Skip to content

Adding Stark curve + test large 2-adicity fields #1001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jul 7, 2025
Merged

Adding Stark curve + test large 2-adicity fields #1001

merged 5 commits into from
Jul 7, 2025

Conversation

shramee
Copy link
Contributor

@shramee shramee commented Jun 26, 2025
edited
Loading

Description

closes #1000

Support for fields with large 2 adicity

Currently tests fail to fields with large 2-adicity Field::TWO_ADICITY > 31 (currently limited by u32 used in tests).

  1. Use Field element instead of 1_u32 << ADICITY.
  2. Limit testing roots of unity to 63 in favour of get_root_of_unity using u64.

image

Adds Stark curve on 252 bit field.

This library implements the Stark curve, An elliptic curve defined over the
STARK field by equation y² ≡ x³ + α·x + β (mod q)
Where:

  • α = 1
  • β = 0x6f21413efbe40de150e596d72f7a8c5609ad26c15c915c1f4cdfcb99cee9e89
  • q = 3618502788666131213697322783095070105623107215331596699973092056135872020481
  • or, q = 2^251 + 17 * 2^192 + 1
    Generator point:
  • x = 0x1ef15c18599971b7beced415a40f0c7deacfd9b0d1819e03d723d8bc943cfca
  • y = 0x5668060aa49730b7be4801df46ec62de53ecd11abe43a32873000c36e8dc1f

https://docs.starknet.io/architecture/cryptography/#the_stark_curve

Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.

  • Targeted PR against correct branch (master)
  • Linked to GitHub issue with discussion and accepted design OR have an explanation in the PR that describes this work.
  • Update: Existing tests for fields and curve group via the macro.
  • Updated relevant documentation in the code
  • Added a relevant changelog entry to the Pending section in CHANGELOG.md
  • Re-reviewed Files changed in the GitHub PR explorer

@shramee shramee requested review from a team as code owners June 26, 2025 20:36
@shramee shramee requested review from Pratyush, mmagician and weikengchen and removed request for a team June 26, 2025 20:36
@shramee shramee force-pushed the stark-curve-fft-update branch from 05a8565 to 2dce3e8 Compare June 26, 2025 23:12
Pratyush
Pratyush reviewed Jul 1, 2025
View reviewed changes
Copy link
Member

@Pratyush Pratyush left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the PR!

I think the suggested comments should improve the tests without the need for hacks.

@shramee shramee force-pushed the stark-curve-fft-update branch from 2a27fe4 to c4b42e7 Compare July 2, 2025 09:33
Pratyush
Pratyush reviewed Jul 2, 2025
View reviewed changes
Pratyush
Pratyush reviewed Jul 2, 2025
View reviewed changes
Pratyush
Pratyush reviewed Jul 2, 2025
View reviewed changes
ff/src/fields/utils.rs Outdated
Comment on lines 20 to 30
pub fn k_adicity_big_int(k: BigUint, mut n: BigUint) -> u32 {
let mut r = 0;
while &n > &1_u8.into() {
if &n % &k == 0_u8.into() {
r += 1;
n /= &k;
} else {
return r;
}
}
r
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, we can write the loop more efficiently as:

Suggested change
pub fn k_adicity_big_int(k: BigUint, mut n: BigUint) -> u32 {
let mut r = 0;
while &n > &1_u8.into() {
if &n % &k == 0_u8.into() {
r += 1;
n /= &k;
} else {
return r;
}
}
r
}
pub fn k_adicity_big_int(k: u64, mut n: BigUint) -> u32 {
if n.is_zero() {
return 0;
}
let mut r = 0;
while (&n % k).is_zero() {
r += 1;
n /= k;
}
r
}

@shramee
Copy link
Contributor Author

shramee commented Jul 3, 2025

Apologies for the dirty commit.

#1001 (comment) This looks really pretty! I took the liberty to update the base k_adicity function the same way! ;)

shramee added 4 commits July 3, 2025 12:22
@shramee
feat: starkcurve impl
879d491 
chore: starkcurve change log
feat: implement starkcurve
chore: init starkcurve from grumpkin
@shramee
feat: large nth roots of unity
8543a70 
chore: test large 2-adicity
@shramee
optim: k-adicity utility
faf7104
@shramee
test: large nth roots of unity
ac31f90
@shramee shramee force-pushed the stark-curve-fft-update branch from c28210b to ac31f90 Compare July 3, 2025 09:22
@shramee
Copy link
Contributor Author

shramee commented Jul 3, 2025

Rebased (for the failing tests) and cleaned up the commit history if we want to preserve it on merging because of all the different stuff included in the PR.

new: added ZeroFlag after rebase.

Pratyush
Pratyush reviewed Jul 4, 2025
View reviewed changes
Pratyush
Pratyush approved these changes Jul 4, 2025
View reviewed changes
Copy link
Member

@Pratyush Pratyush left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM modulo the comment about documentation.

@Pratyush Pratyush added this pull request to the merge queue Jul 7, 2025
Merged via the queue into arkworks-rs:master with commit f7b03d8 Jul 7, 2025
38 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Pratyush Pratyush Pratyush approved these changes

@mmagician mmagician Awaiting requested review from mmagician mmagician is a code owner automatically assigned from arkworks-rs/maintainers

@weikengchen weikengchen Awaiting requested review from weikengchen weikengchen is a code owner automatically assigned from arkworks-rs/maintainers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shramee @Pratyush