Skip to main content
Version: 0.12 (unstable)

Field Operations

Field operations

Miden assembly provides a set of instructions which can perform operations with raw field elements. These instructions are described in the tables below.

While most operations place no restrictions on inputs, some operations expect inputs to be binary values, and fail if executed with non-binary inputs.

For instructions where one or more operands can be provided as immediate parameters (e.g., add and add.b), we provide stack transition diagrams only for the non-immediate version. For the immediate version, it can be assumed that the operand with the specified name is not present on the stack.

Assertions and tests

InstructionStack_inputStack_outputNotes
assert
- (1 cycle)		[a, ...][...]If a=1a = 1, removes it from the stack.
Fails if a1a \ne 1
assertz
- (2 cycles)		[a, ...][...]If a=0a = 0, removes it from the stack,
Fails if a0a \ne 0
assert_eq
- (2 cycles)		[b, a, ...][...]If a=ba = b, removes them from the stack.
Fails if aba \ne b
assert_eqw
- (11 cycles)		[B, A, ...][...]If A=BA = B, removes them from the stack.
Fails if ABA \ne B

The above instructions can also be parametrized with an error message which can be specified either directly or via a named constant. For example:

u32assert.err="Division by zero"
u32assert.err=MY_CONSTANT

The message is hashed and turned into a field element. If the error code is omitted, the default value of 00 is assumed.

Arithmetic and Boolean operations

The arithmetic operations below are performed in a 64-bit prime field defined by modulus p=264232+1p = 2^{64} - 2^{32} + 1. This means that overflow happens after a value exceeds pp. Also, the result of divisions may appear counter-intuitive because divisions are defined via inversions.

InstructionStack_inputStack_outputNotes
add
- (1 cycle)
add.b
- (1-2 cycle)		[b, a, ...][c, ...]c(a+b)modpc \leftarrow (a + b) \mod p
sub
- (2 cycles)
sub.b
- (2 cycles)		[b, a, ...][c, ...]c(ab)modpc \leftarrow (a - b) \mod p
mul
- (1 cycle)
mul.b
- (2 cycles)		[b, a, ...][c, ...]c(ab)modpc \leftarrow (a \cdot b) \mod p
div
- (2 cycles)
div.b
- (2 cycles)		[b, a, ...][c, ...]c(ab1)modpc \leftarrow (a \cdot b^{-1}) \mod p
Fails if b=0b = 0
neg
- (1 cycle)		[a, ...][b, ...]bamodpb \leftarrow -a \mod p
inv
- (1 cycle)		[a, ...][b, ...]ba1modpb \leftarrow a^{-1} \mod p
Fails if a=0a = 0
pow2
- (16 cycles)		[a, ...][b, ...]b2ab \leftarrow 2^a
Fails if a>63a > 63
exp.uxx
- (9 + xx cycles)
exp.b
- (9 + log2(b) cycles)		[b, a, ...][c, ...]cabc \leftarrow a^b
Fails if xx is outside [0, 63)
exp is equivalent to exp.u64 and needs 73 cycles
ilog2
- (44 cycles)		[a, ...][b, ...]blog2ab \leftarrow \lfloor{log_2{a}}\rfloor
Fails if a=0a = 0
not
- (1 cycle)		[a, ...][b, ...]b1ab \leftarrow 1 - a
Fails if a>1a > 1
and
- (1 cycle)		[b, a, ...][c, ...]cabc \leftarrow a \cdot b
Fails if max(a,b)>1max(a, b) > 1
or
- (1 cycle)		[b, a, ...][c, ...]ca+babc \leftarrow a + b - a \cdot b
Fails if max(a,b)>1max(a, b) > 1
xor
- (7 cycles)		[b, a, ...][c, ...]ca+b2abc \leftarrow a + b - 2 \cdot a \cdot b
Fails if max(a,b)>1max(a, b) > 1

Comparison operations

InstructionStack_inputStack_outputNotes
eq
- (1 cycle)
eq.b
- (1-2 cycles)		[b, a, ...][c, ...]c{1,if a=b0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a=b 0, & \text{otherwise}\ \end{cases}
neq
- (2 cycle)
neq.b
- (2-3 cycles)		[b, a, ...][c, ...]c{1,if ab0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a \ne b 0, & \text{otherwise}\ \end{cases}
lt
- (14 cycles)
lt.b
- (15 cycles)		[b, a, ...][c, ...]c{1,if a<b0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a < b 0, & \text{otherwise}\ \end{cases}
lte
- (15 cycles)
lte.b
- (16 cycles)		[b, a, ...][c, ...]c{1,if ab0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a \le b 0, & \text{otherwise}\ \end{cases}
gt
- (15 cycles)
gt.b
- (16 cycles)		[b, a, ...][c, ...]c{1,if a>b0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a > b 0, & \text{otherwise}\ \end{cases}
gte
- (16 cycles)
gte.b
- (17 cycles)		[b, a, ...][c, ...]c{1,if ab0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a \ge b 0, & \text{otherwise}\ \end{cases}
is_odd
- (5 cycles)		[a, ...][b, ...]b{1,if a is odd0,otherwise b \leftarrow \begin{cases} 1, & \text{if}\ a \text{ is odd} 0, & \text{otherwise}\ \end{cases}
eqw
- (15 cycles)		[A, B, ...][c, A, B, ...]c{1,if ai=bi  i{0,1,2,3}0,otherwise c \leftarrow \begin{cases} 1, & \text{if}\ a_i = b_i \; \forall i \in \{0, 1, 2, 3\} 0, & \text{otherwise}\ \end{cases}

Extension Field Operations

All operations in this section are defined over the quadratic extension field Fp[x]/(x2x+2)\mathbb{F}_p[x] / (x^2 - x + 2), with modulus p=264232+1p = 2^{64} - 2^{32} + 1.

InstructionStack_inputStack_outputNotes
ext2add
- (5 cycles)
[b1, b0, a1, a0, ...][c1, c0, ...]c1(a1+b1)modpc1 \leftarrow (a1 + b1) \mod p and
c0(a0+b0)modpc0 \leftarrow (a0 + b0) \mod p
ext2sub
- (7 cycles)
[b1, b0, a1, a0, ...][c1, c0, ...]c1(a1b1)modpc1 \leftarrow (a1 - b1) \mod p and
c0(a0b0)modpc0 \leftarrow (a0 - b0) \mod p
ext2mul
- (3 cycles)
[b1, b0, a1, a0, ...][c1, c0, ...]c1(a0+a1)(b0+b1)a0b0modpc1 \leftarrow (a0 + a1)(b0 + b1) - a0b0 \mod p and
c0a0b02a1b1modpc0 \leftarrow a0b0 - 2a1b1 \mod p
ext2neg
- (4 cycles)
[a1, a0, ...][a1', a0', ...]a1a1a1' \leftarrow -a1 and a0a0a0' \leftarrow -a0
ext2inv
- (8 cycles)
[a1, a0, ...][a1', a0', ...]aa1a' \leftarrow a^{-1} in Fp[x]/(x2x+2)\mathbb{F}_p[x]/(x^2 - x + 2)
Fails if a=0a = 0
ext2div
- (11 cycles)
[b1, b0, a1, a0, ...][c1, c0,]cab1c \leftarrow a \cdot b^{-1} in Fp[x]/(x2x+2)\mathbb{F}_p[x]/(x^2 - x + 2)
Fails if b=0b=0