You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

99 lines
3.3 KiB

  1. const chai = require("chai");
  2. const path = require("path");
  3. const snarkjs = require("snarkjs");
  4. const compiler = require("circom");
  5. const babyJub = require("../src/babyjub.js");
  6. const assert = chai.assert;
  7. const bigInt = snarkjs.bigInt;
  8. describe("Montgomery test", function () {
  9. let circuitE2M;
  10. let circuitM2E;
  11. let circuitMAdd;
  12. let circuitMDouble;
  13. let g = [
  14. snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
  15. snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")];
  16. let mg, mg2, g2, g3, mg3;
  17. this.timeout(100000);
  18. before( async() => {
  19. const cirDefE2M = await compiler(path.join(__dirname, "circuits", "edwards2montgomery.circom"));
  20. circuitE2M = new snarkjs.Circuit(cirDefE2M);
  21. console.log("NConstrains Edwards -> Montgomery: " + circuitE2M.nConstraints);
  22. const cirDefM2E = await compiler(path.join(__dirname, "circuits", "montgomery2edwards.circom"));
  23. circuitM2E = new snarkjs.Circuit(cirDefM2E);
  24. console.log("NConstrains Montgomery -> Edwards: " + circuitM2E.nConstraints);
  25. const cirDefMAdd = await compiler(path.join(__dirname, "circuits", "montgomeryadd.circom"));
  26. circuitMAdd = new snarkjs.Circuit(cirDefMAdd);
  27. console.log("NConstrains Montgomery Add: " + circuitMAdd.nConstraints);
  28. const cirDefMDouble = await compiler(path.join(__dirname, "circuits", "montgomerydouble.circom"));
  29. circuitMDouble = new snarkjs.Circuit(cirDefMDouble);
  30. console.log("NConstrains Montgomery Double: " + circuitMDouble.nConstraints);
  31. });
  32. it("Convert Edwards to Montgomery and back again", async () => {
  33. let w, xout, yout;
  34. w = circuitE2M.calculateWitness({ in: g});
  35. xout = w[circuitE2M.getSignalIdx("main.out[0]")];
  36. yout = w[circuitE2M.getSignalIdx("main.out[1]")];
  37. mg = [xout, yout];
  38. w = circuitM2E.calculateWitness({ in: [xout, yout]});
  39. xout = w[circuitM2E.getSignalIdx("main.out[0]")];
  40. yout = w[circuitM2E.getSignalIdx("main.out[1]")];
  41. assert(xout.equals(g[0]));
  42. assert(yout.equals(g[1]));
  43. });
  44. it("Should double a point", async () => {
  45. let w, xout, yout;
  46. g2 = babyJub.addPoint(g,g);
  47. w = circuitMDouble.calculateWitness({ in: mg});
  48. xout = w[circuitE2M.getSignalIdx("main.out[0]")];
  49. yout = w[circuitE2M.getSignalIdx("main.out[1]")];
  50. mg2 = [xout, yout];
  51. w = circuitM2E.calculateWitness({ in: mg2});
  52. xout = w[circuitM2E.getSignalIdx("main.out[0]")];
  53. yout = w[circuitM2E.getSignalIdx("main.out[1]")];
  54. assert(xout.equals(g2[0]));
  55. assert(yout.equals(g2[1]));
  56. });
  57. it("Should add a point", async () => {
  58. let w, xout, yout;
  59. g3 = babyJub.addPoint(g,g2);
  60. w = circuitMAdd.calculateWitness({ in1: mg, in2: mg2});
  61. xout = w[circuitMAdd.getSignalIdx("main.out[0]")];
  62. yout = w[circuitMAdd.getSignalIdx("main.out[1]")];
  63. mg3 = [xout, yout];
  64. w = circuitM2E.calculateWitness({ in: mg3});
  65. xout = w[circuitM2E.getSignalIdx("main.out[0]")];
  66. yout = w[circuitM2E.getSignalIdx("main.out[1]")];
  67. assert(xout.equals(g3[0]));
  68. assert(yout.equals(g3[1]));
  69. });
  70. });