From 14314b6bbb9ed8b4136b81005ae2dae4e5c03fc0 Mon Sep 17 00:00:00 2001 From: Theo Date: Fri, 21 Jul 2023 03:10:01 -0700 Subject: [PATCH] Bump version & use snarkjs dependency from self-hosted tornado git registry --- .npmrc | 1 + calcpedersenbases/calcpedersenbases.js | 43 +- package.json | 74 ++-- src/babyjub.js | 43 +- src/eddsa.js | 74 ++-- src/g2_gencontract.js | 577 ++++++++++++------------- src/mimc7.js | 26 +- src/mimcsponge.js | 56 +-- src/pedersenHash.js | 62 ++- src/poseidon.js | 16 +- src/poseidon_gencontract.js | 169 ++++---- src/smt.js | 55 +-- src/smt_hashes_mimc.js | 4 +- src/smt_hashes_poseidon.js | 4 +- src/smt_memdb.js | 10 +- test/aliascheck.js | 26 +- test/aliascheckbabyjub.js | 21 +- test/babyjub.js | 50 +-- test/babyjub_js.js | 36 +- test/binsub.js | 48 +- test/binsum.js | 10 +- test/comparators.js | 18 +- test/eddsa.js | 16 +- test/eddsa_js.js | 53 +-- test/eddsamimc.js | 20 +- test/eddsamimcsponge.js | 18 +- test/eddsaposeidon.js | 20 +- test/escalarmul.js | 88 ++-- test/escalarmulany.js | 15 +- test/escalarmulfix.js | 28 +- test/helpers/printsignal.js | 9 +- test/mimccircuit.js | 9 +- test/mimcspongecircuit.js | 12 +- test/montgomery.js | 23 +- test/multiplexer.js | 52 +-- test/pedersen.js | 58 +-- test/pedersen2.js | 18 +- test/point2bits.js | 11 +- test/poseidoncircuit.js | 13 +- test/sha256.js | 76 ++-- test/sign.js | 36 +- test/smtjs.js | 79 ++-- test/smtprocessor.js | 107 +++-- test/smtverifier.js | 45 +- test/smtverifier_adria.js | 15 +- 45 files changed, 1056 insertions(+), 1188 deletions(-) create mode 100644 .npmrc diff --git a/.npmrc b/.npmrc new file mode 100644 index 0000000..05ba80e --- /dev/null +++ b/.npmrc @@ -0,0 +1 @@ +@tornado:registry=https://git.tornado.ws/api/packages/tornado-packages/npm/ \ No newline at end of file diff --git a/calcpedersenbases/calcpedersenbases.js b/calcpedersenbases/calcpedersenbases.js index 0008a9d..4a973c5 100644 --- a/calcpedersenbases/calcpedersenbases.js +++ b/calcpedersenbases/calcpedersenbases.js @@ -1,5 +1,5 @@ -const bn128 = require("snarkjs").bn128; -const bigInt = require("snarkjs").bigInt; +const bn128 = require("@tornado/snarkjs").bn128; +const bigInt = require("@tornado/snarkjs").bigInt; const createBlakeHash = require("blake-hash"); const babyJub = require("../src/babyjub"); @@ -8,17 +8,17 @@ function getPoint(S) { const h = createBlakeHash("blake256").update(S).digest(); if (h.length != 32) { - throw new Error("Invalid length") + throw new Error("Invalid length"); } let sign = false; if (h[31] & 0x80) { - h[31] = h[31] & 0x7F; + h[31] = h[31] & 0x7f; sign = true; } let y = bigInt(0); - for (let i=0; i<32; i++) { + for (let i = 0; i < 32; i++) { y = y.shl(8); y = y.add(bigInt(h[i])); } @@ -28,9 +28,7 @@ function getPoint(S) { const y2 = F.square(y); - let x = F.sqrt(F.div( - F.sub(F.one, y2), - F.sub(a, F.mul(d, y2)))); + let x = F.sqrt(F.div(F.sub(F.one, y2), F.sub(a, F.mul(d, y2)))); if (x == null) return null; @@ -43,41 +41,34 @@ function getPoint(S) { return p8; } - function generatePoint(S) { - let p= null; + let p = null; let idx = 0; - while (p==null) { + while (p == null) { let sidx = "" + idx; - while (sidx.length<16) sidx = "0"+sidx; - p = getPoint(S+"_"+sidx); + while (sidx.length < 16) sidx = "0" + sidx; + p = getPoint(S + "_" + sidx); idx++; } - if (!babyJub.inCurve(p)){ + if (!babyJub.inCurve(p)) { throw new Error("Point not in curve"); } return p; } - - - - const g = [ bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]; + bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), +]; // Sanity check if (!babyJub.inCurve(g)) { throw new Error("Generator not In curve -> Some thing goes wrong..."); } -for (let i=0; i<25; i++) { - let S = "" +i; - while (S.length<16) S = "0"+S; - const P = generatePoint("Iden3_PedersenGenerator_"+S); +for (let i = 0; i < 25; i++) { + let S = "" + i; + while (S.length < 16) S = "0" + S; + const P = generatePoint("Iden3_PedersenGenerator_" + S); console.log(`[${P[0].toString()}, ${P[1].toString()}]`); } - - - diff --git a/package.json b/package.json index eb09058..4c55fdf 100644 --- a/package.json +++ b/package.json @@ -1,39 +1,39 @@ { - "name": "circomlib", - "version": "0.0.20", - "description": "Basic circuits library for Circom", - "main": "index.js", - "directories": { - "test": "test" - }, - "scripts": { - "test": "mocha --max-old-space-size=4000" - }, - "keywords": [ - "pedersen", - "hash", - "ethereum", - "circuit", - "circom", - "zksnark" - ], - "repository": { - "type": "git", - "url": "https://github.com/iden3/circomlib.git" - }, - "author": "0Kims", - "license": "GPL-3.0", - "dependencies": { - "blake-hash": "^1.1.0", - "blake2b": "^2.1.3", - "snarkjs": "git+https://github.com/tornadocash/snarkjs.git#869181cfaf7526fe8972073d31655493a04326d5", - "typedarray-to-buffer": "^3.1.5", - "web3": "^1.2.11" - }, - "devDependencies": { - "circom": "0.0.35", - "eslint-plugin-mocha": "^5.2.0", - "ganache-cli": "^6.4.4", - "mocha": "^5.2.0" - } + "name": "@tornado/circomlib", + "version": "0.0.21", + "description": "Basic circuits library for Circom", + "main": "index.js", + "directories": { + "test": "test" + }, + "scripts": { + "test": "mocha --max-old-space-size=4000" + }, + "keywords": [ + "pedersen", + "hash", + "ethereum", + "circuit", + "circom", + "zksnark" + ], + "repository": { + "type": "git", + "url": "https://git.tornado.ws/tornado-packages/circomlib.git" + }, + "author": "0Kims", + "license": "GPL-3.0", + "dependencies": { + "blake-hash": "^1.1.0", + "blake2b": "^2.1.3", + "@tornado/snarkjs": "0.1.20", + "typedarray-to-buffer": "^3.1.5", + "web3": "^1.2.11" + }, + "devDependencies": { + "circom": "0.0.35", + "eslint-plugin-mocha": "^5.2.0", + "ganache-cli": "^6.4.4", + "mocha": "^5.2.0" + } } diff --git a/src/babyjub.js b/src/babyjub.js index b3630fd..8d2d705 100644 --- a/src/babyjub.js +++ b/src/babyjub.js @@ -1,5 +1,5 @@ -const bn128 = require("snarkjs").bn128; -const bigInt = require("snarkjs").bigInt; +const bn128 = require("@tornado/snarkjs").bn128; +const bigInt = require("@tornado/snarkjs").bigInt; exports.addPoint = addPoint; exports.mulPointEscalar = mulPointEscalar; @@ -9,11 +9,11 @@ exports.packPoint = packPoint; exports.unpackPoint = unpackPoint; exports.Generator = [ bigInt("995203441582195749578291179787384436505546430278305826713579947235728471134"), - bigInt("5472060717959818805561601436314318772137091100104008585924551046643952123905") + bigInt("5472060717959818805561601436314318772137091100104008585924551046643952123905"), ]; exports.Base8 = [ bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203") + bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), ]; exports.order = bigInt("21888242871839275222246405745257275088614511777268538073601725287587578984328"); exports.subOrder = exports.order.shr(3); @@ -21,8 +21,7 @@ exports.p = bn128.r; exports.A = bigInt("168700"); exports.D = bigInt("168696"); - -function addPoint(a,b) { +function addPoint(a, b) { const q = bn128.r; const res = []; @@ -31,18 +30,28 @@ function addPoint(a,b) { res[0] = bigInt((a[0]*b[1] + b[0]*a[1]) * bigInt(bigInt("1") + d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q); res[1] = bigInt((a[1]*b[1] - cta*a[0]*b[0]) * bigInt(bigInt("1") - d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q); */ - res[0] = bigInt((bigInt(a[0]).mul(b[1]).add(bigInt(b[0]).mul(a[1]))).mul(bigInt(bigInt("1").add(exports.D.mul(a[0]).mul(b[0]).mul(a[1]).mul(b[1]))).inverse(q))).affine(q); - res[1] = bigInt((bigInt(a[1]).mul(b[1]).sub(exports.A.mul(a[0]).mul(b[0]))).mul(bigInt(bigInt("1").sub(exports.D.mul(a[0]).mul(b[0]).mul(a[1]).mul(b[1]))).inverse(q))).affine(q); + res[0] = bigInt( + bigInt(a[0]) + .mul(b[1]) + .add(bigInt(b[0]).mul(a[1])) + .mul(bigInt(bigInt("1").add(exports.D.mul(a[0]).mul(b[0]).mul(a[1]).mul(b[1]))).inverse(q)) + ).affine(q); + res[1] = bigInt( + bigInt(a[1]) + .mul(b[1]) + .sub(exports.A.mul(a[0]).mul(b[0])) + .mul(bigInt(bigInt("1").sub(exports.D.mul(a[0]).mul(b[0]).mul(a[1]).mul(b[1]))).inverse(q)) + ).affine(q); return res; } function mulPointEscalar(base, e) { - let res = [bigInt("0"),bigInt("1")]; + let res = [bigInt("0"), bigInt("1")]; let rem = bigInt(e); let exp = base; - while (! rem.isZero()) { + while (!rem.isZero()) { if (rem.isOdd()) { res = addPoint(res, exp); } @@ -55,8 +64,8 @@ function mulPointEscalar(base, e) { function inSubgroup(P) { if (!inCurve(P)) return false; - const res= mulPointEscalar(P, exports.subOrder); - return (res[0].equals(bigInt(0))) && (res[1].equals(bigInt(1))); + const res = mulPointEscalar(P, exports.subOrder); + return res[0].equals(bigInt(0)) && res[1].equals(bigInt(1)); } function inCurve(P) { @@ -65,9 +74,7 @@ function inCurve(P) { const x2 = F.square(P[0]); const y2 = F.square(P[1]); - if (!F.equals( - F.add(F.mul(exports.A, x2), y2), - F.add(F.one, F.mul(F.mul(x2, y2), exports.D)))) return false; + if (!F.equals(F.add(F.mul(exports.A, x2), y2), F.add(F.one, F.mul(F.mul(x2, y2), exports.D)))) return false; return true; } @@ -88,16 +95,14 @@ function unpackPoint(_buff) { const P = new Array(2); if (buff[31] & 0x80) { sign = true; - buff[31] = buff[31] & 0x7F; + buff[31] = buff[31] & 0x7f; } P[1] = bigInt.leBuff2int(buff); if (P[1].greaterOrEquals(exports.p)) return null; const y2 = F.square(P[1]); - let x = F.sqrt(F.div( - F.sub(F.one, y2), - F.sub(exports.A, F.mul(exports.D, y2)))); + let x = F.sqrt(F.div(F.sub(F.one, y2), F.sub(exports.A, F.mul(exports.D, y2)))); if (x == null) return null; diff --git a/src/eddsa.js b/src/eddsa.js index d746a47..d739335 100644 --- a/src/eddsa.js +++ b/src/eddsa.js @@ -1,12 +1,12 @@ const createBlakeHash = require("blake-hash"); -const bigInt = require("snarkjs").bigInt; +const bigInt = require("@tornado/snarkjs").bigInt; const babyJub = require("./babyjub"); const pedersenHash = require("./pedersenHash").hash; const mimc7 = require("./mimc7"); const poseidon = require("./poseidon.js"); const mimcsponge = require("./mimcsponge"); -exports.prv2pub= prv2pub; +exports.prv2pub = prv2pub; exports.sign = sign; exports.signMiMC = signMiMC; exports.signPoseidon = signPoseidon; @@ -19,17 +19,16 @@ exports.packSignature = packSignature; exports.unpackSignature = unpackSignature; exports.pruneBuffer = pruneBuffer; - function pruneBuffer(_buff) { const buff = Buffer.from(_buff); - buff[0] = buff[0] & 0xF8; - buff[31] = buff[31] & 0x7F; + buff[0] = buff[0] & 0xf8; + buff[31] = buff[31] & 0x7f; buff[31] = buff[31] | 0x40; return buff; } function prv2pub(prv) { - const sBuff = pruneBuffer(createBlakeHash("blake512").update(prv).digest().slice(0,32)); + const sBuff = pruneBuffer(createBlakeHash("blake512").update(prv).digest().slice(0, 32)); let s = bigInt.leBuff2int(sBuff); const A = babyJub.mulPointEscalar(babyJub.Base8, s.shr(3)); return A; @@ -37,11 +36,13 @@ function prv2pub(prv) { function sign(prv, msg) { const h1 = createBlakeHash("blake512").update(prv).digest(); - const sBuff = pruneBuffer(h1.slice(0,32)); + const sBuff = pruneBuffer(h1.slice(0, 32)); const s = bigInt.leBuff2int(sBuff); const A = babyJub.mulPointEscalar(babyJub.Base8, s.shr(3)); - const rBuff = createBlakeHash("blake512").update(Buffer.concat([h1.slice(32,64), msg])).digest(); + const rBuff = createBlakeHash("blake512") + .update(Buffer.concat([h1.slice(32, 64), msg])) + .digest(); let r = bigInt.leBuff2int(rBuff); r = r.mod(babyJub.subOrder); const R8 = babyJub.mulPointEscalar(babyJub.Base8, r); @@ -52,18 +53,20 @@ function sign(prv, msg) { const S = r.add(hm.mul(s)).mod(babyJub.subOrder); return { R8: R8, - S: S + S: S, }; } function signMiMC(prv, msg) { const h1 = createBlakeHash("blake512").update(prv).digest(); - const sBuff = pruneBuffer(h1.slice(0,32)); + const sBuff = pruneBuffer(h1.slice(0, 32)); const s = bigInt.leBuff2int(sBuff); const A = babyJub.mulPointEscalar(babyJub.Base8, s.shr(3)); const msgBuff = bigInt.leInt2Buff(msg, 32); - const rBuff = createBlakeHash("blake512").update(Buffer.concat([h1.slice(32,64), msgBuff])).digest(); + const rBuff = createBlakeHash("blake512") + .update(Buffer.concat([h1.slice(32, 64), msgBuff])) + .digest(); let r = bigInt.leBuff2int(rBuff); r = r.mod(babyJub.subOrder); const R8 = babyJub.mulPointEscalar(babyJub.Base8, r); @@ -71,18 +74,20 @@ function signMiMC(prv, msg) { const S = r.add(hm.mul(s)).mod(babyJub.subOrder); return { R8: R8, - S: S + S: S, }; } function signMiMCSponge(prv, msg) { const h1 = createBlakeHash("blake512").update(prv).digest(); - const sBuff = pruneBuffer(h1.slice(0,32)); + const sBuff = pruneBuffer(h1.slice(0, 32)); const s = bigInt.leBuff2int(sBuff); const A = babyJub.mulPointEscalar(babyJub.Base8, s.shr(3)); const msgBuff = bigInt.leInt2Buff(msg, 32); - const rBuff = createBlakeHash("blake512").update(Buffer.concat([h1.slice(32,64), msgBuff])).digest(); + const rBuff = createBlakeHash("blake512") + .update(Buffer.concat([h1.slice(32, 64), msgBuff])) + .digest(); let r = bigInt.leBuff2int(rBuff); r = r.mod(babyJub.subOrder); const R8 = babyJub.mulPointEscalar(babyJub.Base8, r); @@ -90,18 +95,20 @@ function signMiMCSponge(prv, msg) { const S = r.add(hm.mul(s)).mod(babyJub.subOrder); return { R8: R8, - S: S + S: S, }; } function signPoseidon(prv, msg) { const h1 = createBlakeHash("blake512").update(prv).digest(); - const sBuff = pruneBuffer(h1.slice(0,32)); + const sBuff = pruneBuffer(h1.slice(0, 32)); const s = bigInt.leBuff2int(sBuff); const A = babyJub.mulPointEscalar(babyJub.Base8, s.shr(3)); const msgBuff = bigInt.leInt2Buff(msg, 32); - const rBuff = createBlakeHash("blake512").update(Buffer.concat([h1.slice(32,64), msgBuff])).digest(); + const rBuff = createBlakeHash("blake512") + .update(Buffer.concat([h1.slice(32, 64), msgBuff])) + .digest(); let r = bigInt.leBuff2int(rBuff); r = r.mod(babyJub.subOrder); const R8 = babyJub.mulPointEscalar(babyJub.Base8, r); @@ -109,7 +116,7 @@ function signPoseidon(prv, msg) { const S = r.add(hm.mul(s)).mod(babyJub.subOrder); return { R8: R8, - S: S + S: S, }; } @@ -117,12 +124,12 @@ function verify(msg, sig, A) { // Check parameters if (typeof sig != "object") return false; if (!Array.isArray(sig.R8)) return false; - if (sig.R8.length!= 2) return false; + if (sig.R8.length != 2) return false; if (!babyJub.inCurve(sig.R8)) return false; if (!Array.isArray(A)) return false; - if (A.length!= 2) return false; + if (A.length != 2) return false; if (!babyJub.inCurve(A)) return false; - if (sig.S>= babyJub.subOrder) return false; + if (sig.S >= babyJub.subOrder) return false; const R8p = babyJub.packPoint(sig.R8); const Ap = babyJub.packPoint(A); @@ -142,12 +149,12 @@ function verifyMiMC(msg, sig, A) { // Check parameters if (typeof sig != "object") return false; if (!Array.isArray(sig.R8)) return false; - if (sig.R8.length!= 2) return false; + if (sig.R8.length != 2) return false; if (!babyJub.inCurve(sig.R8)) return false; if (!Array.isArray(A)) return false; - if (A.length!= 2) return false; + if (A.length != 2) return false; if (!babyJub.inCurve(A)) return false; - if (sig.S>= babyJub.subOrder) return false; + if (sig.S >= babyJub.subOrder) return false; const hm = mimc7.multiHash([sig.R8[0], sig.R8[1], A[0], A[1], msg]); @@ -160,17 +167,16 @@ function verifyMiMC(msg, sig, A) { return true; } - function verifyPoseidon(msg, sig, A) { // Check parameters if (typeof sig != "object") return false; if (!Array.isArray(sig.R8)) return false; - if (sig.R8.length!= 2) return false; + if (sig.R8.length != 2) return false; if (!babyJub.inCurve(sig.R8)) return false; if (!Array.isArray(A)) return false; - if (A.length!= 2) return false; + if (A.length != 2) return false; if (!babyJub.inCurve(A)) return false; - if (sig.S>= babyJub.subOrder) return false; + if (sig.S >= babyJub.subOrder) return false; const hm = poseidon([sig.R8[0], sig.R8[1], A[0], A[1], msg]); @@ -187,12 +193,12 @@ function verifyMiMCSponge(msg, sig, A) { // Check parameters if (typeof sig != "object") return false; if (!Array.isArray(sig.R8)) return false; - if (sig.R8.length!= 2) return false; + if (sig.R8.length != 2) return false; if (!babyJub.inCurve(sig.R8)) return false; if (!Array.isArray(A)) return false; - if (A.length!= 2) return false; + if (A.length != 2) return false; if (!babyJub.inCurve(A)) return false; - if (sig.S>= babyJub.subOrder) return false; + if (sig.S >= babyJub.subOrder) return false; const hm = mimcsponge.multiHash([sig.R8[0], sig.R8[1], A[0], A[1], msg]); @@ -213,9 +219,7 @@ function packSignature(sig) { function unpackSignature(sigBuff) { return { - R8: babyJub.unpackPoint(sigBuff.slice(0,32)), - S: bigInt.leBuff2int(sigBuff.slice(32,64)) + R8: babyJub.unpackPoint(sigBuff.slice(0, 32)), + S: bigInt.leBuff2int(sigBuff.slice(32, 64)), }; } - - diff --git a/src/g2_gencontract.js b/src/g2_gencontract.js index 9a9d995..0fa01b0 100644 --- a/src/g2_gencontract.js +++ b/src/g2_gencontract.js @@ -3,24 +3,22 @@ // const Contract = require("./evmasm"); -const G2 = require("snarkjs").bn128.G2; -const bigInt = require("snarkjs").bigInt; - +const G2 = require("@tornado/snarkjs").bn128.G2; +const bigInt = require("@tornado/snarkjs").bigInt; function toHex256(a) { let S = a.toString(16); - while (S.length < 64) S="0"+S; + while (S.length < 64) S = "0" + S; return "0x" + S; } function createCode(P, w) { - const C = new Contract(); - const NPOINTS = 1 << (w-1); + const NPOINTS = 1 << (w - 1); const VAR_POS = C.allocMem(32); - const VAR_POINTS = C.allocMem( (NPOINTS)*4*32); + const VAR_POINTS = C.allocMem(NPOINTS * 4 * 32); const savedP = C.allocMem(32); const savedZ3 = C.allocMem(32); @@ -38,7 +36,7 @@ function createCode(P, w) { storeVals(); - C.push( Math.floor(255/w)*w ); // pos := 255 + C.push(Math.floor(255 / w) * w); // pos := 255 C.push(VAR_POS); C.mstore(); @@ -50,38 +48,38 @@ function createCode(P, w) { C.push(0); C.push(0); - C.label("begin_loop"); // ACC_X ACC_Y ACC_Z q + C.label("begin_loop"); // ACC_X ACC_Y ACC_Z q C.internalCall("double"); // g = (e>>pos)&MASK C.push(4); - C.calldataload(); // e ACC_X ACC_Y ACC_Z q + C.calldataload(); // e ACC_X ACC_Y ACC_Z q C.push(VAR_POS); - C.mload(); // pos e ACC_X ACC_Y ACC_Z q + C.mload(); // pos e ACC_X ACC_Y ACC_Z q C.shr(); - C.push(NPOINTS-1); - C.and(); // g ACC_X ACC_Y ACC_Z q + C.push(NPOINTS - 1); + C.and(); // g ACC_X ACC_Y ACC_Z q - C.internalCall("add"); // acc_x acc_y acc_z + C.internalCall("add"); // acc_x acc_y acc_z C.push(VAR_POS); - C.mload(); // pos acc_x acc_y acc_z - C.dup(0); // pos pos acc_x acc_y acc_z - C.push(0); // 0 pos pos acc_x acc_y acc_z - C.eq(); // eq pos acc_x acc_y acc_z - C.jmpi("after_loop"); // pos acc_x acc_y acc_z - C.push(w); // 5 pos acc_x acc_y acc_z - C.sub(); // pos acc_x acc_y acc_z + C.mload(); // pos acc_x acc_y acc_z + C.dup(0); // pos pos acc_x acc_y acc_z + C.push(0); // 0 pos pos acc_x acc_y acc_z + C.eq(); // eq pos acc_x acc_y acc_z + C.jmpi("after_loop"); // pos acc_x acc_y acc_z + C.push(w); // 5 pos acc_x acc_y acc_z + C.sub(); // pos acc_x acc_y acc_z C.push(VAR_POS); - C.mstore(); // acc_x acc_y acc_z + C.mstore(); // acc_x acc_y acc_z C.jmp("begin_loop"); - C.label("after_loop"); // pos acc_x acc_y acc_z - C.pop(); // acc_x acc_y acc_z + C.label("after_loop"); // pos acc_x acc_y acc_z + C.pop(); // acc_x acc_y acc_z - C.internalCall("affine"); // acc_x acc_y + C.internalCall("affine"); // acc_x acc_y C.push(0); C.mstore(); @@ -96,17 +94,16 @@ function createCode(P, w) { C.push("0x00"); C.return(); - double(); addPoint(); affine(); return C.createTxData(); - function add(a,b,q) { + function add(a, b, q) { C.dup(q); - C.dup(a+1 + 1); - C.dup(b+1 + 2); + C.dup(a + 1 + 1); + C.dup(b + 1 + 2); C.addmod(); C.dup(q + 1); C.dup(a + 2); @@ -114,73 +111,73 @@ function createCode(P, w) { C.addmod(); } - function sub(a,b,q) { - C.dup(q); // q - C.dup(a+1 + 1); // ai q - C.dub(q + 2); // q ai q - C.dup(b+1 + 3); // bi q ai q - C.sub(); // -bi ai q - C.addmod(); // ci - C.dup(q + 1); // q ci - C.dup(a + 2); // ar q ci - C.dup(q + 3); // q ar q ci - C.dup(b + 4); // br q ar q ci - C.sub(); // -br ar q ci - C.addmod(); // cr ci + function sub(a, b, q) { + C.dup(q); // q + C.dup(a + 1 + 1); // ai q + C.dub(q + 2); // q ai q + C.dup(b + 1 + 3); // bi q ai q + C.sub(); // -bi ai q + C.addmod(); // ci + C.dup(q + 1); // q ci + C.dup(a + 2); // ar q ci + C.dup(q + 3); // q ar q ci + C.dup(b + 4); // br q ar q ci + C.sub(); // -br ar q ci + C.addmod(); // cr ci } function mul(a, b, q) { - C.dup(q); // q - C.dup(q + 1); // q q - C.dup(a + 2); // ar q q - C.dup(b+1 + 3); // bi ar q q - C.mulmod(); // ci1 q - C.dup(q + 2); // q ci1 q - C.dup(a+1 + 3); // ai q ci1 q - C.dup(b + 4); // ar ai q ci1 q - C.mulmod(); // ci2 ci1 q - C.addmod(); // ci - C.dup(q + 1); // q ci - C.dup(q + 2); // q q ci - C.dup(q + 3); // q q q ci - C.dup(a+1 + 4); // ai q q ci - C.dup(b+1 + 5); // bi ai q q ci - C.mulmod(); // cr2 q q ci - C.sub(); // -cr2 q ci - C.dup(q + 3); // q -cr2 q ci - C.dup(a + 4); // ar q -cr2 q ci - C.dup(b + 5); // br ar q -cr2 q ci - C.mulmod(); // cr1 -cr2 q ci - C.addmod(); // cr ci + C.dup(q); // q + C.dup(q + 1); // q q + C.dup(a + 2); // ar q q + C.dup(b + 1 + 3); // bi ar q q + C.mulmod(); // ci1 q + C.dup(q + 2); // q ci1 q + C.dup(a + 1 + 3); // ai q ci1 q + C.dup(b + 4); // ar ai q ci1 q + C.mulmod(); // ci2 ci1 q + C.addmod(); // ci + C.dup(q + 1); // q ci + C.dup(q + 2); // q q ci + C.dup(q + 3); // q q q ci + C.dup(a + 1 + 4); // ai q q ci + C.dup(b + 1 + 5); // bi ai q q ci + C.mulmod(); // cr2 q q ci + C.sub(); // -cr2 q ci + C.dup(q + 3); // q -cr2 q ci + C.dup(a + 4); // ar q -cr2 q ci + C.dup(b + 5); // br ar q -cr2 q ci + C.mulmod(); // cr1 -cr2 q ci + C.addmod(); // cr ci } function square(a, q) { - C.dup(q); // q - C.dup(q + 1); // q q - C.dup(a + 2); // ar q q - C.dup(a+1 + 3); // ai ar q q - C.mulmod(); // arai q - C.dup(0); // arai arai q - C.addmod(); // ci - C.dup(q + 1); // q ci - C.dup(q + 2); // q q ci - C.dup(q + 3); // q q q ci - C.dup(a+1 + 4); // ai q q ci - C.dup(a+1 + 5); // ai ai q q ci - C.mulmod(); // cr2 q q ci - C.sub(); // -cr2 q ci - C.dup(q + 3); // q -cr2 q ci - C.dup(a + 4); // ar q -cr2 q ci - C.dup(a + 5); // br ar q -cr2 q ci - C.mulmod(); // cr1 -cr2 q ci - C.addmod(); // cr ci + C.dup(q); // q + C.dup(q + 1); // q q + C.dup(a + 2); // ar q q + C.dup(a + 1 + 3); // ai ar q q + C.mulmod(); // arai q + C.dup(0); // arai arai q + C.addmod(); // ci + C.dup(q + 1); // q ci + C.dup(q + 2); // q q ci + C.dup(q + 3); // q q q ci + C.dup(a + 1 + 4); // ai q q ci + C.dup(a + 1 + 5); // ai ai q q ci + C.mulmod(); // cr2 q q ci + C.sub(); // -cr2 q ci + C.dup(q + 3); // q -cr2 q ci + C.dup(a + 4); // ar q -cr2 q ci + C.dup(a + 5); // br ar q -cr2 q ci + C.mulmod(); // cr1 -cr2 q ci + C.addmod(); // cr ci } function add1(a, q) { - C.dup(a+1); // im - C.dup(1 + q); // q - C.dup(2 + a); // re q im - C.push(1); // 1 re q im + C.dup(a + 1); // im + C.dup(1 + q); // q + C.dup(2 + a); // re q im + C.push(1); // 1 re q im C.addmod(); } @@ -188,220 +185,212 @@ function createCode(P, w) { C.dup(a); C.dup(b); C.eq(); - C.dup(a+1); - C.dup(a+1); + C.dup(a + 1); + C.dup(a + 1); C.and(); } function rm(a) { - if (a>0) C.swap(a); + if (a > 0) C.swap(a); C.pop(); - if (a>0) C.swap(a); + if (a > 0) C.swap(a); C.pop(); } function double() { - C.label("double"); // xR, xI, yR, yI, zR zI, q + C.label("double"); // xR, xI, yR, yI, zR zI, q C.dup(4); C.iszero(); C.dup(6); C.iszero(); C.and(); - C.jumpi("enddouble"); // X Y Z q - + C.jumpi("enddouble"); // X Y Z q // Z3 = 2*Y*Z // Remove Z - mul(2, 4, 6); // yz X Y Z q - rm(6); // X Y yz q + mul(2, 4, 6); // yz X Y Z q + rm(6); // X Y yz q - add(4, 4, 6); // 2yz X Y yz q - rm(6); // X Y Z3 q + add(4, 4, 6); // 2yz X Y yz q + rm(6); // X Y Z3 q // A = X^2 - square(0,6); // A X Y Z3 q + square(0, 6); // A X Y Z3 q // B = Y^2 // Remove Y - square(4,8); // B A X Y Z3 q - rm(6); // A X B Z3 q + square(4, 8); // B A X Y Z3 q + rm(6); // A X B Z3 q // C = B^2 - square(4,8); // C A X B Z3 q + square(4, 8); // C A X B Z3 q // D = (X+B)^2-A-C // Remove X, Remove B - add(4,6, 10); // X+B C A X B Z3 q - rm(6); // C A X+B B Z3 q - rm(6); // A X+B C Z3 q - square(2,8); // (X+B)^2 A X+B C Z3 q - rm(4); // A (X+B)^2 C Z3 q - sub(2, 0, 8); // (X+B)^2-A A (X+B)^2 C Z3 q - rm(4); // A (X+B)^2-A C Z3 q - sub(2, 4, 8); // (X+B)^2-A-C A (X+B)^2-A C Z3 q - rm(4); // A D C Z3 q + add(4, 6, 10); // X+B C A X B Z3 q + rm(6); // C A X+B B Z3 q + rm(6); // A X+B C Z3 q + square(2, 8); // (X+B)^2 A X+B C Z3 q + rm(4); // A (X+B)^2 C Z3 q + sub(2, 0, 8); // (X+B)^2-A A (X+B)^2 C Z3 q + rm(4); // A (X+B)^2-A C Z3 q + sub(2, 4, 8); // (X+B)^2-A-C A (X+B)^2-A C Z3 q + rm(4); // A D C Z3 q // D = D+D - add(2,2, 8); // D+D A D C Z3 q - rm(4); // A D C Z3 q + add(2, 2, 8); // D+D A D C Z3 q + rm(4); // A D C Z3 q // E=A+A+A - add(0, 0, 8); // 2A A D C Z3 q - add(0, 2, 10); // 3A 2A A D C Z3 q - rm(4); // 2A 3A D C Z3 q - rm(0); // E D C Z3 q + add(0, 0, 8); // 2A A D C Z3 q + add(0, 2, 10); // 3A 2A A D C Z3 q + rm(4); // 2A 3A D C Z3 q + rm(0); // E D C Z3 q // F=E^2 - square(0, 8); // F E D C Z3 q + square(0, 8); // F E D C Z3 q // X3= F - 2*D // Remove F - add(4, 4, 10); // 2D F E D C Z3 q - sub(2, 0, 12); // F-2D 2D F E D C Z3 q - rm(4); // 2D X3 E D C Z3 q - rm(0); // X3 E D C Z3 q + add(4, 4, 10); // 2D F E D C Z3 q + sub(2, 0, 12); // F-2D 2D F E D C Z3 q + rm(4); // 2D X3 E D C Z3 q + rm(0); // X3 E D C Z3 q // Y3 = E * (D - X3) - 8 * C // Remove D C E - sub(4, 0, 10); // D-X3 X3 E D C Z3 q - rm(6); // X3 E D-X3 C Z3 q - mul(2, 4, 10); // E*(D-X3) X3 E D-X3 C Z3 q - rm(6); // X3 E E*(D-X3) C Z3 q - rm(2); // X3 E*(D-X3) C Z3 q - add(4, 4, 8); // 2C X3 E*(D-X3) C Z3 q - rm(6); // X3 E*(D-X3) 2C Z3 q - add(4, 4, 8); // 4C X3 E*(D-X3) 2C Z3 q - rm(6); // X3 E*(D-X3) 4C Z3 q - add(4, 4, 8); // 8C X3 E*(D-X3) 4C Z3 q - rm(6); // X3 E*(D-X3) 8C Z3 q - sub(2, 4, 8); // E*(D-X3)-8C X3 E*(D-X3) 8C Z3 q - rm(6); // X3 E*(D-X3) Y3 Z3 q - rm(2); // X3 Y3 Z3 q + sub(4, 0, 10); // D-X3 X3 E D C Z3 q + rm(6); // X3 E D-X3 C Z3 q + mul(2, 4, 10); // E*(D-X3) X3 E D-X3 C Z3 q + rm(6); // X3 E E*(D-X3) C Z3 q + rm(2); // X3 E*(D-X3) C Z3 q + add(4, 4, 8); // 2C X3 E*(D-X3) C Z3 q + rm(6); // X3 E*(D-X3) 2C Z3 q + add(4, 4, 8); // 4C X3 E*(D-X3) 2C Z3 q + rm(6); // X3 E*(D-X3) 4C Z3 q + add(4, 4, 8); // 8C X3 E*(D-X3) 4C Z3 q + rm(6); // X3 E*(D-X3) 8C Z3 q + sub(2, 4, 8); // E*(D-X3)-8C X3 E*(D-X3) 8C Z3 q + rm(6); // X3 E*(D-X3) Y3 Z3 q + rm(2); // X3 Y3 Z3 q C.label("enddouble"); C.returnCall(); } - function addPoint() { // p, xR, xI, yR, yI, zR zI, q + function addPoint() { + // p, xR, xI, yR, yI, zR zI, q - - C.dup(0); // p p X2 Y2 Z2 q + C.dup(0); // p p X2 Y2 Z2 q C.push(savedP); C.mstore(); - C.iszero(); // X2 Y2 Z2 q + C.iszero(); // X2 Y2 Z2 q C.jumpi("endpadd"); - C.dup(4); C.iszero(); C.dup(6); C.iszero(); C.and(); - C.jumpi("returnP"); // X2 Y2 Z2 q - - + C.jumpi("returnP"); // X2 Y2 Z2 q // lastZ3 = (Z2+1)^2 - Z2^2 - add1(4, 6); // Z2+1 X2 Y2 Z2 q - square(0, 8); // (Z2+1)^2 Z2+1 X2 Y2 Z2 q - rm(2); // (Z2+1)^2 X2 Y2 Z2 q - square(6, 8); // Z2^2 (Z2+1)^2 X2 Y2 Z2 q + add1(4, 6); // Z2+1 X2 Y2 Z2 q + square(0, 8); // (Z2+1)^2 Z2+1 X2 Y2 Z2 q + rm(2); // (Z2+1)^2 X2 Y2 Z2 q + square(6, 8); // Z2^2 (Z2+1)^2 X2 Y2 Z2 q + sub(2, 0, 10); // (Z2+1)^2-Z2^2 Z2^2 (Z2+1)^2 X2 Y2 Z2 q - sub(2, 0, 10); // (Z2+1)^2-Z2^2 Z2^2 (Z2+1)^2 X2 Y2 Z2 q - - saveZ3(); // Z2^2 (Z2+1)^2 X2 Y2 Z2 q - rm(2); // Z2^2 X2 Y2 Z2 q + saveZ3(); // Z2^2 (Z2+1)^2 X2 Y2 Z2 q + rm(2); // Z2^2 X2 Y2 Z2 q // U2 = X2 // S2 = Y2 // Z2^2 U2 S2 Z2 q - // U1 = X1 * Z2^2 - loadX(); // X1 Z2^2 U2 S2 Z2 q - mul(0, 2, 10); // X1*Z2^2 X1 Z2^2 U2 S2 Z2 q - rm(2); // X1*Z2^2 Z2^2 U2 S2 Z2 q + loadX(); // X1 Z2^2 U2 S2 Z2 q + mul(0, 2, 10); // X1*Z2^2 X1 Z2^2 U2 S2 Z2 q + rm(2); // X1*Z2^2 Z2^2 U2 S2 Z2 q - - mul(2, 8, 10); // Z2^3 U1 Z2^2 U2 S2 Z2 q - rm(4); // U1 Z2^3 U2 S2 Z2 q - rm(8); // Z2^3 U2 S2 U1 q + mul(2, 8, 10); // Z2^3 U1 Z2^2 U2 S2 Z2 q + rm(4); // U1 Z2^3 U2 S2 Z2 q + rm(8); // Z2^3 U2 S2 U1 q // S1 = Y1 * Z1^3 - loadY(); // Y1 Z2^3 U2 S2 U1 q - mul(0, 2, 10); // S1 Y1 Z2^3 U2 S2 U1 q - rm(4); // Y1 S1 U2 S2 U1 q - rm(0); // S1 U2 S2 U1 q + loadY(); // Y1 Z2^3 U2 S2 U1 q + mul(0, 2, 10); // S1 Y1 Z2^3 U2 S2 U1 q + rm(4); // Y1 S1 U2 S2 U1 q + rm(0); // S1 U2 S2 U1 q - cmp(0, 4); // c1 S1 U2 S2 U1 q - cmp(3, 7); // c2 c1 S1 U2 S2 U1 q - C.and(); // c2&c1 S1 U2 S2 U1 q + cmp(0, 4); // c1 S1 U2 S2 U1 q + cmp(3, 7); // c2 c1 S1 U2 S2 U1 q + C.and(); // c2&c1 S1 U2 S2 U1 q C.jumpi("double1"); // S1 U2 S2 U1 q - // Returns the double // H = U2-U1 // Remove U2 - C.sub(4, 8, 10); // H S1 U2 S2 U1 q - rm(4); // S1 H S2 U1 q + C.sub(4, 8, 10); // H S1 U2 S2 U1 q + rm(4); // S1 H S2 U1 q // // r = 2 * (S2-S1) // Remove S2 - C.sub(4, 4, 8); // S1-S2 S1 H S2 U1 q - rm(6); // S1 H S1-S2 U1 q - C.add(4, 4, 8); // 2*(S1-S2) S1 H S1-S2 U1 q - rm(6); // S1 H r U1 q + C.sub(4, 4, 8); // S1-S2 S1 H S2 U1 q + rm(6); // S1 H S1-S2 U1 q + C.add(4, 4, 8); // 2*(S1-S2) S1 H S1-S2 U1 q + rm(6); // S1 H r U1 q // I = (2 * H)^2 - C.add(2, 2, 8); // 2*H S1 H r U1 q - C.square(0, 10); // (2*H)^2 2*H S1 H r U1 q - rm(2); // I S1 H r U1 q + C.add(2, 2, 8); // 2*H S1 H r U1 q + C.square(0, 10); // (2*H)^2 2*H S1 H r U1 q + rm(2); // I S1 H r U1 q // V = U1 * I - mul(8, 0, 10); // V I S1 H r U1 q - rm(10); // I S1 H r V q + mul(8, 0, 10); // V I S1 H r U1 q + rm(10); // I S1 H r V q // J = H * I // Remove I - mul(4, 0, 10); // J I S1 H r V q - rm(2); // J S1 H r V q + mul(4, 0, 10); // J I S1 H r V q + rm(2); // J S1 H r V q // X3 = r^2 - J - 2 * V // S1J2 = (S1*J)*2 // Remove S1 - mul(2, 0, 10); // S1*J J S1 H r V q - rm(4); // J S1*J H r V q - add(2,2, 10); // (S1*J)*2 J S1*J H r V q - rm(4); // J S1J2 H r V q + mul(2, 0, 10); // S1*J J S1 H r V q + rm(4); // J S1*J H r V q + add(2, 2, 10); // (S1*J)*2 J S1*J H r V q + rm(4); // J S1J2 H r V q // X3 = r^2 - J - 2 * V - square(6, 10); // r^2 J S1J2 H r V q - sub(0, 2, 12); // r^2-J r^2 J S1J2 H r V q - rm(2); // r^2-J J S1J2 H r V q - rm(2); // r^2-J S1J2 H r V q - add(8, 8, 10); // 2*V r^2-J S1J2 H r V q - sub(2, 0, 12); // r^2-J-2*V 2*V r^2-J S1J2 H r V q - rm(4); // 2*V X3 S1J2 H r V q - rm(0); // X3 S1J2 H r V q + square(6, 10); // r^2 J S1J2 H r V q + sub(0, 2, 12); // r^2-J r^2 J S1J2 H r V q + rm(2); // r^2-J J S1J2 H r V q + rm(2); // r^2-J S1J2 H r V q + add(8, 8, 10); // 2*V r^2-J S1J2 H r V q + sub(2, 0, 12); // r^2-J-2*V 2*V r^2-J S1J2 H r V q + rm(4); // 2*V X3 S1J2 H r V q + rm(0); // X3 S1J2 H r V q // Y3 = r * (V-X3)-S1J2 - sub(8, 0, 10); // V-X3 X3 S1J2 H r V q - rm(10); // X3 S1J2 H r V-X3 q - mul(6, 8, 10); // r*(V-X3) X3 S1J2 H r V-X3 q - rm(8); // X3 S1J2 H r*(V-X3) V-X3 q - rm(8); // S1J2 H r*(V-X3) X3 q - sub(4, 0, 8); // Y3 S1J2 H r*(V-X3) X3 q - rm(6); // S1J2 H Y3 X3 q - rm(0); // H Y3 X3 q + sub(8, 0, 10); // V-X3 X3 S1J2 H r V q + rm(10); // X3 S1J2 H r V-X3 q + mul(6, 8, 10); // r*(V-X3) X3 S1J2 H r V-X3 q + rm(8); // X3 S1J2 H r*(V-X3) V-X3 q + rm(8); // S1J2 H r*(V-X3) X3 q + sub(4, 0, 8); // Y3 S1J2 H r*(V-X3) X3 q + rm(6); // S1J2 H Y3 X3 q + rm(0); // H Y3 X3 q // Z3 = lastZ * H - loadZ3(); // lastZ3 H Y3 X3 q - mul(0, 2, 8); // Z3 lastZ3 H Y3 X3 q - rm(4); // lastZ3 Z3 Y3 X3 q - rm(0); // Z3 Y3 X3 q + loadZ3(); // lastZ3 H Y3 X3 q + mul(0, 2, 8); // Z3 lastZ3 H Y3 X3 q + rm(4); // lastZ3 Z3 Y3 X3 q + rm(0); // Z3 Y3 X3 q C.swap(1); C.swap(5); C.swap(1); - C.swap(4); // X3 Y3 Z3 q + C.swap(4); // X3 Y3 Z3 q // returns the point in memory C.label("returnP"); // X Y Z q @@ -430,37 +419,37 @@ function createCode(P, w) { function loadX() { C.push(savedP); - C.mload(); // p + C.mload(); // p C.push(32); - C.mul(); // P*32 - C.push(VAR_POINTS+32); - C.add(); // P*32+32 - C.dup(); // P*32+32 P*32+32 - C.mload(); // im P*32+32 - C.swap(1); // P*32+32 im - C.push(0x20); // 32 P*32+32 im - C.sub(); // P*32 im - C.mload(); // re im + C.mul(); // P*32 + C.push(VAR_POINTS + 32); + C.add(); // P*32+32 + C.dup(); // P*32+32 P*32+32 + C.mload(); // im P*32+32 + C.swap(1); // P*32+32 im + C.push(0x20); // 32 P*32+32 im + C.sub(); // P*32 im + C.mload(); // re im } function loadY() { C.push(savedP); - C.mload(); // p + C.mload(); // p C.push(32); - C.mul(); // P*32 - C.push(VAR_POINTS+32*3); - C.add(); // P*32+32 - C.dup(); // P*32+32 P*32+32 - C.mload(); // im P*32+32 - C.swap(1); // P*32+32 im - C.push(0x20); // 32 P*32+32 im - C.sub(); // P*32 im - C.mload(); // re im + C.mul(); // P*32 + C.push(VAR_POINTS + 32 * 3); + C.add(); // P*32+32 + C.dup(); // P*32+32 P*32+32 + C.mload(); // im P*32+32 + C.swap(1); // P*32+32 im + C.push(0x20); // 32 P*32+32 im + C.sub(); // P*32 im + C.mload(); // re im } function loadZ3() { - C.push(savedZ3+32); - C.mload(); // p + C.push(savedZ3 + 32); + C.mload(); // p C.push(savedZ3); C.mload(); } @@ -468,18 +457,19 @@ function createCode(P, w) { function saveZ3() { C.push(savedZ3); C.mstore(); - C.push(savedZ3+32); + C.push(savedZ3 + 32); C.mstore(); } } - function affine() { // X Y Z q + function affine() { + // X Y Z q // If Z2=0 return 0 C.label("affine"); C.dup(4); C.dup(5 + 1); C.or(); - C.jumpi("notZero"); // X Y Z q + C.jumpi("notZero"); // X Y Z q rm(0); rm(0); C.push(0); @@ -488,96 +478,95 @@ function createCode(P, w) { C.jmp("endAffine"); C.label("notZero"); - inverse2(4,6); // Z_inv X Y Z q - square(2, 8); // Z2_inv Z_inv X Y Z q - mul(0, 2, 10); // Z3_inv Z2_inv Z_inv X Y Z q - rm(4); // Z2_inv Z3_inv X Y Z q + inverse2(4, 6); // Z_inv X Y Z q + square(2, 8); // Z2_inv Z_inv X Y Z q + mul(0, 2, 10); // Z3_inv Z2_inv Z_inv X Y Z q + rm(4); // Z2_inv Z3_inv X Y Z q C.push(1); - C.push(0); // 1 Z2_inv Z3_inv X Y Z q - rm(10); // Z2_inv Z3_inv X Y 1 q - mul(2, 6, 10); // YI Z2_inv Z3_inv X Y 1 q - rm(8); // Z2_inv Z3_inv X YI 1 q - mul(0, 4, 10); // XI Z2_inv Z3_inv X YI 1 q - rm(6); // Z2_inv Z3_inv XI YI 1 q - rm(0); // Z3_inv XI YI 1 q - rm(0); // XI YI 1 q + C.push(0); // 1 Z2_inv Z3_inv X Y Z q + rm(10); // Z2_inv Z3_inv X Y 1 q + mul(2, 6, 10); // YI Z2_inv Z3_inv X Y 1 q + rm(8); // Z2_inv Z3_inv X YI 1 q + mul(0, 4, 10); // XI Z2_inv Z3_inv X YI 1 q + rm(6); // Z2_inv Z3_inv XI YI 1 q + rm(0); // Z3_inv XI YI 1 q + rm(0); // XI YI 1 q C.label("endAffine"); C.returnCall(); } function inverse2(a, q) { - C.dup(q); // q - C.dup(q + 1); // q q - C.push(2); // 2 q q - C.sub(); // q-2 q - C.dup(q + 2); // q q-2 q - C.dup(q + 3); // q q q-2 q - C.dup(a + 4); // ar q q q-2 q - C.dup(a + 5); // ar ar q q q-2 q - C.mulmod(); // t0 q q-2 q + C.dup(q); // q + C.dup(q + 1); // q q + C.push(2); // 2 q q + C.sub(); // q-2 q + C.dup(q + 2); // q q-2 q + C.dup(q + 3); // q q q-2 q + C.dup(a + 4); // ar q q q-2 q + C.dup(a + 5); // ar ar q q q-2 q + C.mulmod(); // t0 q q-2 q - C.dup(q + 4); // q t0 q q-2 q - C.dup(a+1 + 5); // ai q t0 q q-2 q - C.dup(a+1 + 6); // ai ai q t0 q q-2 q - C.mulmod(); // t1 t0 q q-2 q + C.dup(q + 4); // q t0 q q-2 q + C.dup(a + 1 + 5); // ai q t0 q q-2 q + C.dup(a + 1 + 6); // ai ai q t0 q q-2 q + C.mulmod(); // t1 t0 q q-2 q - C.addmod(); // t2 q-2 q - C.expmod(); // t3 + C.addmod(); // t2 q-2 q + C.expmod(); // t3 - C.dup(q + 1); // q t3 - C.dup(q + 2); // q q t3 - C.dup(q + 3); // q q q t3 - C.dup(1); // t3 q q q t3 - C.sub(); // -t3 q q t3 - C.dup(a+1 + 3); // ai -t3 q q t3 - C.mulmod(); // ii q t3 - C.swap(2); // t3 q ii - C.dup(a + 3); // ar t3 q ii - C.mulmod(); // ir ii + C.dup(q + 1); // q t3 + C.dup(q + 2); // q q t3 + C.dup(q + 3); // q q q t3 + C.dup(1); // t3 q q q t3 + C.sub(); // -t3 q q t3 + C.dup(a + 1 + 3); // ai -t3 q q t3 + C.mulmod(); // ii q t3 + C.swap(2); // t3 q ii + C.dup(a + 3); // ar t3 q ii + C.mulmod(); // ir ii } function storeVals() { - C.push(VAR_POINTS); // p - for (let i=0; i { if (typeof seed === "undefined") seed = SEED; - const c = Web3Utils.keccak256(seed+"_iv"); + const c = Web3Utils.keccak256(seed + "_iv"); const cn = bigInt(Web3Utils.toBN(c).toString()); const iv = cn.mod(F.q); return iv; @@ -19,7 +19,7 @@ exports.getConstants = (seed, nRounds) => { if (typeof nRounds === "undefined") nRounds = NROUNDS; const cts = new Array(nRounds); let c = Web3Utils.keccak256(SEED); - for (let i=1; i { const cts = exports.getConstants(SEED, 91); -exports.hash = (_x_in, _k) =>{ +exports.hash = (_x_in, _k) => { const x_in = bigInt(_x_in); const k = bigInt(_k); let r; - for (let i=0; i{ exports.multiHash = (arr, key) => { let r; - if (typeof(key) === "undefined") { + if (typeof key === "undefined") { r = F.zero; } else { r = key; } - for (let i=0; i { if (typeof seed === "undefined") seed = SEED; - const c = Web3Utils.keccak256(seed+"_iv"); + const c = Web3Utils.keccak256(seed + "_iv"); const cn = bigInt(Web3Utils.toBN(c).toString()); const iv = cn.mod(F.q); return iv; @@ -19,7 +19,7 @@ exports.getConstants = (seed, nRounds) => { if (typeof nRounds === "undefined") nRounds = NROUNDS; const cts = new Array(nRounds); let c = Web3Utils.keccak256(SEED); - for (let i=1; i { const cts = exports.getConstants(SEED, NROUNDS); -exports.hash = (_xL_in, _xR_in, _k) =>{ +exports.hash = (_xL_in, _xR_in, _k) => { let xL = bigInt(_xL_in); let xR = bigInt(_xR_in); const k = bigInt(_k); - for (let i=0; i { - if (typeof(numOutputs) === "undefined") { - numOutputs = 1; + if (typeof numOutputs === "undefined") { + numOutputs = 1; } - if (typeof(key) === "undefined") { + if (typeof key === "undefined") { key = F.zero; } let R = F.zero; let C = F.zero; - for (let i=0; i F.affine(x)); + return outputs.map((x) => F.affine(x)); } }; diff --git a/src/pedersenHash.js b/src/pedersenHash.js index e14f089..b1514f4 100644 --- a/src/pedersenHash.js +++ b/src/pedersenHash.js @@ -1,5 +1,5 @@ -const bn128 = require("snarkjs").bn128; -const bigInt = require("snarkjs").bigInt; +const bn128 = require("@tornado/snarkjs").bn128; +const bigInt = require("@tornado/snarkjs").bigInt; const babyJub = require("./babyjub"); const createBlakeHash = require("blake-hash"); @@ -11,39 +11,39 @@ exports.hash = pedersenHash; exports.getBasePoint = getBasePoint; function pedersenHash(msg) { - const bitsPerSegment = windowSize*nWindowsPerSegment; + const bitsPerSegment = windowSize * nWindowsPerSegment; const bits = buffer2bits(msg); - const nSegments = Math.floor((bits.length - 1)/(windowSize*nWindowsPerSegment)) +1; + const nSegments = Math.floor((bits.length - 1) / (windowSize * nWindowsPerSegment)) + 1; - let accP = [bigInt.zero,bigInt.one]; + let accP = [bigInt.zero, bigInt.one]; - for (let s=0; s F.mul(a, F.square(F.square(a, a))); +const pow5 = (a) => F.mul(a, F.square(F.square(a, a))); function poseidon(inputs) { assert(inputs.length > 0); @@ -27,21 +27,19 @@ function poseidon(inputs) { const nRoundsF = N_ROUNDS_F; const nRoundsP = N_ROUNDS_P; - let state = [...inputs.map(a => bigInt(a)), F.zero]; + let state = [...inputs.map((a) => bigInt(a)), F.zero]; for (let r = 0; r < nRoundsF + nRoundsP; r++) { state = state.map((a, i) => F.add(a, bigInt(C[t - 2][r * t + i]))); if (r < nRoundsF / 2 || r >= nRoundsF / 2 + nRoundsP) { - state = state.map(a => pow5(a)); + state = state.map((a) => pow5(a)); } else { state[0] = pow5(state[0]); } // no matrix multiplication in the last round if (r < nRoundsF + nRoundsP - 1) { - state = state.map((_, i) => - state.reduce((acc, a, j) => F.add(acc, F.mul(bigInt(M[t - 2][j][i]), a)), F.zero) - ); + state = state.map((_, i) => state.reduce((acc, a, j) => F.add(acc, F.mul(bigInt(M[t - 2][j][i]), a)), F.zero)); } } return F.affine(state[0]); diff --git a/src/poseidon_gencontract.js b/src/poseidon_gencontract.js index 3f5c02f..61e074a 100644 --- a/src/poseidon_gencontract.js +++ b/src/poseidon_gencontract.js @@ -3,10 +3,10 @@ // const Contract = require("./evmasm"); -const { unstringifyBigInts } = require("snarkjs"); +const { unstringifyBigInts } = require("@tornado/snarkjs"); const Web3Utils = require("web3-utils"); -const { C:K, M } = unstringifyBigInts(require("./poseidon_constants.json")); +const { C: K, M } = unstringifyBigInts(require("./poseidon_constants.json")); const N_ROUNDS_F = 8; const N_ROUNDS_P = 35; @@ -16,13 +16,12 @@ function toHex256(a) { return a; } let S = a.toString(16); - while (S.length < 64) S="0"+S; + while (S.length < 64) S = "0" + S; return "0x" + S; } function createCode(nInputs) { - - if (( nInputs<1) || (nInputs>4)) throw new Error("Invalid number of inputs. Must be 1<=nInputs<=8"); + if (nInputs < 1 || nInputs > 4) throw new Error("Invalid number of inputs. Must be 1<=nInputs<=8"); const t = nInputs + 1; const nRoundsF = N_ROUNDS_F; const nRoundsP = N_ROUNDS_P; @@ -30,20 +29,21 @@ function createCode(nInputs) { const C = new Contract(); function saveM() { - for (let i=0; i=nRoundsP+nRoundsF/2)) { - for (let j=0; j= nRoundsP + nRoundsF / 2) { + for (let j = 0; j < t; j++) { sigma(j); } } else { sigma(0); } - const strLabel = "aferMix"+i; + const strLabel = "aferMix" + i; C._pushLabel(strLabel); C.push(0); C.mstore(); @@ -145,15 +144,15 @@ function createCode(nInputs) { C.label(strLabel); } - C.push(toHex256(K[t-2][(nRoundsF+nRoundsP-1)*t])); // K, st, q - C.dup(t+1); // q, K, st, q - C.swap(2); // st[0], K, q, st\st[0] - C.addmod(); // st q + C.push(toHex256(K[t - 2][(nRoundsF + nRoundsP - 1) * t])); // K, st, q + C.dup(t + 1); // q, K, st, q + C.swap(2); // st[0], K, q, st\st[0] + C.addmod(); // st q sigma(0); C.push("0x00"); - C.mstore(); // Save it to pos 0; + C.mstore(); // Save it to pos 0; C.push("0x20"); C.push("0x00"); C.return(); @@ -166,51 +165,49 @@ function createCode(nInputs) { function generateABI(nInputs) { return [ { - "constant": true, - "inputs": [ + constant: true, + inputs: [ { - "internalType": `bytes32[${nInputs}]`, - "name": "input", - "type": `bytes32[${nInputs}]` - } + internalType: `bytes32[${nInputs}]`, + name: "input", + type: `bytes32[${nInputs}]`, + }, ], - "name": "poseidon", - "outputs": [ + name: "poseidon", + outputs: [ { - "internalType": "bytes32", - "name": "", - "type": "bytes32" - } + internalType: "bytes32", + name: "", + type: "bytes32", + }, ], - "payable": false, - "stateMutability": "pure", - "type": "function" + payable: false, + stateMutability: "pure", + type: "function", }, { - "constant": true, - "inputs": [ + constant: true, + inputs: [ { - "internalType": `uint256[${nInputs}]`, - "name": "input", - "type": `uint256[${nInputs}]` - } + internalType: `uint256[${nInputs}]`, + name: "input", + type: `uint256[${nInputs}]`, + }, ], - "name": "poseidon", - "outputs": [ + name: "poseidon", + outputs: [ { - "internalType": "uint256", - "name": "", - "type": "uint256" - } + internalType: "uint256", + name: "", + type: "uint256", + }, ], - "payable": false, - "stateMutability": "pure", - "type": "function" - } + payable: false, + stateMutability: "pure", + type: "function", + }, ]; } module.exports.generateABI = generateABI; module.exports.createCode = createCode; - - diff --git a/src/smt.js b/src/smt.js index 197516e..283231b 100644 --- a/src/smt.js +++ b/src/smt.js @@ -1,17 +1,15 @@ -const bigInt = require("snarkjs").bigInt; +const bigInt = require("@tornado/snarkjs").bigInt; const SMTMemDB = require("./smt_memdb"); -const {hash0, hash1} = require("./smt_hashes_poseidon"); +const { hash0, hash1 } = require("./smt_hashes_poseidon"); class SMT { - constructor(db, root) { this.db = db; this.root = root; } _splitBits(_key) { - let k = bigInt(_key); const res = []; @@ -24,7 +22,7 @@ class SMT { k = k.shr(1); } - while (res.length<256) res.push(false); + while (res.length < 256) res.push(false); return res; } @@ -33,7 +31,6 @@ class SMT { const key = bigInt(_key); const newValue = bigInt(_newValue); - const resFind = await this.find(key); const res = {}; res.oldRoot = this.root; @@ -48,11 +45,11 @@ class SMT { let rtOld = hash1(key, resFind.foundValue); let rtNew = hash1(key, newValue); - ins.push([rtNew, [1, key, newValue ]]); + ins.push([rtNew, [1, key, newValue]]); dels.push(rtOld); const keyBits = this._splitBits(key); - for (let level = resFind.siblings.length-1; level >=0; level--) { + for (let level = resFind.siblings.length - 1; level >= 0; level--) { let oldNode, newNode; const sibling = resFind.siblings[level]; if (keyBits[level]) { @@ -87,7 +84,7 @@ class SMT { const res = { siblings: [], delKey: key, - delValue: resFind.foundValue + delValue: resFind.foundValue, }; const dels = []; @@ -99,7 +96,7 @@ class SMT { let mixed; if (resFind.siblings.length > 0) { const record = await this.db.get(resFind.siblings[resFind.siblings.length - 1]); - if ((record.length == 3)&&(record[0].equals(bigInt.one))) { + if (record.length == 3 && record[0].equals(bigInt.one)) { mixed = false; res.oldKey = record[1]; res.oldValue = record[2]; @@ -123,9 +120,9 @@ class SMT { const keyBits = this._splitBits(key); - for (let level = resFind.siblings.length-1; level >=0; level--) { + for (let level = resFind.siblings.length - 1; level >= 0; level--) { let newSibling = resFind.siblings[level]; - if ((level == resFind.siblings.length-1)&&(!res.isOld0)) { + if (level == resFind.siblings.length - 1 && !res.isOld0) { newSibling = bigInt.zero; } const oldSibling = resFind.siblings[level]; @@ -182,14 +179,14 @@ class SMT { if (!resFind.isOld0) { const oldKeyits = this._splitBits(resFind.notFoundKey); - for (let i= res.siblings.length; oldKeyits[i] == newKeyBits[i]; i++) { + for (let i = res.siblings.length; oldKeyits[i] == newKeyBits[i]; i++) { res.siblings.push(bigInt.zero); } rtOld = hash1(resFind.notFoundKey, resFind.notFoundValue); res.siblings.push(rtOld); addedOne = true; mixed = false; - } else if (res.siblings.length >0) { + } else if (res.siblings.length > 0) { mixed = true; rtOld = bigInt.zero; } @@ -198,10 +195,10 @@ class SMT { const dels = []; let rt = hash1(key, value); - inserts.push([rt,[1, key, value]] ); + inserts.push([rt, [1, key, value]]); - for (let i=res.siblings.length-1; i>=0; i--) { - if ((i= 0; i--) { + if (i < res.siblings.length - 1 && !res.siblings[i].isZero()) { mixed = true; } if (mixed) { @@ -214,20 +211,19 @@ class SMT { dels.push(rtOld); } - let newRt; if (newKeyBits[i]) { newRt = hash0(res.siblings[i], rt); - inserts.push([newRt,[res.siblings[i], rt]] ); + inserts.push([newRt, [res.siblings[i], rt]]); } else { newRt = hash0(rt, res.siblings[i]); - inserts.push([newRt,[rt, res.siblings[i]]] ); + inserts.push([newRt, [rt, res.siblings[i]]]); } rt = newRt; } if (addedOne) res.siblings.pop(); - while ((res.siblings.length>0) && (res.siblings[res.siblings.length-1].isZero())) { + while (res.siblings.length > 0 && res.siblings[res.siblings.length - 1].isZero()) { res.siblings.pop(); } res.oldKey = resFind.notFoundKey; @@ -235,7 +231,6 @@ class SMT { res.newRoot = rt; res.isOld0 = resFind.isOld0; - await this.db.multiIns(inserts); await this.db.setRoot(rt); this.root = rt; @@ -259,20 +254,20 @@ class SMT { siblings: [], notFoundKey: key, notFoundValue: bigInt.zero, - isOld0: true + isOld0: true, }; return res; } const record = await this.db.get(root); - if ((record.length==3)&&(record[0].equals(bigInt.one))) { + if (record.length == 3 && record[0].equals(bigInt.one)) { if (record[1].equals(key)) { res = { found: true, siblings: [], foundValue: record[2], - isOld0: false + isOld0: false, }; } else { res = { @@ -280,15 +275,15 @@ class SMT { siblings: [], notFoundKey: record[1], notFoundValue: record[2], - isOld0: false + isOld0: false, }; } } else { if (keyBits[level] == 0) { - res = await this._find(key, keyBits, record[0], level+1); + res = await this._find(key, keyBits, record[0], level + 1); res.siblings.unshift(record[1]); } else { - res = await this._find(key, keyBits, record[1], level+1); + res = await this._find(key, keyBits, record[1], level + 1); res.siblings.unshift(record[0]); } } @@ -296,9 +291,7 @@ class SMT { } } -async function loadFromFile(fileName) { - -} +async function loadFromFile(fileName) {} async function newMemEmptyTrie() { const db = new SMTMemDB(); diff --git a/src/smt_hashes_mimc.js b/src/smt_hashes_mimc.js index 99887db..66fa588 100644 --- a/src/smt_hashes_mimc.js +++ b/src/smt_hashes_mimc.js @@ -1,10 +1,10 @@ const mimc7 = require("./mimc7"); -const bigInt = require("snarkjs").bigInt; +const bigInt = require("@tornado/snarkjs").bigInt; exports.hash0 = function (left, right) { return mimc7.multiHash(left, right); }; -exports.hash1 = function(key, value) { +exports.hash1 = function (key, value) { return mimc7.multiHash([key, value], bigInt.one); }; diff --git a/src/smt_hashes_poseidon.js b/src/smt_hashes_poseidon.js index 2c20266..d027c15 100644 --- a/src/smt_hashes_poseidon.js +++ b/src/smt_hashes_poseidon.js @@ -1,10 +1,10 @@ const poseidon = require("./poseidon"); -const bigInt = require("snarkjs").bigInt; +const bigInt = require("@tornado/snarkjs").bigInt; exports.hash0 = function (left, right) { return poseidon([left, right]); }; -exports.hash1 = function(key, value) { +exports.hash1 = function (key, value) { return poseidon([key, value, bigInt.one]); }; diff --git a/src/smt_memdb.js b/src/smt_memdb.js index c88f2c1..c24a988 100644 --- a/src/smt_memdb.js +++ b/src/smt_memdb.js @@ -1,4 +1,4 @@ -const bigInt = require("snarkjs").bigInt; +const bigInt = require("@tornado/snarkjs").bigInt; class SMTMemDb { constructor() { @@ -17,7 +17,7 @@ class SMTMemDb { } _normalize(n) { - for (let i=0; i { let circuit; - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "aliascheck_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -37,40 +37,38 @@ describe("Aliascheck test", () => { it("Satisfy the aliastest 0", async () => { const inp = getBits(bigInt.zero, 254); - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); }); it("Satisfy the aliastest 3", async () => { const inp = getBits(bigInt(3), 254); - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); }); it("Satisfy the aliastest q-1", async () => { const inp = getBits(q.sub(bigInt.one), 254); - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); }); it("Nhot not satisfy an input of q", async () => { const inp = getBits(q, 254); try { - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); assert(false); - } catch(err) { - assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); + } catch (err) { + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message)); assert(err.message.indexOf("1 != 0") >= 0); } }); it("Nhot not satisfy all ones", async () => { - const inp = getBits(bigInt(1).shl(254).sub(bigInt(1)), 254); try { - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); assert(false); - } catch(err) { - assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); + } catch (err) { + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message)); assert(err.message.indexOf("1 != 0") >= 0); } }); - }); diff --git a/test/aliascheckbabyjub.js b/test/aliascheckbabyjub.js index 9b82d58..b838664 100644 --- a/test/aliascheckbabyjub.js +++ b/test/aliascheckbabyjub.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; @@ -13,7 +13,7 @@ function print(circuit, w, s) { function getBits(v, n) { const res = []; - for (let i=0; i { let circuit; - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "aliascheckbabyjub_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -37,25 +37,25 @@ describe("Aliascheck test", () => { it("Satisfy the aliastest 0", async () => { const inp = getBits(bigInt.zero, 251); - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); }); it("Satisfy the aliastest 3", async () => { const inp = getBits(bigInt(3), 251); - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); }); it("Satisfy the aliastest r-1", async () => { const inp = getBits(r.sub(bigInt.one), 251); - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); }); it("Nhot not satisfy an input of r", async () => { const inp = getBits(r, 251); try { - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); assert(false); - } catch(err) { + } catch (err) { assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(err.message.indexOf("1 != 0") >= 0); } @@ -64,12 +64,11 @@ describe("Aliascheck test", () => { it("Nhot not satisfy all ones", async () => { const inp = getBits(bigInt(1).shl(251).sub(bigInt(1)), 251); try { - circuit.calculateWitness({in: inp}); + circuit.calculateWitness({ in: inp }); assert(false); - } catch(err) { + } catch (err) { assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(err.message.indexOf("1 != 0") >= 0); } }); - }); diff --git a/test/babyjub.js b/test/babyjub.js index 279776f..4900623 100644 --- a/test/babyjub.js +++ b/test/babyjub.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const createBlakeHash = require("blake-hash"); @@ -8,7 +8,7 @@ const eddsa = require("../src/eddsa.js"); const assert = chai.assert; -const bigInt = require("snarkjs").bigInt; +const bigInt = require("@tornado/snarkjs").bigInt; describe("Baby Jub test", function () { let circuitAdd; @@ -16,7 +16,7 @@ describe("Baby Jub test", function () { this.timeout(100000); - before( async() => { + before(async () => { const cirDefAdd = await compiler(path.join(__dirname, "circuits", "babyadd_tester.circom")); circuitAdd = new snarkjs.Circuit(cirDefAdd); console.log("NConstrains BabyAdd: " + circuitAdd.nConstraints); @@ -28,16 +28,14 @@ describe("Baby Jub test", function () { const cirDefPbk = await compiler(path.join(__dirname, "circuits", "babypbk_test.circom")); circuitPbk = new snarkjs.Circuit(cirDefPbk); console.log("NConstrains BabyPbk: " + circuitPbk.nConstraints); - }); it("Should add point (0,1) and (0,1)", async () => { - - const input={ + const input = { x1: snarkjs.bigInt(0), y1: snarkjs.bigInt(1), x2: snarkjs.bigInt(0), - y2: snarkjs.bigInt(1) + y2: snarkjs.bigInt(1), }; const w = circuitAdd.calculateWitness(input); @@ -50,12 +48,11 @@ describe("Baby Jub test", function () { }); it("Should add 2 same numbers", async () => { - - const input={ + const input = { x1: snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"), y1: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), x2: snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"), - y2: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475") + y2: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), }; const w = circuitAdd.calculateWitness(input); @@ -68,12 +65,11 @@ describe("Baby Jub test", function () { }); it("Should add 2 different numbers", async () => { - - const input={ + const input = { x1: snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"), y1: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), x2: snarkjs.bigInt("16540640123574156134436876038791482806971768689494387082833631921987005038935"), - y2: snarkjs.bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311") + y2: snarkjs.bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311"), }; const w = circuitAdd.calculateWitness(input); @@ -90,37 +86,35 @@ describe("Baby Jub test", function () { assert(yout.equals(snarkjs.bigInt("14035240266687799601661095864649209771790948434046947201833777492504781204499"))); }); - it("Should check 0 is a valid poiny", async() => { - const w = circuitTest.calculateWitness({x: 0, y:1}); + it("Should check 0 is a valid poiny", async () => { + const w = circuitTest.calculateWitness({ x: 0, y: 1 }); assert(circuitTest.checkWitness(w)); }); - it("Should check 0 is an invalid poiny", async() => { + it("Should check 0 is an invalid poiny", async () => { try { - circuitTest.calculateWitness({x: 1, y: 0}); + circuitTest.calculateWitness({ x: 1, y: 0 }); assert(false, "Should be a valid point"); - } catch(err) { - assert(/Constraint\sdoesn't\smatch(.*)168700\s!=\s1/.test(err.message) ); + } catch (err) { + assert(/Constraint\sdoesn't\smatch(.*)168700\s!=\s1/.test(err.message)); assert(err.message.indexOf("168700 != 1") >= 0); } }); it("Should extract the public key from the private one", async () => { - const rawpvk = Buffer.from("0001020304050607080900010203040506070809000102030405060708090021", "hex"); - const pvk = eddsa.pruneBuffer(createBlakeHash("blake512").update(rawpvk).digest().slice(0,32)); - const S = bigInt.leBuff2int(pvk).shr(3); + const pvk = eddsa.pruneBuffer(createBlakeHash("blake512").update(rawpvk).digest().slice(0, 32)); + const S = bigInt.leBuff2int(pvk).shr(3); - const A = eddsa.prv2pub(rawpvk); + const A = eddsa.prv2pub(rawpvk); const input = { - in : S, - Ax : A[0], - Ay : A[1] - } + in: S, + Ax: A[0], + Ay: A[1], + }; const w = circuitPbk.calculateWitness(input); assert(circuitPbk.checkWitness(w)); }); - }); diff --git a/test/babyjub_js.js b/test/babyjub_js.js index 8e1fc33..ac5fdbd 100644 --- a/test/babyjub_js.js +++ b/test/babyjub_js.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const babyjub = require("../src/babyjub.js"); @@ -8,22 +8,14 @@ const assert = chai.assert; // const bigInt = require("big-integer"); - describe("Baby Jub js test", function () { - this.timeout(100000); it("Should add point (0,1) and (0,1)", () => { + const p1 = [snarkjs.bigInt(0), snarkjs.bigInt(1)]; + const p2 = [snarkjs.bigInt(0), snarkjs.bigInt(1)]; - const p1 = [ - snarkjs.bigInt(0), - snarkjs.bigInt(1)]; - const p2 = [ - snarkjs.bigInt(0), - snarkjs.bigInt(1) - ]; - - const out = babyjub.addPoint(p1, p2) + const out = babyjub.addPoint(p1, p2); assert(out[0].equals(0)); assert(out[1].equals(1)); }); @@ -39,7 +31,6 @@ describe("Baby Jub js test", function () { }); it("Should add 2 same numbers", () => { - const p1 = [ snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"), snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), @@ -49,13 +40,12 @@ describe("Baby Jub js test", function () { snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), ]; - const out = babyjub.addPoint(p1, p2) + const out = babyjub.addPoint(p1, p2); assert(out[0].equals(snarkjs.bigInt("6890855772600357754907169075114257697580319025794532037257385534741338397365"))); assert(out[1].equals(snarkjs.bigInt("4338620300185947561074059802482547481416142213883829469920100239455078257889"))); }); it("Should add 2 different numbers", () => { - const p1 = [ snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"), snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), @@ -65,7 +55,7 @@ describe("Baby Jub js test", function () { snarkjs.bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311"), ]; - const out = babyjub.addPoint(p1, p2) + const out = babyjub.addPoint(p1, p2); assert(out[0].equals(snarkjs.bigInt("7916061937171219682591368294088513039687205273691143098332585753343424131937"))); assert(out[1].equals(snarkjs.bigInt("14035240266687799601661095864649209771790948434046947201833777492504781204499"))); @@ -92,7 +82,10 @@ describe("Baby Jub js test", function () { snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), ]; - const r = babyjub.mulPointEscalar(p, snarkjs.bigInt("14035240266687799601661095864649209771790948434046947201833777492504781204499")); + const r = babyjub.mulPointEscalar( + p, + snarkjs.bigInt("14035240266687799601661095864649209771790948434046947201833777492504781204499") + ); assert.equal(r[0].toString(), "17070357974431721403481313912716834497662307308519659060910483826664480189605"); assert.equal(r[1].toString(), "4014745322800118607127020275658861516666525056516280575712425373174125159339"); }); @@ -103,7 +96,10 @@ describe("Baby Jub js test", function () { snarkjs.bigInt("4338620300185947561074059802482547481416142213883829469920100239455078257889"), ]; - const r = babyjub.mulPointEscalar(p, snarkjs.bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311")); + const r = babyjub.mulPointEscalar( + p, + snarkjs.bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311") + ); assert.equal(r[0].toString(), "13563888653650925984868671744672725781658357821216877865297235725727006259983"); assert.equal(r[1].toString(), "8442587202676550862664528699803615547505326611544120184665036919364004251662"); }); @@ -146,7 +142,7 @@ describe("Baby Jub js test", function () { snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"), ]; const buf = babyjub.packPoint(p); - assert.equal(buf.toString('hex'), '53b81ed5bffe9545b54016234682e7b2f699bd42a5e9eae27ff4051bc698ce85'); + assert.equal(buf.toString("hex"), "53b81ed5bffe9545b54016234682e7b2f699bd42a5e9eae27ff4051bc698ce85"); const p2 = babyjub.unpackPoint(buf); assert.equal(p2[0].toString(), "17777552123799933955779906779655732241715742912184938656739573121738514868268"); assert.equal(p2[1].toString(), "2626589144620713026669568689430873010625803728049924121243784502389097019475"); @@ -158,7 +154,7 @@ describe("Baby Jub js test", function () { snarkjs.bigInt("4338620300185947561074059802482547481416142213883829469920100239455078257889"), ]; const buf = babyjub.packPoint(p); - assert.equal(buf.toString('hex'), 'e114eb17eddf794f063a68fecac515e3620e131976108555735c8b0773929709'); + assert.equal(buf.toString("hex"), "e114eb17eddf794f063a68fecac515e3620e131976108555735c8b0773929709"); const p2 = babyjub.unpackPoint(buf); assert.equal(p2[0].toString(), "6890855772600357754907169075114257697580319025794532037257385534741338397365"); assert.equal(p2[1].toString(), "4338620300185947561074059802482547481416142213883829469920100239455078257889"); diff --git a/test/binsub.js b/test/binsub.js index 21e5ad3..818f652 100644 --- a/test/binsub.js +++ b/test/binsub.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; @@ -11,21 +11,21 @@ function print(circuit, w, s) { console.log(s + ": " + w[circuit.getSignalIdx(s)]); } -function checkSub(_a,_b, circuit) { - let a=bigInt(_a); - let b=bigInt(_b); +function checkSub(_a, _b, circuit) { + let a = bigInt(_a); + let b = bigInt(_b); if (a.lesser(bigInt.zero)) a = a.add(bigInt.one.shl(16)); if (b.lesser(bigInt.zero)) b = b.add(bigInt.one.shl(16)); - const w = circuit.calculateWitness({a: a, b: b}); + const w = circuit.calculateWitness({ a: a, b: b }); let res = a.sub(b); if (res.lesser(bigInt.zero)) res = res.add(bigInt.one.shl(16)); - assert( w[circuit.getSignalIdx("main.out")].equals(bigInt(res)) ); + assert(w[circuit.getSignalIdx("main.out")].equals(bigInt(res))); } describe("BinSub test", () => { let circuit; - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "binsub_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -34,23 +34,21 @@ describe("BinSub test", () => { }); it("Should check variuos ege cases", async () => { - checkSub(0,0, circuit); - checkSub(1,0, circuit); - checkSub(-1,0, circuit); - checkSub(2,1, circuit); - checkSub(2,2, circuit); - checkSub(2,3, circuit); - checkSub(2,-1, circuit); - checkSub(2,-2, circuit); - checkSub(2,-3, circuit); - checkSub(-2,-3, circuit); - checkSub(-2,-2, circuit); - checkSub(-2,-1, circuit); - checkSub(-2,0, circuit); - checkSub(-2,1, circuit); - checkSub(-2,2, circuit); - checkSub(-2,3, circuit); + checkSub(0, 0, circuit); + checkSub(1, 0, circuit); + checkSub(-1, 0, circuit); + checkSub(2, 1, circuit); + checkSub(2, 2, circuit); + checkSub(2, 3, circuit); + checkSub(2, -1, circuit); + checkSub(2, -2, circuit); + checkSub(2, -3, circuit); + checkSub(-2, -3, circuit); + checkSub(-2, -2, circuit); + checkSub(-2, -1, circuit); + checkSub(-2, 0, circuit); + checkSub(-2, 1, circuit); + checkSub(-2, 2, circuit); + checkSub(-2, 3, circuit); }); - - }); diff --git a/test/binsum.js b/test/binsum.js index 099ad38..ce56deb 100644 --- a/test/binsum.js +++ b/test/binsum.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const crypto = require("crypto"); const compiler = require("circom"); @@ -9,25 +9,23 @@ const assert = chai.assert; describe("Sum test", () => { it("Should create a constant circuit", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "constants_test.circom")); assert.equal(cirDef.nVars, 2); const circuit = new snarkjs.Circuit(cirDef); - const witness = circuit.calculateWitness({ "in": "0xd807aa98" }); + const witness = circuit.calculateWitness({ in: "0xd807aa98" }); assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt("0xd807aa98"))); }); it("Should create a sum circuit", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "sum_test.circom")); - assert.equal(cirDef.nVars, 97); // 32 (in1) + 32(in2) + 32(out) + 1 (carry) + assert.equal(cirDef.nVars, 97); // 32 (in1) + 32(in2) + 32(out) + 1 (carry) const circuit = new snarkjs.Circuit(cirDef); - const witness = circuit.calculateWitness({ "a": "111", "b": "222" }); + const witness = circuit.calculateWitness({ a: "111", b: "222" }); assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt("333"))); diff --git a/test/comparators.js b/test/comparators.js index 6b3c0a0..e355878 100644 --- a/test/comparators.js +++ b/test/comparators.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const crypto = require("crypto"); const compiler = require("circom"); @@ -8,21 +8,21 @@ const compiler = require("circom"); const assert = chai.assert; describe("Sum test", () => { - it("Should create a iszero circuit", async() => { + it("Should create a iszero circuit", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "iszero.circom")); const circuit = new snarkjs.Circuit(cirDef); let witness; - witness = circuit.calculateWitness({ "in": 111}); + witness = circuit.calculateWitness({ in: 111 }); assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt(0))); - witness = circuit.calculateWitness({ "in": 0 }); + witness = circuit.calculateWitness({ in: 0 }); assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt(1))); }); - it("Should create a isequal circuit", async() => { + it("Should create a isequal circuit", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "isequal.circom")); const circuit = new snarkjs.Circuit(cirDef); @@ -36,7 +36,7 @@ describe("Sum test", () => { assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt(1))); }); - it("Should create a comparison lessthan", async() => { + it("Should create a comparison lessthan", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "lessthan.circom")); const circuit = new snarkjs.Circuit(cirDef); @@ -74,7 +74,7 @@ describe("Sum test", () => { assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt(0))); }); - it("Should create a comparison lesseqthan", async() => { + it("Should create a comparison lesseqthan", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "lesseqthan.circom")); const circuit = new snarkjs.Circuit(cirDef); @@ -112,7 +112,7 @@ describe("Sum test", () => { assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt(1))); }); - it("Should create a comparison greaterthan", async() => { + it("Should create a comparison greaterthan", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "greaterthan.circom")); const circuit = new snarkjs.Circuit(cirDef); @@ -150,7 +150,7 @@ describe("Sum test", () => { assert(witness[0].equals(snarkjs.bigInt(1))); assert(witness[1].equals(snarkjs.bigInt(0))); }); - it("Should create a comparison greatereqthan", async() => { + it("Should create a comparison greatereqthan", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "greatereqthan.circom")); const circuit = new snarkjs.Circuit(cirDef); diff --git a/test/eddsa.js b/test/eddsa.js index 8292a89..7c0e14f 100644 --- a/test/eddsa.js +++ b/test/eddsa.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); // const crypto = require("crypto"); @@ -17,9 +17,9 @@ function print(circuit, w, s) { function buffer2bits(buff) { const res = []; - for (let i=0; i>j)&1) { + for (let i = 0; i < buff.length; i++) { + for (let j = 0; j < 8; j++) { + if ((buff[i] >> j) & 1) { res.push(bigInt.one); } else { res.push(bigInt.zero); @@ -29,13 +29,12 @@ function buffer2bits(buff) { return res; } - describe("EdDSA test", function () { let circuit; this.timeout(100000); - before( async () => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "eddsa_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -46,7 +45,7 @@ describe("EdDSA test", function () { it("Sign a single 10 bytes from 0 to 9", async () => { const msg = Buffer.from("00010203040506070809", "hex"); -// const prvKey = crypto.randomBytes(32); + // const prvKey = crypto.randomBytes(32); const prvKey = Buffer.from("0001020304050607080900010203040506070809000102030405060708090001", "hex"); @@ -66,9 +65,8 @@ describe("EdDSA test", function () { const sBits = buffer2bits(pSignature.slice(32, 64)); const aBits = buffer2bits(pPubKey); - const w = circuit.calculateWitness({A: aBits, R8: r8Bits, S: sBits, msg: msgBits}); + const w = circuit.calculateWitness({ A: aBits, R8: r8Bits, S: sBits, msg: msgBits }); assert(circuit.checkWitness(w)); - }); }); diff --git a/test/eddsa_js.js b/test/eddsa_js.js index bea64ad..8bab660 100644 --- a/test/eddsa_js.js +++ b/test/eddsa_js.js @@ -1,5 +1,5 @@ const chai = require("chai"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const eddsa = require("../src/eddsa.js"); const babyJub = require("../src/babyjub.js"); @@ -9,7 +9,6 @@ const assert = chai.assert; const bigInt = snarkjs.bigInt; describe("EdDSA js test", function () { - this.timeout(100000); it("Sign (using Mimc7) a single 10 bytes from 0 to 9", () => { @@ -22,29 +21,26 @@ describe("EdDSA js test", function () { const pubKey = eddsa.prv2pub(prvKey); - assert.equal(pubKey[0].toString(), - "13277427435165878497778222415993513565335242147425444199013288855685581939618"); - assert.equal(pubKey[1].toString(), - "13622229784656158136036771217484571176836296686641868549125388198837476602820"); + assert.equal(pubKey[0].toString(), "13277427435165878497778222415993513565335242147425444199013288855685581939618"); + assert.equal(pubKey[1].toString(), "13622229784656158136036771217484571176836296686641868549125388198837476602820"); const pPubKey = babyJub.packPoint(pubKey); const signature = eddsa.signMiMC(prvKey, msg); - assert.equal(signature.R8[0].toString(), - "11384336176656855268977457483345535180380036354188103142384839473266348197733"); - assert.equal(signature.R8[1].toString(), - "15383486972088797283337779941324724402501462225528836549661220478783371668959"); - assert.equal(signature.S.toString(), - "2523202440825208709475937830811065542425109372212752003460238913256192595070"); + assert.equal(signature.R8[0].toString(), "11384336176656855268977457483345535180380036354188103142384839473266348197733"); + assert.equal(signature.R8[1].toString(), "15383486972088797283337779941324724402501462225528836549661220478783371668959"); + assert.equal(signature.S.toString(), "2523202440825208709475937830811065542425109372212752003460238913256192595070"); const pSignature = eddsa.packSignature(signature); - assert.equal(pSignature.toString("hex"), ""+ - "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2"+ - "7ed40dab29bf993c928e789d007387998901a24913d44fddb64b1f21fc149405"); + assert.equal( + pSignature.toString("hex"), + "" + + "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2" + + "7ed40dab29bf993c928e789d007387998901a24913d44fddb64b1f21fc149405" + ); const uSignature = eddsa.unpackSignature(pSignature); assert(eddsa.verifyMiMC(msg, uSignature, pubKey)); - }); it("Sign (using Poseidon) a single 10 bytes from 0 to 9", () => { @@ -55,28 +51,25 @@ describe("EdDSA js test", function () { const pubKey = eddsa.prv2pub(prvKey); - assert.equal(pubKey[0].toString(), - "13277427435165878497778222415993513565335242147425444199013288855685581939618"); - assert.equal(pubKey[1].toString(), - "13622229784656158136036771217484571176836296686641868549125388198837476602820"); + assert.equal(pubKey[0].toString(), "13277427435165878497778222415993513565335242147425444199013288855685581939618"); + assert.equal(pubKey[1].toString(), "13622229784656158136036771217484571176836296686641868549125388198837476602820"); const pPubKey = babyJub.packPoint(pubKey); const signature = eddsa.signPoseidon(prvKey, msg); - assert.equal(signature.R8[0].toString(), - "11384336176656855268977457483345535180380036354188103142384839473266348197733"); - assert.equal(signature.R8[1].toString(), - "15383486972088797283337779941324724402501462225528836549661220478783371668959"); - assert.equal(signature.S.toString(), - "1398758333392199195742243841591064350253744445503462896781493968760929513778"); + assert.equal(signature.R8[0].toString(), "11384336176656855268977457483345535180380036354188103142384839473266348197733"); + assert.equal(signature.R8[1].toString(), "15383486972088797283337779941324724402501462225528836549661220478783371668959"); + assert.equal(signature.S.toString(), "1398758333392199195742243841591064350253744445503462896781493968760929513778"); const pSignature = eddsa.packSignature(signature); - assert.equal(pSignature.toString("hex"), ""+ - "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2"+ - "32f16b0f2f4c4e1169aa59685637e1429b6581a9531d058d65f4ab224eab1703"); + assert.equal( + pSignature.toString("hex"), + "" + + "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2" + + "32f16b0f2f4c4e1169aa59685637e1429b6581a9531d058d65f4ab224eab1703" + ); const uSignature = eddsa.unpackSignature(pSignature); assert(eddsa.verifyPoseidon(msg, uSignature, pubKey)); - }); }); diff --git a/test/eddsamimc.js b/test/eddsamimc.js index e7f3f8e..024ddfb 100644 --- a/test/eddsamimc.js +++ b/test/eddsamimc.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const eddsa = require("../src/eddsa.js"); @@ -14,7 +14,7 @@ describe("EdDSA MiMC test", function () { this.timeout(100000); - before( async () => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "eddsamimc_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -40,7 +40,8 @@ describe("EdDSA MiMC test", function () { R8x: signature.R8[0], R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(circuit.checkWitness(w)); }); @@ -52,7 +53,6 @@ describe("EdDSA MiMC test", function () { const pubKey = eddsa.prv2pub(prvKey); - const signature = eddsa.signMiMC(prvKey, msg); assert(eddsa.verifyMiMC(msg, signature, pubKey)); @@ -64,14 +64,14 @@ describe("EdDSA MiMC test", function () { R8x: signature.R8[0].add(bigInt(1)), R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(false); - } catch(err) { - assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); + } catch (err) { + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message)); } }); - it("Test a dissabled circuit with a bad signature", async () => { const msg = bigInt(1234); @@ -79,7 +79,6 @@ describe("EdDSA MiMC test", function () { const pubKey = eddsa.prv2pub(prvKey); - const signature = eddsa.signMiMC(prvKey, msg); assert(eddsa.verifyMiMC(msg, signature, pubKey)); @@ -91,7 +90,8 @@ describe("EdDSA MiMC test", function () { R8x: signature.R8[0].add(bigInt(1)), R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(circuit.checkWitness(w)); }); diff --git a/test/eddsamimcsponge.js b/test/eddsamimcsponge.js index 160e32d..9d7e2ec 100644 --- a/test/eddsamimcsponge.js +++ b/test/eddsamimcsponge.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const eddsa = require("../src/eddsa.js"); @@ -14,7 +14,7 @@ describe("EdDSA MiMCSponge test", function () { this.timeout(100000); - before( async () => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "eddsamimcsponge_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -40,7 +40,8 @@ describe("EdDSA MiMCSponge test", function () { R8x: signature.R8[0], R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(circuit.checkWitness(w)); }); @@ -52,7 +53,6 @@ describe("EdDSA MiMCSponge test", function () { const pubKey = eddsa.prv2pub(prvKey); - const signature = eddsa.signMiMCSponge(prvKey, msg); assert(eddsa.verifyMiMCSponge(msg, signature, pubKey)); @@ -64,15 +64,15 @@ describe("EdDSA MiMCSponge test", function () { R8x: signature.R8[0].add(bigInt(1)), R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(false); - } catch(err) { + } catch (err) { assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(err.message.indexOf("1 != 0") >= 0); } }); - it("Test a dissabled circuit with a bad signature", async () => { const msg = bigInt(1234); @@ -80,7 +80,6 @@ describe("EdDSA MiMCSponge test", function () { const pubKey = eddsa.prv2pub(prvKey); - const signature = eddsa.signMiMCSponge(prvKey, msg); assert(eddsa.verifyMiMCSponge(msg, signature, pubKey)); @@ -92,7 +91,8 @@ describe("EdDSA MiMCSponge test", function () { R8x: signature.R8[0].add(bigInt(1)), R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(circuit.checkWitness(w)); }); diff --git a/test/eddsaposeidon.js b/test/eddsaposeidon.js index 5ed5b97..84c797e 100644 --- a/test/eddsaposeidon.js +++ b/test/eddsaposeidon.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const eddsa = require("../src/eddsa.js"); @@ -14,7 +14,7 @@ describe("EdDSA Poseidon test", function () { this.timeout(100000); - before( async () => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "eddsaposeidon_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -40,7 +40,8 @@ describe("EdDSA Poseidon test", function () { R8x: signature.R8[0], R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(circuit.checkWitness(w)); }); @@ -52,7 +53,6 @@ describe("EdDSA Poseidon test", function () { const pubKey = eddsa.prv2pub(prvKey); - const signature = eddsa.signPoseidon(prvKey, msg); assert(eddsa.verifyPoseidon(msg, signature, pubKey)); @@ -64,14 +64,14 @@ describe("EdDSA Poseidon test", function () { R8x: signature.R8[0].add(bigInt(1)), R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(false); - } catch(err) { - assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); + } catch (err) { + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message)); } }); - it("Test a dissabled circuit with a bad signature", async () => { const msg = bigInt(1234); @@ -79,7 +79,6 @@ describe("EdDSA Poseidon test", function () { const pubKey = eddsa.prv2pub(prvKey); - const signature = eddsa.signPoseidon(prvKey, msg); assert(eddsa.verifyPoseidon(msg, signature, pubKey)); @@ -91,7 +90,8 @@ describe("EdDSA Poseidon test", function () { R8x: signature.R8[0].add(bigInt(1)), R8y: signature.R8[1], S: signature.S, - M: msg}); + M: msg, + }); assert(circuit.checkWitness(w)); }); diff --git a/test/escalarmul.js b/test/escalarmul.js index f183550..9b595e2 100644 --- a/test/escalarmul.js +++ b/test/escalarmul.js @@ -1,21 +1,20 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; const bigInt = snarkjs.bigInt; - -const q=bigInt("21888242871839275222246405745257275088548364400416034343698204186575808495617"); -function addPoint(a,b) { +const q = bigInt("21888242871839275222246405745257275088548364400416034343698204186575808495617"); +function addPoint(a, b) { const cta = bigInt("168700"); const d = bigInt("168696"); const res = []; - res[0] = bigInt((a[0]*b[1] + b[0]*a[1]) * bigInt(bigInt.one + d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q); - res[1] = bigInt((a[1]*b[1] - cta*a[0]*b[0]) * bigInt(bigInt.one - d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q); + res[0] = bigInt((a[0] * b[1] + b[0] * a[1]) * bigInt(bigInt.one + d * a[0] * b[0] * a[1] * b[1]).inverse(q)).affine(q); + res[1] = bigInt((a[1] * b[1] - cta * a[0] * b[0]) * bigInt(bigInt.one - d * a[0] * b[0] * a[1] * b[1]).inverse(q)).affine(q); return res; } @@ -25,27 +24,28 @@ function print(circuit, w, s) { describe("Exponentioation test", () => { it("Should generate the Exponentiation table in k=0", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmulw4table_test.circom")); -// console.log(JSON.stringify(cirDef, null, 1)); + // console.log(JSON.stringify(cirDef, null, 1)); -// assert.equal(cirDef.nVars, 2); + // assert.equal(cirDef.nVars, 2); const circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains: " + circuit.nConstraints); - const w = circuit.calculateWitness({in: 1}); + const w = circuit.calculateWitness({ in: 1 }); assert(circuit.checkWitness(w)); - let g = [bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] + let g = [ + bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), + bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), + ]; - dbl= [bigInt("0"), snarkjs.bigInt("1")]; + dbl = [bigInt("0"), snarkjs.bigInt("1")]; - for (let i=0; i<16; i++) { + for (let i = 0; i < 16; i++) { const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)]; const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)]; @@ -57,41 +57,40 @@ describe("Exponentioation test", () => { assert(xout1.equals(dbl[0])); assert(yout1.equals(dbl[1])); - dbl = addPoint([xout1, yout1],g); + dbl = addPoint([xout1, yout1], g); } - }); it("Should generate the Exponentiation table in k=3", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmulw4table_test3.circom")); -// console.log(JSON.stringify(cirDef, null, 1)); + // console.log(JSON.stringify(cirDef, null, 1)); -// assert.equal(cirDef.nVars, 2); + // assert.equal(cirDef.nVars, 2); const circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains: " + circuit.nConstraints); - const w = circuit.calculateWitness({in: 1}); + const w = circuit.calculateWitness({ in: 1 }); assert(circuit.checkWitness(w)); - let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] + let g = [ + snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), + snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), + ]; - for (let i=0; i<12;i++) { - g = addPoint(g,g); + for (let i = 0; i < 12; i++) { + g = addPoint(g, g); } - dbl= [snarkjs.bigInt("0"), snarkjs.bigInt("1")]; + dbl = [snarkjs.bigInt("0"), snarkjs.bigInt("1")]; - for (let i=0; i<16; i++) { + for (let i = 0; i < 16; i++) { const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)]; const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)]; - // console.log(xout1.toString()); // console.log(yout1.toString()); // console.log(dbl[0]); @@ -100,56 +99,57 @@ describe("Exponentioation test", () => { assert(xout1.equals(dbl[0])); assert(yout1.equals(dbl[1])); - dbl = addPoint([xout1, yout1],g); + dbl = addPoint([xout1, yout1], g); } - }); it("Should exponentiate g^31", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom"), {reduceConstraints: true}); + const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom"), { reduceConstraints: true }); -// console.log(JSON.stringify(cirDef, null, 1)); + // console.log(JSON.stringify(cirDef, null, 1)); -// assert.equal(cirDef.nVars, 2); + // assert.equal(cirDef.nVars, 2); const circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains: " + circuit.nConstraints); - const w = circuit.calculateWitness({"in": 31}); + const w = circuit.calculateWitness({ in: 31 }); assert(circuit.checkWitness(w)); - let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] + let g = [ + snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), + snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), + ]; let c = [0n, 1n]; - for (let i=0; i<31;i++) { - c = addPoint(c,g); + for (let i = 0; i < 31; i++) { + c = addPoint(c, g); } const xout = w[circuit.getSignalIdx(`main.out[0]`)]; const yout = w[circuit.getSignalIdx(`main.out[1]`)]; -/* + /* console.log(xout.toString()); console.log(yout.toString()); */ assert(xout.equals(c[0])); assert(yout.equals(c[1])); - console.log("-------") - const w2 = circuit.calculateWitness({"in": (1n<<252n)+1n}); + console.log("-------"); + const w2 = circuit.calculateWitness({ in: (1n << 252n) + 1n }); const xout2 = w2[circuit.getSignalIdx(`main.out[0]`)]; const yout2 = w2[circuit.getSignalIdx(`main.out[1]`)]; c = [g[0], g[1]]; - for (let i=0; i<252;i++) { - c = addPoint(c,c); + for (let i = 0; i < 252; i++) { + c = addPoint(c, c); } - c = addPoint(c,g); + c = addPoint(c, g); // console.log(xout2.toString()); // console.log(yout2.toString()); @@ -158,7 +158,6 @@ describe("Exponentioation test", () => { assert(xout2.equals(c[0])); assert(yout2.equals(c[1])); - }).timeout(10000000); it("Number of constrains for 256 bits", async () => { @@ -168,5 +167,4 @@ describe("Exponentioation test", () => { console.log("NConstrains: " + circuit.nConstraints); }).timeout(10000000); - }); diff --git a/test/escalarmulany.js b/test/escalarmulany.js index 2d33827..03b2aad 100644 --- a/test/escalarmulany.js +++ b/test/escalarmulany.js @@ -1,13 +1,12 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; const bigInt = snarkjs.bigInt; - function print(circuit, w, s) { console.log(s + ": " + w[circuit.getSignalIdx(s)]); } @@ -19,18 +18,17 @@ describe("Escalarmul test", function () { let g = [ snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203") + snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), ]; - before( async() => { + before(async () => { const cirDefEMulAny = await compiler(path.join(__dirname, "circuits", "escalarmulany_test.circom")); circuitEMulAny = new snarkjs.Circuit(cirDefEMulAny); console.log("NConstrains Escalarmul any: " + circuitEMulAny.nConstraints); }); it("Should generate Same escalar mul", async () => { - - const w = circuitEMulAny.calculateWitness({"e": 1, "p": g}); + const w = circuitEMulAny.calculateWitness({ e: 1, p: g }); assert(circuitEMulAny.checkWitness(w)); @@ -42,9 +40,8 @@ describe("Escalarmul test", function () { }); it("If multiply by order should return 0", async () => { - const r = bigInt("2736030358979909402780800718157159386076813972158567259200215660948447373041"); - const w = circuitEMulAny.calculateWitness({"e": r, "p": g}); + const w = circuitEMulAny.calculateWitness({ e: r, p: g }); assert(circuitEMulAny.checkWitness(w)); @@ -54,6 +51,4 @@ describe("Escalarmul test", function () { assert(xout.equals(bigInt.zero)); assert(yout.equals(bigInt.one)); }); - }); - diff --git a/test/escalarmulfix.js b/test/escalarmulfix.js index 77f6c97..a67e005 100644 --- a/test/escalarmulfix.js +++ b/test/escalarmulfix.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const babyjub = require("../src/babyjub"); @@ -8,7 +8,6 @@ const assert = chai.assert; const bigInt = snarkjs.bigInt; - function print(circuit, w, s) { console.log(s + ": " + w[circuit.getSignalIdx(s)]); } @@ -18,15 +17,14 @@ describe("Escalarmul test", function () { this.timeout(100000); - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmulfix_test.circom")); circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains Escalarmul fix: " + circuit.nConstraints); }); it("Should generate Same escalar mul", async () => { - - const w = circuit.calculateWitness({"e": 0}); + const w = circuit.calculateWitness({ e: 0 }); assert(circuit.checkWitness(w)); @@ -38,8 +36,7 @@ describe("Escalarmul test", function () { }); it("Should generate Same escalar mul", async () => { - - const w = circuit.calculateWitness({"e": 1}); + const w = circuit.calculateWitness({ e: 1 }); assert(circuit.checkWitness(w)); @@ -51,14 +48,13 @@ describe("Escalarmul test", function () { }); it("Should generate scalar mul of a specific constant", async () => { - const s = bigInt("2351960337287830298912035165133676222414898052661454064215017316447594616519"); const base8 = [ bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203") + bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), ]; - const w = circuit.calculateWitness({"e": s}); + const w = circuit.calculateWitness({ e: s }); assert(circuit.checkWitness(w)); @@ -72,16 +68,15 @@ describe("Escalarmul test", function () { }); it("Should generate scalar mul of the firsts 50 elements", async () => { - const base8 = [ bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203") + bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), ]; - for (let i=0; i<50; i++) { + for (let i = 0; i < 50; i++) { const s = bigInt(i); - const w = circuit.calculateWitness({"e": s}); + const w = circuit.calculateWitness({ e: s }); assert(circuit.checkWitness(w)); @@ -96,8 +91,7 @@ describe("Escalarmul test", function () { }); it("If multiply by order should return 0", async () => { - - const w = circuit.calculateWitness({"e": babyjub.subOrder }); + const w = circuit.calculateWitness({ e: babyjub.subOrder }); assert(circuit.checkWitness(w)); @@ -107,6 +101,4 @@ describe("Escalarmul test", function () { assert(xout.equals(bigInt.zero)); assert(yout.equals(bigInt.one)); }); - }); - diff --git a/test/helpers/printsignal.js b/test/helpers/printsignal.js index 796274d..23a5e5d 100644 --- a/test/helpers/printsignal.js +++ b/test/helpers/printsignal.js @@ -1,13 +1,12 @@ - -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const bigInt = snarkjs.bigInt; module.exports = function hexBits(cir, witness, sig, nBits) { let v = bigInt(0); - for (let i=nBits-1; i>=0; i--) { + for (let i = nBits - 1; i >= 0; i--) { v = v.shiftLeft(1); - const name = sig+"["+i+"]"; + const name = sig + "[" + i + "]"; const idx = cir.getSignalIdx(name); const vbit = bigInt(witness[idx].toString()); if (vbit.equals(bigInt(1))) { @@ -15,7 +14,7 @@ module.exports = function hexBits(cir, witness, sig, nBits) { } else if (vbit.equals(bigInt(0))) { v; } else { - console.log("Not Binary: "+name); + console.log("Not Binary: " + name); } } return v.toString(16); diff --git a/test/mimccircuit.js b/test/mimccircuit.js index f45db3d..95efcb3 100644 --- a/test/mimccircuit.js +++ b/test/mimccircuit.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const mimcjs = require("../src/mimc7.js"); @@ -12,7 +12,7 @@ describe("MiMC Circuit test", function () { this.timeout(100000); - before( async () => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "mimc_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -21,15 +21,14 @@ describe("MiMC Circuit test", function () { }); it("Should check constrain", async () => { - const w = circuit.calculateWitness({x_in: 1, k: 2}); + const w = circuit.calculateWitness({ x_in: 1, k: 2 }); const res = w[circuit.getSignalIdx("main.out")]; - const res2 = mimcjs.hash(1,2,91); + const res2 = mimcjs.hash(1, 2, 91); assert.equal(res.toString(), res2.toString()); assert(circuit.checkWitness(w)); - }); }); diff --git a/test/mimcspongecircuit.js b/test/mimcspongecircuit.js index b114924..4fef3d7 100644 --- a/test/mimcspongecircuit.js +++ b/test/mimcspongecircuit.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const mimcjs = require("../src/mimcsponge.js"); @@ -19,18 +19,17 @@ describe("MiMC Sponge Circuit test", function () { console.log("MiMC Feistel constraints: " + circuit.nConstraints); - const w = circuit.calculateWitness({xL_in: 1, xR_in: 2, k: 3}); + const w = circuit.calculateWitness({ xL_in: 1, xR_in: 2, k: 3 }); const xLout = w[circuit.getSignalIdx("main.xL_out")]; const xRout = w[circuit.getSignalIdx("main.xR_out")]; - const out2 = mimcjs.hash(1,2,3); + const out2 = mimcjs.hash(1, 2, 3); assert.equal(xLout.toString(), out2.xL.toString()); assert.equal(xRout.toString(), out2.xR.toString()); assert(circuit.checkWitness(w)); - }); it("Should check hash", async () => { @@ -40,19 +39,18 @@ describe("MiMC Sponge Circuit test", function () { console.log("MiMC Sponge constraints: " + circuit.nConstraints); - const w = circuit.calculateWitness({ins: [1, 2], k: 0}); + const w = circuit.calculateWitness({ ins: [1, 2], k: 0 }); const o1 = w[circuit.getSignalIdx("main.outs[0]")]; const o2 = w[circuit.getSignalIdx("main.outs[1]")]; const o3 = w[circuit.getSignalIdx("main.outs[2]")]; - const out2 = mimcjs.multiHash([1,2], 0, 3); + const out2 = mimcjs.multiHash([1, 2], 0, 3); assert.equal(o1.toString(), out2[0].toString()); assert.equal(o2.toString(), out2[1].toString()); assert.equal(o3.toString(), out2[2].toString()); assert(circuit.checkWitness(w)); - }); }); diff --git a/test/montgomery.js b/test/montgomery.js index 0de3ca0..f7dde6b 100644 --- a/test/montgomery.js +++ b/test/montgomery.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const babyJub = require("../src/babyjub.js"); @@ -16,12 +16,13 @@ describe("Montgomery test", function () { let g = [ snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), - snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]; + snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203"), + ]; let mg, mg2, g2, g3, mg3; this.timeout(100000); - before( async() => { + before(async () => { const cirDefE2M = await compiler(path.join(__dirname, "circuits", "edwards2montgomery.circom")); circuitE2M = new snarkjs.Circuit(cirDefE2M); console.log("NConstrains Edwards -> Montgomery: " + circuitE2M.nConstraints); @@ -41,14 +42,14 @@ describe("Montgomery test", function () { it("Convert Edwards to Montgomery and back again", async () => { let w, xout, yout; - w = circuitE2M.calculateWitness({ in: g}); + w = circuitE2M.calculateWitness({ in: g }); xout = w[circuitE2M.getSignalIdx("main.out[0]")]; yout = w[circuitE2M.getSignalIdx("main.out[1]")]; mg = [xout, yout]; - w = circuitM2E.calculateWitness({ in: [xout, yout]}); + w = circuitM2E.calculateWitness({ in: [xout, yout] }); xout = w[circuitM2E.getSignalIdx("main.out[0]")]; yout = w[circuitM2E.getSignalIdx("main.out[1]")]; @@ -59,16 +60,16 @@ describe("Montgomery test", function () { it("Should double a point", async () => { let w, xout, yout; - g2 = babyJub.addPoint(g,g); + g2 = babyJub.addPoint(g, g); - w = circuitMDouble.calculateWitness({ in: mg}); + w = circuitMDouble.calculateWitness({ in: mg }); xout = w[circuitE2M.getSignalIdx("main.out[0]")]; yout = w[circuitE2M.getSignalIdx("main.out[1]")]; mg2 = [xout, yout]; - w = circuitM2E.calculateWitness({ in: mg2}); + w = circuitM2E.calculateWitness({ in: mg2 }); xout = w[circuitM2E.getSignalIdx("main.out[0]")]; yout = w[circuitM2E.getSignalIdx("main.out[1]")]; @@ -79,16 +80,16 @@ describe("Montgomery test", function () { it("Should add a point", async () => { let w, xout, yout; - g3 = babyJub.addPoint(g,g2); + g3 = babyJub.addPoint(g, g2); - w = circuitMAdd.calculateWitness({ in1: mg, in2: mg2}); + w = circuitMAdd.calculateWitness({ in1: mg, in2: mg2 }); xout = w[circuitMAdd.getSignalIdx("main.out[0]")]; yout = w[circuitMAdd.getSignalIdx("main.out[1]")]; mg3 = [xout, yout]; - w = circuitM2E.calculateWitness({ in: mg3}); + w = circuitM2E.calculateWitness({ in: mg3 }); xout = w[circuitM2E.getSignalIdx("main.out[0]")]; yout = w[circuitM2E.getSignalIdx("main.out[1]")]; diff --git a/test/multiplexer.js b/test/multiplexer.js index ee62566..f9e8b69 100644 --- a/test/multiplexer.js +++ b/test/multiplexer.js @@ -1,21 +1,19 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; const bigInt = snarkjs.bigInt; - describe("Mux4 test", () => { it("Should create a constant multiplexer 4", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "mux4_1.circom")); -// console.log(JSON.stringify(cirDef, null, 1)); + // console.log(JSON.stringify(cirDef, null, 1)); -// assert.equal(cirDef.nVars, 2); + // assert.equal(cirDef.nVars, 2); const circuit = new snarkjs.Circuit(cirDef); @@ -37,11 +35,11 @@ describe("Mux4 test", () => { bigInt("1223"), bigInt("4546"), bigInt("4256"), - bigInt("4456") + bigInt("4456"), ]; - for (let i=0; i<16; i++) { - const w = circuit.calculateWitness({ "selector": i }); + for (let i = 0; i < 16; i++) { + const w = circuit.calculateWitness({ selector: i }); assert(circuit.checkWitness(w)); @@ -53,26 +51,16 @@ describe("Mux4 test", () => { }); it("Should create a constant multiplexer 3", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "mux3_1.circom")); const circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains Mux3: " + circuit.nConstraints); - const ct8 = [ - bigInt("37"), - bigInt("47"), - bigInt("53"), - bigInt("71"), - bigInt("89"), - bigInt("107"), - bigInt("163"), - bigInt("191") - ]; + const ct8 = [bigInt("37"), bigInt("47"), bigInt("53"), bigInt("71"), bigInt("89"), bigInt("107"), bigInt("163"), bigInt("191")]; - for (let i=0; i<8; i++) { - const w = circuit.calculateWitness({ "selector": i }); + for (let i = 0; i < 8; i++) { + const w = circuit.calculateWitness({ selector: i }); assert(w[0].equals(bigInt(1))); @@ -81,22 +69,16 @@ describe("Mux4 test", () => { } }); it("Should create a constant multiplexer 2", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "mux2_1.circom")); const circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains Mux2: " + circuit.nConstraints); - const ct8 = [ - bigInt("37"), - bigInt("47"), - bigInt("53"), - bigInt("71"), - ]; + const ct8 = [bigInt("37"), bigInt("47"), bigInt("53"), bigInt("71")]; - for (let i=0; i<4; i++) { - const w = circuit.calculateWitness({ "selector": i }); + for (let i = 0; i < 4; i++) { + const w = circuit.calculateWitness({ selector: i }); assert(circuit.checkWitness(w)); @@ -107,20 +89,16 @@ describe("Mux4 test", () => { } }); it("Should create a constant multiplexer 1", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "mux1_1.circom")); const circuit = new snarkjs.Circuit(cirDef); console.log("NConstrains Mux1: " + circuit.nConstraints); - const ct8 = [ - bigInt("37"), - bigInt("47"), - ]; + const ct8 = [bigInt("37"), bigInt("47")]; - for (let i=0; i<2; i++) { - const w = circuit.calculateWitness({ "selector": i }); + for (let i = 0; i < 2; i++) { + const w = circuit.calculateWitness({ selector: i }); assert(circuit.checkWitness(w)); diff --git a/test/pedersen.js b/test/pedersen.js index d828520..d53cb1d 100644 --- a/test/pedersen.js +++ b/test/pedersen.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; @@ -9,19 +9,33 @@ const bigInt = snarkjs.bigInt; const babyJub = require("../src/babyjub.js"); -const PBASE = +const PBASE = [ [ - [bigInt("10457101036533406547632367118273992217979173478358440826365724437999023779287"),bigInt("19824078218392094440610104313265183977899662750282163392862422243483260492317")], - [bigInt("2671756056509184035029146175565761955751135805354291559563293617232983272177"),bigInt("2663205510731142763556352975002641716101654201788071096152948830924149045094")], - [bigInt("5802099305472655231388284418920769829666717045250560929368476121199858275951"),bigInt("5980429700218124965372158798884772646841287887664001482443826541541529227896")], - [bigInt("7107336197374528537877327281242680114152313102022415488494307685842428166594"),bigInt("2857869773864086953506483169737724679646433914307247183624878062391496185654")], - [bigInt("20265828622013100949498132415626198973119240347465898028410217039057588424236"),bigInt("1160461593266035632937973507065134938065359936056410650153315956301179689506")] - ]; + bigInt("10457101036533406547632367118273992217979173478358440826365724437999023779287"), + bigInt("19824078218392094440610104313265183977899662750282163392862422243483260492317"), + ], + [ + bigInt("2671756056509184035029146175565761955751135805354291559563293617232983272177"), + bigInt("2663205510731142763556352975002641716101654201788071096152948830924149045094"), + ], + [ + bigInt("5802099305472655231388284418920769829666717045250560929368476121199858275951"), + bigInt("5980429700218124965372158798884772646841287887664001482443826541541529227896"), + ], + [ + bigInt("7107336197374528537877327281242680114152313102022415488494307685842428166594"), + bigInt("2857869773864086953506483169737724679646433914307247183624878062391496185654"), + ], + [ + bigInt("20265828622013100949498132415626198973119240347465898028410217039057588424236"), + bigInt("1160461593266035632937973507065134938065359936056410650153315956301179689506"), + ], +]; -describe("Double Pedersen test", function() { +describe("Double Pedersen test", function () { let circuit; this.timeout(100000); - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "pedersen_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -29,10 +43,9 @@ describe("Double Pedersen test", function() { console.log("NConstrains: " + circuit.nConstraints); }); it("Should pedersen at zero", async () => { - let w, xout, yout; - w = circuit.calculateWitness({ in: ["0", "0"]}); + w = circuit.calculateWitness({ in: ["0", "0"] }); xout = w[circuit.getSignalIdx("main.out[0]")]; yout = w[circuit.getSignalIdx("main.out[1]")]; @@ -43,7 +56,7 @@ describe("Double Pedersen test", function() { it("Should pedersen at one first generator", async () => { let w, xout, yout; - w = circuit.calculateWitness({ in: ["1", "0"]}); + w = circuit.calculateWitness({ in: ["1", "0"] }); xout = bigInt(w[circuit.getSignalIdx("main.out[0]")]); yout = bigInt(w[circuit.getSignalIdx("main.out[1]")]); @@ -54,45 +67,36 @@ describe("Double Pedersen test", function() { it("Should pedersen at one second generator", async () => { let w, xout, yout; - w = circuit.calculateWitness({ in: ["0", "1"]}); + w = circuit.calculateWitness({ in: ["0", "1"] }); xout = w[circuit.getSignalIdx("main.out[0]")]; yout = w[circuit.getSignalIdx("main.out[1]")]; assert(xout.equals(PBASE[1][0])); assert(yout.equals(PBASE[1][1])); - }); it("Should pedersen at mixed generators", async () => { let w, xout, yout; - w = circuit.calculateWitness({ in: ["3", "7"]}); + w = circuit.calculateWitness({ in: ["3", "7"] }); xout = w[circuit.getSignalIdx("main.out[0]")]; yout = w[circuit.getSignalIdx("main.out[1]")]; - - const r = babyJub.addPoint( - babyJub.mulPointEscalar(PBASE[0], 3), - babyJub.mulPointEscalar(PBASE[1], 7) - ); + const r = babyJub.addPoint(babyJub.mulPointEscalar(PBASE[0], 3), babyJub.mulPointEscalar(PBASE[1], 7)); assert(xout.equals(r[0])); assert(yout.equals(r[1])); - }); it("Should pedersen all ones", async () => { let w, xout, yout; const allOnes = bigInt("1").shl(250).sub(bigInt("1")); - w = circuit.calculateWitness({ in: [allOnes, allOnes]}); + w = circuit.calculateWitness({ in: [allOnes, allOnes] }); xout = w[circuit.getSignalIdx("main.out[0]")]; yout = w[circuit.getSignalIdx("main.out[1]")]; - const r2 = babyJub.addPoint( - babyJub.mulPointEscalar(PBASE[0], allOnes), - babyJub.mulPointEscalar(PBASE[1], allOnes) - ); + const r2 = babyJub.addPoint(babyJub.mulPointEscalar(PBASE[0], allOnes), babyJub.mulPointEscalar(PBASE[1], allOnes)); assert(xout.equals(r2[0])); assert(yout.equals(r2[1])); diff --git a/test/pedersen2.js b/test/pedersen2.js index 65252b6..0145952 100644 --- a/test/pedersen2.js +++ b/test/pedersen2.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; @@ -10,11 +10,10 @@ const bigInt = snarkjs.bigInt; const babyJub = require("../src/babyjub.js"); const pedersen = require("../src/pedersenHash.js"); - -describe("Pedersen test", function() { +describe("Pedersen test", function () { let circuit; this.timeout(100000); - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "pedersen2_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -22,10 +21,9 @@ describe("Pedersen test", function() { console.log("NConstrains Pedersen2: " + circuit.nConstraints); }); it("Should pedersen at zero", async () => { - let w, xout, yout; - w = circuit.calculateWitness({ in: 0}); + w = circuit.calculateWitness({ in: 0 }); xout = w[circuit.getSignalIdx("main.out[0]")]; yout = w[circuit.getSignalIdx("main.out[1]")]; @@ -44,21 +42,19 @@ describe("Pedersen test", function() { assert(yout.equals(hP[1])); }); it("Should pedersen with 253 ones", async () => { - let w, xout, yout; const n = bigInt.one.shl(253).sub(bigInt.one); console.log(n.toString(16)); - w = circuit.calculateWitness({ in: n}); + w = circuit.calculateWitness({ in: n }); xout = w[circuit.getSignalIdx("main.out[0]")]; yout = w[circuit.getSignalIdx("main.out[1]")]; const b = Buffer.alloc(32); - for (let i=0; i<31; i++) b[i] = 0xFF; - b[31] = 0x1F; - + for (let i = 0; i < 31; i++) b[i] = 0xff; + b[31] = 0x1f; const h = pedersen.hash(b); const hP = babyJub.unpackPoint(h); diff --git a/test/point2bits.js b/test/point2bits.js index 51191d5..2ac1dde 100644 --- a/test/point2bits.js +++ b/test/point2bits.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; @@ -9,11 +9,10 @@ const bigInt = snarkjs.bigInt; const babyJub = require("../src/babyjub.js"); - -describe("Point 2 bits test", function() { +describe("Point 2 bits test", function () { let circuit; this.timeout(100000); - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "pointbits_loopback.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -21,12 +20,12 @@ describe("Point 2 bits test", function() { console.log("NConstrains Point2Bits loopback: " + circuit.nConstraints); }); it("Should do the both convertions for 8Base", async () => { - const w = circuit.calculateWitness({ in: babyJub.Base8}); + const w = circuit.calculateWitness({ in: babyJub.Base8 }); assert(circuit.checkWitness(w)); }); it("Should do the both convertions for Zero point", async () => { - const w = circuit.calculateWitness({ in: [0, 1]}); + const w = circuit.calculateWitness({ in: [0, 1] }); assert(circuit.checkWitness(w)); }); diff --git a/test/poseidoncircuit.js b/test/poseidoncircuit.js index 3322c6f..5fad2a0 100644 --- a/test/poseidoncircuit.js +++ b/test/poseidoncircuit.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const poseidon = require("../src/poseidon.js"); @@ -13,7 +13,7 @@ describe("Poseidon Circuit test", function () { this.timeout(100000); - before( async () => { + before(async () => { const cirDef2 = await compiler(path.join(__dirname, "circuits", "poseidon2_test.circom")); const cirDef4 = await compiler(path.join(__dirname, "circuits", "poseidon4_test.circom")); @@ -24,7 +24,7 @@ describe("Poseidon Circuit test", function () { it("Should check constrain of hash([1, 2])", async () => { const hash = poseidon([1, 2]); assert.equal("0x11ad302b36a2d7e09653c8e90618f00c06cd0a7348e52cdf2ccced3c3abec679", "0x" + hash.toString(16)); - const w = await circuit2.calculateWitness({inputs: [1, 2]}, true); + const w = await circuit2.calculateWitness({ inputs: [1, 2] }, true); const res = w[circuit2.getSignalIdx("main.out")]; assert.equal(res.toString(), hash.toString()); await circuit2.checkWitness(w); @@ -33,17 +33,16 @@ describe("Poseidon Circuit test", function () { it("Should check constrain of hash([3, 4])", async () => { const hash = poseidon([3, 4]); assert.equal("0x23939f0972e764d6e252060279aabaca8ec650ab30b17d2c13551bec2a66bcef", "0x" + hash.toString(16)); - const w = await circuit2.calculateWitness({inputs: [3, 4]}); + const w = await circuit2.calculateWitness({ inputs: [3, 4] }); const res = w[circuit2.getSignalIdx("main.out")]; assert.equal(res.toString(), hash.toString()); await circuit2.checkWitness(w); }); - it("Should check constrain of hash([1, 2, 3, 4])", async () => { const hash = poseidon([1, 2, 3, 4]); assert.equal("0x2e4fb80ce74868b0d33f4acb22071d8d8f8da7d30ebf972e6e4f72a64bb0633f", "0x" + hash.toString(16)); - const w = await circuit4.calculateWitness({inputs: [1, 2, 3, 4]}); + const w = await circuit4.calculateWitness({ inputs: [1, 2, 3, 4] }); const res = w[circuit4.getSignalIdx("main.out")]; assert.equal(res.toString(), hash.toString()); await circuit4.checkWitness(w); @@ -52,7 +51,7 @@ describe("Poseidon Circuit test", function () { it("Should check constrain of hash([5, 6, 7, 8])", async () => { const hash = poseidon([5, 6, 7, 8]); assert.equal("0x2a3fc67aa97766917ee06e927f35fd70f4655ad6c1f2e7bcd5c5c85aa3a8a974", "0x" + hash.toString(16)); - const w = await circuit4.calculateWitness({inputs: [5, 6, 7, 8]}); + const w = await circuit4.calculateWitness({ inputs: [5, 6, 7, 8] }); const res = w[circuit4.getSignalIdx("main.out")]; assert.equal(res.toString(), hash.toString()); await circuit4.checkWitness(w); diff --git a/test/sha256.js b/test/sha256.js index d38ba7e..9b2302f 100644 --- a/test/sha256.js +++ b/test/sha256.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const crypto = require("crypto"); const compiler = require("circom"); @@ -11,36 +11,32 @@ const sha256 = require("./helpers/sha256"); // const printSignal = require("./helpers/printsignal"); - function buffer2bitArray(b) { const res = []; - for (let i=0; i> (7-j) &1)); + for (let i = 0; i < b.length; i++) { + for (let j = 0; j < 8; j++) { + res.push((b[i] >> (7 - j)) & 1); } } return res; } function bitArray2buffer(a) { - const len = Math.floor((a.length -1 )/8)+1; + const len = Math.floor((a.length - 1) / 8) + 1; const b = new Buffer.alloc(len); - for (let i=0; i { - - it("Should work bits to array and array to bits", async () => { const b = new Buffer.alloc(64); - for (let i=0; i<64; i++) { - b[i] = i+1; + for (let i = 0; i < 64; i++) { + b[i] = i + 1; } const a = buffer2bitArray(b); const b2 = bitArray2buffer(a); @@ -52,21 +48,19 @@ describe("SHA256 test", () => { const cirDef = await compiler(path.join(__dirname, "circuits", "sha256_2_test.circom")); const circuit = new snarkjs.Circuit(cirDef); - console.log("Vars: "+circuit.nVars); - console.log("Constraints: "+circuit.nConstraints); + console.log("Vars: " + circuit.nVars); + console.log("Constraints: " + circuit.nConstraints); - const witness = circuit.calculateWitness({ "a": "1", "b": "2" }); + const witness = circuit.calculateWitness({ a: "1", b: "2" }); const b = new Buffer.alloc(54); b[26] = 1; b[53] = 2; - const hash = crypto.createHash("sha256") - .update(b) - .digest("hex"); + const hash = crypto.createHash("sha256").update(b).digest("hex"); const r = "0x" + hash.slice(10); - const hash2 = sha256.hash(b.toString("hex"), {msgFormat: "hex-bytes"}); + const hash2 = sha256.hash(b.toString("hex"), { msgFormat: "hex-bytes" }); assert.equal(hash, hash2); @@ -74,63 +68,55 @@ describe("SHA256 test", () => { }).timeout(1000000); it("Should calculate a hash of 2 compressor", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "sha256_test512.circom"), {reduceConstraints:false} ); + const cirDef = await compiler(path.join(__dirname, "circuits", "sha256_test512.circom"), { reduceConstraints: false }); const circuit = new snarkjs.Circuit(cirDef); - console.log("Vars: "+circuit.nVars); - console.log("Constraints: "+circuit.nConstraints); + console.log("Vars: " + circuit.nVars); + console.log("Constraints: " + circuit.nConstraints); -/* + /* const testStr = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; const b = Buffer.from(testStr, 'utf8'); */ const b = new Buffer.alloc(64); - for (let i=0; i<64; i++) { - b[i] = i+1; + for (let i = 0; i < 64; i++) { + b[i] = i + 1; } - const hash = crypto.createHash("sha256") - .update(b) - .digest("hex"); + const hash = crypto.createHash("sha256").update(b).digest("hex"); const arrIn = buffer2bitArray(b); - const witness = circuit.calculateWitness({ "in": arrIn } /*, {logOutput: true} */); + const witness = circuit.calculateWitness({ in: arrIn } /*, {logOutput: true} */); const arrOut = witness.slice(1, 257); const hash2 = bitArray2buffer(arrOut).toString("hex"); assert.equal(hash, hash2); - }).timeout(1000000); - it("Should calculate a hash of 2 compressor", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "sha256_test448.circom"), {reduceConstraints:false} ); + const cirDef = await compiler(path.join(__dirname, "circuits", "sha256_test448.circom"), { reduceConstraints: false }); const circuit = new snarkjs.Circuit(cirDef); - console.log("Vars: "+circuit.nVars); - console.log("Constraints: "+circuit.nConstraints); - + console.log("Vars: " + circuit.nVars); + console.log("Constraints: " + circuit.nConstraints); const testStr = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - const b = Buffer.from(testStr, 'utf8'); - for (let i=0; i<64; i++) { - b[i] = i+1; + const b = Buffer.from(testStr, "utf8"); + for (let i = 0; i < 64; i++) { + b[i] = i + 1; } - const hash = crypto.createHash("sha256") - .update(b) - .digest("hex"); + const hash = crypto.createHash("sha256").update(b).digest("hex"); const arrIn = buffer2bitArray(b); - const witness = circuit.calculateWitness({ "in": arrIn } /*, {logOutput: true} */); + const witness = circuit.calculateWitness({ in: arrIn } /*, {logOutput: true} */); const arrOut = witness.slice(1, 257); const hash2 = bitArray2buffer(arrOut).toString("hex"); assert.equal(hash, hash2); - }).timeout(1000000); }); diff --git a/test/sign.js b/test/sign.js index 81efe80..7c743bc 100644 --- a/test/sign.js +++ b/test/sign.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const assert = chai.assert; @@ -13,7 +13,7 @@ function print(circuit, w, s) { function getBits(v, n) { const res = []; - for (let i=0; i { let circuit; - before( async() => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "sign_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -37,52 +37,50 @@ describe("Sign test", () => { it("Sign of 0", async () => { const inp = getBits(bigInt.zero, 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(0)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(0))); }); it("Sign of 3", async () => { const inp = getBits(bigInt(3), 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(0)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(0))); }); it("Sign of q/2", async () => { const inp = getBits(q.shr(bigInt.one), 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(0)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(0))); }); it("Sign of q/2+1", async () => { const inp = getBits(q.shr(bigInt.one).add(bigInt.one), 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(1))); }); it("Sign of q-1", async () => { const inp = getBits(q.sub(bigInt.one), 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(1))); }); it("Sign of q", async () => { const inp = getBits(q, 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(1))); }); it("Sign of all ones", async () => { const inp = getBits(bigInt(1).shl(254).sub(bigInt(1)), 254); - const w = circuit.calculateWitness({in: inp}); + const w = circuit.calculateWitness({ in: inp }); - assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) ); + assert(w[circuit.getSignalIdx("main.sign")].equals(bigInt(1))); }); - - }); diff --git a/test/smtjs.js b/test/smtjs.js index eb360ab..8a6f98b 100644 --- a/test/smtjs.js +++ b/test/smtjs.js @@ -1,5 +1,5 @@ const chai = require("chai"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const smt = require("../src/smt.js"); @@ -7,9 +7,8 @@ const assert = chai.assert; const bigInt = snarkjs.bigInt; - function stringifyBigInts(o) { - if ((typeof(o) == "bigint") || (o instanceof bigInt)) { + if (typeof o == "bigint" || o instanceof bigInt) { return o.toString(10); } else if (Array.isArray(o)) { return o.map(stringifyBigInts); @@ -26,8 +25,7 @@ function stringifyBigInts(o) { describe("SMT Javascript test", function () { this.timeout(100000); - before( async () => { - }); + before(async () => {}); it("Should insert 2 elements and empty them", async () => { const tree = await smt.newMemEmptyTrie(); @@ -36,8 +34,8 @@ describe("SMT Javascript test", function () { const key2 = bigInt(333); const value2 = bigInt(444); - await tree.insert(key1,value1); - await tree.insert(key2,value2); + await tree.insert(key1, value1); + await tree.insert(key2, value2); await tree.delete(key2); await tree.delete(key1); @@ -54,29 +52,29 @@ describe("SMT Javascript test", function () { const tree5 = await smt.newMemEmptyTrie(); const tree6 = await smt.newMemEmptyTrie(); - await tree1.insert(keys[0],values[0]); - await tree1.insert(keys[1],values[1]); - await tree1.insert(keys[2],values[2]); + await tree1.insert(keys[0], values[0]); + await tree1.insert(keys[1], values[1]); + await tree1.insert(keys[2], values[2]); - await tree2.insert(keys[0],values[0]); - await tree2.insert(keys[2],values[2]); - await tree2.insert(keys[1],values[1]); + await tree2.insert(keys[0], values[0]); + await tree2.insert(keys[2], values[2]); + await tree2.insert(keys[1], values[1]); - await tree3.insert(keys[1],values[1]); - await tree3.insert(keys[0],values[0]); - await tree3.insert(keys[2],values[2]); + await tree3.insert(keys[1], values[1]); + await tree3.insert(keys[0], values[0]); + await tree3.insert(keys[2], values[2]); - await tree4.insert(keys[1],values[1]); - await tree4.insert(keys[2],values[2]); - await tree4.insert(keys[0],values[0]); + await tree4.insert(keys[1], values[1]); + await tree4.insert(keys[2], values[2]); + await tree4.insert(keys[0], values[0]); - await tree5.insert(keys[2],values[2]); - await tree5.insert(keys[0],values[0]); - await tree5.insert(keys[1],values[1]); + await tree5.insert(keys[2], values[2]); + await tree5.insert(keys[0], values[0]); + await tree5.insert(keys[1], values[1]); - await tree6.insert(keys[2],values[2]); - await tree6.insert(keys[1],values[1]); - await tree6.insert(keys[0],values[0]); + await tree6.insert(keys[2], values[2]); + await tree6.insert(keys[1], values[1]); + await tree6.insert(keys[0], values[0]); assert(tree1.root.equals(tree2.root)); assert(tree2.root.equals(tree3.root)); @@ -84,11 +82,11 @@ describe("SMT Javascript test", function () { assert(tree4.root.equals(tree5.root)); assert(tree5.root.equals(tree6.root)); - assert.equal(Object.keys(tree1.db.nodes).length, Object.keys(tree2.db.nodes).length); - assert.equal(Object.keys(tree2.db.nodes).length, Object.keys(tree3.db.nodes).length); - assert.equal(Object.keys(tree3.db.nodes).length, Object.keys(tree4.db.nodes).length); - assert.equal(Object.keys(tree4.db.nodes).length, Object.keys(tree5.db.nodes).length); - assert.equal(Object.keys(tree5.db.nodes).length, Object.keys(tree6.db.nodes).length); + assert.equal(Object.keys(tree1.db.nodes).length, Object.keys(tree2.db.nodes).length); + assert.equal(Object.keys(tree2.db.nodes).length, Object.keys(tree3.db.nodes).length); + assert.equal(Object.keys(tree3.db.nodes).length, Object.keys(tree4.db.nodes).length); + assert.equal(Object.keys(tree4.db.nodes).length, Object.keys(tree5.db.nodes).length); + assert.equal(Object.keys(tree5.db.nodes).length, Object.keys(tree6.db.nodes).length); await tree1.delete(keys[0]); await tree1.delete(keys[1]); @@ -134,7 +132,7 @@ describe("SMT Javascript test", function () { function perm(a) { const arr = a.slice(); const rArr = []; - for (let i=0; i { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "smtprocessor10_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -110,8 +111,6 @@ describe("SMT test", function () { await testInsert(tree, key, value, circuit); }); - - it("Should remove an element", async () => { await testDelete(tree, 111, circuit); await testDelete(tree, 333, circuit); @@ -127,30 +126,29 @@ describe("SMT test", function () { const tree5 = await smt.newMemEmptyTrie(); const tree6 = await smt.newMemEmptyTrie(); - await testInsert(tree1,keys[0],values[0], circuit); - await testInsert(tree1,keys[1],values[1], circuit); - await testInsert(tree1,keys[2],values[2], circuit); + await testInsert(tree1, keys[0], values[0], circuit); + await testInsert(tree1, keys[1], values[1], circuit); + await testInsert(tree1, keys[2], values[2], circuit); - await testInsert(tree2,keys[0],values[0], circuit); - await testInsert(tree2,keys[2],values[2], circuit); - await testInsert(tree2,keys[1],values[1], circuit); + await testInsert(tree2, keys[0], values[0], circuit); + await testInsert(tree2, keys[2], values[2], circuit); + await testInsert(tree2, keys[1], values[1], circuit); - await testInsert(tree3,keys[1],values[1], circuit); - await testInsert(tree3,keys[0],values[0], circuit); - await testInsert(tree3,keys[2],values[2], circuit); + await testInsert(tree3, keys[1], values[1], circuit); + await testInsert(tree3, keys[0], values[0], circuit); + await testInsert(tree3, keys[2], values[2], circuit); - await testInsert(tree4,keys[1],values[1], circuit); - await testInsert(tree4,keys[2],values[2], circuit); - await testInsert(tree4,keys[0],values[0], circuit); + await testInsert(tree4, keys[1], values[1], circuit); + await testInsert(tree4, keys[2], values[2], circuit); + await testInsert(tree4, keys[0], values[0], circuit); - await testInsert(tree5,keys[2],values[2], circuit); - await testInsert(tree5,keys[0],values[0], circuit); - await testInsert(tree5,keys[1],values[1], circuit); - - await testInsert(tree6,keys[2],values[2], circuit); - await testInsert(tree6,keys[1],values[1], circuit); - await testInsert(tree6,keys[0],values[0], circuit); + await testInsert(tree5, keys[2], values[2], circuit); + await testInsert(tree5, keys[0], values[0], circuit); + await testInsert(tree5, keys[1], values[1], circuit); + await testInsert(tree6, keys[2], values[2], circuit); + await testInsert(tree6, keys[1], values[1], circuit); + await testInsert(tree6, keys[0], values[0], circuit); await testDelete(tree1, keys[0], circuit); await testDelete(tree1, keys[1], circuit); @@ -162,7 +160,6 @@ describe("SMT test", function () { await testDelete(tree4, keys[2], circuit); await testDelete(tree4, keys[0], circuit); - await testDelete(tree5, keys[1], circuit); await testDelete(tree5, keys[2], circuit); await testDelete(tree6, keys[2], circuit); @@ -178,16 +175,16 @@ describe("SMT test", function () { it("Should match a NOp with random vals", async () => { let siblings = []; - while (siblings.length<10) siblings.push(bigInt(88)); + while (siblings.length < 10) siblings.push(bigInt(88)); const w = circuit.calculateWitness({ - fnc: [0,0], + fnc: [0, 0], oldRoot: 11, siblings: siblings, oldKey: 33, oldValue: 44, isOld0: 55, newKey: 66, - newValue: 77 + newValue: 77, }); const root1 = w[circuit.getSignalIdx("main.oldRoot")]; @@ -195,23 +192,21 @@ describe("SMT test", function () { assert(circuit.checkWitness(w)); assert(root1.equals(root2)); - }); it("Should update an element", async () => { const tree1 = await smt.newMemEmptyTrie(); const tree2 = await smt.newMemEmptyTrie(); - await testInsert(tree1,8,88, circuit); - await testInsert(tree1,9,99, circuit); - await testInsert(tree1,32,3232, circuit); + await testInsert(tree1, 8, 88, circuit); + await testInsert(tree1, 9, 99, circuit); + await testInsert(tree1, 32, 3232, circuit); - await testInsert(tree2,8,888, circuit); - await testInsert(tree2,9,999, circuit); - await testInsert(tree2,32,323232, circuit); + await testInsert(tree2, 8, 888, circuit); + await testInsert(tree2, 9, 999, circuit); + await testInsert(tree2, 32, 323232, circuit); await testUpdate(tree1, 8, 888, circuit); await testUpdate(tree1, 9, 999, circuit); await testUpdate(tree1, 32, 323232, circuit); }); - }); diff --git a/test/smtverifier.js b/test/smtverifier.js index ce6cd05..4cb0625 100644 --- a/test/smtverifier.js +++ b/test/smtverifier.js @@ -1,6 +1,6 @@ const chai = require("chai"); const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); const smt = require("../src/smt.js"); @@ -14,12 +14,11 @@ function print(circuit, w, s) { } async function testInclusion(tree, key, circuit) { - const res = await tree.find(key); assert(res.found); let siblings = res.siblings; - while (siblings.length<10) siblings.push(bigInt(0)); + while (siblings.length < 10) siblings.push(bigInt(0)); const w = circuit.calculateWitness({ enabled: 1, @@ -30,7 +29,7 @@ async function testInclusion(tree, key, circuit) { oldValue: 0, isOld0: 0, key: key, - value: res.foundValue + value: res.foundValue, }); assert(circuit.checkWitness(w)); @@ -41,7 +40,7 @@ async function testExclusion(tree, key, circuit) { assert(!res.found); let siblings = res.siblings; - while (siblings.length<10) siblings.push(bigInt(0)); + while (siblings.length < 10) siblings.push(bigInt(0)); const w = circuit.calculateWitness({ enabled: 1, @@ -52,7 +51,7 @@ async function testExclusion(tree, key, circuit) { oldValue: res.isOld0 ? 0 : res.notFoundValue, isOld0: res.isOld0 ? 1 : 0, key: key, - value: 0 + value: 0, }); assert(circuit.checkWitness(w)); @@ -64,7 +63,7 @@ describe("SMT test", function () { this.timeout(100000); - before( async () => { + before(async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "smtverifier10_test.circom")); circuit = new snarkjs.Circuit(cirDef); @@ -72,9 +71,9 @@ describe("SMT test", function () { console.log("NConstrains SMTVerifier: " + circuit.nConstraints); tree = await smt.newMemEmptyTrie(); - await tree.insert(7,77); - await tree.insert(8,88); - await tree.insert(32,3232); + await tree.insert(7, 77); + await tree.insert(8, 88); + await tree.insert(32, 3232); }); it("Check inclussion in a tree of 3", async () => { @@ -95,7 +94,7 @@ describe("SMT test", function () { it("Check not enabled accepts any thing", async () => { let siblings = []; - for (let i=0; i<10; i++) siblings.push(i); + for (let i = 0; i < 10; i++) siblings.push(i); const w = circuit.calculateWitness({ enabled: 0, @@ -106,33 +105,31 @@ describe("SMT test", function () { oldValue: 33, isOld0: 0, key: 44, - value: 0 + value: 0, }); assert(circuit.checkWitness(w)); }); it("Check inclussion Adria case", async () => { - const e1_hi= bigInt("17124152697573569611556136390143205198134245887034837071647643529178599000839"); - const e1_hv= bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"); + const e1_hi = bigInt("17124152697573569611556136390143205198134245887034837071647643529178599000839"); + const e1_hv = bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"); - const e2ok_hi= bigInt("16498254692537945203721083102154618658340563351558973077349594629411025251262"); - const e2ok_hv= bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"); + const e2ok_hi = bigInt("16498254692537945203721083102154618658340563351558973077349594629411025251262"); + const e2ok_hv = bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"); - const e2fail_hi= bigInt("17195092312975762537892237130737365903429674363577646686847513978084990105579"); - const e2fail_hv= bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"); + const e2fail_hi = bigInt("17195092312975762537892237130737365903429674363577646686847513978084990105579"); + const e2fail_hv = bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"); const tree1 = await smt.newMemEmptyTrie(); - await tree1.insert(e1_hi,e1_hv); - await tree1.insert(e2ok_hi,e2ok_hv); + await tree1.insert(e1_hi, e1_hv); + await tree1.insert(e2ok_hi, e2ok_hv); await testInclusion(tree1, e2ok_hi, circuit); const tree2 = await smt.newMemEmptyTrie(); - await tree2.insert(e1_hi,e1_hv); - await tree2.insert(e2fail_hi,e2fail_hv); + await tree2.insert(e1_hi, e1_hv); + await tree2.insert(e2fail_hi, e2fail_hv); await testInclusion(tree2, e2fail_hi, circuit); }); - - }); diff --git a/test/smtverifier_adria.js b/test/smtverifier_adria.js index 3b93d09..c7c3e27 100644 --- a/test/smtverifier_adria.js +++ b/test/smtverifier_adria.js @@ -1,7 +1,7 @@ const path = require("path"); -const snarkjs = require("snarkjs"); +const snarkjs = require("@tornado/snarkjs"); const compiler = require("circom"); -const fs = require("fs") +const fs = require("fs"); const bigInt = snarkjs.bigInt; const smt = require("../src/smt.js"); @@ -36,9 +36,9 @@ describe("smt3test", function () { let circuitFileName; - before( async () => { + before(async () => { circuitFileName = path.join(__dirname, ".", "rawsmt3.circom"); - fs.writeFileSync(circuitFileName,circuitSource); + fs.writeFileSync(circuitFileName, circuitSource); }); const levels = 4; @@ -61,10 +61,7 @@ describe("smt3test", function () { hv: e1.hv, }; - const compiledCircuit = await compiler( - circuitFileName, - { reduceConstraints: false } - ); + const compiledCircuit = await compiler(circuitFileName, { reduceConstraints: false }); const circuit = new snarkjs.Circuit(compiledCircuit); const witness = circuit.calculateWitness(input); @@ -72,7 +69,6 @@ describe("smt3test", function () { } it("TestSmts", async () => { - const e1 = { hi: bigInt("17124152697573569611556136390143205198134245887034837071647643529178599000839"), hv: bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"), @@ -95,4 +91,3 @@ describe("smt3test", function () { await testsmt3(e1, e2fail); }); }); -