There is no good reason to have those two proofs separate. We can combine them as was done for use_hint in #1037.
When native functions depend on the parameter set, we have different functions for each parameter set, e.g.,
polyz_unpack_17_native
polyz_unpack_19_native
When writing the CBMC proofs for those, there are two options:
A) The CBMC proof is specific to the parameter set and is skipped for other parameter set:
# polyz_unpack_17 is only used with ML-DSA-44
ifeq ($(MLD_CONFIG_PARAMETER_SET),44)
CHECK_FUNCTION_CONTRACTS=mld_polyz_unpack_17_native
USE_FUNCTION_CONTRACTS = mld_polyz_unpack_17_asm
else
CHECK_FUNCTION_CONTRACTS=
USE_FUNCTION_CONTRACTS =
endif
B) The CBMC proof is for all parameter sets:
ifeq ($(MLD_CONFIG_PARAMETER_SET),44)
CHECK_FUNCTION_CONTRACTS=mld_polyvecl_pointwise_acc_montgomery_l4_native
USE_FUNCTION_CONTRACTS=mld_polyvecl_pointwise_acc_montgomery_l4_asm
else ifeq ($(MLD_CONFIG_PARAMETER_SET),65)
CHECK_FUNCTION_CONTRACTS=mld_polyvecl_pointwise_acc_montgomery_l5_native
USE_FUNCTION_CONTRACTS=mld_polyvecl_pointwise_acc_montgomery_l5_asm
else ifeq ($(MLD_CONFIG_PARAMETER_SET),87)
CHECK_FUNCTION_CONTRACTS=mld_polyvecl_pointwise_acc_montgomery_l7_native
USE_FUNCTION_CONTRACTS=mld_polyvecl_pointwise_acc_montgomery_l7_asm
endifBoth approaches are currently used. I think we should pick one of the two and change the other proofs accordingly.
There is no good reason to have those two proofs separate. We can combine them as was done for use_hint in #1037.When native functions depend on the parameter set, we have different functions for each parameter set, e.g.,
When writing the CBMC proofs for those, there are two options:
A) The CBMC proof is specific to the parameter set and is skipped for other parameter set:
B) The CBMC proof is for all parameter sets:
Both approaches are currently used. I think we should pick one of the two and change the other proofs accordingly.