Skip to content

Commit

Permalink
Fixing typos
Browse files Browse the repository at this point in the history
  • Loading branch information
@hecmas
hecmas committed Oct 16, 2024
1 parent 6602c16 commit 99ad53a
Show file tree
Hide file tree
Showing 3 changed files with 78 additions and 25 deletions.
32 changes: 22 additions & 10 deletions main/modexp/modexp.zkasm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,23 +84,34 @@ VAR GLOBAL modexp_RR
; [steps: 2] // end
;
; -------------------------------------------
; nIterations = ⌊log₂(E)⌋
; nIterations = ⌊log₂(E)⌋
; num_times_E_is_odd = HammingWeight(E) (i.e., number of 1s in the binary representation of E)
; num_times_E_is_even = nIterations - num_times_E_is_odd
; -------------------------------------------
; · cost(first_part) = [steps: 76 + 10*len(B) + 3*len(M) + 8*len(Q(B,M)) + 12*len(R(B,M)) + 19*len(Q(B,M))*len(M),
; bin: 4 - len(M) + len(R(B,M)) + 2*len(Q(B,M))*len(M),
; arith: len(Q(B,M))*len(M)]
; · cost(odd_iteration) = [steps: 273 + len(B) + 6*len(E) + 26*len(M) + 54*len(B)² + 38*len(B)*len(M) + 22*len(Q(E,2)) + 19*len(Q(B²,M))*len(M) + 8*len(Q(B²,M)) + 12*len(R(B²,M)),
; bin: 17 - 11*len(B) - 2*len(M) + 9*len(B)² + 4*len(B)*len(M) + 2*len(Q(E,2)) + 2*len(Q(B²,M))*len(M) + len(R(B²,M)) ,
; arith: -1 + len(B) + len(B)² + 2*len(B)*len(M) + len(Q(B²,M))*len(M)]
; · cost(last_part) = [steps: 2]
; · cost(first_part) = [steps: 76 + 10*len(B) + 3*len(M) + 8*len(Q(B,M)) + 12*len(R(B,M)) + 19*len(Q(B,M))*len(M),
; bin: 4 - len(M) + len(R(B,M)) + 2*len(Q(B,M))*len(M),
; arith: len(Q(B,M))*len(M)]
; · cost(even_iteration) = [steps: 171 - 2*len(B) + 6*len(E) + 3*len(M) + 51*len(B)² + 25*len(Q(E,2)) + 19*len(Q(B²,M))*len(M) + 8*len(Q(B²,M)) + 12*len(R(B²,M)),
; bin: 11 - 9*len(B) - len(M) + 9*len(B)² + 2*len(Q(E,2)) + 2*len(Q(B²,M))*len(M) + len(R(B²,M)),
; arith: -1 + len(B) + len(B)² + len(Q(B²,M))*len(M)]
; · cost(odd_iteration) = [steps: 273 + len(B) + 6*len(E) + 26*len(M) + 54*len(B)² + 38*len(B)*len(M) + 22*len(Q(E,2)) + 19*len(Q(B²,M))*len(M) + 8*len(Q(B²,M)) + 12*len(R(B²,M)),
; bin: 17 - 11*len(B) - 2*len(M) + 9*len(B)² + 4*len(B)*len(M) + 2*len(Q(E,2)) + 2*len(Q(B²,M))*len(M) + len(R(B²,M)),
; arith: -1 + len(B) + len(B)² + 2*len(B)*len(M) + len(Q(B²,M))*len(M)]
; · cost(last_part) = [steps: 2]
; -------------------------------------------
; cost(w.c): cost(first_part) + ⌊log₂(E)⌋*odd_iteration + cost(last_part)
; cost(w.c): cost(first_part) + num_times_E_is_even*cost(even_iteration) + num_times_E_is_odd*cost(odd_iteration) + cost(last_part)
; -------------------------------------------
; Note: For the total count, we have used that O <= M, len(B²) <= 2*len(B), len(O·B) <= len(M·B) <= len(M) + len(B), Q(O·B,M) <= Q(M·B,M) = B and R(O·B,M) < M
; Note: For the total count, we have used that:
; · O <= M,
; · len(B²) <= 2*len(B),
; · len(O·B) <= len(M·B) <= len(M) + len(B),
; · Q(O·B,M) <= Q(M·B,M) = B,
; · R(O·B,M) < M

modexp:
$${recordModExpCounters()}
$${expectedModExpCounters(addr.modexp_B, mem.modexp_Blen, addr.modexp_E, mem.modexp_Elen, addr.modexp_M, mem.modexp_Mlen)}

%MAX_CNT_STEPS - STEP - 7 - 3*%ARRAY_MAX_LEN - 3*%ARRAY_MAX_LEN - 1 :JMPN(outOfCountersStep) ; init and array div long

RR :MSTORE(modexp_RR)
Expand Down Expand Up @@ -413,4 +424,5 @@ modexp_rem_from_div3:

modexp_end:
$ => RR :MLOAD(modexp_RR)
$${checkModExpCounters()}
:RETURN
10 changes: 10 additions & 0 deletions test/testModExp.zkasm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,16 @@ start:
-1 :MSTORE(lastHashKId)
-1 :MSTORE(lastHashPId)

1 :MSTORE(modexp_Blen)
1 :MSTORE(modexp_Elen)
1 :MSTORE(modexp_Mlen)
3n :MSTORE(modexp_B)
115792089237316195423570985008687907853269984665640564039457584007908834671662n :MSTORE(modexp_E)
115792089237316195423570985008687907853269984665640564039457584007908834671663n :MSTORE(modexp_M)
:CALL(modexp)
0n :MLOAD(modexp_out)
1 :MLOAD(modexp_outlen)

; 256 BITS EXPONENT TESTS
; ---------------------------------------------------------------------------------------------
; 1] B == k·M (at any point of the exponentiations) should return 0
Expand Down
61 changes: 46 additions & 15 deletions tools/counters/modexp.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,20 +79,19 @@ module.exports = class myHelper {
const nTimesEven = lenE * 256 - nTimesOdd;

let counters = {cntStep: 0, cntBinary: 0, cntArith: 0};
// I do an overstimation that the number is always odd!
const a = setupAndFirstDivCounters();
const b = fullLoopCounters(); // halfLoopCounters();
const b = halfLoopCounters();
const c = fullLoopCounters();

for (const key in counters) {
counters[key] = a[key] + nTimesEven * b[key] + nTimesOdd * c[key];
}

// console.log(JSON.stringify(counters, null, 2));
console.log(`Expected ModExp Counters:\n${JSON.stringify(counters, null, 2)}`);

ctx.emodExpCounters = counters;

function computeLenThisBase(x) {
function computeLen(x) {
if (x === 0n) return 1;

let len = 0;
Expand All @@ -112,16 +111,47 @@ module.exports = class myHelper {
76 +
10 * lenB +
3 * lenM +
8 * computeLenThisBase(Q_B_M) +
12 * computeLenThisBase(R_B_M) +
19 * computeLenThisBase(Q_B_M) * lenM,
8 * computeLen(Q_B_M) +
12 * computeLen(R_B_M) +
19 * computeLen(Q_B_M) * lenM,
cntBinary:
4 -
lenM +
computeLenThisBase(R_B_M) +
2 * computeLenThisBase(Q_B_M) * lenM,
computeLen(R_B_M) +
2 * computeLen(Q_B_M) * lenM,
cntArith:
computeLenThisBase(Q_B_M) * lenM,
computeLen(Q_B_M) * lenM,
};
}

function halfLoopCounters() {
// [steps: 171 - 2*len(B) + 6*len(E) + 3*len(M) + 51*len(B)² + 25*len(Q(E,2)) + 19*len(Q(B²,M))*len(M) + 8*len(Q(B²,M)) + 12*len(R(B²,M)),
// bin: 11 - 9*len(B) - len(M) + 9*len(B)² + 2*len(Q(E,2)) + 2*len(Q(B²,M))*len(M) + len(R(B²,M)),
// arith: -1 + len(B) + len(B)² + len(Q(B²,M))*len(M)]
return {
cntStep:
171 -
2*lenB +
6 * lenE +
3 * lenM +
51 * lenB**2 +
25 * lenQE2 +
19 * computeLen(Q_Bsq_M) * lenM +
8 * computeLen(Q_Bsq_M) +
12 * computeLen(R_Bsq_M),
cntBinary:
11 -
9 * lenB -
lenM +
9 * lenB**2 +
2 * lenQE2 +
2 * computeLen(Q_Bsq_M) * lenM +
computeLen(R_Bsq_M),
cntArith:
-1 +
lenB +
lenB**2 +
computeLen(Q_Bsq_M) * lenM,
};
}

Expand All @@ -138,23 +168,24 @@ module.exports = class myHelper {
54 * lenB**2 +
38 * lenB * lenM +
22 * lenQE2 +
19 * computeLenThisBase(Q_Bsq_M) * lenM +
8 * computeLenThisBase(Q_Bsq_M) +
12 * computeLenThisBase(R_Bsq_M),
19 * computeLen(Q_Bsq_M) * lenM +
8 * computeLen(Q_Bsq_M) +
12 * computeLen(R_Bsq_M),
cntBinary:
17 -
11 * lenB -
2 * lenM +
9 * lenB**2 +
4 * lenB * lenM +
2 * lenQE2 +
2 * computeLenThisBase(Q_Bsq_M) * lenM,
2 * computeLen(Q_Bsq_M) * lenM +
computeLen(R_Bsq_M),
cntArith:
-1 +
lenB +
lenB**2 +
2 * lenB * lenM +
computeLenThisBase(Q_Bsq_M) * lenM,
computeLen(Q_Bsq_M) * lenM,
};
}
}
Expand Down

0 comments on commit 99ad53a

Please sign in to comment.