Merge pull request #790 from ergoplatform/precomputedtables

sethdusek · web-flow · commit 7f927613c5a7 · 2026-02-05T13:59:52.000+05:00
Use precomputed tables
diff --git a/bindings/ergo-lib-python/src/multi_sig/hints.rs b/bindings/ergo-lib-python/src/multi_sig/hints.rs
@@ -113,7 +113,7 @@ fn extract_image(py: Python, image: &SigmaBoolean) -> PyResult<Py<PyAny>> {
 fn extract_commitment(py: Python, commitment: &FirstProverMessage) -> PyResult<Py<PyAny>> {
     match commitment {
         FirstProverMessage::FirstDlogProverMessage(ref first_dlog_prover_message) => {
-            Ok(Py::new(py, EcPoint::from(first_dlog_prover_message.a().clone()))?.into_any())
+            Ok(Py::new(py, EcPoint::from(*first_dlog_prover_message.a()))?.into_any())
         }
         FirstProverMessage::FirstDhtProverMessage(_) => Err(PyNotImplementedError::new_err(
             "ProveDHTuple is not supported",
diff --git a/bindings/ergo-lib-python/src/sigma_protocol.rs b/bindings/ergo-lib-python/src/sigma_protocol.rs
@@ -16,7 +16,7 @@ impl ProveDlog {
     }
     #[getter]
     fn h(&self) -> EcPoint {
-        (*self.0.h).clone().into()
+        (*self.0.h).into()
     }
     fn __repr__(&self) -> String {
         format!("{:?}", self.0)
diff --git a/bindings/ergo-lib-python/src/wallet/ext_pub_key.rs b/bindings/ergo-lib-python/src/wallet/ext_pub_key.rs
@@ -32,7 +32,7 @@ impl ExtPubKey {
         ))
     }
     fn public_key(&self) -> EcPoint {
-        self.0.public_key.clone().into()
+        self.0.public_key.into()
     }
     fn address(&self) -> Address {
         address::Address::from(self.0.clone()).into()
diff --git a/bindings/ergo-lib-wasm/src/transaction.rs b/bindings/ergo-lib-wasm/src/transaction.rs
@@ -401,7 +401,7 @@ impl UnsignedTransaction {
 
     /// Returns distinct token id from output_candidates as array of byte arrays
     pub fn distinct_token_ids(&self) -> Vec<Uint8Array> {
-        distinct_token_ids(self.0.output_candidates.clone())
+        distinct_token_ids(&self.0.output_candidates)
             .iter()
             .map(|id| Uint8Array::from(id.as_ref()))
             .collect()
diff --git a/ergo-chain-types/Cargo.toml b/ergo-chain-types/Cargo.toml
@@ -32,6 +32,13 @@ core2 = { workspace = true }
 default = ["std", "json"]
 arbitrary = ["proptest", "proptest-derive", "std"]
 json = ["serde", "serde_json", "serde_with"]
-std = ["dep:url", "base16/std", "base64/std", "serde/std"]
+std = [
+    "dep:url",
+    "base16/std",
+    "base64/std",
+    "serde/std",
+    "k256/precomputed-tables",
+    "k256/std",
+]
 
 [dev-dependencies]
diff --git a/ergo-chain-types/src/ec_point.rs b/ergo-chain-types/src/ec_point.rs
@@ -4,14 +4,15 @@ use alloc::string::String;
 use core::convert::TryFrom;
 use core::ops::{Add, Mul, Neg};
 use derive_more::{From, Into};
+use elliptic_curve::ops::MulByGenerator;
 use k256::elliptic_curve::group::prime::PrimeCurveAffine;
 use k256::elliptic_curve::sec1::ToEncodedPoint;
 use k256::{ProjectivePoint, PublicKey, Scalar};
 use sigma_ser::vlq_encode::{ReadSigmaVlqExt, WriteSigmaVlqExt};
 use sigma_ser::{ScorexParsingError, ScorexSerializable, ScorexSerializeResult};
 
 /// Elliptic curve point
-#[derive(PartialEq, Clone, Default, From, Into)]
+#[derive(PartialEq, Clone, Copy, Default, From, Into)]
 #[cfg_attr(
     feature = "json",
     derive(serde::Serialize, serde::Deserialize),
@@ -104,7 +105,7 @@ pub fn is_identity(ge: &EcPoint) -> bool {
 
 /// Calculates the inverse of the given group element
 pub fn inverse(ec: &EcPoint) -> EcPoint {
-    -ec.clone()
+    -*ec
 }
 
 /// Raises the base GroupElement to the exponent. The result is another GroupElement.
@@ -113,10 +114,15 @@ pub fn exponentiate(base: &EcPoint, exponent: &Scalar) -> EcPoint {
         // we treat EC as a multiplicative group, therefore, exponentiate point is multiply.
         EcPoint(base.0 * exponent)
     } else {
-        base.clone()
+        *base
     }
 }
 
+/// Raise the generator g to the exponent. This is faster than exponentiate(&generator(), exponent)
+pub fn exponentiate_gen(exponent: &Scalar) -> EcPoint {
+    ProjectivePoint::mul_by_generator(exponent).into()
+}
+
 impl ScorexSerializable for EcPoint {
     fn scorex_serialize<W: WriteSigmaVlqExt>(&self, w: &mut W) -> ScorexSerializeResult {
         let caff = self.0.to_affine();
diff --git a/ergo-lib/src/chain/transaction.rs b/ergo-lib/src/chain/transaction.rs
@@ -234,20 +234,14 @@ pub enum TransactionSignatureVerificationError {
 }
 
 /// Returns distinct token ids from all given ErgoBoxCandidate's
-pub fn distinct_token_ids<I>(output_candidates: I) -> IndexSet<TokenId>
+pub fn distinct_token_ids<'a, I>(output_candidates: I) -> IndexSet<TokenId>
 where
-    I: IntoIterator<Item = ErgoBoxCandidate>,
+    I: IntoIterator<Item = &'a ErgoBoxCandidate>,
 {
-    let token_ids: Vec<TokenId> = output_candidates
+    let token_ids = output_candidates
         .into_iter()
-        .flat_map(|b| {
-            b.tokens
-                .into_iter()
-                .flatten()
-                .map(|t| t.token_id)
-                .collect::<Vec<TokenId>>()
-        })
-        .collect();
+        .flat_map(|b| b.tokens.iter().flatten().map(|t| t.token_id));
+
     IndexSet::<_>::from_iter(token_ids)
 }
 
@@ -267,7 +261,7 @@ impl SigmaSerializable for Transaction {
             }
 
             // Serialize distinct ids of tokens in transaction outputs.
-            let distinct_token_ids = distinct_token_ids(self.output_candidates.clone());
+            let distinct_token_ids = distinct_token_ids(&self.output_candidates);
 
             // Note that `self.output_candidates` is of type `TxIoVec` which has a max length of
             // `u16::MAX`. Therefore the following unwrap is safe.
diff --git a/ergo-lib/src/chain/transaction/unsigned.rs b/ergo-lib/src/chain/transaction/unsigned.rs
@@ -124,7 +124,7 @@ impl UnsignedTransaction {
 
     /// Returns distinct token ids from all output_candidates
     pub fn distinct_token_ids(&self) -> IndexSet<TokenId> {
-        distinct_token_ids(self.output_candidates.clone())
+        distinct_token_ids(&self.output_candidates)
     }
 }
 
diff --git a/ergo-lib/src/wallet/deterministic.rs b/ergo-lib/src/wallet/deterministic.rs
@@ -77,7 +77,7 @@ mod test {
     use crate::wallet::Wallet;
     fn gen_boxes() -> impl Strategy<Value = (SecretKey, Vec<ErgoBox>)> {
         any::<Wscalar>()
-            .prop_map(|s| SecretKey::DlogSecretKey(DlogProverInput { w: s }))
+            .prop_map(|s| SecretKey::DlogSecretKey(DlogProverInput::new(s)))
             .prop_flat_map(|sk: SecretKey| {
                 (
                     Just(sk.clone()),
diff --git a/ergo-lib/src/wallet/ext_pub_key.rs b/ergo-lib/src/wallet/ext_pub_key.rs
@@ -28,7 +28,8 @@ type HmacSha512 = Hmac<Sha512>;
 pub struct ExtPubKey {
     /// Parsed public key (EcPoint)
     pub public_key: EcPoint,
-    chain_code: ChainCode,
+    /// Chain code bytes
+    pub chain_code: ChainCode,
     /// Derivation path for this extended public key
     pub derivation_path: DerivationPath,
 }
diff --git a/ergo-lib/src/wallet/ext_secret_key.rs b/ergo-lib/src/wallet/ext_secret_key.rs
@@ -1,6 +1,4 @@
 //! Extended private key operations according to BIP-32
-use core::convert::TryInto;
-
 use super::{
     derivation_path::{ChildIndex, ChildIndexError, DerivationPath},
     ext_pub_key::ExtPubKey,
@@ -28,14 +26,23 @@ type HmacSha512 = Hmac<Sha512>;
 
 /// Extended secret key
 /// implemented according to BIP-32
-#[derive(PartialEq, Eq, Debug, Clone)]
+#[derive(PartialEq, Eq, Clone)]
 pub struct ExtSecretKey {
-    /// The secret key
-    private_input: DlogProverInput,
+    private_input: Wscalar,
     chain_code: ChainCode,
     derivation_path: DerivationPath,
 }
 
+impl core::fmt::Debug for ExtSecretKey {
+    fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+        f.debug_struct("ExtSecretKey")
+            .field("private_input", &"*****") // disable debug output for secret key to prevent key leakage in logs
+            .field("chain_code", &self.chain_code)
+            .field("derivation_path", &self.derivation_path)
+            .finish()
+    }
+}
+
 /// Extended secret key errors
 #[derive(Error, PartialEq, Eq, Debug, Clone)]
 pub enum ExtSecretKeyError {
@@ -66,8 +73,8 @@ impl ExtSecretKey {
         chain_code: ChainCode,
         derivation_path: DerivationPath,
     ) -> Result<Self, ExtSecretKeyError> {
-        let private_input = DlogProverInput::from_bytes(&secret_key_bytes)
-            .ok_or(ExtSecretKeyError::ScalarEncodingError)?;
+        let private_input =
+            Wscalar::from_bytes(&secret_key_bytes).ok_or(ExtSecretKeyError::ScalarEncodingError)?;
         Ok(Self {
             private_input,
             chain_code,
@@ -82,7 +89,7 @@ impl ExtSecretKey {
 
     /// Returns secret key
     pub fn secret_key(&self) -> SecretKey {
-        self.private_input.clone().into()
+        DlogProverInput::new(self.private_input.clone()).into()
     }
 
     /// Byte representation of the underlying scalar
@@ -92,7 +99,7 @@ impl ExtSecretKey {
 
     /// Public image associated with the private input
     pub fn public_image(&self) -> ProveDlog {
-        self.private_input.public_image()
+        DlogProverInput::new(self.private_input.clone()).public_image()
     }
 
     /// Public image bytes in SEC-1 encoded & compressed format
@@ -103,12 +110,11 @@ impl ExtSecretKey {
     /// The extended public key associated with this secret key
     pub fn public_key(&self) -> Result<ExtPubKey, ExtSecretKeyError> {
         #[allow(clippy::unwrap_used)]
-        Ok(ExtPubKey::new(
-            // unwrap is safe as it is used on an Infallible result type
-            self.public_image_bytes()?.try_into().unwrap(),
-            self.chain_code,
-            self.derivation_path.clone(),
-        )?)
+        Ok(ExtPubKey {
+            public_key: *self.public_image().h,
+            chain_code: self.chain_code,
+            derivation_path: self.derivation_path.clone(),
+        })
     }
 
     /// Derive a child extended secret key using the provided index
@@ -127,16 +133,14 @@ impl ExtSecretKey {
         let mac_bytes = mac.finalize().into_bytes();
         let mut secret_key_bytes = [0; SecretKeyBytes::LEN];
         secret_key_bytes.copy_from_slice(&mac_bytes[..32]);
-        if let Some(dlog_prover) = DlogProverInput::from_bytes(&secret_key_bytes) {
+        if let Some(wscalar) = Wscalar::from_bytes(&secret_key_bytes) {
             // parse256(IL) + kpar (mod n).
             // via https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#child-key-derivation-ckd-functions
-            let child_secret_key: DlogProverInput = Wscalar::from(
-                dlog_prover
-                    .w
+            let child_secret_key = Wscalar::from(
+                wscalar
                     .as_scalar_ref()
-                    .add(self.private_input.w.as_scalar_ref()),
-            )
-            .into();
+                    .add(self.private_input.as_scalar_ref()),
+            );
             if child_secret_key.is_zero() {
                 // ki == 0 case of:
                 // > In case parse256(IL) ≥ n or ki = 0, the resulting key is invalid, and one
diff --git a/ergotree-interpreter/src/eval/create_provedlog.rs b/ergotree-interpreter/src/eval/create_provedlog.rs
@@ -16,7 +16,7 @@ impl Evaluable for CreateProveDlog {
         let value_v = self.input.eval(env, ctx)?;
         match value_v {
             Value::GroupElement(ecpoint) => {
-                let prove_dlog = ProveDlog::new((*ecpoint).clone());
+                let prove_dlog = ProveDlog::new(*ecpoint);
                 Ok(prove_dlog.into())
             }
             _ => Err(EvalError::UnexpectedValue(format!(
diff --git a/ergotree-interpreter/src/eval/multiply_group.rs b/ergotree-interpreter/src/eval/multiply_group.rs
@@ -17,7 +17,7 @@ impl Evaluable for MultiplyGroup {
 
         match (&left_v, &right_v) {
             (Value::GroupElement(left), Value::GroupElement(right)) => {
-                Ok(((**left).clone() * right).into())
+                Ok(((**left) * right).into())
             }
             _ => Err(EvalError::UnexpectedValue(format!(
                 "Expected MultiplyGroup input to be GroupElement, got: {0:?}",
@@ -46,7 +46,7 @@ mod tests {
         #[test]
         fn eval_any(left in any::<EcPoint>(), right in any::<EcPoint>()) {
 
-            let expected_mul = left.clone() * &right;
+            let expected_mul = left * &right;
 
             let expr: Expr = MultiplyGroup {
                 left: Box::new(Expr::Const(left.into())),
diff --git a/ergotree-interpreter/src/eval/sglobal.rs b/ergotree-interpreter/src/eval/sglobal.rs
@@ -680,7 +680,7 @@ mod tests {
         ))
         .unwrap();
         let get_encoded = MethodCall::new(
-            Constant::from(ec_point.clone()).into(),
+            Constant::from(ec_point).into(),
             GET_ENCODED_METHOD.clone(),
             vec![],
         )
@@ -698,7 +698,7 @@ mod tests {
         ))
         .unwrap();
         let get_encoded = MethodCall::new(
-            Constant::from(ec_point.clone()).into(),
+            Constant::from(ec_point).into(),
             GET_ENCODED_METHOD.clone(),
             vec![],
         )
diff --git a/ergotree-interpreter/src/eval/sgroup_elem.rs b/ergotree-interpreter/src/eval/sgroup_elem.rs
@@ -26,7 +26,7 @@ pub(crate) static GET_ENCODED_EVAL_FN: EvalFn = |_mc, _env, _ctx, obj, _args| {
 
 pub(crate) static NEGATE_EVAL_FN: EvalFn = |_mc, _env, _ctx, obj, _args| {
     let negated: EcPoint = match obj {
-        Value::GroupElement(ec_point) => Ok(-(*ec_point).clone()),
+        Value::GroupElement(ec_point) => Ok(-(*ec_point)),
         _ => Err(EvalError::UnexpectedValue(format!(
             "expected obj to be Value::GroupElement, got: {0:?}",
             obj
@@ -89,7 +89,7 @@ mod tests {
     fn eval_get_encoded() {
         let input = force_any_val::<EcPoint>();
         let expr: Expr = MethodCall::new(
-            input.clone().into(),
+            input.into(),
             sgroup_elem::GET_ENCODED_METHOD.clone(),
             vec![],
         )
@@ -106,20 +106,16 @@ mod tests {
     #[test]
     fn eval_negate() {
         let input = force_any_val::<EcPoint>();
-        let expr: Expr = MethodCall::new(
-            input.clone().into(),
-            sgroup_elem::NEGATE_METHOD.clone(),
-            vec![],
-        )
-        .unwrap()
-        .into();
+        let expr: Expr = MethodCall::new(input.into(), sgroup_elem::NEGATE_METHOD.clone(), vec![])
+            .unwrap()
+            .into();
         assert_eq!(-input, eval_out_wo_ctx::<EcPoint>(&expr))
     }
 
     proptest! {
         #[test]
         fn eval_exponentiate(a in any::<EcPoint>(), b in any::<BigInt256>()) {
-            let mc: Expr = MethodCall::new(Constant::from(a.clone()).into(), sgroup_elem::EXPONENTIATE_METHOD.clone(), vec![Constant::from(b).into()]).unwrap().into();
+            let mc: Expr = MethodCall::new(Constant::from(a).into(), sgroup_elem::EXPONENTIATE_METHOD.clone(), vec![Constant::from(b).into()]).unwrap().into();
             let exponentiate_node: Expr = Exponentiate::new(Constant::from(a).into(), Constant::from(b).into()).unwrap().into();
             assert_eq!(try_eval_out_wo_ctx::<Value>(&mc), try_eval_out_wo_ctx::<Value>(&exponentiate_node))
         }
@@ -131,12 +127,12 @@ mod tests {
                 &left,
                 pi.w.as_scalar_ref()
             );
-            let mc: Expr = MethodCall::new(Constant::from(left.clone()).into(), sgroup_elem::EXPONENTIATE_UNSIGNED_METHOD.clone(), vec![Constant::from(right).into()]).unwrap().into();
+            let mc: Expr = MethodCall::new(Constant::from(left).into(), sgroup_elem::EXPONENTIATE_UNSIGNED_METHOD.clone(), vec![Constant::from(right).into()]).unwrap().into();
             assert_eq!(eval_out_wo_ctx::<EcPoint>(&mc), expected_exp);
         }
         #[test]
         fn eval_multiply(a in any::<EcPoint>(), b in any::<EcPoint>()) {
-            let mc: Expr = MethodCall::new(Constant::from(a.clone()).into(), sgroup_elem::MULTIPLY_METHOD.clone(), vec![Constant::from(b.clone()).into()]).unwrap().into();
+            let mc: Expr = MethodCall::new(Constant::from(a).into(), sgroup_elem::MULTIPLY_METHOD.clone(), vec![Constant::from(b).into()]).unwrap().into();
             let multiply_node: Expr = MultiplyGroup::new(Constant::from(a).into(), Constant::from(b).into()).unwrap().into();
             assert_eq!(try_eval_out_wo_ctx::<Value>(&mc), try_eval_out_wo_ctx::<Value>(&multiply_node))
         }
diff --git a/ergotree-interpreter/src/sigma_protocol/dht_protocol.rs b/ergotree-interpreter/src/sigma_protocol/dht_protocol.rs
@@ -74,7 +74,7 @@ pub mod interactive_prover {
         );
 
         // COMPUTE a = g^z*u^(-e) and b = h^z*v^{-e}  (where -e here means -e mod q)
-        let e: Scalar = challenge.clone().into();
+        let e: Scalar = challenge.into();
         let minus_e = e.negate();
         let h_to_z = exponentiate(&public_input.h, &z);
         let g_to_z = exponentiate(&public_input.g, &z);
@@ -114,7 +114,7 @@ pub mod interactive_prover {
         rnd: &Wscalar,
         challenge: &Challenge,
     ) -> SecondDhTupleProverMessage {
-        let e: Scalar = challenge.clone().into();
+        let e: Scalar = challenge.into();
         // modulo multiplication, no need to explicit mod op
         let ew = e.mul(private_input.w.as_scalar_ref());
         // modulo addition, no need to explicit mod op
@@ -141,7 +141,7 @@ pub mod interactive_prover {
 
         let z = second_message.z.clone();
 
-        let e: Scalar = challenge.clone().into();
+        let e: Scalar = challenge.into();
 
         use ergo_chain_types::ec_point::{exponentiate, inverse};
 
diff --git a/ergotree-interpreter/src/sigma_protocol/dlog_protocol.rs b/ergotree-interpreter/src/sigma_protocol/dlog_protocol.rs
diff --git a/ergotree-interpreter/src/sigma_protocol/private_input.rs b/ergotree-interpreter/src/sigma_protocol/private_input.rs
diff --git a/ergotree-interpreter/src/sigma_protocol/prover.rs b/ergotree-interpreter/src/sigma_protocol/prover.rs
diff --git a/ergotree-interpreter/src/sigma_protocol/verifier.rs b/ergotree-interpreter/src/sigma_protocol/verifier.rs
diff --git a/ergotree-interpreter/src/sigma_protocol/wscalar.rs b/ergotree-interpreter/src/sigma_protocol/wscalar.rs
diff --git a/ergotree-ir/src/chain/address.rs b/ergotree-ir/src/chain/address.rs
diff --git a/ergotree-ir/src/mir/constant.rs b/ergotree-ir/src/mir/constant.rs
diff --git a/ergotree-ir/src/mir/value.rs b/ergotree-ir/src/mir/value.rs

Original file line number	Diff line number	Diff line change
`@@ -113,7 +113,7 @@ fn extract_image(py: Python, image: &SigmaBoolean) -> PyResult<Py<PyAny>> {`
`113`	`113`	`fn extract_commitment(py: Python, commitment: &FirstProverMessage) -> PyResult<Py<PyAny>> {`
`114`	`114`	`match commitment {`
`115`	`115`	`FirstProverMessage::FirstDlogProverMessage(ref first_dlog_prover_message) => {`
`116`		`- Ok(Py::new(py, EcPoint::from(first_dlog_prover_message.a().clone()))?.into_any())`
	`116`	`+ Ok(Py::new(py, EcPoint::from(*first_dlog_prover_message.a()))?.into_any())`
`117`	`117`	`}`
`118`	`118`	`FirstProverMessage::FirstDhtProverMessage(_) => Err(PyNotImplementedError::new_err(`
`119`	`119`	`"ProveDHTuple is not supported",`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ impl ProveDlog {`
`16`	`16`	`}`
`17`	`17`	`#[getter]`
`18`	`18`	`fn h(&self) -> EcPoint {`
`19`		`- (*self.0.h).clone().into()`
	`19`	`+ (*self.0.h).into()`
`20`	`20`	`}`
`21`	`21`	`fn __repr__(&self) -> String {`
`22`	`22`	`format!("{:?}", self.0)`
Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ impl ExtPubKey {`
`32`	`32`	`))`
`33`	`33`	`}`
`34`	`34`	`fn public_key(&self) -> EcPoint {`
`35`		`- self.0.public_key.clone().into()`
	`35`	`+ self.0.public_key.into()`
`36`	`36`	`}`
`37`	`37`	`fn address(&self) -> Address {`
`38`	`38`	`address::Address::from(self.0.clone()).into()`
Original file line number	Diff line number	Diff line change
`@@ -124,7 +124,7 @@ impl UnsignedTransaction {`
`124`	`124`
`125`	`125`	`/// Returns distinct token ids from all output_candidates`
`126`	`126`	`pub fn distinct_token_ids(&self) -> IndexSet<TokenId> {`
`127`		`- distinct_token_ids(self.output_candidates.clone())`
	`127`	`+ distinct_token_ids(&self.output_candidates)`
`128`	`128`	`}`
`129`	`129`	`}`
`130`	`130`
Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ mod test {`
`77`	`77`	`use crate::wallet::Wallet;`
`78`	`78`	`fn gen_boxes() -> impl Strategy<Value = (SecretKey, Vec<ErgoBox>)> {`
`79`	`79`	`any::<Wscalar>()`
`80`		`- .prop_map(\|s\| SecretKey::DlogSecretKey(DlogProverInput { w: s }))`
	`80`	`+ .prop_map(\|s\| SecretKey::DlogSecretKey(DlogProverInput::new(s)))`
`81`	`81`	`.prop_flat_map(\|sk: SecretKey\| {`
`82`	`82`	`(`
`83`	`83`	`Just(sk.clone()),`