@@ -127,9 +127,9 @@ library Math {
127127 */
128128 function mulDiv (uint256 x , uint256 y , uint256 denominator ) internal pure returns (uint256 result ) {
129129 unchecked {
130- // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
130+ // 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2²⁵⁶ and mod 2²⁵⁶ - 1, then use
131131 // use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
132- // variables such that product = prod1 * 2^256 + prod0.
132+ // variables such that product = prod1 * 2²⁵⁶ + prod0.
133133 uint256 prod0 = x * y; // Least significant 256 bits of the product
134134 uint256 prod1; // Most significant 256 bits of the product
135135 assembly {
@@ -145,7 +145,7 @@ library Math {
145145 return prod0 / denominator;
146146 }
147147
148- // Make sure the result is less than 2^256 . Also prevents denominator == 0.
148+ // Make sure the result is less than 2²⁵⁶ . Also prevents denominator == 0.
149149 if (denominator <= prod1) {
150150 Panic.panic (denominator == 0 ? Panic.DIVISION_BY_ZERO : Panic.UNDER_OVERFLOW);
151151 }
@@ -176,30 +176,30 @@ library Math {
176176 // Divide [prod1 prod0] by twos.
177177 prod0 := div (prod0, twos)
178178
179- // Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
179+ // Flip twos such that it is 2²⁵⁶ / twos. If twos is zero, then it becomes one.
180180 twos := add (div (sub (0 , twos), twos), 1 )
181181 }
182182
183183 // Shift in bits from prod1 into prod0.
184184 prod0 |= prod1 * twos;
185185
186- // Invert denominator mod 2^256 . Now that denominator is an odd number, it has an inverse modulo 2^256 such
187- // that denominator * inv = 1 mod 2^256 . Compute the inverse by starting with a seed that is correct for
188- // four bits. That is, denominator * inv = 1 mod 2^4 .
186+ // Invert denominator mod 2²⁵⁶ . Now that denominator is an odd number, it has an inverse modulo 2²⁵⁶ such
187+ // that denominator * inv ≡ 1 mod 2²⁵⁶ . Compute the inverse by starting with a seed that is correct for
188+ // four bits. That is, denominator * inv ≡ 1 mod 2⁴ .
189189 uint256 inverse = (3 * denominator) ^ 2 ;
190190
191191 // Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also
192192 // works in modular arithmetic, doubling the correct bits in each step.
193- inverse *= 2 - denominator * inverse; // inverse mod 2^8
194- inverse *= 2 - denominator * inverse; // inverse mod 2^16
195- inverse *= 2 - denominator * inverse; // inverse mod 2^32
196- inverse *= 2 - denominator * inverse; // inverse mod 2^64
197- inverse *= 2 - denominator * inverse; // inverse mod 2^128
198- inverse *= 2 - denominator * inverse; // inverse mod 2^256
193+ inverse *= 2 - denominator * inverse; // inverse mod 2⁸
194+ inverse *= 2 - denominator * inverse; // inverse mod 2¹⁶
195+ inverse *= 2 - denominator * inverse; // inverse mod 2³²
196+ inverse *= 2 - denominator * inverse; // inverse mod 2⁶⁴
197+ inverse *= 2 - denominator * inverse; // inverse mod 2¹²⁸
198+ inverse *= 2 - denominator * inverse; // inverse mod 2²⁵⁶
199199
200200 // Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
201- // This will give us the correct result modulo 2^256 . Since the preconditions guarantee that the outcome is
202- // less than 2^256 , this is the final result. We don't need to compute the high bits of the result and prod1
201+ // This will give us the correct result modulo 2²⁵⁶ . Since the preconditions guarantee that the outcome is
202+ // less than 2²⁵⁶ , this is the final result. We don't need to compute the high bits of the result and prod1
203203 // is no longer required.
204204 result = prod0 * inverse;
205205 return result;
0 commit comments