AltBn128
AltBn128
This file documents a contract which is not yet deployed to Mainnet.
Implementations of common elliptic curve operations on Ethereum's (poorly named) alt_bn128 curve. Whenever possible, use post-Byzantium pre-compiled contracts to offset gas costs. Note that these pre-compiles might not be available on all (eg private) chains.
G1Point
struct G1Point {
uint256 x;
uint256 y;
}gfP2
struct gfP2 {
uint256 x;
uint256 y;
}G2Point
struct G2Point {
struct AltBn128.gfP2 x;
struct AltBn128.gfP2 y;
}p
uint256 pg1x
uint256 g1xGets generator of G1 group. Taken from go-ethereum/crypto/bn256/cloudflare/curve.go
g1y
uint256 g1yg2xx
uint256 g2xxGets generator of G2 group. Taken from go-ethereum/crypto/bn256/cloudflare/twist.go
g2xy
uint256 g2xyg2yx
uint256 g2yxg2yy
uint256 g2yytwistBx
uint256 twistBxGets twist curve B constant. Taken from go-ethereum/crypto/bn256/cloudflare/twist.go
twistBy
uint256 twistByhexRootX
uint256 hexRootXGets root of the point where x and y are equal.
hexRootY
uint256 hexRootYg1YFromX
function g1YFromX(uint256 x) internal view returns (uint256)g1YFromX computes a Y value for a G1 point based on an X value. This computation is simply evaluating the curve equation for Y on a given X, and allows a point on the curve to be represented by just an X value + a sign bit.
g1HashToPoint
function g1HashToPoint(bytes m) internal view returns (struct AltBn128.G1Point)Hash a byte array message, m, and map it deterministically to a point on G1. Note that this approach was chosen for its simplicity and lower gas cost on the EVM, rather than good distribution of points on G1.
g1Decompress
function g1Decompress(bytes32 m) internal view returns (struct AltBn128.G1Point)Decompress a point on G1 from a single uint256.
g1Add
function g1Add(struct AltBn128.G1Point a, struct AltBn128.G1Point b) internal view returns (struct AltBn128.G1Point c)Wraps the point addition pre-compile introduced in Byzantium. Returns the sum of two points on G1. Revert if the provided points are not on the curve.
isG1PointOnCurve
function isG1PointOnCurve(struct AltBn128.G1Point point) internal view returns (bool)Returns true if G1 point is on the curve.
scalarMultiply
function scalarMultiply(struct AltBn128.G1Point p_1, uint256 scalar) internal view returns (struct AltBn128.G1Point p_2)Wraps the scalar point multiplication pre-compile introduced in Byzantium. The result of a point from G1 multiplied by a scalar should match the point added to itself the same number of times. Revert if the provided point isn't on the curve.
pairing
function pairing(struct AltBn128.G1Point p1, struct AltBn128.G2Point p2, struct AltBn128.G1Point p3, struct AltBn128.G2Point p4) internal view returns (bool result)Wraps the pairing check pre-compile introduced in Byzantium. Returns the result of a pairing check of 2 pairs (G1 p1, G2 p2) (G1 p3, G2 p4)
getP
function getP() internal pure returns (uint256)g1
function g1() internal pure returns (struct AltBn128.G1Point)g2
function g2() internal pure returns (struct AltBn128.G2Point)g2YFromX
function g2YFromX(struct AltBn128.gfP2 _x) internal pure returns (struct AltBn128.gfP2 y)g2YFromX computes a Y value for a G2 point based on an X value. This computation is simply evaluating the curve equation for Y on a given X, and allows a point on the curve to be represented by just an X value + a sign bit.
g1Compress
function g1Compress(struct AltBn128.G1Point point) internal pure returns (bytes32)Compress a point on G1 to a single uint256 for serialization.
g2Compress
function g2Compress(struct AltBn128.G2Point point) internal pure returns (bytes)Compress a point on G2 to a pair of uint256 for serialization.
g1Unmarshal
function g1Unmarshal(bytes m) internal pure returns (struct AltBn128.G1Point)Unmarshals a point on G1 from bytes in an uncompressed form.
g1Marshal
function g1Marshal(struct AltBn128.G1Point point) internal pure returns (bytes)Marshals a point on G1 to bytes form.
g2Unmarshal
function g2Unmarshal(bytes m) internal pure returns (struct AltBn128.G2Point)Unmarshals a point on G2 from bytes in an uncompressed form.
g2Decompress
function g2Decompress(bytes m) internal pure returns (struct AltBn128.G2Point)Decompress a point on G2 from a pair of uint256.
gfP2Add
function gfP2Add(struct AltBn128.gfP2 a, struct AltBn128.gfP2 b) internal pure returns (struct AltBn128.gfP2)Returns the sum of two gfP2 field elements.
gfP2Multiply
function gfP2Multiply(struct AltBn128.gfP2 a, struct AltBn128.gfP2 b) internal pure returns (struct AltBn128.gfP2)Returns multiplication of two gfP2 field elements.
gfP2Pow
function gfP2Pow(struct AltBn128.gfP2 _a, uint256 _exp) internal pure returns (struct AltBn128.gfP2 result)Returns gfP2 element to the power of the provided exponent.
gfP2Square
function gfP2Square(struct AltBn128.gfP2 a) internal pure returns (struct AltBn128.gfP2)gfP2Cube
function gfP2Cube(struct AltBn128.gfP2 a) internal pure returns (struct AltBn128.gfP2)gfP2CubeAddTwistB
function gfP2CubeAddTwistB(struct AltBn128.gfP2 a) internal pure returns (struct AltBn128.gfP2)g2X2y
function g2X2y(struct AltBn128.gfP2 x, struct AltBn128.gfP2 y) internal pure returns (bool)Returns true if G2 point's y^2 equals x.
isG2PointOnCurve
function isG2PointOnCurve(struct AltBn128.G2Point point) internal pure returns (bool)Returns true if G2 point is on the curve.
Last updated
Was this helpful?