feat: wip

src/curve/pluto_curve.rs

@@ -187,8 +187,8 @@ mod pluto_extended_curve_tests {
 
   fn generator() -> AffinePoint<PlutoExtendedCurve> {
     AffinePoint::<PlutoExtendedCurve>::new(
-      PlutoBaseFieldExtension::new([PlutoBaseField::new(36), PlutoBaseField::ZERO]),
-      PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::new(31)]),
+      PlutoBaseFieldExtension::new([PlutoBaseField::new(31), PlutoBaseField::ZERO]),
+      PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::new(36)]),
     )
   }
 

src/kzg/setup.rs

@@ -5,31 +5,34 @@ use super::*;
 
 /// simple setup to get params.
 #[allow(dead_code, clippy::type_complexity)]
-pub fn setup() -> (Vec<AffinePoint<PlutoBaseCurve>>, Vec<AffinePoint<PlutoExtendedCurve>>) {
+pub fn setup() -> (Vec<AffinePoint<PlutoExtendedCurve>>, Vec<AffinePoint<PlutoExtendedCurve>>) {
   // NOTE: For demonstration purposes only.
 
   // This is just tau from plonk by hand, it is not actually secure
-  let tau: u32 = 2;
+  let tau: PlutoScalarField = PlutoScalarField::new(2);
 
+  let g1 = AffinePoint::<PlutoExtendedCurve>::from(AffinePoint::<PlutoBaseCurve>::generator());
+  let g2 = AffinePoint::<PlutoExtendedCurve>::generator();
   // NOTE: Just sample the d of both for now.
   // - g1 and g2 SRS have variable sizes for diff kzg uses
   // - in eth blobs, g1 is 4096 elements, g2 is 16 elements
   // - in plonk, we need d+5 g1 elements and one g2 element
-  let mut srs_g1_points: Vec<AffinePoint<PlutoBaseCurve>> = vec![];
+  let mut srs_g1_points: Vec<AffinePoint<PlutoExtendedCurve>> = vec![];
   let mut srs_g2_points: Vec<AffinePoint<PlutoExtendedCurve>> = vec![];
   for i in 0..7 {
     // G1 Group
 
     // degree seven commitment poly
     // g1srs = {g1^tau^0, g1^tau^1, g1^tau^2, g1^tau^3, g1^tau^4, g1^tau^5, g1^tau^6}
-    let result = AffinePoint::<PlutoBaseCurve>::generator() * tau.pow(i);
+    let result = g1 * tau.pow(i);
+
     srs_g1_points.push(result);
     // G2 Group
 
     // degree two divisor poly
     if i < 2 {
       // g2srs = {g2^tau^0, g2^tau^1}
-      let result = AffinePoint::<PlutoExtendedCurve>::generator() * tau.pow(i);
+      let result = g2 * tau.pow(i);
       srs_g2_points.push(result);
     }
   }
@@ -42,8 +45,8 @@ pub fn setup() -> (Vec<AffinePoint<PlutoBaseCurve>>, Vec<AffinePoint<PlutoExtend
 #[allow(dead_code)]
 pub fn commit(
   coefs: Vec<PlutoScalarField>,
-  g1_srs: Vec<AffinePoint<PlutoBaseCurve>>,
-) -> AffinePoint<PlutoBaseCurve> {
+  g1_srs: Vec<AffinePoint<PlutoExtendedCurve>>,
+) -> AffinePoint<PlutoExtendedCurve> {
   // commit to a polynomial
   // - given a polynomial, commit to it
   assert!(g1_srs.len() >= coefs.len());
@@ -62,8 +65,8 @@ pub fn commit(
 pub fn open(
   coefs: Vec<PlutoScalarField>,
   eval_point: PlutoScalarField,
-  g1_srs: Vec<AffinePoint<PlutoBaseCurve>>,
-) -> AffinePoint<PlutoBaseCurve> {
+  g1_srs: Vec<AffinePoint<PlutoExtendedCurve>>,
+) -> AffinePoint<PlutoExtendedCurve> {
   let poly = Polynomial::<Monomial, PlutoScalarField>::new(coefs.clone());
   let divisor =
     Polynomial::<Monomial, PlutoScalarField>::new(vec![-eval_point, PlutoScalarField::ONE]);
@@ -76,13 +79,27 @@ pub fn open(
 
 /// Verify the polynomial evaluation.
 pub fn check(
-  p: AffinePoint<PlutoBaseCurve>,
-  q: AffinePoint<PlutoBaseCurve>,
+  p: AffinePoint<PlutoExtendedCurve>,
+  q: AffinePoint<PlutoExtendedCurve>,
   point: PlutoScalarField,
   value: PlutoScalarField,
-  g1_srs: Vec<AffinePoint<PlutoBaseCurve>>,
+  g1_srs: Vec<AffinePoint<PlutoExtendedCurve>>,
   g2_srs: Vec<AffinePoint<PlutoExtendedCurve>>,
 ) -> bool {
+  // let p_gen =
+  // AffinePoint::<PlutoExtendedCurve>::from(AffinePoint::<PlutoBaseCurve>::generator());
+  // let cube_root_of_unity = PlutoBaseFieldExtension::primitive_root_of_unity(3);
+  // let q_gen = if let AffinePoint::<PlutoBaseCurve>::Point(x, y) =
+  //   AffinePoint::<PlutoBaseCurve>::generator()
+  // {
+  //   AffinePoint::<PlutoExtendedCurve>::new(
+  //     cube_root_of_unity * PlutoBaseFieldExtension::from(x),
+  //     PlutoBaseFieldExtension::from(y),
+  //   )
+  // } else {
+  //   panic!("Generator is not a point");
+  // };
+
   let g1 = *g1_srs.first().expect("has g1 srs");
   let g2 = *g2_srs.first().expect("has g2 srs");
 

src/kzg/tests.rs

@@ -7,23 +7,42 @@ fn test_setup() {
   assert!(g1srs.len() == 7);
   assert!(g2srs.len() == 2);
   let expected_g1srs = vec![
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(1), PlutoBaseField::new(2)),
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(68), PlutoBaseField::new(74)),
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(65), PlutoBaseField::new(98)),
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(18), PlutoBaseField::new(49)),
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(1), PlutoBaseField::new(99)),
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(68), PlutoBaseField::new(27)),
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(65), PlutoBaseField::new(3)),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(1usize),
+      PlutoBaseFieldExtension::from(2usize),
+    ),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(68usize),
+      PlutoBaseFieldExtension::from(74usize),
+    ),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(65usize),
+      PlutoBaseFieldExtension::from(98usize),
+    ),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(18usize),
+      PlutoBaseFieldExtension::from(49usize),
+    ),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(1usize),
+      PlutoBaseFieldExtension::from(99usize),
+    ),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(68usize),
+      PlutoBaseFieldExtension::from(27usize),
+    ),
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::from(65usize),
+      PlutoBaseFieldExtension::from(3usize),
+    ),
   ];
 
   assert_eq!(g1srs, expected_g1srs);
 
-  println!("g2srs {:?}", g2srs);
   let expected_2g = AffinePoint::<PlutoExtendedCurve>::new(
     PlutoBaseFieldExtension::new([PlutoBaseField::new(90), PlutoBaseField::ZERO]),
     PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::new(82)]),
   );
-
   let g2_gen = AffinePoint::<PlutoExtendedCurve>::generator();
   let expected_g2srs = vec![g2_gen, expected_2g];
 
@@ -50,7 +69,7 @@ fn test_commit() {
   ];
   //  g1srs[0] * 11 + g1srs[1] * 11 + g1srs[2] * 11 + g1srs[3] * 1
   let commit_1 = commit(coefficients, g1srs.clone());
-  assert_eq!(commit_1, AffinePoint::<PlutoBaseCurve>::Infinity);
+  assert_eq!(commit_1, AffinePoint::<PlutoExtendedCurve>::Infinity);
 
   // p(x) = (x-1)(x-2)(x-3)(x-4)
   // p(x) = 24 - 50x + 35x^2 - 10x^3
@@ -67,25 +86,52 @@ fn test_commit() {
   ];
   //  g1srs[0] * 7 + g1srs[1] * 16 + g1srs[2] * 1 + g1srs[3] * 11 + g1srs[4] * 1
   let commit_2 = commit(coefficients, g1srs.clone());
+
+  /// point not on curve
   assert_eq!(
     commit_2,
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(32), PlutoBaseField::new(59))
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::new([PlutoBaseField::new(32), PlutoBaseField::new(59)]),
+      PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::ZERO]),
+    )
   );
 
   // p(x)  = 3 + 2x + x^2
   let coefficients =
     vec![PlutoScalarField::new(3), PlutoScalarField::new(2), PlutoScalarField::new(1)];
   // g1srs[0] * 3 + g1srs[1] * 2  + g1srs[2] * 1
   let commit_3 = commit(coefficients, g1srs);
+  /// point not on curve
+
   assert_eq!(
     commit_3,
-    AffinePoint::<PlutoBaseCurve>::new(PlutoBaseField::new(32), PlutoBaseField::new(59))
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::new([PlutoBaseField::new(32), PlutoBaseField::new(59)]),
+      PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::ZERO]),
+    )
+  );
+}
+
+#[test]
+fn srs_open() {
+  let (g1srs, _) = setup();
+  let result = g1srs[0] * PlutoScalarField::new(3);
+  let result_2 = g1srs[1] * PlutoScalarField::new(15);
+  let result_3 = g1srs[2] * PlutoScalarField::new(1);
+  let sum = result + result_2 + result_3;
+  assert_eq!(
+    sum,
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::new([PlutoBaseField::new(26), PlutoBaseField::new(45)]),
+      PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::ZERO]),
+    )
   );
 }
 
 #[test]
 fn opening() {
   let (g1srs, _) = setup();
+  println!("g1srs[0]:{:?}, g1srs[1]:{:?}, g1srs[2]:{:?}", g1srs[0], g1srs[1], g1srs[2]);
   let poly = Polynomial::<Monomial, PlutoScalarField>::new(vec![
     PlutoScalarField::new(11),
     PlutoScalarField::new(11),
@@ -95,15 +141,21 @@ fn opening() {
   let eval_point = PlutoScalarField::new(4);
   //   let eval_result = poly.evaluate(eval_point);
   let commit = commit(poly.coefficients.clone(), g1srs.clone());
-  assert_eq!(commit, AffinePoint::<PlutoBaseCurve>::Infinity);
+  assert_eq!(commit, AffinePoint::<PlutoExtendedCurve>::Infinity);
   // p(x) = (x-1)(x-2)(x-3)
   // p(x) = - 6 + 11x -6x^2 + x^3
 
   // divisor poly q(x) = x - 4
   // result = p(x) / q(x) = x^2 - 2x + 3
+  // multiplying (1,2) * 3 + (68, 74) * 15 + (65, 98) * 1
   let open_commit = open(poly.coefficients, eval_point, g1srs.clone());
-  println!("open_commit {:?}", open_commit);
-  //   assert_eq!(open, commit);
+  assert_eq!(
+    open_commit,
+    AffinePoint::<PlutoExtendedCurve>::new(
+      PlutoBaseFieldExtension::new([PlutoBaseField::new(26), PlutoBaseField::new(45)]),
+      PlutoBaseFieldExtension::new([PlutoBaseField::ZERO, PlutoBaseField::ZERO]),
+    )
+  );
 }
 
 #[test]
@@ -120,10 +172,11 @@ fn end_to_end() {
   let poly = Polynomial::<Monomial, PlutoScalarField>::new(coefficients.clone());
   let eval_point = PlutoScalarField::new(4);
   let eval_result = poly.evaluate(eval_point);
+  println!("eval_result {:?}", eval_result);
 
   let p_commit = commit(poly.coefficients.clone(), g1srs.clone());
   // p_commit = inf
-  assert_eq!(p_commit, AffinePoint::<PlutoBaseCurve>::Infinity);
+  assert_eq!(p_commit, AffinePoint::<PlutoExtendedCurve>::Infinity);
   let q_commit = open(poly.coefficients, eval_point, g1srs.clone());
   // q_commit = (26, 50)
   println!("q_commit {:?}", q_commit);

src/kzg_old.rs

@@ -130,6 +130,8 @@ mod tests {
     let (g1_srs, g2_srs) = setup(10);
     let p_commit = commit::<false>(p.clone(), g1_srs.clone());
     let q_commit = open(p.clone(), x, g1_srs.clone());
+
+
     let valid = check(p_commit, q_commit, x, y, g1_srs.clone(), g2_srs.clone());
 
     println!("p_commit={}", p_commit);