absolutebi/serai
1
0
Fork 0
mirror of https://github.com/serai-dex/serai.git synced 2025-12-08 12:19:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9221dbf0489f9c98e24264eaa407efbd2768b74d
serai/coins/monero/src/ringct/bulletproofs/core.rs

175 lines
4.8 KiB
Rust
Raw Normal View History

Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
// Required to be for this entire file, which isn't an issue, as it wouldn't bind to the static
#![allow(non_upper_case_globals)]
use lazy_static::lazy_static;
use rand_core::{RngCore, CryptoRng};
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
use curve25519_dalek::edwards::EdwardsPoint as DalekPoint;
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
use group::{ff::Field, Group};
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
use dalek_ff_group::{Scalar, EdwardsPoint};
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
use multiexp::multiexp as multiexp_const;
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
use crate::{
Bulletproofs+ (#70) * Initial stab at Bulletproofs+ Does move around the existing Bulletproofs code, does still work as expected. * Make the Clsag RCTPrunable type work with BP and BP+ * Initial set of BP+ bug fixes * Further bug fixes * Remove RING_LEN as a constant * Monero v16 TX support Doesn't implement view tags, nor going back to v14, nor the updated BP clawback logic. * Support v14 and v16 at the same time
2022-07-27 04:05:43 -05:00
H as DALEK_H, Commitment, hash, hash_to_scalar as dalek_hash,
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
ringct::hash_to_point::raw_hash_to_point, serialize::write_varint,
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
};
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) use crate::ringct::bulletproofs::scalar_vector::*;
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
// Bring things into ff/group
lazy_static! {
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) static ref INV_EIGHT: Scalar = Scalar::from(8u8).invert().unwrap();
pub(crate) static ref H: EdwardsPoint = EdwardsPoint(*DALEK_H);
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
}
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn hash_to_scalar(data: &[u8]) -> Scalar {
Remove Monero as a dependency Introduces missing CLSAG checks. The only difference now should be the additional rejection of torsioned points, which is relevant to https://github.com/serai-dex/serai/issues/25. Considering this is only currently used for FROST verification, this should be fine. Closes https://github.com/serai-dex/serai/issues/19 by making it irrelevant. Increases priority of https://github.com/serai-dex/serai/issues/68, as now it's used for the BP generators which are done at first-proof. Also merges BP's stricter hash_to_point with the library's, since CLSAG has the same bound.
2022-07-26 03:25:57 -04:00
Scalar(dalek_hash(data))
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
}
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
// Components common between variants
pub(crate) const MAX_M: usize = 16;
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) const N: usize = 64;
pub(crate) const MAX_MN: usize = MAX_M * N;
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) struct Generators {
pub(crate) G: Vec<EdwardsPoint>,
pub(crate) H: Vec<EdwardsPoint>,
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
}
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn generators_core(prefix: &'static [u8]) -> Generators {
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
let mut res = Generators { G: Vec::with_capacity(MAX_MN), H: Vec::with_capacity(MAX_MN) };
for i in 0 .. MAX_MN {
let i = 2 * i;
let mut even = (*H).compress().to_bytes().to_vec();
even.extend(prefix);
let mut odd = even.clone();
write_varint(&i.try_into().unwrap(), &mut even).unwrap();
write_varint(&(i + 1).try_into().unwrap(), &mut odd).unwrap();
res.H.push(EdwardsPoint(raw_hash_to_point(hash(&even))));
res.G.push(EdwardsPoint(raw_hash_to_point(hash(&odd))));
}
res
}
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn prove_multiexp(pairs: &[(Scalar, EdwardsPoint)]) -> EdwardsPoint {
multiexp_const(pairs) * *INV_EIGHT
}
Bulletproofs+ (#70) * Initial stab at Bulletproofs+ Does move around the existing Bulletproofs code, does still work as expected. * Make the Clsag RCTPrunable type work with BP and BP+ * Initial set of BP+ bug fixes * Further bug fixes * Remove RING_LEN as a constant * Monero v16 TX support Doesn't implement view tags, nor going back to v14, nor the updated BP clawback logic. * Support v14 and v16 at the same time
2022-07-27 04:05:43 -05:00
// TODO: Have this take in other, multiplied by G, and do a single multiexp
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn vector_exponent(
generators: &Generators,
a: &ScalarVector,
b: &ScalarVector,
) -> EdwardsPoint {
Remove re-calculation of N Moves most BP assertions to debug.
2022-07-26 05:31:15 -04:00
debug_assert_eq!(a.len(), b.len());
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
(a * &generators.G[.. a.len()]) + (b * &generators.H[.. b.len()])
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
}
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn hash_cache(cache: &mut Scalar, mash: &[[u8; 32]]) -> Scalar {
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
let slice =
&[cache.to_bytes().as_ref(), mash.iter().cloned().flatten().collect::<Vec<_>>().as_ref()]
.concat();
*cache = hash_to_scalar(slice);
*cache
}
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn MN(outputs: usize) -> (usize, usize, usize) {
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
let logN = 6;
Remove re-calculation of N Moves most BP assertions to debug.
2022-07-26 05:31:15 -04:00
debug_assert_eq!(N, 1 << logN);
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
let mut logM = 0;
let mut M;
while {
M = 1 << logM;
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
(M <= MAX_M) && (M < outputs)
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
} {
logM += 1;
}
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
(logM + logN, M, M * N)
}
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn bit_decompose(commitments: &[Commitment]) -> (ScalarVector, ScalarVector) {
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
let (_, M, MN) = MN(commitments.len());
Bulletproofs+ (#70) * Initial stab at Bulletproofs+ Does move around the existing Bulletproofs code, does still work as expected. * Make the Clsag RCTPrunable type work with BP and BP+ * Initial set of BP+ bug fixes * Further bug fixes * Remove RING_LEN as a constant * Monero v16 TX support Doesn't implement view tags, nor going back to v14, nor the updated BP clawback logic. * Support v14 and v16 at the same time
2022-07-27 04:05:43 -05:00
let sv = commitments.iter().map(|c| Scalar::from(c.amount)).collect::<Vec<_>>();
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
let mut aL = ScalarVector::new(MN);
let mut aR = ScalarVector::new(MN);
for j in 0 .. M {
for i in (0 .. N).rev() {
if (j < sv.len()) && ((sv[j][i / 8] & (1u8 << (i % 8))) != 0) {
aL.0[(j * N) + i] = Scalar::one();
} else {
aR.0[(j * N) + i] = -Scalar::one();
}
}
}
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
(aL, aR)
}
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn hash_commitments<C: IntoIterator<Item = DalekPoint>>(
BP Verification (#75) * Use a struct in an enum for Bulletproofs * verification bp working for just one proof * add some more assert tests * Clean BP verification * Implement batch verification * Add a debug assertion w_cache isn't 0 It's initially set to 0 and if not updated, this would be broken. * Correct Monero workflow yaml * Again try to corrent Monero workflow yaml * Again * Finally * Re-apply weights as required by Bulletproofs Removing these was insecure and my fault. Co-authored-by: DangerousFreedom <dangfreed@tutanota.com>
2022-07-31 21:45:53 -05:00
commitments: C,
) -> (Scalar, Vec<EdwardsPoint>) {
let V = commitments.into_iter().map(|c| EdwardsPoint(c) * *INV_EIGHT).collect::<Vec<_>>();
(hash_to_scalar(&V.iter().flat_map(|V| V.compress().to_bytes()).collect::<Vec<_>>()), V)
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
}
Implement Bulletproofs in Rust (#69) * Initial attempt at Bulletproofs I don't know why this doesn't work. The generators and hash_cache lines up without issue. AFAICT, the inner product proof is valid as well, as are all included formulas. * Add yinvpow asserts * Clean code * Correct bad imports * Fix the definition of TWO_N Bulletproofs work now :D * Tidy up a bit * fmt + clippy * Compile a variety of XMR dependencies with optimizations, even under dev The Rust bulletproof implementation is 8% slower than C right now, under release. This is acceptable, even if suboptimal. Under debug, they take a quarter of a second to two seconds though, depending on the amount of outputs, which justifies this move. * Remove unnecessary deref in BPs
2022-07-26 02:05:15 -05:00
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn alpha_rho<R: RngCore + CryptoRng>(
Modularize Bulletproofs in prep for BP+
2022-07-26 08:06:56 -04:00
rng: &mut R,
generators: &Generators,
aL: &ScalarVector,
aR: &ScalarVector,
) -> (Scalar, EdwardsPoint) {
Bulletproofs+ (#70) * Initial stab at Bulletproofs+ Does move around the existing Bulletproofs code, does still work as expected. * Make the Clsag RCTPrunable type work with BP and BP+ * Initial set of BP+ bug fixes * Further bug fixes * Remove RING_LEN as a constant * Monero v16 TX support Doesn't implement view tags, nor going back to v14, nor the updated BP clawback logic. * Support v14 and v16 at the same time
2022-07-27 04:05:43 -05:00
let ar = Scalar::random(rng);
(ar, (vector_exponent(generators, aL, aR) + (EdwardsPoint::generator() * ar)) * *INV_EIGHT)
}
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) fn LR_statements(
Bulletproofs+ (#70) * Initial stab at Bulletproofs+ Does move around the existing Bulletproofs code, does still work as expected. * Make the Clsag RCTPrunable type work with BP and BP+ * Initial set of BP+ bug fixes * Further bug fixes * Remove RING_LEN as a constant * Monero v16 TX support Doesn't implement view tags, nor going back to v14, nor the updated BP clawback logic. * Support v14 and v16 at the same time
2022-07-27 04:05:43 -05:00
a: &ScalarVector,
G_i: &[EdwardsPoint],
b: &ScalarVector,
H_i: &[EdwardsPoint],
cL: Scalar,
U: EdwardsPoint,
) -> Vec<(Scalar, EdwardsPoint)> {
let mut res = a
.0
.iter()
.cloned()
.zip(G_i.iter().cloned())
.chain(b.0.iter().cloned().zip(H_i.iter().cloned()))
.collect::<Vec<_>>();
res.push((cL, U));
res
}
lazy_static! {
Reorganize bulletproofs
2022-07-31 23:12:45 -04:00
pub(crate) static ref TWO_N: ScalarVector = ScalarVector::powers(Scalar::from(2u8), N);
Bulletproofs+ (#70) * Initial stab at Bulletproofs+ Does move around the existing Bulletproofs code, does still work as expected. * Make the Clsag RCTPrunable type work with BP and BP+ * Initial set of BP+ bug fixes * Further bug fixes * Remove RING_LEN as a constant * Monero v16 TX support Doesn't implement view tags, nor going back to v14, nor the updated BP clawback logic. * Support v14 and v16 at the same time
2022-07-27 04:05:43 -05:00
}
Bulletproofs+ Verification
2022-08-01 23:30:24 -04:00
pub(crate) fn challenge_products(w: &[Scalar], winv: &[Scalar]) -> Vec<Scalar> {
let mut products = vec![Scalar::zero(); 1 << w.len()];
products[0] = winv[0];
products[1] = w[0];
for j in 1 .. w.len() {
let mut slots = (1 << (j + 1)) - 1;
while slots > 0 {
products[slots] = products[slots / 2] * w[j];
products[slots - 1] = products[slots / 2] * winv[j];
slots = slots.saturating_sub(2);
}
}
// Sanity check as if the above failed to populate, it'd be critical
for w in &products {
debug_assert!(!bool::from(w.is_zero()));
}
products
}
Reference in New Issue Copy Permalink