@zkasm/zkevm-rom 0.0.1-security → 6.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @zkasm/zkevm-rom might be problematic. Click here for more details.
- package/.eslintrc.js +33 -0
- package/.github/CODEOWNERS +14 -0
- package/.github/ISSUE_TEMPLATE/bug.yml +38 -0
- package/.github/ISSUE_TEMPLATE/feature.yml +26 -0
- package/.github/ISSUE_TEMPLATE/question.yml +26 -0
- package/.github/workflows/main.yaml +40 -0
- package/LICENSE +636 -0
- package/README.md +23 -5
- package/audits/Hexens_Polygon_zkEVM_PUBLIC_27.02.23.pdf +0 -0
- package/audits/Polygon-zkEVM-Public-v1.1-verichains-19-03-2024.pdf +0 -0
- package/audits/zkEVM-ROM-upgrade-1-Spearbit-30-May.pdf +0 -0
- package/audits/zkEVM-ROM-upgrade-2-Spearbit-21-August.pdf +0 -0
- package/audits/zkEVM-engagement-1-Spearbit-27-March.pdf +0 -0
- package/audits/zkEVM-engagement-2-Spearbit-27-March.pdf +0 -0
- package/audits/zkEVM-engagement-3-Spearbit-6-April.pdf +0 -0
- package/counters/README.md +45 -0
- package/counters/counters-executor.js +80 -0
- package/counters/countersConstants.zkasm +370 -0
- package/counters/endIncludes.zkasm +18 -0
- package/counters/initIncludes.zkasm +2 -0
- package/counters/tests/MLOAD32.zkasm +27 -0
- package/counters/tests/MLOADX.zkasm +30 -0
- package/counters/tests/MSTORE32.zkasm +32 -0
- package/counters/tests/MSTOREX.zkasm +36 -0
- package/counters/tests/SHLarith.zkasm +28 -0
- package/counters/tests/SHLarithBit.zkasm +28 -0
- package/counters/tests/SHRarith.zkasm +28 -0
- package/counters/tests/SHRarithBit.zkasm +28 -0
- package/counters/tests/abs.zkasm +29 -0
- package/counters/tests/addBatchHashByteByByte.zkasm +31 -0
- package/counters/tests/computeGasSendCall.zkasm +30 -0
- package/counters/tests/divArith.zkasm +27 -0
- package/counters/tests/expAD.zkasm +30 -0
- package/counters/tests/getLenBits.zkasm +30 -0
- package/counters/tests/getLenBytes.zkasm +32 -0
- package/counters/tests/isEmptyAccount.zkasm +30 -0
- package/counters/tests/mulARITH.zkasm +28 -0
- package/counters/tests/offsetUtil.zkasm +29 -0
- package/counters/tests/opADDMOD.zkasm +28 -0
- package/counters/tests/opAdd.zkasm +27 -0
- package/counters/tests/opBLOCKHASH.zkasm +28 -0
- package/counters/tests/opCALL.zkasm +41 -0
- package/counters/tests/opCALLCODE.zkasm +41 -0
- package/counters/tests/opCALLDATACOPY.zkasm +28 -0
- package/counters/tests/opCALLDATALOAD.zkasm +27 -0
- package/counters/tests/opCODECOPY.zkasm +28 -0
- package/counters/tests/opCREATE.zkasm +35 -0
- package/counters/tests/opCREATE2.zkasm +35 -0
- package/counters/tests/opDELEGATECALL.zkasm +35 -0
- package/counters/tests/opDIV.zkasm +27 -0
- package/counters/tests/opEXP.zkasm +29 -0
- package/counters/tests/opEXTCODECOPY.zkasm +29 -0
- package/counters/tests/opMOD.zkasm +27 -0
- package/counters/tests/opMUL.zkasm +27 -0
- package/counters/tests/opMULMOD.zkasm +28 -0
- package/counters/tests/opRETURN.zkasm +32 -0
- package/counters/tests/opRETURNDATACOPY.zkasm +29 -0
- package/counters/tests/opREVERT.zkasm +32 -0
- package/counters/tests/opSDIV.zkasm +28 -0
- package/counters/tests/opSHA3.zkasm +28 -0
- package/counters/tests/opSIGNEXTEND.zkasm +27 -0
- package/counters/tests/opSMOD.zkasm +28 -0
- package/counters/tests/opSTATICCALL.zkasm +35 -0
- package/counters/tests/opSUB.zkasm +27 -0
- package/counters/tests/saveMem.zkasm +31 -0
- package/docs/opcode-cost-zk-counters.md +315 -0
- package/docs/usage-ecrecover.md +51 -0
- package/index.js +43 -0
- package/main/block-info.zkasm +204 -0
- package/main/constants.zkasm +145 -0
- package/main/ecrecover/addFpEc.zkasm +31 -0
- package/main/ecrecover/checkSqrtFpEc.zkasm +1558 -0
- package/main/ecrecover/constEc.zkasm +13 -0
- package/main/ecrecover/ecrecover.zkasm +280 -0
- package/main/ecrecover/invFnEc.zkasm +44 -0
- package/main/ecrecover/invFpEc.zkasm +45 -0
- package/main/ecrecover/mulFnEc.zkasm +36 -0
- package/main/ecrecover/mulFpEc.zkasm +36 -0
- package/main/ecrecover/mulPointEc.zkasm +311 -0
- package/main/ecrecover/sqFpEc.zkasm +38 -0
- package/main/ecrecover/sqrtFpEc.zkasm +70 -0
- package/main/end.zkasm +4 -0
- package/main/l2-tx-hash.zkasm +159 -0
- package/main/load-change-l2-block-utils.zkasm +11 -0
- package/main/load-change-l2-block.zkasm +28 -0
- package/main/load-tx-rlp-utils.zkasm +72 -0
- package/main/load-tx-rlp.zkasm +431 -0
- package/main/main.zkasm +237 -0
- package/main/map-opcodes.zkasm +274 -0
- package/main/modexp/array_lib/array_add_AGTB.zkasm +123 -0
- package/main/modexp/array_lib/array_add_short.zkasm +85 -0
- package/main/modexp/array_lib/array_div.zkasm +215 -0
- package/main/modexp/array_lib/array_div_long.zkasm +284 -0
- package/main/modexp/array_lib/array_div_short.zkasm +222 -0
- package/main/modexp/array_lib/array_mul.zkasm +97 -0
- package/main/modexp/array_lib/array_mul_long.zkasm +156 -0
- package/main/modexp/array_lib/array_mul_short.zkasm +127 -0
- package/main/modexp/array_lib/array_square.zkasm +246 -0
- package/main/modexp/array_lib/unused/array_add.zkasm +100 -0
- package/main/modexp/array_lib/unused/array_is_odd.zkasm +23 -0
- package/main/modexp/array_lib/unused/array_is_one.zkasm +33 -0
- package/main/modexp/array_lib/unused/array_is_zero.zkasm +34 -0
- package/main/modexp/array_lib/unused/array_sub_AGTB.zkasm +111 -0
- package/main/modexp/array_lib/unused/array_unshift.zkasm +37 -0
- package/main/modexp/array_lib/utils/array_compare.zkasm +82 -0
- package/main/modexp/array_lib/utils/array_trim.zkasm +49 -0
- package/main/modexp/constants.zkasm +5 -0
- package/main/modexp/modexp.zkasm +296 -0
- package/main/modexp/modexp_utils.zkasm +230 -0
- package/main/opcodes/arithmetic.zkasm +357 -0
- package/main/opcodes/block.zkasm +163 -0
- package/main/opcodes/calldata-returndata-code.zkasm +619 -0
- package/main/opcodes/comparison.zkasm +446 -0
- package/main/opcodes/context-information.zkasm +169 -0
- package/main/opcodes/create-terminate-context.zkasm +1011 -0
- package/main/opcodes/crypto.zkasm +96 -0
- package/main/opcodes/flow-control.zkasm +126 -0
- package/main/opcodes/logs.zkasm +193 -0
- package/main/opcodes/stack-operations.zkasm +658 -0
- package/main/opcodes/storage-memory.zkasm +313 -0
- package/main/pairings/BN254/addPointBN254.zkasm +245 -0
- package/main/pairings/BN254/ecAdd.zkasm +312 -0
- package/main/pairings/BN254/ecMul.zkasm +159 -0
- package/main/pairings/BN254/escalarMulBN254.zkasm +155 -0
- package/main/pairings/BN254/lineDiffPointsBN254.zkasm +83 -0
- package/main/pairings/BN254/lineSamePointsBN254.zkasm +96 -0
- package/main/pairings/FP12BN254/CYCLOFP12BN254/compressFp12BN254.zkasm +49 -0
- package/main/pairings/FP12BN254/CYCLOFP12BN254/decompressFp12BN254.zkasm +236 -0
- package/main/pairings/FP12BN254/CYCLOFP12BN254/expByXCompCycloFp12BN254.zkasm +444 -0
- package/main/pairings/FP12BN254/CYCLOFP12BN254/squareCompCycloFp12BN254.zkasm +212 -0
- package/main/pairings/FP12BN254/CYCLOFP12BN254/squareCycloFp12BN254.zkasm +228 -0
- package/main/pairings/FP12BN254/CYCLOFP12BN254/xBinDecompBN254.zkasm +64 -0
- package/main/pairings/FP12BN254/frob2Fp12BN254.zkasm +80 -0
- package/main/pairings/FP12BN254/frob3Fp12BN254.zkasm +96 -0
- package/main/pairings/FP12BN254/frobFp12BN254.zkasm +96 -0
- package/main/pairings/FP12BN254/inverseFp12BN254.zkasm +289 -0
- package/main/pairings/FP12BN254/mulFp12BN254.zkasm +408 -0
- package/main/pairings/FP12BN254/sparseMulAFp12BN254.zkasm +296 -0
- package/main/pairings/FP12BN254/sparseMulBFp12BN254.zkasm +291 -0
- package/main/pairings/FP12BN254/squareFp12BN254.zkasm +376 -0
- package/main/pairings/FP2BN254/addFp2BN254.zkasm +19 -0
- package/main/pairings/FP2BN254/escalarMulFp2BN254.zkasm +20 -0
- package/main/pairings/FP2BN254/invFp2BN254.zkasm +66 -0
- package/main/pairings/FP2BN254/mulFp2BN254.zkasm +19 -0
- package/main/pairings/FP2BN254/squareFp2BN254.zkasm +21 -0
- package/main/pairings/FP2BN254/subFp2BN254.zkasm +19 -0
- package/main/pairings/FP4BN254/squareFp4BN254.zkasm +76 -0
- package/main/pairings/FP6BN254/addFp6BN254.zkasm +59 -0
- package/main/pairings/FP6BN254/escalarMulFp6BN254.zkasm +51 -0
- package/main/pairings/FP6BN254/inverseFp6BN254.zkasm +208 -0
- package/main/pairings/FP6BN254/mulFp6BN254.zkasm +201 -0
- package/main/pairings/FP6BN254/sparseMulAFp6BN254.zkasm +65 -0
- package/main/pairings/FP6BN254/sparseMulBFp6BN254.zkasm +134 -0
- package/main/pairings/FP6BN254/sparseMulCFp6BN254.zkasm +128 -0
- package/main/pairings/FP6BN254/squareFp6BN254.zkasm +147 -0
- package/main/pairings/FP6BN254/subFp6BN254.zkasm +59 -0
- package/main/pairings/FPBN254/addFpBN254.zkasm +29 -0
- package/main/pairings/FPBN254/invFpBN254.zkasm +55 -0
- package/main/pairings/FPBN254/mulFpBN254.zkasm +29 -0
- package/main/pairings/FPBN254/reduceFpBN254.zkasm +25 -0
- package/main/pairings/FPBN254/squareFpBN254.zkasm +31 -0
- package/main/pairings/FPBN254/subFpBN254.zkasm +36 -0
- package/main/pairings/FRBN254/reduceFrBN254.zkasm +25 -0
- package/main/pairings/constants.zkasm +62 -0
- package/main/pairings/ecPairing.zkasm +244 -0
- package/main/pairings/finalExpBN254.zkasm +2095 -0
- package/main/pairings/halfPairingBN254.zkasm +428 -0
- package/main/pairings/loopLengthBN254.zkasm +75 -0
- package/main/pairings/millerLoopBN254.zkasm +741 -0
- package/main/pairings/pairingBN254.zkasm +481 -0
- package/main/pairings/unused/addFp12BN254.zkasm +130 -0
- package/main/pairings/unused/expByXCycloFp12BN254.zkasm +411 -0
- package/main/pairings/unused/expFp12BN254.zkasm +333 -0
- package/main/pairings/unused/subFp12BN254.zkasm +130 -0
- package/main/pairings/unused/xPseudoBinDecompBN254.zkasm +68 -0
- package/main/pairings/utilsTests/expCycloFp12BN254.zkasm +334 -0
- package/main/precompiled/end.zkasm +42 -0
- package/main/precompiled/identity.zkasm +99 -0
- package/main/precompiled/pre-ecAdd.zkasm +84 -0
- package/main/precompiled/pre-ecMul.zkasm +82 -0
- package/main/precompiled/pre-ecPairing.zkasm +72 -0
- package/main/precompiled/pre-ecrecover.zkasm +71 -0
- package/main/precompiled/pre-modexp.zkasm +367 -0
- package/main/precompiled/pre-sha2-256.zkasm +125 -0
- package/main/precompiled/revert-precompiled.zkasm +25 -0
- package/main/precompiled/selector.zkasm +77 -0
- package/main/process-change-l2-block.zkasm +147 -0
- package/main/process-tx.zkasm +587 -0
- package/main/tables/2-exp.zkasm +260 -0
- package/main/touched.zkasm +118 -0
- package/main/utils.zkasm +2335 -0
- package/main/vars.zkasm +117 -0
- package/package.json +62 -3
- package/test/bytes-length.zkasm +39 -0
- package/test/ecrecover.zkasm +538 -0
- package/test/lt4-test.zkasm +38 -0
- package/test/mstorex.zkasm +191 -0
- package/test/opcalldatacopy.ignore.zkasm +331 -0
- package/test/performance/read-push.zkasm +71 -0
- package/test/read-push.zkasm +304 -0
- package/test/testArrayArith.zkasm +1099 -0
- package/test/testArrayUtils.zkasm +335 -0
- package/test/testCycloFp12ArithBN254.zkasm +548 -0
- package/test/testEcAdd.zkasm +252 -0
- package/test/testEcMul.zkasm +231 -0
- package/test/testEcPairing.zkasm +436 -0
- package/test/testFinalExpBn254.zkasm +139 -0
- package/test/testFp12ArithBN254.zkasm +692 -0
- package/test/testFp2ArithBN254.zkasm +185 -0
- package/test/testFp4ArithBN254.zkasm +128 -0
- package/test/testFp6ArithBN254.zkasm +260 -0
- package/test/testFpArithBN254.zkasm +159 -0
- package/test/testFrArithBN254.zkasm +113 -0
- package/test/testHalfPairingBN254.zkasm +285 -0
- package/test/testModExp.zkasm +586 -0
- package/test/testModExpReturn.zkasm +81 -0
- package/test/testPairingBN254.zkasm +463 -0
- package/test/testPointArithBN254.zkasm +270 -0
- package/test/testSHA256.zkasm +27 -0
- package/test/touched-assert.zkasm +59 -0
- package/test/utils-expAD.zkasm +48 -0
- package/test/utils-getLenBytes.zkasm +36 -0
- package/tools/audit-tools/registry-op-checker.js +71 -0
- package/tools/get-not-used-labels.js +31 -0
- package/tools/helpers/helpers.js +47 -0
- package/tools/modexp-utils/README.md +5 -0
- package/tools/modexp-utils/modexp-test-gen.js +168 -0
- package/tools/modexp-utils/modexp-test-int.sage +37 -0
- package/tools/parallel-testing/checker.sh +6 -0
- package/tools/parallel-testing/gen-parallel-tests.js +78 -0
- package/tools/parallel-testing/parallel-tests-sample/sample.test.js +136 -0
- package/tools/run-tests-zkasm.js +83 -0
|
@@ -0,0 +1,159 @@
|
|
|
1
|
+
; constants needed by executor C++
|
|
2
|
+
CONST %N = 2**19
|
|
3
|
+
CONST %MAX_CNT_STEPS_LIMIT = %N
|
|
4
|
+
CONST %MAX_CNT_ARITH_LIMIT = %N
|
|
5
|
+
CONST %MAX_CNT_BINARY_LIMIT = %N
|
|
6
|
+
CONST %MAX_CNT_MEM_ALIGN_LIMIT = %N
|
|
7
|
+
CONST %MAX_CNT_KECCAK_F_LIMIT = %N
|
|
8
|
+
CONST %MAX_CNT_PADDING_PG_LIMIT = %N
|
|
9
|
+
CONST %MAX_CNT_POSEIDON_G_LIMIT = %N
|
|
10
|
+
|
|
11
|
+
CONSTL %BN254_P = 21888242871839275222246405745257275088696311157297823662689037894645226208583n
|
|
12
|
+
CONSTL %BN254_P_MINUS_ONE = 21888242871839275222246405745257275088696311157297823662689037894645226208582n
|
|
13
|
+
CONSTL %BN254_P_BY_TWO = 43776485743678550444492811490514550177392622314595647325378075789290452417166n
|
|
14
|
+
|
|
15
|
+
VAR GLOBAL lastHashKId
|
|
16
|
+
VAR GLOBAL lastHashPId
|
|
17
|
+
|
|
18
|
+
VAR GLOBAL initial_A
|
|
19
|
+
VAR GLOBAL initial_B
|
|
20
|
+
VAR GLOBAL initial_C
|
|
21
|
+
VAR GLOBAL initial_D
|
|
22
|
+
VAR GLOBAL initial_E
|
|
23
|
+
VAR GLOBAL initial_CTX
|
|
24
|
+
VAR GLOBAL initial_SP
|
|
25
|
+
VAR GLOBAL initial_PC
|
|
26
|
+
VAR GLOBAL initial_GAS
|
|
27
|
+
VAR GLOBAL initial_SR
|
|
28
|
+
VAR GLOBAL initial_RR
|
|
29
|
+
VAR GLOBAL initial_HASHPOS
|
|
30
|
+
VAR GLOBAL initial_RCX
|
|
31
|
+
|
|
32
|
+
start:
|
|
33
|
+
|
|
34
|
+
STEP => A
|
|
35
|
+
0 :ASSERT
|
|
36
|
+
|
|
37
|
+
|
|
38
|
+
A :MSTORE(initial_A)
|
|
39
|
+
B :MSTORE(initial_B)
|
|
40
|
+
C :MSTORE(initial_C)
|
|
41
|
+
D :MSTORE(initial_D)
|
|
42
|
+
E :MSTORE(initial_E)
|
|
43
|
+
CTX :MSTORE(initial_CTX)
|
|
44
|
+
SP :MSTORE(initial_SP)
|
|
45
|
+
PC :MSTORE(initial_PC)
|
|
46
|
+
GAS :MSTORE(initial_GAS)
|
|
47
|
+
SR :MSTORE(initial_SR)
|
|
48
|
+
RR :MSTORE(initial_RR)
|
|
49
|
+
HASHPOS :MSTORE(initial_HASHPOS)
|
|
50
|
+
RCX :MSTORE(initial_RCX)
|
|
51
|
+
0 => A,B,C,D,E,CTX, SP, PC, GAS, SR, RR, HASHPOS, RCX
|
|
52
|
+
|
|
53
|
+
-1 :MSTORE(lastHashKId)
|
|
54
|
+
-1 :MSTORE(lastHashPId)
|
|
55
|
+
|
|
56
|
+
; 1] Addition
|
|
57
|
+
1n => A
|
|
58
|
+
3n => C
|
|
59
|
+
:CALL(addFpBN254)
|
|
60
|
+
C => A
|
|
61
|
+
4n :ASSERT
|
|
62
|
+
|
|
63
|
+
; 2] Subtraction
|
|
64
|
+
2n => A
|
|
65
|
+
3n => C
|
|
66
|
+
:CALL(subFpBN254)
|
|
67
|
+
C => A
|
|
68
|
+
%BN254_P_MINUS_ONE :ASSERT
|
|
69
|
+
|
|
70
|
+
; 3] Squaring
|
|
71
|
+
${const.BN254_P - 2} => A
|
|
72
|
+
:CALL(squareFpBN254)
|
|
73
|
+
B => A
|
|
74
|
+
4n :ASSERT
|
|
75
|
+
|
|
76
|
+
; 4] Inversion
|
|
77
|
+
0n => A
|
|
78
|
+
:CALL(invFpBN254)
|
|
79
|
+
B => A
|
|
80
|
+
0n :ASSERT
|
|
81
|
+
|
|
82
|
+
%BN254_P + %BN254_P => A
|
|
83
|
+
:CALL(invFpBN254)
|
|
84
|
+
B => A
|
|
85
|
+
0n :ASSERT
|
|
86
|
+
|
|
87
|
+
%BN254_P + %BN254_P + %BN254_P => A
|
|
88
|
+
:CALL(invFpBN254)
|
|
89
|
+
B => A
|
|
90
|
+
0n :ASSERT
|
|
91
|
+
|
|
92
|
+
%BN254_P + %BN254_P + %BN254_P + %BN254_P => A
|
|
93
|
+
:CALL(invFpBN254)
|
|
94
|
+
B => A
|
|
95
|
+
0n :ASSERT
|
|
96
|
+
|
|
97
|
+
%BN254_P + %BN254_P + %BN254_P + %BN254_P + %BN254_P => A
|
|
98
|
+
:CALL(invFpBN254)
|
|
99
|
+
B => A
|
|
100
|
+
0n :ASSERT
|
|
101
|
+
|
|
102
|
+
2n => A
|
|
103
|
+
:CALL(invFpBN254)
|
|
104
|
+
B => A
|
|
105
|
+
10944121435919637611123202872628637544348155578648911831344518947322613104292n :ASSERT
|
|
106
|
+
|
|
107
|
+
; 5] Reduction
|
|
108
|
+
0n => A
|
|
109
|
+
:CALL(reduceFpBN254)
|
|
110
|
+
0n :ASSERT
|
|
111
|
+
|
|
112
|
+
%BN254_P => A
|
|
113
|
+
:CALL(reduceFpBN254)
|
|
114
|
+
0n :ASSERT
|
|
115
|
+
|
|
116
|
+
%BN254_P + 1n => A
|
|
117
|
+
:CALL(reduceFpBN254)
|
|
118
|
+
1n :ASSERT
|
|
119
|
+
|
|
120
|
+
%BN254_P + %BN254_P_MINUS_ONE => A
|
|
121
|
+
:CALL(reduceFpBN254)
|
|
122
|
+
%BN254_P_MINUS_ONE :ASSERT
|
|
123
|
+
|
|
124
|
+
%BN254_P_BY_TWO => A
|
|
125
|
+
:CALL(reduceFpBN254)
|
|
126
|
+
0n :ASSERT
|
|
127
|
+
|
|
128
|
+
|
|
129
|
+
end:
|
|
130
|
+
|
|
131
|
+
$ => A :MLOAD(initial_A)
|
|
132
|
+
$ => B :MLOAD(initial_B)
|
|
133
|
+
$ => C :MLOAD(initial_C)
|
|
134
|
+
$ => D :MLOAD(initial_D)
|
|
135
|
+
$ => E :MLOAD(initial_E)
|
|
136
|
+
$ => CTX :MLOAD(initial_CTX)
|
|
137
|
+
$ => SP :MLOAD(initial_SP)
|
|
138
|
+
$ => PC :MLOAD(initial_PC)
|
|
139
|
+
$ => GAS :MLOAD(initial_GAS)
|
|
140
|
+
$ => SR :MLOAD(initial_SR)
|
|
141
|
+
$ => RR :MLOAD(initial_RR)
|
|
142
|
+
$ => HASHPOS :MLOAD(initial_HASHPOS)
|
|
143
|
+
$ => RCX :MLOAD(initial_RCX)
|
|
144
|
+
|
|
145
|
+
; label finalizeExecution needed by executor C++
|
|
146
|
+
finalizeExecution:
|
|
147
|
+
${beforeLast()} : JMPN(finalizeExecution)
|
|
148
|
+
|
|
149
|
+
: JMP(start)
|
|
150
|
+
opINVALID:
|
|
151
|
+
; label checkAndSaveFrom needed by executor C++
|
|
152
|
+
checkAndSaveFrom:
|
|
153
|
+
:JMP(opINVALID)
|
|
154
|
+
|
|
155
|
+
INCLUDE "../main/pairings/FPBN254/reduceFpBN254.zkasm"
|
|
156
|
+
INCLUDE "../main/pairings/FPBN254/addFpBN254.zkasm"
|
|
157
|
+
INCLUDE "../main/pairings/FPBN254/subFpBN254.zkasm"
|
|
158
|
+
INCLUDE "../main/pairings/FPBN254/squareFpBN254.zkasm"
|
|
159
|
+
INCLUDE "../main/pairings/FPBN254/invFpBN254.zkasm"
|
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
; constants needed by executor C++
|
|
2
|
+
CONST %N = 2**19
|
|
3
|
+
CONST %MAX_CNT_STEPS_LIMIT = %N
|
|
4
|
+
CONST %MAX_CNT_ARITH_LIMIT = %N
|
|
5
|
+
CONST %MAX_CNT_BINARY_LIMIT = %N
|
|
6
|
+
CONST %MAX_CNT_MEM_ALIGN_LIMIT = %N
|
|
7
|
+
CONST %MAX_CNT_KECCAK_F_LIMIT = %N
|
|
8
|
+
CONST %MAX_CNT_PADDING_PG_LIMIT = %N
|
|
9
|
+
CONST %MAX_CNT_POSEIDON_G_LIMIT = %N
|
|
10
|
+
|
|
11
|
+
INCLUDE "../main/pairings/constants.zkasm"
|
|
12
|
+
|
|
13
|
+
VAR GLOBAL lastHashKId
|
|
14
|
+
VAR GLOBAL lastHashPId
|
|
15
|
+
|
|
16
|
+
VAR GLOBAL initial_A
|
|
17
|
+
VAR GLOBAL initial_B
|
|
18
|
+
VAR GLOBAL initial_C
|
|
19
|
+
VAR GLOBAL initial_D
|
|
20
|
+
VAR GLOBAL initial_E
|
|
21
|
+
VAR GLOBAL initial_CTX
|
|
22
|
+
VAR GLOBAL initial_SP
|
|
23
|
+
VAR GLOBAL initial_PC
|
|
24
|
+
VAR GLOBAL initial_GAS
|
|
25
|
+
VAR GLOBAL initial_SR
|
|
26
|
+
VAR GLOBAL initial_RR
|
|
27
|
+
VAR GLOBAL initial_HASHPOS
|
|
28
|
+
VAR GLOBAL initial_RCX
|
|
29
|
+
|
|
30
|
+
start:
|
|
31
|
+
|
|
32
|
+
STEP => A
|
|
33
|
+
0 :ASSERT
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
A :MSTORE(initial_A)
|
|
37
|
+
B :MSTORE(initial_B)
|
|
38
|
+
C :MSTORE(initial_C)
|
|
39
|
+
D :MSTORE(initial_D)
|
|
40
|
+
E :MSTORE(initial_E)
|
|
41
|
+
CTX :MSTORE(initial_CTX)
|
|
42
|
+
SP :MSTORE(initial_SP)
|
|
43
|
+
PC :MSTORE(initial_PC)
|
|
44
|
+
GAS :MSTORE(initial_GAS)
|
|
45
|
+
SR :MSTORE(initial_SR)
|
|
46
|
+
RR :MSTORE(initial_RR)
|
|
47
|
+
HASHPOS :MSTORE(initial_HASHPOS)
|
|
48
|
+
RCX :MSTORE(initial_RCX)
|
|
49
|
+
0 => A,B,C,D,E,CTX, SP, PC, GAS, SR, RR, HASHPOS, RCX
|
|
50
|
+
|
|
51
|
+
-1 :MSTORE(lastHashKId)
|
|
52
|
+
-1 :MSTORE(lastHashPId)
|
|
53
|
+
|
|
54
|
+
; 1] Reduction
|
|
55
|
+
3n => B
|
|
56
|
+
:CALL(reduceFrBN254)
|
|
57
|
+
C => A
|
|
58
|
+
3n => B :ASSERT
|
|
59
|
+
|
|
60
|
+
%BN254_R => B
|
|
61
|
+
:CALL(reduceFrBN254)
|
|
62
|
+
C => A
|
|
63
|
+
0n => B :ASSERT
|
|
64
|
+
|
|
65
|
+
21888242871839275222246405745257275088548364400416034343698204186575808495618n => B
|
|
66
|
+
:CALL(reduceFrBN254)
|
|
67
|
+
C => A
|
|
68
|
+
1n => B :ASSERT
|
|
69
|
+
|
|
70
|
+
%BN254_P => B
|
|
71
|
+
:CALL(reduceFrBN254)
|
|
72
|
+
C => A
|
|
73
|
+
%BN254_SIX_TIMES_X_SQ => B :ASSERT
|
|
74
|
+
|
|
75
|
+
21888242871839275222246405745257275088696311157297823662689037894645226208584n => B
|
|
76
|
+
:CALL(reduceFrBN254)
|
|
77
|
+
C => A
|
|
78
|
+
147946756881789318990833708069417712967n => B :ASSERT
|
|
79
|
+
|
|
80
|
+
115792089237316195423570985008687907853269984665640564039457584007913129639935n => B
|
|
81
|
+
:CALL(reduceFrBN254)
|
|
82
|
+
C => A
|
|
83
|
+
6350874878119819312338956282401532410528162663560392320966563075034087161850n => B :ASSERT
|
|
84
|
+
|
|
85
|
+
|
|
86
|
+
end:
|
|
87
|
+
|
|
88
|
+
$ => A :MLOAD(initial_A)
|
|
89
|
+
$ => B :MLOAD(initial_B)
|
|
90
|
+
$ => C :MLOAD(initial_C)
|
|
91
|
+
$ => D :MLOAD(initial_D)
|
|
92
|
+
$ => E :MLOAD(initial_E)
|
|
93
|
+
$ => CTX :MLOAD(initial_CTX)
|
|
94
|
+
$ => SP :MLOAD(initial_SP)
|
|
95
|
+
$ => PC :MLOAD(initial_PC)
|
|
96
|
+
$ => GAS :MLOAD(initial_GAS)
|
|
97
|
+
$ => SR :MLOAD(initial_SR)
|
|
98
|
+
$ => RR :MLOAD(initial_RR)
|
|
99
|
+
$ => HASHPOS :MLOAD(initial_HASHPOS)
|
|
100
|
+
$ => RCX :MLOAD(initial_RCX)
|
|
101
|
+
|
|
102
|
+
; label finalizeExecution needed by executor C++
|
|
103
|
+
finalizeExecution:
|
|
104
|
+
${beforeLast()} : JMPN(finalizeExecution)
|
|
105
|
+
|
|
106
|
+
: JMP(start)
|
|
107
|
+
opINVALID:
|
|
108
|
+
; label checkAndSaveFrom needed by executor C++
|
|
109
|
+
checkAndSaveFrom:
|
|
110
|
+
:JMP(opINVALID)
|
|
111
|
+
|
|
112
|
+
|
|
113
|
+
INCLUDE "../main/pairings/FRBN254/reduceFrBN254.zkasm"
|
|
@@ -0,0 +1,285 @@
|
|
|
1
|
+
; constants needed by executor C++
|
|
2
|
+
CONST %N = 2**19
|
|
3
|
+
CONST %MAX_CNT_STEPS_LIMIT = %N
|
|
4
|
+
CONST %MAX_CNT_ARITH_LIMIT = %N
|
|
5
|
+
CONST %MAX_CNT_BINARY_LIMIT = %N
|
|
6
|
+
CONST %MAX_CNT_MEM_ALIGN_LIMIT = %N
|
|
7
|
+
CONST %MAX_CNT_KECCAK_F_LIMIT = %N
|
|
8
|
+
CONST %MAX_CNT_PADDING_PG_LIMIT = %N
|
|
9
|
+
CONST %MAX_CNT_POSEIDON_G_LIMIT = %N
|
|
10
|
+
|
|
11
|
+
INCLUDE "../main/pairings/constants.zkasm"
|
|
12
|
+
|
|
13
|
+
VAR GLOBAL lastHashKId
|
|
14
|
+
VAR GLOBAL lastHashPId
|
|
15
|
+
|
|
16
|
+
VAR GLOBAL initial_A
|
|
17
|
+
VAR GLOBAL initial_B
|
|
18
|
+
VAR GLOBAL initial_C
|
|
19
|
+
VAR GLOBAL initial_D
|
|
20
|
+
VAR GLOBAL initial_E
|
|
21
|
+
VAR GLOBAL initial_CTX
|
|
22
|
+
VAR GLOBAL initial_SP
|
|
23
|
+
VAR GLOBAL initial_PC
|
|
24
|
+
VAR GLOBAL initial_GAS
|
|
25
|
+
VAR GLOBAL initial_SR
|
|
26
|
+
VAR GLOBAL initial_RR
|
|
27
|
+
VAR GLOBAL initial_HASHPOS
|
|
28
|
+
VAR GLOBAL initial_RCX
|
|
29
|
+
|
|
30
|
+
start:
|
|
31
|
+
|
|
32
|
+
STEP => A
|
|
33
|
+
0 :ASSERT
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
A :MSTORE(initial_A)
|
|
37
|
+
B :MSTORE(initial_B)
|
|
38
|
+
C :MSTORE(initial_C)
|
|
39
|
+
D :MSTORE(initial_D)
|
|
40
|
+
E :MSTORE(initial_E)
|
|
41
|
+
CTX :MSTORE(initial_CTX)
|
|
42
|
+
SP :MSTORE(initial_SP)
|
|
43
|
+
PC :MSTORE(initial_PC)
|
|
44
|
+
GAS :MSTORE(initial_GAS)
|
|
45
|
+
SR :MSTORE(initial_SR)
|
|
46
|
+
RR :MSTORE(initial_RR)
|
|
47
|
+
HASHPOS :MSTORE(initial_HASHPOS)
|
|
48
|
+
RCX :MSTORE(initial_RCX)
|
|
49
|
+
0 => A,B,C,D,E,CTX, SP, PC, GAS, SR, RR, HASHPOS, RCX
|
|
50
|
+
|
|
51
|
+
-1 :MSTORE(lastHashKId)
|
|
52
|
+
-1 :MSTORE(lastHashPId)
|
|
53
|
+
|
|
54
|
+
; 1] P = Q = 0
|
|
55
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
56
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
57
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
58
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
59
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
60
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
61
|
+
:CALL(halfPairingBN254)
|
|
62
|
+
1n :MLOAD(halfPairingBN254_f11_x)
|
|
63
|
+
0n :MLOAD(halfPairingBN254_f11_y)
|
|
64
|
+
0n :MLOAD(halfPairingBN254_f12_x)
|
|
65
|
+
0n :MLOAD(halfPairingBN254_f12_y)
|
|
66
|
+
0n :MLOAD(halfPairingBN254_f13_x)
|
|
67
|
+
0n :MLOAD(halfPairingBN254_f13_y)
|
|
68
|
+
0n :MLOAD(halfPairingBN254_f21_x)
|
|
69
|
+
0n :MLOAD(halfPairingBN254_f21_y)
|
|
70
|
+
0n :MLOAD(halfPairingBN254_f22_x)
|
|
71
|
+
0n :MLOAD(halfPairingBN254_f22_y)
|
|
72
|
+
0n :MLOAD(halfPairingBN254_f23_x)
|
|
73
|
+
0n :MLOAD(halfPairingBN254_f23_y)
|
|
74
|
+
|
|
75
|
+
; 2] P = 0, Q ∈ G2\{0}
|
|
76
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
77
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
78
|
+
4351401811647638138392695977895401859084096897123577305203754529537814663109n :MSTORE(halfPairingBN254_Q_x1)
|
|
79
|
+
2046729899889901964437012741252570163462327955511008570480857952505584629957n :MSTORE(halfPairingBN254_Q_x2)
|
|
80
|
+
322506915963699862059245473966830598387691259163658767351233132602858049743n :MSTORE(halfPairingBN254_Q_y1)
|
|
81
|
+
14316075702276096164483565793667862351398527813470041574939773541551376891710n :MSTORE(halfPairingBN254_Q_y2)
|
|
82
|
+
:CALL(halfPairingBN254)
|
|
83
|
+
1n :MLOAD(halfPairingBN254_f11_x)
|
|
84
|
+
0n :MLOAD(halfPairingBN254_f11_y)
|
|
85
|
+
0n :MLOAD(halfPairingBN254_f12_x)
|
|
86
|
+
0n :MLOAD(halfPairingBN254_f12_y)
|
|
87
|
+
0n :MLOAD(halfPairingBN254_f13_x)
|
|
88
|
+
0n :MLOAD(halfPairingBN254_f13_y)
|
|
89
|
+
0n :MLOAD(halfPairingBN254_f21_x)
|
|
90
|
+
0n :MLOAD(halfPairingBN254_f21_y)
|
|
91
|
+
0n :MLOAD(halfPairingBN254_f22_x)
|
|
92
|
+
0n :MLOAD(halfPairingBN254_f22_y)
|
|
93
|
+
0n :MLOAD(halfPairingBN254_f23_x)
|
|
94
|
+
0n :MLOAD(halfPairingBN254_f23_y)
|
|
95
|
+
|
|
96
|
+
; 3] P ∈ G1\{0}, Q = 0
|
|
97
|
+
1368015179489954701390400359078579693043519447331113978918064868415326638035n :MSTORE(halfPairingBN254_P_x)
|
|
98
|
+
9918110051302171585080402603319702774565515993150576347155970296011118125764n :MSTORE(halfPairingBN254_P_y)
|
|
99
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
100
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
101
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
102
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
103
|
+
:CALL(halfPairingBN254)
|
|
104
|
+
1n :MLOAD(halfPairingBN254_f11_x)
|
|
105
|
+
0n :MLOAD(halfPairingBN254_f11_y)
|
|
106
|
+
0n :MLOAD(halfPairingBN254_f12_x)
|
|
107
|
+
0n :MLOAD(halfPairingBN254_f12_y)
|
|
108
|
+
0n :MLOAD(halfPairingBN254_f13_x)
|
|
109
|
+
0n :MLOAD(halfPairingBN254_f13_y)
|
|
110
|
+
0n :MLOAD(halfPairingBN254_f21_x)
|
|
111
|
+
0n :MLOAD(halfPairingBN254_f21_y)
|
|
112
|
+
0n :MLOAD(halfPairingBN254_f22_x)
|
|
113
|
+
0n :MLOAD(halfPairingBN254_f22_y)
|
|
114
|
+
0n :MLOAD(halfPairingBN254_f23_x)
|
|
115
|
+
0n :MLOAD(halfPairingBN254_f23_y)
|
|
116
|
+
|
|
117
|
+
; 3] Px too big
|
|
118
|
+
%BN254_P :MSTORE(halfPairingBN254_P_x)
|
|
119
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
120
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
121
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
122
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
123
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
124
|
+
:CALL(halfPairingBN254)
|
|
125
|
+
B => A
|
|
126
|
+
1 :ASSERT
|
|
127
|
+
|
|
128
|
+
; 4] Py too big
|
|
129
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
130
|
+
%BN254_P :MSTORE(halfPairingBN254_P_y)
|
|
131
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
132
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
133
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
134
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
135
|
+
:CALL(halfPairingBN254)
|
|
136
|
+
B => A
|
|
137
|
+
2 :ASSERT
|
|
138
|
+
|
|
139
|
+
; 5] Qx1 too big
|
|
140
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
141
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
142
|
+
%BN254_P :MSTORE(halfPairingBN254_Q_x1)
|
|
143
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
144
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
145
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
146
|
+
:CALL(halfPairingBN254)
|
|
147
|
+
B => A
|
|
148
|
+
3 :ASSERT
|
|
149
|
+
|
|
150
|
+
; 6] Qx2 too big
|
|
151
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
152
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
153
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
154
|
+
%BN254_P :MSTORE(halfPairingBN254_Q_x2)
|
|
155
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
156
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
157
|
+
:CALL(halfPairingBN254)
|
|
158
|
+
B => A
|
|
159
|
+
4 :ASSERT
|
|
160
|
+
|
|
161
|
+
; 7] Qy1 too big
|
|
162
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
163
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
164
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
165
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
166
|
+
%BN254_P :MSTORE(halfPairingBN254_Q_y1)
|
|
167
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
168
|
+
:CALL(halfPairingBN254)
|
|
169
|
+
B => A
|
|
170
|
+
5 :ASSERT
|
|
171
|
+
|
|
172
|
+
; 8] Qy2 too big
|
|
173
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
174
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
175
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
176
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
177
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
178
|
+
%BN254_P :MSTORE(halfPairingBN254_Q_y2)
|
|
179
|
+
:CALL(halfPairingBN254)
|
|
180
|
+
B => A
|
|
181
|
+
6 :ASSERT
|
|
182
|
+
|
|
183
|
+
; 9] P ∉ G1
|
|
184
|
+
1n :MSTORE(halfPairingBN254_P_x)
|
|
185
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
186
|
+
0n :MSTORE(halfPairingBN254_Q_x1)
|
|
187
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
188
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
189
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
190
|
+
:CALL(halfPairingBN254)
|
|
191
|
+
B => A
|
|
192
|
+
7 :ASSERT
|
|
193
|
+
|
|
194
|
+
; 10] Q ∉ G2
|
|
195
|
+
0n :MSTORE(halfPairingBN254_P_x)
|
|
196
|
+
0n :MSTORE(halfPairingBN254_P_y)
|
|
197
|
+
1n :MSTORE(halfPairingBN254_Q_x1)
|
|
198
|
+
0n :MSTORE(halfPairingBN254_Q_x2)
|
|
199
|
+
0n :MSTORE(halfPairingBN254_Q_y1)
|
|
200
|
+
0n :MSTORE(halfPairingBN254_Q_y2)
|
|
201
|
+
:CALL(halfPairingBN254)
|
|
202
|
+
B => A
|
|
203
|
+
8 :ASSERT
|
|
204
|
+
|
|
205
|
+
; 11] Normal example
|
|
206
|
+
1368015179489954701390400359078579693043519447331113978918064868415326638035n :MSTORE(halfPairingBN254_P_x)
|
|
207
|
+
9918110051302171585080402603319702774565515993150576347155970296011118125764n :MSTORE(halfPairingBN254_P_y)
|
|
208
|
+
4351401811647638138392695977895401859084096897123577305203754529537814663109n :MSTORE(halfPairingBN254_Q_x1)
|
|
209
|
+
2046729899889901964437012741252570163462327955511008570480857952505584629957n :MSTORE(halfPairingBN254_Q_x2)
|
|
210
|
+
322506915963699862059245473966830598387691259163658767351233132602858049743n :MSTORE(halfPairingBN254_Q_y1)
|
|
211
|
+
14316075702276096164483565793667862351398527813470041574939773541551376891710n :MSTORE(halfPairingBN254_Q_y2)
|
|
212
|
+
:CALL(halfPairingBN254)
|
|
213
|
+
13640254227245024655838601068231183157721360561601028708811475275217122101072n :MLOAD(halfPairingBN254_f11_x)
|
|
214
|
+
19308417300657558492615098636528930118171456086181403615599560648373004008445n :MLOAD(halfPairingBN254_f11_y)
|
|
215
|
+
11600807028088028070223911119334614254604789223029238428546002219857166268982n :MLOAD(halfPairingBN254_f12_x)
|
|
216
|
+
4879406373235938927297467572708988980645988929154072556290202741257062565094n :MLOAD(halfPairingBN254_f12_y)
|
|
217
|
+
4171685090913488783052266386653991584736187693807813444268445186114207424938n :MLOAD(halfPairingBN254_f13_x)
|
|
218
|
+
1277573873092817905392452044933753278511826457458184982228668801202320403016n :MLOAD(halfPairingBN254_f13_y)
|
|
219
|
+
14431703268682647902296102635071887590346322924866425403256046961671041030534n :MLOAD(halfPairingBN254_f21_x)
|
|
220
|
+
11898392435919290118390574221795784387718317590754683868792519816848089304255n :MLOAD(halfPairingBN254_f21_y)
|
|
221
|
+
583787015380908422861158991038392109634638768690762169717364137330743074526n :MLOAD(halfPairingBN254_f22_x)
|
|
222
|
+
13126870183170761631152540488140870675640427576483291663794972909787720839738n :MLOAD(halfPairingBN254_f22_y)
|
|
223
|
+
6457767870676104874999362178075129079810053093666926870765167604207462152679n :MLOAD(halfPairingBN254_f23_x)
|
|
224
|
+
12911511138445339632082563502636262379527290965988664015632615336010308825090n :MLOAD(halfPairingBN254_f23_y)
|
|
225
|
+
|
|
226
|
+
end:
|
|
227
|
+
|
|
228
|
+
$ => A :MLOAD(initial_A)
|
|
229
|
+
$ => B :MLOAD(initial_B)
|
|
230
|
+
$ => C :MLOAD(initial_C)
|
|
231
|
+
$ => D :MLOAD(initial_D)
|
|
232
|
+
$ => E :MLOAD(initial_E)
|
|
233
|
+
$ => CTX :MLOAD(initial_CTX)
|
|
234
|
+
$ => SP :MLOAD(initial_SP)
|
|
235
|
+
$ => PC :MLOAD(initial_PC)
|
|
236
|
+
$ => GAS :MLOAD(initial_GAS)
|
|
237
|
+
$ => SR :MLOAD(initial_SR)
|
|
238
|
+
$ => RR :MLOAD(initial_RR)
|
|
239
|
+
$ => HASHPOS :MLOAD(initial_HASHPOS)
|
|
240
|
+
$ => RCX :MLOAD(initial_RCX)
|
|
241
|
+
|
|
242
|
+
; label finalizeExecution needed by executor C++
|
|
243
|
+
finalizeExecution:
|
|
244
|
+
${beforeLast()} : JMPN(finalizeExecution)
|
|
245
|
+
|
|
246
|
+
: JMP(start)
|
|
247
|
+
opINVALID:
|
|
248
|
+
; label checkAndSaveFrom needed by executor C++
|
|
249
|
+
checkAndSaveFrom:
|
|
250
|
+
:JMP(opINVALID)
|
|
251
|
+
|
|
252
|
+
INCLUDE "../main/pairings/halfPairingBN254.zkasm"
|
|
253
|
+
|
|
254
|
+
INCLUDE "../main/pairings/FRBN254/reduceFrBN254.zkasm"
|
|
255
|
+
|
|
256
|
+
INCLUDE "../main/pairings/FPBN254/reduceFpBN254.zkasm"
|
|
257
|
+
INCLUDE "../main/pairings/FPBN254/addFpBN254.zkasm"
|
|
258
|
+
INCLUDE "../main/pairings/FPBN254/mulFpBN254.zkasm"
|
|
259
|
+
|
|
260
|
+
INCLUDE "../main/pairings/FP2BN254/addFp2BN254.zkasm"
|
|
261
|
+
INCLUDE "../main/pairings/FP2BN254/subFp2BN254.zkasm"
|
|
262
|
+
INCLUDE "../main/pairings/FP2BN254/mulFp2BN254.zkasm"
|
|
263
|
+
INCLUDE "../main/pairings/FP2BN254/squareFp2BN254.zkasm"
|
|
264
|
+
INCLUDE "../main/pairings/FP2BN254/escalarMulFp2BN254.zkasm"
|
|
265
|
+
INCLUDE "../main/pairings/FP2BN254/invFp2BN254.zkasm"
|
|
266
|
+
|
|
267
|
+
INCLUDE "../main/pairings/FP6BN254/addFp6BN254.zkasm"
|
|
268
|
+
INCLUDE "../main/pairings/FP6BN254/subFp6BN254.zkasm"
|
|
269
|
+
INCLUDE "../main/pairings/FP6BN254/mulFp6BN254.zkasm"
|
|
270
|
+
INCLUDE "../main/pairings/FP6BN254/escalarMulFp6BN254.zkasm"
|
|
271
|
+
INCLUDE "../main/pairings/FP6BN254/sparseMulAFp6BN254.zkasm"
|
|
272
|
+
INCLUDE "../main/pairings/FP6BN254/sparseMulBFp6BN254.zkasm"
|
|
273
|
+
INCLUDE "../main/pairings/FP6BN254/sparseMulCFp6BN254.zkasm"
|
|
274
|
+
|
|
275
|
+
INCLUDE "../main/pairings/FP12BN254/sparseMulAFp12BN254.zkasm"
|
|
276
|
+
INCLUDE "../main/pairings/FP12BN254/sparseMulBFp12BN254.zkasm"
|
|
277
|
+
INCLUDE "../main/pairings/FP12BN254/squareFp12BN254.zkasm"
|
|
278
|
+
|
|
279
|
+
INCLUDE "../main/pairings/BN254/addPointBN254.zkasm"
|
|
280
|
+
INCLUDE "../main/pairings/BN254/escalarMulBN254.zkasm"
|
|
281
|
+
INCLUDE "../main/pairings/BN254/lineSamePointsBN254.zkasm"
|
|
282
|
+
INCLUDE "../main/pairings/BN254/lineDiffPointsBN254.zkasm"
|
|
283
|
+
|
|
284
|
+
INCLUDE "../main/pairings/millerLoopBN254.zkasm"
|
|
285
|
+
INCLUDE "../main/pairings/loopLengthBN254.zkasm"
|