witnet-solidity-bridge

{ "contractName": "Secp256k1", "abi": [], "metadata": "{\"compiler\":{\"version\":\"0.8.30+commit.73712a01\"},\"language\":\"Solidity\",\"output\":{\"abi\":[],\"devdoc\":{\"author\":\"cyphered.eth\",\"details\":\"Library providing arithmetic operations over signed `secpk256k1` signed message due to recover the signer public key EC point in `Solidity`.\",\"kind\":\"dev\",\"methods\":{},\"title\":\"Secp256k1 public key recovery Library\",\"version\":1},\"userdoc\":{\"kind\":\"user\",\"methods\":{},\"version\":1}},\"settings\":{\"compilationTarget\":{\"project:/contracts/libs/Secp256k1.sol\":\"Secp256k1\"},\"evmVersion\":\"prague\",\"libraries\":{},\"metadata\":{\"bytecodeHash\":\"ipfs\"},\"optimizer\":{\"enabled\":true,\"runs\":200},\"remappings\":[]},\"sources\":{\"project:/contracts/libs/Secp256k1.sol\":{\"keccak256\":\"0xbe686002da5004ff39dd70709f3820eba2afe9323ae9cb894009c161e4b1a666\",\"license\":\"MIT\",\"urls\":[\"bzz-raw://18fab91775216de0707cea9ad285b10be09127461a13432fea358bf9cb2a0c2e\",\"dweb:/ipfs/QmeRUGsgstnM4hxM9hpkBf3L6cE5btirEaowcMxmuw3utj\"]}},\"version\":1}", "bytecode": "0x60556032600b8282823980515f1a607314602657634e487b7160e01b5f525f60045260245ffd5b305f52607381538281f3fe730000000000000000000000000000000000000000301460806040525f5ffdfea2646970667358221220a7da7ff7eee65caa710f4e2a338a3e8acd400d3108d33ebb92ad1e20ed77c9dc64736f6c634300081e0033", "deployedBytecode": "0x730000000000000000000000000000000000000000301460806040525f5ffdfea2646970667358221220a7da7ff7eee65caa710f4e2a338a3e8acd400d3108d33ebb92ad1e20ed77c9dc64736f6c634300081e0033", "immutableReferences": {}, "generatedSources": [], "deployedGeneratedSources": [], "sourceMap": "299:10679:112:-:0;;;;;;;;;;;;;;;-1:-1:-1;;;299:10679:112;;;;;;;;;;;;;;;;;", "deployedSourceMap": "299:10679:112:-:0;;;;;;;;", "source": "// SPDX-License-Identifier: MIT\r\n\r\npragma solidity >= 0.8.17;\r\n\r\n/**\r\n * @title Secp256k1 public key recovery Library\r\n * @dev Library providing arithmetic operations over signed `secpk256k1` signed message due to recover the signer public key EC point in `Solidity`.\r\n * @author cyphered.eth\r\n */\r\nlibrary Secp256k1 {\r\n // Elliptic curve Constants\r\n uint256 private constant U255_MAX_PLUS_1 =\r\n 57896044618658097711785492504343953926634992332820282019728792003956564819968;\r\n\r\n // Curve Constants\r\n uint256 private constant A = 0;\r\n uint256 private constant B = 7;\r\n uint256 private constant GX = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798;\r\n uint256 private constant GY = 0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8;\r\n uint256 private constant P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F;\r\n uint256 private constant N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141;\r\n\r\n /// @dev recovers signer public key point value.\r\n /// @param digest hashed message\r\n /// @param v recovery\r\n /// @param r first 32 bytes of signature\r\n /// @param v last 32 bytes of signature\r\n /// @return (x, y) EC point\r\n function recover(\r\n uint256 digest,\r\n uint8 v,\r\n uint256 r,\r\n uint256 s\r\n ) internal pure returns (uint256, uint256) {\r\n uint256 x = addmod(r, P * (v >> 1), P);\r\n if (x > P || s > N || r > N || s == 0 || r == 0 || v > 1) {\r\n return (0, 0);\r\n }\r\n uint256 rInv = invMod(r, N);\r\n\r\n uint256 y2 = addmod(mulmod(x, mulmod(x, x, P), P), addmod(mulmod(x, A, P), B, P), P);\r\n y2 = expMod(y2, (P + 1) / 4);\r\n uint256 y = ((y2 + v + 2) & 1 == 0) ? y2 : P - y2;\r\n\r\n (uint256 qx, uint256 qy, uint256 qz) = jacMul(mulmod(rInv, N - digest, N), GX, GY, 1);\r\n (uint256 qx2, uint256 qy2, uint256 qz2) = jacMul(mulmod(rInv, s, N), x, y, 1);\r\n (uint256 qx3, uint256 qy3) = ecAdd(qx, qy, qz, qx2, qy2, qz2);\r\n\r\n return (qx3, qy3);\r\n }\r\n\r\n /// @dev Modular exponentiation, b^e % P.\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// Source: https://github.com/androlo/standard-contracts/blob/master/contracts/src/crypto/ECCMath.sol\r\n /// @param _base base\r\n /// @param _exp exponent\r\n /// @return r such that r = b**e (mod P)\r\n function expMod(uint256 _base, uint256 _exp) internal pure returns (uint256) {\r\n if (_base == 0) return 0;\r\n if (_exp == 0) return 1;\r\n\r\n uint256 r = 1;\r\n uint256 bit = U255_MAX_PLUS_1;\r\n assembly {\r\n for {\r\n\r\n } gt(bit, 0) {\r\n\r\n } {\r\n r := mulmod(mulmod(r, r, P), exp(_base, iszero(iszero(and(_exp, bit)))), P)\r\n r := mulmod(mulmod(r, r, P), exp(_base, iszero(iszero(and(_exp, div(bit, 2))))), P)\r\n r := mulmod(mulmod(r, r, P), exp(_base, iszero(iszero(and(_exp, div(bit, 4))))), P)\r\n r := mulmod(mulmod(r, r, P), exp(_base, iszero(iszero(and(_exp, div(bit, 8))))), P)\r\n bit := div(bit, 16)\r\n }\r\n }\r\n\r\n return r;\r\n }\r\n\r\n /// @dev Adds two points (x1, y1, z1) and (x2 y2, z2).\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// @param _x1 coordinate x of P1\r\n /// @param _y1 coordinate y of P1\r\n /// @param _z1 coordinate z of P1\r\n /// @param _x2 coordinate x of square\r\n /// @param _y2 coordinate y of square\r\n /// @param _z2 coordinate z of square\r\n /// @return (qx, qy, qz) P1+square in Jacobian\r\n function jacAdd(\r\n uint256 _x1,\r\n uint256 _y1,\r\n uint256 _z1,\r\n uint256 _x2,\r\n uint256 _y2,\r\n uint256 _z2\r\n )\r\n internal\r\n pure\r\n returns (\r\n uint256,\r\n uint256,\r\n uint256\r\n )\r\n {\r\n if (_x1 == 0 && _y1 == 0) return (_x2, _y2, _z2);\r\n if (_x2 == 0 && _y2 == 0) return (_x1, _y1, _z1);\r\n\r\n // We follow the equations described in https://pdfs.semanticscholar.org/5c64/29952e08025a9649c2b0ba32518e9a7fb5c2.pdf Section 5\r\n uint256[4] memory zs; // z1^2, z1^3, z2^2, z2^3\r\n zs[0] = mulmod(_z1, _z1, P);\r\n zs[1] = mulmod(_z1, zs[0], P);\r\n zs[2] = mulmod(_z2, _z2, P);\r\n zs[3] = mulmod(_z2, zs[2], P);\r\n\r\n // u1, s1, u2, s2\r\n zs = [mulmod(_x1, zs[2], P), mulmod(_y1, zs[3], P), mulmod(_x2, zs[0], P), mulmod(_y2, zs[1], P)];\r\n\r\n // In case of zs[0] == zs[2] && zs[1] == zs[3], double function should be used\r\n require(zs[0] != zs[2] || zs[1] != zs[3], 'Use jacDouble function instead');\r\n\r\n uint256[4] memory hr;\r\n //h\r\n hr[0] = addmod(zs[2], P - zs[0], P);\r\n //r\r\n hr[1] = addmod(zs[3], P - zs[1], P);\r\n //h^2\r\n hr[2] = mulmod(hr[0], hr[0], P);\r\n // h^3\r\n hr[3] = mulmod(hr[2], hr[0], P);\r\n // qx = -h^3 -2u1h^2+r^2\r\n uint256 qx = addmod(mulmod(hr[1], hr[1], P), P - hr[3], P);\r\n qx = addmod(qx, P - mulmod(2, mulmod(zs[0], hr[2], P), P), P);\r\n // qy = -s1*z1*h^3+r(u1*h^2 -x^3)\r\n uint256 qy = mulmod(hr[1], addmod(mulmod(zs[0], hr[2], P), P - qx, P), P);\r\n qy = addmod(qy, P - mulmod(zs[1], hr[3], P), P);\r\n // qz = h*z1*z2\r\n uint256 qz = mulmod(hr[0], mulmod(_z1, _z2, P), P);\r\n return (qx, qy, qz);\r\n }\r\n\r\n /// @dev Multiply point (x, y, z) times d.\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// @param _d scalar to multiply\r\n /// @param _x coordinate x of P1\r\n /// @param _y coordinate y of P1\r\n /// @param _z coordinate z of P1\r\n /// @return (qx, qy, qz) d*P1 in Jacobian\r\n function jacMul(\r\n uint256 _d,\r\n uint256 _x,\r\n uint256 _y,\r\n uint256 _z\r\n )\r\n internal\r\n pure\r\n returns (\r\n uint256,\r\n uint256,\r\n uint256\r\n )\r\n {\r\n // Early return in case that `_d == 0`\r\n if (_d == 0) {\r\n return (_x, _y, _z);\r\n }\r\n\r\n uint256 remaining = _d;\r\n uint256 qx = 0;\r\n uint256 qy = 0;\r\n uint256 qz = 1;\r\n\r\n // Double and add algorithm\r\n while (remaining != 0) {\r\n if ((remaining & 1) != 0) {\r\n (qx, qy, qz) = jacAdd(qx, qy, qz, _x, _y, _z);\r\n }\r\n remaining = remaining / 2;\r\n (_x, _y, _z) = jacDouble(_x, _y, _z);\r\n }\r\n return (qx, qy, qz);\r\n }\r\n\r\n /// @dev Doubles a points (x, y, z).\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// @param _x coordinate x of P1\r\n /// @param _y coordinate y of P1\r\n /// @param _z coordinate z of P1\r\n /// @return (qx, qy, qz) 2P in Jacobian\r\n function jacDouble(\r\n uint256 _x,\r\n uint256 _y,\r\n uint256 _z\r\n )\r\n internal\r\n pure\r\n returns (\r\n uint256,\r\n uint256,\r\n uint256\r\n )\r\n {\r\n if (_z == 0) return (_x, _y, _z);\r\n\r\n // We follow the equations described in https://pdfs.semanticscholar.org/5c64/29952e08025a9649c2b0ba32518e9a7fb5c2.pdf Section 5\r\n // Note: there is a bug in the paper regarding the m parameter, M=3*(x1^2)+a*(z1^4)\r\n // x, y, z at this point represent the squares of _x, _y, _z\r\n uint256 x = mulmod(_x, _x, P); //x1^2\r\n uint256 y = mulmod(_y, _y, P); //y1^2\r\n uint256 z = mulmod(_z, _z, P); //z1^2\r\n\r\n // s\r\n uint256 s = mulmod(4, mulmod(_x, y, P), P);\r\n // m\r\n uint256 m = addmod(mulmod(3, x, P), mulmod(A, mulmod(z, z, P), P), P);\r\n\r\n // x, y, z at this point will be reassigned and rather represent qx, qy, qz from the paper\r\n // This allows to reduce the gas cost and stack footprint of the algorithm\r\n // qx\r\n x = addmod(mulmod(m, m, P), P - addmod(s, s, P), P);\r\n // qy = -8*y1^4 + M(S-T)\r\n y = addmod(mulmod(m, addmod(s, P - x, P), P), P - mulmod(8, mulmod(y, y, P), P), P);\r\n // qz = 2*y1*z1\r\n z = mulmod(2, mulmod(_y, _z, P), P);\r\n\r\n return (x, y, z);\r\n }\r\n\r\n /// @dev Add two points (x1, y1) and (x2, y2) in affine coordinates.\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// @param _x1 coordinate x of P1\r\n /// @param _y1 coordinate y of P1\r\n /// @param _x2 coordinate x of P2\r\n /// @param _y2 coordinate y of P2\r\n /// @return (qx, qy) = P1+P2 in affine coordinates\r\n function ecAdd(\r\n uint256 _x1,\r\n uint256 _y1,\r\n uint256 _z1,\r\n uint256 _x2,\r\n uint256 _y2,\r\n uint256 _z2\r\n ) internal pure returns (uint256, uint256) {\r\n uint256 x = 0;\r\n uint256 y = 0;\r\n uint256 z = 0;\r\n\r\n // Double if x1==x2 else add\r\n if (_x1 == _x2) {\r\n // y1 = -y2 mod p\r\n if (addmod(_y1, _y2, P) == 0) {\r\n return (0, 0);\r\n } else {\r\n // P1 = P2\r\n (x, y, z) = jacDouble(_x1, _y1, _z1);\r\n }\r\n } else {\r\n (x, y, z) = jacAdd(_x1, _y1, _z1, _x2, _y2, _z2);\r\n }\r\n // Get back to affine\r\n return toAffine(x, y, z);\r\n }\r\n\r\n /// @dev Converts a point (x, y, z) expressed in Jacobian coordinates to affine coordinates (x', y', 1).\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// @param _x coordinate x\r\n /// @param _y coordinate y\r\n /// @param _z coordinate z\r\n /// @return (x', y') affine coordinates\r\n function toAffine(\r\n uint256 _x,\r\n uint256 _y,\r\n uint256 _z\r\n ) internal pure returns (uint256, uint256) {\r\n uint256 zInv = invMod(_z, P);\r\n uint256 zInv2 = mulmod(zInv, zInv, P);\r\n uint256 x2 = mulmod(_x, zInv2, P);\r\n uint256 y2 = mulmod(_y, mulmod(zInv, zInv2, P), P);\r\n\r\n return (x2, y2);\r\n }\r\n\r\n /// @dev Modular euclidean inverse of a number (mod p).\r\n /// Source: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol\r\n /// @param _x The number\r\n /// @param _pp The modulus\r\n /// @return q such that x*q = 1 (mod _pp)\r\n function invMod(uint256 _x, uint256 _pp) internal pure returns (uint256) {\r\n require(_x != 0 && _x != _pp && _pp != 0, 'Invalid number');\r\n uint256 q = 0;\r\n uint256 newT = 1;\r\n uint256 r = _pp;\r\n uint256 t;\r\n while (_x != 0) {\r\n t = r / _x;\r\n (q, newT) = (newT, addmod(q, (_pp - mulmod(t, newT, _pp)), _pp));\r\n (r, _x) = (_x, r - t * _x);\r\n }\r\n\r\n return q;\r\n }\r\n}", "sourcePath": "C:\\Users\\guill\\github\\guidiaz\\witnet-solidity-bridge\\contracts\\libs\\Secp256k1.sol", "ast": { "absolutePath": "project:/contracts/libs/Secp256k1.sol", "exportedSymbols": { "Secp256k1": [ 32535 ] }, "id": 32536, "license": "MIT", "nodeType": "SourceUnit", "nodes": [ { "id": 31521, "literals": [ "solidity", ">=", "0.8", ".17" ], "nodeType": "PragmaDirective", "src": "35:26:112" }, { "abstract": false, "baseContracts": [], "canonicalName": "Secp256k1", "contractDependencies": [], "contractKind": "library", "documentation": { "id": 31522, "nodeType": "StructuredDocumentation", "src": "65:232:112", "text": " @title Secp256k1 public key recovery Library\n @dev Library providing arithmetic operations over signed `secpk256k1` signed message due to recover the signer public key EC point in `Solidity`.\n @author cyphered.eth" }, "fullyImplemented": true, "id": 32535, "linearizedBaseContracts": [ 32535 ], "name": "Secp256k1", "nameLocation": "307:9:112", "nodeType": "ContractDefinition", "nodes": [ { "constant": true, "id": 31525, "mutability": "constant", "name": "U255_MAX_PLUS_1", "nameLocation": "382:15:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "357:129:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31523, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "357:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "3537383936303434363138363538303937373131373835343932353034333433393533393236363334393932333332383230323832303139373238373932303033393536353634383139393638", "id": 31524, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "409:77:112", "typeDescriptions": { "typeIdentifier": "t_rational_57896044618658097711785492504343953926634992332820282019728792003956564819968_by_1", "typeString": "int_const 5789...(69 digits omitted)...9968" }, "value": "57896044618658097711785492504343953926634992332820282019728792003956564819968" }, "visibility": "private" }, { "constant": true, "id": 31528, "mutability": "constant", "name": "A", "nameLocation": "544:1:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "519:30:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31526, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "519:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "30", "id": 31527, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "548:1:112", "typeDescriptions": { "typeIdentifier": "t_rational_0_by_1", "typeString": "int_const 0" }, "value": "0" }, "visibility": "private" }, { "constant": true, "id": 31531, "mutability": "constant", "name": "B", "nameLocation": "581:1:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "556:30:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31529, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "556:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "37", "id": 31530, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "585:1:112", "typeDescriptions": { "typeIdentifier": "t_rational_7_by_1", "typeString": "int_const 7" }, "value": "7" }, "visibility": "private" }, { "constant": true, "id": 31534, "mutability": "constant", "name": "GX", "nameLocation": "618:2:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "593:96:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31532, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "593:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "307837394245363637454639444342424143353541303632393543453837304230373032394246434442324443453238443935394632383135423136463831373938", "id": 31533, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "623:66:112", "typeDescriptions": { "typeIdentifier": "t_rational_55066263022277343669578718895168534326250603453777594175500187360389116729240_by_1", "typeString": "int_const 5506...(69 digits omitted)...9240" }, "value": "0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798" }, "visibility": "private" }, { "constant": true, "id": 31537, "mutability": "constant", "name": "GY", "nameLocation": "721:2:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "696:96:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31535, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "696:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "307834383341444137373236413343343635354441344642464330453131303841384644313742343438413638353534313939433437443038464642313044344238", "id": 31536, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "726:66:112", "typeDescriptions": { "typeIdentifier": "t_rational_32670510020758816978083085130507043184471273380659243275938904335757337482424_by_1", "typeString": "int_const 3267...(69 digits omitted)...2424" }, "value": "0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8" }, "visibility": "private" }, { "constant": true, "id": 31540, "mutability": "constant", "name": "P", "nameLocation": "824:1:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "799:95:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31538, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "799:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "307846464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646464646454646464646433246", "id": 31539, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "828:66:112", "typeDescriptions": { "typeIdentifier": "t_rational_115792089237316195423570985008687907853269984665640564039457584007908834671663_by_1", "typeString": "int_const 1157...(70 digits omitted)...1663" }, "value": "0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F" }, "visibility": "private" }, { "constant": true, "id": 31543, "mutability": "constant", "name": "N", "nameLocation": "926:1:112", "nodeType": "VariableDeclaration", "scope": 32535, "src": "901:95:112", "stateVariable": true, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31541, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "901:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "value": { "hexValue": "307846464646464646464646464646464646464646464646464646464646464646454241414544434536414634384130334242464432354538434430333634313431", "id": 31542, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "930:66:112", "typeDescriptions": { "typeIdentifier": "t_rational_115792089237316195423570985008687907852837564279074904382605163141518161494337_by_1", "typeString": "int_const 1157...(70 digits omitted)...4337" }, "value": "0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141" }, "visibility": "private" }, { "body": { "id": 31716, "nodeType": "Block", "src": "1396:687:112", "statements": [ { "assignments": [ 31560 ], "declarations": [ { "constant": false, "id": 31560, "mutability": "mutable", "name": "x", "nameLocation": "1415:1:112", "nodeType": "VariableDeclaration", "scope": 31716, "src": "1407:9:112", "stateVariable": false, "storageLocation": "default", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "typeName": { "id": 31559, "name": "uint256", "nodeType": "ElementaryTypeName", "src": "1407:7:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "visibility": "internal" } ], "id": 31571, "initialValue": { "arguments": [ { "id": 31562, "name": "r", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31550, "src": "1426:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, { "commonType": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "id": 31568, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31563, "name": "P", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31540, "src": "1429:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "BinaryOperation", "operator": "*", "rightExpression": { "components": [ { "commonType": { "typeIdentifier": "t_uint8", "typeString": "uint8" }, "id": 31566, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31564, "name": "v", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31548, "src": "1434:1:112", "typeDescriptions": { "typeIdentifier": "t_uint8", "typeString": "uint8" } }, "nodeType": "BinaryOperation", "operator": ">>", "rightExpression": { "hexValue": "31", "id": 31565, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "1439:1:112", "typeDescriptions": { "typeIdentifier": "t_rational_1_by_1", "typeString": "int_const 1" }, "value": "1" }, "src": "1434:6:112", "typeDescriptions": { "typeIdentifier": "t_uint8", "typeString": "uint8" } } ], "id": 31567, "isConstant": false, "isInlineArray": false, "isLValue": false, "isPure": false, "lValueRequested": false, "nodeType": "TupleExpression", "src": "1433:8:112", "typeDescriptions": { "typeIdentifier": "t_uint8", "typeString": "uint8" } }, "src": "1429:12:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, { "id": 31569, "name": "P", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31540, "src": "1443:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } } ], "expression": { "argumentTypes": [ { "typeIdentifier": "t_uint256", "typeString": "uint256" }, { "typeIdentifier": "t_uint256", "typeString": "uint256" }, { "typeIdentifier": "t_uint256", "typeString": "uint256" } ], "id": 31561, "name": "addmod", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 4294967294, "src": "1419:6:112", "typeDescriptions": { "typeIdentifier": "t_function_addmod_pure$_t_uint256_$_t_uint256_$_t_uint256_$returns$_t_uint256_$", "typeString": "function (uint256,uint256,uint256) pure returns (uint256)" } }, "id": 31570, "isConstant": false, "isLValue": false, "isPure": false, "kind": "functionCall", "lValueRequested": false, "nameLocations": [], "names": [], "nodeType": "FunctionCall", "src": "1419:26:112", "tryCall": false, "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "VariableDeclarationStatement", "src": "1407:38:112" }, { "condition": { "commonType": { "typeIdentifier": "t_bool", "typeString": "bool" }, "id": 31594, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "commonType": { "typeIdentifier": "t_bool", "typeString": "bool" }, "id": 31590, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "commonType": { "typeIdentifier": "t_bool", "typeString": "bool" }, "id": 31586, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "commonType": { "typeIdentifier": "t_bool", "typeString": "bool" }, "id": 31582, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "commonType": { "typeIdentifier": "t_bool", "typeString": "bool" }, "id": 31578, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "commonType": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "id": 31574, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31572, "name": "x", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31560, "src": "1460:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "BinaryOperation", "operator": ">", "rightExpression": { "id": 31573, "name": "P", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31540, "src": "1464:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "src": "1460:5:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "nodeType": "BinaryOperation", "operator": "||", "rightExpression": { "commonType": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "id": 31577, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31575, "name": "s", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31552, "src": "1469:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "BinaryOperation", "operator": ">", "rightExpression": { "id": 31576, "name": "N", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31543, "src": "1473:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "src": "1469:5:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "src": "1460:14:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "nodeType": "BinaryOperation", "operator": "||", "rightExpression": { "commonType": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "id": 31581, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31579, "name": "r", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31550, "src": "1478:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "BinaryOperation", "operator": ">", "rightExpression": { "id": 31580, "name": "N", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31543, "src": "1482:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "src": "1478:5:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "src": "1460:23:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "nodeType": "BinaryOperation", "operator": "||", "rightExpression": { "commonType": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "id": 31585, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31583, "name": "s", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31552, "src": "1487:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "BinaryOperation", "operator": "==", "rightExpression": { "hexValue": "30", "id": 31584, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "1492:1:112", "typeDescriptions": { "typeIdentifier": "t_rational_0_by_1", "typeString": "int_const 0" }, "value": "0" }, "src": "1487:6:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "src": "1460:33:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "nodeType": "BinaryOperation", "operator": "||", "rightExpression": { "commonType": { "typeIdentifier": "t_uint256", "typeString": "uint256" }, "id": 31589, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31587, "name": "r", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31550, "src": "1497:1:112", "typeDescriptions": { "typeIdentifier": "t_uint256", "typeString": "uint256" } }, "nodeType": "BinaryOperation", "operator": "==", "rightExpression": { "hexValue": "30", "id": 31588, "isConstant": false, "isLValue": false, "isPure": true, "kind": "number", "lValueRequested": false, "nodeType": "Literal", "src": "1502:1:112", "typeDescriptions": { "typeIdentifier": "t_rational_0_by_1", "typeString": "int_const 0" }, "value": "0" }, "src": "1497:6:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "src": "1460:43:112", "typeDescriptions": { "typeIdentifier": "t_bool", "typeString": "bool" } }, "nodeType": "BinaryOperation", "operator": "||", "rightExpression": { "commonType": { "typeIdentifier": "t_uint8", "typeString": "uint8" }, "id": 31593, "isConstant": false, "isLValue": false, "isPure": false, "lValueRequested": false, "leftExpression": { "id": 31591, "name": "v", "nodeType": "Identifier", "overloadedDeclarations": [], "referencedDeclaration": 31548, "src": "1507:1:112", "typeDescriptions": { "typeIdentifier": "t_uint8", "typeString": "uint8" } }, "nodeType": "BinaryOperation", "operator": ">", "rightExpression": { "hexValue": "31", "