barretenberg
Loading...
Searching...
No Matches
secp256k1.hpp
1#pragma once
2
3#include "../../fields/field.hpp"
4#include "../../groups/group.hpp"
5#include "../types.hpp"
6
7// NOLINTBEGIN(cppcoreguidelines-avoid-c-arrays)
8namespace secp256k1 {
9
10struct Secp256k1FqParams {
11 static constexpr uint64_t modulus_0 = 0xFFFFFFFEFFFFFC2FULL;
12 static constexpr uint64_t modulus_1 = 0xFFFFFFFFFFFFFFFFULL;
13 static constexpr uint64_t modulus_2 = 0xFFFFFFFFFFFFFFFFULL;
14 static constexpr uint64_t modulus_3 = 0xFFFFFFFFFFFFFFFFULL;
15
16 static constexpr uint64_t r_squared_0 = 8392367050913ULL;
17 static constexpr uint64_t r_squared_1 = 1;
18 static constexpr uint64_t r_squared_2 = 0;
19 static constexpr uint64_t r_squared_3 = 0;
20
21 static constexpr uint64_t coset_generators_0[8]{
22 0x300000b73ULL, 0x400000f44ULL, 0x500001315ULL, 0x6000016e6ULL,
23 0x700001ab7ULL, 0x800001e88ULL, 0x900002259ULL, 0xa0000262aULL,
24 };
25 static constexpr uint64_t coset_generators_1[8]{
26 0, 0, 0, 0, 0, 0, 0, 0,
27 };
28 static constexpr uint64_t coset_generators_2[8]{
29 0, 0, 0, 0, 0, 0, 0, 0,
30 };
31 static constexpr uint64_t coset_generators_3[8]{
32 0, 0, 0, 0, 0, 0, 0, 0,
33 };
34
35 static constexpr uint64_t r_inv = 15580212934572586289ULL;
36
37 static constexpr uint64_t cube_root_0 = 0x58a4361c8e81894eULL;
38 static constexpr uint64_t cube_root_1 = 0x03fde1631c4b80afULL;
39 static constexpr uint64_t cube_root_2 = 0xf8e98978d02e3905ULL;
40 static constexpr uint64_t cube_root_3 = 0x7a4a36aebcbb3d53ULL;
41
42 static constexpr uint64_t primitive_root_0 = 0UL;
43 static constexpr uint64_t primitive_root_1 = 0UL;
44 static constexpr uint64_t primitive_root_2 = 0UL;
45 static constexpr uint64_t primitive_root_3 = 0UL;
46};
47
48struct Secp256k1FrParams {
49 static constexpr uint64_t modulus_0 = 0xBFD25E8CD0364141ULL;
50 static constexpr uint64_t modulus_1 = 0xBAAEDCE6AF48A03BULL;
51 static constexpr uint64_t modulus_2 = 0xFFFFFFFFFFFFFFFEULL;
52 static constexpr uint64_t modulus_3 = 0xFFFFFFFFFFFFFFFFULL;
53
54 static constexpr uint64_t r_squared_0 = 9902555850136342848ULL;
55 static constexpr uint64_t r_squared_1 = 8364476168144746616ULL;
56 static constexpr uint64_t r_squared_2 = 16616019711348246470ULL;
57 static constexpr uint64_t r_squared_3 = 11342065889886772165ULL;
58
59 static constexpr uint64_t r_inv = 5408259542528602431ULL;
60
61 static constexpr uint64_t coset_generators_0[8]{
62 0x40e4273feef0b9bbULL, 0x8111c8b31eba787aULL, 0xc13f6a264e843739ULL, 0x16d0b997e4df5f8ULL,
63 0x419aad0cae17b4b7ULL, 0x81c84e7fdde17376ULL, 0xc1f5eff30dab3235ULL, 0x22391663d74f0f4ULL,
64 };
65 static constexpr uint64_t coset_generators_1[8]{
66 0x5a95af7e9394ded5ULL, 0x9fe6d297e44c3e99ULL, 0xe537f5b135039e5dULL, 0x2a8918ca85bafe22ULL,
67 0x6fda3be3d6725de6ULL, 0xb52b5efd2729bdaaULL, 0xfa7c821677e11d6eULL, 0x3fcda52fc8987d33ULL,
68 };
69 static constexpr uint64_t coset_generators_2[8]{
70 0x6ULL, 0x7ULL, 0x8ULL, 0xaULL, 0xbULL, 0xcULL, 0xdULL, 0xfULL,
71 };
72 static constexpr uint64_t coset_generators_3[8]{
73 0, 0, 0, 0, 0, 0, 0, 0,
74 };
75
76 static constexpr uint64_t cube_root_0 = 0xf07deb3dc9926c9eULL;
77 static constexpr uint64_t cube_root_1 = 0x2c93e7ad83c6944cULL;
78 static constexpr uint64_t cube_root_2 = 0x73a9660652697d91ULL;
79 static constexpr uint64_t cube_root_3 = 0x532840178558d639ULL;
80
81 static constexpr uint64_t endo_minus_b1_lo = 0x6F547FA90ABFE4C3ULL;
82 static constexpr uint64_t endo_minus_b1_mid = 0xE4437ED6010E8828ULL;
83
84 static constexpr uint64_t endo_b2_lo = 0xe86c90e49284eb15ULL;
85 static constexpr uint64_t endo_b2_mid = 0x3086d221a7d46bcdULL;
86
87 static constexpr uint64_t endo_g1_lo = 0xE893209A45DBB031ULL;
88 static constexpr uint64_t endo_g1_mid = 0x3DAA8A1471E8CA7FULL;
89 static constexpr uint64_t endo_g1_hi = 0xE86C90E49284EB15ULL;
90 static constexpr uint64_t endo_g1_hihi = 0x3086D221A7D46BCDULL;
91
92 static constexpr uint64_t endo_g2_lo = 0x1571B4AE8AC47F71ULL;
93 static constexpr uint64_t endo_g2_mid = 0x221208AC9DF506C6ULL;
94 static constexpr uint64_t endo_g2_hi = 0x6F547FA90ABFE4C4ULL;
95 static constexpr uint64_t endo_g2_hihi = 0xE4437ED6010E8828ULL;
96
97 static constexpr uint64_t primitive_root_0 = 0UL;
98 static constexpr uint64_t primitive_root_1 = 0UL;
99 static constexpr uint64_t primitive_root_2 = 0UL;
100 static constexpr uint64_t primitive_root_3 = 0UL;
101};
102
103using fq = barretenberg::field<Secp256k1FqParams>;
104using fr = barretenberg::field<Secp256k1FrParams>;
105
106struct Secp256k1G1Params {
107 static constexpr bool USE_ENDOMORPHISM = false;
108 static constexpr bool can_hash_to_curve = true;
109 static constexpr bool small_elements = true;
110 static constexpr bool has_a = false;
111
112 static constexpr fq b = fq(7);
113 static constexpr fq a = fq(0);
114
115 static constexpr fq one_x =
116 fq(0x59F2815B16F81798UL, 0x029BFCDB2DCE28D9UL, 0x55A06295CE870B07UL, 0x79BE667EF9DCBBACUL).to_montgomery_form();
117 static constexpr fq one_y =
118 fq(0x9C47D08FFB10D4B8UL, 0xFD17B448A6855419UL, 0x5DA4FBFC0E1108A8UL, 0x483ADA7726A3C465UL).to_montgomery_form();
119};
120
121using g1 = barretenberg::
122 group<barretenberg::field<Secp256k1FqParams>, barretenberg::field<Secp256k1FrParams>, Secp256k1G1Params>;
123} // namespace secp256k1
124
125namespace curve {
126class SECP256K1 {
127 public:
128 using ScalarField = secp256k1::fr;
129 using BaseField = secp256k1::fq;
130 using Group = secp256k1::g1;
131 using Element = typename Group::element;
132 using AffineElement = typename Group::affine_element;
133};
134} // namespace curve
135
136// NOLINTEND(cppcoreguidelines-avoid-c-arrays)
barretenberg::group_elements::affine_element
Definition: affine_element.hpp:11
barretenberg::group_elements::element
element class. Implements ecc group arithmetic using Jacobian coordinates See https://hyperelliptic....
Definition: element.hpp:27
barretenberg::group
group class. Represents an elliptic curve group element. Group is parametrised by coordinate_field an...
Definition: group.hpp:29
curve::SECP256K1
Definition: secp256k1.hpp:126
barretenberg::field
Definition: field_declarations.hpp:24
secp256k1::Secp256k1FqParams
Definition: secp256k1.hpp:10
secp256k1::Secp256k1FrParams
Definition: secp256k1.hpp:48
secp256k1::Secp256k1G1Params
Definition: secp256k1.hpp:106
Generated by doxygen 1.9.6