split group_ops

Author: LStan

sdk/pinocchio/src/curves/bn254/addition.rs

@@ -0,0 +1,34 @@
+//! Addition operations on the BN254 curve.
+
+use super::{alt_bn128_group_op, ALT_BN128_G1_POINT_SIZE};
+use crate::program_error::ProgramError;
+
+/// Input size for the add operation.
+pub const ALT_BN128_ADDITION_INPUT_SIZE: usize = ALT_BN128_G1_POINT_SIZE * 2; // 128
+
+/// Output size for the add operation.
+pub const ALT_BN128_ADDITION_OUTPUT_SIZE: usize = ALT_BN128_G1_POINT_SIZE; // 64
+
+const ALT_BN128_G1_ADD_BE: u64 = 0;
+#[allow(dead_code)]
+const ALT_BN128_G1_SUB_BE: u64 = 1; // not implemented in the syscall
+
+/// Add two G1 points on the BN254 curve in big-endian (EIP-197) encoding.
+///
+/// # Arguments
+///
+/// * `input` - Two consecutive G1 points in big-endian (EIP-197) encoding.
+///
+/// # Returns
+///
+/// A `Result` containing the result of the addition in big-endian (EIP-197) encoding,
+/// or an error if the input is invalid.
+///
+/// Note: This function does **not** check if the input has the correct length.
+/// It will return an error if the length is invalid, incurring the cost of the syscall.
+#[inline(always)]
+pub fn alt_bn128_g1_addition_be(
+    input: &[u8],
+) -> Result<[u8; ALT_BN128_ADDITION_OUTPUT_SIZE], ProgramError> {
+    alt_bn128_group_op(input, ALT_BN128_G1_ADD_BE)
+}

sdk/pinocchio/src/curves/bn254/group_op.rs

@@ -1,14 +1,56 @@
 //! BN254 curve operations
 
+pub mod addition;
 pub mod compression;
-pub mod group_op;
+pub mod multiplication;
+pub mod pairing;
 
+pub use addition::*;
 pub use compression::*;
-pub use group_op::*;
+pub use multiplication::*;
+pub use pairing::*;
+
+use crate::program_error::ProgramError;
+
+#[cfg(target_os = "solana")]
+use crate::syscalls::sol_alt_bn128_group_op;
 
 /// Size of the EC point field, in bytes.
 pub const ALT_BN128_FIELD_SIZE: usize = 32;
 /// A group element in G1 consists of two field elements `(x, y)`.
 pub const ALT_BN128_G1_POINT_SIZE: usize = ALT_BN128_FIELD_SIZE * 2;
 /// Elements in G2 is represented by 2 field-extension elements `(x, y)`.
 pub const ALT_BN128_G2_POINT_SIZE: usize = ALT_BN128_FIELD_SIZE * 4;
+
+#[inline]
+fn alt_bn128_group_op<const OUTPUT_DATA_SIZE: usize>(
+    input: &[u8],
+    op: u64,
+) -> Result<[u8; OUTPUT_DATA_SIZE], ProgramError> {
+    // Call via a system call to perform the calculation
+    #[cfg(target_os = "solana")]
+    {
+        let mut bytes = core::mem::MaybeUninit::<[u8; OUTPUT_DATA_SIZE]>::uninit();
+
+        let result = unsafe {
+            sol_alt_bn128_group_op(
+                op,
+                input as *const _ as *const u8,
+                input.len() as u64,
+                bytes.as_mut_ptr() as *mut u8,
+            )
+        };
+
+        match result {
+            // SAFETY: The syscall has initialized the bytes.
+            crate::SUCCESS => Ok(unsafe { bytes.assume_init() }),
+            _ => Err(ProgramError::InvalidArgument),
+        }
+    }
+
+    #[cfg(not(target_os = "solana"))]
+    {
+        core::hint::black_box((input, op));
+        panic!("alt_bn128_group_op is only available on target `solana`")
+    }
+}

sdk/pinocchio/src/curves/bn254/mod.rs

@@ -0,0 +1,34 @@
+//! Multiplication operations on the BN254 curve.
+
+use super::{alt_bn128_group_op, ALT_BN128_FIELD_SIZE, ALT_BN128_G1_POINT_SIZE};
+use crate::program_error::ProgramError;
+
+/// Input size for the multiplication operation.
+pub const ALT_BN128_MULTIPLICATION_INPUT_SIZE: usize =
+    ALT_BN128_G1_POINT_SIZE + ALT_BN128_FIELD_SIZE; // 96
+
+/// Output size for the multiplication operation.
+pub const ALT_BN128_MULTIPLICATION_OUTPUT_SIZE: usize = ALT_BN128_G1_POINT_SIZE; // 64
+
+const ALT_BN128_G1_MUL_BE: u64 = 2;
+
+/// Multiply a G1 point by a scalar on the BN254 curve in big-endian (EIP-197) encoding.
+///
+/// # Arguments
+///
+/// * `input` - A G1 point in big-endian (EIP-197) encoding,
+///   followed by a scalar in big-endian (EIP-197) encoding.
+///
+/// # Returns
+///
+/// A `Result` containing the result of the multiplication in big-endian (EIP-197)
+/// encoding, or an error if the input is invalid.
+///
+/// Note: This function does **not** check if the input has the correct length.
+/// It will return an error if the length is invalid, incurring the cost of the syscall.
+#[inline(always)]
+pub fn alt_bn128_g1_multiplication_be(
+    input: &[u8],
+) -> Result<[u8; ALT_BN128_MULTIPLICATION_OUTPUT_SIZE], ProgramError> {
+    alt_bn128_group_op(input, ALT_BN128_G1_MUL_BE)
+}

sdk/pinocchio/src/curves/bn254/multiplication.rs

@@ -0,0 +1,29 @@
+//! Pairing operations on the BN254 curve.
+
+use super::{alt_bn128_group_op, ALT_BN128_G1_POINT_SIZE, ALT_BN128_G2_POINT_SIZE};
+use crate::program_error::ProgramError;
+
+/// Pair element size.
+pub const ALT_BN128_PAIRING_ELEMENT_SIZE: usize = ALT_BN128_G1_POINT_SIZE + ALT_BN128_G2_POINT_SIZE; // 192
+
+const ALT_BN128_PAIRING_BE: u64 = 3;
+
+/// Perform a pairing operation on the BN254 curve in big-endian (EIP-197) encoding.
+///
+/// # Arguments
+///
+/// * `input` - A sequence of pairs of G1 and G2 points in big-endian (EIP-197) encoding.
+///
+/// # Returns
+///
+/// A `Result` containing the result of the pairing operation, or an error if the input is invalid.
+///
+/// Note: This function does **not** check if the input has the correct length.
+/// Currently, if the length is invalid, it will not return an error; instead it will use only
+/// multiples of [`ALT_BN128_PAIRING_ELEMENT_SIZE`] bytes and discard the rest.
+/// After SIMD-0334 is implemented, it will return an error if the length is invalid,
+/// incurring the cost of the syscall.
+#[inline(always)]
+pub fn alt_bn128_pairing_be(input: &[u8]) -> Result<u8, ProgramError> {
+    alt_bn128_group_op::<32>(input, ALT_BN128_PAIRING_BE).map(|data| data[31])
+}