From f2cf1a739f92c368738ccc48528aeeca2df4d453 Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Mon, 12 Jan 2026 20:21:44 +0200
Subject: [PATCH 1/7] nogmp: remove GMP

---
 c/alt_bn128_test.cpp | 478 -------------------------------------------
 c/fft.cpp            | 194 +++++++++---------
 c/wtns_utils.cpp     |  22 +-
 c/wtns_utils.hpp     |  10 +-
 c/zkey_utils.cpp     |  37 ++--
 c/zkey_utils.hpp     |   8 +-
 tasksfile.js         |  22 --
 7 files changed, 150 insertions(+), 621 deletions(-)
 delete mode 100644 c/alt_bn128_test.cpp

diff --git a/c/alt_bn128_test.cpp b/c/alt_bn128_test.cpp
deleted file mode 100644
index ddcc5ad..0000000
--- a/c/alt_bn128_test.cpp
+++ /dev/null
@@ -1,478 +0,0 @@
-#include <gmp.h>
-#include <iostream>
-
-#include "gtest/gtest.h"
-#include "alt_bn128.hpp"
-#include "fft.hpp"
-
-using namespace AltBn128;
-
-namespace {
-
-TEST(altBn128, f2_simpleMul) {
-
-    F2Element e1;
-    F2.fromString(e1, "(2,2)");
-
-    F2Element e2;
-    F2.fromString(e2, "(3,3)");
-
-    F2Element e3;
-    F2.mul(e3, e1, e2);
-
-    F2Element e33;
-    F2.fromString(e33, "(0,12)");
-
-    // std::cout << F2.toString(e3) << std::endl;
-
-    ASSERT_TRUE(F2.eq(e3, e33));
-}
-
-TEST(altBn128, f6_mulDiv) {
-    F6Element a;
-    F6.fromString(a, "((1,2),(3,4),(5,6))");
-
-    F6Element b;
-    F6.fromString(b, "((12,11),(10,9),(8,7))");
-
-    F6Element c,d;
-
-    F6.mul(c,a,b);
-    F6.div(d,c,b);
-
-    ASSERT_TRUE(F6.eq(a,d));
-}
-
-TEST(altBn128, f6_inv) {
-    F6Element a;
-    F6.fromString(a, "((239487238491,2356249827341),"
-                     "(082659782,182703523765),"
-                     "(978236549263,64893242))");
-
-    F6Element inv;
-    F6.inv(inv, a);
-
-    F6Element b;
-    F6.mul(b, inv, a);
-
-    ASSERT_TRUE(F6.isOne(b));
-}
-
-TEST(altBn128, f12_mulDiv) {
-    F12Element a;
-    F12.fromString(a, "(((1,2),(3,4),(5,6)),((7,8),(9,10),(11,12)))");
-
-    F12Element b;
-    F12.fromString(b, "(((12,11),(10,9),(8,7)),((6,5),(4,3),(2,1)))");
-
-    F12Element c,d;
-
-    F12.mul(c,a,b);
-    F12.div(d,c,b);
-
-    ASSERT_TRUE(F12.eq(a,d));
-}
-
-TEST(altBn128, f12_inv) {
-    F12Element a;
-    F12.fromString(a,
-                   "(((239846234862342323958623,2359862352529835623),"
-                     "(928836523,9856234),"
-                     "(235635286,5628392833)),"
-                    "((252936598265329856238956532167968,23596239865236954178968),"
-                     "(95421692834,236548),"
-                     "(924523,12954623)))" );
-
-    F12Element inv;
-    F12.inv(inv, a);
-
-    F12Element b;
-    F12.mul(b, inv, a);
-
-    ASSERT_TRUE(F12.isOne(b));
-}
-
-TEST(altBn128, g1_PlusZero) {
-    G1Point p1;
-
-    G1.add(p1, G1.one(), G1.zero());
-
-    ASSERT_TRUE(G1.eq(p1, G1.one()));
-}
-
-TEST(altBn128, g1_minus_g1) {
-    G1Point p1;
-
-    G1.sub(p1, G1.one(), G1.one());
-
-    ASSERT_TRUE(G1.isZero(p1));
-}
-
-TEST(altBn128, g1_times_4) {
-    G1Point p1;
-    G1.add(p1, G1.one(), G1.one());
-    G1.add(p1, p1, G1.one());
-    G1.add(p1, p1, G1.one());
-
-    G1Point p2;
-    G1.dbl(p2, G1.one());
-    G1.dbl(p2, p2);
-
-    ASSERT_TRUE(G1.eq(p1,p2));
-}
-
-
-TEST(altBn128, g1_times_3) {
-    G1Point p1;
-    G1.add(p1, G1.one(), G1.one());
-    G1.add(p1, p1, G1.one());
-
-    G1Point p2;
-    G1.dbl(p2, G1.one());
-    G1.dbl(p2, p2);
-    G1.sub(p2, p2, G1.one());
-
-    ASSERT_TRUE(G1.eq(p1,p2));
-}
-
-TEST(altBn128, g1_times_3_exp) {
-    G1Point p1;
-    G1.add(p1, G1.one(), G1.one());
-    G1.add(p1, p1, G1.one());
-
-    mpz_t e;
-    mpz_init_set_str(e, "3", 10);
-
-    uint8_t scalar[32];
-    for (int i=0;i<32;i++) scalar[i] = 0;
-    mpz_export((void *)scalar, NULL, -1, 8, -1, 0, e);
-    mpz_clear(e);
-
-    G1Point p2;
-    G1.mulByScalar(p2, G1.one(), scalar, 32);
-
-    ASSERT_TRUE(G1.eq(p1,p2));
-}
-
-TEST(altBn128, g1_times_5) {
-    G1Point p1;
-    G1.dbl(p1, G1.one());
-    G1.dbl(p1, p1);
-    G1.add(p1, p1, p1);
-
-    G1Point p2;
-    G1Point p3;
-    G1Point p4;
-    G1Point p5;
-    G1Point p6;
-    G1.dbl(p2, G1.one());
-    G1.dbl(p3, p2);
-    G1.dbl(p4, G1.one());
-    G1.dbl(p5, p4);
-    G1.add(p6, p3, p5);
-
-    ASSERT_TRUE(G1.eq(p1,p6));
-}
-
-TEST(altBn128, g1_times_65_exp) {
-
-    G1Point p1;
-    G1.dbl(p1, G1.one());
-    G1.dbl(p1, p1);
-    G1.dbl(p1, p1);
-    G1.dbl(p1, p1);
-    G1.dbl(p1, p1);
-    G1.dbl(p1, p1);
-    G1.add(p1, p1, G1.one());
-
-    mpz_t e;
-    mpz_init_set_str(e, "65", 10);
-
-    uint8_t scalar[32];
-    for (int i=0;i<32;i++) scalar[i] = 0;
-    mpz_export((void *)scalar, NULL, -1, 8, -1, 0, e);
-    mpz_clear(e);
-
-    G1Point p2;
-    G1.mulByScalar(p2, G1.one(), scalar, 32);
-
-    ASSERT_TRUE(G1.eq(p1,p2));
-}
-
-TEST(altBn128, g1_expToOrder) {
-    mpz_t e;
-    mpz_init_set_str(e, "21888242871839275222246405745257275088548364400416034343698204186575808495617", 10);
-
-    uint8_t scalar[32];
-
-    for (int i=0;i<32;i++) scalar[i] = 0;
-    mpz_export((void *)scalar, NULL, -1, 8, -1, 0, e);
-    mpz_clear(e);
-
-    G1Point p1;
-
-    G1.mulByScalar(p1, G1.one(), scalar, 32);
-
-    ASSERT_TRUE(G1.isZero(p1));
-}
-
-TEST(altBn128, g2_expToOrder) {
-    mpz_t e;
-    mpz_init_set_str(e, "21888242871839275222246405745257275088548364400416034343698204186575808495617", 10);
-
-    uint8_t scalar[32];
-
-    for (int i=0;i<32;i++) scalar[i] = 0;
-    mpz_export((void *)scalar, NULL, -1, 8, -1, 0, e);
-    mpz_clear(e);
-
-    Curve<F2Field<RawFq>>::Point p1;
-
-    G2.mulByScalar(p1, G2.one(), scalar, 32);
-
-    ASSERT_TRUE(G2.isZero(p1));
-}
-
-TEST(altBn128, multiExp) {
-
-    int NMExp = 40000;
-
-    typedef uint8_t Scalar[32];
-
-    Scalar *scalars = new Scalar[NMExp];
-    G1PointAffine *bases = new G1PointAffine[NMExp];
-
-    uint64_t acc=0;
-    for (int i=0; i<NMExp; i++) {
-        if (i==0) {
-            G1.copy(bases[0], G1.one());
-        } else {
-            G1.add(bases[i], bases[i-1], G1.one());
-        }
-        for (int j=0; j<32; j++) scalars[i][j] = 0;
-        *(int *)&scalars[i][0] = i+1;
-        acc += (i+1)*(i+1);
-    }
-
-    G1Point p1;
-    G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, 32, NMExp);
-
-    mpz_t e;
-    mpz_init_set_ui(e, acc);
-
-    Scalar sAcc;
-
-    for (int i=0;i<32;i++) sAcc[i] = 0;
-    mpz_export((void *)sAcc, NULL, -1, 8, -1, 0, e);
-    mpz_clear(e);
-
-    G1Point p2;
-    G1.mulByScalar(p2, G1.one(), sAcc, 32);
-
-    ASSERT_TRUE(G1.eq(p1, p2));
-
-    delete[] bases;
-    delete[] scalars;
-}
-
-TEST(altBn128, multiExpMSM) {
-
-    int NMExp = 40000;
-
-    typedef uint8_t Scalar[32];
-
-    Scalar *scalars = new Scalar[NMExp];
-    G1PointAffine *bases = new G1PointAffine[NMExp];
-
-    uint64_t acc=0;
-    for (int i=0; i<NMExp; i++) {
-        if (i==0) {
-            G1.copy(bases[0], G1.one());
-        } else {
-            G1.add(bases[i], bases[i-1], G1.one());
-        }
-        for (int j=0; j<32; j++) scalars[i][j] = 0;
-        *(int *)&scalars[i][0] = i+1;
-        acc += (i+1)*(i+1);
-    }
-
-    G1Point p1;
-    G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, 32, NMExp);
-
-    mpz_t e;
-    mpz_init_set_ui(e, acc);
-
-    Scalar sAcc;
-
-    for (int i=0;i<32;i++) sAcc[i] = 0;
-    mpz_export((void *)sAcc, NULL, -1, 8, -1, 0, e);
-    mpz_clear(e);
-
-    G1Point p2;
-    G1.mulByScalar(p2, G1.one(), sAcc, 32);
-
-    ASSERT_TRUE(G1.eq(p1, p2));
-
-    delete[] bases;
-    delete[] scalars;
-}
-
-TEST(altBn128, multiExp2) {
-
-    int NMExp = 2;
-
-    AltBn128::FrElement *scalars = new AltBn128::FrElement[NMExp];
-    G1PointAffine *bases = new G1PointAffine[NMExp];
-
-    F1.fromString(bases[0].x, "1626275109576878988287730541908027724405348106427831594181487487855202143055");
-    F1.fromString(bases[0].y, "18706364085805828895917702468512381358405767972162700276238017959231481018884");
-    F1.fromString(bases[1].x, "17245156998235704504461341147511350131061011207199931581281143511105381019978");
-    F1.fromString(bases[1].y, "3858908536032228066651712470282632925312300188207189106507111128103204506804");
-
-    Fr.fromString(scalars[0], "1");
-    Fr.fromString(scalars[1], "20187316456970436521602619671088988952475789765726813868033071292105413408473");
-    Fr.fromMontgomery(scalars[0], scalars[0]);
-    Fr.fromMontgomery(scalars[1], scalars[1]);
-
-    G1Point r;
-    G1PointAffine ra;
-    G1PointAffine ref;
-
-    F1.fromString(ref.x, "9163953212624378696742080269971059027061360176019470242548968584908855004282");
-    F1.fromString(ref.y, "20922060990592511838374895951081914567856345629513259026540392951012456141360");
-
-    G1.multiMulByScalar(r, bases, (uint8_t *)scalars, 32, 2);
-    G1.copy(ra, r);
-
-    // std::cout << G1.toString(r, 10);
-
-    ASSERT_TRUE(G1.eq(ra, ref));
-
-    delete[] bases;
-    delete[] scalars;
-}
-
-TEST(altBn128, multiExp2MSM) {
-
-    int NMExp = 2;
-
-    AltBn128::FrElement *scalars = new AltBn128::FrElement[NMExp];
-    G1PointAffine *bases = new G1PointAffine[NMExp];
-
-    F1.fromString(bases[0].x, "1626275109576878988287730541908027724405348106427831594181487487855202143055");
-    F1.fromString(bases[0].y, "18706364085805828895917702468512381358405767972162700276238017959231481018884");
-    F1.fromString(bases[1].x, "17245156998235704504461341147511350131061011207199931581281143511105381019978");
-    F1.fromString(bases[1].y, "3858908536032228066651712470282632925312300188207189106507111128103204506804");
-
-    Fr.fromString(scalars[0], "1");
-    Fr.fromString(scalars[1], "20187316456970436521602619671088988952475789765726813868033071292105413408473");
-    Fr.fromMontgomery(scalars[0], scalars[0]);
-    Fr.fromMontgomery(scalars[1], scalars[1]);
-
-    G1Point r;
-    G1PointAffine ra;
-    G1PointAffine ref;
-
-    F1.fromString(ref.x, "9163953212624378696742080269971059027061360176019470242548968584908855004282");
-    F1.fromString(ref.y, "20922060990592511838374895951081914567856345629513259026540392951012456141360");
-
-    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, 32, 2);
-    G1.copy(ra, r);
-
-    // std::cout << G1.toString(r, 10);
-
-    ASSERT_TRUE(G1.eq(ra, ref));
-
-    delete[] bases;
-    delete[] scalars;
-}
-
-TEST(altBn128, multiExp8MSM) {
-
-    int NMExp = 8;
-
-    AltBn128::FrElement *scalars = new AltBn128::FrElement[NMExp];
-    G1PointAffine *bases = new G1PointAffine[NMExp];
-
-    F1.fromString(bases[0].x, "1");
-    F1.fromString(bases[0].y, "2");
-    F1.fromString(bases[1].x, "1368015179489954701390400359078579693043519447331113978918064868415326638035");
-    F1.fromString(bases[1].y, "9918110051302171585080402603319702774565515993150576347155970296011118125764");
-    F1.fromString(bases[2].x, "3353031288059533942658390886683067124040920775575537747144343083137631628272");
-    F1.fromString(bases[2].y, "19321533766552368860946552437480515441416830039777911637913418824951667761761");
-    F1.fromString(bases[3].x, "10744596414106452074759370245733544594153395043370666422502510773307029471145");
-    F1.fromString(bases[3].y, "848677436511517736191562425154572367705380862894644942948681172815252343932");
-    F1.fromString(bases[4].x, "10415861484417082502655338383609494480414113902179649885744799961447382638712");
-    F1.fromString(bases[4].y, "10196215078179488638353184030336251401353352596818396260819493263908881608606");
-    F1.fromString(bases[5].x, "4444740815889402603535294170722302758225367627362056425101568584910268024244");
-    F1.fromString(bases[5].y, "10537263096529483164618820017164668921386457028564663708352735080900270541420");
-    F1.fromString(bases[6].x, "12852522211178622728088728121177131998585782282560100422041774753646305409836");
-    F1.fromString(bases[6].y, "15918672909255108529698304535345707578139606904951176064731093256171019744261");
-    F1.fromString(bases[7].x, "5841054468380737358126901601208759440531393618333695939860021859990434602332");
-    F1.fromString(bases[7].y, "14496198492936799798866613472708085382638873795843716312315177042738122955744");
-
-    Fr.fromString(scalars[0], "1");
-    Fr.fromString(scalars[1], "4");
-    Fr.fromString(scalars[2], "4");
-    Fr.fromString(scalars[3], "4");
-    Fr.fromString(scalars[4], "8");
-    Fr.fromString(scalars[5], "10");
-    Fr.fromString(scalars[6], "1");
-    Fr.fromString(scalars[7], "5");
-    Fr.fromMontgomery(scalars[0], scalars[0]);
-    Fr.fromMontgomery(scalars[1], scalars[1]);
-    Fr.fromMontgomery(scalars[2], scalars[2]);
-    Fr.fromMontgomery(scalars[3], scalars[3]);
-    Fr.fromMontgomery(scalars[4], scalars[4]);
-    Fr.fromMontgomery(scalars[5], scalars[5]);
-    Fr.fromMontgomery(scalars[6], scalars[6]);
-    Fr.fromMontgomery(scalars[7], scalars[7]);
-
-    G1Point r;
-    G1PointAffine ra;
-    G1PointAffine ref;
-
-    F1.fromString(ref.x, "17747920359253913546551417160303297937542312574889904290131615776238588901697");
-    F1.fromString(ref.y, "8815119438581789680513912776342567599606944899217792926373871775002956510503");
-
-    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, 32, NMExp);
-    G1.copy(ra, r);
-
-    // std::cout << G1.toString(r, 10);
-
-    ASSERT_TRUE(G1.eq(ra, ref));
-
-    delete[] bases;
-    delete[] scalars;
-}
-
-TEST(altBn128, fft) {
-    int NMExp = 1<<10;
-
-    AltBn128::FrElement *a = new AltBn128::FrElement[NMExp];
-
-    for (int i=0; i<NMExp; i++) {
-        Fr.fromUI(a[i], i+1);
-    }
-
-    FFT<typename Engine::Fr> fft(NMExp);
-
-    fft.fft(a, NMExp);
-    fft.ifft(a, NMExp);
-
-    AltBn128::FrElement aux;
-    for (int i=0; i<NMExp; i++) {
-        Fr.fromUI(aux, i+1);
-        ASSERT_TRUE(Fr.eq(a[i], aux));
-    }
-
-    delete[] a;
-}
-
-
-}  // namespace
-
-int main(int argc, char **argv) {
-  ::testing::InitGoogleTest(&argc, argv);
-  return RUN_ALL_TESTS();
-}
diff --git a/c/fft.cpp b/c/fft.cpp
index c557ae0..9152687 100644
--- a/c/fft.cpp
+++ b/c/fft.cpp
@@ -1,11 +1,13 @@
 #include <thread>
 #include <vector>
+#include <stdexcept>
+#include <cstdint>
+#include <cstring>
+
 #include "misc.hpp"
 
 using namespace std;
 
-// The function we want to execute on the new thread.
-
 template <typename Field>
 u_int32_t FFT<Field>::log2(u_int64_t n) {
     assert(n!=0);
@@ -28,6 +30,36 @@ static inline u_int64_t BR(u_int64_t x, u_int64_t domainPow)
 
 #define ROOT(s,j) (rootsOfUnit[(1<<(s))+(j)])
 
+template <size_t N64>
+static inline void shr_words(uint64_t (&out)[N64], const uint64_t (&in)[N64], u_int32_t shift) {
+    if (shift == 0) {
+        for (size_t i = 0; i < N64; i++) out[i] = in[i];
+        return;
+    }
+    const u_int32_t wordShift = shift / 64;
+    const u_int32_t bitShift  = shift % 64;
+
+    for (size_t i = 0; i < N64; i++) out[i] = 0;
+
+    for (size_t i = wordShift; i < N64; i++) {
+        uint64_t low = in[i];
+        uint64_t hi  = (i + 1 < N64) ? in[i + 1] : 0;
+
+        if (bitShift == 0) {
+            out[i - wordShift] = low;
+        } else {
+            out[i - wordShift] = (low >> bitShift) | (hi << (64 - bitShift));
+        }
+    }
+}
+
+template <size_t N64>
+static inline void shr_words_inplace(uint64_t (&a)[N64], u_int32_t shift) {
+    uint64_t tmp[N64];
+    shr_words(tmp, a, shift);
+    for (size_t i = 0; i < N64; i++) a[i] = tmp[i];
+}
+
 template <typename Field>
 FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     : threadPool(ThreadPool::defaultPool())
@@ -36,82 +68,95 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
 
     u_int32_t domainPow = log2(maxDomainSize);
 
-    mpz_t m_qm1d2;
-    mpz_t m_q;
-    mpz_t m_nqr;
-    mpz_t m_aux;
-    mpz_init(m_qm1d2);
-    mpz_init(m_q);
-    mpz_init(m_nqr);
-    mpz_init(m_aux);
-
-    f.toMpz(m_aux, f.negOne());     
-
-    mpz_add_ui(m_q, m_aux, 1);
-    mpz_fdiv_q_2exp(m_qm1d2, m_aux, 1);
-
-    mpz_set_ui(m_nqr, 2);
-    mpz_powm(m_aux, m_nqr, m_qm1d2, m_q);
-    while (mpz_cmp_ui(m_aux, 1) == 0) {
-        mpz_add_ui(m_nqr, m_nqr, 1);
-        mpz_powm(m_aux, m_nqr, m_qm1d2, m_q);
+#if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__)
+    static_assert(__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__,
+                  "This FFT exp-cast expects little-endian machine layout.");
+#endif
+
+    // qm1_norm = q-1 in NORMAL (non-montgomery) representation
+    Element qm1_norm;
+    f.fromMontgomery(qm1_norm, f.negOne());
+
+    uint64_t qm1_words[Field::N64];
+    std::memcpy(qm1_words, (const void*)qm1_norm.v, sizeof(qm1_words));
+
+    // qm1d2 = (q-1)/2
+    uint64_t qm1d2_words[Field::N64];
+    shr_words(qm1d2_words, qm1_words, 1);
+
+    // find nqr: cand^((q-1)/2) != 1
+    Element cand, res;
+    uint64_t cand_ui = 2;
+    for (;;) {
+        f.fromUI(cand, cand_ui);
+        f.exp(res, cand,
+              reinterpret_cast<uint8_t*>(qm1d2_words),
+              (unsigned)sizeof(qm1d2_words));
+        if (!f.eq(res, f.one())) {
+            f.copy(nqr, cand);
+            break;
+        }
+        cand_ui++;
     }
 
-    f.fromMpz(nqr, m_nqr);
-
-    // std::cout << "nqr: " << f.toString(nqr) << std::endl;
+    // aux_words starts from (q-1)/2 and we divide by 2 until we reach domainPow
+    // so at the end: aux_words = (q-1)/2^domainPow
+    uint64_t aux_words[Field::N64];
+    for (size_t i = 0; i < (size_t)Field::N64; i++) aux_words[i] = qm1d2_words[i];
 
-    s = 1;
-    mpz_set(m_aux, m_qm1d2);
-    while ((!mpz_tstbit(m_aux, 0))&&(s<domainPow)) {
-        mpz_fdiv_q_2exp(m_aux, m_aux, 1);
-        s++;
+    u_int32_t s_tmp = 1;
+    while (s_tmp < domainPow) {
+        if (aux_words[0] & 1ULL) break;      // odd => stop
+        shr_words_inplace(aux_words, 1);
+        s_tmp++;
     }
 
-    if (s<domainPow) {
+    if (s_tmp < domainPow) {
         throw std::range_error("Domain size too big for the curve");
     }
 
-    uint64_t nRoots = 1LL << s;
+    s = s_tmp;
+    uint64_t nRoots = 1ULL << s;
 
     roots = new Element[nRoots];
-    powTwoInv = new Element[s+1];
+    powTwoInv = new Element[s + 1];
 
     f.copy(roots[0], f.one());
     f.copy(powTwoInv[0], f.one());
-    if (nRoots>1) {
-        mpz_powm(m_aux, m_nqr, m_aux, m_q);
-        f.fromMpz(roots[1], m_aux);
 
-        mpz_set_ui(m_aux, 2);
-        mpz_invert(m_aux, m_aux, m_q);
-        f.fromMpz(powTwoInv[1], m_aux);
+    if (nRoots > 1) {
+        // primitive 2^s root of unity: roots[1] = nqr^(aux_words)
+        f.exp(roots[1], nqr,
+              reinterpret_cast<uint8_t*>(aux_words),
+              (unsigned)sizeof(aux_words));
+
+        // powTwoInv[1] = 1/2
+        Element two;
+        f.fromUI(two, 2);
+        f.inv(powTwoInv[1], two);
     }
 
     threadPool.parallelBlock([&] (uint64_t nThreads, uint64_t idThread) {
-
         uint64_t increment = nRoots / nThreads;
         uint64_t start = idThread==0 ? 2 : idThread * increment;
         uint64_t end   = idThread==nThreads-1 ? nRoots : (idThread+1) * increment;
-        if (end>start) {
+
+        if (end > start) {
+            // roots[start] = roots[1]^start
             f.exp(roots[start], roots[1], (uint8_t *)(&start), sizeof(start));
         }
-        for (uint64_t i=start+1; i<end; i++) {
+        for (uint64_t i = start + 1; i < end; i++) {
             f.mul(roots[i], roots[i-1], roots[1]);
         }
     });
+
     Element aux;
-    f.mul(aux, roots[nRoots-1], roots[1] );
+    f.mul(aux, roots[nRoots - 1], roots[1]);
     assert(f.eq(aux, f.one()));
 
-    for (uint64_t i=2; i<=s; i++) {
+    for (uint64_t i = 2; i <= s; i++) {
         f.mul(powTwoInv[i], powTwoInv[i-1], powTwoInv[1]);
     }
-
-    mpz_clear(m_qm1d2);
-    mpz_clear(m_q);
-    mpz_clear(m_nqr);
-    mpz_clear(m_aux);
 }
 
 template <typename Field>
@@ -120,41 +165,6 @@ FFT<Field>::~FFT() {
     delete[] powTwoInv;
 }
 
-/*
-template <typename Field>
-void FFT<Field>::reversePermutationInnerLoop(Element *a, u_int64_t from, u_int64_t to, u_int32_t domainPow) {
-    Element tmp;
-    for (u_int64_t i=from; i<to; i++) {
-        u_int64_t r = BR(i, domainPow);
-        if (i>r) {
-            f.copy(tmp, a[i]);
-            f.copy(a[i], a[r]);
-            f.copy(a[r], tmp);
-        }
-    }
-}
-
-
-template <typename Field>
-void FFT<Field>::reversePermutation(Element *a, u_int64_t n) {
-    int domainPow = log2(n);
-    std::vector<std::thread> threads(nThreads-1);
-    u_int64_t increment = n / nThreads;
-    if (increment) {
-        for (u_int64_t i=0; i<nThreads-1; i++) {
-            threads[i] = std::thread (&FFT<Field>::reversePermutationInnerLoop, this, a, i*increment, (i+1)*increment, domainPow);
-        }
-    }
-    reversePermutationInnerLoop(a, (nThreads-1)*increment, n, domainPow);
-    if (increment) {
-        for (u_int32_t i=0; i<nThreads-1; i++) {
-            if (threads[i].joinable()) threads[i].join();
-        }
-    }
-}
-*/
-
-
 template <typename Field>
 void FFT<Field>::reversePermutation(Element *a, u_int64_t n) {
     int domainPow = log2(n);
@@ -172,25 +182,25 @@ void FFT<Field>::reversePermutation(Element *a, u_int64_t n) {
     });
 }
 
-
 template <typename Field>
 void FFT<Field>::fft(Element *a, u_int64_t n) {
     reversePermutation(a, n);
-    u_int64_t domainPow =log2(n);
+    u_int64_t domainPow = log2(n);
     assert(((u_int64_t)1 << domainPow) == n);
+
     for (u_int32_t s=1; s<=domainPow; s++) {
         u_int64_t m = 1 << s;
         u_int64_t mdiv2 = m >> 1;
 
         threadPool.parallelFor(0, (n>>1), [&] (int begin, int end, int numThread) {
-            for (u_int64_t i=begin; i< end; i++) {
+            for (u_int64_t i=begin; i< (u_int64_t)end; i++) {
                 Element t;
                 Element u;
                 u_int64_t k=(i/mdiv2)*m;
                 u_int64_t j=i%mdiv2;
 
                 f.mul(t, root(s, j), a[k+j+mdiv2]);
-                f.copy(u,a[k+j]);
+                f.copy(u, a[k+j]);
                 f.add(a[k+j], t, u);
                 f.sub(a[k+j+mdiv2], u, t);
             }
@@ -201,11 +211,11 @@ void FFT<Field>::fft(Element *a, u_int64_t n) {
 template <typename Field>
 void FFT<Field>::ifft(Element *a, u_int64_t n ) {
     fft(a, n);
-    u_int64_t domainPow =log2(n);
-    u_int64_t nDiv2= n >> 1; 
+    u_int64_t domainPow = log2(n);
+    u_int64_t nDiv2= n >> 1;
 
     threadPool.parallelFor(1, nDiv2, [&] (int begin, int end, int numThread) {
-        for (u_int64_t i=begin; i<end; i++) {
+        for (u_int64_t i=begin; i<(u_int64_t)end; i++) {
             Element tmp;
             u_int64_t r = n-i;
             f.copy(tmp, a[i]);
@@ -213,12 +223,11 @@ void FFT<Field>::ifft(Element *a, u_int64_t n ) {
             f.mul(a[r], tmp, powTwoInv[domainPow]);
         }
     });
+
     f.mul(a[0], a[0], powTwoInv[domainPow]);
     f.mul(a[n >> 1], a[n >> 1], powTwoInv[domainPow]);
 }
 
-
-
 template <typename Field>
 void FFT<Field>::printVector(Element *a, u_int64_t n ) {
     cout << "[" << endl;
@@ -227,4 +236,3 @@ void FFT<Field>::printVector(Element *a, u_int64_t n ) {
     }
     cout << "]" << endl;
 }
-
diff --git a/c/wtns_utils.cpp b/c/wtns_utils.cpp
index 2301c3a..a70bf07 100644
--- a/c/wtns_utils.cpp
+++ b/c/wtns_utils.cpp
@@ -2,26 +2,30 @@
 
 namespace WtnsUtils {
 
-Header::Header() {
+Header::Header()
+    : n8(0),
+      nVars(0)
+{
 }
 
-Header::~Header() {
-    mpz_clear(prime);
-}
+Header::~Header() = default;
 
 std::unique_ptr<Header> loadHeader(BinFileUtils::BinFile *f) {
-    Header *h = new Header();
+    std::unique_ptr<Header> h(new Header());
+
     f->startReadSection(1);
 
     h->n8 = f->readU32LE();
-    mpz_init(h->prime);
-    mpz_import(h->prime, h->n8, -1, 1, -1, 0, f->read(h->n8));
+    {
+        const uint8_t* p = reinterpret_cast<const uint8_t*>(f->read(h->n8));
+        h->prime.assign(p, p + h->n8);
+    }
 
     h->nVars = f->readU32LE();
 
     f->endReadSection();
 
-    return std::unique_ptr<Header>(h);
+    return h;
 }
 
-} // NAMESPACE
\ No newline at end of file
+} // namespace WtnsUtils
diff --git a/c/wtns_utils.hpp b/c/wtns_utils.hpp
index 70aebc2..1766b2e 100644
--- a/c/wtns_utils.hpp
+++ b/c/wtns_utils.hpp
@@ -1,7 +1,9 @@
 #ifndef WTNS_UTILS
 #define WTNS_UTILS
 
-#include <gmp.h>
+#include <cstdint>
+#include <memory>
+#include <vector>
 
 #include "binfile_utils.hpp"
 
@@ -10,7 +12,7 @@ namespace WtnsUtils {
     class Header {
     public:
         u_int32_t n8;
-        mpz_t prime;
+        std::vector<uint8_t> prime;
 
         u_int32_t nVars;
 
@@ -20,6 +22,6 @@ namespace WtnsUtils {
 
     std::unique_ptr<Header> loadHeader(BinFileUtils::BinFile *f);
 
-}
+} // namespace WtnsUtils
 
-#endif // ZKEY_UTILS_H
\ No newline at end of file
+#endif // WTNS_UTILS
diff --git a/c/zkey_utils.cpp b/c/zkey_utils.cpp
index 52a5629..f8ecbbf 100644
--- a/c/zkey_utils.cpp
+++ b/c/zkey_utils.cpp
@@ -1,17 +1,26 @@
-
 #include "zkey_utils.hpp"
 
-namespace ZKeyUtils {
-
+#include <stdexcept>
 
-Header::Header() {
-}
+namespace ZKeyUtils {
 
-Header::~Header() {
-    mpz_clear(qPrime);
-    mpz_clear(rPrime);
+Header::Header()
+    : n8q(0),
+      n8r(0),
+      nVars(0),
+      nPublic(0),
+      domainSize(0),
+      nCoefs(0),
+      vk_alpha1(nullptr),
+      vk_beta1(nullptr),
+      vk_beta2(nullptr),
+      vk_gamma2(nullptr),
+      vk_delta1(nullptr),
+      vk_delta2(nullptr)
+{
 }
 
+Header::~Header() = default;
 
 std::unique_ptr<Header> loadHeader(BinFileUtils::BinFile *f) {
     auto h = new Header();
@@ -26,12 +35,16 @@ std::unique_ptr<Header> loadHeader(BinFileUtils::BinFile *f) {
     f->startReadSection(2);
 
     h->n8q = f->readU32LE();
-    mpz_init(h->qPrime);
-    mpz_import(h->qPrime, h->n8q, -1, 1, -1, 0, f->read(h->n8q));
+    {
+        const uint8_t* p = reinterpret_cast<const uint8_t*>(f->read(h->n8q));
+        h->qPrime.assign(p, p + h->n8q);
+    }
 
     h->n8r = f->readU32LE();
-    mpz_init(h->rPrime);
-    mpz_import(h->rPrime, h->n8r , -1, 1, -1, 0, f->read(h->n8r));
+    {
+        const uint8_t* p = reinterpret_cast<const uint8_t*>(f->read(h->n8r));
+        h->rPrime.assign(p, p + h->n8r);
+    }
 
     h->nVars = f->readU32LE();
     h->nPublic = f->readU32LE();
diff --git a/c/zkey_utils.hpp b/c/zkey_utils.hpp
index 5bd5e67..f3503d0 100644
--- a/c/zkey_utils.hpp
+++ b/c/zkey_utils.hpp
@@ -1,8 +1,9 @@
 #ifndef ZKEY_UTILS_H
 #define ZKEY_UTILS_H
 
-#include <gmp.h>
 #include <memory>
+#include <vector>
+#include <cstdint>
 
 #include "binfile_utils.hpp"
 
@@ -13,9 +14,10 @@ namespace ZKeyUtils {
 
     public:
         u_int32_t n8q;
-        mpz_t qPrime;
+        std::vector<uint8_t> qPrime;
+
         u_int32_t n8r;
-        mpz_t rPrime;
+        std::vector<uint8_t> rPrime;
 
         u_int32_t nVars;
         u_int32_t nPublic;
diff --git a/tasksfile.js b/tasksfile.js
index 1f6883b..bd6031f 100644
--- a/tasksfile.js
+++ b/tasksfile.js
@@ -46,28 +46,6 @@ function testSplitParStr() {
     sh("./splitparsestr_test", {cwd: "build", nopipe: true});
 }
 
-function testAltBn128() {
-    sh("g++" +
-        " -Igoogletest-release-1.10.0/googletest/include"+
-        " -I."+
-        " -I../c"+
-        " ../c/naf.cpp"+
-        " ../c/splitparstr.cpp"+
-        " ../c/alt_bn128.cpp"+
-        " ../c/alt_bn128_test.cpp"+
-        " ../c/misc.cpp"+
-        " fq.cpp"+
-        " fq.o"+
-        " fr.cpp"+
-        " fr.o"+
-        " googletest-release-1.10.0/libgtest.a"+
-        " -o altbn128_test" +
-        " -fmax-errors=5 -pthread -std=c++11 -fopenmp -lgmp -g", {cwd: "build", nopipe: true}
-    );
-    sh("./altbn128_test", {cwd: "build", nopipe: true});
-}
-
-
 function benchMultiExpG1() {
     sh("g++ -O3 -g" +
         " -Igoogletest-release-1.10.0/googletest/include"+

From d2c2449753ec28a2527460edd98a5ab7ffed2843 Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Sun, 18 Jan 2026 23:57:37 +0200
Subject: [PATCH 2/7] nogmp: update fft.cpp, alt_bn128_test.cpp  w/ U256 API

---
 c/alt_bn128_test.cpp | 427 +++++++++++++++++++++++++++++++++++++++++++
 c/fft.cpp            | 114 ++++--------
 2 files changed, 464 insertions(+), 77 deletions(-)
 create mode 100644 c/alt_bn128_test.cpp

diff --git a/c/alt_bn128_test.cpp b/c/alt_bn128_test.cpp
new file mode 100644
index 0000000..fd28aab
--- /dev/null
+++ b/c/alt_bn128_test.cpp
@@ -0,0 +1,427 @@
+#include <iostream>
+#include <cstdint>
+#include <cstring>
+
+#include "gtest/gtest.h"
+#include "alt_bn128.hpp"
+#include "fft.hpp"
+#include "u256.hpp"
+
+using namespace AltBn128;
+
+namespace {
+
+TEST(altBn128, f2_simpleMul) {
+    F2Element e1;
+    F2.fromString(e1, "(2,2)");
+
+    F2Element e2;
+    F2.fromString(e2, "(3,3)");
+
+    F2Element e3;
+    F2.mul(e3, e1, e2);
+
+    F2Element e33;
+    F2.fromString(e33, "(0,12)");
+
+    ASSERT_TRUE(F2.eq(e3, e33));
+}
+
+TEST(altBn128, f6_mulDiv) {
+    F6Element a;
+    F6.fromString(a, "((1,2),(3,4),(5,6))");
+
+    F6Element b;
+    F6.fromString(b, "((12,11),(10,9),(8,7))");
+
+    F6Element c,d;
+
+    F6.mul(c,a,b);
+    F6.div(d,c,b);
+
+    ASSERT_TRUE(F6.eq(a,d));
+}
+
+TEST(altBn128, f6_inv) {
+    F6Element a;
+    F6.fromString(a, "((239487238491,2356249827341),"
+                     "(082659782,182703523765),"
+                     "(978236549263,64893242))");
+
+    F6Element inv;
+    F6.inv(inv, a);
+
+    F6Element b;
+    F6.mul(b, inv, a);
+
+    ASSERT_TRUE(F6.isOne(b));
+}
+
+TEST(altBn128, f12_mulDiv) {
+    F12Element a;
+    F12.fromString(a, "(((1,2),(3,4),(5,6)),((7,8),(9,10),(11,12)))");
+
+    F12Element b;
+    F12.fromString(b, "(((12,11),(10,9),(8,7)),((6,5),(4,3),(2,1)))");
+
+    F12Element c,d;
+
+    F12.mul(c,a,b);
+    F12.div(d,c,b);
+
+    ASSERT_TRUE(F12.eq(a,d));
+}
+
+TEST(altBn128, f12_inv) {
+    F12Element a;
+    F12.fromString(a,
+                   "(((239846234862342323958623,2359862352529835623),"
+                     "(928836523,9856234),"
+                     "(235635286,5628392833)),"
+                    "((252936598265329856238956532167968,23596239865236954178968),"
+                     "(95421692834,236548),"
+                     "(924523,12954623)))" );
+
+    F12Element inv;
+    F12.inv(inv, a);
+
+    F12Element b;
+    F12.mul(b, inv, a);
+
+    ASSERT_TRUE(F12.isOne(b));
+}
+
+TEST(altBn128, g1_PlusZero) {
+    G1Point p1;
+    G1.add(p1, G1.one(), G1.zero());
+    ASSERT_TRUE(G1.eq(p1, G1.one()));
+}
+
+TEST(altBn128, g1_minus_g1) {
+    G1Point p1;
+    G1.sub(p1, G1.one(), G1.one());
+    ASSERT_TRUE(G1.isZero(p1));
+}
+
+TEST(altBn128, g1_times_4) {
+    G1Point p1;
+    G1.add(p1, G1.one(), G1.one());
+    G1.add(p1, p1, G1.one());
+    G1.add(p1, p1, G1.one());
+
+    G1Point p2;
+    G1.dbl(p2, G1.one());
+    G1.dbl(p2, p2);
+
+    ASSERT_TRUE(G1.eq(p1,p2));
+}
+
+TEST(altBn128, g1_times_3) {
+    G1Point p1;
+    G1.add(p1, G1.one(), G1.one());
+    G1.add(p1, p1, G1.one());
+
+    G1Point p2;
+    G1.dbl(p2, G1.one());
+    G1.dbl(p2, p2);
+    G1.sub(p2, p2, G1.one());
+
+    ASSERT_TRUE(G1.eq(p1,p2));
+}
+
+TEST(altBn128, g1_times_3_exp) {
+    G1Point p1;
+    G1.add(p1, G1.one(), G1.one());
+    G1.add(p1, p1, G1.one());
+
+    uint8_t scalar[32];
+    u256_scalar32_from_u64(scalar, 3);
+
+    G1Point p2;
+    G1.mulByScalar(p2, G1.one(), scalar, 32);
+
+    ASSERT_TRUE(G1.eq(p1,p2));
+}
+
+TEST(altBn128, g1_times_5) {
+    G1Point p1;
+    G1.dbl(p1, G1.one());
+    G1.dbl(p1, p1);
+    G1.add(p1, p1, p1);
+
+    G1Point p2;
+    G1Point p3;
+    G1Point p4;
+    G1Point p5;
+    G1Point p6;
+    G1.dbl(p2, G1.one());
+    G1.dbl(p3, p2);
+    G1.dbl(p4, G1.one());
+    G1.dbl(p5, p4);
+    G1.add(p6, p3, p5);
+
+    ASSERT_TRUE(G1.eq(p1,p6));
+}
+
+TEST(altBn128, g1_times_65_exp) {
+    G1Point p1;
+    G1.dbl(p1, G1.one());
+    G1.dbl(p1, p1);
+    G1.dbl(p1, p1);
+    G1.dbl(p1, p1);
+    G1.dbl(p1, p1);
+    G1.dbl(p1, p1);
+    G1.add(p1, p1, G1.one());
+
+    uint8_t scalar[32];
+    u256_scalar32_from_u64(scalar, 65);
+
+    G1Point p2;
+    G1.mulByScalar(p2, G1.one(), scalar, 32);
+
+    ASSERT_TRUE(G1.eq(p1,p2));
+}
+
+TEST(altBn128, g1_expToOrder) {
+    uint8_t scalar[32];
+    ASSERT_EQ(u256_scalar32_from_dec(scalar,
+        "21888242871839275222246405745257275088548364400416034343698204186575808495617"
+    ), 0);
+
+    G1Point p1;
+    G1.mulByScalar(p1, G1.one(), scalar, 32);
+
+    ASSERT_TRUE(G1.isZero(p1));
+}
+
+TEST(altBn128, g2_expToOrder) {
+    uint8_t scalar[32];
+    ASSERT_EQ(u256_scalar32_from_dec(scalar,
+        "21888242871839275222246405745257275088548364400416034343698204186575808495617"
+    ), 0);
+
+    Curve<F2Field<RawFq>>::Point p1;
+    G2.mulByScalar(p1, G2.one(), scalar, 32);
+
+    ASSERT_TRUE(G2.isZero(p1));
+}
+
+TEST(altBn128, multiExp) {
+    int NMExp = 40000;
+
+    typedef uint8_t Scalar[32];
+
+    Scalar *scalars = new Scalar[NMExp];
+    G1PointAffine *bases = new G1PointAffine[NMExp];
+
+    uint64_t acc = 0;
+    for (int i = 0; i < NMExp; i++) {
+        if (i == 0) {
+            G1.copy(bases[0], G1.one());
+        } else {
+            G1.add(bases[i], bases[i-1], G1.one());
+        }
+
+        u256_scalar32_from_u64(scalars[i], (uint64_t)(i + 1));
+        acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
+    }
+
+    G1Point p1;
+    G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, 32, NMExp);
+
+    uint8_t sAcc[32];
+    u256_scalar32_from_u64(sAcc, acc);
+
+    G1Point p2;
+    G1.mulByScalar(p2, G1.one(), sAcc, 32);
+
+    ASSERT_TRUE(G1.eq(p1, p2));
+
+    delete[] bases;
+    delete[] scalars;
+}
+
+TEST(altBn128, multiExpMSM) {
+    int NMExp = 40000;
+
+    typedef uint8_t Scalar[32];
+
+    Scalar *scalars = new Scalar[NMExp];
+    G1PointAffine *bases = new G1PointAffine[NMExp];
+
+    uint64_t acc = 0;
+    for (int i = 0; i < NMExp; i++) {
+        if (i == 0) {
+            G1.copy(bases[0], G1.one());
+        } else {
+            G1.add(bases[i], bases[i-1], G1.one());
+        }
+
+        u256_scalar32_from_u64(scalars[i], (uint64_t)(i + 1));
+        acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
+    }
+
+    G1Point p1;
+    G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, 32, NMExp);
+
+    uint8_t sAcc[32];
+    u256_scalar32_from_u64(sAcc, acc);
+
+    G1Point p2;
+    G1.mulByScalar(p2, G1.one(), sAcc, 32);
+
+    ASSERT_TRUE(G1.eq(p1, p2));
+
+    delete[] bases;
+    delete[] scalars;
+}
+
+TEST(altBn128, multiExp2) {
+    int NMExp = 2;
+
+    AltBn128::FrElement *scalars = new AltBn128::FrElement[NMExp];
+    G1PointAffine *bases = new G1PointAffine[NMExp];
+
+    F1.fromString(bases[0].x, "1626275109576878988287730541908027724405348106427831594181487487855202143055");
+    F1.fromString(bases[0].y, "18706364085805828895917702468512381358405767972162700276238017959231481018884");
+    F1.fromString(bases[1].x, "17245156998235704504461341147511350131061011207199931581281143511105381019978");
+    F1.fromString(bases[1].y, "3858908536032228066651712470282632925312300188207189106507111128103204506804");
+
+    Fr.fromString(scalars[0], "1");
+    Fr.fromString(scalars[1], "20187316456970436521602619671088988952475789765726813868033071292105413408473");
+    Fr.fromMontgomery(scalars[0], scalars[0]);
+    Fr.fromMontgomery(scalars[1], scalars[1]);
+
+    G1Point r;
+    G1PointAffine ra;
+    G1PointAffine ref;
+
+    F1.fromString(ref.x, "9163953212624378696742080269971059027061360176019470242548968584908855004282");
+    F1.fromString(ref.y, "20922060990592511838374895951081914567856345629513259026540392951012456141360");
+
+    G1.multiMulByScalar(r, bases, (uint8_t *)scalars, 32, 2);
+    G1.copy(ra, r);
+
+    ASSERT_TRUE(G1.eq(ra, ref));
+
+    delete[] bases;
+    delete[] scalars;
+}
+
+TEST(altBn128, multiExp2MSM) {
+    int NMExp = 2;
+
+    AltBn128::FrElement *scalars = new AltBn128::FrElement[NMExp];
+    G1PointAffine *bases = new G1PointAffine[NMExp];
+
+    F1.fromString(bases[0].x, "1626275109576878988287730541908027724405348106427831594181487487855202143055");
+    F1.fromString(bases[0].y, "18706364085805828895917702468512381358405767972162700276238017959231481018884");
+    F1.fromString(bases[1].x, "17245156998235704504461341147511350131061011207199931581281143511105381019978");
+    F1.fromString(bases[1].y, "3858908536032228066651712470282632925312300188207189106507111128103204506804");
+
+    Fr.fromString(scalars[0], "1");
+    Fr.fromString(scalars[1], "20187316456970436521602619671088988952475789765726813868033071292105413408473");
+    Fr.fromMontgomery(scalars[0], scalars[0]);
+    Fr.fromMontgomery(scalars[1], scalars[1]);
+
+    G1Point r;
+    G1PointAffine ra;
+    G1PointAffine ref;
+
+    F1.fromString(ref.x, "9163953212624378696742080269971059027061360176019470242548968584908855004282");
+    F1.fromString(ref.y, "20922060990592511838374895951081914567856345629513259026540392951012456141360");
+
+    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, 32, 2);
+    G1.copy(ra, r);
+
+    ASSERT_TRUE(G1.eq(ra, ref));
+
+    delete[] bases;
+    delete[] scalars;
+}
+
+TEST(altBn128, multiExp8MSM) {
+    int NMExp = 8;
+
+    AltBn128::FrElement *scalars = new AltBn128::FrElement[NMExp];
+    G1PointAffine *bases = new G1PointAffine[NMExp];
+
+    F1.fromString(bases[0].x, "1");
+    F1.fromString(bases[0].y, "2");
+    F1.fromString(bases[1].x, "1368015179489954701390400359078579693043519447331113978918064868415326638035");
+    F1.fromString(bases[1].y, "9918110051302171585080402603319702774565515993150576347155970296011118125764");
+    F1.fromString(bases[2].x, "3353031288059533942658390886683067124040920775575537747144343083137631628272");
+    F1.fromString(bases[2].y, "19321533766552368860946552437480515441416830039777911637913418824951667761761");
+    F1.fromString(bases[3].x, "10744596414106452074759370245733544594153395043370666422502510773307029471145");
+    F1.fromString(bases[3].y, "848677436511517736191562425154572367705380862894644942948681172815252343932");
+    F1.fromString(bases[4].x, "10415861484417082502655338383609494480414113902179649885744799961447382638712");
+    F1.fromString(bases[4].y, "10196215078179488638353184030336251401353352596818396260819493263908881608606");
+    F1.fromString(bases[5].x, "4444740815889402603535294170722302758225367627362056425101568584910268024244");
+    F1.fromString(bases[5].y, "10537263096529483164618820017164668921386457028564663708352735080900270541420");
+    F1.fromString(bases[6].x, "12852522211178622728088728121177131998585782282560100422041774753646305409836");
+    F1.fromString(bases[6].y, "15918672909255108529698304535345707578139606904951176064731093256171019744261");
+    F1.fromString(bases[7].x, "5841054468380737358126901601208759440531393618333695939860021859990434602332");
+    F1.fromString(bases[7].y, "14496198492936799798866613472708085382638873795843716312315177042738122955744");
+
+    Fr.fromString(scalars[0], "1");
+    Fr.fromString(scalars[1], "4");
+    Fr.fromString(scalars[2], "4");
+    Fr.fromString(scalars[3], "4");
+    Fr.fromString(scalars[4], "8");
+    Fr.fromString(scalars[5], "10");
+    Fr.fromString(scalars[6], "1");
+    Fr.fromString(scalars[7], "5");
+    Fr.fromMontgomery(scalars[0], scalars[0]);
+    Fr.fromMontgomery(scalars[1], scalars[1]);
+    Fr.fromMontgomery(scalars[2], scalars[2]);
+    Fr.fromMontgomery(scalars[3], scalars[3]);
+    Fr.fromMontgomery(scalars[4], scalars[4]);
+    Fr.fromMontgomery(scalars[5], scalars[5]);
+    Fr.fromMontgomery(scalars[6], scalars[6]);
+    Fr.fromMontgomery(scalars[7], scalars[7]);
+
+    G1Point r;
+    G1PointAffine ra;
+    G1PointAffine ref;
+
+    F1.fromString(ref.x, "17747920359253913546551417160303297937542312574889904290131615776238588901697");
+    F1.fromString(ref.y, "8815119438581789680513912776342567599606944899217792926373871775002956510503");
+
+    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, 32, NMExp);
+    G1.copy(ra, r);
+
+    ASSERT_TRUE(G1.eq(ra, ref));
+
+    delete[] bases;
+    delete[] scalars;
+}
+
+TEST(altBn128, fft) {
+    int NMExp = 1<<10;
+
+    AltBn128::FrElement *a = new AltBn128::FrElement[NMExp];
+
+    for (int i=0; i<NMExp; i++) {
+        Fr.fromUI(a[i], i+1);
+    }
+
+    FFT<typename Engine::Fr> fft(NMExp);
+
+    fft.fft(a, NMExp);
+    fft.ifft(a, NMExp);
+
+    AltBn128::FrElement aux;
+    for (int i=0; i<NMExp; i++) {
+        Fr.fromUI(aux, i+1);
+        ASSERT_TRUE(Fr.eq(a[i], aux));
+    }
+
+    delete[] a;
+}
+
+}  // namespace
+
+int main(int argc, char **argv) {
+  ::testing::InitGoogleTest(&argc, argv);
+  return RUN_ALL_TESTS();
+}
diff --git a/c/fft.cpp b/c/fft.cpp
index 9152687..5d50894 100644
--- a/c/fft.cpp
+++ b/c/fft.cpp
@@ -5,6 +5,7 @@
 #include <cstring>
 
 #include "misc.hpp"
+#include "u256.hpp"
 
 using namespace std;
 
@@ -30,68 +31,32 @@ static inline u_int64_t BR(u_int64_t x, u_int64_t domainPow)
 
 #define ROOT(s,j) (rootsOfUnit[(1<<(s))+(j)])
 
-template <size_t N64>
-static inline void shr_words(uint64_t (&out)[N64], const uint64_t (&in)[N64], u_int32_t shift) {
-    if (shift == 0) {
-        for (size_t i = 0; i < N64; i++) out[i] = in[i];
-        return;
-    }
-    const u_int32_t wordShift = shift / 64;
-    const u_int32_t bitShift  = shift % 64;
-
-    for (size_t i = 0; i < N64; i++) out[i] = 0;
-
-    for (size_t i = wordShift; i < N64; i++) {
-        uint64_t low = in[i];
-        uint64_t hi  = (i + 1 < N64) ? in[i + 1] : 0;
-
-        if (bitShift == 0) {
-            out[i - wordShift] = low;
-        } else {
-            out[i - wordShift] = (low >> bitShift) | (hi << (64 - bitShift));
-        }
-    }
-}
-
-template <size_t N64>
-static inline void shr_words_inplace(uint64_t (&a)[N64], u_int32_t shift) {
-    uint64_t tmp[N64];
-    shr_words(tmp, a, shift);
-    for (size_t i = 0; i < N64; i++) a[i] = tmp[i];
-}
-
 template <typename Field>
 FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     : threadPool(ThreadPool::defaultPool())
 {
     f = Field::field;
 
-    u_int32_t domainPow = log2(maxDomainSize);
+    static_assert(Field::N64 == 4, "FFT expects 256-bit field elements (4x64 limbs).");
 
-#if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__)
-    static_assert(__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__,
-                  "This FFT exp-cast expects little-endian machine layout.");
-#endif
+    u_int32_t domainPow = log2(maxDomainSize);
 
-    // qm1_norm = q-1 in NORMAL (non-montgomery) representation
     Element qm1_norm;
     f.fromMontgomery(qm1_norm, f.negOne());
 
-    uint64_t qm1_words[Field::N64];
-    std::memcpy(qm1_words, (const void*)qm1_norm.v, sizeof(qm1_words));
+    U256 qm1;
+    std::memcpy(qm1.limb, (const void*)qm1_norm.v, sizeof(qm1.limb));
 
-    // qm1d2 = (q-1)/2
-    uint64_t qm1d2_words[Field::N64];
-    shr_words(qm1d2_words, qm1_words, 1);
+    U256 qm1d2;
+    u256_fdiv_q_2exp(&qm1d2, &qm1, 1);
 
-    // find nqr: cand^((q-1)/2) != 1
     Element cand, res;
     uint64_t cand_ui = 2;
     for (;;) {
         f.fromUI(cand, cand_ui);
         f.exp(res, cand,
-              reinterpret_cast<uint8_t*>(qm1d2_words),
-              (unsigned)sizeof(qm1d2_words));
+              reinterpret_cast<uint8_t*>(qm1d2.limb),
+              (unsigned)sizeof(qm1d2.limb));
         if (!f.eq(res, f.one())) {
             f.copy(nqr, cand);
             break;
@@ -99,15 +64,13 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
         cand_ui++;
     }
 
-    // aux_words starts from (q-1)/2 and we divide by 2 until we reach domainPow
-    // so at the end: aux_words = (q-1)/2^domainPow
-    uint64_t aux_words[Field::N64];
-    for (size_t i = 0; i < (size_t)Field::N64; i++) aux_words[i] = qm1d2_words[i];
+    U256 aux;
+    u256_copy(&aux, &qm1d2);
 
     u_int32_t s_tmp = 1;
     while (s_tmp < domainPow) {
-        if (aux_words[0] & 1ULL) break;      // odd => stop
-        shr_words_inplace(aux_words, 1);
+        if (u256_tstbit(&aux, 0)) break;
+        u256_fdiv_q_2exp(&aux, &aux, 1);
         s_tmp++;
     }
 
@@ -125,12 +88,10 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     f.copy(powTwoInv[0], f.one());
 
     if (nRoots > 1) {
-        // primitive 2^s root of unity: roots[1] = nqr^(aux_words)
         f.exp(roots[1], nqr,
-              reinterpret_cast<uint8_t*>(aux_words),
-              (unsigned)sizeof(aux_words));
+              reinterpret_cast<uint8_t*>(aux.limb),
+              (unsigned)sizeof(aux.limb));
 
-        // powTwoInv[1] = 1/2
         Element two;
         f.fromUI(two, 2);
         f.inv(powTwoInv[1], two);
@@ -138,11 +99,10 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
 
     threadPool.parallelBlock([&] (uint64_t nThreads, uint64_t idThread) {
         uint64_t increment = nRoots / nThreads;
-        uint64_t start = idThread==0 ? 2 : idThread * increment;
-        uint64_t end   = idThread==nThreads-1 ? nRoots : (idThread+1) * increment;
+        uint64_t start = (idThread == 0) ? 2 : idThread * increment;
+        uint64_t end   = (idThread == nThreads - 1) ? nRoots : (idThread + 1) * increment;
 
         if (end > start) {
-            // roots[start] = roots[1]^start
             f.exp(roots[start], roots[1], (uint8_t *)(&start), sizeof(start));
         }
         for (uint64_t i = start + 1; i < end; i++) {
@@ -150,9 +110,9 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
         }
     });
 
-    Element aux;
-    f.mul(aux, roots[nRoots - 1], roots[1]);
-    assert(f.eq(aux, f.one()));
+    Element check;
+    f.mul(check, roots[nRoots - 1], roots[1]);
+    assert(f.eq(check, f.one()));
 
     for (uint64_t i = 2; i <= s; i++) {
         f.mul(powTwoInv[i], powTwoInv[i-1], powTwoInv[1]);
@@ -170,10 +130,10 @@ void FFT<Field>::reversePermutation(Element *a, u_int64_t n) {
     int domainPow = log2(n);
 
     threadPool.parallelFor(0, n, [&] (int begin, int end, int numThread) {
-        for (u_int64_t i=begin; i<end; i++) {
+        for (u_int64_t i = (u_int64_t)begin; i < (u_int64_t)end; i++) {
             Element tmp;
             u_int64_t r = BR(i, domainPow);
-            if (i>r) {
+            if (i > r) {
                 f.copy(tmp, a[i]);
                 f.copy(a[i], a[r]);
                 f.copy(a[r], tmp);
@@ -188,36 +148,36 @@ void FFT<Field>::fft(Element *a, u_int64_t n) {
     u_int64_t domainPow = log2(n);
     assert(((u_int64_t)1 << domainPow) == n);
 
-    for (u_int32_t s=1; s<=domainPow; s++) {
+    for (u_int32_t s = 1; s <= domainPow; s++) {
         u_int64_t m = 1 << s;
         u_int64_t mdiv2 = m >> 1;
 
-        threadPool.parallelFor(0, (n>>1), [&] (int begin, int end, int numThread) {
-            for (u_int64_t i=begin; i< (u_int64_t)end; i++) {
+        threadPool.parallelFor(0, (n >> 1), [&] (int begin, int end, int numThread) {
+            for (u_int64_t i = (u_int64_t)begin; i < (u_int64_t)end; i++) {
                 Element t;
                 Element u;
-                u_int64_t k=(i/mdiv2)*m;
-                u_int64_t j=i%mdiv2;
+                u_int64_t k = (i / mdiv2) * m;
+                u_int64_t j = i % mdiv2;
 
-                f.mul(t, root(s, j), a[k+j+mdiv2]);
-                f.copy(u, a[k+j]);
-                f.add(a[k+j], t, u);
-                f.sub(a[k+j+mdiv2], u, t);
+                f.mul(t, root(s, j), a[k + j + mdiv2]);
+                f.copy(u, a[k + j]);
+                f.add(a[k + j], t, u);
+                f.sub(a[k + j + mdiv2], u, t);
             }
         });
     }
 }
 
 template <typename Field>
-void FFT<Field>::ifft(Element *a, u_int64_t n ) {
+void FFT<Field>::ifft(Element *a, u_int64_t n) {
     fft(a, n);
     u_int64_t domainPow = log2(n);
-    u_int64_t nDiv2= n >> 1;
+    u_int64_t nDiv2 = n >> 1;
 
     threadPool.parallelFor(1, nDiv2, [&] (int begin, int end, int numThread) {
-        for (u_int64_t i=begin; i<(u_int64_t)end; i++) {
+        for (u_int64_t i = (u_int64_t)begin; i < (u_int64_t)end; i++) {
             Element tmp;
-            u_int64_t r = n-i;
+            u_int64_t r = n - i;
             f.copy(tmp, a[i]);
             f.mul(a[i], a[r], powTwoInv[domainPow]);
             f.mul(a[r], tmp, powTwoInv[domainPow]);
@@ -229,9 +189,9 @@ void FFT<Field>::ifft(Element *a, u_int64_t n ) {
 }
 
 template <typename Field>
-void FFT<Field>::printVector(Element *a, u_int64_t n ) {
+void FFT<Field>::printVector(Element *a, u_int64_t n) {
     cout << "[" << endl;
-    for (u_int64_t i=0; i<n; i++) {
+    for (u_int64_t i = 0; i < n; i++) {
         cout << f.toString(a[i]) << endl;
     }
     cout << "]" << endl;

From 920fc8b812da1c9a56e2361549275c47c2ebad5b Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Mon, 19 Jan 2026 01:36:44 +0200
Subject: [PATCH 3/7] nogmp: add testAltBn128 to taskfile.js

---
 tasksfile.js | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/tasksfile.js b/tasksfile.js
index bd6031f..1f6883b 100644
--- a/tasksfile.js
+++ b/tasksfile.js
@@ -46,6 +46,28 @@ function testSplitParStr() {
     sh("./splitparsestr_test", {cwd: "build", nopipe: true});
 }
 
+function testAltBn128() {
+    sh("g++" +
+        " -Igoogletest-release-1.10.0/googletest/include"+
+        " -I."+
+        " -I../c"+
+        " ../c/naf.cpp"+
+        " ../c/splitparstr.cpp"+
+        " ../c/alt_bn128.cpp"+
+        " ../c/alt_bn128_test.cpp"+
+        " ../c/misc.cpp"+
+        " fq.cpp"+
+        " fq.o"+
+        " fr.cpp"+
+        " fr.o"+
+        " googletest-release-1.10.0/libgtest.a"+
+        " -o altbn128_test" +
+        " -fmax-errors=5 -pthread -std=c++11 -fopenmp -lgmp -g", {cwd: "build", nopipe: true}
+    );
+    sh("./altbn128_test", {cwd: "build", nopipe: true});
+}
+
+
 function benchMultiExpG1() {
     sh("g++ -O3 -g" +
         " -Igoogletest-release-1.10.0/googletest/include"+

From 73ce049755e4421f80ac247777bbf1b166fc4ff1 Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Tue, 27 Jan 2026 15:27:46 +0200
Subject: [PATCH 4/7] nogmp: update

---
 c/alt_bn128_test.cpp | 46 ++++++++++++++++++++++++++++++--------------
 c/fft.cpp            |  8 ++++----
 tasksfile.js         |  8 ++++----
 3 files changed, 40 insertions(+), 22 deletions(-)

diff --git a/c/alt_bn128_test.cpp b/c/alt_bn128_test.cpp
index fd28aab..fdf1591 100644
--- a/c/alt_bn128_test.cpp
+++ b/c/alt_bn128_test.cpp
@@ -129,13 +129,15 @@ TEST(altBn128, g1_times_3) {
     ASSERT_TRUE(G1.eq(p1,p2));
 }
 
-TEST(altBn128, g1_times_3_exp) {
+    TEST(altBn128, g1_times_3_exp) {
     G1Point p1;
     G1.add(p1, G1.one(), G1.one());
     G1.add(p1, p1, G1.one());
 
     uint8_t scalar[32];
-    u256_scalar32_from_u64(scalar, 3);
+    U256 x;
+    mp_set_ui(&x, 3);
+    mp_export(scalar, &x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), scalar, 32);
@@ -163,7 +165,7 @@ TEST(altBn128, g1_times_5) {
     ASSERT_TRUE(G1.eq(p1,p6));
 }
 
-TEST(altBn128, g1_times_65_exp) {
+    TEST(altBn128, g1_times_65_exp) {
     G1Point p1;
     G1.dbl(p1, G1.one());
     G1.dbl(p1, p1);
@@ -174,7 +176,9 @@ TEST(altBn128, g1_times_65_exp) {
     G1.add(p1, p1, G1.one());
 
     uint8_t scalar[32];
-    u256_scalar32_from_u64(scalar, 65);
+    U256 x;
+    mp_set_ui(&x, 65);
+    mp_export(scalar, &x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), scalar, 32);
@@ -182,11 +186,14 @@ TEST(altBn128, g1_times_65_exp) {
     ASSERT_TRUE(G1.eq(p1,p2));
 }
 
-TEST(altBn128, g1_expToOrder) {
+    TEST(altBn128, g1_expToOrder) {
     uint8_t scalar[32];
-    ASSERT_EQ(u256_scalar32_from_dec(scalar,
-        "21888242871839275222246405745257275088548364400416034343698204186575808495617"
+    U256 x;
+    ASSERT_EQ(mp_set_str(&x,
+        "21888242871839275222246405745257275088548364400416034343698204186575808495617",
+        10
     ), 0);
+    mp_export(scalar, &x);
 
     G1Point p1;
     G1.mulByScalar(p1, G1.one(), scalar, 32);
@@ -194,11 +201,14 @@ TEST(altBn128, g1_expToOrder) {
     ASSERT_TRUE(G1.isZero(p1));
 }
 
-TEST(altBn128, g2_expToOrder) {
+    TEST(altBn128, g2_expToOrder) {
     uint8_t scalar[32];
-    ASSERT_EQ(u256_scalar32_from_dec(scalar,
-        "21888242871839275222246405745257275088548364400416034343698204186575808495617"
+    U256 x;
+    ASSERT_EQ(mp_set_str(&x,
+        "21888242871839275222246405745257275088548364400416034343698204186575808495617",
+        10
     ), 0);
+    mp_export(scalar, &x);
 
     Curve<F2Field<RawFq>>::Point p1;
     G2.mulByScalar(p1, G2.one(), scalar, 32);
@@ -222,7 +232,9 @@ TEST(altBn128, multiExp) {
             G1.add(bases[i], bases[i-1], G1.one());
         }
 
-        u256_scalar32_from_u64(scalars[i], (uint64_t)(i + 1));
+        U256 x;
+        mp_set_ui(&x, (uint64_t)(i + 1));
+        mp_export(scalars[i], &x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
@@ -230,7 +242,9 @@ TEST(altBn128, multiExp) {
     G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, 32, NMExp);
 
     uint8_t sAcc[32];
-    u256_scalar32_from_u64(sAcc, acc);
+    U256 x;
+    mp_set_ui(&x, acc);
+    mp_export(sAcc, &x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), sAcc, 32);
@@ -257,7 +271,9 @@ TEST(altBn128, multiExpMSM) {
             G1.add(bases[i], bases[i-1], G1.one());
         }
 
-        u256_scalar32_from_u64(scalars[i], (uint64_t)(i + 1));
+        U256 x;
+        mp_set_ui(&x, (uint64_t)(i + 1));
+        mp_export(scalars[i], &x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
@@ -265,7 +281,9 @@ TEST(altBn128, multiExpMSM) {
     G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, 32, NMExp);
 
     uint8_t sAcc[32];
-    u256_scalar32_from_u64(sAcc, acc);
+    U256 x;
+    mp_set_ui(&x, acc);
+    mp_export(sAcc, &x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), sAcc, 32);
diff --git a/c/fft.cpp b/c/fft.cpp
index 5d50894..04206d0 100644
--- a/c/fft.cpp
+++ b/c/fft.cpp
@@ -48,7 +48,7 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     std::memcpy(qm1.limb, (const void*)qm1_norm.v, sizeof(qm1.limb));
 
     U256 qm1d2;
-    u256_fdiv_q_2exp(&qm1d2, &qm1, 1);
+    mp_fdiv_q_2exp(&qm1d2, &qm1, 1);
 
     Element cand, res;
     uint64_t cand_ui = 2;
@@ -65,12 +65,12 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     }
 
     U256 aux;
-    u256_copy(&aux, &qm1d2);
+    mp_copy(&aux, &qm1d2);
 
     u_int32_t s_tmp = 1;
     while (s_tmp < domainPow) {
-        if (u256_tstbit(&aux, 0)) break;
-        u256_fdiv_q_2exp(&aux, &aux, 1);
+        if (mp_tstbit(&aux, 0)) break;
+        mp_fdiv_q_2exp(&aux, &aux, 1);
         s_tmp++;
     }
 
diff --git a/tasksfile.js b/tasksfile.js
index 1f6883b..af91d4f 100644
--- a/tasksfile.js
+++ b/tasksfile.js
@@ -41,7 +41,7 @@ function testSplitParStr() {
         " ../c/splitparstr.cpp"+
         " ../c/splitparstr_test.cpp"+
         " googletest-release-1.10.0/libgtest.a"+
-        " -pthread -std=c++11 -o splitparsestr_test", {cwd: "build", nopipe: true}
+        " -pthread -std=c++17 -o splitparsestr_test", {cwd: "build", nopipe: true}
     );
     sh("./splitparsestr_test", {cwd: "build", nopipe: true});
 }
@@ -62,7 +62,7 @@ function testAltBn128() {
         " fr.o"+
         " googletest-release-1.10.0/libgtest.a"+
         " -o altbn128_test" +
-        " -fmax-errors=5 -pthread -std=c++11 -fopenmp -lgmp -g", {cwd: "build", nopipe: true}
+        " -fmax-errors=5 -pthread -std=c++17 -fopenmp -lgmp -g", {cwd: "build", nopipe: true}
     );
     sh("./altbn128_test", {cwd: "build", nopipe: true});
 }
@@ -84,7 +84,7 @@ function benchMultiExpG1() {
         " fr.o"+
         // " googletest-release-1.10.0/libgtest.a"+
         " -o multiexp_g1_benchmark" +
-        " -lgmp -pthread -std=c++11 -fopenmp" , {cwd: "build", nopipe: true}
+        " -lgmp -pthread -std=c++17 -fopenmp" , {cwd: "build", nopipe: true}
     );
     sh("./multiexp_g1_benchmark 16777216", {cwd: "build", nopipe: true});
 }
@@ -105,7 +105,7 @@ function benchMultiExpG2() {
         " fr.o"+
         // " googletest-release-1.10.0/libgtest.a"+
         " -o multiexp_g2_benchmark" +
-        " -lgmp -pthread -std=c++11 -fopenmp" , {cwd: "build", nopipe: true}
+        " -lgmp -pthread -std=c++17 -fopenmp" , {cwd: "build", nopipe: true}
     );
     sh("./multiexp_g2_benchmark 16777216", {cwd: "build", nopipe: true});
 }

From 9eaffd0042b1714e46f5a35ad3caec3486486ea6 Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Mon, 2 Feb 2026 12:08:16 +0200
Subject: [PATCH 5/7] U256 API removed, using Limb API instead

---
 c/alt_bn128_test.cpp | 50 ++++++++++++++++++++++----------------------
 c/fft.cpp            | 26 +++++++++++------------
 2 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/c/alt_bn128_test.cpp b/c/alt_bn128_test.cpp
index fdf1591..9b965bc 100644
--- a/c/alt_bn128_test.cpp
+++ b/c/alt_bn128_test.cpp
@@ -5,7 +5,7 @@
 #include "gtest/gtest.h"
 #include "alt_bn128.hpp"
 #include "fft.hpp"
-#include "u256.hpp"
+#include "mp.hpp"
 
 using namespace AltBn128;
 
@@ -135,9 +135,9 @@ TEST(altBn128, g1_times_3) {
     G1.add(p1, p1, G1.one());
 
     uint8_t scalar[32];
-    U256 x;
-    mp_set_ui(&x, 3);
-    mp_export(scalar, &x);
+    mp_limb_t x[MP_N64];
+    mp_set_ui(x, 3);
+    mp_export(scalar, x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), scalar, 32);
@@ -176,9 +176,9 @@ TEST(altBn128, g1_times_5) {
     G1.add(p1, p1, G1.one());
 
     uint8_t scalar[32];
-    U256 x;
-    mp_set_ui(&x, 65);
-    mp_export(scalar, &x);
+    mp_limb_t x[MP_N64];
+    mp_set_ui(x, 65);
+    mp_export(scalar, x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), scalar, 32);
@@ -188,12 +188,12 @@ TEST(altBn128, g1_times_5) {
 
     TEST(altBn128, g1_expToOrder) {
     uint8_t scalar[32];
-    U256 x;
-    ASSERT_EQ(mp_set_str(&x,
+    mp_limb_t x[MP_N64];
+    ASSERT_EQ(mp_set_str(x,
         "21888242871839275222246405745257275088548364400416034343698204186575808495617",
         10
     ), 0);
-    mp_export(scalar, &x);
+    mp_export(scalar, x);
 
     G1Point p1;
     G1.mulByScalar(p1, G1.one(), scalar, 32);
@@ -203,12 +203,12 @@ TEST(altBn128, g1_times_5) {
 
     TEST(altBn128, g2_expToOrder) {
     uint8_t scalar[32];
-    U256 x;
-    ASSERT_EQ(mp_set_str(&x,
+    mp_limb_t x[MP_N64];
+    ASSERT_EQ(mp_set_str(x,
         "21888242871839275222246405745257275088548364400416034343698204186575808495617",
         10
     ), 0);
-    mp_export(scalar, &x);
+    mp_export(scalar, x);
 
     Curve<F2Field<RawFq>>::Point p1;
     G2.mulByScalar(p1, G2.one(), scalar, 32);
@@ -232,9 +232,9 @@ TEST(altBn128, multiExp) {
             G1.add(bases[i], bases[i-1], G1.one());
         }
 
-        U256 x;
-        mp_set_ui(&x, (uint64_t)(i + 1));
-        mp_export(scalars[i], &x);
+        mp_limb_t x[MP_N64];
+        mp_set_ui(x, (uint64_t)(i + 1));
+        mp_export(scalars[i], x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
@@ -242,9 +242,9 @@ TEST(altBn128, multiExp) {
     G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, 32, NMExp);
 
     uint8_t sAcc[32];
-    U256 x;
-    mp_set_ui(&x, acc);
-    mp_export(sAcc, &x);
+    mp_limb_t x[MP_N64];
+    mp_set_ui(x, acc);
+    mp_export(sAcc, x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), sAcc, 32);
@@ -271,9 +271,9 @@ TEST(altBn128, multiExpMSM) {
             G1.add(bases[i], bases[i-1], G1.one());
         }
 
-        U256 x;
-        mp_set_ui(&x, (uint64_t)(i + 1));
-        mp_export(scalars[i], &x);
+        mp_limb_t x[MP_N64];
+        mp_set_ui(x, (uint64_t)(i + 1));
+        mp_export(scalars[i], x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
@@ -281,9 +281,9 @@ TEST(altBn128, multiExpMSM) {
     G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, 32, NMExp);
 
     uint8_t sAcc[32];
-    U256 x;
-    mp_set_ui(&x, acc);
-    mp_export(sAcc, &x);
+    mp_limb_t x[MP_N64];
+    mp_set_ui(x, acc);
+    mp_export(sAcc, x);
 
     G1Point p2;
     G1.mulByScalar(p2, G1.one(), sAcc, 32);
diff --git a/c/fft.cpp b/c/fft.cpp
index 04206d0..29c6cd9 100644
--- a/c/fft.cpp
+++ b/c/fft.cpp
@@ -5,7 +5,7 @@
 #include <cstring>
 
 #include "misc.hpp"
-#include "u256.hpp"
+#include "mp.hpp"
 
 using namespace std;
 
@@ -44,19 +44,19 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     Element qm1_norm;
     f.fromMontgomery(qm1_norm, f.negOne());
 
-    U256 qm1;
-    std::memcpy(qm1.limb, (const void*)qm1_norm.v, sizeof(qm1.limb));
+    mp_limb_t qm1[4];
+    std::memcpy(qm1, (const void*)qm1_norm.v, sizeof(qm1));
 
-    U256 qm1d2;
-    mp_fdiv_q_2exp(&qm1d2, &qm1, 1);
+    mp_limb_t qm1d2[4];
+    mp_fdiv_q_2exp(qm1d2, qm1, 1);
 
     Element cand, res;
     uint64_t cand_ui = 2;
     for (;;) {
         f.fromUI(cand, cand_ui);
         f.exp(res, cand,
-              reinterpret_cast<uint8_t*>(qm1d2.limb),
-              (unsigned)sizeof(qm1d2.limb));
+              reinterpret_cast<uint8_t*>(qm1d2),
+              (unsigned)sizeof(qm1d2));
         if (!f.eq(res, f.one())) {
             f.copy(nqr, cand);
             break;
@@ -64,13 +64,13 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
         cand_ui++;
     }
 
-    U256 aux;
-    mp_copy(&aux, &qm1d2);
+    mp_limb_t aux[4];
+    mp_copy(aux, qm1d2);
 
     u_int32_t s_tmp = 1;
     while (s_tmp < domainPow) {
-        if (mp_tstbit(&aux, 0)) break;
-        mp_fdiv_q_2exp(&aux, &aux, 1);
+        if (mp_tstbit(aux, 0)) break;
+        mp_fdiv_q_2exp(aux, aux, 1);
         s_tmp++;
     }
 
@@ -89,8 +89,8 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
 
     if (nRoots > 1) {
         f.exp(roots[1], nqr,
-              reinterpret_cast<uint8_t*>(aux.limb),
-              (unsigned)sizeof(aux.limb));
+              reinterpret_cast<uint8_t*>(aux),
+              (unsigned)sizeof(aux));
 
         Element two;
         f.fromUI(two, 2);

From 68f2a463985822b252e1858e81f40fe6a6c373e6 Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Sun, 8 Feb 2026 13:44:52 +0200
Subject: [PATCH 6/7] nogmp: alt_bn128_test, fft fix up to new version of mp
 API

---
 c/alt_bn128_test.cpp | 70 ++++++++++++++++++++++----------------------
 c/fft.cpp            | 13 ++++----
 2 files changed, 42 insertions(+), 41 deletions(-)

diff --git a/c/alt_bn128_test.cpp b/c/alt_bn128_test.cpp
index 9b965bc..5fdf1ff 100644
--- a/c/alt_bn128_test.cpp
+++ b/c/alt_bn128_test.cpp
@@ -134,13 +134,13 @@ TEST(altBn128, g1_times_3) {
     G1.add(p1, G1.one(), G1.one());
     G1.add(p1, p1, G1.one());
 
-    uint8_t scalar[32];
-    mp_limb_t x[MP_N64];
-    mp_set_ui(x, 3);
+    uint8_t scalar[MP_N];
+    mp_uint_t x;
+    mp_set(x, 3);
     mp_export(scalar, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), scalar, 32);
+    G1.mulByScalar(p2, G1.one(), scalar, MP_N);
 
     ASSERT_TRUE(G1.eq(p1,p2));
 }
@@ -175,43 +175,43 @@ TEST(altBn128, g1_times_5) {
     G1.dbl(p1, p1);
     G1.add(p1, p1, G1.one());
 
-    uint8_t scalar[32];
-    mp_limb_t x[MP_N64];
-    mp_set_ui(x, 65);
+    uint8_t scalar[MP_N];
+    mp_uint_t x;
+    mp_set(x, 65);
     mp_export(scalar, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), scalar, 32);
+    G1.mulByScalar(p2, G1.one(), scalar, MP_N);
 
     ASSERT_TRUE(G1.eq(p1,p2));
 }
 
     TEST(altBn128, g1_expToOrder) {
-    uint8_t scalar[32];
-    mp_limb_t x[MP_N64];
-    ASSERT_EQ(mp_set_str(x,
+    uint8_t scalar[MP_N];
+    mp_uint_t x;
+    ASSERT_EQ(mp_set(x,
         "21888242871839275222246405745257275088548364400416034343698204186575808495617",
         10
     ), 0);
     mp_export(scalar, x);
 
     G1Point p1;
-    G1.mulByScalar(p1, G1.one(), scalar, 32);
+    G1.mulByScalar(p1, G1.one(), scalar, MP_N);
 
     ASSERT_TRUE(G1.isZero(p1));
 }
 
     TEST(altBn128, g2_expToOrder) {
-    uint8_t scalar[32];
-    mp_limb_t x[MP_N64];
-    ASSERT_EQ(mp_set_str(x,
+    uint8_t scalar[MP_N];
+    mp_uint_t x;
+    ASSERT_EQ(mp_set(x,
         "21888242871839275222246405745257275088548364400416034343698204186575808495617",
         10
     ), 0);
     mp_export(scalar, x);
 
     Curve<F2Field<RawFq>>::Point p1;
-    G2.mulByScalar(p1, G2.one(), scalar, 32);
+    G2.mulByScalar(p1, G2.one(), scalar, MP_N);
 
     ASSERT_TRUE(G2.isZero(p1));
 }
@@ -219,7 +219,7 @@ TEST(altBn128, g1_times_5) {
 TEST(altBn128, multiExp) {
     int NMExp = 40000;
 
-    typedef uint8_t Scalar[32];
+    typedef uint8_t Scalar[MP_N];
 
     Scalar *scalars = new Scalar[NMExp];
     G1PointAffine *bases = new G1PointAffine[NMExp];
@@ -232,22 +232,22 @@ TEST(altBn128, multiExp) {
             G1.add(bases[i], bases[i-1], G1.one());
         }
 
-        mp_limb_t x[MP_N64];
-        mp_set_ui(x, (uint64_t)(i + 1));
+        mp_uint_t x;
+        mp_set(x, (uint64_t)(i + 1));
         mp_export(scalars[i], x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
     G1Point p1;
-    G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, 32, NMExp);
+    G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, MP_N, NMExp);
 
-    uint8_t sAcc[32];
-    mp_limb_t x[MP_N64];
-    mp_set_ui(x, acc);
+    uint8_t sAcc[MP_N];
+    mp_uint_t x;
+    mp_set(x, acc);
     mp_export(sAcc, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), sAcc, 32);
+    G1.mulByScalar(p2, G1.one(), sAcc, MP_N);
 
     ASSERT_TRUE(G1.eq(p1, p2));
 
@@ -258,7 +258,7 @@ TEST(altBn128, multiExp) {
 TEST(altBn128, multiExpMSM) {
     int NMExp = 40000;
 
-    typedef uint8_t Scalar[32];
+    typedef uint8_t Scalar[MP_N];
 
     Scalar *scalars = new Scalar[NMExp];
     G1PointAffine *bases = new G1PointAffine[NMExp];
@@ -271,22 +271,22 @@ TEST(altBn128, multiExpMSM) {
             G1.add(bases[i], bases[i-1], G1.one());
         }
 
-        mp_limb_t x[MP_N64];
-        mp_set_ui(x, (uint64_t)(i + 1));
+        mp_uint_t x;
+        mp_set(x, (uint64_t)(i + 1));
         mp_export(scalars[i], x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
     G1Point p1;
-    G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, 32, NMExp);
+    G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, MP_N, NMExp);
 
-    uint8_t sAcc[32];
-    mp_limb_t x[MP_N64];
-    mp_set_ui(x, acc);
+    uint8_t sAcc[MP_N];
+    mp_uint_t x;
+    mp_set(x, acc);
     mp_export(sAcc, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), sAcc, 32);
+    G1.mulByScalar(p2, G1.one(), sAcc, MP_N);
 
     ASSERT_TRUE(G1.eq(p1, p2));
 
@@ -317,7 +317,7 @@ TEST(altBn128, multiExp2) {
     F1.fromString(ref.x, "9163953212624378696742080269971059027061360176019470242548968584908855004282");
     F1.fromString(ref.y, "20922060990592511838374895951081914567856345629513259026540392951012456141360");
 
-    G1.multiMulByScalar(r, bases, (uint8_t *)scalars, 32, 2);
+    G1.multiMulByScalar(r, bases, (uint8_t *)scalars, MP_N, 2);
     G1.copy(ra, r);
 
     ASSERT_TRUE(G1.eq(ra, ref));
@@ -349,7 +349,7 @@ TEST(altBn128, multiExp2MSM) {
     F1.fromString(ref.x, "9163953212624378696742080269971059027061360176019470242548968584908855004282");
     F1.fromString(ref.y, "20922060990592511838374895951081914567856345629513259026540392951012456141360");
 
-    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, 32, 2);
+    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, MP_N, 2);
     G1.copy(ra, r);
 
     ASSERT_TRUE(G1.eq(ra, ref));
@@ -405,7 +405,7 @@ TEST(altBn128, multiExp8MSM) {
     F1.fromString(ref.x, "17747920359253913546551417160303297937542312574889904290131615776238588901697");
     F1.fromString(ref.y, "8815119438581789680513912776342567599606944899217792926373871775002956510503");
 
-    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, 32, NMExp);
+    G1.multiMulByScalarMSM(r, bases, (uint8_t *)scalars, MP_N, NMExp);
     G1.copy(ra, r);
 
     ASSERT_TRUE(G1.eq(ra, ref));
diff --git a/c/fft.cpp b/c/fft.cpp
index 29c6cd9..82193d2 100644
--- a/c/fft.cpp
+++ b/c/fft.cpp
@@ -6,6 +6,7 @@
 
 #include "misc.hpp"
 #include "mp.hpp"
+#include "../../../build/mp.hpp"
 
 using namespace std;
 
@@ -26,7 +27,7 @@ static inline u_int64_t BR(u_int64_t x, u_int64_t domainPow)
     x = ((x & 0xFF00FF00) >> 8) | ((x & 0x00FF00FF) << 8);
     x = ((x & 0xF0F0F0F0) >> 4) | ((x & 0x0F0F0F0F) << 4);
     x = ((x & 0xCCCCCCCC) >> 2) | ((x & 0x33333333) << 2);
-    return (((x & 0xAAAAAAAA) >> 1) | ((x & 0x55555555) << 1)) >> (32-domainPow);
+    return (((x & 0xAAAAAAAA) >> 1) | ((x & 0x55555555) << 1)) >> (MP_N-domainPow);
 }
 
 #define ROOT(s,j) (rootsOfUnit[(1<<(s))+(j)])
@@ -44,11 +45,11 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
     Element qm1_norm;
     f.fromMontgomery(qm1_norm, f.negOne());
 
-    mp_limb_t qm1[4];
+    mp_uint_t qm1;
     std::memcpy(qm1, (const void*)qm1_norm.v, sizeof(qm1));
 
-    mp_limb_t qm1d2[4];
-    mp_fdiv_q_2exp(qm1d2, qm1, 1);
+    mp_uint_t qm1d2;
+    mp_shr(qm1d2, qm1, 1);
 
     Element cand, res;
     uint64_t cand_ui = 2;
@@ -64,13 +65,13 @@ FFT<Field>::FFT(u_int64_t maxDomainSize, uint32_t _nThreads)
         cand_ui++;
     }
 
-    mp_limb_t aux[4];
+    mp_uint_t aux;
     mp_copy(aux, qm1d2);
 
     u_int32_t s_tmp = 1;
     while (s_tmp < domainPow) {
         if (mp_tstbit(aux, 0)) break;
-        mp_fdiv_q_2exp(aux, aux, 1);
+        mp_shr(aux, aux, 1);
         s_tmp++;
     }
 

From 387a902de6f4e400db1e9e3917fbebdb41e8e2ab Mon Sep 17 00:00:00 2001
From: furze <danielsennmurilio@gmail.com>
Date: Fri, 20 Feb 2026 02:05:24 +0200
Subject: [PATCH 7/7] nogmp: mp-API fix

---
 c/alt_bn128_test.cpp | 46 ++++++++++++++++++++++----------------------
 c/fft.cpp            |  1 -
 2 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/c/alt_bn128_test.cpp b/c/alt_bn128_test.cpp
index 5fdf1ff..93d8e6c 100644
--- a/c/alt_bn128_test.cpp
+++ b/c/alt_bn128_test.cpp
@@ -5,7 +5,7 @@
 #include "gtest/gtest.h"
 #include "alt_bn128.hpp"
 #include "fft.hpp"
-#include "mp.hpp"
+#include "../../../build/mp.hpp"
 
 using namespace AltBn128;
 
@@ -134,13 +134,13 @@ TEST(altBn128, g1_times_3) {
     G1.add(p1, G1.one(), G1.one());
     G1.add(p1, p1, G1.one());
 
-    uint8_t scalar[MP_N];
+    mp_uint_t scalar;
     mp_uint_t x;
     mp_set(x, 3);
-    mp_export(scalar, x);
+    mp_copy(scalar, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), scalar, MP_N);
+    G1.mulByScalar(p2, G1.one(), (uint8_t*)scalar, MP_N);
 
     ASSERT_TRUE(G1.eq(p1,p2));
 }
@@ -175,43 +175,43 @@ TEST(altBn128, g1_times_5) {
     G1.dbl(p1, p1);
     G1.add(p1, p1, G1.one());
 
-    uint8_t scalar[MP_N];
+    mp_uint_t scalar;
     mp_uint_t x;
     mp_set(x, 65);
-    mp_export(scalar, x);
+    mp_copy(scalar, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), scalar, MP_N);
+    G1.mulByScalar(p2, G1.one(), (uint8_t*)scalar, MP_N);
 
     ASSERT_TRUE(G1.eq(p1,p2));
 }
 
     TEST(altBn128, g1_expToOrder) {
-    uint8_t scalar[MP_N];
+    mp_uint_t scalar;
     mp_uint_t x;
     ASSERT_EQ(mp_set(x,
         "21888242871839275222246405745257275088548364400416034343698204186575808495617",
         10
     ), 0);
-    mp_export(scalar, x);
+    mp_copy(scalar, x);
 
     G1Point p1;
-    G1.mulByScalar(p1, G1.one(), scalar, MP_N);
+    G1.mulByScalar(p1, G1.one(), (uint8_t *)scalar, MP_N);
 
     ASSERT_TRUE(G1.isZero(p1));
 }
 
     TEST(altBn128, g2_expToOrder) {
-    uint8_t scalar[MP_N];
+    mp_uint_t scalar;
     mp_uint_t x;
     ASSERT_EQ(mp_set(x,
         "21888242871839275222246405745257275088548364400416034343698204186575808495617",
         10
     ), 0);
-    mp_export(scalar, x);
+    mp_copy(scalar, x);
 
     Curve<F2Field<RawFq>>::Point p1;
-    G2.mulByScalar(p1, G2.one(), scalar, MP_N);
+    G2.mulByScalar(p1, G2.one(), (uint8_t *)scalar, MP_N);
 
     ASSERT_TRUE(G2.isZero(p1));
 }
@@ -219,7 +219,7 @@ TEST(altBn128, g1_times_5) {
 TEST(altBn128, multiExp) {
     int NMExp = 40000;
 
-    typedef uint8_t Scalar[MP_N];
+    typedef mp_uint_t Scalar;
 
     Scalar *scalars = new Scalar[NMExp];
     G1PointAffine *bases = new G1PointAffine[NMExp];
@@ -234,20 +234,20 @@ TEST(altBn128, multiExp) {
 
         mp_uint_t x;
         mp_set(x, (uint64_t)(i + 1));
-        mp_export(scalars[i], x);
+        mp_copy(scalars[i], x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
     G1Point p1;
     G1.multiMulByScalar(p1, bases, (uint8_t *)scalars, MP_N, NMExp);
 
-    uint8_t sAcc[MP_N];
+    mp_uint_t sAcc;
     mp_uint_t x;
     mp_set(x, acc);
-    mp_export(sAcc, x);
+    mp_copy(sAcc, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), sAcc, MP_N);
+    G1.mulByScalar(p2, G1.one(), (uint8_t *)sAcc, MP_N);
 
     ASSERT_TRUE(G1.eq(p1, p2));
 
@@ -258,7 +258,7 @@ TEST(altBn128, multiExp) {
 TEST(altBn128, multiExpMSM) {
     int NMExp = 40000;
 
-    typedef uint8_t Scalar[MP_N];
+    typedef mp_uint_t Scalar;
 
     Scalar *scalars = new Scalar[NMExp];
     G1PointAffine *bases = new G1PointAffine[NMExp];
@@ -273,20 +273,20 @@ TEST(altBn128, multiExpMSM) {
 
         mp_uint_t x;
         mp_set(x, (uint64_t)(i + 1));
-        mp_export(scalars[i], x);
+        mp_copy(scalars[i], x);
         acc += (uint64_t)(i + 1) * (uint64_t)(i + 1);
     }
 
     G1Point p1;
     G1.multiMulByScalarMSM(p1, bases, (uint8_t *)scalars, MP_N, NMExp);
 
-    uint8_t sAcc[MP_N];
+    mp_uint_t sAcc;
     mp_uint_t x;
     mp_set(x, acc);
-    mp_export(sAcc, x);
+    mp_copy(sAcc, x);
 
     G1Point p2;
-    G1.mulByScalar(p2, G1.one(), sAcc, MP_N);
+    G1.mulByScalar(p2, G1.one(), (uint8_t *)sAcc, MP_N);
 
     ASSERT_TRUE(G1.eq(p1, p2));
 
diff --git a/c/fft.cpp b/c/fft.cpp
index 82193d2..2a62c0a 100644
--- a/c/fft.cpp
+++ b/c/fft.cpp
@@ -5,7 +5,6 @@
 #include <cstring>
 
 #include "misc.hpp"
-#include "mp.hpp"
 #include "../../../build/mp.hpp"
 
 using namespace std;