feat: bls12_pairing

Author: obatirou

cairo/ethereum/prague/vm/precompiled_contracts/bls12_381/bls12_381_pairing.cairo

@@ -0,0 +1,53 @@
+from starkware.cairo.common.cairo_builtins import BitwiseBuiltin, ModBuiltin, PoseidonBuiltin
+from ethereum.prague.vm.evm_impl import Evm, EvmImpl
+from ethereum.exceptions import EthereumException
+from ethereum.prague.vm.exceptions import InvalidParameter
+from ethereum.utils.numeric import divmod
+from ethereum.prague.vm.gas import charge_gas
+from ethereum_types.numeric import Uint
+from ethereum_types.bytes import Bytes
+from cairo_core.comparison import is_zero, is_not_zero
+
+func bls12_pairing{
+    range_check_ptr,
+    bitwise_ptr: BitwiseBuiltin*,
+    keccak_ptr: felt*,
+    poseidon_ptr: PoseidonBuiltin*,
+    range_check96_ptr: felt*,
+    add_mod_ptr: ModBuiltin*,
+    mul_mod_ptr: ModBuiltin*,
+    evm: Evm,
+}() -> EthereumException* {
+    alloc_locals;
+    let data = evm.value.message.value.data;
+    let (q, r) = divmod(data.value.len, 384);
+    let data_multiple_of_384 = is_not_zero(r);
+    let data_is_zero = is_zero(data.value.len);
+    let invalid_valid_input = data_multiple_of_384 + data_is_zero;
+
+    if (invalid_valid_input != 0) {
+        tempvar err = new EthereumException(InvalidParameter);
+        return err;
+    }
+
+    // GAS
+    let gas_cost = Uint(32600 * q + 37700);
+    let err = charge_gas(gas_cost);
+    if (cast(err, felt) != 0) {
+        return err;
+    }
+
+    // OPERATION
+    tempvar data = evm.value.message.value.data;
+    tempvar error: EthereumException*;
+    tempvar output: Bytes;
+
+    %{ bls12_pairing_hint %}
+    if (cast(error, felt) != 0) {
+        return error;
+    }
+
+    EvmImpl.set_output(output);
+    tempvar ok = cast(0, EthereumException*);
+    return ok;
+}

cairo/tests/ethereum/prague/vm/precompiled_contracts/bls12_381/test_bls12_381_pairing.py

@@ -0,0 +1,48 @@
+from ethereum.prague.vm import Evm
+from ethereum.prague.vm.precompiled_contracts.bls12_381.bls12_381_g1 import G1_to_bytes
+from ethereum.prague.vm.precompiled_contracts.bls12_381.bls12_381_g2 import G2_to_bytes
+from ethereum.prague.vm.precompiled_contracts.bls12_381.bls12_381_pairing import (
+    bls12_pairing,
+)
+from ethereum_types.bytes import Bytes
+from hypothesis import given
+from hypothesis import strategies as st
+from py_ecc.fields import optimized_bls12_381_FQ2 as FQ2
+from py_ecc.optimized_bls12_381.optimized_curve import Z1, Z2
+
+from cairo_addons.testing.errors import strict_raises
+from tests.utils.evm_builder import EvmBuilder
+from tests.utils.strategies import blsp2_strategy, blsp_strategy
+
+
+@st.composite
+def bls12_381_pairing_data(draw):
+    num_points = draw(st.integers(min_value=1, max_value=10))
+    g1_points = draw(st.lists(blsp_strategy, min_size=num_points, max_size=num_points))
+    g2_points = draw(st.lists(blsp2_strategy, min_size=num_points, max_size=num_points))
+    result = Bytes(b"")
+    for i in range(num_points):
+        assert g1_points[i][2] == 0 if g1_points[i] == Z1 else g1_points[i][2] == 1
+        assert (
+            g2_points[i][2] == FQ2.zero()
+            if g2_points[i] == Z2
+            else g2_points[i][2] == FQ2.one()
+        )
+        result += G1_to_bytes(g1_points[i][:2]) + G2_to_bytes(g2_points[i][:2])
+    return result
+
+
+@given(
+    evm=EvmBuilder().with_gas_left().with_message().build(),
+    data=bls12_381_pairing_data(),
+)
+def test_bls12_381_pairing(cairo_run, evm: Evm, data: Bytes):
+    evm.message.data = data
+    try:
+        evm_cairo = cairo_run("bls12_pairing", evm, data)
+    except Exception as e:
+        with strict_raises(type(e)):
+            bls12_pairing(evm)
+        return
+    bls12_pairing(evm)
+    assert evm_cairo == evm

python/cairo-addons/src/cairo_addons/hints/precompiles.py

@@ -342,3 +342,56 @@ def inner():
             write_error(memory, ap, segments, e)
 
     inner()
+
+
+@register_hint
+def bls12_pairing_hint(
+    ids: VmConsts,
+    segments: MemorySegmentManager,
+    memory: MemoryDict,
+    ap: RelocatableValue,
+):
+    from ethereum.prague.vm.exceptions import InvalidParameter
+    from ethereum.prague.vm.memory import buffer_read
+    from ethereum.prague.vm.precompiled_contracts.bls12_381.bls12_381_g1 import (
+        bytes_to_G1,
+    )
+    from ethereum.prague.vm.precompiled_contracts.bls12_381.bls12_381_g2 import (
+        bytes_to_G2,
+    )
+    from ethereum_types.numeric import U256, Uint
+    from py_ecc.bls12_381.bls12_381_curve import FQ12, curve_order, multiply
+    from py_ecc.bls12_381.bls12_381_pairing import pairing
+
+    from cairo_addons.hints.precompiles import write_error, write_output
+
+    def inner():
+        data = bytes(
+            [memory[ids.data.value.data + i] for i in range(ids.data.value.len)]
+        )
+        try:
+            result = FQ12.one()
+            k = len(data) // 384
+            for i in range(k):
+                g1_start = Uint(384 * i)
+                g2_start = Uint(384 * i + 128)
+
+                g1_point = bytes_to_G1(buffer_read(data, U256(g1_start), U256(128)))
+                if multiply(g1_point, curve_order) is not None:
+                    raise InvalidParameter("Sub-group check failed.")
+
+                g2_point = bytes_to_G2(buffer_read(data, U256(g2_start), U256(256)))
+                if multiply(g2_point, curve_order) is not None:
+                    raise InvalidParameter("Sub-group check failed.")
+
+                result *= pairing(g2_point, g1_point)
+            if result == FQ12.one():
+                output = b"\x00" * 31 + b"\x01"
+            else:
+                output = b"\x00" * 32
+            memory[ap - 2] = 0
+            write_output(memory, ap, segments, output)
+        except Exception as e:
+            write_error(memory, ap, segments, e)
+
+    inner()