Merge pull request #1299 from o1-labs/rot/0_64

Adds trivial support for rotation by 0 and 64 bits

kimchi/src/circuits/polynomials/rot.rs

@@ -328,8 +328,8 @@ pub fn extend_rot<F: PrimeField>(
     rot: u32,
     side: RotMode,
 ) {
-    assert!(rot < 64, "Rotation value must be less than 64");
-    assert_ne!(rot, 0, "Rotation value must be non-zero");
+    assert!(rot <= 64, "Rotation value must be less or equal than 64");
+
     let rot = if side == RotMode::Right {
         64 - rot
     } else {
@@ -343,8 +343,8 @@ pub fn extend_rot<F: PrimeField>(
     // shifted      [------] * 2^rot
     // rot    = [------|000]
     //        +        [---] excess
-    let shifted = (word as u128 * 2u128.pow(rot) % 2u128.pow(64)) as u64;
-    let excess = word / 2u64.pow(64 - rot);
+    let shifted = (word as u128) * 2u128.pow(rot) % 2u128.pow(64);
+    let excess = (word as u128) / 2u128.pow(64 - rot);
     let rotated = shifted + excess;
     // Value for the added value for the bound
     // Right input of the "FFAdd" for the bound equation

kimchi/src/tests/rot.rs

@@ -172,22 +172,20 @@ fn test_rot_random() {
     test_rot::<Pallas>(word, rot, RotMode::Right);
 }
 
-#[should_panic]
 #[test]
 // Test that a bad rotation fails as expected
 fn test_zero_rot() {
     let rng = &mut StdRng::from_seed(RNG_SEED);
     let word = rng.gen_range(0..2u128.pow(64)) as u64;
-    create_rot_witness::<Vesta>(word, 0, RotMode::Left);
+    test_rot::<Pallas>(word, 0, RotMode::Left);
 }
 
-#[should_panic]
 #[test]
 // Test that a bad rotation fails as expected
 fn test_large_rot() {
     let rng = &mut StdRng::from_seed(RNG_SEED);
     let word = rng.gen_range(0..2u128.pow(64)) as u64;
-    create_rot_witness::<Vesta>(word, 64, RotMode::Left);
+    test_rot::<Pallas>(word, 64, RotMode::Left);
 }
 
 #[test]