Add PlutusV3 conformance tests and also control budgets
There were some odd discrepancy for `integerToByteString` on the mem side. Either 1 or about 1000 mem units off; which I couldn't quite figure out. Yet, it proves useful to validate builtin at large and ensure we have a valid cost model for v3.
This commit is contained in:
KtorZ
@@ -0,0 +1,2 @@
|
||||
The tests here are mostly unit tests to make sure that built-in functions
|
||||
produce correct results.
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 [ (builtin addInteger) (con integer 1) (con integer 2) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 181308
|
||||
| mem: 602})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con integer 3))
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 [ [ (builtin addInteger) (con integer 1)] (con integer 1) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 181308
|
||||
| mem: 602})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con integer 2))
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 [ [ (builtin addInteger) (con integer -1789345783478975892347952789342)] (con integer 5734) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 181728
|
||||
| mem: 603})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con integer -1789345783478975892347952783608))
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 [ [ (builtin addInteger) (con integer -1789345783478975892347952789342)] (con integer 57347348957247358792345278346357234234527384258346526378567285925786235963258) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 182568
|
||||
| mem: 605})
|
||||
@@ -0,0 +1,7 @@
|
||||
(program
|
||||
1.0.0
|
||||
(con
|
||||
integer
|
||||
57347348957247358792345278346357234234527384256557180595088310033438283173916
|
||||
)
|
||||
)
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 [ [ (builtin addInteger) (con integer 0)] (con integer 7527934965792342535732746236582734865623578) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 182148
|
||||
| mem: 604})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con integer 7527934965792342535732746236582734865623578))
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 [ [(builtin appendByteString) (con bytestring #00AABBCC)] (con bytestring #FF0033) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 81446
|
||||
| mem: 602})
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 (con bytestring #00aabbccff0033))
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 [ [(builtin appendByteString) (con bytestring #00AABBCC)] (con bytestring #) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 81446
|
||||
| mem: 602})
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 (con bytestring #00aabbcc))
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 [ [(builtin appendByteString) (con bytestring #)] (con bytestring #FF0033) ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 81446
|
||||
| mem: 602})
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 (con bytestring #ff0033))
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 [ [ (builtin appendString) (con string "Ola")] (con string " mundo!") ])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 680670
|
||||
| mem: 614})
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 (con string "Ola mundo!"))
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 [(builtin bData) (con bytestring #0AFD)])
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 59283
|
||||
| mem: 432})
|
||||
@@ -0,0 +1 @@
|
||||
(program 0.0.0 (con data (B #0afd)))
|
||||
@@ -0,0 +1,14 @@
|
||||
-- Test vector (0-bit input) for Blake2b_224.
|
||||
-- Output obtained using the b2sum program from https://github.com/BLAKE2/BLAKE2
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin equalsByteString)
|
||||
[
|
||||
(builtin blake2b_224)
|
||||
(con bytestring #)
|
||||
]
|
||||
]
|
||||
(con bytestring #836cc68931c2e4e3e838602eca1902591d216837bafddfe6f0c8cb07)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 357676
|
||||
| mem: 805})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,14 @@
|
||||
-- Test vector (200-bit input) for Blake2b_224.
|
||||
-- Output obtained using the b2sum program from https://github.com/BLAKE2/BLAKE2
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin equalsByteString)
|
||||
[
|
||||
(builtin blake2b_224)
|
||||
(con bytestring #2e7ea84da4bc4d7cfb463e3f2c8647057afff3fbececa1d200)
|
||||
]
|
||||
]
|
||||
(con bytestring #93d4b80c531998973b08297fc5042af359865a8702f20b5fc2db8df5)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 382606
|
||||
| mem: 805})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,14 @@
|
||||
-- Test vector (0-bit input) for Blake2b_256.
|
||||
-- Output obtained using the b2sum program from https://github.com/BLAKE2/BLAKE2
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin equalsByteString)
|
||||
[
|
||||
(builtin blake2b_256)
|
||||
(con bytestring #)
|
||||
]
|
||||
]
|
||||
(con bytestring #0e5751c026e543b2e8ab2eb06099daa1d1e5df47778f7787faab45cdf12fe3a8)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 351411
|
||||
| mem: 805})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,14 @@
|
||||
-- Test vector (200-bit input) for Blake2b_256.
|
||||
-- Output obtained using the b2sum program from https://github.com/BLAKE2/BLAKE2
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin equalsByteString)
|
||||
[
|
||||
(builtin blake2b_256)
|
||||
(con bytestring #2e7ea84da4bc4d7cfb463e3f2c8647057afff3fbececa1d200)
|
||||
]
|
||||
]
|
||||
(con bytestring #91c60f99b33303c02b39ed93b713e3915a180c3747f3b31e05727618ee401624)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 376479
|
||||
| mem: 805})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,25 @@
|
||||
-- Check that adding two random points in G1 gives the expected result.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_equal)
|
||||
[
|
||||
(builtin bls12_381_G1_add)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #b93105d0cff4c3f6a42ab790900a26bb1843f4b07fc83d527a66e4a2ddf6c49ea86fe37b1106dbd20dc280ec5996dadf
|
||||
)
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #a077246742bfbffdefc1193aba17434d337f231478bf63173065c1e09c34429e76877983ae5f3add1438e5d237f63724
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
(con
|
||||
bls12_381_G1_element
|
||||
0x9863eb0a7f8b092fca1a4333866ae3579ad2a4edef84bfcdf736333b3adf0100820c7603b002bf911b564cf032392f07
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 107508687
|
||||
| mem: 1455})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,19 @@
|
||||
-- Check that negating a random point in G1 gives the expected result.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_equal)
|
||||
[
|
||||
(builtin bls12_381_G1_neg)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #b93105d0cff4c3f6a42ab790900a26bb1843f4b07fc83d527a66e4a2ddf6c49ea86fe37b1106dbd20dc280ec5996dadf)
|
||||
]
|
||||
]
|
||||
]
|
||||
(con
|
||||
bls12_381_G1_element
|
||||
0x993105d0cff4c3f6a42ab790900a26bb1843f4b07fc83d527a66e4a2ddf6c49ea86fe37b1106dbd20dc280ec5996dadf
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 53802159
|
||||
| mem: 1037})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,23 @@
|
||||
-- Scalar multiplication gives the correct result.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_equal)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_scalarMul)
|
||||
(con integer 29342537169447282925541144552701591957563885683358707334406144036950193508773)
|
||||
-- 0x40df499974f62e2f268cd5096b0d952073900054122ffce0a27c9d96932891a5
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #a077246742bfbffdefc1193aba17434d337f231478bf63173065c1e09c34429e76877983ae5f3add1438e5d237f63724)
|
||||
]
|
||||
]
|
||||
]
|
||||
(con
|
||||
bls12_381_G1_element
|
||||
0xa07796202c3fcad405a5da58d99f0194c8ee21999dd03291f0bfe97e68eb4e69077cf8052b9f5d9cbc4a1394baa0e0d8
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 130034708
|
||||
| mem: 1237})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,7 @@
|
||||
-- This contains a value which is not the x-coordinate of a point on the E1 curve.
|
||||
(program 0.0.0
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #864cc4f64b12ca99ecdd1962572e6add609d9c619aab678b3fc298bc2f0f81feb4f0d3ebad7e850a8bcb52ca467e649d)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1,8 @@
|
||||
-- This contains a value which is the x-coordinate of a point which lies on the
|
||||
-- E1 curve but not the G1 subgroup.
|
||||
(program 0.0.0
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #9483141c933166b61990a706aca07f467d22bc34c6552f5bba91cb1fc21db51d03dfff6523a5e1b4285d54c47660eda1)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1,31 @@
|
||||
-- Check that adding two random points in G2 gives the expected result.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G2_equal)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G2_add)
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b5ed6482bf5486831a9eb445b8b9a77aa6330005b8b432523c69fee7085d3032856de9f857c55ac9745eabcf14894205149cc67393687289e6c2728be69ad1f8ea1a6c0a5a65bf93eca984f3dac5da1abc6f7156ccbc5a33c655f7b17724eb19
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a6cc0f01663fd65a95d1359758ebe3a412ce05f4242b0c1f5964351b38e188362a8ceb6c2f86d3f7e5f73b60cd04288005d2a50f8ddf1751d7a915515054276fbae7569c3f18c614c9954177d8e745e98404654cf759d4747b0c806bbd336b7d
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
(con
|
||||
bls12_381_G2_element
|
||||
0xb3db03681aaf0d218be32f7cc94bd6a975c6870b4a1d4e461b77b60eee2461ca367154b0c4583b2d5f81124aa21fdf3e09ff6b54ce7c57572283a175fba381a32ac6f46abaf11cdbaeb206dcd7d4269caa4d0ebbb3adc1b8fce42ccfa855ea83
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 152501902
|
||||
| mem: 1509})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,20 @@
|
||||
-- Check that negating a random point in G2 gives the expected result.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G2_equal)
|
||||
[
|
||||
(builtin bls12_381_G2_neg)
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con bytestring #b5ed6482bf5486831a9eb445b8b9a77aa6330005b8b432523c69fee7085d3032856de9f857c55ac9745eabcf14894205149cc67393687289e6c2728be69ad1f8ea1a6c0a5a65bf93eca984f3dac5da1abc6f7156ccbc5a33c655f7b17724eb19
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
(con
|
||||
bls12_381_G2_element
|
||||
0x95ed6482bf5486831a9eb445b8b9a77aa6330005b8b432523c69fee7085d3032856de9f857c55ac9745eabcf14894205149cc67393687289e6c2728be69ad1f8ea1a6c0a5a65bf93eca984f3dac5da1abc6f7156ccbc5a33c655f7b17724eb19
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 76028140
|
||||
| mem: 1073})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,24 @@
|
||||
-- Scalar multiplication gives the correct result.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G2_equal)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G2_scalarMul)
|
||||
(con integer 29342537169447282925541144552701591957563885683358707334406144036950193508773)
|
||||
-- 0x40df499974f62e2f268cd5096b0d952073900054122ffce0a27c9d96932891a5
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con bytestring #a6cc0f01663fd65a95d1359758ebe3a412ce05f4242b0c1f5964351b38e188362a8ceb6c2f86d3f7e5f73b60cd04288005d2a50f8ddf1751d7a915515054276fbae7569c3f18c614c9954177d8e745e98404654cf759d4747b0c806bbd336b7d
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
(con
|
||||
bls12_381_G2_element
|
||||
0x89b8e839c317ab3c735c6a65122fff4654f469c30c480701f6e4d9f311f3c5f3411c7cd2876c539bf56f983d14e550b5172765f62bba1235394a33413c21667a57214e9a6f2516f8d7bf57321c20bf8cd8ecd290691ad6bd5ab9e391304240a4
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 234103104
|
||||
| mem: 1273})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,7 @@
|
||||
-- This contains a value which is not the x-coordinate of a point on the E2 curve.
|
||||
(program 0.0.0
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con bytestring #87861839e602fc5dfa0d0b72232dd81d2b0e4b660a7eba353da27e66ceaf2d6c7734925247281866a12d67752a1edaad01ea59e4e86e2e85a81a573cd68f6dfb526558d81a8f488f261f355ddac23f6caf07d27fda71d8f3968d4ceeda89a09d)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1,9 @@
|
||||
-- This contains a value which is the x-coordinate of a point which lies on the
|
||||
-- E2 curve but not the G2 subgroup.
|
||||
(program 0.0.0
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con bytestring #8bd83699f607412448d202d948bb111badd456d68086ff9a5906ea3b2cda4111d3638391f7a7b153eea77ab47215d6fe13b350f59f884c6e31ac087239d9145b816424cba2c8bcb7b3ed7e19638089d91e5c9136d2aefc8da165284b42229a70
|
||||
)
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1 @@
|
||||
evaluation failure
|
||||
@@ -0,0 +1,22 @@
|
||||
These tests reproduce some of those in
|
||||
[cardano-crypto-tests](https://github.com/IntersectMBO/cardano-base/tree/master/cardano-crypto-tests),
|
||||
specifically the unit tests in [EllipticCurves.hs](https://github.com/IntersectMBO/cardano-base/blob/master/cardano-crypto-tests/src/Test/Crypto/EllipticCurve.hs).
|
||||
|
||||
The inputs to those tests (and hence these tests) were generated using the Rust
|
||||
[bls12_381 library](https://docs.rs/bls12_381/latest/bls12_381/), so they
|
||||
provide independent verification that the basic BLS12-381 functions (here
|
||||
implemented using the [blst library](https://github.com/supranational/blst))
|
||||
behave as expected. Note that the test vectors provided in the [BLS12-381
|
||||
specification](https://www.ietf.org/archive/id/draft-irtf-cfrg-pairing-friendly-curves-11.html#name-bls-curves-for-the-128-bit-)
|
||||
cannot be used because they are **incorrect**.
|
||||
|
||||
The other BLS12-381 conformance tests (in neighbouring directories of the
|
||||
current one) test a wider range of properties, but their inputs were
|
||||
chosen semi-randomly and their outputs were generated using the Plutus Core
|
||||
implementations of the BLS12-381 built-in functions: thus they don't test
|
||||
against some independent source of truth, although they do guard against changes
|
||||
in the Plutus Core implementation and can be used to test other Plutus Core
|
||||
evaluators for compatibilty with the standard one. Also, there are
|
||||
comprehensive property tests
|
||||
[here](https://github.com/IntersectMBO/plutus/tree/master/plutus-core/untyped-plutus-core/test/Evaluation/Builtins)
|
||||
which may be converted into conformance tests at some point in the future.
|
||||
@@ -0,0 +1,38 @@
|
||||
-- <[a]P,Q> = <P,[a]Q>
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con bytestring #8baa4f3fcd895033f93494b040ccd7dfb77cb759cd2e150bfff4264873174509cd22230423b70896b17c8fc3660f6b21) -- [a]P
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con bytestring #b67029fbf3ab8e62ab6b499f541537fc07d9466e668392df2bc19762d7dc48b64be09a448cd46dbfe21819a91cd0ab3205f1316ad1cc32853f3f1a1d06497f5cfbc2d753dfc01bff177adeb93f24d452045435dc6eb29f5610b66cd0dd3fb352) -- Q
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#840463aa2f2cda89985b1f3f5eb43b9c29809765d2747d60734b19d6f90610effdfc500af7d458a3e78cee0945ddc669) -- P
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a80f311db6f2fdc45404870f4c55b65a9a59a35efcfa2a7c595f3955226076bbaa33e403c0d4749495d9423b806f9dbe08cca770e08fa535daefb6dba2edb62f8b9aff6bae83bf48819bcdf98f07e79de8635e8521ddecae19b01a6777bc4684) -- [a]Q
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1097491548
|
||||
| mem: 2453})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,71 @@
|
||||
-- <[a]P,Q><[b]P,Q> = <[a+b]P,Q>
|
||||
(program
|
||||
1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_mulMlResult)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#8baa4f3fcd895033f93494b040ccd7dfb77cb759cd2e150bfff4264873174509cd22230423b70896b17c8fc3660f6b21 -- [a]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b67029fbf3ab8e62ab6b499f541537fc07d9466e668392df2bc19762d7dc48b64be09a448cd46dbfe21819a91cd0ab3205f1316ad1cc32853f3f1a1d06497f5cfbc2d753dfc01bff177adeb93f24d452045435dc6eb29f5610b66cd0dd3fb352 -- Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a4a925cb9c0580c14cbc8ec54447eb20070336a61c349c6a64b0d87e4db89d77734021cd88e2da369bdd85c0518c66c4 -- [b]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b67029fbf3ab8e62ab6b499f541537fc07d9466e668392df2bc19762d7dc48b64be09a448cd46dbfe21819a91cd0ab3205f1316ad1cc32853f3f1a1d06497f5cfbc2d753dfc01bff177adeb93f24d452045435dc6eb29f5610b66cd0dd3fb352 -- Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#aecf54083187026a6b689e70af54375ab7cc6d0d311acb6203730a2904654d6e92f82e62006c0d5e21094155eb93cc98 -- [a+b]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b67029fbf3ab8e62ab6b499f541537fc07d9466e668392df2bc19762d7dc48b64be09a448cd46dbfe21819a91cd0ab3205f1316ad1cc32853f3f1a1d06497f5cfbc2d753dfc01bff177adeb93f24d452045435dc6eb29f5610b66cd0dd3fb352 -- Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1481510453
|
||||
| mem: 3851})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,47 @@
|
||||
-- <[a]P,[b]Q> = <[ab]P,Q>
|
||||
(program
|
||||
1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#8baa4f3fcd895033f93494b040ccd7dfb77cb759cd2e150bfff4264873174509cd22230423b70896b17c8fc3660f6b21 -- [a]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#9906a15ff959b496f478dd17348b32c033236db5a7437768a30c5ce87d9b6adfa7bf2223a0721c93a92f33abac9b2faf00d25e48b0f3cc52595264ef9ad0aa7b81e20b3c8634d577883ff5fc2373a021a1e57826f420a74f3ce0fbd2dcf79415 -- [b]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b2bb2433441c452b78f5be911aa136dd2c886a9ac329cb6c805e50d5255891fcc389b1190432f16a109c6f431f0f8023 -- [ab]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b67029fbf3ab8e62ab6b499f541537fc07d9466e668392df2bc19762d7dc48b64be09a448cd46dbfe21819a91cd0ab3205f1316ad1cc32853f3f1a1d06497f5cfbc2d753dfc01bff177adeb93f24d452045435dc6eb29f5610b66cd0dd3fb352 -- Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1097491548
|
||||
| mem: 2453})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,71 @@
|
||||
-- <P,[a]Q><P,[b]Q> = <P,[a+b]Q>
|
||||
(program
|
||||
1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_mulMlResult)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#840463aa2f2cda89985b1f3f5eb43b9c29809765d2747d60734b19d6f90610effdfc500af7d458a3e78cee0945ddc669 -- P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a80f311db6f2fdc45404870f4c55b65a9a59a35efcfa2a7c595f3955226076bbaa33e403c0d4749495d9423b806f9dbe08cca770e08fa535daefb6dba2edb62f8b9aff6bae83bf48819bcdf98f07e79de8635e8521ddecae19b01a6777bc4684 -- [a]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#840463aa2f2cda89985b1f3f5eb43b9c29809765d2747d60734b19d6f90610effdfc500af7d458a3e78cee0945ddc669 -- P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#9906a15ff959b496f478dd17348b32c033236db5a7437768a30c5ce87d9b6adfa7bf2223a0721c93a92f33abac9b2faf00d25e48b0f3cc52595264ef9ad0aa7b81e20b3c8634d577883ff5fc2373a021a1e57826f420a74f3ce0fbd2dcf79415 -- [b]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#840463aa2f2cda89985b1f3f5eb43b9c29809765d2747d60734b19d6f90610effdfc500af7d458a3e78cee0945ddc669 -- P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a63be4a1a776cadc7fc2e2d823bcc905f8f9cb0ebe662360d28d9964b022a99ce34a48b2e93cfceebc9bc1d79a3338da03a41393717239e66d4db06a87510b99fe04b0840c87c4051030b25e56ba34248d9ed30c82e8e501a616097299eefd62 -- [a+b]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1481510453
|
||||
| mem: 3851})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,47 @@
|
||||
-- <[a]P,[b]Q> = <P,[ab]Q>
|
||||
(program
|
||||
1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#8baa4f3fcd895033f93494b040ccd7dfb77cb759cd2e150bfff4264873174509cd22230423b70896b17c8fc3660f6b21 -- [a]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#9906a15ff959b496f478dd17348b32c033236db5a7437768a30c5ce87d9b6adfa7bf2223a0721c93a92f33abac9b2faf00d25e48b0f3cc52595264ef9ad0aa7b81e20b3c8634d577883ff5fc2373a021a1e57826f420a74f3ce0fbd2dcf79415 -- [b]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#840463aa2f2cda89985b1f3f5eb43b9c29809765d2747d60734b19d6f90610effdfc500af7d458a3e78cee0945ddc669 -- P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#82606f4c771ca685bfc1bb9c51c886d0daa0f63fbb0f6a24b512a1b9b92d401e556cbffdc204c0a85192c865ed73f8090da58ecd1690d5a3b236cc5d40a98988f9602a6d114edb59954ef4e21692f2d48219aeacb964604849336059ceece69f -- [ab]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1097491548
|
||||
| mem: 2453})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,46 @@
|
||||
-- <[a]P,[b]Q> = <[b]P,[a]Q>
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#8baa4f3fcd895033f93494b040ccd7dfb77cb759cd2e150bfff4264873174509cd22230423b70896b17c8fc3660f6b21 -- [a]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#9906a15ff959b496f478dd17348b32c033236db5a7437768a30c5ce87d9b6adfa7bf2223a0721c93a92f33abac9b2faf00d25e48b0f3cc52595264ef9ad0aa7b81e20b3c8634d577883ff5fc2373a021a1e57826f420a74f3ce0fbd2dcf79415 -- [b]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a4a925cb9c0580c14cbc8ec54447eb20070336a61c349c6a64b0d87e4db89d77734021cd88e2da369bdd85c0518c66c4 -- [b]P
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a80f311db6f2fdc45404870f4c55b65a9a59a35efcfa2a7c595f3955226076bbaa33e403c0d4749495d9423b806f9dbe08cca770e08fa535daefb6dba2edb62f8b9aff6bae83bf48819bcdf98f07e79de8635e8521ddecae19b01a6777bc4684 -- [a]Q
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1097491548
|
||||
| mem: 2453})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,62 @@
|
||||
-- Check that a signature involving an agumentation string prepended to a message
|
||||
-- is as expected.
|
||||
(program
|
||||
1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_finalVerify)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#83422fd1d8f134fbbc7ad2949a0b7c38dc1f85bfd398bc58ae824ad34ace68eaa49f438872ee22e90778513a91f9685e -- sig
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#93e02b6052719f607dacd3a088274f65596bd0d09920b61ab5da61bbdc7f5049334cf11213945d57e5ac7d055d042b7e024aa2b2f08f0a91260805272dc51051c6e47ad4fa403b02b4510b647ae3d1770bac0326a805bbefd48056c8c121bdb8 -- G2 generator
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_millerLoop)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_hashToGroup)
|
||||
[
|
||||
[
|
||||
(builtin appendByteString)
|
||||
(con
|
||||
bytestring
|
||||
#52616e646f6d2076616c756520666f722074657374206175672e20 -- aug: "Random value for test aug. "
|
||||
)
|
||||
]
|
||||
(con bytestring #626c73742069732073756368206120626c617374) -- msg: "blst is such a blast"
|
||||
|
||||
]
|
||||
]
|
||||
(con
|
||||
bytestring
|
||||
#424c535f5349475f424c53313233383147325f584d443a5348412d3235365f535357555f524f5f4e554c5f
|
||||
-- DST: "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_"
|
||||
)
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G2_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#b756d6223a92609cccf660b6f37e6e34fbb23972fc3955710f9bb202cc84cffacd337792700ebcb4324a99c7e7c9ed6d0e1cfdce8cd879a35300957c69c524c5365f6f0a85130735f27510618bbea605a1d024bb2d3bee2a5d68a827406f11c7 -- pk
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 1097202228
|
||||
| mem: 3060})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,35 @@
|
||||
-- Check that the procedure for using a DST greater than 255 bytes long gives the expected result.
|
||||
(program
|
||||
1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_equal)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_hashToGroup)
|
||||
(con bytestring #54657374696e67206c61726765206473742e) -- msg: "Testing large dst."
|
||||
]
|
||||
[
|
||||
(builtin sha2_256)
|
||||
[
|
||||
[
|
||||
(builtin appendByteString)
|
||||
(con bytestring #4832432d4f56455253495a452d4453542d) -- prefix: "H2C-OVERSIZE-DST-"
|
||||
]
|
||||
(con
|
||||
bytestring
|
||||
#62f5804020e6a8e242c736d1c97bcd8262f91b88e1d70b00d10d5e315c8c6501ead0a7e367e5d394b9fcff9c15aa0f6a05e5085fdc56bcdee3865016f1c49b20e1e609a606eccabc9b9199a42345c25e06ae70028397f8fb95576f264239da3eb49629d5efeb1f1d74a3b1ac58608d893f98058f5ab870833489f5dfec52db5f92e70db05c9704cd9d644b1ae16aaafcc173d48db17e207d91308d3045b042b7241f87b8d42ac5df97d94fdf3f29d20ca2ae22c22e9c5b84b48d6daf1f7959c7c71d0169f370ebf2838479b3731885ff0d278deb632fcb83aef0ab593dddd4f5d21dac56abe08b8cb4aaf4235b1a292b91d6e8b90e39dc953c75fc460e7dd6d2bc8a372ac4efce161f5f18f861e67e5717c86805a05cc53ff493e91de2b85d3166b353f5bbc64bae0d2a4787 -- large_dst: random bytes
|
||||
)
|
||||
]
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G1_uncompress)
|
||||
(con
|
||||
bytestring
|
||||
#a16b5778b5b88519b6caf05921d0d9b8b94a33d1daaa0c7fbfa66d52e801a5e798fae840bb9608aa31712e0b1b3a054a -- output
|
||||
)
|
||||
]
|
||||
]
|
||||
)
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 107393818
|
||||
| mem: 1882})
|
||||
@@ -0,0 +1 @@
|
||||
(program 1.0.0 (con bool True))
|
||||
@@ -0,0 +1,33 @@
|
||||
-- p+(q+r) = (p+q)+r for three random points on G1.
|
||||
(program 1.0.0
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_equal)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_add)
|
||||
(con bls12_381_G1_element 0xabd61864f519748032551e42e0ac417fd828f079454e3e3c9891c5c29ed7f10bdecc046854e3931cb7002779bd76d71f)
|
||||
]
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_add)
|
||||
(con bls12_381_G1_element 0x950dfd33da2682260c76038dfb8bad6e84ae9d599a3c151815945ac1e6ef6b1027cd917f3907479d20d636ce437a41f5)
|
||||
]
|
||||
(con bls12_381_G1_element 0xb962fd0cc81048e0cf7557bf3e4b6edc5ab4bfb3dc87f83af428b6300727b139c404ab159bdf2eaea3f649903421537f)
|
||||
]
|
||||
]
|
||||
]
|
||||
[
|
||||
(builtin bls12_381_G1_add)
|
||||
[
|
||||
[
|
||||
(builtin bls12_381_G1_add)
|
||||
(con bls12_381_G1_element 0xabd61864f519748032551e42e0ac417fd828f079454e3e3c9891c5c29ed7f10bdecc046854e3931cb7002779bd76d71f)
|
||||
]
|
||||
(con bls12_381_G1_element 0x950dfd33da2682260c76038dfb8bad6e84ae9d599a3c151815945ac1e6ef6b1027cd917f3907479d20d636ce437a41f5)
|
||||
]
|
||||
(con bls12_381_G1_element 0xb962fd0cc81048e0cf7557bf3e4b6edc5ab4bfb3dc87f83af428b6300727b139c404ab159bdf2eaea3f649903421537f)
|
||||
]
|
||||
]
|
||||
)
|
||||
|
||||
@@ -0,0 +1,2 @@
|
||||
({cpu: 4627448
|
||||
| mem: 2273})
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user