arkworks-rs · Pratyush · Mar 25, 2021 · Mar 6, 2021 · Mar 13, 2021 · Mar 15, 2021
@@ -11,6 +11,7 @@ The main features of this release are:
 - Big speedups to radix-2 FFTs
 - Fix in the assembly arithmetic backend
 - Adding new traits for basic curve cycles and pairing based curve cycles
+- Providing wNAF scalar multiplcation functionality
 
 ### Breaking changes
 - #20 (ark-poly) Move univariate DensePolynomial and SparsePolynomial into a

diff --git a/ec/src/group.rs b/ec/src/group.rs
@@ -11,6 +11,8 @@ use ark_ff::{
     UniformRand,
 };
 
+pub mod wnaf;
+
 pub trait Group:
     ToBytes
     + 'static

diff --git a/ec/src/group/wnaf.rs b/ec/src/group/wnaf.rs
@@ -0,0 +1,39 @@
+extern crate alloc;
+use crate::Group;
+use alloc::vec::Vec;
+
+pub fn wnaf_mul<G: Group>(table: &[G], scalar_wnaf: &[i64]) -> G {
+    let mut result = G::zero();
+
+    let mut found_one = false;
+
+    for n in scalar_wnaf.iter().rev() {
+        if found_one {
+            result = result.double();
+        }
+
+        if *n != 0 {
+            found_one = true;
+
+            if *n > 0 {
+                result += &table[(n / 2) as usize];
+            } else {
+                result -= &table[((-n) / 2) as usize];
+            }
+        }
+    }
+
+    result
+}
+
+pub fn wnaf_table<G: Group>(table: &mut Vec<G>, mut base: G, window: usize) {
+    table.truncate(0);
+    table.reserve(1 << (window - 1));
+
+    let dbl = base.double();
+
+    for _ in 0..(1 << (window - 1)) {
+        table.push(base);
+        base.add_assign(&dbl);
+    }
+}
@@ -1,5 +1,8 @@
 #![allow(unused)]
+use ark_ec::group::wnaf::{wnaf_mul, wnaf_table};
 use ark_ec::group::Group;
+use ark_ff::fields::PrimeField;
+use ark_ff::BigInteger;
 use ark_ff::{One, UniformRand, Zero};
 
 pub fn group_test<G: Group>(a: G, mut b: G) {
@@ -8,6 +11,7 @@ pub fn group_test<G: Group>(a: G, mut b: G) {
     let fr_zero = G::ScalarField::zero();
     let fr_one = G::ScalarField::one();
     let fr_two = fr_one + &fr_one;
+
     assert_eq!(zero, zero);
     assert_eq!(zero.is_zero(), true);
     assert_eq!(a.mul(&fr_one), a);
@@ -70,4 +74,14 @@ pub fn group_test<G: Group>(a: G, mut b: G) {
         a.mul(&(fr_rand1 * &fr_rand2)),
         "(a * r1) * r2 != a * (r1 * r2)"
     );
+
+    // Check that mul and wnaf_mul give the same results for several window values
+    for w in 2..=22 {
+        let scalar = G::ScalarField::rand(&mut rng);
+        let scalar_bigint: <G::ScalarField as PrimeField>::BigInt = scalar.into();
+        let scalar_wnaf = scalar_bigint.find_wnaf();
+        let mut wnaf_lut: Vec<G> = vec![];
+        wnaf_table(&mut wnaf_lut, a, w);
+        assert_eq!(a.mul(&scalar), wnaf_mul(&wnaf_lut, &scalar_wnaf));
+    }
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -11,6 +11,8 @@ use ark_ff::{ @@
         UniformRand,
     };
+    pub mod wnaf;
     pub trait Group:
         ToBytes
         + 'static
@@ Expand Down @@