npm - @zkasm/zkevm-rom - Versions diffs - 0.0.1-security → 6.0.1 - Mend

@zkasm/zkevm-rom 0.0.1-security → 6.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @zkasm/zkevm-rom might be problematic. Click here for more details.

Files changed (232) hide show

package/.eslintrc.js +33 -0
package/.github/CODEOWNERS +14 -0
package/.github/ISSUE_TEMPLATE/bug.yml +38 -0
package/.github/ISSUE_TEMPLATE/feature.yml +26 -0
package/.github/ISSUE_TEMPLATE/question.yml +26 -0
package/.github/workflows/main.yaml +40 -0
package/LICENSE +636 -0
package/README.md +23 -5
package/audits/Hexens_Polygon_zkEVM_PUBLIC_27.02.23.pdf +0 -0
package/audits/Polygon-zkEVM-Public-v1.1-verichains-19-03-2024.pdf +0 -0
package/audits/zkEVM-ROM-upgrade-1-Spearbit-30-May.pdf +0 -0
package/audits/zkEVM-ROM-upgrade-2-Spearbit-21-August.pdf +0 -0
package/audits/zkEVM-engagement-1-Spearbit-27-March.pdf +0 -0
package/audits/zkEVM-engagement-2-Spearbit-27-March.pdf +0 -0
package/audits/zkEVM-engagement-3-Spearbit-6-April.pdf +0 -0
package/counters/README.md +45 -0
package/counters/counters-executor.js +80 -0
package/counters/countersConstants.zkasm +370 -0
package/counters/endIncludes.zkasm +18 -0
package/counters/initIncludes.zkasm +2 -0
package/counters/tests/MLOAD32.zkasm +27 -0
package/counters/tests/MLOADX.zkasm +30 -0
package/counters/tests/MSTORE32.zkasm +32 -0
package/counters/tests/MSTOREX.zkasm +36 -0
package/counters/tests/SHLarith.zkasm +28 -0
package/counters/tests/SHLarithBit.zkasm +28 -0
package/counters/tests/SHRarith.zkasm +28 -0
package/counters/tests/SHRarithBit.zkasm +28 -0
package/counters/tests/abs.zkasm +29 -0
package/counters/tests/addBatchHashByteByByte.zkasm +31 -0
package/counters/tests/computeGasSendCall.zkasm +30 -0
package/counters/tests/divArith.zkasm +27 -0
package/counters/tests/expAD.zkasm +30 -0
package/counters/tests/getLenBits.zkasm +30 -0
package/counters/tests/getLenBytes.zkasm +32 -0
package/counters/tests/isEmptyAccount.zkasm +30 -0
package/counters/tests/mulARITH.zkasm +28 -0
package/counters/tests/offsetUtil.zkasm +29 -0
package/counters/tests/opADDMOD.zkasm +28 -0
package/counters/tests/opAdd.zkasm +27 -0
package/counters/tests/opBLOCKHASH.zkasm +28 -0
package/counters/tests/opCALL.zkasm +41 -0
package/counters/tests/opCALLCODE.zkasm +41 -0
package/counters/tests/opCALLDATACOPY.zkasm +28 -0
package/counters/tests/opCALLDATALOAD.zkasm +27 -0
package/counters/tests/opCODECOPY.zkasm +28 -0
package/counters/tests/opCREATE.zkasm +35 -0
package/counters/tests/opCREATE2.zkasm +35 -0
package/counters/tests/opDELEGATECALL.zkasm +35 -0
package/counters/tests/opDIV.zkasm +27 -0
package/counters/tests/opEXP.zkasm +29 -0
package/counters/tests/opEXTCODECOPY.zkasm +29 -0
package/counters/tests/opMOD.zkasm +27 -0
package/counters/tests/opMUL.zkasm +27 -0
package/counters/tests/opMULMOD.zkasm +28 -0
package/counters/tests/opRETURN.zkasm +32 -0
package/counters/tests/opRETURNDATACOPY.zkasm +29 -0
package/counters/tests/opREVERT.zkasm +32 -0
package/counters/tests/opSDIV.zkasm +28 -0
package/counters/tests/opSHA3.zkasm +28 -0
package/counters/tests/opSIGNEXTEND.zkasm +27 -0
package/counters/tests/opSMOD.zkasm +28 -0
package/counters/tests/opSTATICCALL.zkasm +35 -0
package/counters/tests/opSUB.zkasm +27 -0
package/counters/tests/saveMem.zkasm +31 -0
package/docs/opcode-cost-zk-counters.md +315 -0
package/docs/usage-ecrecover.md +51 -0
package/index.js +43 -0
package/main/block-info.zkasm +204 -0
package/main/constants.zkasm +145 -0
package/main/ecrecover/addFpEc.zkasm +31 -0
package/main/ecrecover/checkSqrtFpEc.zkasm +1558 -0
package/main/ecrecover/constEc.zkasm +13 -0
package/main/ecrecover/ecrecover.zkasm +280 -0
package/main/ecrecover/invFnEc.zkasm +44 -0
package/main/ecrecover/invFpEc.zkasm +45 -0
package/main/ecrecover/mulFnEc.zkasm +36 -0
package/main/ecrecover/mulFpEc.zkasm +36 -0
package/main/ecrecover/mulPointEc.zkasm +311 -0
package/main/ecrecover/sqFpEc.zkasm +38 -0
package/main/ecrecover/sqrtFpEc.zkasm +70 -0
package/main/end.zkasm +4 -0
package/main/l2-tx-hash.zkasm +159 -0
package/main/load-change-l2-block-utils.zkasm +11 -0
package/main/load-change-l2-block.zkasm +28 -0
package/main/load-tx-rlp-utils.zkasm +72 -0
package/main/load-tx-rlp.zkasm +431 -0
package/main/main.zkasm +237 -0
package/main/map-opcodes.zkasm +274 -0
package/main/modexp/array_lib/array_add_AGTB.zkasm +123 -0
package/main/modexp/array_lib/array_add_short.zkasm +85 -0
package/main/modexp/array_lib/array_div.zkasm +215 -0
package/main/modexp/array_lib/array_div_long.zkasm +284 -0
package/main/modexp/array_lib/array_div_short.zkasm +222 -0
package/main/modexp/array_lib/array_mul.zkasm +97 -0
package/main/modexp/array_lib/array_mul_long.zkasm +156 -0
package/main/modexp/array_lib/array_mul_short.zkasm +127 -0
package/main/modexp/array_lib/array_square.zkasm +246 -0
package/main/modexp/array_lib/unused/array_add.zkasm +100 -0
package/main/modexp/array_lib/unused/array_is_odd.zkasm +23 -0
package/main/modexp/array_lib/unused/array_is_one.zkasm +33 -0
package/main/modexp/array_lib/unused/array_is_zero.zkasm +34 -0
package/main/modexp/array_lib/unused/array_sub_AGTB.zkasm +111 -0
package/main/modexp/array_lib/unused/array_unshift.zkasm +37 -0
package/main/modexp/array_lib/utils/array_compare.zkasm +82 -0
package/main/modexp/array_lib/utils/array_trim.zkasm +49 -0
package/main/modexp/constants.zkasm +5 -0
package/main/modexp/modexp.zkasm +296 -0
package/main/modexp/modexp_utils.zkasm +230 -0
package/main/opcodes/arithmetic.zkasm +357 -0
package/main/opcodes/block.zkasm +163 -0
package/main/opcodes/calldata-returndata-code.zkasm +619 -0
package/main/opcodes/comparison.zkasm +446 -0
package/main/opcodes/context-information.zkasm +169 -0
package/main/opcodes/create-terminate-context.zkasm +1011 -0
package/main/opcodes/crypto.zkasm +96 -0
package/main/opcodes/flow-control.zkasm +126 -0
package/main/opcodes/logs.zkasm +193 -0
package/main/opcodes/stack-operations.zkasm +658 -0
package/main/opcodes/storage-memory.zkasm +313 -0
package/main/pairings/BN254/addPointBN254.zkasm +245 -0
package/main/pairings/BN254/ecAdd.zkasm +312 -0
package/main/pairings/BN254/ecMul.zkasm +159 -0
package/main/pairings/BN254/escalarMulBN254.zkasm +155 -0
package/main/pairings/BN254/lineDiffPointsBN254.zkasm +83 -0
package/main/pairings/BN254/lineSamePointsBN254.zkasm +96 -0
package/main/pairings/FP12BN254/CYCLOFP12BN254/compressFp12BN254.zkasm +49 -0
package/main/pairings/FP12BN254/CYCLOFP12BN254/decompressFp12BN254.zkasm +236 -0
package/main/pairings/FP12BN254/CYCLOFP12BN254/expByXCompCycloFp12BN254.zkasm +444 -0
package/main/pairings/FP12BN254/CYCLOFP12BN254/squareCompCycloFp12BN254.zkasm +212 -0
package/main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm +228 -0
package/main/pairings/FP12BN254/CYCLOFP12BN254/xBinDecompBN254.zkasm +64 -0
package/main/pairings/FP12BN254/frob2Fp12BN254.zkasm +80 -0
package/main/pairings/FP12BN254/frob3Fp12BN254.zkasm +96 -0
package/main/pairings/FP12BN254/frobFp12BN254.zkasm +96 -0
package/main/pairings/FP12BN254/inverseFp12BN254.zkasm +289 -0
package/main/pairings/FP12BN254/mulFp12BN254.zkasm +408 -0
package/main/pairings/FP12BN254/sparseMulAFp12BN254.zkasm +296 -0
package/main/pairings/FP12BN254/sparseMulBFp12BN254.zkasm +291 -0
package/main/pairings/FP12BN254/squareFp12BN254.zkasm +376 -0
package/main/pairings/FP2BN254/addFp2BN254.zkasm +19 -0
package/main/pairings/FP2BN254/escalarMulFp2BN254.zkasm +20 -0
package/main/pairings/FP2BN254/invFp2BN254.zkasm +66 -0
package/main/pairings/FP2BN254/mulFp2BN254.zkasm +19 -0
package/main/pairings/FP2BN254/squareFp2BN254.zkasm +21 -0
package/main/pairings/FP2BN254/subFp2BN254.zkasm +19 -0
package/main/pairings/FP4BN254/squareFp4BN254.zkasm +76 -0
package/main/pairings/FP6BN254/addFp6BN254.zkasm +59 -0
package/main/pairings/FP6BN254/escalarMulFp6BN254.zkasm +51 -0
package/main/pairings/FP6BN254/inverseFp6BN254.zkasm +208 -0
package/main/pairings/FP6BN254/mulFp6BN254.zkasm +201 -0
package/main/pairings/FP6BN254/sparseMulAFp6BN254.zkasm +65 -0
package/main/pairings/FP6BN254/sparseMulBFp6BN254.zkasm +134 -0
package/main/pairings/FP6BN254/sparseMulCFp6BN254.zkasm +128 -0
package/main/pairings/FP6BN254/squareFp6BN254.zkasm +147 -0
package/main/pairings/FP6BN254/subFp6BN254.zkasm +59 -0
package/main/pairings/FPBN254/addFpBN254.zkasm +29 -0
package/main/pairings/FPBN254/invFpBN254.zkasm +55 -0
package/main/pairings/FPBN254/mulFpBN254.zkasm +29 -0
package/main/pairings/FPBN254/reduceFpBN254.zkasm +25 -0
package/main/pairings/FPBN254/squareFpBN254.zkasm +31 -0
package/main/pairings/FPBN254/subFpBN254.zkasm +36 -0
package/main/pairings/FRBN254/reduceFrBN254.zkasm +25 -0
package/main/pairings/constants.zkasm +62 -0
package/main/pairings/ecPairing.zkasm +244 -0
package/main/pairings/finalExpBN254.zkasm +2095 -0
package/main/pairings/halfPairingBN254.zkasm +428 -0
package/main/pairings/loopLengthBN254.zkasm +75 -0
package/main/pairings/millerLoopBN254.zkasm +741 -0
package/main/pairings/pairingBN254.zkasm +481 -0
package/main/pairings/unused/addFp12BN254.zkasm +130 -0
package/main/pairings/unused/expByXCycloFp12BN254.zkasm +411 -0
package/main/pairings/unused/expFp12BN254.zkasm +333 -0
package/main/pairings/unused/subFp12BN254.zkasm +130 -0
package/main/pairings/unused/xPseudoBinDecompBN254.zkasm +68 -0
package/main/pairings/utilsTests/expCycloFp12BN254.zkasm +334 -0
package/main/precompiled/end.zkasm +42 -0
package/main/precompiled/identity.zkasm +99 -0
package/main/precompiled/pre-ecAdd.zkasm +84 -0
package/main/precompiled/pre-ecMul.zkasm +82 -0
package/main/precompiled/pre-ecPairing.zkasm +72 -0
package/main/precompiled/pre-ecrecover.zkasm +71 -0
package/main/precompiled/pre-modexp.zkasm +367 -0
package/main/precompiled/pre-sha2-256.zkasm +125 -0
package/main/precompiled/revert-precompiled.zkasm +25 -0
package/main/precompiled/selector.zkasm +77 -0
package/main/process-change-l2-block.zkasm +147 -0
package/main/process-tx.zkasm +587 -0
package/main/tables/2-exp.zkasm +260 -0
package/main/touched.zkasm +118 -0
package/main/utils.zkasm +2335 -0
package/main/vars.zkasm +117 -0
package/package.json +62 -3
package/test/bytes-length.zkasm +39 -0
package/test/ecrecover.zkasm +538 -0
package/test/lt4-test.zkasm +38 -0
package/test/mstorex.zkasm +191 -0
package/test/opcalldatacopy.ignore.zkasm +331 -0
package/test/performance/read-push.zkasm +71 -0
package/test/read-push.zkasm +304 -0
package/test/testArrayArith.zkasm +1099 -0
package/test/testArrayUtils.zkasm +335 -0
package/test/testCycloFp12ArithBN254.zkasm +548 -0
package/test/testEcAdd.zkasm +252 -0
package/test/testEcMul.zkasm +231 -0
package/test/testEcPairing.zkasm +436 -0
package/test/testFinalExpBn254.zkasm +139 -0
package/test/testFp12ArithBN254.zkasm +692 -0
package/test/testFp2ArithBN254.zkasm +185 -0
package/test/testFp4ArithBN254.zkasm +128 -0
package/test/testFp6ArithBN254.zkasm +260 -0
package/test/testFpArithBN254.zkasm +159 -0
package/test/testFrArithBN254.zkasm +113 -0
package/test/testHalfPairingBN254.zkasm +285 -0
package/test/testModExp.zkasm +586 -0
package/test/testModExpReturn.zkasm +81 -0
package/test/testPairingBN254.zkasm +463 -0
package/test/testPointArithBN254.zkasm +270 -0
package/test/testSHA256.zkasm +27 -0
package/test/touched-assert.zkasm +59 -0
package/test/utils-expAD.zkasm +48 -0
package/test/utils-getLenBytes.zkasm +36 -0
package/tools/audit-tools/registry-op-checker.js +71 -0
package/tools/get-not-used-labels.js +31 -0
package/tools/helpers/helpers.js +47 -0
package/tools/modexp-utils/README.md +5 -0
package/tools/modexp-utils/modexp-test-gen.js +168 -0
package/tools/modexp-utils/modexp-test-int.sage +37 -0
package/tools/parallel-testing/checker.sh +6 -0
package/tools/parallel-testing/gen-parallel-tests.js +78 -0
package/tools/parallel-testing/parallel-tests-sample/sample.test.js +136 -0
package/tools/run-tests-zkasm.js +83 -0

package/main/pairings/FP12BN254/sparseMulAFp12BN254.zkasm ADDED Viewed

@@ -0,0 +1,296 @@
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; POST: The result is in the range [0,BN254_P) because if falls back to FP6 arithmetic
+;;
+;; sparseMulAFp12BN254:
+;;             in: (a1 + a2·w),(b1 + b2·w) ∈ Fp12, where ai ∈ Fp6, b1 = b12·v and b2 = b22·v + b23·v², with b12,b22,b23 ∈ Fp2
+;;             out: (a1 + a2·w)·(b1 + b2·w) = (c1 + c2·w) ∈ Fp12, where:
+;;                  - c1 = a1·b1 + a2·b2·v
+;;                  - c2 = (a1+a2)·[(b12+b22)·v + b23·v²] - a1·b1 - a2·b2
+;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+VAR GLOBAL sparseMulAFp12BN254_a11_x
+VAR GLOBAL sparseMulAFp12BN254_a11_y
+VAR GLOBAL sparseMulAFp12BN254_a12_x
+VAR GLOBAL sparseMulAFp12BN254_a12_y
+VAR GLOBAL sparseMulAFp12BN254_a13_x
+VAR GLOBAL sparseMulAFp12BN254_a13_y
+VAR GLOBAL sparseMulAFp12BN254_a21_x
+VAR GLOBAL sparseMulAFp12BN254_a21_y
+VAR GLOBAL sparseMulAFp12BN254_a22_x
+VAR GLOBAL sparseMulAFp12BN254_a22_y
+VAR GLOBAL sparseMulAFp12BN254_a23_x
+VAR GLOBAL sparseMulAFp12BN254_a23_y
+VAR GLOBAL sparseMulAFp12BN254_b12_x
+VAR GLOBAL sparseMulAFp12BN254_b12_y
+VAR GLOBAL sparseMulAFp12BN254_b22_x
+VAR GLOBAL sparseMulAFp12BN254_b22_y
+VAR GLOBAL sparseMulAFp12BN254_b23_x
+VAR GLOBAL sparseMulAFp12BN254_b23_y
+VAR GLOBAL sparseMulAFp12BN254_c11_x
+VAR GLOBAL sparseMulAFp12BN254_c11_y
+VAR GLOBAL sparseMulAFp12BN254_c12_x
+VAR GLOBAL sparseMulAFp12BN254_c12_y
+VAR GLOBAL sparseMulAFp12BN254_c13_x
+VAR GLOBAL sparseMulAFp12BN254_c13_y
+VAR GLOBAL sparseMulAFp12BN254_c21_x
+VAR GLOBAL sparseMulAFp12BN254_c21_y
+VAR GLOBAL sparseMulAFp12BN254_c22_x
+VAR GLOBAL sparseMulAFp12BN254_c22_y
+VAR GLOBAL sparseMulAFp12BN254_c23_x
+VAR GLOBAL sparseMulAFp12BN254_c23_y
+VAR GLOBAL sparseMulAFp12BN254_a1b1mul1_x
+VAR GLOBAL sparseMulAFp12BN254_a1b1mul1_y
+VAR GLOBAL sparseMulAFp12BN254_a1b1mul2_x
+VAR GLOBAL sparseMulAFp12BN254_a1b1mul2_y
+VAR GLOBAL sparseMulAFp12BN254_a1b1mul3_x
+VAR GLOBAL sparseMulAFp12BN254_a1b1mul3_y
+VAR GLOBAL sparseMulAFp12BN254_a2b2mul1_x
+VAR GLOBAL sparseMulAFp12BN254_a2b2mul1_y
+VAR GLOBAL sparseMulAFp12BN254_a2b2mul2_x
+VAR GLOBAL sparseMulAFp12BN254_a2b2mul2_y
+VAR GLOBAL sparseMulAFp12BN254_a2b2mul3_x
+VAR GLOBAL sparseMulAFp12BN254_a2b2mul3_y
+VAR GLOBAL sparseMulAFp12BN254_aux2_x
+VAR GLOBAL sparseMulAFp12BN254_aux2_y
+VAR GLOBAL sparseMulAFp12BN254_RR
+sparseMulAFp12BN254:
+        RR              :MSTORE(sparseMulAFp12BN254_RR)
+        ; 1] a1·b1, a2·b2
+        $ => A          :MLOAD(sparseMulAFp12BN254_a11_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a11_y)
+        A               :MSTORE(sparseMulAFp6BN254_a1_x)
+        B               :MSTORE(sparseMulAFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a12_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a12_y)
+        A               :MSTORE(sparseMulAFp6BN254_a2_x)
+        B               :MSTORE(sparseMulAFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a13_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a13_y)
+        A               :MSTORE(sparseMulAFp6BN254_a3_x)
+        B               :MSTORE(sparseMulAFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_b12_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_b12_y)
+        A               :MSTORE(sparseMulAFp6BN254_b2_x)
+        B               :MSTORE(sparseMulAFp6BN254_b2_y), CALL(sparseMulAFp6BN254)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c1_y)
+        A               :MSTORE(sparseMulAFp12BN254_a1b1mul1_x)
+        B               :MSTORE(sparseMulAFp12BN254_a1b1mul1_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c2_y)
+        A               :MSTORE(sparseMulAFp12BN254_a1b1mul2_x)
+        B               :MSTORE(sparseMulAFp12BN254_a1b1mul2_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c3_y)
+        A               :MSTORE(sparseMulAFp12BN254_a1b1mul3_x)
+        B               :MSTORE(sparseMulAFp12BN254_a1b1mul3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a21_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a21_y)
+        A               :MSTORE(sparseMulBFp6BN254_a1_x)
+        B               :MSTORE(sparseMulBFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a22_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a22_y)
+        A               :MSTORE(sparseMulBFp6BN254_a2_x)
+        B               :MSTORE(sparseMulBFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a23_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a23_y)
+        A               :MSTORE(sparseMulBFp6BN254_a3_x)
+        B               :MSTORE(sparseMulBFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_b22_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_b22_y)
+        A               :MSTORE(sparseMulBFp6BN254_b2_x)
+        B               :MSTORE(sparseMulBFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_b23_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_b23_y)
+        A               :MSTORE(sparseMulBFp6BN254_b3_x)
+        B               :MSTORE(sparseMulBFp6BN254_b3_y), CALL(sparseMulBFp6BN254)
+        $ => A          :MLOAD(sparseMulBFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulBFp6BN254_c1_y)
+        A               :MSTORE(sparseMulAFp12BN254_a2b2mul1_x)
+        B               :MSTORE(sparseMulAFp12BN254_a2b2mul1_y)
+        $ => A          :MLOAD(sparseMulBFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulBFp6BN254_c2_y)
+        A               :MSTORE(sparseMulAFp12BN254_a2b2mul2_x)
+        B               :MSTORE(sparseMulAFp12BN254_a2b2mul2_y)
+        $ => A          :MLOAD(sparseMulBFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulBFp6BN254_c3_y)
+        A               :MSTORE(sparseMulAFp12BN254_a2b2mul3_x)
+        B               :MSTORE(sparseMulAFp12BN254_a2b2mul3_y)
+        ; 2] c1 = a1·b1 + a2·b2·v
+        $ => A          :MLOAD(sparseMulAFp12BN254_a2b2mul1_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a2b2mul1_y)
+        A               :MSTORE(sparseMulAFp6BN254_a1_x)
+        B               :MSTORE(sparseMulAFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a2b2mul2_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a2b2mul2_y)
+        A               :MSTORE(sparseMulAFp6BN254_a2_x)
+        B               :MSTORE(sparseMulAFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a2b2mul3_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a2b2mul3_y)
+        A               :MSTORE(sparseMulAFp6BN254_a3_x)
+        B               :MSTORE(sparseMulAFp6BN254_a3_y)
+        1n              :MSTORE(sparseMulAFp6BN254_b2_x)
+        0n              :MSTORE(sparseMulAFp6BN254_b2_y), CALL(sparseMulAFp6BN254)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c1_y)
+        A               :MSTORE(addFp6BN254_a1_x)
+        B               :MSTORE(addFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c2_y)
+        A               :MSTORE(addFp6BN254_a2_x)
+        B               :MSTORE(addFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c3_y)
+        A               :MSTORE(addFp6BN254_a3_x)
+        B               :MSTORE(addFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a1b1mul1_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a1b1mul1_y)
+        A               :MSTORE(addFp6BN254_b1_x)
+        B               :MSTORE(addFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a1b1mul2_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a1b1mul2_y)
+        A               :MSTORE(addFp6BN254_b2_x)
+        B               :MSTORE(addFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a1b1mul3_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a1b1mul3_y)
+        A               :MSTORE(addFp6BN254_b3_x)
+        B               :MSTORE(addFp6BN254_b3_y), CALL(addFp6BN254)
+        $ => A          :MLOAD(addFp6BN254_c1_x)
+        $ => B          :MLOAD(addFp6BN254_c1_y)
+        A               :MSTORE(sparseMulAFp12BN254_c11_x)
+        B               :MSTORE(sparseMulAFp12BN254_c11_y)
+        $ => A          :MLOAD(addFp6BN254_c2_x)
+        $ => B          :MLOAD(addFp6BN254_c2_y)
+        A               :MSTORE(sparseMulAFp12BN254_c12_x)
+        B               :MSTORE(sparseMulAFp12BN254_c12_y)
+        $ => A          :MLOAD(addFp6BN254_c3_x)
+        $ => B          :MLOAD(addFp6BN254_c3_y)
+        A               :MSTORE(sparseMulAFp12BN254_c13_x)
+        B               :MSTORE(sparseMulAFp12BN254_c13_y)
+        ; 3] aux = (b12+b22)·v + b23·v²
+        $ => A          :MLOAD(sparseMulAFp12BN254_b12_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_b12_y)
+        $ => C          :MLOAD(sparseMulAFp12BN254_b22_x)
+        $ => D          :MLOAD(sparseMulAFp12BN254_b22_y), CALL(addFp2BN254)
+        E               :MSTORE(sparseMulAFp12BN254_aux2_x)
+        C               :MSTORE(sparseMulAFp12BN254_aux2_y)
+        ; 4] c2 = (a1+a2)·aux - a1·b1 - a2·b2
+        $ => A          :MLOAD(sparseMulAFp12BN254_a11_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a11_y)
+        A               :MSTORE(addFp6BN254_a1_x)
+        B               :MSTORE(addFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a12_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a12_y)
+        A               :MSTORE(addFp6BN254_a2_x)
+        B               :MSTORE(addFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a13_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a13_y)
+        A               :MSTORE(addFp6BN254_a3_x)
+        B               :MSTORE(addFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a21_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a21_y)
+        A               :MSTORE(addFp6BN254_b1_x)
+        B               :MSTORE(addFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a22_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a22_y)
+        A               :MSTORE(addFp6BN254_b2_x)
+        B               :MSTORE(addFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a23_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a23_y)
+        A               :MSTORE(addFp6BN254_b3_x)
+        B               :MSTORE(addFp6BN254_b3_y), CALL(addFp6BN254)
+        $ => A          :MLOAD(addFp6BN254_c1_x)
+        $ => B          :MLOAD(addFp6BN254_c1_y)
+        A               :MSTORE(sparseMulBFp6BN254_a1_x)
+        B               :MSTORE(sparseMulBFp6BN254_a1_y)
+        $ => A          :MLOAD(addFp6BN254_c2_x)
+        $ => B          :MLOAD(addFp6BN254_c2_y)
+        A               :MSTORE(sparseMulBFp6BN254_a2_x)
+        B               :MSTORE(sparseMulBFp6BN254_a2_y)
+        $ => A          :MLOAD(addFp6BN254_c3_x)
+        $ => B          :MLOAD(addFp6BN254_c3_y)
+        A               :MSTORE(sparseMulBFp6BN254_a3_x)
+        B               :MSTORE(sparseMulBFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_aux2_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_aux2_y)
+        A               :MSTORE(sparseMulBFp6BN254_b2_x)
+        B               :MSTORE(sparseMulBFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_b23_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_b23_y)
+        A               :MSTORE(sparseMulBFp6BN254_b3_x)
+        B               :MSTORE(sparseMulBFp6BN254_b3_y), CALL(sparseMulBFp6BN254)
+        $ => A          :MLOAD(sparseMulBFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulBFp6BN254_c1_y)
+        A               :MSTORE(subFp6BN254_a1_x)
+        B               :MSTORE(subFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulBFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulBFp6BN254_c2_y)
+        A               :MSTORE(subFp6BN254_a2_x)
+        B               :MSTORE(subFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulBFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulBFp6BN254_c3_y)
+        A               :MSTORE(subFp6BN254_a3_x)
+        B               :MSTORE(subFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a1b1mul1_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a1b1mul1_y)
+        A               :MSTORE(subFp6BN254_b1_x)
+        B               :MSTORE(subFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a1b1mul2_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a1b1mul2_y)
+        A               :MSTORE(subFp6BN254_b2_x)
+        B               :MSTORE(subFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a1b1mul3_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a1b1mul3_y)
+        A               :MSTORE(subFp6BN254_b3_x)
+        B               :MSTORE(subFp6BN254_b3_y), CALL(subFp6BN254)
+        $ => A          :MLOAD(subFp6BN254_c1_x)
+        $ => B          :MLOAD(subFp6BN254_c1_y)
+        A               :MSTORE(subFp6BN254_a1_x)
+        B               :MSTORE(subFp6BN254_a1_y)
+        $ => A          :MLOAD(subFp6BN254_c2_x)
+        $ => B          :MLOAD(subFp6BN254_c2_y)
+        A               :MSTORE(subFp6BN254_a2_x)
+        B               :MSTORE(subFp6BN254_a2_y)
+        $ => A          :MLOAD(subFp6BN254_c3_x)
+        $ => B          :MLOAD(subFp6BN254_c3_y)
+        A               :MSTORE(subFp6BN254_a3_x)
+        B               :MSTORE(subFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a2b2mul1_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a2b2mul1_y)
+        A               :MSTORE(subFp6BN254_b1_x)
+        B               :MSTORE(subFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a2b2mul2_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a2b2mul2_y)
+        A               :MSTORE(subFp6BN254_b2_x)
+        B               :MSTORE(subFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulAFp12BN254_a2b2mul3_x)
+        $ => B          :MLOAD(sparseMulAFp12BN254_a2b2mul3_y)
+        A               :MSTORE(subFp6BN254_b3_x)
+        B               :MSTORE(subFp6BN254_b3_y), CALL(subFp6BN254)
+        $ => A          :MLOAD(subFp6BN254_c1_x)
+        $ => B          :MLOAD(subFp6BN254_c1_y)
+        A               :MSTORE(sparseMulAFp12BN254_c21_x)
+        B               :MSTORE(sparseMulAFp12BN254_c21_y)
+        $ => A          :MLOAD(subFp6BN254_c2_x)
+        $ => B          :MLOAD(subFp6BN254_c2_y)
+        A               :MSTORE(sparseMulAFp12BN254_c22_x)
+        B               :MSTORE(sparseMulAFp12BN254_c22_y)
+        $ => A          :MLOAD(subFp6BN254_c3_x)
+        $ => B          :MLOAD(subFp6BN254_c3_y)
+        A               :MSTORE(sparseMulAFp12BN254_c23_x)
+        B               :MSTORE(sparseMulAFp12BN254_c23_y)
+        $ => RR         :MLOAD(sparseMulAFp12BN254_RR)
+                        :RETURN

package/main/pairings/FP12BN254/sparseMulBFp12BN254.zkasm ADDED Viewed

@@ -0,0 +1,291 @@
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; POST: The result is in the range [0,BN254_P) because if falls back to FP6 arithmetic
+;;
+;; sparseMulBFp12BN254:
+;;             in: (a1 + a2·w),(b1 + b2·w) ∈ Fp12, where ai ∈ Fp6, b1 = b11 + b13·v² and b2 = b22·v, with b11,b13,b22 ∈ Fp2
+;;             out: (a1 + a2·w)·(b1 + b2·w) = (c1 + c2·w) ∈ Fp12, where:
+;;                  - c1 = a1·b1 + a2·b2·v
+;;                  - c2 = (a1+a2)·(b11 + b22·v + b13·v²) - a1·b1 - a2·b2
+;;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+VAR GLOBAL sparseMulBFp12BN254_a11_x
+VAR GLOBAL sparseMulBFp12BN254_a11_y
+VAR GLOBAL sparseMulBFp12BN254_a12_x
+VAR GLOBAL sparseMulBFp12BN254_a12_y
+VAR GLOBAL sparseMulBFp12BN254_a13_x
+VAR GLOBAL sparseMulBFp12BN254_a13_y
+VAR GLOBAL sparseMulBFp12BN254_a21_x
+VAR GLOBAL sparseMulBFp12BN254_a21_y
+VAR GLOBAL sparseMulBFp12BN254_a22_x
+VAR GLOBAL sparseMulBFp12BN254_a22_y
+VAR GLOBAL sparseMulBFp12BN254_a23_x
+VAR GLOBAL sparseMulBFp12BN254_a23_y
+VAR GLOBAL sparseMulBFp12BN254_b11_x
+VAR GLOBAL sparseMulBFp12BN254_b11_y
+VAR GLOBAL sparseMulBFp12BN254_b13_x
+VAR GLOBAL sparseMulBFp12BN254_b13_y
+VAR GLOBAL sparseMulBFp12BN254_b22_x
+VAR GLOBAL sparseMulBFp12BN254_b22_y
+VAR GLOBAL sparseMulBFp12BN254_c11_x
+VAR GLOBAL sparseMulBFp12BN254_c11_y
+VAR GLOBAL sparseMulBFp12BN254_c12_x
+VAR GLOBAL sparseMulBFp12BN254_c12_y
+VAR GLOBAL sparseMulBFp12BN254_c13_x
+VAR GLOBAL sparseMulBFp12BN254_c13_y
+VAR GLOBAL sparseMulBFp12BN254_c21_x
+VAR GLOBAL sparseMulBFp12BN254_c21_y
+VAR GLOBAL sparseMulBFp12BN254_c22_x
+VAR GLOBAL sparseMulBFp12BN254_c22_y
+VAR GLOBAL sparseMulBFp12BN254_c23_x
+VAR GLOBAL sparseMulBFp12BN254_c23_y
+VAR GLOBAL sparseMulBFp12BN254_a1b1mul1_x
+VAR GLOBAL sparseMulBFp12BN254_a1b1mul1_y
+VAR GLOBAL sparseMulBFp12BN254_a1b1mul2_x
+VAR GLOBAL sparseMulBFp12BN254_a1b1mul2_y
+VAR GLOBAL sparseMulBFp12BN254_a1b1mul3_x
+VAR GLOBAL sparseMulBFp12BN254_a1b1mul3_y
+VAR GLOBAL sparseMulBFp12BN254_a2b2mul1_x
+VAR GLOBAL sparseMulBFp12BN254_a2b2mul1_y
+VAR GLOBAL sparseMulBFp12BN254_a2b2mul2_x
+VAR GLOBAL sparseMulBFp12BN254_a2b2mul2_y
+VAR GLOBAL sparseMulBFp12BN254_a2b2mul3_x
+VAR GLOBAL sparseMulBFp12BN254_a2b2mul3_y
+VAR GLOBAL sparseMulBFp12BN254_RR
+sparseMulBFp12BN254:
+        RR              :MSTORE(sparseMulBFp12BN254_RR)
+        ; 1] a1·b1, a2·b2
+        $ => A          :MLOAD(sparseMulBFp12BN254_a11_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a11_y)
+        A               :MSTORE(sparseMulCFp6BN254_a1_x)
+        B               :MSTORE(sparseMulCFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a12_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a12_y)
+        A               :MSTORE(sparseMulCFp6BN254_a2_x)
+        B               :MSTORE(sparseMulCFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a13_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a13_y)
+        A               :MSTORE(sparseMulCFp6BN254_a3_x)
+        B               :MSTORE(sparseMulCFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_b11_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_b11_y)
+        A               :MSTORE(sparseMulCFp6BN254_b1_x)
+        B               :MSTORE(sparseMulCFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_b13_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_b13_y)
+        A               :MSTORE(sparseMulCFp6BN254_b3_x)
+        B               :MSTORE(sparseMulCFp6BN254_b3_y), CALL(sparseMulCFp6BN254)
+        $ => A          :MLOAD(sparseMulCFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulCFp6BN254_c1_y)
+        A               :MSTORE(sparseMulBFp12BN254_a1b1mul1_x)
+        B               :MSTORE(sparseMulBFp12BN254_a1b1mul1_y)
+        $ => A          :MLOAD(sparseMulCFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulCFp6BN254_c2_y)
+        A               :MSTORE(sparseMulBFp12BN254_a1b1mul2_x)
+        B               :MSTORE(sparseMulBFp12BN254_a1b1mul2_y)
+        $ => A          :MLOAD(sparseMulCFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulCFp6BN254_c3_y)
+        A               :MSTORE(sparseMulBFp12BN254_a1b1mul3_x)
+        B               :MSTORE(sparseMulBFp12BN254_a1b1mul3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a21_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a21_y)
+        A               :MSTORE(sparseMulAFp6BN254_a1_x)
+        B               :MSTORE(sparseMulAFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a22_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a22_y)
+        A               :MSTORE(sparseMulAFp6BN254_a2_x)
+        B               :MSTORE(sparseMulAFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a23_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a23_y)
+        A               :MSTORE(sparseMulAFp6BN254_a3_x)
+        B               :MSTORE(sparseMulAFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_b22_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_b22_y)
+        A               :MSTORE(sparseMulAFp6BN254_b2_x)
+        B               :MSTORE(sparseMulAFp6BN254_b2_y), CALL(sparseMulAFp6BN254)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c1_y)
+        A               :MSTORE(sparseMulBFp12BN254_a2b2mul1_x)
+        B               :MSTORE(sparseMulBFp12BN254_a2b2mul1_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c2_y)
+        A               :MSTORE(sparseMulBFp12BN254_a2b2mul2_x)
+        B               :MSTORE(sparseMulBFp12BN254_a2b2mul2_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c3_y)
+        A               :MSTORE(sparseMulBFp12BN254_a2b2mul3_x)
+        B               :MSTORE(sparseMulBFp12BN254_a2b2mul3_y)
+        ; 2] c1 = a1·b1 + a2·b2·v
+        $ => A          :MLOAD(sparseMulBFp12BN254_a2b2mul1_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a2b2mul1_y)
+        A               :MSTORE(sparseMulAFp6BN254_a1_x)
+        B               :MSTORE(sparseMulAFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a2b2mul2_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a2b2mul2_y)
+        A               :MSTORE(sparseMulAFp6BN254_a2_x)
+        B               :MSTORE(sparseMulAFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a2b2mul3_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a2b2mul3_y)
+        A               :MSTORE(sparseMulAFp6BN254_a3_x)
+        B               :MSTORE(sparseMulAFp6BN254_a3_y)
+        1n              :MSTORE(sparseMulAFp6BN254_b2_x)
+        0n              :MSTORE(sparseMulAFp6BN254_b2_y), CALL(sparseMulAFp6BN254)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c1_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c1_y)
+        A               :MSTORE(addFp6BN254_a1_x)
+        B               :MSTORE(addFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c2_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c2_y)
+        A               :MSTORE(addFp6BN254_a2_x)
+        B               :MSTORE(addFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulAFp6BN254_c3_x)
+        $ => B          :MLOAD(sparseMulAFp6BN254_c3_y)
+        A               :MSTORE(addFp6BN254_a3_x)
+        B               :MSTORE(addFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a1b1mul1_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a1b1mul1_y)
+        A               :MSTORE(addFp6BN254_b1_x)
+        B               :MSTORE(addFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a1b1mul2_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a1b1mul2_y)
+        A               :MSTORE(addFp6BN254_b2_x)
+        B               :MSTORE(addFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a1b1mul3_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a1b1mul3_y)
+        A               :MSTORE(addFp6BN254_b3_x)
+        B               :MSTORE(addFp6BN254_b3_y), CALL(addFp6BN254)
+        $ => A          :MLOAD(addFp6BN254_c1_x)
+        $ => B          :MLOAD(addFp6BN254_c1_y)
+        A               :MSTORE(sparseMulBFp12BN254_c11_x)
+        B               :MSTORE(sparseMulBFp12BN254_c11_y)
+        $ => A          :MLOAD(addFp6BN254_c2_x)
+        $ => B          :MLOAD(addFp6BN254_c2_y)
+        A               :MSTORE(sparseMulBFp12BN254_c12_x)
+        B               :MSTORE(sparseMulBFp12BN254_c12_y)
+        $ => A          :MLOAD(addFp6BN254_c3_x)
+        $ => B          :MLOAD(addFp6BN254_c3_y)
+        A               :MSTORE(sparseMulBFp12BN254_c13_x)
+        B               :MSTORE(sparseMulBFp12BN254_c13_y)
+        ; aux = b11 + b22·v + b13·v²
+        ; 3] c2 = (a1+a2)·aux - a1·b1 - a2·b2
+        $ => A          :MLOAD(sparseMulBFp12BN254_a11_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a11_y)
+        A               :MSTORE(addFp6BN254_a1_x)
+        B               :MSTORE(addFp6BN254_a1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a12_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a12_y)
+        A               :MSTORE(addFp6BN254_a2_x)
+        B               :MSTORE(addFp6BN254_a2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a13_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a13_y)
+        A               :MSTORE(addFp6BN254_a3_x)
+        B               :MSTORE(addFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a21_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a21_y)
+        A               :MSTORE(addFp6BN254_b1_x)
+        B               :MSTORE(addFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a22_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a22_y)
+        A               :MSTORE(addFp6BN254_b2_x)
+        B               :MSTORE(addFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a23_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a23_y)
+        A               :MSTORE(addFp6BN254_b3_x)
+        B               :MSTORE(addFp6BN254_b3_y), CALL(addFp6BN254)
+        $ => A          :MLOAD(addFp6BN254_c1_x)
+        $ => B          :MLOAD(addFp6BN254_c1_y)
+        A               :MSTORE(mulFp6BN254_a1_x)
+        B               :MSTORE(mulFp6BN254_a1_y)
+        $ => A          :MLOAD(addFp6BN254_c2_x)
+        $ => B          :MLOAD(addFp6BN254_c2_y)
+        A               :MSTORE(mulFp6BN254_a2_x)
+        B               :MSTORE(mulFp6BN254_a2_y)
+        $ => A          :MLOAD(addFp6BN254_c3_x)
+        $ => B          :MLOAD(addFp6BN254_c3_y)
+        A               :MSTORE(mulFp6BN254_a3_x)
+        B               :MSTORE(mulFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_b11_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_b11_y)
+        A               :MSTORE(mulFp6BN254_b1_x)
+        B               :MSTORE(mulFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_b22_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_b22_y)
+        A               :MSTORE(mulFp6BN254_b2_x)
+        B               :MSTORE(mulFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_b13_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_b13_y)
+        A               :MSTORE(mulFp6BN254_b3_x)
+        B               :MSTORE(mulFp6BN254_b3_y), CALL(mulFp6BN254)
+        $ => A          :MLOAD(mulFp6BN254_c1_x)
+        $ => B          :MLOAD(mulFp6BN254_c1_y)
+        A               :MSTORE(subFp6BN254_a1_x)
+        B               :MSTORE(subFp6BN254_a1_y)
+        $ => A          :MLOAD(mulFp6BN254_c2_x)
+        $ => B          :MLOAD(mulFp6BN254_c2_y)
+        A               :MSTORE(subFp6BN254_a2_x)
+        B               :MSTORE(subFp6BN254_a2_y)
+        $ => A          :MLOAD(mulFp6BN254_c3_x)
+        $ => B          :MLOAD(mulFp6BN254_c3_y)
+        A               :MSTORE(subFp6BN254_a3_x)
+        B               :MSTORE(subFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a1b1mul1_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a1b1mul1_y)
+        A               :MSTORE(subFp6BN254_b1_x)
+        B               :MSTORE(subFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a1b1mul2_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a1b1mul2_y)
+        A               :MSTORE(subFp6BN254_b2_x)
+        B               :MSTORE(subFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a1b1mul3_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a1b1mul3_y)
+        A               :MSTORE(subFp6BN254_b3_x)
+        B               :MSTORE(subFp6BN254_b3_y), CALL(subFp6BN254)
+        $ => A          :MLOAD(subFp6BN254_c1_x)
+        $ => B          :MLOAD(subFp6BN254_c1_y)
+        A               :MSTORE(subFp6BN254_a1_x)
+        B               :MSTORE(subFp6BN254_a1_y)
+        $ => A          :MLOAD(subFp6BN254_c2_x)
+        $ => B          :MLOAD(subFp6BN254_c2_y)
+        A               :MSTORE(subFp6BN254_a2_x)
+        B               :MSTORE(subFp6BN254_a2_y)
+        $ => A          :MLOAD(subFp6BN254_c3_x)
+        $ => B          :MLOAD(subFp6BN254_c3_y)
+        A               :MSTORE(subFp6BN254_a3_x)
+        B               :MSTORE(subFp6BN254_a3_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a2b2mul1_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a2b2mul1_y)
+        A               :MSTORE(subFp6BN254_b1_x)
+        B               :MSTORE(subFp6BN254_b1_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a2b2mul2_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a2b2mul2_y)
+        A               :MSTORE(subFp6BN254_b2_x)
+        B               :MSTORE(subFp6BN254_b2_y)
+        $ => A          :MLOAD(sparseMulBFp12BN254_a2b2mul3_x)
+        $ => B          :MLOAD(sparseMulBFp12BN254_a2b2mul3_y)
+        A               :MSTORE(subFp6BN254_b3_x)
+        B               :MSTORE(subFp6BN254_b3_y), CALL(subFp6BN254)
+        $ => A          :MLOAD(subFp6BN254_c1_x)
+        $ => B          :MLOAD(subFp6BN254_c1_y)
+        A               :MSTORE(sparseMulBFp12BN254_c21_x)
+        B               :MSTORE(sparseMulBFp12BN254_c21_y)
+        $ => A          :MLOAD(subFp6BN254_c2_x)
+        $ => B          :MLOAD(subFp6BN254_c2_y)
+        A               :MSTORE(sparseMulBFp12BN254_c22_x)
+        B               :MSTORE(sparseMulBFp12BN254_c22_y)
+        $ => A          :MLOAD(subFp6BN254_c3_x)
+        $ => B          :MLOAD(subFp6BN254_c3_y)
+        A               :MSTORE(sparseMulBFp12BN254_c23_x)
+        B               :MSTORE(sparseMulBFp12BN254_c23_y)
+        $ => RR         :MLOAD(sparseMulBFp12BN254_RR)
+                        :RETURN