start fixing BW6-761 pairing

mratsim · Aug 13, 2023 · 4353281 · 4353281
1 parent 47b4f48
commit 4353281
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 12 deletions.
diff --git a/constantine/math/extension_fields/towers.nim b/constantine/math/extension_fields/towers.nim
@@ -415,6 +415,9 @@ func prod2x*(r: var ExtensionField2x, a: ExtensionField2x, b: static int) =
 # 𝔽p
 # ----------------------------------------------------------------
 
+template fromComplexExtension*(elem: Fp): static bool =
+  false
+
 func `*=`*(a: var Fp, _: type NonResidue) =
   ## Multiply an element of 𝔽p by the quadratic non-residue
   ## chosen to construct 𝔽p2
@@ -427,7 +430,7 @@ func prod*(r: var Fp, a: Fp, _: type NonResidue) =
   static: doAssert Fp.C.getNonResidueFp() != -1, "𝔽p2 should be specialized for complex extension"
   r.prod(a, Fp.C.getNonResidueFp())
 
-func prod2x(r: var FpDbl, a: FpDbl, _: type NonResidue) =
+func prod2x*(r: var FpDbl, a: FpDbl, _: type NonResidue) =
   ## Multiply an element of 𝔽p by the quadratic non-residue
   ## chosen to construct 𝔽p2
   static: doAssert FpDbl.C.getNonResidueFp() != -1, "𝔽p2 should be specialized for complex extension"

diff --git a/constantine/math/pairings/pairings_bw6_761.nim b/constantine/math/pairings/pairings_bw6_761.nim
@@ -41,20 +41,20 @@ func millerLoopBW6_761_naive[C](
   var T {.noInit.}: ECP_ShortW_Prj[Fp[C], G2]
   T.fromAffine(Q)
 
-  basicMillerLoop(
-    f, T,
-    P, Q,
-    pairing(C, ate_param_1_unopt), pairing(C, ate_param_1_unopt_isNeg)
-  )
+  basicMillerLoop(f, T, P, Q, pairing(C, ate_param_1_unopt))
+
+  when pairing(C, ate_param_1_unopt_isNeg):
+    f.conj()
+    T.neg()
 
   var f2 {.noInit.}: typeof(f)
   T.fromAffine(Q)
 
-  basicMillerLoop(
-    f2, T,
-    P, Q,
-    pairing(C, ate_param_2_unopt), pairing(C, ate_param_2_unopt_isNeg)
-  )
+  basicMillerLoop(f2, T, P, Q, pairing(C, ate_param_2_unopt))
+
+  when pairing(C, ate_param_2_unopt_isNeg):
+    f2.conj()
+    T.neg()
 
   let t = f2
   f2.frobenius_map(t)
@@ -155,7 +155,7 @@ func pairing_bw6_761_reference*[C](
   ## Output: e(P, Q) ∈ Gt
   ##
   ## Reference implementation
-  {.error: "BW6_761 Miller loop is not working yet".}
+  # {.error: "BW6_761 Miller loop is not working yet".}
   gt.millerLoopBW6_761_naive(Q, P)
   gt.finalExpEasy()
   gt.finalExpHard_BW6_761()