Merge pull request #1760 from AztecProtocol/defi-bridge-project

Defi bridge project
AztecProtocol · Nov 17, 2022 · 3a1e5fd · 3a1e5fd
2 parents 6a3e156 + f3bc45c
commit 3a1e5fd
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 1 deletion.
diff --git a/src/aztec/ecc/curves/secp256k1/secp256k1.test.cpp b/src/aztec/ecc/curves/secp256k1/secp256k1.test.cpp
@@ -506,4 +506,12 @@ TEST(secp256k1, neg_and_self_neg_0_cmp_regression)
     EXPECT_EQ((a == a_neg), true);
 }
 
+TEST(secp256k1, montgomery_mul_big_bug)
+{
+    secp256k1::fq a(uint256_t{0xfffffffe630dc02f, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff});
+    secp256k1::fq a_sqr = a.sqr();
+    secp256k1::fq expected(uint256_t{0x60381e557e100000, 0x0, 0x0, 0x0});
+    EXPECT_EQ((a_sqr == expected), true);
+}
+
 } // namespace test_secp256k1
diff --git a/src/aztec/ecc/curves/secp256r1/secp256r1.test.cpp b/src/aztec/ecc/curves/secp256r1/secp256r1.test.cpp
@@ -468,4 +468,16 @@ TEST(secp256r1, check_compression_constructor)
     std::cout << "Affine element: " << el << std::endl;
 }**/
 
+TEST(secp256r1, montgomery_mul_big_bug)
+{
+    secp256r1::fr a;
+    a.data[0] = 0xC5BF4F6AFF993D09;
+    a.data[1] = 0xA3361BDA67E62E0E;
+    a.data[2] = 0xAAAAAAAAAAAAAAAA;
+    a.data[3] = 0xFFFFFFFFE38E38E3;
+    secp256r1::fr a_sqr = a.sqr();
+    secp256r1::fr expected(uint256_t{0x57abc6aa0349c084, 0x65b21b232a4cb7a5, 0x5ba781948b0fcd6e, 0xd6e9e0644bda12f7});
+    EXPECT_EQ((a_sqr == expected), true);
+}
+
 } // namespace test_secp256r1
diff --git a/src/aztec/ecc/fields/field_impl_generic.hpp b/src/aztec/ecc/fields/field_impl_generic.hpp
@@ -389,7 +389,7 @@ template <class T> constexpr field<T> field<T>::montgomery_mul_big(const field&
     uint64_t v1 = t2 + (t3 << 32);
     uint64_t v2 = t4 + (t5 << 32);
     uint64_t v3 = t6 + (t7 << 32);
-    uint64_t v4 = t8 + (t9 << 32);
+    uint64_t v4 = t8;
     uint64_t borrow = 0;
     uint64_t r0 = sbb(v0, modulus.data[0], borrow, borrow);
     uint64_t r1 = sbb(v1, modulus.data[1], borrow, borrow);