From 8e25c446037e6662dd00bdacd4aeff0e94b1e01c Mon Sep 17 00:00:00 2001 From: Brian Lawrence Date: Mon, 30 Sep 2024 15:40:44 -0700 Subject: [PATCH] Test schnorr verify, works when it should, fails when it should --- src/schnorr_prover.rs | 107 +++++++++++++++++++++++++++++++++++++++++- 1 file changed, 105 insertions(+), 2 deletions(-) diff --git a/src/schnorr_prover.rs b/src/schnorr_prover.rs index d6e506d..16dbe75 100644 --- a/src/schnorr_prover.rs +++ b/src/schnorr_prover.rs @@ -173,8 +173,6 @@ mod tests{ let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder); let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size); - - // instead of verifying we're going to prove the verification sb.constrain_sig:: ( &mut builder, &sig_targ, @@ -189,6 +187,111 @@ mod tests{ msg_targ.set_witness(&mut pw, &msg).unwrap(); + let data = builder.build::(); + let proof = data.prove(pw).unwrap(); + } + + #[test] + fn test_schnorr_fails() { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + + let mut rng: rand::rngs::ThreadRng = rand::thread_rng(); + + let config = CircuitConfig::standard_recursion_config(); + let mut builder = CircuitBuilder::::new(config); + + let sb: SchnorrBuilder = SchnorrBuilder{}; + + // create keypair, message, signature + let sk: SchnorrSecretKey = SchnorrSecretKey{ sk: 133 }; + let ss = SchnorrSigner::new(); + let pk: SchnorrPublicKey = ss.keygen(&sk); + let msg0: Vec = ss.u64_into_goldilocks_vec( + vec![1500, 1600, 0, 0, 0] + ); + let msg_size: usize = msg0.len(); + let sig: SchnorrSignature = ss.sign(&msg0, &sk, &mut rng); + + let msg1: Vec = ss.u64_into_goldilocks_vec( + vec![1510, 1600, 0, 0, 0] + ); + + let pk_targ = SchnorrPublicKeyTarget::new_virtual(&mut builder); + let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder); + let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size); + + let verification_result = sb.verify_sig:: ( + &mut builder, + &sig_targ, + &msg_targ, + &pk_targ + ); + + // assign witnesses for verification + let mut pw: PartialWitness = PartialWitness::new(); + pk_targ.set_witness(&mut pw, &pk).unwrap(); + sig_targ.set_witness(&mut pw, &sig).unwrap(); + msg_targ.set_witness(&mut pw, &msg1).unwrap(); + + // check value of verification result + let false_target = builder._false(); + builder.connect(verification_result.target, false_target.target); + + let data = builder.build::(); + let proof = data.prove(pw).unwrap(); + } + + #[test] + #[should_panic] + fn test_schnorr_panics() { + const D: usize = 2; + type C = PoseidonGoldilocksConfig; + type F = >::F; + + let mut rng: rand::rngs::ThreadRng = rand::thread_rng(); + + let config = CircuitConfig::standard_recursion_config(); + let mut builder = CircuitBuilder::::new(config); + + let sb: SchnorrBuilder = SchnorrBuilder{}; + + // create keypair, message, signature + let sk: SchnorrSecretKey = SchnorrSecretKey{ sk: 133 }; + let ss = SchnorrSigner::new(); + let pk: SchnorrPublicKey = ss.keygen(&sk); + let msg0: Vec = ss.u64_into_goldilocks_vec( + vec![1500, 1600, 0, 0, 0] + ); + let msg_size: usize = msg0.len(); + let sig: SchnorrSignature = ss.sign(&msg0, &sk, &mut rng); + + let msg1: Vec = ss.u64_into_goldilocks_vec( + vec![1510, 1600, 0, 0, 0] + ); + + let pk_targ = SchnorrPublicKeyTarget::new_virtual(&mut builder); + let sig_targ = SchnorrSignatureTarget::new_virtual(&mut builder); + let msg_targ = MessageTarget::new_with_size(&mut builder, msg_size); + + let verification_result = sb.verify_sig:: ( + &mut builder, + &sig_targ, + &msg_targ, + &pk_targ + ); + + // assign witnesses for verification + let mut pw: PartialWitness = PartialWitness::new(); + pk_targ.set_witness(&mut pw, &pk).unwrap(); + sig_targ.set_witness(&mut pw, &sig).unwrap(); + msg_targ.set_witness(&mut pw, &msg1).unwrap(); + + // value of verification result should be false + let true_target = builder._true(); + builder.connect(verification_result.target, true_target.target); + let data = builder.build::(); let proof = data.prove(pw).unwrap(); }