Skip to content

Commit

Permalink
Merge pull request #371 from omerfirmak/elim-pedersen-alloc
Browse files Browse the repository at this point in the history
Eliminate 2 allocations per Pedersen call
  • Loading branch information
yelhousni authored Apr 5, 2023
2 parents cd02e18 + 3dcca6b commit f394b83
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions ecc/stark-curve/pedersen-hash/pedersen_hash.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,8 +59,10 @@ func PedersenArray(elems ...*fp.Element) *fp.Element {
func Pedersen(a *fp.Element, b *fp.Element) *fp.Element {

result := new(starkcurve.G1Jac).Set(&shiftPoint)
result.AddAssign(processElement(a, &p0, &p1))
result.AddAssign(processElement(b, &p2, &p3))

var point starkcurve.G1Jac
result.AddAssign(processElement(a, &p0, &p1, &point))
result.AddAssign(processElement(b, &p2, &p3, &point))

// recover the affine x coordinate
var x fp.Element
Expand All @@ -71,17 +73,17 @@ func Pedersen(a *fp.Element, b *fp.Element) *fp.Element {
return &x
}

func processElement(a *fp.Element, p1 *starkcurve.G1Jac, p2 *starkcurve.G1Jac) *starkcurve.G1Jac {
func processElement(a *fp.Element, p1 *starkcurve.G1Jac, p2 *starkcurve.G1Jac, res *starkcurve.G1Jac) *starkcurve.G1Jac {
var bigInt big.Int
var aBytes [32]byte
a.BigInt(&bigInt).FillBytes(aBytes[:])

highPart := bigInt.SetUint64(uint64(aBytes[0])) // The top nibble (bits 249-252)
lowPart := aBytes[1:] // Zero-out the top nibble (bits 249-252)

m := new(starkcurve.G1Jac).ScalarMultiplication(p2, highPart)
res.ScalarMultiplication(p2, highPart)

var n starkcurve.G1Jac
n.ScalarMultiplication(p1, bigInt.SetBytes(lowPart))
return m.AddAssign(&n)
return res.AddAssign(&n)
}

0 comments on commit f394b83

Please # to comment.