Skip to content

Commit

Permalink
Reformulate EXPMOD as ethereum/EIPs#198 specifies
Browse files Browse the repository at this point in the history
  • Loading branch information
pirapira committed Jan 19, 2018
1 parent 896043d commit aa475fc
Showing 1 changed file with 14 additions and 25 deletions.
39 changes: 14 additions & 25 deletions Paper.tex
Original file line number Diff line number Diff line change
Expand Up @@ -1403,30 +1403,21 @@ \section{Precompiled Contracts}\label{app:precompiled}
\mathbf{o} &=& I_\mathbf{d}
\end{eqnarray}

The fifth contract performs arbitrary-precision exponentiation under modulo. Here, $0 ^ 0$ is taken to be one.
The first word in the input specifies the number of bytes that the first non-negative integer $B$ occupies.
The second word in the input specifies the number of bytes that the second non-negative integer $E$ occupies.
These two words are followed by $B$ and $E$; and the rest of the input is interpreted as the third non-negative integer $M$.
All non-negative integers $B$, $E$ $M$ are encoded as byte sequences in the big-endian way.
The fifth contract performs arbitrary-precision exponentiation under modulo. Here, $0 ^ 0$ is taken to be one, and $x \bmod 0$ is ???. The first word in the input specifies the number of bytes that the first non-negative integer $B$ occupies. The second word in the input specifies the number of bytes that the second non-negative integer $E$ occupies. The third word in the input specifies the number of bytes that the third non-negative integer $M$ occupies. These three words are followed by $B$, $E$ and $M$. The rest of the input is discarded. Whenever the input is too short, the missing bytes are considered to be zero. The output is encoded big-endian into the same format as $M$'s.

\begin{eqnarray}
\Xi_{\mathtt{EXPMOD}} &\equiv& \Xi_{\mathtt{PRE}} \quad \text{except:}\\
l_B &=& I_\mathbf{d}[0..31] \in \mathbb{P}_{256} \\
l_E &=& I_\mathbf{d}[32..63] \in \mathbb{P}_{256} \\
B &=& I_\mathbf{d}[64..(63 + l_B)] \\
E &=& I_\mathbf{d}[(64 + l_B)..(63 + l_B + l_E)] \\
M &=& I_\mathbf{d}[(64 + l_B + l_E)..(|I_\mathbf{d}| - 1)] \\
\Xi_{\mathtt{EXPMOD}}(\boldsymbol{\sigma}, g, I) &\equiv& (\varnothing, 0, A^0, ()) \quad \text{if} \quad |I_\mathbf{d}| < 64 + l_B + l_E\,\vee\,M\le B \\
g_r &=& G_{modexpbase} + G_{arithword} \Big\lceil \dfrac{|I_\mathbf{d}|}{32} \Big\rceil + |M|^2 |E| / G_{quaddivisor} \\
\mathbf{o} &=&
\begin{cases}
() & \text{if} \ M = 0 \\
B ^ E \bmod M \in \mathbb{B}_\ell & \text{otherwise}
\end{cases} \\
\ell &=&
\begin{cases}
0 &\text{if}\ M = 0 \quad \vee \quad {B ^ E} \bmod M = 0 \\
\lfloor \log_8(B ^ E \bmod M) \rfloor + 1 & \text{otherwise}
\Xi_{\mathtt{EXPMOD}} &\equiv& \Xi_{\mathtt{PRE}} \quad \text{except:} \\
g_r &=& \Big\lfloor\frac{\max(\ell_M,\ell_B)^2\max(\ell_E,1)}{G_{quaddivisor}}\Big\rfloor \\
\mathbf o &=& (B^E\bmod M)\in\mathbb P_{8\ell_M} \\
\ell_B &\equiv& i[0..31] \\
\ell_E &\equiv& i[32..63] \\
\ell_M &\equiv& i[64..95] \\
B &\equiv& i[96..(95+\ell_B)] \\
E &\equiv& i[(96+\ell_B)..(95+\ell_B+\ell_E)] \\
M &\equiv& i[(96+\ell_B+\ell_E)..(95+\ell_B+\ell_E+\ell_M)] \\
i[x] &\equiv& \begin{cases}
I_{\mathbf d}[x] &\text{if}\ x < |I_{\mathbf d}| \\
0 &\text{otherwise}
\end{cases}
\end{eqnarray}

Expand Down Expand Up @@ -1532,9 +1523,7 @@ \section{Fee Schedule}\label{app:fees}
$G_{sha3word}$ & 6 & Paid for each word (rounded up) for input data to a {\small SHA3} operation. \\
$G_{copy}$ & 3 & Partial payment for {\small *COPY} operations, multiplied by words copied, rounded up. \\
$G_{blockhash}$ & 20 & Payment for {\small BLOCKHASH} operation. \\
$G_{modexpbase}$ & 45 & Payment for the precompiled exponention under modulo. \\
$G_{arithword}$ & 6 & Paid for each word used in precompiled contracts for arbitrary precision arighmetics.\\
$G_{quaddivisor}$ & 32 & The quadratic coefficient of the input sizes of multiplication and division precompiled contracts. \\
$G_{quaddivisor}$ & 20 & The quadratic coefficient of the input sizes of the exponation-over-modulo precompiled contract. \\

%extern u256 const c_copyGas; ///< Multiplied by the number of 32-byte words that are copied (round up) for any *COPY operation and added.
\bottomrule
Expand Down

0 comments on commit aa475fc

Please sign in to comment.