Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
Classes | Public Types | Public Member Functions | Static Public Member Functions | Public Attributes | Static Public Attributes | Friends | List of all members
bb::group_elements::affine_element< Fq_, Fr_, Params_ > Class Template Reference

#include <affine_element.hpp>

Classes

struct  MsgpackRawAffineElement
 

Public Types

using Fq = Fq_
 
using Fr = Fr_
 
using Params = Params_
 
using in_buf = const uint8_t *
 
using vec_in_buf = const uint8_t *
 
using out_buf = uint8_t *
 
using vec_out_buf = uint8_t **
 

Public Member Functions

 affine_element () noexcept=default
 
 ~affine_element () noexcept=default
 
constexpr affine_element (const Fq &x, const Fq &y) noexcept
 
constexpr affine_element (const affine_element &other) noexcept=default
 
constexpr affine_element (affine_element &&other) noexcept=default
 
constexpr affine_elementoperator= (const affine_element &other) noexcept=default
 
constexpr affine_elementoperator= (affine_element &&other) noexcept=default
 
constexpr affine_element operator+ (const affine_element &other) const noexcept
 
constexpr affine_element operator* (const Fr &exponent) const noexcept
 
constexpr affine_element set_infinity () const noexcept
 
constexpr void self_set_infinity () noexcept
 
constexpr bool is_point_at_infinity () const noexcept
 
constexpr bool on_curve () const noexcept
 
constexpr bool operator== (const affine_element &other) const noexcept
 
constexpr affine_element operator- () const noexcept
 
constexpr bool operator> (const affine_element &other) const noexcept
 
constexpr bool operator< (const affine_element &other) const noexcept
 
std::vector< uint8_t > to_buffer () const
 Serialize the point to a byte vector.
 
void msgpack_pack (auto &packer) const
 
void msgpack_unpack (auto o)
 
void msgpack_schema (auto &packer) const
 
template<typename BaseField , typename CompileTimeEnabled >
constexpr affine_element< Fq, Fr, T > from_compressed (const uint256_t &compressed) noexcept
 
template<typename BaseField , typename CompileTimeEnabled >
constexpr std::array< affine_element< Fq, Fr, T >, 2 > from_compressed_unsafe (const uint256_t &compressed) noexcept
 

Static Public Member Functions

static constexpr affine_element one () noexcept
 
template<typename BaseField = Fq, typename CompileTimeEnabled = std::enable_if_t<(BaseField::modulus >> 255) == uint256_t(0), void>>
static constexpr affine_element from_compressed (const uint256_t &compressed) noexcept
 Reconstruct a point in affine coordinates from compressed form.
 
template<typename BaseField = Fq, typename CompileTimeEnabled = std::enable_if_t<(BaseField::modulus >> 255) == uint256_t(1), void>>
static constexpr std::array< affine_element, 2 > from_compressed_unsafe (const uint256_t &compressed) noexcept
 Reconstruct a point in affine coordinates from compressed form.
 
static constexpr affine_element infinity ()
 
static constexpr std::optional< affine_elementderive_from_x_coordinate (const Fq &x, bool sign_bit) noexcept
 
static affine_element random_element (numeric::RNG *engine=nullptr) noexcept
 Samples a random point on the curve.
 
static constexpr affine_element hash_to_curve (const std::vector< uint8_t > &seed, uint8_t attempt_count=0) noexcept
 Hash a seed buffer into a point.
 
static void serialize_to_buffer (const affine_element &value, uint8_t *buffer, bool write_x_first=false)
 Serialize the point to the given buffer.
 
static affine_element serialize_from_buffer (const uint8_t *buffer, bool write_x_first=false)
 Restore point from a buffer.
 
static affine_element batch_mul (std::span< const affine_element > points, std::span< const Fr > scalars, size_t max_num_bits=0, bool with_edgecases=true, const Fr &masking_scalar=Fr(1)) noexcept
 Multi-scalar multiplication: compute sum_i(scalars[i] * points[i])
 

Public Attributes

Fq x
 
Fq y
 

Static Public Attributes

static constexpr size_t PUBLIC_INPUTS_SIZE = 2 * Fq::PUBLIC_INPUTS_SIZE
 
template<typename T >
static constexpr bool is_field2_v
 

Friends

std::ostream & operator<< (std::ostream &os, const affine_element &a)
 

Detailed Description

template<typename Fq_, typename Fr_, typename Params_>
class bb::group_elements::affine_element< Fq_, Fr_, Params_ >

Definition at line 27 of file affine_element.hpp.

Member Typedef Documentation

◆ Fq

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::Fq = Fq_

Definition at line 29 of file affine_element.hpp.

◆ Fr

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::Fr = Fr_

Definition at line 30 of file affine_element.hpp.

◆ in_buf

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::in_buf = const uint8_t*

Definition at line 33 of file affine_element.hpp.

◆ out_buf

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::out_buf = uint8_t*

Definition at line 35 of file affine_element.hpp.

◆ Params

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::Params = Params_

Definition at line 31 of file affine_element.hpp.

◆ vec_in_buf

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::vec_in_buf = const uint8_t*

Definition at line 34 of file affine_element.hpp.

◆ vec_out_buf

template<typename Fq_ , typename Fr_ , typename Params_ >
using bb::group_elements::affine_element< Fq_, Fr_, Params_ >::vec_out_buf = uint8_t**

Definition at line 36 of file affine_element.hpp.

Constructor & Destructor Documentation

◆ affine_element() [1/4]

template<typename Fq_ , typename Fr_ , typename Params_ >
bb::group_elements::affine_element< Fq_, Fr_, Params_ >::affine_element ( )
defaultnoexcept

◆ ~affine_element()

template<typename Fq_ , typename Fr_ , typename Params_ >
bb::group_elements::affine_element< Fq_, Fr_, Params_ >::~affine_element ( )
defaultnoexcept

◆ affine_element() [2/4]

template<class Fq , class Fr , class T >
constexpr bb::group_elements::affine_element< Fq, Fr, T >::affine_element ( const Fq x,
const Fq y 
)
constexprnoexcept

Definition at line 14 of file affine_element_impl.hpp.

◆ affine_element() [3/4]

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr bb::group_elements::affine_element< Fq_, Fr_, Params_ >::affine_element ( const affine_element< Fq_, Fr_, Params_ > &  other)
constexprdefaultnoexcept

◆ affine_element() [4/4]

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr bb::group_elements::affine_element< Fq_, Fr_, Params_ >::affine_element ( affine_element< Fq_, Fr_, Params_ > &&  other)
constexprdefaultnoexcept

Member Function Documentation

◆ batch_mul()

template<class Fq , class Fr , class Params >
template affine_element< fr, fq, grumpkin::G1Params > bb::group_elements::affine_element< Fq_, Fr_, Params_ >::batch_mul ( std::span< const affine_element< Fq_, Fr_, Params_ > >  points,
std::span< const Fr scalars,
size_t  max_num_bits = 0,
bool  with_edgecases = true,
const Fr masking_scalar = Fr(1) 
)
staticnoexcept

Multi-scalar multiplication: compute sum_i(scalars[i] * points[i])

Interface matches stdlib::biggroup::element::batch_mul for unified native/stdlib usage. Delegates to Pippenger MSM algorithm.

Parameters
pointsSpan of affine points
scalarsSpan of scalar field elements (same length as points)
max_num_bitsIgnored for native (circuit optimization hint in stdlib)
with_edgecasesIf true, uses Jacobian Pippenger (safe); if false, uses affine (faster)
masking_scalarIgnored for native (needed for safe offset generators in stdlib)

Definition at line 26 of file element_batch_mul.cpp.

◆ derive_from_x_coordinate()

template<class Fq , class Fr , class T >
constexpr std::optional< affine_element< Fq, Fr, T > > bb::group_elements::affine_element< Fq, Fr, T >::derive_from_x_coordinate ( const Fq x,
bool  sign_bit 
)
staticconstexprnoexcept

Definition at line 168 of file affine_element_impl.hpp.

◆ from_compressed() [1/2]

template<typename Fq_ , typename Fr_ , typename Params_ >
template<typename BaseField = Fq, typename CompileTimeEnabled = std::enable_if_t<(BaseField::modulus >> 255) == uint256_t(0), void>>
static constexpr affine_element bb::group_elements::affine_element< Fq_, Fr_, Params_ >::from_compressed ( const uint256_t compressed)
staticconstexprnoexcept

Reconstruct a point in affine coordinates from compressed form.

#LARGE_MODULUS_AFFINE_POINT_COMPRESSION Point compression is only implemented for curves of a prime field F_p with p using < 256 bits. One possiblity for extending to a 256-bit prime field: https://patents.google.com/patent/US6252960B1/en.

Parameters
compressedcompressed point
Returns
constexpr affine_element

◆ from_compressed() [2/2]

template<typename Fq_ , typename Fr_ , typename Params_ >
template<typename BaseField , typename CompileTimeEnabled >
constexpr affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq_, Fr_, Params_ >::from_compressed ( const uint256_t compressed)
constexprnoexcept

Definition at line 21 of file affine_element_impl.hpp.

◆ from_compressed_unsafe() [1/2]

template<typename Fq_ , typename Fr_ , typename Params_ >
template<typename BaseField = Fq, typename CompileTimeEnabled = std::enable_if_t<(BaseField::modulus >> 255) == uint256_t(1), void>>
static constexpr std::array< affine_element, 2 > bb::group_elements::affine_element< Fq_, Fr_, Params_ >::from_compressed_unsafe ( const uint256_t compressed)
staticconstexprnoexcept

Reconstruct a point in affine coordinates from compressed form.

#LARGE_MODULUS_AFFINE_POINT_COMPRESSION Point compression is implemented for curves of a prime field F_p with p being 256 bits. TODO(Suyash): Check with kesha if this is correct.

Parameters
compressedcompressed point
Returns
constexpr affine_element

◆ from_compressed_unsafe() [2/2]

template<typename Fq_ , typename Fr_ , typename Params_ >
template<typename BaseField , typename CompileTimeEnabled >
constexpr std::array< affine_element< Fq, Fr, T >, 2 > bb::group_elements::affine_element< Fq_, Fr_, Params_ >::from_compressed_unsafe ( const uint256_t compressed)
constexprnoexcept

Definition at line 45 of file affine_element_impl.hpp.

◆ hash_to_curve()

template<class Fq , class Fr , class T >
requires SupportsHashToCurve<Params>
constexpr affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq, Fr, T >::hash_to_curve ( const std::vector< uint8_t > &  seed,
uint8_t  attempt_count = 0 
)
staticconstexprnoexcept

Hash a seed buffer into a point.

ALGORITHM DESCRIPTION:

  1. Initialize unsigned integer attempt_count = 0
  2. Copy seed into a buffer whose size is 2 bytes greater than seed (initialized to 0)
  3. Interpret attempt_count as a byte and write into buffer at [buffer.size() - 2]
  4. Compute Blake3s hash of buffer
  5. Set the end byte of the buffer to 1
  6. Compute Blake3s hash of buffer
  7. Interpret the two hash outputs as the high / low 256 bits of a 512-bit integer (big-endian)
  8. Derive x-coordinate of point by reducing the 512-bit integer modulo the curve's field modulus (Fq)
  9. Compute y^2 from the curve formula y^2 = x^3 + ax + b (a, b are curve params. for BN254, a = 0, b = 3)
  10. IF y^2 IS NOT A QUADRATIC RESIDUE 10a. increment attempt_count by 1 and go to step 2
  11. IF y^2 IS A QUADRATIC RESIDUE 11a. derive y coordinate via y = sqrt(y) 11b. Interpret most significant bit of 512-bit integer as a 'parity' bit 11c. If parity bit is set AND y's most significant bit is not set, invert y 11d. If parity bit is not set AND y's most significant bit is set, invert y N.B. last 2 steps are because the sqrt() algorithm can return 2 values, we need to a way to canonically distinguish between these 2 values and select a "preferred" one 11e. return (x, y)
Note
This algorihm is constexpr: we can hash-to-curve (and derive generators) at compile-time!
Template Parameters
Fq
Fr
T
Parameters
seedBytes that uniquely define the point being generated
attempt_count
Returns
constexpr affine_element<Fq, Fr, T>

Definition at line 219 of file affine_element_impl.hpp.

◆ infinity()

template<class Fq , class Fr , class T >
constexpr affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq, Fr, T >::infinity ( )
staticconstexpr

Definition at line 83 of file affine_element_impl.hpp.

◆ is_point_at_infinity()

template<class Fq , class Fr , class T >
constexpr bool bb::group_elements::affine_element< Fq, Fr, T >::is_point_at_infinity ( ) const
constexprnoexcept

Definition at line 113 of file affine_element_impl.hpp.

◆ msgpack_pack()

template<typename Fq_ , typename Fr_ , typename Params_ >
void bb::group_elements::affine_element< Fq_, Fr_, Params_ >::msgpack_pack ( auto &  packer) const
inline

Definition at line 224 of file affine_element.hpp.

◆ msgpack_schema()

template<typename Fq_ , typename Fr_ , typename Params_ >
void bb::group_elements::affine_element< Fq_, Fr_, Params_ >::msgpack_schema ( auto &  packer) const
inline

Definition at line 286 of file affine_element.hpp.

◆ msgpack_unpack()

template<typename Fq_ , typename Fr_ , typename Params_ >
void bb::group_elements::affine_element< Fq_, Fr_, Params_ >::msgpack_unpack ( auto  o)
inline

Definition at line 254 of file affine_element.hpp.

◆ on_curve()

template<class Fq , class Fr , class T >
constexpr bool bb::group_elements::affine_element< Fq, Fr, T >::on_curve ( ) const
constexprnoexcept

Definition at line 125 of file affine_element_impl.hpp.

◆ one()

template<typename Fq_ , typename Fr_ , typename Params_ >
static constexpr affine_element bb::group_elements::affine_element< Fq_, Fr_, Params_ >::one ( )
inlinestaticconstexprnoexcept

Definition at line 52 of file affine_element.hpp.

◆ operator*()

template<class Fq , class Fr , class T >
constexpr affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq, Fr, T >::operator* ( const Fr exponent) const
constexprnoexcept

Definition at line 78 of file affine_element_impl.hpp.

◆ operator+()

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq, Fr, T >::operator+ ( const affine_element< Fq_, Fr_, Params_ > &  other) const
constexprnoexcept

Definition at line 71 of file affine_element_impl.hpp.

◆ operator-()

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr affine_element bb::group_elements::affine_element< Fq_, Fr_, Params_ >::operator- ( ) const
inlineconstexprnoexcept

Definition at line 109 of file affine_element.hpp.

◆ operator<()

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr bool bb::group_elements::affine_element< Fq_, Fr_, Params_ >::operator< ( const affine_element< Fq_, Fr_, Params_ > &  other) const
inlineconstexprnoexcept

Definition at line 112 of file affine_element.hpp.

◆ operator=() [1/2]

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr affine_element & bb::group_elements::affine_element< Fq_, Fr_, Params_ >::operator= ( affine_element< Fq_, Fr_, Params_ > &&  other)
constexprdefaultnoexcept

◆ operator=() [2/2]

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr affine_element & bb::group_elements::affine_element< Fq_, Fr_, Params_ >::operator= ( const affine_element< Fq_, Fr_, Params_ > &  other)
constexprdefaultnoexcept

◆ operator==()

template<class Fq , class Fr , class T >
constexpr bool bb::group_elements::affine_element< Fq, Fr, T >::operator== ( const affine_element< Fq_, Fr_, Params_ > &  other) const
constexprnoexcept

Definition at line 139 of file affine_element_impl.hpp.

◆ operator>()

template<class Fq , class Fr , class T >
constexpr bool bb::group_elements::affine_element< Fq, Fr, T >::operator> ( const affine_element< Fq_, Fr_, Params_ > &  other) const
constexprnoexcept

Definition at line 149 of file affine_element_impl.hpp.

◆ random_element()

template<typename Fq , typename Fr , typename T >
affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq, Fr, T >::random_element ( numeric::RNG engine = nullptr)
staticnoexcept

Samples a random point on the curve.

Returns
A randomly chosen point on the curve

Definition at line 260 of file affine_element_impl.hpp.

◆ self_set_infinity()

template<class Fq , class Fr , class T >
constexpr void bb::group_elements::affine_element< Fq, Fr, T >::self_set_infinity ( )
constexprnoexcept

Definition at line 98 of file affine_element_impl.hpp.

◆ serialize_from_buffer()

template<typename Fq_ , typename Fr_ , typename Params_ >
static affine_element bb::group_elements::affine_element< Fq_, Fr_, Params_ >::serialize_from_buffer ( const uint8_t *  buffer,
bool  write_x_first = false 
)
inlinestatic

Restore point from a buffer.

Parameters
bufferBuffer from which we deserialize the point
Returns
Deserialized point

We support serializing the point at infinity for curves defined over a bb::field (i.e., a native field of prime order) and for points of bb::g2.

Warning
This will need to be updated if we serialize points over composite-order fields other than fq2!

Definition at line 150 of file affine_element.hpp.

◆ serialize_to_buffer()

template<typename Fq_ , typename Fr_ , typename Params_ >
static void bb::group_elements::affine_element< Fq_, Fr_, Params_ >::serialize_to_buffer ( const affine_element< Fq_, Fr_, Params_ > &  value,
uint8_t *  buffer,
bool  write_x_first = false 
)
inlinestatic

Serialize the point to the given buffer.

We support serializing the point at infinity for curves defined over a bb::field (i.e., a native field of prime order) and for points of bb::g2.

Warning
This will need to be updated if we serialize points over composite-order fields other than fq2!

Definition at line 123 of file affine_element.hpp.

◆ set_infinity()

template<class Fq , class Fr , class T >
constexpr affine_element< Fq, Fr, T > bb::group_elements::affine_element< Fq, Fr, T >::set_infinity ( ) const
constexprnoexcept

Definition at line 91 of file affine_element_impl.hpp.

◆ to_buffer()

template<typename Fq_ , typename Fr_ , typename Params_ >
std::vector< uint8_t > bb::group_elements::affine_element< Fq_, Fr_, Params_ >::to_buffer ( ) const
inline

Serialize the point to a byte vector.

Returns
Vector with serialized representation of the point

Definition at line 174 of file affine_element.hpp.

Friends And Related Symbol Documentation

◆ operator<<

template<typename Fq_ , typename Fr_ , typename Params_ >
std::ostream & operator<< ( std::ostream &  os,
const affine_element< Fq_, Fr_, Params_ > &  a 
)
friend

Definition at line 181 of file affine_element.hpp.

Member Data Documentation

◆ is_field2_v

template<typename Fq_ , typename Fr_ , typename Params_ >
template<typename T >
constexpr bool bb::group_elements::affine_element< Fq_, Fr_, Params_ >::is_field2_v
staticconstexpr
Initial value:
= requires(T t) {
t.c0;
t.c1;
}

Definition at line 208 of file affine_element.hpp.

◆ PUBLIC_INPUTS_SIZE

template<typename Fq_ , typename Fr_ , typename Params_ >
constexpr size_t bb::group_elements::affine_element< Fq_, Fr_, Params_ >::PUBLIC_INPUTS_SIZE = 2 * Fq::PUBLIC_INPUTS_SIZE
staticconstexpr

Number of bb::fr elements required to represent an affine_element in the public inputs (2 frs per coordinate)

Definition at line 41 of file affine_element.hpp.

◆ x

template<typename Fq_ , typename Fr_ , typename Params_ >
Fq bb::group_elements::affine_element< Fq_, Fr_, Params_ >::x

Definition at line 203 of file affine_element.hpp.

◆ y

template<typename Fq_ , typename Fr_ , typename Params_ >
Fq bb::group_elements::affine_element< Fq_, Fr_, Params_ >::y

Definition at line 204 of file affine_element.hpp.

The documentation for this class was generated from the following files: