Barretenberg: src/barretenberg/stdlib/primitives/curves/grumpkin.hpp Source File

// === AUDIT STATUS ===

// internal:    { status: not started, auditors: [], date: YYYY-MM-DD }

// external_1:  { status: not started, auditors: [], date: YYYY-MM-DD }

// external_2:  { status: not started, auditors: [], date: YYYY-MM-DD }

// =====================


#pragma once

#include "../bigfield/bigfield.hpp"

#include "../biggroup/biggroup.hpp"

#include "../field/field.hpp"

#include "barretenberg/ecc/curves/types.hpp"

#include "barretenberg/stdlib/primitives/group/cycle_group.hpp"


namespace bb::stdlib {


template <typename CircuitBuilder> struct grumpkin {

    static constexpr bool is_stdlib_type = true;

    using Builder = CircuitBuilder;

    using NativeCurve = curve::Grumpkin;


    // Stdlib types corresponding to those defined in the native description of the curve.

    // Note: its useful to have these type names match the native analog exactly so that components that digest a

    // Curve (e.g. the PCS) can be agnostic as to whether they're operating on native or stdlib types.

    using ScalarField = bigfield<Builder, bb::Bn254FqParams>;

    using BaseField = field_t<Builder>;

    using Group = cycle_group<Builder>;

    using AffineElement = Group;

    using Element = Group;


    // Additional types with no analog in the native description of the curve

    using witness_ct = witness_t<CircuitBuilder>;

    using public_witness_ct = public_witness_t<CircuitBuilder>;

    using byte_array_ct = byte_array<CircuitBuilder>;

    using bool_ct = bool_t<CircuitBuilder>;


    // Required by SmallSubgroupIPA argument

    static constexpr size_t SUBGROUP_SIZE = 87;

    // To find the generator below, we factored r - 1 into primes, where r is the modulus of the Grumkin scalar field,

    // sampled a random field element, raised it to (r-1)/(3*29), and ensured that the resulting element is

    // not generating a smaller subgroup. To avoid inversion in the recursive verifier, we also store its inverse.

    static constexpr bb::fq subgroup_generator =

        bb::fq("0x147c647c09fb639514909e9f0513f31ec1a523bf8a0880bc7c24fbc962a9586b");

    static constexpr bb::fq subgroup_generator_inverse =

        bb::fq("0x0c68e27477b5e78cfab790bd3b59806fa871771f71ec7452cde5384f6e3a1988");

    // The length of the polynomials used to mask the Sumcheck Round Univariates. In the ECCVM Sumcheck, the prover only

    // sends 3 elements in every round - a commitment to the round univariate and its evaluations at 0 and 1. Therefore,

    // length 3 is sufficient.

    static constexpr uint32_t LIBRA_UNIVARIATES_LENGTH = 3;

};


} // namespace bb::stdlib

bb::curve::Grumpkin
Definition grumpkin.hpp:50

bb::stdlib::bigfield< Builder, bb::Bn254FqParams >

bb::stdlib::bool_t
Implements boolean logic in-circuit.
Definition bool.hpp:59

bb::stdlib::byte_array
Represents a dynamic array of bytes in-circuit.
Definition byte_array.hpp:28

bb::stdlib::cycle_group
cycle_group represents a group Element of the proving system's embedded curve i.e....
Definition cycle_group.hpp:36

bb::stdlib::field_t< Builder >

bb::stdlib::public_witness_t
Definition witness.hpp:59

bb::stdlib::witness_t
Definition witness.hpp:16

cycle_group.hpp

types.hpp

bb::stdlib
Definition graph_description_goblin.test.cpp:13

bb::fq
field< Bn254FqParams > fq
Definition fq.hpp:169

bb::field< Bn254FqParams >

bb::stdlib::grumpkin
Curve grumpkin in circuit setting.
Definition grumpkin.hpp:21

bb::stdlib::grumpkin::is_stdlib_type
static constexpr bool is_stdlib_type
Definition grumpkin.hpp:22

bb::stdlib::grumpkin::subgroup_generator
static constexpr bb::fq subgroup_generator
Definition grumpkin.hpp:46

bb::stdlib::grumpkin::Builder
CircuitBuilder Builder
Definition grumpkin.hpp:23

bb::stdlib::grumpkin::subgroup_generator_inverse
static constexpr bb::fq subgroup_generator_inverse
Definition grumpkin.hpp:48

bb::stdlib::grumpkin::LIBRA_UNIVARIATES_LENGTH
static constexpr uint32_t LIBRA_UNIVARIATES_LENGTH
Definition grumpkin.hpp:53

bb::stdlib::grumpkin::SUBGROUP_SIZE
static constexpr size_t SUBGROUP_SIZE
Definition grumpkin.hpp:42