Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
pairing_points.hpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: not started, auditors: [], date: YYYY-MM-DD }
3// external_1: { status: not started, auditors: [], date: YYYY-MM-DD }
4// external_2: { status: not started, auditors: [], date: YYYY-MM-DD }
5// =====================
6
7#pragma once
8
9#include "barretenberg/commitment_schemes/commitment_key.hpp"
10#include "barretenberg/commitment_schemes/verification_key.hpp"
11#include "barretenberg/common/assert.hpp"
12#include "barretenberg/polynomials/polynomial.hpp"
13#include "barretenberg/stdlib/primitives/curves/grumpkin.hpp"
14
15namespace bb {
16
24template <typename Curve_> class PairingPoints {
25 public:
26 using Curve = Curve_;
27 using CK = CommitmentKey<Curve>;
28 using Point = typename Curve::AffineElement;
29 using Fr = typename Curve::ScalarField;
30 using Fq = typename Curve::BaseField;
31 using VerifierCK = VerifierCommitmentKey<curve::BN254>;
32
33 static constexpr size_t PUBLIC_INPUTS_SIZE = PAIRING_POINTS_SIZE;
34
35 Point P0 = Point::infinity();
36 Point P1 = Point::infinity();
37
38 PairingPoints() = default;
39 PairingPoints(const Point& P0, const Point& P1)
40 : P0(P0)
41 , P1(P1)
42 {}
43
44 PairingPoints(std::array<Point, 2> const& points)
45 : PairingPoints(points[0], points[1])
46 {}
47
48 Point& operator[](size_t idx)
49 {
50 BB_ASSERT(idx < 2, "Index out of bounds");
51 return idx == 0 ? P0 : P1;
52 }
53
54 const Point& operator[](size_t idx) const
55 {
56 BB_ASSERT(idx < 2, "Index out of bounds");
57 return idx == 0 ? P0 : P1;
58 }
59
64 static PairingPoints<Curve> reconstruct_from_public(const std::span<const Fr, PUBLIC_INPUTS_SIZE>& limbs_in)
65 {
66 const std::span<const bb::fr, Point::PUBLIC_INPUTS_SIZE> P0_limbs(limbs_in.data(), Point::PUBLIC_INPUTS_SIZE);
67 const std::span<const bb::fr, Point::PUBLIC_INPUTS_SIZE> P1_limbs(limbs_in.data() + Point::PUBLIC_INPUTS_SIZE,
68 Point::PUBLIC_INPUTS_SIZE);
69 Point P0 = Point::reconstruct_from_public(P0_limbs);
70 Point P1 = Point::reconstruct_from_public(P1_limbs);
71
72 return PairingPoints<Curve>{ P0, P1 };
73 }
74
78 void aggregate(const PairingPoints<Curve>& other)
79 {
80 if (P0 == Point::infinity() || P1 == Point::infinity() || other.P0 == Point::infinity() ||
81 other.P1 == Point::infinity()) {
82 throw_or_abort("WARNING: Shouldn't be aggregating with Point at infinity! The pairing points are probably "
83 "uninitialized.");
84 }
85 Fr aggregation_separator = Fr::random_element();
86 P0 = P0 + other.P0 * aggregation_separator;
87 P1 = P1 + other.P1 * aggregation_separator;
88 }
89
93 bool check() const
94 {
95 VerifierCK pcs_vkey{};
96 // TODO(https://github.com/AztecProtocol/barretenberg/issues/1423): Rename to verifier_pcs_key or vckey or
97 // something. Issue exists in many places besides just here.
98 return pcs_vkey.pairing_check(P0, P1);
99 }
100
101 bool operator==(const PairingPoints<Curve>& other) const = default;
102};
103
104} // namespace bb
BB_ASSERT
#define BB_ASSERT(expression,...)
Definition assert.hpp:67
bb::CommitmentKey
CommitmentKey object over a pairing group 𝔾₁.
Definition commitment_key.hpp:43
bb::PairingPoints
An object storing two EC points that represent the inputs to a pairing check.
Definition pairing_points.hpp:24
bb::PairingPoints::operator[]
const Point & operator[](size_t idx) const
Definition pairing_points.hpp:54
bb::PairingPoints::PairingPoints
PairingPoints(std::array< Point, 2 > const &points)
Definition pairing_points.hpp:44
bb::PairingPoints::PairingPoints
PairingPoints(const Point &P0, const Point &P1)
Definition pairing_points.hpp:39
bb::PairingPoints::aggregate
void aggregate(const PairingPoints< Curve > &other)
Aggregate the current pairing points with another set of pairing points using a random scalar.
Definition pairing_points.hpp:78
bb::PairingPoints::reconstruct_from_public
static PairingPoints< Curve > reconstruct_from_public(const std::span< const Fr, PUBLIC_INPUTS_SIZE > &limbs_in)
Reconstruct the pairing points from limbs stored on the public inputs.
Definition pairing_points.hpp:64
bb::PairingPoints::operator==
bool operator==(const PairingPoints< Curve > &other) const =default
bb::PairingPoints::PUBLIC_INPUTS_SIZE
static constexpr size_t PUBLIC_INPUTS_SIZE
Definition pairing_points.hpp:33
bb::PairingPoints::check
bool check() const
Perform the pairing check.
Definition pairing_points.hpp:93
bb::PairingPoints::operator[]
Point & operator[](size_t idx)
Definition pairing_points.hpp:48
bb::PairingPoints::Fq
typename Curve::BaseField Fq
Definition pairing_points.hpp:30
bb::PairingPoints::Point
typename Curve::AffineElement Point
Definition pairing_points.hpp:28
bb::PairingPoints::PairingPoints
PairingPoints()=default
bb::PairingPoints::Fr
typename Curve::ScalarField Fr
Definition pairing_points.hpp:29
bb::VerifierCommitmentKey< curve::BN254 >::pairing_check
bool pairing_check(const GroupElement &p0, const GroupElement &p1)
verifies a pairing equation over 2 points using the verifier SRS
Definition verification_key.hpp:67
bb::VerifierCommitmentKey
Representation of the Grumpkin Verifier Commitment Key inside a bn254 circuit.
Definition verifier_commitment_key.hpp:16
bb::curve::Grumpkin::AffineElement
typename Group::affine_element AffineElement
Definition grumpkin.hpp:63
commitment_key.hpp
bb
Entry point for Barretenberg command-line interface.
Definition api.hpp:5
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
bb::field< Bn254FrParams >::random_element
static field random_element(numeric::RNG *engine=nullptr) noexcept
Definition field_impl.hpp:675
throw_or_abort
void throw_or_abort(std::string const &err)
Definition throw_or_abort.hpp:6
verification_key.hpp