arnaucube
/
circomlib
mirror of https://github.com/arnaucube/circomlib.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
7 Branches
7 Tags
12 MiB
Tree: 9513ee2ff2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9513ee2ff2'
${ noResults }
circomlib/calcpedersenbases/calcpedersenbases.js

127 lines
2.9 KiB
Raw Normal View History

Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Clarify the modules
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Clarify the modules
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Clarify the modules
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
Select points in subgroup and calculate x from y
6 years ago
Pedersen Hash Base Points Calculation
6 years ago
  1. const bn128 = require("snarkjs").bn128;
  2. const bigInt = require("snarkjs").bigInt;
  3. const createBlakeHash = require("blake-hash");
  4. const assert = require("assert");
  6. function addPoint(a,b, q) {
  7. const cta = bigInt("168700");
  8. const d = bigInt("168696");
  10. const res = [];
  11. res[0] = bigInt((a[0]*b[1] + b[0]*a[1]) * bigInt(bigInt("1") + d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q);
  12. res[1] = bigInt((a[1]*b[1] - cta*a[0]*b[0]) * bigInt(bigInt("1") - d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q);
  13. return res;
  14. }
  16. function mulPointEscalar(base, e, q) {
  17. let res = [bigInt("0"),bigInt("1")];
  18. let rem = bigInt(e);
  19. let exp = base;
  21. while (! rem.isZero()) {
  22. if (rem.isOdd()) {
  23. res = addPoint(res, exp, q);
  24. }
  25. exp = addPoint(exp, exp, q);
  26. rem = rem.shr(1);
  27. }
  29. return res;
  30. }
  32. function getPoint(S) {
  33. const F = bn128.Fr;
  34. const h = createBlakeHash("blake256").update(S).digest();
  36. assert(h.length == 32);
  38. let sign = false;
  39. if (h[31] & 0x80) {
  40. h[31] = h[31] & 0x7F;
  41. sign = true;
  42. }
  44. let y = bigInt(0);
  45. for (let i=0; i<32; i++) {
  46. y = y.shl(8);
  47. y = y.add(bigInt(h[i]));
  48. }
  50. const a = bigInt("168700");
  51. const d = bigInt("168696");
  53. const y2 = F.square(y);
  55. let x = F.sqrt(F.div(
  56. F.sub(F.one, y2),
  57. F.sub(a, F.mul(d, y2))));
  59. if (x == null) return null;
  61. if (sign) x = F.neg(x);
  63. const p = [bn128.Fr.affine(x), bn128.Fr.affine(y)];
  65. const p8 =mulPointEscalar(p, 8, bn128.r);
  67. return p8;
  68. }
  71. function generatePoint(S) {
  72. let p= null;
  73. let idx = 0;
  74. while (p==null) {
  75. let sidx = "" + idx;
  76. while (sidx.length<16) sidx = "0"+sidx;
  77. p = getPoint(S+"_"+sidx);
  78. idx++;
  79. }
  80. assert(inCurve(p), "Point not in curve");
  81. return p;
  82. }
  86. const r = bigInt("21888242871839275222246405745257275088614511777268538073601725287587578984328").shr(3);
  87. function isLowGrade(p) {
  88. const res= mulPointEscalar(p, r, bn128.r);
  89. return (res[0].equals(bigInt(0))) && (res[1].equals(bigInt(1)));
  90. }
  92. function inCurve(p) {
  93. const F = bn128.Fr;
  95. const a = bigInt("168700");
  96. const d = bigInt("168696");
  98. const x2 = F.square(p[0]);
  99. const y2 = F.square(p[1]);
  101. if (!F.equals(
  102. F.add(F.mul(a, x2), y2),
  103. F.add(F.one, F.mul(F.mul(x2, y2), d)))) return false;
  105. if (!isLowGrade(p)) return false;
  107. return true;
  108. }
  110. const g = [
  111. bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
  112. bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475")];
  115. if (!inCurve(g)) {
  116. throw new Error("Generator not In curve -> Some thing goes wrong...");
  117. }
  119. for (let i=0; i<25; i++) {
  120. let S = "" +i;
  121. while (S.length<16) S = "0"+S;
  122. const P = generatePoint("Iden3_PedersenGenerator_"+S);
  123. console.log(`[${P[0].toString()}, ${P[1].toString()}]`);
  124. }