arnaucube/circomlib
1
0
Fork 0
mirror of https://github.com/arnaucube/circomlib.git synced 2026-02-06 18:56:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Small patches

Browse Source
This commit is contained in:
Jordi Baylina
2018-12-22 23:54:25 +01:00
parent 345f040b41
commit 0639963bea
18 changed files with 379 additions and 272968 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/eddsa.js
View File

@@ -2,12 +2,15 @@ const createBlakeHash = require("blake-hash");
const bigInt = require("snarkjs").bigInt;
const babyJub = require("./babyjub");
const pedersenHash = require("./pedersenHash").hash;
const mimc7 = require("./mimc7");
const crypto = require("crypto");
exports.cratePrvKey = cratePrvKey;
exports.prv2pub= prv2pub;
exports.sign = sign;
exports.signMiMC = signMiMC;
exports.verify = verify;
exports.verifyMiMC = verifyMiMC;
exports.packSignature = packSignature;
exports.unpackSignature = unpackSignature;
@@ -52,6 +55,25 @@ function sign(prv, msg) {
};
}
function signMiMC(prv, msg) {
const h1 = createBlakeHash("blake512").update(prv).digest();
const sBuff = pruneBuffer(h1.slice(0,32));
const s = bigInt.leBuff2int(sBuff);
const A = babyJub.mulPointEscalar(babyJub.Base8, s.shr(3));
const msgBuff = bigInt.leInt2Buff(msg, 32);
const rBuff = createBlakeHash("blake512").update(Buffer.concat([h1.slice(32,64), msgBuff])).digest();
let r = bigInt.leBuff2int(rBuff);
r = r.mod(babyJub.subOrder);
const R8 = babyJub.mulPointEscalar(babyJub.Base8, r);
const hm = mimc7.multiHash([R8[0], R8[1], A[0], A[1], msg]);
const S = r.add(hm.mul(s)).mod(babyJub.subOrder);
return {
R8: R8,
S: S
};
}
function verify(msg, sig, A) {
// Check parameters
if (typeof sig != "object") return false;
@@ -77,6 +99,28 @@ function verify(msg, sig, A) {
return true;
}
function verifyMiMC(msg, sig, A) {
// Check parameters
if (typeof sig != "object") return false;
if (!Array.isArray(sig.R8)) return false;
if (sig.R8.length!= 2) return false;
if (!babyJub.inCurve(sig.R8)) return false;
if (!Array.isArray(A)) return false;
if (A.length!= 2) return false;
if (!babyJub.inCurve(A)) return false;
if (sig.S>= babyJub.subOrder) return false;
const hm = mimc7.multiHash([sig.R8[0], sig.R8[1], A[0], A[1], msg]);
const Pleft = babyJub.mulPointEscalar(babyJub.Base8, sig.S);
let Pright = babyJub.mulPointEscalar(A, hm.mul(bigInt("8")));
Pright = babyJub.addPoint(sig.R8, Pright);
if (!Pleft[0].equals(Pright[0])) return false;
if (!Pleft[1].equals(Pright[1])) return false;
return true;
}
function packSignature(sig) {
const R8p = babyJub.packPoint(sig.R8);
const Sp = bigInt.leInt2Buff(sig.S, 32);

8
src/mimc7.js
View File

@@ -43,3 +43,11 @@ exports.hash = (_x_in, _k) =>{
}
return F.affine(F.add(r, k));
};
exports.multiHash = (arr) => {
let r = exports.getIV();
for (let i=0; i<arr.length; i++) {
r = exports.hash(r, bigInt(arr[i]));
}
return r;
};

36
src/smt.js
View File

@@ -3,14 +3,6 @@ const bigInt = require("snarkjs").bigInt;
const SMTMemDB = require("./smt_memdb");
const mimc7 = require("./mimc7");
function smtHash(arr) {
let r = mimc7.getIV();
for (let i=0; i<arr.length; i++) {
r = mimc7.hash(r, bigInt(arr[i]));
}
return r;
}
class SMT {
constructor(db, root) {
@@ -54,8 +46,8 @@ class SMT {
const ins = [];
const dels = [];
let rtOld = smtHash([1, key, resFind.foundValue]);
let rtNew = smtHash([1, key, newValue]);
let rtOld = mimc7.multiHash([1, key, resFind.foundValue]);
let rtNew = mimc7.multiHash([1, key, newValue]);
ins.push([rtNew, [1, key, newValue ]]);
dels.push(rtOld);
@@ -70,8 +62,8 @@ class SMT {
oldNode = [rtOld, sibling, ];
newNode = [rtNew, sibling, ];
}
rtOld = smtHash(oldNode);
rtNew = smtHash(newNode);
rtOld = mimc7.multiHash(oldNode);
rtNew = mimc7.multiHash(newNode);
dels.push(rtOld);
ins.push([rtNew, newNode]);
}
@@ -100,7 +92,7 @@ class SMT {
const dels = [];
const ins = [];
let rtOld = smtHash([1, key, resFind.foundValue]);
let rtOld = mimc7.multiHash([1, key, resFind.foundValue]);
let rtNew;
dels.push(rtOld);
@@ -138,9 +130,9 @@ class SMT {
}
const oldSibling = resFind.siblings[level];
if (keyBits[level]) {
rtOld = smtHash([oldSibling, rtOld]);
rtOld = mimc7.multiHash([oldSibling, rtOld]);
} else {
rtOld = smtHash([rtOld, oldSibling]);
rtOld = mimc7.multiHash([rtOld, oldSibling]);
}
dels.push(rtOld);
if (!newSibling.isZero()) {
@@ -155,7 +147,7 @@ class SMT {
} else {
newNode = [rtNew, newSibling];
}
rtNew = smtHash(newNode);
rtNew = mimc7.multiHash(newNode);
ins.push([rtNew, newNode]);
}
}
@@ -193,7 +185,7 @@ class SMT {
for (let i= res.siblings.length; oldKeyits[i] == newKeyBits[i]; i++) {
res.siblings.push(bigInt.zero);
}
rtOld = smtHash([1, resFind.notFoundKey, resFind.notFoundValue]);
rtOld = mimc7.multiHash([1, resFind.notFoundKey, resFind.notFoundValue]);
res.siblings.push(rtOld);
addedOne = true;
mixed = false;
@@ -205,7 +197,7 @@ class SMT {
const inserts = [];
const dels = [];
let rt = smtHash([1, key, value]);
let rt = mimc7.multiHash([1, key, value]);
inserts.push([rt,[1, key, value]] );
for (let i=res.siblings.length-1; i>=0; i--) {
@@ -215,9 +207,9 @@ class SMT {
if (mixed) {
const oldSibling = resFind.siblings[i];
if (newKeyBits[i]) {
rtOld = smtHash([oldSibling, rtOld]);
rtOld = mimc7.multiHash([oldSibling, rtOld]);
} else {
rtOld = smtHash([rtOld, oldSibling]);
rtOld = mimc7.multiHash([rtOld, oldSibling]);
}
dels.push(rtOld);
}
@@ -225,10 +217,10 @@ class SMT {
let newRt;
if (newKeyBits[i]) {
newRt = smtHash([res.siblings[i], rt]);
newRt = mimc7.multiHash([res.siblings[i], rt]);
inserts.push([newRt,[res.siblings[i], rt]] );
} else {
newRt = smtHash([rt, res.siblings[i]]);
newRt = mimc7.multiHash([rt, res.siblings[i]]);
inserts.push([newRt,[rt, res.siblings[i]]] );
}
rt = newRt;