Skip to content

Add a Math.inv function that inverse a number in Z/nZ #4839

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Amxx merged 28 commits into from
Jan 24, 2024
Merged

Add a Math.inv function that inverse a number in Z/nZ #4839

Changes from 1 commit
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
9616bdf
add a Math.inv function that inverse a number in Z/nZ
Amxx Jan 17, 2024
0408e14
add changeset
Amxx Jan 17, 2024
989a3d6
codespell
Amxx Jan 17, 2024
ce04087
remove .only
Amxx Jan 17, 2024
4de37d5
rewording
Amxx Jan 17, 2024
8915daa
Update Math.sol
Amxx Jan 17, 2024
e82cbf4
more fuzzing
Amxx Jan 17, 2024
658bc65
more fuzzing
Amxx Jan 17, 2024
6ea4d45
refactor fuzzing
Amxx Jan 17, 2024
89fca1b
using signed arithmetics more obviously matches Euclid's method and c…
Amxx Jan 19, 2024
1f96c34
fix lint
Amxx Jan 19, 2024
0ad5cd4
Merge branch 'master' into math/inverse
Amxx Jan 19, 2024
32fbe53
fix edge case where t1 = type(int256).min
Amxx Jan 19, 2024
5d9bcb5
Revert "fix edge case where t1 = type(int256).min"
Amxx Jan 19, 2024
d32f4da
rename Math.inv to Math.invMod
Amxx Jan 22, 2024
857bea3
doc
Amxx Jan 22, 2024
a246570
remove unecessary check
Amxx Jan 22, 2024
6f228f7
remove .only
Amxx Jan 22, 2024
a1fc06f
tests update
Amxx Jan 22, 2024
1ccee5d
Lint
ernestognw Jan 23, 2024
9a75472
Reword changeset
ernestognw Jan 23, 2024
0dee9d1
Add missing point
ernestognw Jan 23, 2024
cadc8e7
Typo
ernestognw Jan 23, 2024
284c2bb
Improve readability
ernestognw Jan 23, 2024
eb6b2ed
Explain overflows
ernestognw Jan 23, 2024
16a10a1
Update contracts/utils/math/Math.sol
ernestognw Jan 23, 2024
69000cc
@notice → @dev
Amxx Jan 24, 2024
f683c96
Merge branch 'math/inverse' of https://github.com/Amxx/openzeppelin-c…
Amxx Jan 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Improve readability
  • Loading branch information
@ernestognw
ernestognw committed Jan 23, 2024
commit 284c2bba5be8cf514b543b112d4cba56aefeb9e0
46 changes: 37 additions & 9 deletions contracts/utils/math/Math.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,16 +229,44 @@ library Math {
function invMod(uint256 a, uint256 n) internal pure returns (uint256) {
unchecked {
if (n == 0) return 0;
uint256 r1 = a % n;
uint256 r2 = n;
int256 t1 = 0;
int256 t2 = 1;
while (r1 != 0) {
uint256 q = r2 / r1;
(t1, t2, r2, r1) = (t2, t1 - t2 * int256(q), r1, r2 - r1 * q);

// The inverse modulo is calculated using the Extended Euclidean Algorithm (iterative version)
// Used to compute integers x and y such that: ax + ny = gcd(a, n).
// When the gcd is 1, then the inverse of a modulo n exists and it's x.
// ax + ny = 1
// ax = 1 + (-y)n
// ax ≡ 1 (mod n) # x is the inverse of a modulo n

// If the remainder is 0 the gcd is n right away.
uint256 remainder = a % n;
uint256 gcd = n;

// Therefore the initial coefficients are:
// ax + ny = gcd(a, n) = n
// 0a + 1n = n
int256 x = 0;
int256 y = 1;

while (remainder != 0) {
uint256 quotient = gcd / remainder;

(gcd, remainder) = (
// The old remainder is the next gcd to try.
remainder,
// Compute the next remainder.
gcd - remainder * quotient
);

(x, y) = (
// Increment the coefficient of a.
y,
// Decrement the coefficient of n.
x - y * int256(quotient)
);
}
if (r2 != 1) return 0;
return t1 < 0 ? (n - uint256(-t1)) : uint256(t1);

if (gcd != 1) return 0; // No inverse exists.
return x < 0 ? (n - uint256(-x)) : uint256(x); // Wrap the result if it's negative.
}
}

Expand Down