|
@ -247,7 +247,7 @@ func (p *PublicKey) VerifyMimc7(msg *big.Int, sig *Signature) bool { |
|
|
hmInput := []*big.Int{sig.R8.X, sig.R8.Y, p.X, p.Y, msg} |
|
|
hmInput := []*big.Int{sig.R8.X, sig.R8.Y, p.X, p.Y, msg} |
|
|
hm, err := mimc7.Hash(hmInput, nil) // hm = H1(8*R.x, 8*R.y, A.x, A.y, msg)
|
|
|
hm, err := mimc7.Hash(hmInput, nil) // hm = H1(8*R.x, 8*R.y, A.x, A.y, msg)
|
|
|
if err != nil { |
|
|
if err != nil { |
|
|
panic(err) |
|
|
|
|
|
|
|
|
return false |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
left := NewPoint().Mul(sig.S, B8) // left = s * 8 * B
|
|
|
left := NewPoint().Mul(sig.S, B8) // left = s * 8 * B
|
|
@ -273,7 +273,7 @@ func (k *PrivateKey) SignPoseidon(msg *big.Int) *Signature { |
|
|
R8 := NewPoint().Mul(r, B8) // R8 = r * 8 * B
|
|
|
R8 := NewPoint().Mul(r, B8) // R8 = r * 8 * B
|
|
|
A := k.Public().Point() |
|
|
A := k.Public().Point() |
|
|
|
|
|
|
|
|
hmInput := []*big.Int{R8.X, R8.Y, A.X, A.Y, msg, big.NewInt(int64(0))} |
|
|
|
|
|
|
|
|
hmInput := []*big.Int{R8.X, R8.Y, A.X, A.Y, msg} |
|
|
hm, err := poseidon.Hash(hmInput) // hm = H1(8*R.x, 8*R.y, A.x, A.y, msg)
|
|
|
hm, err := poseidon.Hash(hmInput) // hm = H1(8*R.x, 8*R.y, A.x, A.y, msg)
|
|
|
if err != nil { |
|
|
if err != nil { |
|
|
panic(err) |
|
|
panic(err) |
|
@ -290,10 +290,10 @@ func (k *PrivateKey) SignPoseidon(msg *big.Int) *Signature { |
|
|
// VerifyPoseidon verifies the signature of a message encoded as a big.Int in Zq
|
|
|
// VerifyPoseidon verifies the signature of a message encoded as a big.Int in Zq
|
|
|
// using blake-512 hash for buffer hashing and Poseidon for big.Int hashing.
|
|
|
// using blake-512 hash for buffer hashing and Poseidon for big.Int hashing.
|
|
|
func (p *PublicKey) VerifyPoseidon(msg *big.Int, sig *Signature) bool { |
|
|
func (p *PublicKey) VerifyPoseidon(msg *big.Int, sig *Signature) bool { |
|
|
hmInput := []*big.Int{sig.R8.X, sig.R8.Y, p.X, p.Y, msg, big.NewInt(int64(0))} |
|
|
|
|
|
|
|
|
hmInput := []*big.Int{sig.R8.X, sig.R8.Y, p.X, p.Y, msg} |
|
|
hm, err := poseidon.Hash(hmInput) // hm = H1(8*R.x, 8*R.y, A.x, A.y, msg)
|
|
|
hm, err := poseidon.Hash(hmInput) // hm = H1(8*R.x, 8*R.y, A.x, A.y, msg)
|
|
|
if err != nil { |
|
|
if err != nil { |
|
|
panic(err) |
|
|
|
|
|
|
|
|
return false |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
left := NewPoint().Mul(sig.S, B8) // left = s * 8 * B
|
|
|
left := NewPoint().Mul(sig.S, B8) // left = s * 8 * B
|
|
|