From 79f0bf18b63f15447eb05f4766a01a62e24d62b0 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Tue, 19 Nov 2024 19:10:57 +0100 Subject: [PATCH 01/15] Add spec vp opcode zk --- src/fuel-vm/instruction-set.md | 63 ++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index a2df0e76..b4a087e7 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -115,6 +115,9 @@ - [`ED19`: EdDSA curve25519 verification](#ed19-eddsa-curve25519-verification) - [`K256`: keccak-256](#k256-keccak-256) - [`S256`: SHA-2-256](#s256-sha-2-256) + - [`EADD`: Elliptic curve point addition](#eadd-elliptic-curve-point-addition) + - [`EMUL`: Elliptic curve point scalar multiplication](#emul-elliptic-curve-point-scalar-multiplication) + - [`EPAR`: Elliptic curve point pairing check](#epar-elliptic-curve-point-pairing-check) - [Other Instructions](#other-instructions) - [`ECAL`: Call external function](#ecal-call-external-function) - [`FLAG`: Set flags](#flag-set-flags) @@ -2370,6 +2373,66 @@ Panic if: - `$rB + $rC` overflows or `> VM_MAX_RAM` - The memory range `MEM[$rA, 32]` does not pass [ownership check](./index.md#ownership) +### `EADD`: Elliptic curve point addition + +| | | +|-------------|------------------------------------------------------| +| Description | The addition of two points (first point bytes starts at `$rC` and second point bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the addition result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | +| Operation | ```MEM[$rA, X] = eadd(MEM[$rC, Y], MEM[$rD, Z]);``` | +| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Encoding | `0x00 rA rB rC rD ` | +| Notes | For now, only `$rB` = 0 is accepted | + +#### Curve ID `$rB` possible values : + +- `0`: `alt_bn128` elliptic curve. + +#### Encoding of points and results by curve ID : + +| Curve ID | `$rA` format | `$rC` format | `$rD` format | +|----------|--------------|--------------|--------------| +| `0` | `MEM[$rA, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rC, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rD, 64]`(P(X[32 bytes],Y[32 bytes])) | + +### `EMUL`: Elliptic curve point scalar multiplication + +| | | +|-------------|------------------------------------------------------| +| Description | The multiplication of a point and a scalar (point bytes starts at `$rC` and scalar bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the multiplication result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | +| Operation | ```MEM[$rA, X] = emul(MEM[$rC, Y], MEM[$rD, Z]);``` | +| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Encoding | `0x00 rA rB rC rD ` | +| Notes | For now, only `$rB` = 0 is accepted | + +#### Curve ID `$rB` possible values : + +- `0`: `alt_bn128` elliptic curve. + +#### Encoding of points and results by curve ID : + +| Curve ID | `$rA` format | `$rC` format | `$rD` format | +|----------|--------------|--------------|--------------| +| `0` | `MEM[$rA, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rC, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rD, 32]`(S[32 bytes]) | + +### `EPAR`: Elliptic curve point pairing check + +| | | +|-------------|------------------------------------------------------| +| Description | Perform pairing check on a batch of groups of points on `$rB` curve. `$rC` define the number of elements and `$rD` where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | +| Operation | ```$rA = epar($rC(MEM[$rD, Z]));``` | +| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Encoding | `0x00 rA rB rC rD ` | +| Notes | For now, only `$rB` = 0 is accepted. Detailed exaplantions on the behavior : https://eips.ethereum.org/EIPS/eip-197 | + +#### Curve ID `$rB` possible values : + +- `0`: `alt_bn128` elliptic curve. + +#### Encoding of points and results by curve ID : + +| Curve ID | `$rA` format | `$rC` format | `$rD` format | +|----------|--------------|--------------|--------------| +| `0` | `0` or `1` | `X` (a value) | `$rC(MEM[$rC, 64 + 128]`(P(X[32 bytes],Y[32 bytes]), G( P( X[32 bytes],Y[32 bytes] ), P( X[32 bytes],Y[32 bytes] ) )) | + ## Other Instructions All these instructions advance the program counter `$pc` by `4` after performing their operation. From 6e3b000f89728b4493245106c079f18d4e534f90 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Tue, 19 Nov 2024 19:20:35 +0100 Subject: [PATCH 02/15] Fix spelling and some lints --- spell-check-custom-words.txt | 6 +++- src/fuel-vm/instruction-set.md | 52 +++++++++++++++++----------------- 2 files changed, 31 insertions(+), 27 deletions(-) diff --git a/spell-check-custom-words.txt b/spell-check-custom-words.txt index bb3844f6..ce377692 100644 --- a/spell-check-custom-words.txt +++ b/spell-check-custom-words.txt @@ -271,4 +271,8 @@ OOB unspendable priori padding -incentivize \ No newline at end of file +incentivize +EIPS +eip +eips +ethereum \ No newline at end of file diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index b4a087e7..51d5bbf6 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2375,19 +2375,19 @@ Panic if: ### `EADD`: Elliptic curve point addition -| | | -|-------------|------------------------------------------------------| -| Description | The addition of two points (first point bytes starts at `$rC` and second point bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the addition result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | -| Operation | ```MEM[$rA, X] = eadd(MEM[$rC, Y], MEM[$rD, Z]);``` | -| Syntax | `eadd $rA, $rB, $rC, $rD` | -| Encoding | `0x00 rA rB rC rD ` | -| Notes | For now, only `$rB` = 0 is accepted | +| | | +|-------------|-----------------------------------------------------| +| Description | The addition of two points (first point bytes starts at `$rC` and second point bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the addition result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | +| Operation | ```MEM[$rA, X] = eadd(MEM[$rC, Y], MEM[$rD, Z]);``` | +| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Encoding | `0x00 rA rB rC rD` | +| Notes | For now, only `$rB` = 0 is accepted | -#### Curve ID `$rB` possible values : +#### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. -#### Encoding of points and results by curve ID : +#### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | |----------|--------------|--------------|--------------| @@ -2395,19 +2395,19 @@ Panic if: ### `EMUL`: Elliptic curve point scalar multiplication -| | | -|-------------|------------------------------------------------------| +| | | +|-------------|-----------------------------------------------------| | Description | The multiplication of a point and a scalar (point bytes starts at `$rC` and scalar bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the multiplication result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | -| Operation | ```MEM[$rA, X] = emul(MEM[$rC, Y], MEM[$rD, Z]);``` | -| Syntax | `eadd $rA, $rB, $rC, $rD` | -| Encoding | `0x00 rA rB rC rD ` | -| Notes | For now, only `$rB` = 0 is accepted | +| Operation | ```MEM[$rA, X] = emul(MEM[$rC, Y], MEM[$rD, Z]);``` | +| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Encoding | `0x00 rA rB rC rD` | +| Notes | For now, only `$rB` = 0 is accepted | -#### Curve ID `$rB` possible values : +#### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. -#### Encoding of points and results by curve ID : +#### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | |----------|--------------|--------------|--------------| @@ -2415,19 +2415,19 @@ Panic if: ### `EPAR`: Elliptic curve point pairing check -| | | -|-------------|------------------------------------------------------| -| Description | Perform pairing check on a batch of groups of points on `$rB` curve. `$rC` define the number of elements and `$rD` where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | -| Operation | ```$rA = epar($rC(MEM[$rD, Z]));``` | -| Syntax | `eadd $rA, $rB, $rC, $rD` | -| Encoding | `0x00 rA rB rC rD ` | -| Notes | For now, only `$rB` = 0 is accepted. Detailed exaplantions on the behavior : https://eips.ethereum.org/EIPS/eip-197 | +| | | +|-------------|-----------------------------------------------------| +| Description | Perform pairing check on a batch of groups of points on `$rB` curve. `$rC` define the number of elements and `$rD` where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | +| Operation | ```$rA = epar($rC(MEM[$rD, Z]));``` | +| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Encoding | `0x00 rA rB rC rD ` | +| Notes | For now, only `$rB` = 0 is accepted. Detailed explanations on the behavior : https://eips.ethereum.org/EIPS/eip-197 | -#### Curve ID `$rB` possible values : +#### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. -#### Encoding of points and results by curve ID : +#### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | |----------|--------------|--------------|--------------| From b1c76891e03e84a10e2a29f667e4bcf121df9fea Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Tue, 19 Nov 2024 19:24:42 +0100 Subject: [PATCH 03/15] Fix more lints --- src/fuel-vm/instruction-set.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 51d5bbf6..42339889 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2383,10 +2383,12 @@ Panic if: | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted | + #### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. + #### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | @@ -2403,10 +2405,12 @@ Panic if: | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted | + #### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. + #### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | @@ -2420,8 +2424,8 @@ Panic if: | Description | Perform pairing check on a batch of groups of points on `$rB` curve. `$rC` define the number of elements and `$rD` where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | | Operation | ```$rA = epar($rC(MEM[$rD, Z]));``` | | Syntax | `eadd $rA, $rB, $rC, $rD` | -| Encoding | `0x00 rA rB rC rD ` | -| Notes | For now, only `$rB` = 0 is accepted. Detailed explanations on the behavior : https://eips.ethereum.org/EIPS/eip-197 | +| Encoding | `0x00 rA rB rC rD` | +| Notes | For now, only `$rB` = 0 is accepted. Detailed explanations on the behavior : | #### Curve ID `$rB` possible values From 322a9970c500bd29afb13d943257d4ee240dab3b Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Tue, 19 Nov 2024 19:26:43 +0100 Subject: [PATCH 04/15] Fix last lints. --- src/fuel-vm/instruction-set.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 42339889..7acff020 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2383,12 +2383,10 @@ Panic if: | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted | - #### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. - #### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | @@ -2427,10 +2425,12 @@ Panic if: | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted. Detailed explanations on the behavior : | + #### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. + #### Encoding of points and results by curve ID | Curve ID | `$rA` format | `$rC` format | `$rD` format | From f18dcf36f12c62f2040a121e86c0080db71c1801 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Wed, 20 Nov 2024 11:06:37 +0100 Subject: [PATCH 05/15] Change prototype opcodes --- src/fuel-vm/instruction-set.md | 62 ++++++++++++++-------------------- 1 file changed, 26 insertions(+), 36 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 7acff020..bd55484e 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -115,8 +115,7 @@ - [`ED19`: EdDSA curve25519 verification](#ed19-eddsa-curve25519-verification) - [`K256`: keccak-256](#k256-keccak-256) - [`S256`: SHA-2-256](#s256-sha-2-256) - - [`EADD`: Elliptic curve point addition](#eadd-elliptic-curve-point-addition) - - [`EMUL`: Elliptic curve point scalar multiplication](#emul-elliptic-curve-point-scalar-multiplication) + - [`ECOP`: Elliptic curve operation](#ecop-elliptic-curve-operation) - [`EPAR`: Elliptic curve point pairing check](#epar-elliptic-curve-point-pairing-check) - [Other Instructions](#other-instructions) - [`ECAL`: Call external function](#ecal-call-external-function) @@ -2373,12 +2372,12 @@ Panic if: - `$rB + $rC` overflows or `> VM_MAX_RAM` - The memory range `MEM[$rA, 32]` does not pass [ownership check](./index.md#ownership) -### `EADD`: Elliptic curve point addition +### `ECOP`: Elliptic curve point operation | | | |-------------|-----------------------------------------------------| -| Description | The addition of two points (first point bytes starts at `$rC` and second point bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the addition result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | -| Operation | ```MEM[$rA, X] = eadd(MEM[$rC, Y], MEM[$rD, Z]);``` | +| Description | This opcode regroups all arithmetic operations that can be perform on elliptic curve points. `$rB` defines the curve used. `$rC` defines the type of operation to perform. `$rD` points to the start of the bytes of the operation inputs in memory. `$rA` points to the start of the bytes of the result in memory. | +| Operation | ```MEM[$rA, X] = ecop(MEM[$rD, Y]);``` | | Syntax | `eadd $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted | @@ -2387,55 +2386,46 @@ Panic if: - `0`: `alt_bn128` elliptic curve. -#### Encoding of points and results by curve ID +#### Operation type `$rC` supported -| Curve ID | `$rA` format | `$rC` format | `$rD` format | -|----------|--------------|--------------|--------------| -| `0` | `MEM[$rA, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rC, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rD, 64]`(P(X[32 bytes],Y[32 bytes])) | +- `0`: two points addition +- `1`: one point and one scalar multiplication -### `EMUL`: Elliptic curve point scalar multiplication +#### Encoding of points and results by curve ID and operation type -| | | -|-------------|-----------------------------------------------------| -| Description | The multiplication of a point and a scalar (point bytes starts at `$rC` and scalar bytes starts at `$rD`) on `$rB` curve. `$rA` points to the start of the bytes of the multiplication result. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | -| Operation | ```MEM[$rA, X] = emul(MEM[$rC, Y], MEM[$rD, Z]);``` | -| Syntax | `eadd $rA, $rB, $rC, $rD` | -| Encoding | `0x00 rA rB rC rD` | -| Notes | For now, only `$rB` = 0 is accepted | - - -#### Curve ID `$rB` possible values +- 1P = one point = (X, Y) = ([32 bytes], [32 bytes]) +- 1S = one scalar = X = [32 bytes] -- `0`: `alt_bn128` elliptic curve. - - -#### Encoding of points and results by curve ID - -| Curve ID | `$rA` format | `$rC` format | `$rD` format | -|----------|--------------|--------------|--------------| -| `0` | `MEM[$rA, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rC, 64]`(P(X[32 bytes],Y[32 bytes])) | `MEM[$rD, 32]`(S[32 bytes]) | +| `$rB` Curve ID | `$rC` Operation type | `$rA` format | `$rD` format | +|----------------|----------------------|----------------------|----------------------------| +| `0` | `0` | `MEM[$rA, 64]` `1P` | `MEM[$rC, 128]` `1P1P` | ### `EPAR`: Elliptic curve point pairing check | | | |-------------|-----------------------------------------------------| -| Description | Perform pairing check on a batch of groups of points on `$rB` curve. `$rC` define the number of elements and `$rD` where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. The encoding and decoding depends on the curve (`$rB`) chosen (details below). | -| Operation | ```$rA = epar($rC(MEM[$rD, Z]));``` | +| Description | Perform pairing type `$rC` on a batch of groups of points on `$rB` curve. `$rD` define where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. | +| Operation | ```$rA = epar(MEM[$rD, Z]);``` | | Syntax | `eadd $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | -| Notes | For now, only `$rB` = 0 is accepted. Detailed explanations on the behavior : | +| Notes | For now, only `$rB` = 0 is accepted. | #### Curve ID `$rB` possible values - `0`: `alt_bn128` elliptic curve. - -#### Encoding of points and results by curve ID +### Check type `$rC` supported + +- `0`: optimal ate pairing + +#### Encoding of points by curve ID and check type + +- 1P = one point = (X, Y) = ([32 bytes], [32 bytes]) -| Curve ID | `$rA` format | `$rC` format | `$rD` format | -|----------|--------------|--------------|--------------| -| `0` | `0` or `1` | `X` (a value) | `$rC(MEM[$rC, 64 + 128]`(P(X[32 bytes],Y[32 bytes]), G( P( X[32 bytes],Y[32 bytes] ), P( X[32 bytes],Y[32 bytes] ) )) | +| `$rB` Curve ID | `$rC` Pairing type | `$rD` format | +|----------------|----------------------|----------------------------| +| `0` | `0` | `MEM[$rD, 32 + (64 + 64 + 64) * X]` Read the length of the elements in 32 bytes and name it `X`. Then each element is `1P1P1P` (three points coordinates) (192 bytes) | ## Other Instructions From 46735866ade8d80df29b62f710559bc94a6be4c0 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Wed, 20 Nov 2024 11:07:41 +0100 Subject: [PATCH 06/15] fix broken links --- src/fuel-vm/instruction-set.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index bd55484e..421b78ca 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -115,7 +115,7 @@ - [`ED19`: EdDSA curve25519 verification](#ed19-eddsa-curve25519-verification) - [`K256`: keccak-256](#k256-keccak-256) - [`S256`: SHA-2-256](#s256-sha-2-256) - - [`ECOP`: Elliptic curve operation](#ecop-elliptic-curve-operation) + - [`ECOP`: Elliptic curve operation](#ecop-elliptic-curve-point-operation) - [`EPAR`: Elliptic curve point pairing check](#epar-elliptic-curve-point-pairing-check) - [Other Instructions](#other-instructions) - [`ECAL`: Call external function](#ecal-call-external-function) From 726d39c37ef20c7a58729bb770e7e52afdbab277 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Wed, 20 Nov 2024 15:15:15 +0100 Subject: [PATCH 07/15] edit length bytes --- src/fuel-vm/instruction-set.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 421b78ca..0fbc491d 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2425,7 +2425,7 @@ Panic if: | `$rB` Curve ID | `$rC` Pairing type | `$rD` format | |----------------|----------------------|----------------------------| -| `0` | `0` | `MEM[$rD, 32 + (64 + 64 + 64) * X]` Read the length of the elements in 32 bytes and name it `X`. Then each element is `1P1P1P` (three points coordinates) (192 bytes) | +| `0` | `0` | `MEM[$rD, 8 + (64 + 64 + 64) * X]` Read the length of the elements in 8 bytes and name it `X`. Then each element is `1P1P1P` (three points coordinates) (192 bytes) | ## Other Instructions From 1cd410167c18962ef7d11c6b2e98ab1cda0b357f Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Fri, 22 Nov 2024 10:40:07 +0100 Subject: [PATCH 08/15] Update EPAR doc --- src/fuel-vm/instruction-set.md | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 0fbc491d..62ee36c5 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2404,28 +2404,24 @@ Panic if: | | | |-------------|-----------------------------------------------------| -| Description | Perform pairing type `$rC` on a batch of groups of points on `$rB` curve. `$rD` define where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. | -| Operation | ```$rA = epar(MEM[$rD, Z]);``` | +| Description | Perform a specific pairing type within a specific curve both identified by `$rB`. `$rC` defines the number of batch of groups. `$rD` define where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. | +| Operation | ```$rA = epar(MEM[$rD, X * $rC]);``` | | Syntax | `eadd $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted. | -#### Curve ID `$rB` possible values - -- `0`: `alt_bn128` elliptic curve. - -### Check type `$rC` supported +#### Curve/Pairing ID `$rB` possible values -- `0`: optimal ate pairing +- `0`: optimal ate pairing on `alt_bn128` elliptic curve. #### Encoding of points by curve ID and check type - 1P = one point = (X, Y) = ([32 bytes], [32 bytes]) -| `$rB` Curve ID | `$rC` Pairing type | `$rD` format | -|----------------|----------------------|----------------------------| -| `0` | `0` | `MEM[$rD, 8 + (64 + 64 + 64) * X]` Read the length of the elements in 8 bytes and name it `X`. Then each element is `1P1P1P` (three points coordinates) (192 bytes) | +| `$rB` Curve / Pairing ID | `$rD` format | +|---------------------------|----------------------------| +| `0` | `MEM[$rD, (64 + 64 + 64) * $rC]` Each element is `1P1P1P` (three points coordinates) (192 bytes) | ## Other Instructions From de52503da4c53210a83fb4868b31213d9011e5d8 Mon Sep 17 00:00:00 2001 From: AurelienFT <32803821+AurelienFT@users.noreply.github.com> Date: Thu, 28 Nov 2024 10:15:56 +0100 Subject: [PATCH 09/15] Update src/fuel-vm/instruction-set.md Co-authored-by: Aaryamann Challani <43716372+rymnc@users.noreply.github.com> --- src/fuel-vm/instruction-set.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 62ee36c5..034b9f42 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2378,7 +2378,7 @@ Panic if: |-------------|-----------------------------------------------------| | Description | This opcode regroups all arithmetic operations that can be perform on elliptic curve points. `$rB` defines the curve used. `$rC` defines the type of operation to perform. `$rD` points to the start of the bytes of the operation inputs in memory. `$rA` points to the start of the bytes of the result in memory. | | Operation | ```MEM[$rA, X] = ecop(MEM[$rD, Y]);``` | -| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Syntax | `ecop $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted | From 9976d57053e49d6fc73f32dd98f3fb4aa6b75531 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Thu, 28 Nov 2024 10:23:53 +0100 Subject: [PATCH 10/15] fix incoherences --- src/fuel-vm/instruction-set.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 034b9f42..8d5290a0 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2399,14 +2399,15 @@ Panic if: | `$rB` Curve ID | `$rC` Operation type | `$rA` format | `$rD` format | |----------------|----------------------|----------------------|----------------------------| | `0` | `0` | `MEM[$rA, 64]` `1P` | `MEM[$rC, 128]` `1P1P` | +| `0` | `1` | `MEM[$rA, 64]` `1P` | `MEM[$rC, 96]` `1P1S` | ### `EPAR`: Elliptic curve point pairing check | | | |-------------|-----------------------------------------------------| | Description | Perform a specific pairing type within a specific curve both identified by `$rB`. `$rC` defines the number of batch of groups. `$rD` define where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. | -| Operation | ```$rA = epar(MEM[$rD, X * $rC]);``` | -| Syntax | `eadd $rA, $rB, $rC, $rD` | +| Operation | ```$rA = epar(MEM[$rD, X * $rC]);``` | +| Syntax | `epar $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | | Notes | For now, only `$rB` = 0 is accepted. | From e67ba48d15defe304077cfb6d34601c8492b9279 Mon Sep 17 00:00:00 2001 From: AurelienFT <32803821+AurelienFT@users.noreply.github.com> Date: Thu, 28 Nov 2024 11:24:03 +0100 Subject: [PATCH 11/15] Update src/fuel-vm/instruction-set.md Co-authored-by: Aaryamann Challani <43716372+rymnc@users.noreply.github.com> --- src/fuel-vm/instruction-set.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 8d5290a0..350c1a11 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2376,7 +2376,7 @@ Panic if: | | | |-------------|-----------------------------------------------------| -| Description | This opcode regroups all arithmetic operations that can be perform on elliptic curve points. `$rB` defines the curve used. `$rC` defines the type of operation to perform. `$rD` points to the start of the bytes of the operation inputs in memory. `$rA` points to the start of the bytes of the result in memory. | +| Description | This opcode regroups all arithmetic operations that can be performed on elliptic curve points. `$rB` defines the curve used. `$rC` defines the type of operation to perform. `$rD` points to the start of the bytes of the operation inputs in memory. `$rA` points to the start of the bytes of the result in memory. | | Operation | ```MEM[$rA, X] = ecop(MEM[$rD, Y]);``` | | Syntax | `ecop $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | From b10ee8458d5b8dbb16241e0bf766296769bded10 Mon Sep 17 00:00:00 2001 From: AurelienFT <32803821+AurelienFT@users.noreply.github.com> Date: Thu, 28 Nov 2024 14:37:49 +0100 Subject: [PATCH 12/15] Apply suggestions from code review Co-authored-by: Hannes Karppila <2204863+Dentosal@users.noreply.github.com> --- src/fuel-vm/instruction-set.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 350c1a11..80f57de6 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2376,7 +2376,7 @@ Panic if: | | | |-------------|-----------------------------------------------------| -| Description | This opcode regroups all arithmetic operations that can be performed on elliptic curve points. `$rB` defines the curve used. `$rC` defines the type of operation to perform. `$rD` points to the start of the bytes of the operation inputs in memory. `$rA` points to the start of the bytes of the result in memory. | +| Description | Perform arithmetic operation `$rC` on points of the elliptic curve `$rB`. Arguments are read from memory at `$rD`, and is result written to the memory at `$rA`, as per the table below. | | Operation | ```MEM[$rA, X] = ecop(MEM[$rD, Y]);``` | | Syntax | `ecop $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | @@ -2405,7 +2405,7 @@ Panic if: | | | |-------------|-----------------------------------------------------| -| Description | Perform a specific pairing type within a specific curve both identified by `$rB`. `$rC` defines the number of batch of groups. `$rD` define where the bytes of the groups of points start. `$rA` contains either `0` or `1` as the result of the pairing. | +| Description | Check if `$rC` groups of points at `$rD` all form valid pairings in (curve, pairing type) identified by `$rB`. Set `$rA` to the result of the pairing, either `0` or `1`. | | Operation | ```$rA = epar(MEM[$rD, X * $rC]);``` | | Syntax | `epar $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` | From 27afbeae14447779ec1ea472c50dc83465a8e111 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Thu, 28 Nov 2024 14:48:50 +0100 Subject: [PATCH 13/15] Add panic cases --- src/fuel-vm/instruction-set.md | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 80f57de6..405de018 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2398,8 +2398,16 @@ Panic if: | `$rB` Curve ID | `$rC` Operation type | `$rA` format | `$rD` format | |----------------|----------------------|----------------------|----------------------------| -| `0` | `0` | `MEM[$rA, 64]` `1P` | `MEM[$rC, 128]` `1P1P` | -| `0` | `1` | `MEM[$rA, 64]` `1P` | `MEM[$rC, 96]` `1P1S` | +| `0` | `0` | `MEM[$rA, 64]` `1P` | `MEM[$rD, 128]` `1P1P` | +| `0` | `1` | `MEM[$rA, 64]` `1P` | `MEM[$rD, 96]` `1P1S` | + +#### Panic cases + +- Curve ID is not supported (`$rB`) +- Operation type is not supported (`$rC`) +- `$rD` + (size depending on the table above) overflows or `> VM_MAX_RAM` +- Decoding of `$rD` memory doesn't match the expected format described above for each case. +- The memory range at `$rA` (size depending on the curve/operation types) does not pass [ownership check](./index.md#ownership) ### `EPAR`: Elliptic curve point pairing check @@ -2424,6 +2432,14 @@ Panic if: |---------------------------|----------------------------| | `0` | `MEM[$rD, (64 + 64 + 64) * $rC]` Each element is `1P1P1P` (three points coordinates) (192 bytes) | +#### Panic cases + +- Curve ID/Pairing is not supported (`$rB`) +- `$rD` has elements than described in `$rC` +- `$rD` + (size depending on the table above) overflows or `> VM_MAX_RAM` +- Decoding of `$rD` memory doesn't match the expected format described above for each case. +- The memory range at `$rA` (size depending on the curve/operation types) does not pass [ownership check](./index.md#ownership) + ## Other Instructions All these instructions advance the program counter `$pc` by `4` after performing their operation. From 606ad725380eebda51725f4be990871abacfb479 Mon Sep 17 00:00:00 2001 From: AurelienFT Date: Thu, 28 Nov 2024 14:51:57 +0100 Subject: [PATCH 14/15] lint --- src/fuel-vm/instruction-set.md | 1 + 1 file changed, 1 insertion(+) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 405de018..8414e6f3 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2432,6 +2432,7 @@ Panic if: |---------------------------|----------------------------| | `0` | `MEM[$rD, (64 + 64 + 64) * $rC]` Each element is `1P1P1P` (three points coordinates) (192 bytes) | + #### Panic cases - Curve ID/Pairing is not supported (`$rB`) From abfd0bb29fab605e0e067165363581232c40e0bb Mon Sep 17 00:00:00 2001 From: AurelienFT <32803821+AurelienFT@users.noreply.github.com> Date: Mon, 9 Dec 2024 15:42:17 +0100 Subject: [PATCH 15/15] Update src/fuel-vm/instruction-set.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: RafaƂ Chabowski <88321181+rafal-ch@users.noreply.github.com> --- src/fuel-vm/instruction-set.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/fuel-vm/instruction-set.md b/src/fuel-vm/instruction-set.md index 8414e6f3..61676e98 100644 --- a/src/fuel-vm/instruction-set.md +++ b/src/fuel-vm/instruction-set.md @@ -2376,7 +2376,7 @@ Panic if: | | | |-------------|-----------------------------------------------------| -| Description | Perform arithmetic operation `$rC` on points of the elliptic curve `$rB`. Arguments are read from memory at `$rD`, and is result written to the memory at `$rA`, as per the table below. | +| Description | Perform arithmetic operation `$rC` on points of the elliptic curve `$rB`. Arguments are read from memory at `$rD`, and result is written to the memory at `$rA`, as per the table below. | | Operation | ```MEM[$rA, X] = ecop(MEM[$rD, Y]);``` | | Syntax | `ecop $rA, $rB, $rC, $rD` | | Encoding | `0x00 rA rB rC rD` |