Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Twisted Edwards curves operations #1949

Closed
wants to merge 62 commits into from
Closed

Twisted Edwards curves operations #1949

wants to merge 62 commits into from

Conversation

querolita
Copy link
Member

This PR is the twisted counterpart of the operations found in /src/lib/provable/gadgets/elliptic-curve.ts. It is a necessary step to support EdDSA, which uses the twisted curve Ed25519. Related to o1-labs/o1js-bindings#317.

@querolita querolita marked this pull request as ready for review January 10, 2025 22:36
@querolita querolita requested review from a team as code owners January 10, 2025 22:36
@querolita querolita requested review from 45930 and ymekuria January 10, 2025 22:36
@querolita querolita force-pushed the feature/eddsa/twisted branch from b741643 to 576725d Compare January 15, 2025 18:56
querolita
querolita commented Jan 16, 2025
View reviewed changes
Copy link
Member Author

@querolita querolita left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left some comments for reviewers

src/lib/provable/gadgets/twisted-curve.ts Outdated
toBigint({ x, y }: Point) {
let x_ = Field3.toBigint(x);
let y_ = Field3.toBigint(y);
return { x: x_, y: y_, infinity: x_ === 0n && y_ === 1n };
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I created an equivalent Point type (elliptic-curve also has it) with the difference that the infinity is not always set to false as it is the case in the other gadgets.

src/lib/provable/gadgets/twisted-curve.ts Outdated
let witnesses = exists(12, () => {
let [x1_, x2_, y1_, y2_] = Field3.toBigints(x1, x2, y1, y2);

// TODO: reuse code in twistedAdd to avoid recomputing these
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would be a nice feature and much cleaner code, but apparently this wouldn't be a trivial refactor at all. Ideas for the future: inspiration from the interpreter structure in o1vm?

Trivo25
Trivo25 reviewed Feb 11, 2025
View reviewed changes
@Trivo25
Copy link
Member

Trivo25 commented Mar 19, 2025

This is finished and ported to its own package - great job! (keeping the branch alive just in case)

@Trivo25 Trivo25 closed this Mar 19, 2025
@Trivo25 Trivo25 mentioned this pull request Mar 20, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dannywillems dannywillems dannywillems left review comments

@mitschabaude mitschabaude mitschabaude requested changes

@Trivo25 Trivo25 Trivo25 left review comments

@45930 45930 45930 left review comments

@ymekuria ymekuria Awaiting requested review from ymekuria ymekuria is a code owner automatically assigned from o1-labs/future-zkapps

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@querolita @mitschabaude @Trivo25 @ymekuria @dannywillems @45930 @Geometer1729