I'm implementing parts of SHA-256 in EasyCrypt and need to define a power function (pow) that I can call from within other operator definitions (such as for logical shift operations). However, when I try to call my recursively defined pow operator, I get errors that it doesn’t match the given parameter types.
I'm using EasyCrypt version r2025.02-1-g3300445 on Ubuntu (via WSL). Below is a minimal code snippet that demonstrates the problem:
op rec pow (a b: int) : int =
if (b = 0) then 1 else a * pow a (b - 1).
op lsr (x n: int) : int =
if (0 <= x) then x %/ (pow 2 n) else (x + (pow 2 32)) %/ (pow 2 n).
op lsl (x n: int) : int =
(x * (pow 2 n)) %% (pow 2 32).
When I compile this code, I get an error similar to:
[critical] [sha256.ec: line 30 (23-26)] no matching operator, named `pow', for the following parameters' type:
[1]: int
[2]: int
I've tried several variants:
- A curried version:
op rec pow (a: int) (b: int) : int =
if b = 0 then 1 else a * (pow a (b - 1)).
and then calling it as pow 2 n.
- A tuple version:
op rec pow (p: int * int) : int =
let (a, n) = p in
if n = 0 then 1 else a * pow (a, n - 1).
and then calling it as pow (2, n).
- Even tried a lambda-based definition.
None of these versions are recognized when called from other operator definitions (lsr, lsl, etc.). The documentation (e.g., EasyCrypt Reference Manual, Section 2.3.3) indicates that operator application should be by juxtaposition, but the error persists.
My question is: Is there a known limitation in EasyCrypt that prevents calling one operator (especially a recursive one like pow) from within another operator definition? If so, what workarounds exist to define a power function that can be used in expressions for bit-level operations?
Any insights, workarounds, or pointers to documentation that might help resolve this issue would be greatly appreciated.
