Split precompile constants out of individual modules #2081

crates/precompile/src/bls12_381.rs

@@ -1,18 +1,27 @@
 use crate::PrecompileWithAddress;
 
 mod g1;
+#[cfg(feature = "blst")]
 pub mod g1_add;
+#[cfg(feature = "blst")]
 pub mod g1_msm;
 mod g2;
+#[cfg(feature = "blst")]
 pub mod g2_add;
+#[cfg(feature = "blst")]
 pub mod g2_msm;
+#[cfg(feature = "blst")]
 pub mod map_fp2_to_g2;
+#[cfg(feature = "blst")]
 pub mod map_fp_to_g1;
-pub mod msm;
+#[cfg(feature = "blst")]
 pub mod pairing;
 mod utils;
+pub mod bls12_381_const;
+pub mod msm;
 
 /// Returns the BLS12-381 precompiles with their addresses.
+#[cfg(feature = "blst")]
 pub fn precompiles() -> impl Iterator<Item = PrecompileWithAddress> {
     [
         g1_add::PRECOMPILE,

crates/precompile/src/bls12_381/bls12_381_const.rs

@@ -0,0 +1,68 @@
+use crate::PrecompileWithAddress;
+
+use crate::bls12_381::g1_add;
+use crate::bls12_381::g1_msm;
+use crate::bls12_381::g2_add;
+use crate::bls12_381::g2_msm;
+use crate::bls12_381::pairing;
+use crate::bls12_381::map_fp_to_g1;
+use crate::bls12_381::map_fp2_to_g2;
+
+pub const G1_ADD_ADDRESS: u64 = 0x0b;
+pub const G1_ADD_BASE_GAS_FEE: u64 = 375;
+pub const G1_ADD_INPUT_LENGTH: usize = 256;
+pub const G1_MSM_ADDRESS: u64=0x0c;
+pub const G1_MSM_BASE_GAS_FEE: u64 = 1200;
+pub const G1_MSM_INPUT_LENGTH: usize = 160;
+pub const G1_OUTPUT_LENGTH: usize = 128;
+pub const G1_INPUT_ITEM_LENGTH: usize = 128;
+pub const G2_ADD_ADDRESS: u64 = 0x0d;
+pub const G2_ADD_BASE_GAS_FEE: u64 = 600;
+pub const G2_ADD_INPUT_LENGTH: usize = 512;
+pub const G2_MSM_ADDRESS: u64 = 0x0e;
+pub const G2_MSM_BASE_GAS_FEE: u64 = 22500;
+pub const G2_MSM_INPUT_LENGTH: usize = 288;
+pub const G2_OUTPUT_LENGTH: usize = 256;
+pub const G2_INPUT_ITEM_LENGTH: usize = 256;
+pub const PAIRING_ADDRESS: u64 = 0x0f;
+pub const PAIRING_PAIRING_MULTIPLIER_BAS: u64 = 32600;
+pub const PAIRING_PAIRING_OFFSET_BASE: u64 = 37700;
+pub const PAIRING_INPUT_LENGTH: usize = 384;
+pub const MAP_FP_TO_G1_ADDRESS: u64 = 0x10;
+pub const MAP_FP_TO_G1_BASE_GAS_FEE: u64 = 5500;
+pub const MAP_FP2_TO_G2_ADDRESS: u64 = 0x11;
+pub const MAP_FP2_TO_G2_BASE_GAS_FEE: u64 = 0x23800;
+pub const MSM_MULTIPLIER: u64 = 1000;
+/// Number of bits used in the BLS12-381 curve finite field elements.
+pub const UTILS_NBITS: usize = 256;
+/// Finite field element input length.
+pub const UTILS_FP_LENGTH: usize = 48;
+/// Finite field element padded input length.
+pub const UTILS_PADDED_FP_LENGTH: usize = 64;
+/// Quadratic extension of finite field element input length.
+pub const UTILS_PADDED_FP2_LENGTH: usize = 128;
+/// Input elements padding length.
+pub const UTILS_PADDING_LENGTH: usize = 16;
+/// Scalar length.
+pub const UTILS_SCALAR_LENGTH: usize = 32;
+// Big-endian non-Montgomery form.
+pub const UTILS_MODULUS_REPR: [u8; 48] = [
+    0x1a, 0x01, 0x11, 0xea, 0x39, 0x7f, 0xe6, 0x9a, 0x4b, 0x1b, 0xa7, 0xb6, 0x43, 0x4b, 0xac, 0xd7,
+    0x64, 0x77, 0x4b, 0x84, 0xf3, 0x85, 0x12, 0xbf, 0x67, 0x30, 0xd2, 0xa0, 0xf6, 0xb0, 0xf6, 0x24,
+    0x1e, 0xab, 0xff, 0xfe, 0xb1, 0x53, 0xff, 0xff, 0xb9, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xaa, 0xab,
+];
+
+#[cfg(feature = "blst")]
+pub fn precompiles() -> impl Iterator<Item = PrecompileWithAddress> {
+
+    [
+        g1_add::PRECOMPILE,
+        g1_msm::PRECOMPILE,
+        g2_add::PRECOMPILE,
+        g2_msm::PRECOMPILE,
+        pairing::PRECOMPILE,
+        map_fp_to_g1::PRECOMPILE,
+        map_fp2_to_g2::PRECOMPILE,
+    ]
+    .into_iter()
+}

crates/precompile/src/bls12_381/g1.rs

@@ -1,21 +1,16 @@
-use super::utils::{fp_from_bendian, fp_to_bytes, remove_padding, PADDED_FP_LENGTH};
+use super::utils::{fp_from_bendian, fp_to_bytes, remove_padding};
 use crate::PrecompileError;
 use blst::{blst_p1_affine, blst_p1_affine_in_g1, blst_p1_affine_on_curve};
 use primitives::Bytes;
-
-/// Length of each of the elements in a g1 operation input.
-pub(super) const G1_INPUT_ITEM_LENGTH: usize = 128;
-
-/// Output length of a g1 operation.
-const G1_OUTPUT_LENGTH: usize = 128;
+use crate::bls12_381::bls12_381_const::{G1_OUTPUT_LENGTH, G1_INPUT_ITEM_LENGTH,UTILS_PADDED_FP_LENGTH};
 
 /// Encodes a G1 point in affine format into byte slice with padded elements.
 pub(super) fn encode_g1_point(input: *const blst_p1_affine) -> Bytes {
     let mut out = vec![0u8; G1_OUTPUT_LENGTH];
     // SAFETY: Out comes from fixed length array, input is a blst value.
     unsafe {
-        fp_to_bytes(&mut out[..PADDED_FP_LENGTH], &(*input).x);
-        fp_to_bytes(&mut out[PADDED_FP_LENGTH..], &(*input).y);
+        fp_to_bytes(&mut out[..UTILS_PADDED_FP_LENGTH], &(*input).x);
+        fp_to_bytes(&mut out[UTILS_PADDED_FP_LENGTH..], &(*input).y);
     }
     out.into()
 }
@@ -52,8 +47,8 @@ pub(super) fn extract_g1_input(
         )));
     }
 
-    let input_p0_x = remove_padding(&input[..PADDED_FP_LENGTH])?;
-    let input_p0_y = remove_padding(&input[PADDED_FP_LENGTH..G1_INPUT_ITEM_LENGTH])?;
+    let input_p0_x = remove_padding(&input[..UTILS_PADDED_FP_LENGTH])?;
+    let input_p0_y = remove_padding(&input[UTILS_PADDED_FP_LENGTH..G1_INPUT_ITEM_LENGTH])?;
     let out = decode_and_check_g1(input_p0_x, input_p0_y)?;
 
     if subgroup_check {

crates/precompile/src/bls12_381/g1_add.rs

@@ -1,35 +1,30 @@
-use super::g1::{encode_g1_point, extract_g1_input, G1_INPUT_ITEM_LENGTH};
+use super::g1::{encode_g1_point, extract_g1_input};
 use crate::{u64_to_address, PrecompileWithAddress};
 use crate::{PrecompileError, PrecompileOutput, PrecompileResult};
 use blst::{
     blst_p1, blst_p1_add_or_double_affine, blst_p1_affine, blst_p1_from_affine, blst_p1_to_affine,
 };
 use primitives::Bytes;
+use crate::bls12_381::bls12_381_const::{G1_ADD_ADDRESS, G1_ADD_BASE_GAS_FEE, G1_ADD_INPUT_LENGTH,G1_INPUT_ITEM_LENGTH};
 
 /// [EIP-2537](https://eips.ethereum.org/EIPS/eip-2537#specification) BLS12_G1ADD precompile.
 pub const PRECOMPILE: PrecompileWithAddress =
-    PrecompileWithAddress(u64_to_address(ADDRESS), g1_add);
-/// BLS12_G1ADD precompile address.
-pub const ADDRESS: u64 = 0x0b;
-/// Base gas fee for BLS12-381 g1_add operation.
-const BASE_GAS_FEE: u64 = 375;
+    PrecompileWithAddress(u64_to_address(G1_ADD_ADDRESS), g1_add);
 
-/// Input length of g1_add operation.
-const INPUT_LENGTH: usize = 256;
 
 /// G1 addition call expects `256` bytes as an input that is interpreted as byte
 /// concatenation of two G1 points (`128` bytes each).
 /// Output is an encoding of addition operation result - single G1 point (`128`
 /// bytes).
 /// See also: <https://eips.ethereum.org/EIPS/eip-2537#abi-for-g1-addition>
 pub(super) fn g1_add(input: &Bytes, gas_limit: u64) -> PrecompileResult {
-    if BASE_GAS_FEE > gas_limit {
+    if G1_ADD_BASE_GAS_FEE > gas_limit {
         return Err(PrecompileError::OutOfGas.into());
     }
 
-    if input.len() != INPUT_LENGTH {
+    if input.len() != G1_ADD_INPUT_LENGTH {
         return Err(PrecompileError::Other(format!(
-            "G1ADD input should be {INPUT_LENGTH} bytes, was {}",
+            "G1ADD input should be {G1_ADD_INPUT_LENGTH} bytes, was {}",
             input.len()
         ))
         .into());
@@ -54,5 +49,5 @@ pub(super) fn g1_add(input: &Bytes, gas_limit: u64) -> PrecompileResult {
     unsafe { blst_p1_to_affine(&mut p_aff, &p) };
 
     let out = encode_g1_point(&p_aff);
-    Ok(PrecompileOutput::new(BASE_GAS_FEE, out))
+    Ok(PrecompileOutput::new(G1_ADD_BASE_GAS_FEE, out))
 }

crates/precompile/src/bls12_381/g1_msm.rs

@@ -1,25 +1,18 @@
 use super::{
-    g1::{encode_g1_point, extract_g1_input, G1_INPUT_ITEM_LENGTH},
+    g1::{encode_g1_point, extract_g1_input},
     msm::msm_required_gas,
-    utils::{extract_scalar_input, NBITS, SCALAR_LENGTH},
+    utils::extract_scalar_input
 };
 use crate::{u64_to_address, PrecompileWithAddress};
 use crate::{PrecompileError, PrecompileOutput, PrecompileResult};
 use blst::{blst_p1, blst_p1_affine, blst_p1_from_affine, blst_p1_to_affine, p1_affines};
 use primitives::Bytes;
+use crate::bls12_381::bls12_381_const::{G1_MSM_ADDRESS, G1_MSM_BASE_GAS_FEE, G1_MSM_INPUT_LENGTH, G1_INPUT_ITEM_LENGTH,UTILS_SCALAR_LENGTH, UTILS_NBITS};
 
 /// [EIP-2537](https://eips.ethereum.org/EIPS/eip-2537#specification) BLS12_G1MSM precompile.
 pub const PRECOMPILE: PrecompileWithAddress =
-    PrecompileWithAddress(u64_to_address(ADDRESS), g1_msm);
+    PrecompileWithAddress(u64_to_address(G1_MSM_ADDRESS), g1_msm);
 
-/// BLS12_G1MSM precompile address.
-pub const ADDRESS: u64 = 0x0c;
-
-/// Base gas fee for BLS12-381 g1_mul operation.
-pub const BASE_GAS_FEE: u64 = 12000;
-
-/// Input length of g1_mul operation.
-pub const INPUT_LENGTH: usize = 160;
 
 /// Discounts table for G1 MSM as a vector of pairs `[k, discount]`.
 pub static DISCOUNT_TABLE: [u16; 128] = [
@@ -42,24 +35,24 @@ pub static DISCOUNT_TABLE: [u16; 128] = [
 /// See also: <https://eips.ethereum.org/EIPS/eip-2537#abi-for-g1-multiexponentiation>
 pub(super) fn g1_msm(input: &Bytes, gas_limit: u64) -> PrecompileResult {
     let input_len = input.len();
-    if input_len == 0 || input_len % INPUT_LENGTH != 0 {
+    if input_len == 0 || input_len % G1_MSM_INPUT_LENGTH != 0 {
         return Err(PrecompileError::Other(format!(
             "G1MSM input length should be multiple of {}, was {}",
-            INPUT_LENGTH, input_len
+            G1_MSM_INPUT_LENGTH, input_len
         ))
         .into());
     }
 
-    let k = input_len / INPUT_LENGTH;
-    let required_gas = msm_required_gas(k, &DISCOUNT_TABLE, BASE_GAS_FEE);
+    let k = input_len / G1_MSM_INPUT_LENGTH;
+    let required_gas = msm_required_gas(k, &DISCOUNT_TABLE, G1_MSM_BASE_GAS_FEE);
     if required_gas > gas_limit {
         return Err(PrecompileError::OutOfGas.into());
     }
 
     let mut g1_points: Vec<blst_p1> = Vec::with_capacity(k);
-    let mut scalars: Vec<u8> = Vec::with_capacity(k * SCALAR_LENGTH);
+    let mut scalars: Vec<u8> = Vec::with_capacity(k * UTILS_SCALAR_LENGTH);
     for i in 0..k {
-        let slice = &input[i * INPUT_LENGTH..i * INPUT_LENGTH + G1_INPUT_ITEM_LENGTH];
+        let slice = &input[i * G1_MSM_INPUT_LENGTH..i * G1_MSM_INPUT_LENGTH + G1_INPUT_ITEM_LENGTH];
 
         // BLST batch API for p1_affines blows up when you pass it a point at infinity, so we must
         // filter points at infinity (and their corresponding scalars) from the input.
@@ -79,8 +72,8 @@ pub(super) fn g1_msm(input: &Bytes, gas_limit: u64) -> PrecompileResult {
 
         scalars.extend_from_slice(
             &extract_scalar_input(
-                &input[i * INPUT_LENGTH + G1_INPUT_ITEM_LENGTH
-                    ..i * INPUT_LENGTH + G1_INPUT_ITEM_LENGTH + SCALAR_LENGTH],
+                &input[i * G1_MSM_INPUT_LENGTH + G1_INPUT_ITEM_LENGTH
+                    ..i * G1_MSM_INPUT_LENGTH + G1_INPUT_ITEM_LENGTH + UTILS_SCALAR_LENGTH],
             )?
             .b,
         );
@@ -92,7 +85,7 @@ pub(super) fn g1_msm(input: &Bytes, gas_limit: u64) -> PrecompileResult {
     }
 
     let points = p1_affines::from(&g1_points);
-    let multiexp = points.mult(&scalars, NBITS);
+    let multiexp = points.mult(&scalars, UTILS_NBITS);
 
     let mut multiexp_aff = blst_p1_affine::default();
     // SAFETY: `multiexp_aff` and `multiexp` are blst values.

crates/precompile/src/bls12_381/g2.rs

@@ -1,28 +1,24 @@
-use super::utils::{fp_from_bendian, fp_to_bytes, remove_padding, FP_LENGTH, PADDED_FP_LENGTH};
+use super::utils::{fp_from_bendian, fp_to_bytes, remove_padding};
 use crate::PrecompileError;
 use blst::{blst_fp2, blst_p2_affine, blst_p2_affine_in_g2, blst_p2_affine_on_curve};
 use primitives::Bytes;
+use crate::bls12_381::bls12_381_const::{G2_OUTPUT_LENGTH,G2_INPUT_ITEM_LENGTH, UTILS_FP_LENGTH, UTILS_PADDED_FP_LENGTH};
 
-/// Length of each of the elements in a g2 operation input.
-pub(super) const G2_INPUT_ITEM_LENGTH: usize = 256;
-
-/// Output length of a g2 operation.
-const G2_OUTPUT_LENGTH: usize = 256;
 
 /// Encodes a G2 point in affine format into byte slice with padded elements.
 pub(super) fn encode_g2_point(input: &blst_p2_affine) -> Bytes {
     let mut out = vec![0u8; G2_OUTPUT_LENGTH];
-    fp_to_bytes(&mut out[..PADDED_FP_LENGTH], &input.x.fp[0]);
+    fp_to_bytes(&mut out[..UTILS_PADDED_FP_LENGTH], &input.x.fp[0]);
     fp_to_bytes(
-        &mut out[PADDED_FP_LENGTH..2 * PADDED_FP_LENGTH],
+        &mut out[UTILS_PADDED_FP_LENGTH..2 * UTILS_PADDED_FP_LENGTH],
         &input.x.fp[1],
     );
     fp_to_bytes(
-        &mut out[2 * PADDED_FP_LENGTH..3 * PADDED_FP_LENGTH],
+        &mut out[2 * UTILS_PADDED_FP_LENGTH..3 * UTILS_PADDED_FP_LENGTH],
         &input.y.fp[0],
     );
     fp_to_bytes(
-        &mut out[3 * PADDED_FP_LENGTH..4 * PADDED_FP_LENGTH],
+        &mut out[3 * UTILS_PADDED_FP_LENGTH..4 * UTILS_PADDED_FP_LENGTH],
         &input.y.fp[1],
     );
     out.into()
@@ -69,9 +65,9 @@ pub(super) fn extract_g2_input(
         )));
     }
 
-    let mut input_fps = [&[0; FP_LENGTH]; 4];
+    let mut input_fps = [&[0; UTILS_FP_LENGTH]; 4];
     for i in 0..4 {
-        input_fps[i] = remove_padding(&input[i * PADDED_FP_LENGTH..(i + 1) * PADDED_FP_LENGTH])?;
+        input_fps[i] = remove_padding(&input[i * UTILS_PADDED_FP_LENGTH..(i + 1) * UTILS_PADDED_FP_LENGTH])?;
     }
 
     let out = decode_and_check_g2(input_fps[0], input_fps[1], input_fps[2], input_fps[3])?;

crates/precompile/src/bls12_381/g2_add.rs

@@ -1,21 +1,16 @@
-use super::g2::{encode_g2_point, extract_g2_input, G2_INPUT_ITEM_LENGTH};
+use super::g2::{encode_g2_point, extract_g2_input};
 use crate::{u64_to_address, PrecompileWithAddress};
 use crate::{PrecompileError, PrecompileOutput, PrecompileResult};
 use blst::{
     blst_p2, blst_p2_add_or_double_affine, blst_p2_affine, blst_p2_from_affine, blst_p2_to_affine,
 };
 use primitives::Bytes;
+use crate::bls12_381::bls12_381_const::{G2_ADD_ADDRESS, G2_ADD_BASE_GAS_FEE, G2_ADD_INPUT_LENGTH,G2_INPUT_ITEM_LENGTH};
+
 
 /// [EIP-2537](https://eips.ethereum.org/EIPS/eip-2537#specification) BLS12_G2ADD precompile.
 pub const PRECOMPILE: PrecompileWithAddress =
-    PrecompileWithAddress(u64_to_address(ADDRESS), g2_add);
-/// BLS12_G2ADD precompile address.
-pub const ADDRESS: u64 = 0x0d;
-/// Base gas fee for BLS12-381 g2_add operation.
-const BASE_GAS_FEE: u64 = 600;
-
-/// Input length of g2_add operation.
-const INPUT_LENGTH: usize = 512;
+    PrecompileWithAddress(u64_to_address(G2_ADD_ADDRESS), g2_add);
 
 /// G2 addition call expects `512` bytes as an input that is interpreted as byte
 /// concatenation of two G2 points (`256` bytes each).
@@ -24,13 +19,13 @@ const INPUT_LENGTH: usize = 512;
 /// bytes).
 /// See also <https://eips.ethereum.org/EIPS/eip-2537#abi-for-g2-addition>
 pub(super) fn g2_add(input: &Bytes, gas_limit: u64) -> PrecompileResult {
-    if BASE_GAS_FEE > gas_limit {
+    if G2_ADD_BASE_GAS_FEE > gas_limit {
         return Err(PrecompileError::OutOfGas.into());
     }
 
-    if input.len() != INPUT_LENGTH {
+    if input.len() != G2_ADD_INPUT_LENGTH {
         return Err(PrecompileError::Other(format!(
-            "G2ADD input should be {INPUT_LENGTH} bytes, was {}",
+            "G2ADD input should be {G2_ADD_INPUT_LENGTH} bytes, was {}",
             input.len()
         ))
         .into());
@@ -55,5 +50,5 @@ pub(super) fn g2_add(input: &Bytes, gas_limit: u64) -> PrecompileResult {
     unsafe { blst_p2_to_affine(&mut p_aff, &p) };
 
     let out = encode_g2_point(&p_aff);
-    Ok(PrecompileOutput::new(BASE_GAS_FEE, out))
+    Ok(PrecompileOutput::new(G2_ADD_BASE_GAS_FEE, out))
 }