group.hpp

#pragma once
 
#include "../../common/assert.hpp"
#include "./affine_element.hpp"
#include "./element.hpp"
#include "./wnaf.hpp"
#include "barretenberg/common/constexpr_utils.hpp"
#include "barretenberg/crypto/blake3s/blake3s.hpp"
#include <array>
#include <cinttypes>
#include <cstdint>
#include <cstdio>
#include <cstdlib>
namespace barretenberg {
 
template <typename _coordinate_field, typename _subgroup_field, typename GroupParams> class group {
  public:
    // hoist coordinate_field, subgroup_field into the public namespace
    using coordinate_field = _coordinate_field;
    using subgroup_field = _subgroup_field;
    using element = group_elements::element<coordinate_field, subgroup_field, GroupParams>;
    using affine_element = group_elements::affine_element<coordinate_field, subgroup_field, GroupParams>;
    using Fq = coordinate_field;
    using Fr = subgroup_field;
    static constexpr bool USE_ENDOMORPHISM = GroupParams::USE_ENDOMORPHISM;
    static constexpr bool has_a = GroupParams::has_a;
 
    static constexpr element one{ GroupParams::one_x, GroupParams::one_y, coordinate_field::one() };
    static constexpr element point_at_infinity = one.set_infinity();
    static constexpr affine_element affine_one{ GroupParams::one_x, GroupParams::one_y };
    static constexpr affine_element affine_point_at_infinity = affine_one.set_infinity();
    static constexpr coordinate_field curve_a = GroupParams::a;
    static constexpr coordinate_field curve_b = GroupParams::b;
 
    inline static constexpr std::vector<affine_element> derive_generators(
        const std::vector<uint8_t>& domain_separator_bytes,
        const size_t num_generators,
        const size_t starting_index = 0)
    {
        std::vector<affine_element> result;
        const auto domain_hash = blake3::blake3s_constexpr(&domain_separator_bytes[0], domain_separator_bytes.size());
        std::vector<uint8_t> generator_preimage;
        generator_preimage.reserve(64);
        std::copy(domain_hash.begin(), domain_hash.end(), std::back_inserter(generator_preimage));
        for (size_t i = 0; i < 32; ++i) {
            generator_preimage.emplace_back(0);
        }
        for (size_t i = starting_index; i < starting_index + num_generators; ++i) {
            auto generator_index = static_cast<uint32_t>(i);
            uint32_t mask = 0xff;
            generator_preimage[32] = static_cast<uint8_t>(generator_index >> 24);
            generator_preimage[33] = static_cast<uint8_t>((generator_index >> 16) & mask);
            generator_preimage[34] = static_cast<uint8_t>((generator_index >> 8) & mask);
            generator_preimage[35] = static_cast<uint8_t>(generator_index & mask);
            result.push_back(affine_element::hash_to_curve(generator_preimage));
        }
        return result;
    }
 
    inline static constexpr std::vector<affine_element> derive_generators(const std::string_view& domain_separator,
                                                                          const size_t num_generators,
                                                                          const size_t starting_index = 0)
    {
        std::vector<uint8_t> domain_bytes;
        for (char i : domain_separator) {
            domain_bytes.emplace_back(static_cast<unsigned char>(i));
        }
        return derive_generators(domain_bytes, num_generators, starting_index);
    }
 
    BBERG_INLINE static void conditional_negate_affine(const affine_element* src,
                                                       affine_element* dest,
                                                       uint64_t predicate);
};
 
} // namespace barretenberg
 
#ifdef DISABLE_SHENANIGANS
#include "group_impl_int128.tcc"
#else
#include "group_impl_asm.tcc"
#endif