Aligns the marshaling behavior of gnark to google and cloudflare
Co-authored-by: Marius van der Wijden <m.vanderwijden@live.de>
Co-authored-by: kevaundray <kevtheappdev@gmail.com>
This PR improves the IsOnCurve methods for BN254 G2 points by:
* Clarifying its behavior the docstring, making it explicit that it
verifies both the point being on the curve and in the correct subgroup.
* Adding an in-line comment explaining the subgroup membership check
(c.Mul(Order)).
* Minor wording adjustments for readability and consistency.
Co-authored-by: Antonio Sanso <antonio.sanso@gmail.com>
Adds marshaling fuzzing for G1 and G2 to oss-fuzz.
Also aligns the behavior of the google library to that of gnark and
cloudflare, which only ever read the first 64 / 128 bytes of the input,
regardless of how long the input is
Co-authored-by: Marius van der Wijden <m.vanderwijden@live.de>
* Removed comment section referring to Cloudflare's bn curve parameters
* Added comment to clarify the nature of the parameters
* Changed value of xi to i+9
* crypto/bn256: full switchover to cloudflare's code
* crypto/bn256: only use cloudflare for optimized architectures
* crypto/bn256: upstream fallback for non-optimized code
* .travis, build: drop support for Go 1.8 (need type aliases)
* crypto/bn256/cloudflare: enable curve mul lattice optimization
* core/vm, crypto/bn256: switch over to cloudflare library
* crypto/bn256: unmarshal constraint + start pure go impl
* crypto/bn256: combo cloudflare and google lib
* travis: drop 386 test job
Generator in the current lib uses -2 as the y point when doing
ScalarBaseMult, this makes it so that points/signatures generated
from libs like py_ecc don't match/validate as pretty much all
other libs (including libsnark) have (1, 2) as the standard
generator.
This does not affect consensus as the generator is never used in
the VM, points are always explicitly defined and there is not
ScalarBaseMult op - it only makes it so that doing "import
github.com/ethereum/go-ethereum/crypto/bn256" doesn't generate
bad points in userland tools.
This commit is a preparation for the upcoming metropolis hardfork. It
prepares the state, core and vm packages such that integration with
metropolis becomes less of a hassle.
* Difficulty calculation requires header instead of individual
parameters
* statedb.StartRecord renamed to statedb.Prepare and added Finalise
method required by metropolis, which removes unwanted accounts from
the state (i.e. selfdestruct)
* State keeps record of destructed objects (in addition to dirty
objects)
* core/vm pre-compiles may now return errors
* core/vm pre-compiles gas check now take the full byte slice as argument
instead of just the size
* core/vm now keeps several hard-fork instruction tables instead of a
single instruction table and removes the need for hard-fork checks in
the instructions
* core/vm contains a empty restruction function which is added in
preparation of metropolis write-only mode operations
* Adds the bn256 curve
* Adds and sets the metropolis chain config block parameters (2^64-1)
