-
Notifications
You must be signed in to change notification settings - Fork 361
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1333 from ZoKratesPlus/jubjub-stdlib
Add Jubjub to ECC stdlib
- Loading branch information
Showing
31 changed files
with
218 additions
and
79 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
import "utils/pack/bool/nonStrictUnpack256.zok" as unpack256; | ||
|
||
def main(field[2] inputs) -> bool[512] { | ||
bool[512] preimage512 = [...unpack256(inputs[0]), ...unpack256(inputs[1])]; | ||
bool[512] preimage512 = [...unpack256(inputs[0], 254), ...unpack256(inputs[1], 254)]; | ||
return preimage512; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
#pragma curve bn128 | ||
|
||
import "./proofOfOwnership" as edwardsProofOfOwnership; | ||
import "./verifyEddsa" as edwardsSignature; | ||
import "utils/pack/bool/nonStrictUnpack256" as unpack256; | ||
|
||
|
||
// The `a` coefficient of the twisted Edwards curve | ||
const field EDWARDS_A = 168700; | ||
|
||
// The `d` coefficient of the twisted Edwards curve | ||
const field EDWARDS_D = 168696; | ||
|
||
// The generator point | ||
const field[2] G = [ | ||
16540640123574156134436876038791482806971768689494387082833631921987005038935, // Gx | ||
20819045374670962167435360035096875258406992893633759881276124905556507972311 // Gy | ||
]; | ||
|
||
const u32 bit_size = 254; | ||
|
||
|
||
def proofOfOwnership(field[2] pk, field sk) -> bool { | ||
|
||
return edwardsProofOfOwnership(pk, sk, G, EDWARDS_A, EDWARDS_D, bit_size); | ||
} | ||
|
||
|
||
def verifyEddsa(field[2] R, field S, field[2] A, u32[8] M0, u32[8] M1) -> bool { | ||
|
||
return edwardsSignature(R, S, A, M0, M1, G, EDWARDS_A, EDWARDS_D, bit_size); | ||
} | ||
|
||
|
||
def compress(field[2] pt) -> bool[256] { | ||
field x = pt[0]; | ||
field y = pt[1]; | ||
|
||
bool[256] xBits = unpack256(x, 254); | ||
bool[256] mut yBits = unpack256(y, 254); | ||
|
||
bool sign = xBits[255]; | ||
yBits[0] = sign; | ||
|
||
return yBits; | ||
} |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 5 additions & 5 deletions
10
zokrates_stdlib/stdlib/utils/pack/bool/nonStrictUnpack256.zok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,11 @@ | ||
#pragma curve bn128 | ||
|
||
import "./unpack_unchecked"; | ||
|
||
// Unpack a field element as 256 big-endian bits | ||
// Note: uniqueness of the output is not guaranteed | ||
// For example, `0` can map to `[0, 0, ..., 0]` or to `bits(p)` | ||
def main(field i) -> bool[256] { | ||
bool[254] b = unpack_unchecked(i); | ||
return [false, false, ...b]; | ||
def main(field i, u32 bit_size) -> bool[256] { | ||
assert(bit_size <= 256); | ||
u32 padding_size = 256 - bit_size; | ||
bool[bit_size] b = unpack_unchecked(i); | ||
return [...[false; padding_size], ...b]; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,3 @@ | ||
#pragma curve bn128 | ||
|
||
import "./pack" as pack; | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,9 @@ | ||
#pragma curve bn128 | ||
|
||
import "../bool/nonStrictUnpack256" as unpack; | ||
import "../../casts/bool_256_to_u32_8" as from_bits; | ||
|
||
// Unpack a field element as a u32[8] (big-endian) | ||
// Note: uniqueness of the output is not guaranteed | ||
// For example, `0` can map to `[0, 0, ..., 0]` or to `bits(p)` | ||
def main(field i) -> u32[8] { | ||
return from_bits(unpack(i)); | ||
def main(field i, u32 bit_size) -> u32[8] { | ||
return from_bits(unpack(i, bit_size)); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
zokrates_stdlib/tests/tests/ecc/babyjubjub/edwardsOrderCheck.zok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
zokrates_stdlib/tests/tests/ecc/babyjubjub/edwardsScalarMult.zok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 2 additions & 2 deletions
4
zokrates_stdlib/tests/tests/ecc/babyjubjub/proofOfOwnership.zok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
16 changes: 16 additions & 0 deletions
16
zokrates_stdlib/tests/tests/ecc/jubjub/proofOfOwnership.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
{ | ||
"entry_point": "./tests/tests/ecc/jubjub/proofOfOwnership.zok", | ||
"curves": ["Bls12_381"], | ||
"tests": [ | ||
{ | ||
"input": { | ||
"values": [] | ||
}, | ||
"output": { | ||
"Ok": { | ||
"value": [] | ||
} | ||
} | ||
} | ||
] | ||
} |
29 changes: 29 additions & 0 deletions
29
zokrates_stdlib/tests/tests/ecc/jubjub/proofOfOwnership.zok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
from "ecc/jubjub" import proofOfOwnership; | ||
|
||
|
||
// Code to create test cases: | ||
// https://github.com/Zokrates/pycrypto | ||
def testOwnershipTrue() -> bool { | ||
field[2] pk = [14197449566532409051373899088449039913101429151158365207762164998470111126084, 39815292783067036895376009933490224522172606808755118734518018525613835149403]; | ||
field sk = 24537266074035586913841246471742714563414767347802800698790739697702568093815; | ||
|
||
bool out = proofOfOwnership(pk, sk); | ||
|
||
assert(out); | ||
return true; | ||
} | ||
|
||
def testOwnershipFalse() -> bool { | ||
field[2] pk = [14197449566532409051373899088449039913101429151158365207762164998470111126084, 39815292783067036895376009933490224522172606808755118734518018525613835149403]; | ||
field sk = 47423927973606838312622698773159954626747140530476271492884670927146733875544; | ||
|
||
bool out = proofOfOwnership(pk, sk); | ||
|
||
assert(!out); | ||
return true; | ||
} | ||
|
||
def main() { | ||
assert(testOwnershipTrue()); | ||
assert(testOwnershipFalse()); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
{ | ||
"entry_point": "./tests/tests/ecc/jubjub/verifyEddsa.zok", | ||
"curves": ["Bls12_381"], | ||
"tests": [ | ||
{ | ||
"input": { | ||
"values": [] | ||
}, | ||
"output": { | ||
"Ok": { | ||
"value": [] | ||
} | ||
} | ||
} | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
from "ecc/jubjub" import verifyEddsa; | ||
|
||
|
||
// Code to create test case: | ||
// https://github.com/Zokrates/pycrypto | ||
def main() { | ||
|
||
// TODO: Jubjub currently work only for keys <=254 bit long | ||
// With the following keys should also work: | ||
field[2] R = [32866767109220564315580607107081162920517672350707254238793964527466586251974, 31852087390335520207922973662676180854641055992940928475111512263314053365736]; | ||
field S = 43627586196239283173178511316555190744314536456808505435494185841008559853678; | ||
|
||
// Public Key | ||
field[2] A = [26479653887939839327536384197110148123933856719900448942651733342668343953867, 21757919891968253927635241665494706427345455214116275076018069565740804326091]; | ||
|
||
u32[8] M0 = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000]; | ||
u32[8] M1 = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005]; | ||
|
||
bool isVerified = verifyEddsa(R, S, A, M0, M1); | ||
assert(isVerified); | ||
} |
2 changes: 1 addition & 1 deletion
2
zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.