tests/fuzzers/bn256: add PairingCheck fuzzer (#27252)

* tests/fuzzers/bn256: scale gnark result by constant

* tests/fuzzers/bn256: scale gnark result by constant
This commit is contained in:
Marius van der Wijden 2023-05-16 13:27:54 +02:00 committed by GitHub
parent 6e3aa86a2b
commit d46f69dc7a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -156,12 +156,29 @@ func FuzzPair(data []byte) int {
if !bytes.Equal(clPair, gPair) { if !bytes.Equal(clPair, gPair) {
panic("pairing mismatch: cloudflare/google") panic("pairing mismatch: cloudflare/google")
} }
cPair, err := bn254.Pair([]bn254.G1Affine{*ps}, []bn254.G2Affine{*ts}) cPair, err := bn254.Pair([]bn254.G1Affine{*ps}, []bn254.G2Affine{*ts})
if err != nil { if err != nil {
panic(fmt.Sprintf("gnark/bn254 encountered error: %v", err)) panic(fmt.Sprintf("gnark/bn254 encountered error: %v", err))
} }
if !bytes.Equal(clPair, cPair.Marshal()) {
// gnark uses a different pairing algorithm which might produce
// different but also correct outputs, we need to scale the output by s
u, _ := new(big.Int).SetString("0x44e992b44a6909f1", 0)
u_exp2 := new(big.Int).Exp(u, big.NewInt(2), nil) // u^2
u_6_exp2 := new(big.Int).Mul(big.NewInt(6), u_exp2) // 6*u^2
u_3 := new(big.Int).Mul(big.NewInt(3), u) // 3*u
inner := u_6_exp2.Add(u_6_exp2, u_3) // 6*u^2 + 3*u
inner.Add(inner, big.NewInt(1)) // 6*u^2 + 3*u + 1
u_2 := new(big.Int).Mul(big.NewInt(2), u) // 2*u
s := u_2.Mul(u_2, inner) // 2*u(6*u^2 + 3*u + 1)
gRes := new(bn254.GT)
if err := gRes.SetBytes(clPair); err != nil {
panic(err)
}
gRes = gRes.Exp(*gRes, s)
if !bytes.Equal(cPair.Marshal(), gRes.Marshal()) {
panic("pairing mismatch: cloudflare/gnark") panic("pairing mismatch: cloudflare/gnark")
} }