remove debug info

Author: DreamWuGit

eth-types/src/sign_types.rs

@@ -57,21 +57,14 @@ pub fn sign<
         .expect("point is the identity")
         .x();
 
-    println!("x_Fp {:?}", x);
-    println!("Fq modulus {:?}", Fq::MODULUS);
-    println!("x.repr {:?}", x.to_repr());
-
     let mut x_bytes = [0u8; 64];
     x_bytes[..32].copy_from_slice(&x.to_repr());
 
-    let sig_r = Fq::from_uniform_bytes(&x_bytes); // get x cordinate (E::Base) on E::Scalar
+    // get x cordinate (E::Base) on E::Scalar
+    let sig_r = Fq::from_uniform_bytes(&x_bytes);
 
     let sig_s = randomness_inv * (msg_hash + sig_r * sk);
 
-    println!("sig_point {:?}", sig_point.to_affine());
-    println!("sig_r {:?}", sig_r);
-    println!("sig_s {:?}", sig_s);
-
     (sig_r, sig_s, u8::from(sig_v))
 }
 
@@ -88,36 +81,23 @@ pub fn verify<
     s: Fq,
     msg_hash: Fq,
     // if pubkey is provided rather than from recovered , v is not neccessary.
-    v: Option<bool>,
+    _v: Option<bool>,
 ) -> bool {
-    println!("r {:?}", r);
-    println!("s {:?}", s);
-    println!("pub_key {:?}", pub_key);
-    println!("msg_hash {:?}", msg_hash);
     // Verify
     let s_inv = s.invert().unwrap();
     let u_1 = msg_hash * s_inv;
-    println!("verify u_1: {:?}", u_1);
     let u_2 = r * s_inv;
-    println!("verify u_2: {:?}", u_2);
 
     let g = Affine::generator();
     let u1_affine = g * u_1;
-    println!(
-        "verify u1_affine: {:?}",
-        u1_affine.to_affine().coordinates().unwrap()
-    );
 
     let u2_affine = pub_key * u_2;
-    println!(
-        "verify u2_affine: {:?}",
-        u2_affine.to_affine().coordinates().unwrap()
-    );
 
     let r_point = (u1_affine + u2_affine).to_affine().coordinates().unwrap();
     let x_candidate = r_point.x();
     let r_candidate = mod_n(*x_candidate);
 
+    // v is used to recovery y, not use it for now.
     r == r_candidate
 }
 
@@ -199,7 +179,7 @@ impl SignData<Fq_R1, Secp256r1Affine> {
         if self.pk.is_identity().into() {
             return Address::zero();
         }
-        let pk_hash = keccak256(pk_bytes_swap_endianness(&pk_bytes_le_p256(&self.pk)));
+        let pk_hash = keccak256(pk_bytes_swap_endianness(&pk_bytes_le_generic(&self.pk)));
         Address::from_slice(&pk_hash[12..])
     }
 }
@@ -326,19 +306,7 @@ pub fn pk_bytes_le_generic<
 ) -> [u8; 64] {
     let pk_coord = Option::<Coordinates<_>>::from(pk.coordinates()).expect("point is the identity");
     let mut pk_le = [0u8; 64];
-    //pk_le[..32].copy_from_slice(&pk_coord.x().to_bytes());
-    //pk_le[32..].copy_from_slice(&pk_coord.y().to_bytes());
     pk_le[..32].copy_from_slice(&pk_coord.x().to_repr());
     pk_le[32..].copy_from_slice(&pk_coord.y().to_repr());
     pk_le
 }
-
-// TODO: refactor to generic type: `pk_bytes_le_<Affine: CurveAffineExt>(pk: &Affine)`
-/// Return the secp256k1 public key (x, y) coordinates in little endian bytes.
-pub fn pk_bytes_le_p256(pk: &Secp256r1Affine) -> [u8; 64] {
-    let pk_coord = Option::<Coordinates<_>>::from(pk.coordinates()).expect("point is the identity");
-    let mut pk_le = [0u8; 64];
-    pk_le[..32].copy_from_slice(&pk_coord.x().to_bytes());
-    pk_le[32..].copy_from_slice(&pk_coord.y().to_bytes());
-    pk_le
-}

zkevm-circuits/src/sig_circuit.rs

@@ -257,6 +257,9 @@ impl<F: Field> SigCircuitConfig<F> {
 pub struct SigCircuit<F: Field> {
     /// Max number of verifications
     pub max_verif: usize,
+    /// TODO: split max_verif to max_verify_k1 and max_verify_r1
+    /// pub max_verif_k1: usize,
+    /// pub max_verif_r1: usize,
     /// Without padding Secp256k1 signatures
     pub signatures_k1: Vec<SignData<Fq_K1, Secp256k1Affine>>,
     /// Without padding Secp256r1 signatures
@@ -413,6 +416,7 @@ impl<F: Field> SigCircuit<F> {
         let pk_assigned = ecc_chip.load_private(ctx, (Value::known(pk.x), Value::known(pk.y)));
         let pk_is_valid = ecc_chip.is_on_curve_or_infinity::<Secp256k1Affine>(ctx, &pk_assigned);
         gate.assert_is_const(ctx, &pk_is_valid, F::one());
+        println!("pk_is_valid {:?}", pk_is_valid);
 
         // build Fq chip from Fp chip
         // TODO: check if need to add new fq_chip_r

zkevm-circuits/src/sig_circuit/ecdsa.rs

@@ -43,7 +43,6 @@ where
         modulus::<SF>(),
     );
     let n = scalar_chip.load_constant(ctx, scalar_chip.p.to_biguint().unwrap());
-    println!("n of scalar_chip {:?}", n);
 
     // check whether the pubkey is (0, 0), i.e. in the case of ecrecover, no pubkey could be
     // recovered.
@@ -80,12 +79,6 @@ where
         .gate()
         .or(ctx, Existing(s_is_zero), Existing(s_in_range));
 
-    println!("r {:?}", r);
-    println!("s {:?}", s);
-    println!("pub_key {:?}", pubkey);
-    println!("msg_hash {:?}", msghash);
-    println!("r_is_valid {:?}", r_is_valid);
-    println!("s_is_valid {:?}", s_is_valid);
     // load required constants
     let zero = scalar_chip.load_constant(ctx, FpConfig::<F, SF>::fe_to_constant(SF::ZERO));
     let one = scalar_chip.load_constant(ctx, FpConfig::<F, SF>::fe_to_constant(SF::ONE));
@@ -103,12 +96,9 @@ where
     let u1 = scalar_chip.divide(ctx, msghash, &s_prime);
     let u1 = scalar_chip.select(ctx, &zero, &u1, &s_is_zero);
 
-    println!("u1 after: {:?}", u1);
-
     // compute u2 = r * s^{-1} mod n
     let u2 = scalar_chip.divide(ctx, r, &s_prime);
     let u2 = scalar_chip.select(ctx, &zero, &u2, &s_is_zero);
-    println!("u2 after: {:?}", u2);
 
     // we want to compute u1*G + u2*PK, there are two edge cases
     // 1. either u1 or u2 is 0; we use binary selections to handle the this case
@@ -127,17 +117,13 @@ where
         base_chip.limb_bits,
         fixed_window_bits,
     );
-    println!("u1_mul point {:?}", u1_mul_affine);
-    println!("u1_is_zero {:?}", u1_is_zero);
 
     let u1_mul = ecc_chip.select(ctx, &point_at_infinity, &u1_mul_affine, &u1_is_zero);
 
     // compute u2 * pubkey
     let u2_prime = scalar_chip.select(ctx, &one, &u2, &s_is_zero);
     let pubkey_prime = ecc_chip.load_random_point::<GA>(ctx);
     let pubkey_prime = ecc_chip.select(ctx, &pubkey_prime, pubkey, &is_pubkey_zero);
-    println!("u2_prime {:?}", u2_prime);
-    println!("pubkey_prime {:?}", pubkey_prime);
 
     let u2_mul_affine = scalar_multiply::<F, _, GA>(
         base_chip,
@@ -148,15 +134,12 @@ where
         var_window_bits,
     );
 
-    println!("u2_mul_affine point {:?}", u2_mul_affine);
-
     let u2_is_zero =
         base_chip
             .range()
             .gate()
             .or(ctx, Existing(s_is_zero), Existing(is_pubkey_zero));
     let u2_mul = ecc_chip.select(ctx, &point_at_infinity, &u2_mul_affine, &u2_is_zero);
-    println!("u2_is_zero {:?}", u2_is_zero);
 
     // =================================
     // case 2:
@@ -173,7 +156,6 @@ where
             .and(ctx, Existing(u1_is_zero), Existing(u2_is_zero));
     let u1_u2_x_eq = base_chip.is_equal(ctx, u1_mul.x(), u2_mul.x());
 
-    println!("u1_u2_x_eq {:?}", u1_u2_x_eq);
     let u1_u2_y_neg = {
         let u2_y_neg = base_chip.negate(ctx, u2_mul.y());
         base_chip.is_equal(ctx, u1_mul.y(), &u2_y_neg)
@@ -185,13 +167,10 @@ where
         Existing(u1_u2_y_neg),
     );
 
-    println!("sum_is_infinity {:?}", sum_is_infinity);
-
     let sum_is_not_infinity = base_chip
         .gate()
         .not(ctx, QuantumCell::Existing(sum_is_infinity));
 
-    println!("sum_is_not_infinity {:?}", sum_is_not_infinity);
     // For a valid ECDSA signature, the x co-ordinate of u1.G + u2.Pk, i.e. x_3, MUST EQUAL r
     //
     // For ec_add:
@@ -221,8 +200,7 @@ where
         let x_3 = base_chip.carry_mod(ctx, &x_3_no_carry);
         let dx_13 = base_chip.sub_no_carry(ctx, u1_mul.x(), &x_3);
         let lambda_dx_13 = base_chip.mul_no_carry(ctx, &lambda, &dx_13);
-        //let y_3_no_carry = base_chip.sub_no_carry(ctx, &lambda_dx_13, u1_mul.y());
-        let y_3_no_carry = base_chip.add_no_carry(ctx, &lambda_dx_13, u1_mul.y());
+        let y_3_no_carry = base_chip.sub_no_carry(ctx, &lambda_dx_13, u1_mul.y());
 
         let y_3 = base_chip.carry_mod(ctx, &y_3_no_carry);
 
@@ -280,9 +258,6 @@ where
     );
 
     println!("equal_check {:?}", equal_check);
-    println!("x_3 {:?}", x_3);
-    println!("y_3 {:?}", y_3);
-    println!("res {:?}", res);
 
     (res, is_pubkey_zero, y_3)
 }

zkevm-circuits/src/tx_circuit.rs

@@ -4549,7 +4549,6 @@ pub(crate) fn get_sign_data(
                 })
             }
         })
-        // TODO: add p256 signatures here ?
         .collect::<Result<Vec<SignData<secp256k1::Fq, Secp256k1Affine>>, halo2_proofs::plonk::Error>>()?;
     Ok(signatures)
 }