refactor: glv in tEdwards only in r1cs

Consensys · Sep 6, 2024 · 5adde72 · 5adde72
1 parent 31738b6
commit 5adde72
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 13 deletions.
diff --git a/std/algebra/native/twistededwards/curve.go b/std/algebra/native/twistededwards/curve.go
@@ -46,11 +46,7 @@ func (c *curve) AssertIsOnCurve(p1 Point) {
 }
 func (c *curve) ScalarMul(p1 Point, scalar frontend.Variable) Point {
 	var p Point
-	if c.endo != nil {
-		p.scalarMulGLV(c.api, &p1, scalar, c.params, c.endo)
-	} else {
-		p.scalarMul(c.api, &p1, scalar, c.params)
-	}
+	p.scalarMul(c.api, &p1, scalar, c.params, c.endo)
 	return p
 }
 func (c *curve) DoubleBaseScalarMul(p1, p2 Point, s1, s2 frontend.Variable) Point {

diff --git a/std/algebra/native/twistededwards/point.go b/std/algebra/native/twistededwards/point.go
@@ -18,6 +18,7 @@ package twistededwards
 
 import (
 	"github.com/consensys/gnark/frontend"
+	"github.com/consensys/gnark/internal/frontendtype"
 )
 
 // neg computes the negative of a point in SNARK coordinates
@@ -95,17 +96,12 @@ func (p *Point) double(api frontend.API, p1 *Point, curve *CurveParams) *Point {
 	return p
 }
 
-// scalarMul computes the scalar multiplication of a point on a twisted Edwards curve
+// scalarMulGeneric computes the scalar multiplication of a point on a twisted Edwards curve
 // p1: base point (as snark point)
 // curve: parameters of the Edwards curve
 // scal: scalar as a SNARK constraint
 // Standard left to right double and add
-func (p *Point) scalarMul(api frontend.API, p1 *Point, scalar frontend.Variable, curve *CurveParams, endo ...*EndoParams) *Point {
-	if len(endo) == 1 && endo[0] != nil {
-		// use glv
-		return p.scalarMulGLV(api, p1, scalar, curve, endo[0])
-	}
-
+func (p *Point) scalarMulGeneric(api frontend.API, p1 *Point, scalar frontend.Variable, curve *CurveParams, endo ...*EndoParams) *Point {
 	// first unpack the scalar
 	b := api.ToBinary(scalar)
 
@@ -142,6 +138,28 @@ func (p *Point) scalarMul(api frontend.API, p1 *Point, scalar frontend.Variable,
 	return p
 }
 
+// scalarMul computes the scalar multiplication of a point on a twisted Edwards curve
+// p1: base point (as snark point)
+// curve: parameters of the Edwards curve
+// scal: scalar as a SNARK constraint
+// Standard left to right double and add
+func (p *Point) scalarMul(api frontend.API, p1 *Point, scalar frontend.Variable, curve *CurveParams, endo ...*EndoParams) *Point {
+	if ft, ok := api.(frontendtype.FrontendTyper); ok {
+		switch ft.FrontendType() {
+		case frontendtype.R1CS:
+			if len(endo) == 1 && endo[0] != nil {
+				// use glv
+				return p.scalarMulGLV(api, p1, scalar, curve, endo[0])
+			} else {
+				return p.scalarMulGeneric(api, p1, scalar, curve)
+			}
+		case frontendtype.SCS:
+			return p.scalarMulGeneric(api, p1, scalar, curve)
+		}
+	}
+	return p.scalarMulGeneric(api, p1, scalar, curve)
+}
+
 // doubleBaseScalarMul computes s1*P1+s2*P2
 // where P1 and P2 are points on a twisted Edwards curve
 // and s1, s2 scalars.
@@ -193,7 +211,7 @@ func (p *Point) phi(api frontend.API, p1 *Point, curve *CurveParams, endo *EndoP
 	return p
 }
 
-// ScalarMul computes the scalar multiplication of a point on a twisted Edwards curve
+// scalarMulGLV computes the scalar multiplication of a point on a twisted Edwards curve à la GLV
 // p1: base point (as snark point)
 // curve: parameters of the Edwards curve
 // scal: scalar as a SNARK constraint