
11860
11812
|
const d = Rl(o), r = {
|
|
11861
11813
|
type: "mem"
|
|
11862
11814
|
};
|
|
11863
|
-
return await
|
|
11815
|
+
return await Tl(d, t, r, i), await va(n, r, e, s);
|
|
11864
11816
|
}
|
|
11865
11817
|
const { unstringifyBigInts: De } = ne;
|
|
11866
11818
|
async function kl(o, t, n, e) {
|
|
11867
11819
|
const i = De(o), s = De(n), d = De(t), r = await el(i.curve), b = r.G1.fromObject(i.IC[0]), u = new Uint8Array(r.G1.F.n8 * 2 * d.length), l = new Uint8Array(r.Fr.n8 * d.length);
|
|
11868
11820
|
if (!Gl(r, d))
|
|
11869
11821
|
return e && e.error("Public inputs are not valid."), !1;
|
|
11870
|
-
for (let
|
|
11871
|
-
const rt = r.G1.fromObject(i.IC[
|
|
11872
|
-
u.set(rt,
|
|
11822
|
+
for (let T = 0; T < d.length; T++) {
|
|
11823
|
+
const rt = r.G1.fromObject(i.IC[T + 1]);
|
|
11824
|
+
u.set(rt, T * r.G1.F.n8 * 2), Mt.toRprLE(l, r.Fr.n8 * T, d[T], r.Fr.n8);
|
|
11873
11825
|
}
|
|
11874
11826
|
let C = await r.G1.multiExpAffine(u, l);
|
|
11875
11827
|
C = r.G1.add(C, b);
|
|
11876
11828
|
const B = r.G1.fromObject(s.pi_a), A = r.G2.fromObject(s.pi_b), O = r.G1.fromObject(s.pi_c);
|
|
11877
11829
|
if (!Nl(r, { pi_a: B, pi_b: A, pi_c: O }))
|
|
11878
11830
|
return e && e.error("Proof commitments are not valid."), !1;
|
|
11879
|
-
const P = r.G2.fromObject(i.vk_gamma_2), E = r.G2.fromObject(i.vk_delta_2),
|
|
11831
|
+
const P = r.G2.fromObject(i.vk_gamma_2), E = r.G2.fromObject(i.vk_delta_2), z = r.G1.fromObject(i.vk_alpha_1), x = r.G2.fromObject(i.vk_beta_2);
|
|
11880
11832
|
return await r.pairingEq(
|
|
11881
11833
|
r.G1.neg(B),
|
|
11882
11834
|
A,
|
|
@@ -11884,7 +11836,7 @@ async function kl(o, t, n, e) {
|
|
|
11884
11836
|
P,
|
|
11885
11837
|
O,
|
|
11886
11838
|
E,
|
|
11887
|
-
|
|
11839
|
+
z,
|
|
11888
11840
|
x
|
|
11889
11841
|
) ? (e && e.info("OK!"), !0) : (e && e.error("Invalid proof"), !1);
|
|
11890
11842
|
}
|
|
@@ -11894,7 +11846,7 @@ function Nl(o, t) {
|
|
|
11894
11846
|
}
|
|
11895
11847
|
function Gl(o, t) {
|
|
11896
11848
|
for (let n = 0; n < t.length; n++)
|
|
11897
|
-
if (!
|
|
11849
|
+
if (!Mt.lt(t[n], o.r))
|
|
11898
11850
|
return !1;
|
|
11899
11851
|
return !0;
|
|
11900
11852
|
}
|
|
@@ -11920,8 +11872,8 @@ var yi = /* @__PURE__ */ Object.freeze({
|
|
|
11920
11872
|
verify: kl,
|
|
11921
11873
|
exportSolidityCallData: Kl
|
|
11922
11874
|
});
|
|
11923
|
-
|
|
11924
|
-
|
|
11875
|
+
Mt.e("73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001", 16);
|
|
11876
|
+
Mt.e("21888242871839275222246405745257275088548364400416034343698204186575808495617");
|
|
11925
11877
|
var Hl = { exports: {} };
|
|
11926
11878
|
/**
|
|
11927
11879
|
* [js-sha3]{@link https://github.com/emn178/js-sha3}
|
|
@@ -11986,7 +11938,7 @@ var Hl = { exports: {} };
|
|
|
11986
11938
|
0,
|
|
11987
11939
|
2147516424,
|
|
11988
11940
|
2147483648
|
|
11989
|
-
], E = [224, 256, 384, 512],
|
|
11941
|
+
], E = [224, 256, 384, 512], z = [128, 256], x = ["hex", "buffer", "arrayBuffer", "array", "digest"], ot = {
|
|
11990
11942
|
128: 168,
|
|
11991
11943
|
256: 136
|
|
11992
11944
|
};
|
|
@@ -11995,7 +11947,7 @@ var Hl = { exports: {} };
|
|
|
11995
11947
|
}), b && (i.JS_SHA3_NO_ARRAY_BUFFER_IS_VIEW || !ArrayBuffer.isView) && (ArrayBuffer.isView = function(p) {
|
|
11996
11948
|
return typeof p == "object" && p.buffer && p.buffer.constructor === ArrayBuffer;
|
|
11997
11949
|
});
|
|
11998
|
-
for (var
|
|
11950
|
+
for (var T = function(p, a, m) {
|
|
11999
11951
|
return function(c) {
|
|
12000
11952
|
return new At(p, a, p).update(c)[m]();
|
|
12001
11953
|
};
|
|
@@ -12018,12 +11970,12 @@ var Hl = { exports: {} };
|
|
|
12018
11970
|
}
|
|
12019
11971
|
return p;
|
|
12020
11972
|
}, V = function(p, a) {
|
|
12021
|
-
var m =
|
|
11973
|
+
var m = T(p, a, "hex");
|
|
12022
11974
|
return m.create = function() {
|
|
12023
11975
|
return new At(p, a, p);
|
|
12024
11976
|
}, m.update = function(c) {
|
|
12025
11977
|
return m.create().update(c);
|
|
12026
|
-
}, L(m,
|
|
11978
|
+
}, L(m, T, p, a);
|
|
12027
11979
|
}, $ = function(p, a) {
|
|
12028
11980
|
var m = rt(p, a, "hex");
|
|
12029
11981
|
return m.create = function(c) {
|
|
@@ -12038,7 +11990,7 @@ var Hl = { exports: {} };
|
|
|
12038
11990
|
}, c.update = function(w, I, h, S) {
|
|
12039
11991
|
return c.create(I, h, S).update(w);
|
|
12040
11992
|
}, L(c, F, p, a);
|
|
12041
|
-
},
|
|
11993
|
+
}, Q = function(p, a) {
|
|
12042
11994
|
var m = ot[p], c = f(p, a, "hex");
|
|
12043
11995
|
return c.create = function(w, I, h) {
|
|
12044
11996
|
return new Bt(p, a, I).bytepad(["KMAC", h], m).bytepad([w], m);
|
|
@@ -12048,9 +12000,9 @@ var Hl = { exports: {} };
|
|
|
12048
12000
|
}, y = [
|
|
12049
12001
|
{ name: "keccak", padding: B, bits: E, createMethod: V },
|
|
12050
12002
|
{ name: "sha3", padding: A, bits: E, createMethod: V },
|
|
12051
|
-
{ name: "shake", padding: l, bits:
|
|
12052
|
-
{ name: "cshake", padding: C, bits:
|
|
12053
|
-
{ name: "kmac", padding: C, bits:
|
|
12003
|
+
{ name: "shake", padding: l, bits: z, createMethod: $ },
|
|
12004
|
+
{ name: "cshake", padding: C, bits: z, createMethod: X },
|
|
12005
|
+
{ name: "kmac", padding: C, bits: z, createMethod: Q }
|
|
12054
12006
|
], v = {}, D = [], it = 0; it < y.length; ++it)
|
|
12055
12007
|
for (var nt = y[it], K = nt.bits, ct = 0; ct < K.length; ++ct) {
|
|
12056
12008
|
var J = nt.name + "_" + K[ct];
|
|
@@ -12176,9 +12128,9 @@ var Hl = { exports: {} };
|
|
|
12176
12128
|
return this.encode(this.outputBits, !0), At.prototype.finalize.call(this);
|
|
12177
12129
|
};
|
|
12178
12130
|
var pt = function(p) {
|
|
12179
|
-
var a, m, c, w, I, h, S, W, N, at, It, ut, Lt, St, gt, dt, yt, vt, Ut, Vt, Dt, jt,
|
|
12131
|
+
var a, m, c, w, I, h, S, W, N, at, It, ut, Lt, St, gt, dt, yt, vt, Ut, Vt, Dt, jt, zt, Nt, Kt, en, Zt, G, _, g, M, R, q, k, U, j, Y, Z, H, et, ft, _t, lt, bt, mt, Ot, Ct, wt, ht, qt, Ht, Wt, On, pn, Ln, vn, An, bn, Pn, ln, on, wn, ce;
|
|
12180
12132
|
for (c = 0; c < 48; c += 2)
|
|
12181
|
-
w = p[0] ^ p[10] ^ p[20] ^ p[30] ^ p[40], I = p[1] ^ p[11] ^ p[21] ^ p[31] ^ p[41], h = p[2] ^ p[12] ^ p[22] ^ p[32] ^ p[42], S = p[3] ^ p[13] ^ p[23] ^ p[33] ^ p[43], W = p[4] ^ p[14] ^ p[24] ^ p[34] ^ p[44], N = p[5] ^ p[15] ^ p[25] ^ p[35] ^ p[45], at = p[6] ^ p[16] ^ p[26] ^ p[36] ^ p[46], It = p[7] ^ p[17] ^ p[27] ^ p[37] ^ p[47], ut = p[8] ^ p[18] ^ p[28] ^ p[38] ^ p[48], Lt = p[9] ^ p[19] ^ p[29] ^ p[39] ^ p[49], a = ut ^ (h << 1 | S >>> 31), m = Lt ^ (S << 1 | h >>> 31), p[0] ^= a, p[1] ^= m, p[10] ^= a, p[11] ^= m, p[20] ^= a, p[21] ^= m, p[30] ^= a, p[31] ^= m, p[40] ^= a, p[41] ^= m, a = w ^ (W << 1 | N >>> 31), m = I ^ (N << 1 | W >>> 31), p[2] ^= a, p[3] ^= m, p[12] ^= a, p[13] ^= m, p[22] ^= a, p[23] ^= m, p[32] ^= a, p[33] ^= m, p[42] ^= a, p[43] ^= m, a = h ^ (at << 1 | It >>> 31), m = S ^ (It << 1 | at >>> 31), p[4] ^= a, p[5] ^= m, p[14] ^= a, p[15] ^= m, p[24] ^= a, p[25] ^= m, p[34] ^= a, p[35] ^= m, p[44] ^= a, p[45] ^= m, a = W ^ (ut << 1 | Lt >>> 31), m = N ^ (Lt << 1 | ut >>> 31), p[6] ^= a, p[7] ^= m, p[16] ^= a, p[17] ^= m, p[26] ^= a, p[27] ^= m, p[36] ^= a, p[37] ^= m, p[46] ^= a, p[47] ^= m, a = at ^ (w << 1 | I >>> 31), m = It ^ (I << 1 | w >>> 31), p[8] ^= a, p[9] ^= m, p[18] ^= a, p[19] ^= m, p[28] ^= a, p[29] ^= m, p[38] ^= a, p[39] ^= m, p[48] ^= a, p[49] ^= m, St = p[0], gt = p[1], Ot = p[11] << 4 | p[10] >>> 28, Ct = p[10] << 4 | p[11] >>> 28, G = p[20] << 3 | p[21] >>> 29, _ = p[21] << 3 | p[20] >>> 29, ln = p[31] << 9 | p[30] >>> 23, on = p[30] << 9 | p[31] >>> 23, _t = p[40] << 18 | p[41] >>> 14, lt = p[41] << 18 | p[40] >>> 14, k = p[2] << 1 | p[3] >>> 31, U = p[3] << 1 | p[2] >>> 31, dt = p[13] << 12 | p[12] >>> 20, yt = p[12] << 12 | p[13] >>> 20, wt = p[22] << 10 | p[23] >>> 22, ht = p[23] << 10 | p[22] >>> 22, g = p[33] << 13 | p[32] >>> 19,
|
|
12133
|
+
w = p[0] ^ p[10] ^ p[20] ^ p[30] ^ p[40], I = p[1] ^ p[11] ^ p[21] ^ p[31] ^ p[41], h = p[2] ^ p[12] ^ p[22] ^ p[32] ^ p[42], S = p[3] ^ p[13] ^ p[23] ^ p[33] ^ p[43], W = p[4] ^ p[14] ^ p[24] ^ p[34] ^ p[44], N = p[5] ^ p[15] ^ p[25] ^ p[35] ^ p[45], at = p[6] ^ p[16] ^ p[26] ^ p[36] ^ p[46], It = p[7] ^ p[17] ^ p[27] ^ p[37] ^ p[47], ut = p[8] ^ p[18] ^ p[28] ^ p[38] ^ p[48], Lt = p[9] ^ p[19] ^ p[29] ^ p[39] ^ p[49], a = ut ^ (h << 1 | S >>> 31), m = Lt ^ (S << 1 | h >>> 31), p[0] ^= a, p[1] ^= m, p[10] ^= a, p[11] ^= m, p[20] ^= a, p[21] ^= m, p[30] ^= a, p[31] ^= m, p[40] ^= a, p[41] ^= m, a = w ^ (W << 1 | N >>> 31), m = I ^ (N << 1 | W >>> 31), p[2] ^= a, p[3] ^= m, p[12] ^= a, p[13] ^= m, p[22] ^= a, p[23] ^= m, p[32] ^= a, p[33] ^= m, p[42] ^= a, p[43] ^= m, a = h ^ (at << 1 | It >>> 31), m = S ^ (It << 1 | at >>> 31), p[4] ^= a, p[5] ^= m, p[14] ^= a, p[15] ^= m, p[24] ^= a, p[25] ^= m, p[34] ^= a, p[35] ^= m, p[44] ^= a, p[45] ^= m, a = W ^ (ut << 1 | Lt >>> 31), m = N ^ (Lt << 1 | ut >>> 31), p[6] ^= a, p[7] ^= m, p[16] ^= a, p[17] ^= m, p[26] ^= a, p[27] ^= m, p[36] ^= a, p[37] ^= m, p[46] ^= a, p[47] ^= m, a = at ^ (w << 1 | I >>> 31), m = It ^ (I << 1 | w >>> 31), p[8] ^= a, p[9] ^= m, p[18] ^= a, p[19] ^= m, p[28] ^= a, p[29] ^= m, p[38] ^= a, p[39] ^= m, p[48] ^= a, p[49] ^= m, St = p[0], gt = p[1], Ot = p[11] << 4 | p[10] >>> 28, Ct = p[10] << 4 | p[11] >>> 28, G = p[20] << 3 | p[21] >>> 29, _ = p[21] << 3 | p[20] >>> 29, ln = p[31] << 9 | p[30] >>> 23, on = p[30] << 9 | p[31] >>> 23, _t = p[40] << 18 | p[41] >>> 14, lt = p[41] << 18 | p[40] >>> 14, k = p[2] << 1 | p[3] >>> 31, U = p[3] << 1 | p[2] >>> 31, dt = p[13] << 12 | p[12] >>> 20, yt = p[12] << 12 | p[13] >>> 20, wt = p[22] << 10 | p[23] >>> 22, ht = p[23] << 10 | p[22] >>> 22, g = p[33] << 13 | p[32] >>> 19, M = p[32] << 13 | p[33] >>> 19, wn = p[42] << 2 | p[43] >>> 30, ce = p[43] << 2 | p[42] >>> 30, pn = p[5] << 30 | p[4] >>> 2, Ln = p[4] << 30 | p[5] >>> 2, j = p[14] << 6 | p[15] >>> 26, Y = p[15] << 6 | p[14] >>> 26, vt = p[25] << 11 | p[24] >>> 21, Ut = p[24] << 11 | p[25] >>> 21, qt = p[34] << 15 | p[35] >>> 17, Ht = p[35] << 15 | p[34] >>> 17, R = p[45] << 29 | p[44] >>> 3, q = p[44] << 29 | p[45] >>> 3, Nt = p[6] << 28 | p[7] >>> 4, Kt = p[7] << 28 | p[6] >>> 4, vn = p[17] << 23 | p[16] >>> 9, An = p[16] << 23 | p[17] >>> 9, Z = p[26] << 25 | p[27] >>> 7, H = p[27] << 25 | p[26] >>> 7, Vt = p[36] << 21 | p[37] >>> 11, Dt = p[37] << 21 | p[36] >>> 11, Wt = p[47] << 24 | p[46] >>> 8, On = p[46] << 24 | p[47] >>> 8, bt = p[8] << 27 | p[9] >>> 5, mt = p[9] << 27 | p[8] >>> 5, en = p[18] << 20 | p[19] >>> 12, Zt = p[19] << 20 | p[18] >>> 12, bn = p[29] << 7 | p[28] >>> 25, Pn = p[28] << 7 | p[29] >>> 25, et = p[38] << 8 | p[39] >>> 24, ft = p[39] << 8 | p[38] >>> 24, jt = p[48] << 14 | p[49] >>> 18, zt = p[49] << 14 | p[48] >>> 18, p[0] = St ^ ~dt & vt, p[1] = gt ^ ~yt & Ut, p[10] = Nt ^ ~en & G, p[11] = Kt ^ ~Zt & _, p[20] = k ^ ~j & Z, p[21] = U ^ ~Y & H, p[30] = bt ^ ~Ot & wt, p[31] = mt ^ ~Ct & ht, p[40] = pn ^ ~vn & bn, p[41] = Ln ^ ~An & Pn, p[2] = dt ^ ~vt & Vt, p[3] = yt ^ ~Ut & Dt, p[12] = en ^ ~G & g, p[13] = Zt ^ ~_ & M, p[22] = j ^ ~Z & et, p[23] = Y ^ ~H & ft, p[32] = Ot ^ ~wt & qt, p[33] = Ct ^ ~ht & Ht, p[42] = vn ^ ~bn & ln, p[43] = An ^ ~Pn & on, p[4] = vt ^ ~Vt & jt, p[5] = Ut ^ ~Dt & zt, p[14] = G ^ ~g & R, p[15] = _ ^ ~M & q, p[24] = Z ^ ~et & _t, p[25] = H ^ ~ft & lt, p[34] = wt ^ ~qt & Wt, p[35] = ht ^ ~Ht & On, p[44] = bn ^ ~ln & wn, p[45] = Pn ^ ~on & ce, p[6] = Vt ^ ~jt & St, p[7] = Dt ^ ~zt & gt, p[16] = g ^ ~R & Nt, p[17] = M ^ ~q & Kt, p[26] = et ^ ~_t & k, p[27] = ft ^ ~lt & U, p[36] = qt ^ ~Wt & bt, p[37] = Ht ^ ~On & mt, p[46] = ln ^ ~wn & pn, p[47] = on ^ ~ce & Ln, p[8] = jt ^ ~St & dt, p[9] = zt ^ ~gt & yt, p[18] = R ^ ~Nt & en, p[19] = q ^ ~Kt & Zt, p[28] = _t ^ ~k & j, p[29] = lt ^ ~U & Y, p[38] = Wt ^ ~bt & Ot, p[39] = On ^ ~mt & Ct, p[48] = wn ^ ~pn & vn, p[49] = ce ^ ~Ln & An, p[0] ^= P[c], p[1] ^= P[c + 1];
|
|
12182
12134
|
};
|
|
12183
12135
|
if (r)
|
|
12184
12136
|
o.exports = v;
|
|
@@ -12187,7 +12139,7 @@ var Hl = { exports: {} };
|
|
|
12187
12139
|
i[D[it]] = v[D[it]];
|
|
12188
12140
|
})();
|
|
12189
12141
|
})(Hl);
|
|
12190
|
-
function
|
|
12142
|
+
function Qa(o, t) {
|
|
12191
12143
|
return function() {
|
|
12192
12144
|
return o.apply(t, arguments);
|
|
12193
12145
|
};
|
|
@@ -12199,10 +12151,10 @@ const { toString: Vl } = Object.prototype, { getPrototypeOf: mo } = Object, ye =
|
|
|
12199
12151
|
function jl(o) {
|
|
12200
12152
|
return o !== null && !Jn(o) && o.constructor !== null && !Jn(o.constructor) && nn(o.constructor.isBuffer) && o.constructor.isBuffer(o);
|
|
12201
12153
|
}
|
|
12202
|
-
const
|
|
12154
|
+
const Ma = sn("ArrayBuffer");
|
|
12203
12155
|
function $l(o) {
|
|
12204
12156
|
let t;
|
|
12205
|
-
return typeof ArrayBuffer < "u" && ArrayBuffer.isView ? t = ArrayBuffer.isView(o) : t = o && o.buffer &&
|
|
12157
|
+
return typeof ArrayBuffer < "u" && ArrayBuffer.isView ? t = ArrayBuffer.isView(o) : t = o && o.buffer && Ma(o.buffer), t;
|
|
12206
12158
|
}
|
|
12207
12159
|
const Yl = Ie("string"), nn = Ie("function"), Ua = Ie("number"), Ce = (o) => o !== null && typeof o == "object", Zl = (o) => o === !0 || o === !1, de = (o) => {
|
|
12208
12160
|
if (ye(o) !== "object")
|
|
@@ -12228,7 +12180,7 @@ function ie(o, t, { allOwnKeys: n = !1 } = {}) {
|
|
|
12228
12180
|
r = s[e], t.call(null, o[r], r, o);
|
|
12229
12181
|
}
|
|
12230
12182
|
}
|
|
12231
|
-
function
|
|
12183
|
+
function za(o, t) {
|
|
12232
12184
|
t = t.toLowerCase();
|
|
12233
12185
|
const n = Object.keys(o);
|
|
12234
12186
|
let e = n.length, i;
|
|
@@ -12237,10 +12189,10 @@ function Ta(o, t) {
|
|
|
12237
12189
|
return i;
|
|
12238
12190
|
return null;
|
|
12239
12191
|
}
|
|
12240
|
-
const
|
|
12192
|
+
const Ta = typeof globalThis < "u" ? globalThis : typeof self < "u" ? self : typeof window < "u" ? window : global, Ra = (o) => !Jn(o) && o !== Ta;
|
|
12241
12193
|
function io() {
|
|
12242
12194
|
const { caseless: o } = Ra(this) && this || {}, t = {}, n = (e, i) => {
|
|
12243
|
-
const s = o &&
|
|
12195
|
+
const s = o && za(t, i) || i;
|
|
12244
12196
|
de(t[s]) && de(e) ? t[s] = io(t[s], e) : de(e) ? t[s] = io({}, e) : Dn(e) ? t[s] = e.slice() : t[s] = e;
|
|
12245
12197
|
};
|
|
12246
12198
|
for (let e = 0, i = arguments.length; e < i; e++)
|
|
@@ -12248,7 +12200,7 @@ function io() {
|
|
|
12248
12200
|
return t;
|
|
12249
12201
|
}
|
|
12250
12202
|
const ar = (o, t, n, { allOwnKeys: e } = {}) => (ie(t, (i, s) => {
|
|
12251
|
-
n && nn(i) ? o[s] =
|
|
12203
|
+
n && nn(i) ? o[s] = Qa(i, n) : o[s] = i;
|
|
12252
12204
|
}, { allOwnKeys: e }), o), cr = (o) => (o.charCodeAt(0) === 65279 && (o = o.slice(1)), o), sr = (o, t, n, e) => {
|
|
12253
12205
|
o.prototype = Object.create(t.prototype, e), o.prototype.constructor = o, Object.defineProperty(o, "super", {
|
|
12254
12206
|
value: t.prototype
|
|
@@ -12361,7 +12313,7 @@ const mr = (o) => {
|
|
|
12361
12313
|
}, wr = sn("AsyncFunction"), Br = (o) => o && (Ce(o) || nn(o)) && nn(o.then) && nn(o.catch);
|
|
12362
12314
|
var tt = {
|
|
12363
12315
|
isArray: Dn,
|
|
12364
|
-
isArrayBuffer:
|
|
12316
|
+
isArrayBuffer: Ma,
|
|
12365
12317
|
isBuffer: jl,
|
|
12366
12318
|
isFormData: er,
|
|
12367
12319
|
isArrayBufferView: $l,
|
|
@@ -12403,8 +12355,8 @@ var tt = {
|
|
|
12403
12355
|
toCamelCase: hr,
|
|
12404
12356
|
noop: br,
|
|
12405
12357
|
toFiniteNumber: yr,
|
|
12406
|
-
findKey:
|
|
12407
|
-
global:
|
|
12358
|
+
findKey: za,
|
|
12359
|
+
global: Ta,
|
|
12408
12360
|
isContextDefined: Ra,
|
|
12409
12361
|
ALPHABET: ka,
|
|
12410
12362
|
generateString: Ir,
|
|
@@ -12504,15 +12456,15 @@ function me(o, t, n) {
|
|
|
12504
12456
|
return tt.isArrayBuffer(O) || tt.isTypedArray(O) ? b && typeof Blob == "function" ? new Blob([O]) : Buffer.from(O) : O;
|
|
12505
12457
|
}
|
|
12506
12458
|
function l(O, P, E) {
|
|
12507
|
-
let
|
|
12459
|
+
let z = O;
|
|
12508
12460
|
if (O && !E && typeof O == "object") {
|
|
12509
12461
|
if (tt.endsWith(P, "{}"))
|
|
12510
12462
|
P = e ? P : P.slice(0, -2), O = JSON.stringify(O);
|
|
12511
|
-
else if (tt.isArray(O) && Fr(O) || (tt.isFileList(O) || tt.endsWith(P, "[]")) && (
|
|
12512
|
-
return P = Ka(P),
|
|
12463
|
+
else if (tt.isArray(O) && Fr(O) || (tt.isFileList(O) || tt.endsWith(P, "[]")) && (z = tt.toArray(O)))
|
|
12464
|
+
return P = Ka(P), z.forEach(function(ot, T) {
|
|
12513
12465
|
!(tt.isUndefined(ot) || ot === null) && t.append(
|
|
12514
12466
|
// eslint-disable-next-line no-nested-ternary
|
|
12515
|
-
d === !0 ? mi([P],
|
|
12467
|
+
d === !0 ? mi([P], T, s) : d === null ? P : P + "[]",
|
|
12516
12468
|
u(ot)
|
|
12517
12469
|
);
|
|
12518
12470
|
}), !1;
|
|
@@ -12528,14 +12480,14 @@ function me(o, t, n) {
|
|
|
12528
12480
|
if (!tt.isUndefined(O)) {
|
|
12529
12481
|
if (C.indexOf(O) !== -1)
|
|
12530
12482
|
throw Error("Circular reference detected in " + P.join("."));
|
|
12531
|
-
C.push(O), tt.forEach(O, function(
|
|
12532
|
-
(!(tt.isUndefined(
|
|
12483
|
+
C.push(O), tt.forEach(O, function(z, x) {
|
|
12484
|
+
(!(tt.isUndefined(z) || z === null) && i.call(
|
|
12533
12485
|
t,
|
|
12534
|
-
|
|
12486
|
+
z,
|
|
12535
12487
|
tt.isString(x) ? x.trim() : x,
|
|
12536
12488
|
P,
|
|
12537
12489
|
B
|
|
12538
|
-
)) === !0 && A(
|
|
12490
|
+
)) === !0 && A(z, P ? P.concat(x) : [x]);
|
|
12539
12491
|
}), C.pop();
|
|
12540
12492
|
}
|
|
12541
12493
|
}
|
|
@@ -12644,7 +12596,7 @@ var ja = {
|
|
|
12644
12596
|
silentJSONParsing: !0,
|
|
12645
12597
|
forcedJSONParsing: !0,
|
|
12646
12598
|
clarifyTimeoutError: !1
|
|
12647
|
-
}, Or = typeof URLSearchParams < "u" ? URLSearchParams : wo, vr = typeof FormData < "u" ? FormData : null, Pr = typeof Blob < "u" ? Blob : null,
|
|
12599
|
+
}, Or = typeof URLSearchParams < "u" ? URLSearchParams : wo, vr = typeof FormData < "u" ? FormData : null, Pr = typeof Blob < "u" ? Blob : null, qr = {
|
|
12648
12600
|
isBrowser: !0,
|
|
12649
12601
|
classes: {
|
|
12650
12602
|
URLSearchParams: Or,
|
|
@@ -12653,25 +12605,25 @@ var ja = {
|
|
|
12653
12605
|
},
|
|
12654
12606
|
protocols: ["http", "https", "file", "blob", "url", "data"]
|
|
12655
12607
|
};
|
|
12656
|
-
const $a = typeof window < "u" && typeof document < "u",
|
|
12608
|
+
const $a = typeof window < "u" && typeof document < "u", Qr = ((o) => $a && ["ReactNative", "NativeScript", "NS"].indexOf(o) < 0)(typeof navigator < "u" && navigator.product), Mr = typeof WorkerGlobalScope < "u" && // eslint-disable-next-line no-undef
|
|
12657
12609
|
self instanceof WorkerGlobalScope && typeof self.importScripts == "function";
|
|
12658
12610
|
var Ur = /* @__PURE__ */ Object.freeze({
|
|
12659
12611
|
__proto__: null,
|
|
12660
12612
|
hasBrowserEnv: $a,
|
|
12661
|
-
hasStandardBrowserEnv:
|
|
12662
|
-
hasStandardBrowserWebWorkerEnv:
|
|
12613
|
+
hasStandardBrowserEnv: Qr,
|
|
12614
|
+
hasStandardBrowserWebWorkerEnv: Mr
|
|
12663
12615
|
}), cn = {
|
|
12664
12616
|
...Ur,
|
|
12665
|
-
...
|
|
12617
|
+
...qr
|
|
12666
12618
|
};
|
|
12667
|
-
function
|
|
12619
|
+
function zr(o, t) {
|
|
12668
12620
|
return me(o, new cn.classes.URLSearchParams(), Object.assign({
|
|
12669
12621
|
visitor: function(n, e, i, s) {
|
|
12670
12622
|
return cn.isNode && tt.isBuffer(n) ? (this.append(e, n.toString("base64")), !1) : s.defaultVisitor.apply(this, arguments);
|
|
12671
12623
|
}
|
|
12672
12624
|
}, t));
|
|
12673
12625
|
}
|
|
12674
|
-
function
|
|
12626
|
+
function Tr(o) {
|
|
12675
12627
|
return tt.matchAll(/\w+|\[(\w*)]/g, o).map((t) => t[0] === "[]" ? "" : t[1] || t[0]);
|
|
12676
12628
|
}
|
|
12677
12629
|
function Rr(o) {
|
|
@@ -12694,7 +12646,7 @@ function Ya(o) {
|
|
|
12694
12646
|
if (tt.isFormData(o) && tt.isFunction(o.entries)) {
|
|
12695
12647
|
const n = {};
|
|
12696
12648
|
return tt.forEachEntry(o, (e, i) => {
|
|
12697
|
-
t(
|
|
12649
|
+
t(Tr(e), i, n, 0);
|
|
12698
12650
|
}), n;
|
|
12699
12651
|
}
|
|
12700
12652
|
return null;
|
|
@@ -12725,7 +12677,7 @@ const Bo = {
|
|
|
12725
12677
|
let r;
|
|
12726
12678
|
if (s) {
|
|
12727
12679
|
if (e.indexOf("application/x-www-form-urlencoded") > -1)
|
|
12728
|
-
return
|
|
12680
|
+
return zr(t, this.formSerializer).toString();
|
|
12729
12681
|
if ((r = tt.isFileList(t)) || e.indexOf("multipart/form-data") > -1) {
|
|
12730
12682
|
const b = this.env && this.env.FormData;
|
|
12731
12683
|
return me(
|
|
@@ -13110,7 +13062,7 @@ var nd = td && function(o) {
|
|
|
13110
13062
|
if (cn.hasStandardBrowserEnv || cn.hasStandardBrowserWebWorkerEnv)
|
|
13111
13063
|
s.setContentType(!1);
|
|
13112
13064
|
else if ((l = s.getContentType()) !== !1) {
|
|
13113
|
-
const [P, ...E] = l ? l.split(";").map((
|
|
13065
|
+
const [P, ...E] = l ? l.split(";").map((z) => z.trim()).filter(Boolean) : [];
|
|
13114
13066
|
s.setContentType([P || "multipart/form-data", ...E].join("; "));
|
|
13115
13067
|
}
|
|
13116
13068
|
}
|
|
@@ -13126,7 +13078,7 @@ var nd = td && function(o) {
|
|
|
13126
13078
|
return;
|
|
13127
13079
|
const P = fn.from(
|
|
13128
13080
|
"getAllResponseHeaders" in C && C.getAllResponseHeaders()
|
|
13129
|
-
),
|
|
13081
|
+
), z = {
|
|
13130
13082
|
data: !d || d === "text" || d === "json" ? C.responseText : C.response,
|
|
13131
13083
|
status: C.status,
|
|
13132
13084
|
statusText: C.statusText,
|
|
@@ -13138,7 +13090,7 @@ var nd = td && function(o) {
|
|
|
13138
13090
|
n(ot), u();
|
|
13139
13091
|
}, function(ot) {
|
|
13140
13092
|
e(ot), u();
|
|
13141
|
-
},
|
|
13093
|
+
}, z), C = null;
|
|
13142
13094
|
}
|
|
13143
13095
|
if ("onloadend" in C ? C.onloadend = A : C.onreadystatechange = function() {
|
|
13144
13096
|
!C || C.readyState !== 4 || C.status === 0 && !(C.responseURL && C.responseURL.indexOf("file:") === 0) || setTimeout(A);
|
|
@@ -13148,10 +13100,10 @@ var nd = td && function(o) {
|
|
|
13148
13100
|
e(new Pt("Network Error", Pt.ERR_NETWORK, o, C)), C = null;
|
|
13149
13101
|
}, C.ontimeout = function() {
|
|
13150
13102
|
let E = o.timeout ? "timeout of " + o.timeout + "ms exceeded" : "timeout exceeded";
|
|
13151
|
-
const
|
|
13103
|
+
const z = o.transitional || ja;
|
|
13152
13104
|
o.timeoutErrorMessage && (E = o.timeoutErrorMessage), e(new Pt(
|
|
13153
13105
|
E,
|
|
13154
|
-
|
|
13106
|
+
z.clarifyTimeoutError ? Pt.ETIMEDOUT : Pt.ECONNABORTED,
|
|
13155
13107
|
o,
|
|
13156
13108
|
C
|
|
13157
13109
|
)), C = null;
|
|
@@ -13159,8 +13111,8 @@ var nd = td && function(o) {
|
|
|
13159
13111
|
const P = o.xsrfHeaderName && o.xsrfCookieName && $r.read(o.xsrfCookieName);
|
|
13160
13112
|
P && s.set(o.xsrfHeaderName, P);
|
|
13161
13113
|
}
|
|
13162
|
-
i === void 0 && s.setContentType(null), "setRequestHeader" in C && tt.forEach(s.toJSON(), function(E,
|
|
13163
|
-
C.setRequestHeader(
|
|
13114
|
+
i === void 0 && s.setContentType(null), "setRequestHeader" in C && tt.forEach(s.toJSON(), function(E, z) {
|
|
13115
|
+
C.setRequestHeader(z, E);
|
|
13164
13116
|
}), tt.isUndefined(o.withCredentials) || (C.withCredentials = !!o.withCredentials), d && d !== "json" && (C.responseType = o.responseType), typeof o.onDownloadProgress == "function" && C.addEventListener("progress", Fi(o.onDownloadProgress, !0)), typeof o.onUploadProgress == "function" && C.upload && C.upload.addEventListener("progress", Fi(o.onUploadProgress)), (o.cancelToken || o.signal) && (b = (P) => {
|
|
13165
13117
|
C && (e(!P || P.type ? new ae(null, o, C) : P), C.abort(), C = null);
|
|
13166
13118
|
}, o.cancelToken && o.cancelToken.subscribe(b), o.signal && (o.signal.aborted ? b() : o.signal.addEventListener("abort", b)));
|
|
@@ -13240,7 +13192,7 @@ function Si(o) {
|
|
|
13240
13192
|
});
|
|
13241
13193
|
}
|
|
13242
13194
|
const Oi = (o) => o instanceof fn ? { ...o } : o;
|
|
13243
|
-
function
|
|
13195
|
+
function Tn(o, t) {
|
|
13244
13196
|
t = t || {};
|
|
13245
13197
|
const n = {};
|
|
13246
13198
|
function e(u, l, C) {
|
|
@@ -13383,7 +13335,7 @@ class pe {
|
|
|
13383
13335
|
}
|
|
13384
13336
|
}
|
|
13385
13337
|
_request(t, n) {
|
|
13386
|
-
typeof t == "string" ? (n = n || {}, n.url = t) : n = t || {}, n =
|
|
13338
|
+
typeof t == "string" ? (n = n || {}, n.url = t) : n = t || {}, n = Tn(this.defaults, n);
|
|
13387
13339
|
const { transitional: e, paramsSerializer: i, headers: s } = n;
|
|
13388
13340
|
e !== void 0 && so.assertOptions(e, {
|
|
13389
13341
|
silentJSONParsing: In.transitional(In.boolean),
|
|
@@ -13442,14 +13394,14 @@ class pe {
|
|
|
13442
13394
|
return l;
|
|
13443
13395
|
}
|
|
13444
13396
|
getUri(t) {
|
|
13445
|
-
t =
|
|
13397
|
+
t = Tn(this.defaults, t);
|
|
13446
13398
|
const n = Ja(t.baseURL, t.url);
|
|
13447
13399
|
return Va(n, t.params, t.paramsSerializer);
|
|
13448
13400
|
}
|
|
13449
13401
|
}
|
|
13450
13402
|
tt.forEach(["delete", "get", "head", "options"], function(t) {
|
|
13451
13403
|
pe.prototype[t] = function(n, e) {
|
|
13452
|
-
return this.request(
|
|
13404
|
+
return this.request(Tn(e || {}, {
|
|
13453
13405
|
method: t,
|
|
13454
13406
|
url: n,
|
|
13455
13407
|
data: (e || {}).data
|
|
@@ -13459,7 +13411,7 @@ tt.forEach(["delete", "get", "head", "options"], function(t) {
|
|
|
13459
13411
|
tt.forEach(["post", "put", "patch"], function(t) {
|
|
13460
13412
|
function n(e) {
|
|
13461
13413
|
return function(s, d, r) {
|
|
13462
|
-
return this.request(
|
|
13414
|
+
return this.request(Tn(r || {}, {
|
|
13463
13415
|
method: t,
|
|
13464
13416
|
headers: e ? {
|
|
13465
13417
|
"Content-Type": "multipart/form-data"
|
|
@@ -13619,9 +13571,9 @@ Object.entries(lo).forEach(([o, t]) => {
|
|
|
13619
13571
|
});
|
|
13620
13572
|
var sd = lo;
|
|
13621
13573
|
function tc(o) {
|
|
13622
|
-
const t = new _e(o), n =
|
|
13574
|
+
const t = new _e(o), n = Qa(_e.prototype.request, t);
|
|
13623
13575
|
return tt.extend(n, _e.prototype, t, { allOwnKeys: !0 }), tt.extend(n, t, null, { allOwnKeys: !0 }), n.create = function(i) {
|
|
13624
|
-
return tc(
|
|
13576
|
+
return tc(Tn(o, i));
|
|
13625
13577
|
}, n;
|
|
13626
13578
|
}
|
|
13627
13579
|
const Rt = tc(Eo);
|
|
@@ -13638,7 +13590,7 @@ Rt.all = function(t) {
|
|
|
13638
13590
|
};
|
|
13639
13591
|
Rt.spread = ad;
|
|
13640
13592
|
Rt.isAxiosError = cd;
|
|
13641
|
-
Rt.mergeConfig =
|
|
13593
|
+
Rt.mergeConfig = Tn;
|
|
13642
13594
|
Rt.AxiosHeaders = fn;
|
|
13643
13595
|
Rt.formToJSON = (o) => Ya(tt.isHTMLForm(o) ? new FormData(o) : o);
|
|
13644
13596
|
Rt.getAdapter = Wa.getAdapter;
|
|
@@ -13660,8 +13612,8 @@ const ro = new nc(), Pi = async (o) => {
|
|
|
13660
13612
|
const B = b.startsWith("https://");
|
|
13661
13613
|
if (Ee && !B) {
|
|
13662
13614
|
Oo ? (b = `libs/hardhat/test/circuits/${n}`, u = `libs/hardhat/test/circuits/${e}`) : !Oo && d && (b = `test/circuits/${n}`, u = `test/circuits/${e}`);
|
|
13663
|
-
const
|
|
13664
|
-
b =
|
|
13615
|
+
const z = require("path");
|
|
13616
|
+
b = z.resolve(b), u = z.resolve(u);
|
|
13665
13617
|
}
|
|
13666
13618
|
Ee && B ? (l = await Pi(b), C = await Pi(u)) : i === r.localhost && !Ee && (b = `${s}/${n}`, u = `${s}/${e}`);
|
|
13667
13619
|
const { proof: A, publicSignals: O } = await yi.fullProve(
|