fix: correct bug in the deserialise method in EllipticCurve

federicobarbacovi · federicobarbacovi · commit 2dc72ea15674 · 2024-09-05T13:57:40.000+01:00
- add references to MNT4_753 parameters
- add references for serialisation/deserialisation methods
diff --git a/elliptic_curves/instantiations/mnt4_753/parameters.py b/elliptic_curves/instantiations/mnt4_753/parameters.py
@@ -1,4 +1,5 @@
 # Curve parameters ------------------------------------------------------------------------------------------------------
+# Taken from [https://github.com/arkworks-rs/curves/tree/master/mnt4_753/src/curves]
 
 # Seed
 u = -0x15474b1d641a3fd86dcbcee5dcda7fe51852c8cbe26e600733b714aa43c31a66b0344c4e2c428b07a7713041ba18000
diff --git a/elliptic_curves/models/curve.py b/elliptic_curves/models/curve.py
@@ -43,7 +43,7 @@ def __init__(self, q, r, val_miller_loop, exp_miller_loop, h1, h2, curve, twiste
     
     def deserialise_vk(self, serialised: list[bytes]):
         '''
-        Deserialise the serialisation of a verifying key. This function is based on the deserialisation of VK in arkworks. [ref]
+        Deserialise the serialisation of a verifying key. This function is based on the deserialisation of VK in arkworks. [https://github.com/arkworks-rs/groth16/blob/master/src/data_structures.rs#L32]
 
         vk is a list of: alpha_g1, beta_g2, gamma_g2, delta_g2, gamma_abc_g1, and each element is serialised in turn
             alpha_g1 -> element in G1
@@ -87,7 +87,7 @@ def deserialise_vk(self, serialised: list[bytes]):
 
     def deserialise_proof(self, serialised: list[bytes]):
         """
-        Function to deserialise a proof. This function is based on arkworks deserialisation of a proof. [ref]
+        Function to deserialise a proof. This function is based on arkworks deserialisation of a proof. [https://github.com/arkworks-rs/groth16/blob/master/src/data_structures.rs#L9]
 
         A proof is formed by: A, B, C, and each element is serialised in turn
             A, C -> elements in G1
@@ -118,7 +118,7 @@ def deserialise_proof(self, serialised: list[bytes]):
     
     def prepare_groth16_proof(self, pub, proof, vk, miller_loop_type, denominator_elimination):
         """
-        Take a a list of public statements, a proof and a vk, returns the data needed to generate the unlocking script for the Groth16 Bitcoin Script verifier [ref]
+        Take a a list of public statements, a proof and a vk, returns the data needed to generate the unlocking script for the Groth16 Bitcoin Script verifier [https://github.com/nchain-innovation/zkscript_package/blob/main/zkscript/groth16/model/groth16.py#L141]
 		
 		Miller loop type is either 'base_curve' or 'twisted_curve'
         """
diff --git a/elliptic_curves/models/ec.py b/elliptic_curves/models/ec.py
@@ -183,7 +183,7 @@ def line_evaluation(self,Q,P):
     def deserialise(serialised: list[bytes], field):
         """
         Function that a list of integers and inteprets it as a point on the elliptic curve self and returns its serialisation.
-        This function is based on the deserialisation function for the trait SWCurveConfig of arkworks, only uncompressed mode. [ref]
+        This function is based on the deserialisation function for the trait SWCurveConfig of arkworks, only uncompressed mode. [https://github.com/arkworks-rs/algebra/blob/master/ec/src/models/short_weierstrass/mod.rs#L115]
         
         It works as follows: serialised is a list of ints representing the little-endian encoding of (x,y). The encoding is:
             [LE(x), LE(y)_mod]
@@ -206,8 +206,11 @@ def deserialise(serialised: list[bytes], field):
             serialised_y[-1] = serialised_y[-1]  & ~(1 << 7)
             y = field.deserialise(serialised_y)
 
-            y_is_largest = False
+            y_is_largest = None
             for el, minus_el in zip(y.to_list()[::-1],(-y).to_list()[::-1]):
+                if el < minus_el:
+                    y_is_largest = False
+                    break
                 if el > minus_el:
                     y_is_largest = True
                     break
@@ -382,8 +385,11 @@ def deserialise(serialised: list[bytes], field):
                 serialised_y[-1] = serialised_y[-1]  & ~(1 << 7)
                 y = field.deserialise(serialised_y)
 
-                y_is_largest = False
+                y_is_largest = None
                 for el, minus_el in zip(y.to_list()[::-1],(-y).to_list()[::-1]):
+                    if el < minus_el:
+                        y_is_largest = False
+                        break
                     if el > minus_el:
                         y_is_largest = True
                         break

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`# Curve parameters ------------------------------------------------------------------------------------------------------`
	`2`	`+# Taken from [https://github.com/arkworks-rs/curves/tree/master/mnt4_753/src/curves]`
`2`	`3`
`3`	`4`	`# Seed`
`4`	`5`	`u = -0x15474b1d641a3fd86dcbcee5dcda7fe51852c8cbe26e600733b714aa43c31a66b0344c4e2c428b07a7713041ba18000`