From 94102acceb3a7527717a47e599d614a3f78d9d99 Mon Sep 17 00:00:00 2001 From: lovesh Date: Mon, 2 Oct 2023 17:57:16 +0530 Subject: [PATCH] Add range proof protocols Signed-off-by: lovesh --- Cargo.lock | 159 +++-- Cargo.toml | 25 +- package.json | 2 +- src/bound_check.rs | 137 +++- src/composite_proof_system/mod.rs | 26 +- src/composite_proof_system/setup_params.rs | 67 ++ src/composite_proof_system/statement.rs | 671 ------------------ .../statements/accumulator.rs | 95 +++ .../statements/bound_check.rs | 343 +++++++++ src/composite_proof_system/statements/mod.rs | 100 +++ .../statements/pok_sig.rs | 119 ++++ src/composite_proof_system/statements/r1cs.rs | 115 +++ .../statements/saver.rs | 168 +++++ src/js/bound_check_wasm.js | 30 + src/js/composite_proof_system_wasm.js | 55 ++ src/js/setup_params_wasm.js | 15 + src/js/type_declarations/bound_check.d.ts | 12 + .../composite_proof_system.d.ts | 64 ++ src/js/type_declarations/setup_params.d.ts | 15 + tests/bound_check.rs | 6 +- tests/common/mod.rs | 2 +- tests/composite_proof_system.rs | 2 +- tests/js/boundCheck.spec.ts | 365 ++++++---- tests/js/proofSystem.spec.ts | 1 - tests/saver.rs | 2 +- 25 files changed, 1700 insertions(+), 896 deletions(-) delete mode 100644 src/composite_proof_system/statement.rs create mode 100644 src/composite_proof_system/statements/accumulator.rs create mode 100644 src/composite_proof_system/statements/bound_check.rs create mode 100644 src/composite_proof_system/statements/mod.rs create mode 100644 src/composite_proof_system/statements/pok_sig.rs create mode 100644 src/composite_proof_system/statements/r1cs.rs create mode 100644 src/composite_proof_system/statements/saver.rs diff --git a/Cargo.lock b/Cargo.lock index 29f88d2..1fda751 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -264,9 +264,9 @@ dependencies = [ [[package]] name = "bbs_plus" -version = "0.16.0" +version = "0.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bdf5be93b3edd6e2fa2161952b782dc9e35d65382aa5ec917a4a492eb7f4493" +checksum = "7732b652fb5bca8357fbc012250ede183c658853972c83b7f14a6a405b5c8165" dependencies = [ "ark-ec", "ark-ff", @@ -320,11 +320,29 @@ dependencies = [ "generic-array", ] +[[package]] +name = "bulletproofs_plus_plus" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dd367088019d22fd0911a9d9dd9cd1c713dca62082b73c0afa08a1dd9e7ec58f" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-poly", + "ark-serialize", + "ark-std", + "digest", + "dock_crypto_utils", + "serde", + "serde_with", + "zeroize", +] + [[package]] name = "bumpalo" -version = "3.13.0" +version = "3.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" +checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec" [[package]] name = "bytecheck" @@ -387,9 +405,9 @@ dependencies = [ [[package]] name = "coconut-crypto" -version = "0.5.0" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa491763c6177c360877ae9a099511bbd8a236c8f23b7c7f3bde8226a8a57104" +checksum = "4f59a6ad48b4d447024dbea1c799d31af5f31d1f3d68a480b1c52ead079b151f" dependencies = [ "ark-ec", "ark-ff", @@ -492,7 +510,7 @@ dependencies = [ "ident_case", "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", ] [[package]] @@ -514,7 +532,7 @@ checksum = "836a9bbc7ad63342d6d6e7b815ccab164bc77a2d95d84bc3117a8c0d5c98e2d5" dependencies = [ "darling_core 0.20.3", "quote", - "syn 2.0.31", + "syn 2.0.37", ] [[package]] @@ -524,7 +542,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "978747c1d849a7d2ee5e8adc0159961c48fb7e5db2f06af6723b80123bb53856" dependencies = [ "cfg-if", - "hashbrown 0.14.0", + "hashbrown 0.14.1", "lock_api", "once_cell", "parking_lot_core", @@ -563,9 +581,9 @@ dependencies = [ [[package]] name = "dock_crypto_utils" -version = "0.15.0" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a2ebbc6a05a9e51485ef402e8ca53851a9a15560756b09a3fbf81a43d7190273" +checksum = "a61b9f8b0e2a385970e0ef9af44eac0ef987fb2ee7164f4cf6f6eb6a67fb8ee8" dependencies = [ "ark-ec", "ark-ff", @@ -583,7 +601,7 @@ dependencies = [ [[package]] name = "dock_crypto_wasm" -version = "0.16.0" +version = "0.17.0" dependencies = [ "ark-bls12-381", "ark-ec", @@ -593,6 +611,7 @@ dependencies = [ "ark-std", "bbs_plus", "blake2", + "bulletproofs_plus_plus", "coconut-crypto", "console_error_panic_hook", "dlmalloc", @@ -610,6 +629,7 @@ dependencies = [ "serde-wasm-bindgen", "serde_json", "serde_with", + "smc_range_proof", "vb_accumulator", "wasm-bindgen", "wasm-bindgen-test", @@ -676,7 +696,7 @@ dependencies = [ "darling 0.20.3", "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", ] [[package]] @@ -762,9 +782,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.14.0" +version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" +checksum = "7dfda62a12f55daeae5015f81b0baea145391cb4520f86c248fc615d72640d12" [[package]] name = "ident_case" @@ -848,9 +868,9 @@ checksum = "884e2677b40cc8c339eaefcb701c32ef1fd2493d71118dc0ca4b6a736c93bd67" [[package]] name = "legogroth16" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "553572c9dbd2f5410fc7d192eb1f93f385068a150156b2cf551ec7aad0431be6" +checksum = "f770653b2e9b051e271afe863c4770c77e7a691b71b61889c90fc336c2f0ea42" dependencies = [ "ark-ec", "ark-ff", @@ -869,9 +889,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.147" +version = "0.2.148" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b" [[package]] name = "lock_api" @@ -900,9 +920,9 @@ dependencies = [ [[package]] name = "memchr" -version = "2.6.3" +version = "2.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c" +checksum = "f665ee40bc4a3c5590afb1e9677db74a508659dfd71e126420da8274909a0167" [[package]] name = "memmap2" @@ -1022,9 +1042,9 @@ dependencies = [ [[package]] name = "oblivious_transfer_protocols" -version = "0.3.0" +version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21a59745221bf36e6718b6f68d17f4f59c14266040d0aed1b3635147ce6b4119" +checksum = "367abb69dd82ab63e92b506489b5957c4c3c22e46dbc932e2a96a63bca171265" dependencies = [ "aes", "ark-ec", @@ -1113,18 +1133,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.66" +version = "1.0.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +checksum = "3d433d9f1a3e8c1263d9456598b16fec66f4acc9a74dacffd35c7bb09b3a1328" dependencies = [ "unicode-ident", ] [[package]] name = "proof_system" -version = "0.22.0" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b95b35c0c21d2cbee46d87df9a4e57073ab22f2313957886c56b6d9abeeaa9a3" +checksum = "63297d193f837dbffdf5eb1f3bde1f78b407beade67d4edfcea49f13c98836d1" dependencies = [ "ark-ec", "ark-ff", @@ -1134,6 +1154,7 @@ dependencies = [ "ark-serialize", "ark-std", "bbs_plus", + "bulletproofs_plus_plus", "coconut-crypto", "digest", "dock_crypto_utils", @@ -1144,6 +1165,7 @@ dependencies = [ "schnorr_pok", "serde", "serde_with", + "smc_range_proof", "vb_accumulator", "zeroize", ] @@ -1273,9 +1295,9 @@ dependencies = [ [[package]] name = "rend" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "581008d2099240d37fb08d77ad713bcaec2c4d89d50b5b21a8bb1996bbab68ab" +checksum = "a2571463863a6bd50c32f94402933f03457a3fbaf697a707c5be741e459f08fd" dependencies = [ "bytecheck", ] @@ -1332,9 +1354,9 @@ checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" [[package]] name = "saver" -version = "0.13.0" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3605d692b142fab173eed0d5f1daea2c060d1a0830dbd7aded705efd2881d1e1" +checksum = "9b32437f2329feb3120aa62e72fd006eff373f7e0e44363c72ae1d2bfa61e483" dependencies = [ "ark-ec", "ark-ff", @@ -1354,9 +1376,9 @@ dependencies = [ [[package]] name = "schnorr_pok" -version = "0.14.0" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69b838ea805fcd0a11d9a772ac122d5b3100219e7b9148d741183d86aba542dd" +checksum = "6d5f6e808bf4777e34e68bfa375bf339a867951de33cd72c5c968c8a4737a398" dependencies = [ "ark-ec", "ark-ff", @@ -1389,9 +1411,9 @@ checksum = "1c107b6f4780854c8b126e228ea8869f4d7b71260f962fefb57b996b8959ba6b" [[package]] name = "secret_sharing_and_dkg" -version = "0.7.0" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de211105492ff2c3a2c531481042f324c5ac741102a016a49a7d5159037e9e29" +checksum = "c19bcfb276a1876e43ee0f8aca0cc9fd784ce71214ae1b050ef1ec201b15d46a" dependencies = [ "ark-ec", "ark-ff", @@ -1408,9 +1430,9 @@ dependencies = [ [[package]] name = "semver" -version = "1.0.18" +version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0293b4b29daaf487284529cc2f5675b8e57c61f70167ba415a463651fd6a918" +checksum = "ad977052201c6de01a8ef2aa3378c4bd23217a056337d1d6da40468d267a4fb0" [[package]] name = "serde" @@ -1440,14 +1462,14 @@ checksum = "4eca7ac642d82aa35b60049a6eccb4be6be75e599bd2e9adb5f875a737654af2" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", ] [[package]] name = "serde_json" -version = "1.0.105" +version = "1.0.107" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "693151e1ac27563d6dbcec9dee9fbd5da8539b20fa14ad3752b2e6d363ace360" +checksum = "6b420ce6e3d8bd882e9b243c6eed35dbc9a6110c9769e74b584e0d68d1f20c65" dependencies = [ "itoa", "ryu", @@ -1478,9 +1500,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.7" +version = "0.10.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8" +checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" dependencies = [ "cfg-if", "cpufeatures", @@ -1505,9 +1527,24 @@ checksum = "f27f6278552951f1f2b8cf9da965d10969b2efdea95a6ec47987ab46edfe263a" [[package]] name = "smallvec" -version = "1.11.0" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" +checksum = "942b4a808e05215192e39f4ab80813e599068285906cc91aa64f923db842bd5a" + +[[package]] +name = "smc_range_proof" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5153509b97386dc1edc8157eb79fab1ff48fdd6a45159537759ac30ca6b8e03a" +dependencies = [ + "ark-ec", + "ark-ff", + "ark-serialize", + "ark-std", + "digest", + "dock_crypto_utils", + "zeroize", +] [[package]] name = "strsim" @@ -1534,9 +1571,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.31" +version = "2.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "718fa2415bcb8d8bd775917a1bf12a7931b6dfa890753378538118181e0cb398" +checksum = "7303ef2c05cd654186cb250d29049a24840ca25d2747c25c0381c8d9e2f582e8" dependencies = [ "proc-macro2", "quote", @@ -1557,22 +1594,22 @@ checksum = "9d0e916b1148c8e263850e1ebcbd046f333e0683c724876bb0da63ea4373dc8a" [[package]] name = "thiserror" -version = "1.0.48" +version = "1.0.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d6d7a740b8a666a7e828dd00da9c0dc290dff53154ea77ac109281de90589b7" +checksum = "1177e8c6d7ede7afde3585fd2513e611227efd6481bd78d2e82ba1ce16557ed4" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.48" +version = "1.0.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49922ecae66cc8a249b77e68d1d0623c1b2c514f0060c27cdc68bd62a1219d35" +checksum = "10712f02019e9288794769fba95cd6847df9874d49d871d062172f9dd41bc4cc" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", ] [[package]] @@ -1610,7 +1647,7 @@ checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", ] [[package]] @@ -1621,9 +1658,9 @@ checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a" [[package]] name = "typenum" -version = "1.16.0" +version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba" +checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" [[package]] name = "unicode-bidi" @@ -1633,9 +1670,9 @@ checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460" [[package]] name = "unicode-ident" -version = "1.0.11" +version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" [[package]] name = "unicode-normalization" @@ -1665,9 +1702,9 @@ checksum = "79daa5ed5740825c40b389c5e50312b9c86df53fccd33f281df655642b43869d" [[package]] name = "vb_accumulator" -version = "0.17.0" +version = "0.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67f8f1bee9808672e08d399c98b5a79d62e4fdc34bd2287e677e7d61bbf5d54e" +checksum = "88ce7d2b133d461a3f7658aa7d8639f510b7ec258fc12bab844faf5640e38617" dependencies = [ "ark-ec", "ark-ff", @@ -1721,7 +1758,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", "wasm-bindgen-shared", ] @@ -1778,7 +1815,7 @@ checksum = "e128beba882dd1eb6200e1dc92ae6c5dbaa4311aa7bb211ca035779e5efc39f8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2092,5 +2129,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.31", + "syn 2.0.37", ] diff --git a/Cargo.toml b/Cargo.toml index 35ffdff..8ed4a12 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,7 +5,7 @@ edition = "2021" license = "Apache-2.0" name = "dock_crypto_wasm" repository = "https://github.com/docknetwork/crypto-wasm" -version = "0.16.0" +version = "0.17.0" [lib] crate-type = ["cdylib", "rlib"] @@ -25,16 +25,19 @@ wasm-bindgen = "= 0.2.86" dlmalloc = { version = "0.2.4", features = ["global"], optional = true } serde_with = { version = "1.10.0", default-features = false, features = ["macros"] } -bbs_plus = { version = "0.16.0", default-features = false } -vb_accumulator = { version = "0.17.0", default-features = false } -schnorr_pok = { version = "0.14.0", default-features = false } -proof_system = { version = "0.22.0", default-features = false } -coconut-crypto = { version = "0.5.0", default-features = false } -dock_crypto_utils = { version = "0.15.0", default-features = false } -saver = { version = "0.13.0", default-features = false } -legogroth16 = { version = "0.10.0", default-features = false, features = ["circom", "wasmer-js"] } -secret_sharing_and_dkg = { version = "0.7.0", default-features = false } -oblivious_transfer_protocols = { version = "0.3.0", default-features = false} +bbs_plus = { version = "0.17.0", default-features = false } +vb_accumulator = { version = "0.18.0", default-features = false } +schnorr_pok = { version = "0.15.0", default-features = false } +proof_system = { version = "0.23.0", default-features = false } +coconut-crypto = { version = "0.6.0", default-features = false } +dock_crypto_utils = { version = "0.16.0", default-features = false } +saver = { version = "0.14.0", default-features = false } +legogroth16 = { version = "0.11.0", default-features = false, features = ["circom", "wasmer-js"] } +secret_sharing_and_dkg = { version = "0.8.0", default-features = false } +oblivious_transfer_protocols = { version = "0.4.0", default-features = false} +bulletproofs_plus_plus = { version = "0.1.0", default-features = false} +smc_range_proof = { version = "0.1.0", default-features = false} + ark-ec = { version = "^0.4.0", default-features = false } ark-ff = { version = "^0.4.0", default-features = false } diff --git a/package.json b/package.json index 1722481..e88a1f7 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@docknetwork/crypto-wasm", - "version": "0.21.0", + "version": "0.22.0", "author": "Dock.io", "license": "Apache-2.0", "private": false, diff --git a/src/bound_check.rs b/src/bound_check.rs index cc62750..47c0997 100644 --- a/src/bound_check.rs +++ b/src/bound_check.rs @@ -1,13 +1,26 @@ use ark_bls12_381::Bls12_381; -use proof_system::prelude::generate_snark_srs_bound_check; +use blake2::Blake2b512; +use bulletproofs_plus_plus::prelude::SetupParams; +use js_sys::Uint8Array; +use proof_system::prelude::{ + bound_check_smc::SmcParamsAndCommitmentKey, + bound_check_smc_with_kv::SmcParamsAndCommitmentKeyAndSecretKey, generate_snark_srs_bound_check, +}; -use crate::utils::{get_seeded_rng, set_panic_hook}; +use crate::{ + utils::{get_seeded_rng, set_panic_hook}, + G1Affine, +}; use wasm_bindgen::prelude::*; use zeroize::Zeroize; -/// Setup snark and generate compressed or uncompressed SNARK proving key +pub(crate) type BppSetupParams = SetupParams; +pub(crate) type SmcParams = SmcParamsAndCommitmentKey; +pub(crate) type SmcParamsAndSk = SmcParamsAndCommitmentKeyAndSecretKey; + +/// Setup snark for proving bounds and and generate compressed or uncompressed SNARK proving key #[wasm_bindgen(js_name = boundCheckSnarkSetup)] -pub fn bound_check_snark_setup(return_uncompressed: bool) -> Result { +pub fn bound_check_snark_setup(return_uncompressed: bool) -> Result { set_panic_hook(); let mut rng = get_seeded_rng(); let snark_pk = generate_snark_srs_bound_check::(&mut rng).map_err(|e| { @@ -22,3 +35,119 @@ pub fn bound_check_snark_setup(return_uncompressed: bool) -> Result, + base: u16, + value_bit_size: u16, + return_uncompressed: bool, +) -> Result { + set_panic_hook(); + let bpp_setup_params = BppSetupParams::new_for_arbitrary_range_proof::( + &label, + base, + value_bit_size, + 1, + ); + Ok(if return_uncompressed { + obj_to_uint8array_uncompressed!(&bpp_setup_params, "Bulletproofs++SetupParams") + } else { + obj_to_uint8array!(&bpp_setup_params, false, "Bulletproofs++SetupParams") + }) +} + +/// Create setup params for set-membership check based range proofs +#[wasm_bindgen(js_name = boundCheckSmcSetup)] +pub fn bound_check_smc_setup( + label: Vec, + base: u16, + return_uncompressed: bool, +) -> Result { + set_panic_hook(); + let mut rng = get_seeded_rng(); + let (smc_setup_params, _) = SmcParams::new::<_, Blake2b512>(&mut rng, &label, base); + smc_setup_params + .verify() + .map_err(|e| JsValue::from(&format!("Param validation failed with error: {:?}", e)))?; + Ok(if return_uncompressed { + obj_to_uint8array_uncompressed!(&smc_setup_params, "SmcParamsAndCommitmentKey") + } else { + obj_to_uint8array!(&smc_setup_params, false, "SmcParamsAndCommitmentKey") + }) +} + +/// Create setup params for set-membership check based range proofs supporting keyed-verification +#[wasm_bindgen(js_name = boundCheckSmcWithKVSetup)] +pub fn bound_check_smc_with_kv_setup( + label: Vec, + base: u16, + return_uncompressed: bool, +) -> Result { + set_panic_hook(); + let mut rng = get_seeded_rng(); + let (smc_setup_params, sk) = SmcParams::new::<_, Blake2b512>(&mut rng, &label, base); + smc_setup_params + .verify() + .map_err(|e| JsValue::from(&format!("Param validation failed with error: {:?}", e)))?; + let setup = js_sys::Array::new(); + let smc_params = if return_uncompressed { + obj_to_uint8array_uncompressed!(&smc_setup_params, "SmcParamsAndCommitmentKey") + } else { + obj_to_uint8array!(&smc_setup_params, false, "SmcParamsAndCommitmentKey") + }; + let smc_setup_params_with_sk = SmcParamsAndSk { + params_and_comm_key: smc_setup_params, + sk, + }; + let smc_params_with_sk = if return_uncompressed { + obj_to_uint8array_uncompressed!( + &smc_setup_params_with_sk, + "SmcParamsAndCommitmentKeyAndSecretKey" + ) + } else { + obj_to_uint8array!( + &smc_setup_params_with_sk, + false, + "SmcParamsAndCommitmentKeyAndSecretKey" + ) + }; + setup.push(&smc_params); + setup.push(&smc_params_with_sk); + Ok(setup) +} + +/// Decompress EC points in Bulletproofs++ setup +#[wasm_bindgen(js_name = decompressBppParams)] +pub fn decompress_bpp_params(params: Uint8Array) -> Result { + let params = obj_from_uint8array!(BppSetupParams, params, false, "Bulletproofs++SetupParams"); + Ok(obj_to_uint8array_uncompressed!( + ¶ms, + "Bulletproofs++SetupParams" + )) +} + +/// Decompress EC points in set-membership based range proof +#[wasm_bindgen(js_name = decompressSmcParams)] +pub fn decompress_smc_params(params: Uint8Array) -> Result { + let params = obj_from_uint8array!(SmcParams, params, false, "SmcParamsAndCommitmentKey"); + Ok(obj_to_uint8array_uncompressed!( + ¶ms, + "SmcParamsAndCommitmentKey" + )) +} + +#[wasm_bindgen(js_name = decompressSmcParamsAndSk)] +pub fn decompress_smc_params_and_sk(params: Uint8Array) -> Result { + let params = obj_from_uint8array!( + SmcParamsAndSk, + params, + false, + "SmcParamsAndCommitmentKeyAndSecretKey" + ); + Ok(obj_to_uint8array_uncompressed!( + ¶ms, + "SmcParamsAndCommitmentKeyAndSecretKey" + )) +} diff --git a/src/composite_proof_system/mod.rs b/src/composite_proof_system/mod.rs index 522a656..6f1358b 100644 --- a/src/composite_proof_system/mod.rs +++ b/src/composite_proof_system/mod.rs @@ -1,5 +1,5 @@ pub mod setup_params; -pub mod statement; +pub mod statements; use wasm_bindgen::prelude::*; @@ -324,6 +324,30 @@ pub fn generate_r1cs_circom_witness( serde_wasm_bindgen::to_value(&witness).map_err(JsValue::from) } +#[wasm_bindgen(js_name = generateBoundCheckBppWitness)] +pub fn generate_bound_check_bpp_witness(message: Uint8Array) -> Result { + set_panic_hook(); + let message = fr_from_uint8_array(message, true)?; + let witness = Witness::BoundCheckBpp(message); + serde_wasm_bindgen::to_value(&witness).map_err(JsValue::from) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcWitness)] +pub fn generate_bound_check_smc_witness(message: Uint8Array) -> Result { + set_panic_hook(); + let message = fr_from_uint8_array(message, true)?; + let witness = Witness::BoundCheckSmc(message); + serde_wasm_bindgen::to_value(&witness).map_err(JsValue::from) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcWithKVWitness)] +pub fn generate_bound_check_smc_with_kv_witness(message: Uint8Array) -> Result { + set_panic_hook(); + let message = fr_from_uint8_array(message, true)?; + let witness = Witness::BoundCheckSmcWithKV(message); + serde_wasm_bindgen::to_value(&witness).map_err(JsValue::from) +} + pub fn parse_statements_meta_statements_and_setup_params( statements: js_sys::Array, meta_statements: js_sys::Array, diff --git a/src/composite_proof_system/setup_params.rs b/src/composite_proof_system/setup_params.rs index 10cfef7..025062d 100644 --- a/src/composite_proof_system/setup_params.rs +++ b/src/composite_proof_system/setup_params.rs @@ -7,6 +7,7 @@ use crate::{ accumulator::{AccumPk, AccumSetupParams, MembershipPrk, NonMembershipPrk}, bbs::BBSSigParams, bbs_plus::{BBSPlusPublicKeyG2, BBSPlusSigParamsG1}, + bound_check::{BppSetupParams, SmcParams, SmcParamsAndSk}, legosnark::{LegoProvingKey, LegoVerifyingKey}, ps::{PSPublicKey, PSSignatureParams}, r1cs::gen_r1cs, @@ -353,3 +354,69 @@ pub fn generate_setup_param_for_field_elem_vec( js_array_to_fr_vec(&arr)? ))) } + +#[wasm_bindgen(js_name = generateSetupParamForBppParams)] +pub fn generate_setup_param_for_bpp_params( + params: js_sys::Uint8Array, + uncompressed: bool, +) -> Result { + set_panic_hook(); + let params = if uncompressed { + obj_from_uint8array_uncompressed!(BppSetupParams, params, "Bulletproofs++SetupParams") + } else { + obj_from_uint8array!(BppSetupParams, params, false, "Bulletproofs++SetupParams") + }; + Ok(obj_to_uint8array_uncompressed!(&SetupParams::< + Bls12_381, + G1Affine, + >::BppSetupParams( + params + ))) +} + +#[wasm_bindgen(js_name = generateSetupParamForSmcParams)] +pub fn generate_setup_param_for_smc_params( + params: js_sys::Uint8Array, + uncompressed: bool, +) -> Result { + set_panic_hook(); + let params = if uncompressed { + obj_from_uint8array_uncompressed!(SmcParams, params, "SmcParamsAndCommitmentKey") + } else { + obj_from_uint8array!(SmcParams, params, false, "SmcParamsAndCommitmentKey") + }; + Ok(obj_to_uint8array_uncompressed!(&SetupParams::< + Bls12_381, + G1Affine, + >::SmcParamsAndCommKey( + params + ))) +} + +#[wasm_bindgen(js_name = generateSetupParamForSmcParamsAndSk)] +pub fn generate_setup_param_for_smc_params_and_sk( + params: js_sys::Uint8Array, + uncompressed: bool, +) -> Result { + set_panic_hook(); + let params = if uncompressed { + obj_from_uint8array_uncompressed!( + SmcParamsAndSk, + params, + "SmcParamsAndCommitmentKeyAndSecretKey" + ) + } else { + obj_from_uint8array!( + SmcParamsAndSk, + params, + false, + "SmcParamsAndCommitmentKeyAndSecretKey" + ) + }; + Ok(obj_to_uint8array_uncompressed!(&SetupParams::< + Bls12_381, + G1Affine, + >::SmcParamsAndCommKeyAndSk( + params + ))) +} diff --git a/src/composite_proof_system/statement.rs b/src/composite_proof_system/statement.rs deleted file mode 100644 index 31365d6..0000000 --- a/src/composite_proof_system/statement.rs +++ /dev/null @@ -1,671 +0,0 @@ -use ark_bls12_381::Bls12_381; -use ark_ec::pairing::Pairing; -use ark_std::collections::BTreeSet; -use js_sys::Uint8Array; -use proof_system::{ - prelude::{EqualWitnesses, MetaStatement}, - statement, -}; -use wasm_bindgen::prelude::*; -use zeroize::Zeroize; - -use crate::{ - accumulator::{deserialize_params, deserialize_public_key, MembershipPrk, NonMembershipPrk}, - bbs::{BBSPublicKey, BBSSigParams}, - bbs_plus::{BBSPlusPublicKeyG2, BBSPlusSigParamsG1}, - legosnark::{LegoProvingKey, LegoVerifyingKey}, - ps::{PSPublicKey, PSSignatureParams}, - r1cs::gen_r1cs, - saver::{ChunkedCommGens, EncGens, SaverEk, SaverSnarkPk, SaverSnarkVk}, - utils::{ - encode_messages_as_js_map_to_fr_btreemap, g1_affine_from_uint8_array, - g2_affine_from_uint8_array, is_positive_safe_integer, js_array_to_fr_vec, - js_array_to_g1_affine_vec, js_array_to_g2_affine_vec, set_panic_hook, - }, - G1Affine, -}; - -pub(crate) type PoKBBSSigStmt = statement::bbs_23::PoKBBSSignature23G1; -pub(crate) type PoKBBSPlusSigStmt = statement::bbs_plus::PoKBBSSignatureG1; -pub(crate) type PoKPSSigStmt = statement::ps_signature::PoKPSSignatureStatement; -pub(crate) type AccumMemStmt = statement::accumulator::AccumulatorMembership; -pub(crate) type AccumNonMemStmt = statement::accumulator::AccumulatorNonMembership; -pub(crate) type PedCommG1Stmt = - statement::ped_comm::PedersenCommitment<::G1Affine>; -pub(crate) type PedCommG2Stmt = - statement::ped_comm::PedersenCommitment<::G2Affine>; -pub(crate) type SaverProverStmt = statement::saver::SaverProver; -pub(crate) type SaverVerifierStmt = statement::saver::SaverVerifier; -pub(crate) type BoundCheckLegoProverStmt = - statement::bound_check_legogroth16::BoundCheckLegoGroth16Prover; -pub(crate) type BoundCheckLegoVerifierStmt = - statement::bound_check_legogroth16::BoundCheckLegoGroth16Verifier; -pub(crate) type R1CSCircomProverStmt = statement::r1cs_legogroth16::R1CSCircomProver; -pub(crate) type R1CSCircomVerifierStmt = statement::r1cs_legogroth16::R1CSCircomVerifier; - -// All `Statement`s are returned in their uncompressed form as they are generated by the same party using -// them unlike signature params, public keys, proofs, etc - -#[wasm_bindgen(js_name = generatePoKBBSSignatureStatement)] -pub fn generate_pok_bbs_sig_statement( - params: JsValue, - public_key: Uint8Array, - revealed_msgs: js_sys::Map, - encode_messages: bool, -) -> Result { - set_panic_hook(); - let params: BBSSigParams = serde_wasm_bindgen::from_value(params)?; - let pk = obj_from_uint8array!(BBSPublicKey, public_key, false, "BBSPublicKey"); - let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; - let statement = PoKBBSSigStmt::new_statement_from_params::(params, pk, msgs); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "PoKBBSSignature23G1" - )) -} - -#[wasm_bindgen(js_name = generatePoKBBSPlusSignatureStatement)] -pub fn generate_pok_bbs_plus_sig_statement( - params: JsValue, - public_key: Uint8Array, - revealed_msgs: js_sys::Map, - encode_messages: bool, -) -> Result { - set_panic_hook(); - let params: BBSPlusSigParamsG1 = serde_wasm_bindgen::from_value(params)?; - let pk = obj_from_uint8array!(BBSPlusPublicKeyG2, public_key, false, "BBSPlusPublicKeyG2"); - let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; - let statement = PoKBBSPlusSigStmt::new_statement_from_params::(params, pk, msgs); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "PoKBBSSignatureG1" - )) -} - -#[wasm_bindgen(js_name = generatePoKPSSignatureStatement)] -pub fn generate_pok_ps_sig_statement( - params: JsValue, - public_key: Uint8Array, - revealed_msgs: js_sys::Map, -) -> Result { - set_panic_hook(); - let params: PSSignatureParams = serde_wasm_bindgen::from_value(params)?; - let pk = obj_from_uint8array!(PSPublicKey, public_key, false, "BBSPlusPublicKeyG2"); - let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, false)?; - let statement = PoKPSSigStmt::new_statement_from_params::(params, pk, msgs); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "PokPSStatement" - )) -} - -#[wasm_bindgen(js_name = generatePoKBBSSignatureStatementFromParamRefs)] -pub fn generate_pok_bbs_sig_statement_from_param_refs( - params: usize, - public_key: usize, - revealed_msgs: js_sys::Map, - encode_messages: bool, -) -> Result { - set_panic_hook(); - let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; - let statement = - PoKBBSSigStmt::new_statement_from_params_ref::(params, public_key, msgs); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "PoKBBSSignature23G1" - )) -} - -#[wasm_bindgen(js_name = generatePoKBBSPlusSignatureStatementFromParamRefs)] -pub fn generate_pok_bbs_plus_sig_statement_from_param_refs( - params: usize, - public_key: usize, - revealed_msgs: js_sys::Map, - encode_messages: bool, -) -> Result { - set_panic_hook(); - let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; - let statement = - PoKBBSPlusSigStmt::new_statement_from_params_ref::(params, public_key, msgs); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "PoKBBSSignatureG1" - )) -} - -#[wasm_bindgen(js_name = generatePoKPSSignatureStatementFromParamRefs)] -pub fn generate_pok_ps_sig_statement_from_param_refs( - params: usize, - public_key: usize, - revealed_msgs: js_sys::Map, -) -> Result { - set_panic_hook(); - let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, false)?; - let statement = - PoKPSSigStmt::new_statement_from_params_ref::(params, public_key, msgs); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "PokPSStatement" - )) -} - -#[wasm_bindgen(js_name = generateAccumulatorMembershipStatement)] -pub fn generate_accumulator_membership_statement( - params: Uint8Array, - public_key: Uint8Array, - proving_key: Uint8Array, - accumulated: Uint8Array, -) -> Result { - set_panic_hook(); - let accumulated = g1_affine_from_uint8_array(accumulated)?; - let pk = deserialize_public_key(public_key)?; - let params = deserialize_params(params)?; - let prk = obj_from_uint8array!(MembershipPrk, proving_key, false, "MembershipPrk"); - let statement = - AccumMemStmt::new_statement_from_params::(params, pk, prk, accumulated); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "AccumMemStatement" - )) -} - -#[wasm_bindgen(js_name = generateAccumulatorMembershipStatementFromParamRefs)] -pub fn generate_accumulator_membership_statement_from_param_refs( - params: usize, - public_key: usize, - proving_key: usize, - accumulated: Uint8Array, -) -> Result { - set_panic_hook(); - let accumulated = g1_affine_from_uint8_array(accumulated)?; - let statement = AccumMemStmt::new_statement_from_params_ref::( - params, - public_key, - proving_key, - accumulated, - ); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "AccumMemStatement" - )) -} - -#[wasm_bindgen(js_name = generateAccumulatorNonMembershipStatement)] -pub fn generate_accumulator_non_membership_statement( - params: Uint8Array, - public_key: Uint8Array, - proving_key: Uint8Array, - accumulated: Uint8Array, -) -> Result { - set_panic_hook(); - let accumulated = g1_affine_from_uint8_array(accumulated)?; - let pk = deserialize_public_key(public_key)?; - let params = deserialize_params(params)?; - let prk = obj_from_uint8array!(NonMembershipPrk, proving_key, false, "NonMembershipPrk"); - let statement = - AccumNonMemStmt::new_statement_from_params::(params, pk, prk, accumulated); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "AccumNonMemStatement" - )) -} - -#[wasm_bindgen(js_name = generateAccumulatorNonMembershipStatementFromParamRefs)] -pub fn generate_accumulator_non_membership_statement_from_param_refs( - params: usize, - public_key: usize, - proving_key: usize, - accumulated: Uint8Array, -) -> Result { - set_panic_hook(); - let accumulated = g1_affine_from_uint8_array(accumulated)?; - let statement = AccumNonMemStmt::new_statement_from_params_ref::( - params, - public_key, - proving_key, - accumulated, - ); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "AccumNonMemStatement" - )) -} - -#[wasm_bindgen(js_name = generatePedersenCommitmentG1Statement)] -pub fn generate_pedersen_commitment_g1_statement( - commitment_key: js_sys::Array, - commitment: Uint8Array, -) -> Result { - set_panic_hook(); - let commitment_key = js_array_to_g1_affine_vec(&commitment_key)?; - let commitment = g1_affine_from_uint8_array(commitment)?; - let statement = - PedCommG1Stmt::new_statement_from_params::(commitment_key, commitment); - Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG1Stmt")) -} - -#[wasm_bindgen(js_name = generatePedersenCommitmentG1StatementFromParamRefs)] -pub fn generate_pedersen_commitment_g1_statement_from_param_refs( - commitment_key: usize, - commitment: Uint8Array, -) -> Result { - set_panic_hook(); - let commitment = g1_affine_from_uint8_array(commitment)?; - let statement = - PedCommG1Stmt::new_statement_from_params_refs::(commitment_key, commitment); - Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG1Stmt")) -} - -#[wasm_bindgen(js_name = generatePedersenCommitmentG2Statement)] -pub fn generate_pedersen_commitment_g2_statement( - commitment_key: js_sys::Array, - commitment: Uint8Array, -) -> Result { - set_panic_hook(); - let commitment_key = js_array_to_g2_affine_vec(&commitment_key)?; - let commitment = g2_affine_from_uint8_array(commitment)?; - let statement = - PedCommG2Stmt::new_statement_from_params::(commitment_key, commitment); - Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG2Stmt")) -} - -#[wasm_bindgen(js_name = generatePedersenCommitmentG2StatementFromParamRefs)] -pub fn generate_pedersen_commitment_g2_statement_from_param_refs( - commitment_key: usize, - commitment: Uint8Array, -) -> Result { - set_panic_hook(); - let commitment = g2_affine_from_uint8_array(commitment)?; - let statement = - PedCommG2Stmt::new_statement_from_params_refs::(commitment_key, commitment); - Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG2Stmt")) -} - -#[wasm_bindgen(js_name = generateWitnessEqualityMetaStatement)] -pub fn generate_witness_equality_meta_statement(equality: js_sys::Set) -> Result { - set_panic_hook(); - let mut set = BTreeSet::new(); - for wr in equality.values() { - let wr = wr.unwrap(); - let arr_2 = js_sys::Array::from(&wr); - if arr_2.length() != 2 { - return Err(JsValue::from("Each equality should be a 2 element array")); - } - let i: u32 = serde_wasm_bindgen::from_value(arr_2.get(0)).unwrap(); - let j: u32 = serde_wasm_bindgen::from_value(arr_2.get(1)).unwrap(); - set.insert((i as usize, j as usize)); - } - serde_wasm_bindgen::to_value(&MetaStatement::WitnessEquality(EqualWitnesses(set))) - .map_err(JsValue::from) -} - -#[wasm_bindgen(js_name = generateSaverProverStatement)] -pub fn generate_saver_prover_statement( - chunk_bit_size: u8, - enc_gens: Uint8Array, - chunked_comm_gens: Uint8Array, - encryption_key: Uint8Array, - snark_pk: Uint8Array, - uncompressed_public_params: bool, -) -> Result { - set_panic_hook(); - let snark_pk = if uncompressed_public_params { - obj_from_uint8array_uncompressed!(SaverSnarkPk, snark_pk, "SaverSnarkPk") - } else { - obj_from_uint8array!(SaverSnarkPk, snark_pk, false, "SaverSnarkPk") - }; - let (enc_gens, chunked_comm_gens, ek) = parse_saver_statement_input( - enc_gens, - chunked_comm_gens, - encryption_key, - uncompressed_public_params, - )?; - let statement = SaverProverStmt::new_statement_from_params::( - chunk_bit_size, - enc_gens, - chunked_comm_gens, - ek, - snark_pk, - ) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for SaverProver returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "SaverProverStmt" - )) -} - -#[wasm_bindgen(js_name = generateSaverProverStatementFromParamRefs)] -pub fn generate_saver_prover_statement_from_param_refs( - chunk_bit_size: u8, - enc_gens: usize, - chunked_comm_gens: usize, - encryption_key: usize, - snark_pk: usize, -) -> Result { - set_panic_hook(); - let statement = SaverProverStmt::new_statement_from_params_ref::( - chunk_bit_size, - enc_gens, - chunked_comm_gens, - encryption_key, - snark_pk, - ); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "SaverProverStmt" - )) -} - -#[wasm_bindgen(js_name = generateSaverVerifierStatement)] -pub fn generate_saver_verifier_statement( - chunk_bit_size: u8, - enc_gens: Uint8Array, - chunked_comm_gens: Uint8Array, - encryption_key: Uint8Array, - snark_vk: Uint8Array, - uncompressed_public_params: bool, -) -> Result { - set_panic_hook(); - let snark_vk = if uncompressed_public_params { - obj_from_uint8array_uncompressed!(SaverSnarkVk, snark_vk, "SaverSnarkVk") - } else { - obj_from_uint8array!(SaverSnarkVk, snark_vk, false, "SaverSnarkVk") - }; - let (enc_gens, chunked_comm_gens, ek) = parse_saver_statement_input( - enc_gens, - chunked_comm_gens, - encryption_key, - uncompressed_public_params, - )?; - let statement = SaverVerifierStmt::new_statement_from_params::( - chunk_bit_size, - enc_gens, - chunked_comm_gens, - ek, - snark_vk, - ) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for SaverVerifier returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "SaverVerifierStatement" - )) -} - -#[wasm_bindgen(js_name = generateSaverVerifierStatementFromParamRefs)] -pub fn generate_saver_verifier_statement_from_param_refs( - chunk_bit_size: u8, - enc_gens: usize, - chunked_comm_gens: usize, - encryption_key: usize, - snark_vk: usize, -) -> Result { - set_panic_hook(); - let statement = SaverVerifierStmt::new_statement_from_params_ref::( - chunk_bit_size, - enc_gens, - chunked_comm_gens, - encryption_key, - snark_vk, - ); - Ok(obj_to_uint8array_uncompressed!( - &statement, - "SaverVerifierStatement" - )) -} - -/// If `uncompressed` is true, expects the legosnark proving key to be in uncompressed form else -/// it should be compressed. -#[wasm_bindgen(js_name = generateBoundCheckLegoProverStatement)] -pub fn generate_bound_check_lego_prover_statement( - min: js_sys::Number, - max: js_sys::Number, - snark_pk: Uint8Array, - uncompressed_public_params: bool, -) -> Result { - set_panic_hook(); - let (min, max) = get_valid_min_max(min, max)?; - let snark_pk = if uncompressed_public_params { - obj_from_uint8array_uncompressed!(LegoProvingKey, snark_pk, "LegoProvingKey") - } else { - obj_from_uint8array!(LegoProvingKey, snark_pk, false, "LegoProvingKey") - }; - let statement = - BoundCheckLegoProverStmt::new_statement_from_params::(min, max, snark_pk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for BoundCheckLegoProver returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "BoundCheckLegoProverStmt" - )) -} - -#[wasm_bindgen(js_name = generateBoundCheckLegoProverStatementFromParamRefs)] -pub fn generate_bound_check_lego_prover_statement_from_param_refs( - min: js_sys::Number, - max: js_sys::Number, - snark_pk: usize, -) -> Result { - set_panic_hook(); - let (min, max) = get_valid_min_max(min, max)?; - let statement = - BoundCheckLegoProverStmt::new_statement_from_params_ref::(min, max, snark_pk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for BoundCheckLegoProver returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "BoundCheckLegoProverStmt" - )) -} - -/// If `uncompressed` is true, expects the legosnark verifying key to be in uncompressed form else -/// it should be compressed. -#[wasm_bindgen(js_name = generateBoundCheckLegoVerifierStatement)] -pub fn generate_bound_check_lego_verifier_statement( - min: js_sys::Number, - max: js_sys::Number, - snark_vk: Uint8Array, - uncompressed_public_params: bool, -) -> Result { - set_panic_hook(); - let (min, max) = get_valid_min_max(min, max)?; - let snark_vk = if uncompressed_public_params { - obj_from_uint8array_uncompressed!(LegoVerifyingKey, snark_vk, "LegoVerifyingKey") - } else { - obj_from_uint8array!(LegoVerifyingKey, snark_vk, false, "LegoVerifyingKey") - }; - let statement = - BoundCheckLegoVerifierStmt::new_statement_from_params::(min, max, snark_vk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for BoundCheckLegoVerifier returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "BoundCheckLegoVerifierStmt" - )) -} - -#[wasm_bindgen(js_name = generateBoundCheckLegoVerifierStatementFromParamRefs)] -pub fn generate_bound_check_lego_verifier_statement_from_param_refs( - min: js_sys::Number, - max: js_sys::Number, - snark_vk: usize, -) -> Result { - set_panic_hook(); - let (min, max) = get_valid_min_max(min, max)?; - let statement = - BoundCheckLegoVerifierStmt::new_statement_from_params_ref::(min, max, snark_vk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for BoundCheckLegoVerifier returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "BoundCheckLegoVerifierStmt" - )) -} - -#[wasm_bindgen(js_name = generateR1CSCircomProverStatement)] -pub fn generate_r1cs_circom_prover_statement( - curve_name: &str, - num_public: u32, - num_private: u32, - constraints: js_sys::Array, - wasm_bytes: Uint8Array, - snark_pk: Uint8Array, - uncompressed_public_params: bool, -) -> Result { - set_panic_hook(); - let r = gen_r1cs(curve_name, num_public, num_private, constraints)?; - let wasm_bytes = wasm_bytes.to_vec(); - let snark_pk = if uncompressed_public_params { - obj_from_uint8array_uncompressed!(LegoProvingKey, snark_pk, "LegoProvingKey") - } else { - obj_from_uint8array!(LegoProvingKey, snark_pk, false, "LegoProvingKey") - }; - let statement = - R1CSCircomProverStmt::new_statement_from_params::(r, wasm_bytes, snark_pk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for R1CSCircomProver returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "R1CSCircomProverStmt" - )) -} - -#[wasm_bindgen(js_name = generateR1CSCircomProverStatementFromParamRefs)] -pub fn generate_r1cs_circom_prover_statement_from_param_refs( - r1cs: usize, - wasm_bytes: usize, - snark_pk: usize, -) -> Result { - set_panic_hook(); - let statement = - R1CSCircomProverStmt::new_statement_from_params_ref::(r1cs, wasm_bytes, snark_pk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for R1CSCircomProver returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "R1CSCircomProverStmt" - )) -} - -#[wasm_bindgen(js_name = generateR1CSCircomVerifierStatement)] -pub fn generate_r1cs_circom_verifier_statement( - public_inputs: js_sys::Array, - snark_vk: Uint8Array, - uncompressed_public_params: bool, -) -> Result { - let public_inputs = js_array_to_fr_vec(&public_inputs)?; - set_panic_hook(); - let snark_vk = if uncompressed_public_params { - obj_from_uint8array_uncompressed!(LegoVerifyingKey, snark_vk, "LegoVerifyingKey") - } else { - obj_from_uint8array!(LegoVerifyingKey, snark_vk, false, "LegoVerifyingKey") - }; - let statement = - R1CSCircomVerifierStmt::new_statement_from_params::(public_inputs, snark_vk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for R1CSCircomVerifier returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "R1CSCircomVerifierStmt" - )) -} - -#[wasm_bindgen(js_name = generateR1CSCircomVerifierStatementFromParamRefs)] -pub fn generate_r1cs_circom_verifier_statement_from_param_refs( - public_inputs: usize, - snark_vk: usize, -) -> Result { - set_panic_hook(); - let statement = - R1CSCircomVerifierStmt::new_statement_from_params_ref::(public_inputs, snark_vk) - .map_err(|e| { - JsValue::from(&format!( - "Creating statement for R1CSCircomVerifier returned error: {:?}", - e - )) - })?; - Ok(obj_to_uint8array_uncompressed!( - &statement, - "R1CSCircomVerifierStmt" - )) -} - -fn parse_saver_statement_input( - enc_gens: Uint8Array, - chunked_comm_gens: Uint8Array, - encryption_key: Uint8Array, - uncompressed_public_params: bool, -) -> Result<(EncGens, ChunkedCommGens, SaverEk), JsValue> { - let (enc_gens, chunked_comm_gens, ek) = if uncompressed_public_params { - ( - obj_from_uint8array_uncompressed!(EncGens, enc_gens, "EncryptionGenerators"), - obj_from_uint8array_uncompressed!( - ChunkedCommGens, - chunked_comm_gens, - "ChunkedCommitmentGenerators" - ), - obj_from_uint8array_uncompressed!(SaverEk, encryption_key, "SaverEk"), - ) - } else { - ( - obj_from_uint8array!(EncGens, enc_gens, false, "EncryptionGenerators"), - obj_from_uint8array!( - ChunkedCommGens, - chunked_comm_gens, - false, - "ChunkedCommitmentGenerators" - ), - obj_from_uint8array!(SaverEk, encryption_key, false, "SaverEk"), - ) - }; - Ok((enc_gens, chunked_comm_gens, ek)) -} - -pub fn get_valid_min_max(min: js_sys::Number, max: js_sys::Number) -> Result<(u64, u64), JsValue> { - if !(is_positive_safe_integer(&min) && is_positive_safe_integer(&max)) { - return Err(JsValue::from(&format!( - "min and max should be safe positive integers but instead found {:?}, {:?}", - min, max - ))); - } - let min = min.value_of() as u64; - let max = max.value_of() as u64; - Ok((min, max)) -} diff --git a/src/composite_proof_system/statements/accumulator.rs b/src/composite_proof_system/statements/accumulator.rs new file mode 100644 index 0000000..a46319a --- /dev/null +++ b/src/composite_proof_system/statements/accumulator.rs @@ -0,0 +1,95 @@ +use crate::{ + accumulator::{deserialize_params, deserialize_public_key, MembershipPrk, NonMembershipPrk}, + utils::{g1_affine_from_uint8_array, set_panic_hook}, + G1Affine, +}; +use ark_bls12_381::Bls12_381; +use js_sys::Uint8Array; +use proof_system::prelude; +use wasm_bindgen::{prelude::wasm_bindgen, JsValue}; +use zeroize::Zeroize; + +pub(crate) type AccumMemStmt = prelude::accumulator::AccumulatorMembership; +pub(crate) type AccumNonMemStmt = prelude::accumulator::AccumulatorNonMembership; + +#[wasm_bindgen(js_name = generateAccumulatorMembershipStatement)] +pub fn generate_accumulator_membership_statement( + params: Uint8Array, + public_key: Uint8Array, + proving_key: Uint8Array, + accumulated: Uint8Array, +) -> Result { + set_panic_hook(); + let accumulated = g1_affine_from_uint8_array(accumulated)?; + let pk = deserialize_public_key(public_key)?; + let params = deserialize_params(params)?; + let prk = obj_from_uint8array!(MembershipPrk, proving_key, false, "MembershipPrk"); + let statement = + AccumMemStmt::new_statement_from_params::(params, pk, prk, accumulated); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "AccumMemStatement" + )) +} + +#[wasm_bindgen(js_name = generateAccumulatorMembershipStatementFromParamRefs)] +pub fn generate_accumulator_membership_statement_from_param_refs( + params: usize, + public_key: usize, + proving_key: usize, + accumulated: Uint8Array, +) -> Result { + set_panic_hook(); + let accumulated = g1_affine_from_uint8_array(accumulated)?; + let statement = AccumMemStmt::new_statement_from_params_ref::( + params, + public_key, + proving_key, + accumulated, + ); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "AccumMemStatement" + )) +} + +#[wasm_bindgen(js_name = generateAccumulatorNonMembershipStatement)] +pub fn generate_accumulator_non_membership_statement( + params: Uint8Array, + public_key: Uint8Array, + proving_key: Uint8Array, + accumulated: Uint8Array, +) -> Result { + set_panic_hook(); + let accumulated = g1_affine_from_uint8_array(accumulated)?; + let pk = deserialize_public_key(public_key)?; + let params = deserialize_params(params)?; + let prk = obj_from_uint8array!(NonMembershipPrk, proving_key, false, "NonMembershipPrk"); + let statement = + AccumNonMemStmt::new_statement_from_params::(params, pk, prk, accumulated); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "AccumNonMemStatement" + )) +} + +#[wasm_bindgen(js_name = generateAccumulatorNonMembershipStatementFromParamRefs)] +pub fn generate_accumulator_non_membership_statement_from_param_refs( + params: usize, + public_key: usize, + proving_key: usize, + accumulated: Uint8Array, +) -> Result { + set_panic_hook(); + let accumulated = g1_affine_from_uint8_array(accumulated)?; + let statement = AccumNonMemStmt::new_statement_from_params_ref::( + params, + public_key, + proving_key, + accumulated, + ); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "AccumNonMemStatement" + )) +} diff --git a/src/composite_proof_system/statements/bound_check.rs b/src/composite_proof_system/statements/bound_check.rs new file mode 100644 index 0000000..900c103 --- /dev/null +++ b/src/composite_proof_system/statements/bound_check.rs @@ -0,0 +1,343 @@ +use crate::{ + bound_check::{BppSetupParams, SmcParams, SmcParamsAndSk}, + legosnark::{LegoProvingKey, LegoVerifyingKey}, + utils::{is_positive_safe_integer, set_panic_hook}, + G1Affine, +}; +use ark_bls12_381::Bls12_381; +use js_sys::Uint8Array; +use proof_system::prelude; +use wasm_bindgen::{prelude::wasm_bindgen, JsValue}; +use zeroize::Zeroize; + +pub(crate) type BoundCheckLegoProverStmt = + prelude::bound_check_legogroth16::BoundCheckLegoGroth16Prover; +pub(crate) type BoundCheckLegoVerifierStmt = + prelude::bound_check_legogroth16::BoundCheckLegoGroth16Verifier; +pub(crate) type BoundCheckBppStmt = prelude::bound_check_bpp::BoundCheckBpp; +pub(crate) type BoundCheckSmcStmt = prelude::bound_check_smc::BoundCheckSmc; + +// For bound check statements using set-membership check based range proof with keyed verification +pub(crate) type BoundCheckSmcProverStmt = + prelude::bound_check_smc_with_kv::BoundCheckSmcWithKVProver; +pub(crate) type BoundCheckSmcVerifierStmt = + prelude::bound_check_smc_with_kv::BoundCheckSmcWithKVVerifier; + +/// If `uncompressed` is true, expects the legosnark proving key to be in uncompressed form else +/// it should be compressed. +#[wasm_bindgen(js_name = generateBoundCheckLegoProverStatement)] +pub fn generate_bound_check_lego_prover_statement( + min: js_sys::Number, + max: js_sys::Number, + snark_pk: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let snark_pk = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(LegoProvingKey, snark_pk, "LegoProvingKey") + } else { + obj_from_uint8array!(LegoProvingKey, snark_pk, false, "LegoProvingKey") + }; + let statement = + BoundCheckLegoProverStmt::new_statement_from_params::(min, max, snark_pk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckLegoProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckLegoProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckLegoProverStatementFromParamRefs)] +pub fn generate_bound_check_lego_prover_statement_from_param_refs( + min: js_sys::Number, + max: js_sys::Number, + snark_pk: usize, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let statement = + BoundCheckLegoProverStmt::new_statement_from_params_ref::(min, max, snark_pk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckLegoProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckLegoProverStmt" + )) +} + +/// If `uncompressed` is true, expects the legosnark verifying key to be in uncompressed form else +/// it should be compressed. +#[wasm_bindgen(js_name = generateBoundCheckLegoVerifierStatement)] +pub fn generate_bound_check_lego_verifier_statement( + min: js_sys::Number, + max: js_sys::Number, + snark_vk: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let snark_vk = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(LegoVerifyingKey, snark_vk, "LegoVerifyingKey") + } else { + obj_from_uint8array!(LegoVerifyingKey, snark_vk, false, "LegoVerifyingKey") + }; + let statement = + BoundCheckLegoVerifierStmt::new_statement_from_params::(min, max, snark_vk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckLegoVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckLegoVerifierStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckLegoVerifierStatementFromParamRefs)] +pub fn generate_bound_check_lego_verifier_statement_from_param_refs( + min: js_sys::Number, + max: js_sys::Number, + snark_vk: usize, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let statement = + BoundCheckLegoVerifierStmt::new_statement_from_params_ref::(min, max, snark_vk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckLegoVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckLegoVerifierStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckBppStatement)] +pub fn generate_bound_check_bpp_statement( + min: js_sys::Number, + max: js_sys::Number, + params: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let params = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(BppSetupParams, params, "Bulletproofs++SetupParams") + } else { + obj_from_uint8array!(BppSetupParams, params, false, "Bulletproofs++SetupParams") + }; + let statement = BoundCheckBppStmt::new_statement_from_params::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckBpp returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckBppStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckBppStatementFromParamRefs)] +pub fn generate_bound_check_bpp_statement_from_param_refs( + min: js_sys::Number, + max: js_sys::Number, + params: usize, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let statement = BoundCheckBppStmt::new_statement_from_params_ref::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckBpp returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckBppStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcStatement)] +pub fn generate_bound_check_smc_statement( + min: js_sys::Number, + max: js_sys::Number, + params: Uint8Array, + uncompressed_params: bool, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let params = if uncompressed_params { + obj_from_uint8array_uncompressed!(SmcParams, params, "SmcParamsAndCommitmentKey") + } else { + obj_from_uint8array!(SmcParams, params, false, "SmcParamsAndCommitmentKey") + }; + let statement = BoundCheckSmcStmt::new_statement_from_params::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckSmc returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckSmcStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcStatementFromParamRefs)] +pub fn generate_bound_check_smc_statement_from_param_refs( + min: js_sys::Number, + max: js_sys::Number, + params: usize, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let statement = BoundCheckSmcStmt::new_statement_from_params_ref::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckSmc returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!(&statement, "BoundCheckSmc")) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcWithKVProverStatement)] +pub fn generate_bound_check_smc_with_kv_prover_statement( + min: js_sys::Number, + max: js_sys::Number, + params: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let params = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(SmcParams, params, "SmcParamsAndCommitmentKey") + } else { + obj_from_uint8array!(SmcParams, params, false, "SmcParamsAndCommitmentKey") + }; + let statement = BoundCheckSmcProverStmt::new_statement_from_params::( + min, max, params, + ) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckSmcProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckSmcProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcWithKVProverStatementFromParamRefs)] +pub fn generate_bound_check_smc_with_kv_prover_statement_from_param_refs( + min: js_sys::Number, + max: js_sys::Number, + params: usize, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let statement = + BoundCheckSmcProverStmt::new_statement_from_params_ref::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckSmcProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckSmcProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcWithKVVerifierStatement)] +pub fn generate_bound_check_smc_with_kv_verifier_statement( + min: js_sys::Number, + max: js_sys::Number, + params: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let params = if uncompressed_public_params { + obj_from_uint8array_uncompressed!( + SmcParamsAndSk, + params, + "SmcParamsAndCommitmentKeyAndSecretKey" + ) + } else { + obj_from_uint8array!( + SmcParamsAndSk, + params, + false, + "SmcParamsAndCommitmentKeyAndSecretKey" + ) + }; + let statement = + BoundCheckSmcVerifierStmt::new_statement_from_params::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckSmcVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckSmcVerifierStmt" + )) +} + +#[wasm_bindgen(js_name = generateBoundCheckSmcWithKVVerifierStatementFromParamRefs)] +pub fn generate_bound_check_smc_with_kv_verifier_statement_from_param_refs( + min: js_sys::Number, + max: js_sys::Number, + params: usize, +) -> Result { + set_panic_hook(); + let (min, max) = get_valid_min_max(min, max)?; + let statement = + BoundCheckSmcVerifierStmt::new_statement_from_params_ref::(min, max, params) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for BoundCheckSmcVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "BoundCheckSmcVerifierStmt" + )) +} + +pub fn get_valid_min_max(min: js_sys::Number, max: js_sys::Number) -> Result<(u64, u64), JsValue> { + if !(is_positive_safe_integer(&min) && is_positive_safe_integer(&max)) { + return Err(JsValue::from(&format!( + "min and max should be safe positive integers but instead found {:?}, {:?}", + min, max + ))); + } + let min = min.value_of() as u64; + let max = max.value_of() as u64; + Ok((min, max)) +} diff --git a/src/composite_proof_system/statements/mod.rs b/src/composite_proof_system/statements/mod.rs new file mode 100644 index 0000000..6f8f2af --- /dev/null +++ b/src/composite_proof_system/statements/mod.rs @@ -0,0 +1,100 @@ +use crate::utils::{ + g1_affine_from_uint8_array, g2_affine_from_uint8_array, js_array_to_g1_affine_vec, + js_array_to_g2_affine_vec, set_panic_hook, +}; +use ark_bls12_381::Bls12_381; +use ark_ec::pairing::Pairing; +use js_sys::Uint8Array; +use proof_system::{ + meta_statement::{EqualWitnesses, MetaStatement}, + prelude, +}; +use std::collections::BTreeSet; +use wasm_bindgen::{prelude::wasm_bindgen, JsValue}; + +// All `Statement`s are returned in their uncompressed form as they are generated by the same party using +// them unlike signature params, public keys, proofs, etc + +pub(crate) type PedCommG1Stmt = + prelude::ped_comm::PedersenCommitment<::G1Affine>; +pub(crate) type PedCommG2Stmt = + prelude::ped_comm::PedersenCommitment<::G2Affine>; + +#[wasm_bindgen(js_name = generatePedersenCommitmentG1Statement)] +pub fn generate_pedersen_commitment_g1_statement( + commitment_key: js_sys::Array, + commitment: Uint8Array, +) -> Result { + set_panic_hook(); + let commitment_key = js_array_to_g1_affine_vec(&commitment_key)?; + let commitment = g1_affine_from_uint8_array(commitment)?; + let statement = + PedCommG1Stmt::new_statement_from_params::(commitment_key, commitment); + Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG1Stmt")) +} + +#[wasm_bindgen(js_name = generatePedersenCommitmentG1StatementFromParamRefs)] +pub fn generate_pedersen_commitment_g1_statement_from_param_refs( + commitment_key: usize, + commitment: Uint8Array, +) -> Result { + set_panic_hook(); + let commitment = g1_affine_from_uint8_array(commitment)?; + let statement = + PedCommG1Stmt::new_statement_from_params_refs::(commitment_key, commitment); + Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG1Stmt")) +} + +#[wasm_bindgen(js_name = generatePedersenCommitmentG2Statement)] +pub fn generate_pedersen_commitment_g2_statement( + commitment_key: js_sys::Array, + commitment: Uint8Array, +) -> Result { + set_panic_hook(); + let commitment_key = js_array_to_g2_affine_vec(&commitment_key)?; + let commitment = g2_affine_from_uint8_array(commitment)?; + let statement = + PedCommG2Stmt::new_statement_from_params::(commitment_key, commitment); + Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG2Stmt")) +} + +#[wasm_bindgen(js_name = generatePedersenCommitmentG2StatementFromParamRefs)] +pub fn generate_pedersen_commitment_g2_statement_from_param_refs( + commitment_key: usize, + commitment: Uint8Array, +) -> Result { + set_panic_hook(); + let commitment = g2_affine_from_uint8_array(commitment)?; + let statement = + PedCommG2Stmt::new_statement_from_params_refs::(commitment_key, commitment); + Ok(obj_to_uint8array_uncompressed!(&statement, "PedCommG2Stmt")) +} + +#[wasm_bindgen(js_name = generateWitnessEqualityMetaStatement)] +pub fn generate_witness_equality_meta_statement(equality: js_sys::Set) -> Result { + set_panic_hook(); + let mut set = BTreeSet::new(); + for wr in equality.values() { + let wr = wr.unwrap(); + let arr_2 = js_sys::Array::from(&wr); + if arr_2.length() != 2 { + return Err(JsValue::from("Each equality should be a 2 element array")); + } + let i: u32 = serde_wasm_bindgen::from_value(arr_2.get(0)).unwrap(); + let j: u32 = serde_wasm_bindgen::from_value(arr_2.get(1)).unwrap(); + set.insert((i as usize, j as usize)); + } + serde_wasm_bindgen::to_value(&MetaStatement::WitnessEquality(EqualWitnesses(set))) + .map_err(JsValue::from) +} + +pub mod pok_sig; +pub use pok_sig::*; +pub mod accumulator; +pub use accumulator::*; +pub mod saver; +pub use saver::*; +pub mod bound_check; +pub use bound_check::*; +pub mod r1cs; +pub use r1cs::*; diff --git a/src/composite_proof_system/statements/pok_sig.rs b/src/composite_proof_system/statements/pok_sig.rs new file mode 100644 index 0000000..7f96f1f --- /dev/null +++ b/src/composite_proof_system/statements/pok_sig.rs @@ -0,0 +1,119 @@ +use crate::{ + bbs::{BBSPublicKey, BBSSigParams}, + bbs_plus::{BBSPlusPublicKeyG2, BBSPlusSigParamsG1}, + ps::{PSPublicKey, PSSignatureParams}, + utils::{encode_messages_as_js_map_to_fr_btreemap, set_panic_hook}, + G1Affine, +}; +use ark_bls12_381::Bls12_381; +use js_sys::Uint8Array; +use proof_system::prelude; +use wasm_bindgen::{prelude::wasm_bindgen, JsValue}; +use zeroize::Zeroize; + +pub(crate) type PoKBBSSigStmt = prelude::bbs_23::PoKBBSSignature23G1; +pub(crate) type PoKBBSPlusSigStmt = prelude::bbs_plus::PoKBBSSignatureG1; +pub(crate) type PoKPSSigStmt = prelude::ps_signature::PoKPSSignatureStatement; + +#[wasm_bindgen(js_name = generatePoKBBSSignatureStatement)] +pub fn generate_pok_bbs_sig_statement( + params: JsValue, + public_key: Uint8Array, + revealed_msgs: js_sys::Map, + encode_messages: bool, +) -> Result { + set_panic_hook(); + let params: BBSSigParams = serde_wasm_bindgen::from_value(params)?; + let pk = obj_from_uint8array!(BBSPublicKey, public_key, false, "BBSPublicKey"); + let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; + let statement = PoKBBSSigStmt::new_statement_from_params::(params, pk, msgs); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "PoKBBSSignature23G1" + )) +} + +#[wasm_bindgen(js_name = generatePoKBBSPlusSignatureStatement)] +pub fn generate_pok_bbs_plus_sig_statement( + params: JsValue, + public_key: Uint8Array, + revealed_msgs: js_sys::Map, + encode_messages: bool, +) -> Result { + set_panic_hook(); + let params: BBSPlusSigParamsG1 = serde_wasm_bindgen::from_value(params)?; + let pk = obj_from_uint8array!(BBSPlusPublicKeyG2, public_key, false, "BBSPlusPublicKeyG2"); + let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; + let statement = PoKBBSPlusSigStmt::new_statement_from_params::(params, pk, msgs); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "PoKBBSSignatureG1" + )) +} + +#[wasm_bindgen(js_name = generatePoKPSSignatureStatement)] +pub fn generate_pok_ps_sig_statement( + params: JsValue, + public_key: Uint8Array, + revealed_msgs: js_sys::Map, +) -> Result { + set_panic_hook(); + let params: PSSignatureParams = serde_wasm_bindgen::from_value(params)?; + let pk = obj_from_uint8array!(PSPublicKey, public_key, false, "BBSPlusPublicKeyG2"); + let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, false)?; + let statement = PoKPSSigStmt::new_statement_from_params::(params, pk, msgs); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "PokPSStatement" + )) +} + +#[wasm_bindgen(js_name = generatePoKBBSSignatureStatementFromParamRefs)] +pub fn generate_pok_bbs_sig_statement_from_param_refs( + params: usize, + public_key: usize, + revealed_msgs: js_sys::Map, + encode_messages: bool, +) -> Result { + set_panic_hook(); + let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; + let statement = + PoKBBSSigStmt::new_statement_from_params_ref::(params, public_key, msgs); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "PoKBBSSignature23G1" + )) +} + +#[wasm_bindgen(js_name = generatePoKBBSPlusSignatureStatementFromParamRefs)] +pub fn generate_pok_bbs_plus_sig_statement_from_param_refs( + params: usize, + public_key: usize, + revealed_msgs: js_sys::Map, + encode_messages: bool, +) -> Result { + set_panic_hook(); + let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, encode_messages)?; + let statement = + PoKBBSPlusSigStmt::new_statement_from_params_ref::(params, public_key, msgs); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "PoKBBSSignatureG1" + )) +} + +#[wasm_bindgen(js_name = generatePoKPSSignatureStatementFromParamRefs)] +pub fn generate_pok_ps_sig_statement_from_param_refs( + params: usize, + public_key: usize, + revealed_msgs: js_sys::Map, +) -> Result { + set_panic_hook(); + let msgs = encode_messages_as_js_map_to_fr_btreemap(&revealed_msgs, false)?; + let statement = + PoKPSSigStmt::new_statement_from_params_ref::(params, public_key, msgs); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "PokPSStatement" + )) +} diff --git a/src/composite_proof_system/statements/r1cs.rs b/src/composite_proof_system/statements/r1cs.rs new file mode 100644 index 0000000..2316dae --- /dev/null +++ b/src/composite_proof_system/statements/r1cs.rs @@ -0,0 +1,115 @@ +use crate::{ + legosnark::{LegoProvingKey, LegoVerifyingKey}, + r1cs::gen_r1cs, + utils::{js_array_to_fr_vec, set_panic_hook}, + G1Affine, +}; +use ark_bls12_381::Bls12_381; +use js_sys::Uint8Array; +use proof_system::prelude; +use wasm_bindgen::{prelude::wasm_bindgen, JsValue}; + +use zeroize::Zeroize; + +pub(crate) type R1CSCircomProverStmt = prelude::r1cs_legogroth16::R1CSCircomProver; +pub(crate) type R1CSCircomVerifierStmt = prelude::r1cs_legogroth16::R1CSCircomVerifier; + +#[wasm_bindgen(js_name = generateR1CSCircomProverStatement)] +pub fn generate_r1cs_circom_prover_statement( + curve_name: &str, + num_public: u32, + num_private: u32, + constraints: js_sys::Array, + wasm_bytes: Uint8Array, + snark_pk: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let r = gen_r1cs(curve_name, num_public, num_private, constraints)?; + let wasm_bytes = wasm_bytes.to_vec(); + let snark_pk = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(LegoProvingKey, snark_pk, "LegoProvingKey") + } else { + obj_from_uint8array!(LegoProvingKey, snark_pk, false, "LegoProvingKey") + }; + let statement = + R1CSCircomProverStmt::new_statement_from_params::(r, wasm_bytes, snark_pk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for R1CSCircomProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "R1CSCircomProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateR1CSCircomProverStatementFromParamRefs)] +pub fn generate_r1cs_circom_prover_statement_from_param_refs( + r1cs: usize, + wasm_bytes: usize, + snark_pk: usize, +) -> Result { + set_panic_hook(); + let statement = + R1CSCircomProverStmt::new_statement_from_params_ref::(r1cs, wasm_bytes, snark_pk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for R1CSCircomProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "R1CSCircomProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateR1CSCircomVerifierStatement)] +pub fn generate_r1cs_circom_verifier_statement( + public_inputs: js_sys::Array, + snark_vk: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + let public_inputs = js_array_to_fr_vec(&public_inputs)?; + set_panic_hook(); + let snark_vk = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(LegoVerifyingKey, snark_vk, "LegoVerifyingKey") + } else { + obj_from_uint8array!(LegoVerifyingKey, snark_vk, false, "LegoVerifyingKey") + }; + let statement = + R1CSCircomVerifierStmt::new_statement_from_params::(public_inputs, snark_vk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for R1CSCircomVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "R1CSCircomVerifierStmt" + )) +} + +#[wasm_bindgen(js_name = generateR1CSCircomVerifierStatementFromParamRefs)] +pub fn generate_r1cs_circom_verifier_statement_from_param_refs( + public_inputs: usize, + snark_vk: usize, +) -> Result { + set_panic_hook(); + let statement = + R1CSCircomVerifierStmt::new_statement_from_params_ref::(public_inputs, snark_vk) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for R1CSCircomVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "R1CSCircomVerifierStmt" + )) +} diff --git a/src/composite_proof_system/statements/saver.rs b/src/composite_proof_system/statements/saver.rs new file mode 100644 index 0000000..e8d7a21 --- /dev/null +++ b/src/composite_proof_system/statements/saver.rs @@ -0,0 +1,168 @@ +use crate::{ + saver::{ChunkedCommGens, EncGens, SaverEk, SaverSnarkPk, SaverSnarkVk}, + utils::set_panic_hook, + G1Affine, +}; +use ark_bls12_381::Bls12_381; +use js_sys::Uint8Array; +use proof_system::prelude; +use wasm_bindgen::{prelude::wasm_bindgen, JsValue}; +use zeroize::Zeroize; + +pub(crate) type SaverProverStmt = prelude::saver::SaverProver; +pub(crate) type SaverVerifierStmt = prelude::saver::SaverVerifier; + +#[wasm_bindgen(js_name = generateSaverProverStatement)] +pub fn generate_saver_prover_statement( + chunk_bit_size: u8, + enc_gens: Uint8Array, + chunked_comm_gens: Uint8Array, + encryption_key: Uint8Array, + snark_pk: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let snark_pk = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(SaverSnarkPk, snark_pk, "SaverSnarkPk") + } else { + obj_from_uint8array!(SaverSnarkPk, snark_pk, false, "SaverSnarkPk") + }; + let (enc_gens, chunked_comm_gens, ek) = parse_saver_statement_input( + enc_gens, + chunked_comm_gens, + encryption_key, + uncompressed_public_params, + )?; + let statement = SaverProverStmt::new_statement_from_params::( + chunk_bit_size, + enc_gens, + chunked_comm_gens, + ek, + snark_pk, + ) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for SaverProver returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "SaverProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateSaverProverStatementFromParamRefs)] +pub fn generate_saver_prover_statement_from_param_refs( + chunk_bit_size: u8, + enc_gens: usize, + chunked_comm_gens: usize, + encryption_key: usize, + snark_pk: usize, +) -> Result { + set_panic_hook(); + let statement = SaverProverStmt::new_statement_from_params_ref::( + chunk_bit_size, + enc_gens, + chunked_comm_gens, + encryption_key, + snark_pk, + ); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "SaverProverStmt" + )) +} + +#[wasm_bindgen(js_name = generateSaverVerifierStatement)] +pub fn generate_saver_verifier_statement( + chunk_bit_size: u8, + enc_gens: Uint8Array, + chunked_comm_gens: Uint8Array, + encryption_key: Uint8Array, + snark_vk: Uint8Array, + uncompressed_public_params: bool, +) -> Result { + set_panic_hook(); + let snark_vk = if uncompressed_public_params { + obj_from_uint8array_uncompressed!(SaverSnarkVk, snark_vk, "SaverSnarkVk") + } else { + obj_from_uint8array!(SaverSnarkVk, snark_vk, false, "SaverSnarkVk") + }; + let (enc_gens, chunked_comm_gens, ek) = parse_saver_statement_input( + enc_gens, + chunked_comm_gens, + encryption_key, + uncompressed_public_params, + )?; + let statement = SaverVerifierStmt::new_statement_from_params::( + chunk_bit_size, + enc_gens, + chunked_comm_gens, + ek, + snark_vk, + ) + .map_err(|e| { + JsValue::from(&format!( + "Creating statement for SaverVerifier returned error: {:?}", + e + )) + })?; + Ok(obj_to_uint8array_uncompressed!( + &statement, + "SaverVerifierStatement" + )) +} + +#[wasm_bindgen(js_name = generateSaverVerifierStatementFromParamRefs)] +pub fn generate_saver_verifier_statement_from_param_refs( + chunk_bit_size: u8, + enc_gens: usize, + chunked_comm_gens: usize, + encryption_key: usize, + snark_vk: usize, +) -> Result { + set_panic_hook(); + let statement = SaverVerifierStmt::new_statement_from_params_ref::( + chunk_bit_size, + enc_gens, + chunked_comm_gens, + encryption_key, + snark_vk, + ); + Ok(obj_to_uint8array_uncompressed!( + &statement, + "SaverVerifierStatement" + )) +} + +fn parse_saver_statement_input( + enc_gens: Uint8Array, + chunked_comm_gens: Uint8Array, + encryption_key: Uint8Array, + uncompressed_public_params: bool, +) -> Result<(EncGens, ChunkedCommGens, SaverEk), JsValue> { + let (enc_gens, chunked_comm_gens, ek) = if uncompressed_public_params { + ( + obj_from_uint8array_uncompressed!(EncGens, enc_gens, "EncryptionGenerators"), + obj_from_uint8array_uncompressed!( + ChunkedCommGens, + chunked_comm_gens, + "ChunkedCommitmentGenerators" + ), + obj_from_uint8array_uncompressed!(SaverEk, encryption_key, "SaverEk"), + ) + } else { + ( + obj_from_uint8array!(EncGens, enc_gens, false, "EncryptionGenerators"), + obj_from_uint8array!( + ChunkedCommGens, + chunked_comm_gens, + false, + "ChunkedCommitmentGenerators" + ), + obj_from_uint8array!(SaverEk, encryption_key, false, "SaverEk"), + ) + }; + Ok((enc_gens, chunked_comm_gens, ek)) +} diff --git a/src/js/bound_check_wasm.js b/src/js/bound_check_wasm.js index b6dafc3..6bb7160 100644 --- a/src/js/bound_check_wasm.js +++ b/src/js/bound_check_wasm.js @@ -9,3 +9,33 @@ module.exports.boundCheckSnarkSetup = (returnUncompressed) => { requireWasmInitialized(); return wasm.boundCheckSnarkSetup(returnUncompressed); }; + +module.exports.boundCheckBppSetup = (label, base, valueBitSize, returnUncompressed) => { + requireWasmInitialized(); + return wasm.boundCheckBppSetup(label, base, valueBitSize, returnUncompressed); +}; + +module.exports.boundCheckSmcSetup = (label, base, returnUncompressed) => { + requireWasmInitialized(); + return wasm.boundCheckSmcSetup(label, base, returnUncompressed); +}; + +module.exports.boundCheckSmcWithKVSetup = (label, base, returnUncompressed) => { + requireWasmInitialized(); + return wasm.boundCheckSmcWithKVSetup(label, base, returnUncompressed); +}; + +module.exports.decompressBppParams = (params) => { + requireWasmInitialized(); + return wasm.decompressBppParams(params); +}; + +module.exports.decompressSmcParams = (params) => { + requireWasmInitialized(); + return wasm.decompressSmcParams(params); +}; + +module.exports.decompressSmcParamsAndSk = (params) => { + requireWasmInitialized(); + return wasm.decompressSmcParamsAndSk(params); +}; \ No newline at end of file diff --git a/src/js/composite_proof_system_wasm.js b/src/js/composite_proof_system_wasm.js index ca14495..877beb4 100644 --- a/src/js/composite_proof_system_wasm.js +++ b/src/js/composite_proof_system_wasm.js @@ -132,6 +132,46 @@ module.exports.generateR1CSCircomVerifierStatementFromParamRefs = (publicInputs, return wasm.generateR1CSCircomVerifierStatementFromParamRefs(publicInputs, snarkVk); }; +module.exports.generateBoundCheckBppStatement = (min, max, params, uncompressedPublicParams) => { + requireWasmInitialized(); + return wasm.generateBoundCheckBppStatement(min, max, params, uncompressedPublicParams); +}; + +module.exports.generateBoundCheckBppStatementFromParamRefs = (min, max, params) => { + requireWasmInitialized(); + return wasm.generateBoundCheckBppStatementFromParamRefs(min, max, params); +}; + +module.exports.generateBoundCheckSmcStatement = (min, max, params, uncompressedParams) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcStatement(min, max, params, uncompressedParams); +}; + +module.exports.generateBoundCheckSmcStatementFromParamRefs = (min, max, params) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcStatementFromParamRefs(min, max, params); +}; + +module.exports.generateBoundCheckSmcWithKVProverStatement = (min, max, params, uncompressedParams) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcWithKVProverStatement(min, max, params, uncompressedParams); +}; + +module.exports.generateBoundCheckSmcWithKVProverStatementFromParamRefs = (min, max, params) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcWithKVProverStatementFromParamRefs(min, max, params); +}; + +module.exports.generateBoundCheckSmcWithKVVerifierStatement = (min, max, params, uncompressedParams) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcWithKVVerifierStatement(min, max, params, uncompressedParams); +}; + +module.exports.generateBoundCheckSmcWithKVVerifierStatementFromParamRefs = (min, max, params) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcWithKVVerifierStatementFromParamRefs(min, max, params); +}; + module.exports.generateWitnessEqualityMetaStatement = (equalities) => { requireWasmInitialized(); return wasm.generateWitnessEqualityMetaStatement(equalities); @@ -182,6 +222,21 @@ module.exports.generateR1CSCircomWitness = (inputWires, privates, publics = []) return wasm.generateR1CSCircomWitness(inputWires, privates, publics); }; +module.exports.generateBoundCheckBppWitness = (message) => { + requireWasmInitialized(); + return wasm.generateBoundCheckBppWitness(message); +}; + +module.exports.generateBoundCheckSmcWitness = (message) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcWitness(message); +}; + +module.exports.generateBoundCheckSmcWithKVWitness = (message) => { + requireWasmInitialized(); + return wasm.generateBoundCheckSmcWithKVWitness(message); +}; + module.exports.generateProofSpecG1 = (statements, metaStatements, setupParams, context) => { requireWasmInitialized(); return wasm.generateProofSpecG1(statements, metaStatements, setupParams, context); diff --git a/src/js/setup_params_wasm.js b/src/js/setup_params_wasm.js index 233adc3..b175673 100644 --- a/src/js/setup_params_wasm.js +++ b/src/js/setup_params_wasm.js @@ -105,4 +105,19 @@ module.exports.generateSetupParamForBytes = (bytes) => { module.exports.generateSetupParamForFieldElemVec = (arr) => { requireWasmInitialized(); return wasm.generateSetupParamForFieldElemVec(arr); +}; + +module.exports.generateSetupParamForBppParams = (params, uncompressed) => { + requireWasmInitialized(); + return wasm.generateSetupParamForBppParams(params, uncompressed); +}; + +module.exports.generateSetupParamForSmcParams = (params, uncompressed) => { + requireWasmInitialized(); + return wasm.generateSetupParamForSmcParams(params, uncompressed); +}; + +module.exports.generateSetupParamForSmcParamsAndSk = (params, uncompressed) => { + requireWasmInitialized(); + return wasm.generateSetupParamForSmcParamsAndSk(params, uncompressed); }; \ No newline at end of file diff --git a/src/js/type_declarations/bound_check.d.ts b/src/js/type_declarations/bound_check.d.ts index 810ee64..5645214 100644 --- a/src/js/type_declarations/bound_check.d.ts +++ b/src/js/type_declarations/bound_check.d.ts @@ -1 +1,13 @@ export function boundCheckSnarkSetup(returnUncompressed: boolean): Uint8Array; + +export function boundCheckBppSetup(label: Uint8Array, base: number, valueBitSize: number, returnUncompressed: boolean): Uint8Array; + +export function boundCheckSmcSetup(label: Uint8Array, base: number, returnUncompressed: boolean): Uint8Array; + +export function boundCheckSmcWithKVSetup(label: Uint8Array, base: number, returnUncompressed: boolean): [Uint8Array, Uint8Array]; + +export function decompressBppParams(params: Uint8Array): Uint8Array; + +export function decompressSmcParams(params: Uint8Array): Uint8Array; + +export function decompressSmcParamsAndSk(params: Uint8Array): Uint8Array; diff --git a/src/js/type_declarations/composite_proof_system.d.ts b/src/js/type_declarations/composite_proof_system.d.ts index 4094a68..f912c86 100644 --- a/src/js/type_declarations/composite_proof_system.d.ts +++ b/src/js/type_declarations/composite_proof_system.d.ts @@ -175,6 +175,58 @@ export function generateR1CSCircomVerifierStatementFromParamRefs( snarkVk: number, ): Uint8Array; +export function generateBoundCheckBppStatement( + min: number, + max: number, + params: Uint8Array, + uncompressedPublicParams: boolean +): Uint8Array; + +export function generateBoundCheckBppStatementFromParamRefs( + min: number, + max: number, + params: number +): Uint8Array; + +export function generateBoundCheckSmcStatement( + min: number, + max: number, + params: Uint8Array, + uncompressedParams: boolean +): Uint8Array; + +export function generateBoundCheckSmcStatementFromParamRefs( + min: number, + max: number, + params: number, +): Uint8Array; + +export function generateBoundCheckSmcWithKVProverStatement( + min: number, + max: number, + params: Uint8Array, + uncompressedParams: boolean +): Uint8Array; + +export function generateBoundCheckSmcWithKVProverStatementFromParamRefs( + min: number, + max: number, + params: number, +): Uint8Array; + +export function generateBoundCheckSmcWithKVVerifierStatement( + min: number, + max: number, + params: Uint8Array, + uncompressedParams: boolean +): Uint8Array; + +export function generateBoundCheckSmcWithKVVerifierStatementFromParamRefs( + min: number, + max: number, + params: number, +): Uint8Array; + export function generateWitnessEqualityMetaStatement( equalities: Set<[number, number]>, ): Uint8Array; @@ -224,6 +276,18 @@ export function generateR1CSCircomWitness( publics?: string[], ): Uint8Array; +export function generateBoundCheckBppWitness( + message: Uint8Array +): Uint8Array; + +export function generateBoundCheckSmcWitness( + message: Uint8Array +): Uint8Array; + +export function generateBoundCheckSmcWithKVWitness( + message: Uint8Array +): Uint8Array; + export function generateProofSpecG1( statements: Uint8Array[], metaStatements: Uint8Array[], diff --git a/src/js/type_declarations/setup_params.d.ts b/src/js/type_declarations/setup_params.d.ts index de43205..dac5d53 100644 --- a/src/js/type_declarations/setup_params.d.ts +++ b/src/js/type_declarations/setup_params.d.ts @@ -90,3 +90,18 @@ export function generateSetupParamForBytes( export function generateSetupParamForFieldElemVec( arr: Uint8Array[] ): Uint8Array; + +export function generateSetupParamForBppParams( + params: Uint8Array, + uncompressed: boolean +): Uint8Array; + +export function generateSetupParamForSmcParams( + params: Uint8Array, + uncompressed: boolean +): Uint8Array; + +export function generateSetupParamForSmcParamsAndSk( + params: Uint8Array, + uncompressed: boolean +): Uint8Array; \ No newline at end of file diff --git a/tests/bound_check.rs b/tests/bound_check.rs index 754e82a..d2e0363 100644 --- a/tests/bound_check.rs +++ b/tests/bound_check.rs @@ -22,9 +22,9 @@ use dock_crypto_wasm::{ mod common; use common::{bbs_params_and_keys, get_revealed_unrevealed, get_witness_equality_statement}; use dock_crypto_wasm::{ - composite_proof_system::statement::{ - generate_bound_check_lego_prover_statement, generate_bound_check_lego_verifier_statement, - generate_pok_bbs_plus_sig_statement, get_valid_min_max, + composite_proof_system::statements::{ + bound_check::get_valid_min_max, generate_bound_check_lego_prover_statement, + generate_bound_check_lego_verifier_statement, generate_pok_bbs_plus_sig_statement, }, legosnark::{legosnark_decompress_pk, legosnark_vk_from_pk}, }; diff --git a/tests/common/mod.rs b/tests/common/mod.rs index 5911ff4..d39b346 100644 --- a/tests/common/mod.rs +++ b/tests/common/mod.rs @@ -9,7 +9,7 @@ use dock_crypto_wasm::{ bbs_plus_generate_g1_params, bbs_plus_generate_public_key_g2, bbs_plus_generate_secret_key, }, common::random_ff, - composite_proof_system::statement::generate_witness_equality_meta_statement, + composite_proof_system::statements::generate_witness_equality_meta_statement, utils::{js_array_from_frs, random_bytes}, }; use js_sys::Uint8Array; diff --git a/tests/composite_proof_system.rs b/tests/composite_proof_system.rs index 75d5683..e1035d3 100644 --- a/tests/composite_proof_system.rs +++ b/tests/composite_proof_system.rs @@ -52,7 +52,7 @@ use common::{ accum_params_and_keys, bbs_params_and_keys, gen_msgs, get_revealed_unrevealed, get_universal_accum, get_witness_equality_statement, }; -use dock_crypto_wasm::composite_proof_system::statement::{ +use dock_crypto_wasm::composite_proof_system::statements::{ generate_accumulator_membership_statement, generate_accumulator_membership_statement_from_param_refs, generate_accumulator_non_membership_statement, diff --git a/tests/js/boundCheck.spec.ts b/tests/js/boundCheck.spec.ts index 8491c9b..b7ff19c 100644 --- a/tests/js/boundCheck.spec.ts +++ b/tests/js/boundCheck.spec.ts @@ -22,6 +22,24 @@ import { generateSetupParamForLegoVerifyingKey, generateBoundCheckLegoVerifierStatementFromParamRefs, generateSetupParamForLegoProvingKey, + boundCheckBppSetup, + generateBoundCheckBppStatement, + generateBoundCheckBppWitness, + decompressBppParams, + generateSetupParamForBppParams, + generateBoundCheckBppStatementFromParamRefs, + boundCheckSmcSetup, + decompressSmcParams, + generateBoundCheckSmcStatement, + generateBoundCheckSmcWitness, + generateSetupParamForSmcParams, + generateBoundCheckSmcStatementFromParamRefs, + boundCheckSmcWithKVSetup, + decompressSmcParamsAndSk, + generateBoundCheckSmcWithKVProverStatement, + generateBoundCheckSmcWithKVVerifierStatement, + generateBoundCheckSmcWithKVProverStatementFromParamRefs, generateBoundCheckSmcWithKVVerifierStatementFromParamRefs, + generateBoundCheckSmcWithKVWitness, generateSetupParamForSmcParamsAndSk } from "../../lib"; import { getRevealedUnrevealed, stringToBytes } from "../utilities"; @@ -38,91 +56,34 @@ describe("Prove and verify bounds on signed messages", () => { max: number, proof: Uint8Array; let snarkPk: Uint8Array, snarkPkDecom: Uint8Array, snarkVkDecom: Uint8Array; + const base = 2, valueBitSize = 64; + let bppSetupParams: Uint8Array, bppSetupParamsDecom: Uint8Array; + let smcSetupParams: Uint8Array, smcSetupParamsDecom: Uint8Array; + let smcWithKVSetup: Uint8Array[], smcWithKVProverParams: Uint8Array, smcWithKVVerifierParams: Uint8Array; const messages: Uint8Array[] = []; - beforeAll(async () => { - await initializeWasm(); - }); - - it("verifier setup", () => { - snarkPk = boundCheckSnarkSetup(false); - }, 10000); - - it("decompress snark proving and verifying key", () => { - console.time("Snark Pk decompressed"); - snarkPkDecom = legosnarkDecompressPk(snarkPk); - console.timeEnd("Snark Pk decompressed"); - - console.time("Snark Vk decompressed"); - snarkVkDecom = legosnarkVkFromPk(snarkPk, true); - console.timeEnd("Snark Vk decompressed"); - }, 50000); - - it("signature setup and sign messages", () => { - sigParams = bbsPlusGenerateSignatureParamsG1(messageCount); - sigSk = bbsPlusGenerateSigningKey(); - sigPk = bbsPlusGeneratePublicKeyG2(sigSk, sigParams); - - min = 100; - max = 200; - for (let i = 0; i < messageCount; i++) { - let m = generateFieldElementFromNumber(min + 1 + i); - messages.push(m); - } - sig = bbsPlusSignG1(messages, sigSk, sigParams, false); - const res = bbsPlusVerifyG1(messages, sig, sigPk, sigParams, false); - expect(res.verified).toBe(true); - }); - - it("bounds should be positive integers", () => { - expect(() => - generateBoundCheckLegoProverStatement(-6, max, snarkPkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoVerifierStatement(-6, max, snarkVkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoProverStatement(10.1, max, snarkPkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoVerifierStatement(10.1, max, snarkVkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoProverStatement(10, 20.8, snarkPkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoVerifierStatement(10, 20.8, snarkVkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoProverStatement(10, -90, snarkPkDecom, true) - ).toThrow(); - expect(() => - generateBoundCheckLegoVerifierStatement(10, -90, snarkVkDecom, true) - ).toThrow(); - }); - - it("create and verify a proof over single signed message", () => { + function checkOverSingleMessage(proverStmt, verifierStmt, witnessGen, proverParams, verifierParams) { const revealedIndices = new Set(); revealedIndices.add(4); const [revealedMsgs, unrevealedMsgs] = getRevealedUnrevealed( - messages, - revealedIndices + messages, + revealedIndices ); const statement1 = generatePoKBBSPlusSignatureStatement( - sigParams, - sigPk, - revealedMsgs, - false + sigParams, + sigPk, + revealedMsgs, + false ); console.time("bound check prover stmt"); - const statement2 = generateBoundCheckLegoProverStatement( - min, - max, - snarkPkDecom, - true + const statement2 = proverStmt( + min, + max, + proverParams, + true ); console.timeEnd("bound check prover stmt"); @@ -137,7 +98,7 @@ describe("Prove and verify bounds on signed messages", () => { metaStatements.push(generateWitnessEqualityMetaStatement(set)); const witness1 = generatePoKBBSPlusSignatureWitness(sig, unrevealedMsgs, false); - const witness2 = generateBoundCheckWitness(messages[msgIdx]); + const witness2 = witnessGen(messages[msgIdx]); const witnesses: Uint8Array[] = []; witnesses.push(witness1); @@ -147,21 +108,21 @@ describe("Prove and verify bounds on signed messages", () => { console.time("proof gen"); proof = generateCompositeProofG1WithDeconstructedProofSpec( - proverStatements, - metaStatements, - [], - witnesses, - undefined, - nonce + proverStatements, + metaStatements, + [], + witnesses, + undefined, + nonce ); console.timeEnd("proof gen"); console.time("bound check verifier stmt"); - const statement3 = generateBoundCheckLegoVerifierStatement( - min, - max, - snarkVkDecom, - true + const statement3 = verifierStmt( + min, + max, + verifierParams, + true ); console.timeEnd("bound check verifier stmt"); @@ -171,50 +132,50 @@ describe("Prove and verify bounds on signed messages", () => { console.time("proof ver"); const res = verifyCompositeProofG1WithDeconstructedProofSpec( - proof, - verifierStatements, - metaStatements, - [], - undefined, - nonce + proof, + verifierStatements, + metaStatements, + [], + undefined, + nonce ); console.timeEnd("proof ver"); expect(res.verified).toBe(true); - }, 10000); + } - it("create and verify a proof over multiple signed messages", () => { + function checkOverMultipleMessages(setupParamProver, setupParamVerifier, proverStmt, verifierStmt, witnessGen, proverParams, verifierParams) { const [revealedMsgs, unrevealedMsgs] = getRevealedUnrevealed( - messages, - new Set() + messages, + new Set() ); const statement1 = generatePoKBBSPlusSignatureStatement( - sigParams, - sigPk, - revealedMsgs, - false + sigParams, + sigPk, + revealedMsgs, + false ); console.time("bound check prover setup param"); const provingSetupParams: Uint8Array[] = []; provingSetupParams.push( - generateSetupParamForLegoProvingKey(snarkPkDecom, true) + setupParamProver(proverParams, true) ); console.timeEnd("bound check prover setup param"); - const statement2 = generateBoundCheckLegoProverStatementFromParamRefs( - min, - max, - 0 + const statement2 = proverStmt( + min, + max, + 0 ); - const statement3 = generateBoundCheckLegoProverStatementFromParamRefs( - min, - max, - 0 + const statement3 = proverStmt( + min, + max, + 0 ); - const statement4 = generateBoundCheckLegoProverStatementFromParamRefs( - min, - max, - 0 + const statement4 = proverStmt( + min, + max, + 0 ); const proverStatements: Uint8Array[] = []; @@ -241,9 +202,9 @@ describe("Prove and verify bounds on signed messages", () => { metaStatements.push(generateWitnessEqualityMetaStatement(set3)); const witness1 = generatePoKBBSPlusSignatureWitness(sig, unrevealedMsgs, false); - const witness2 = generateBoundCheckWitness(messages[msgIdx]); - const witness3 = generateBoundCheckWitness(messages[msgIdx + 1]); - const witness4 = generateBoundCheckWitness(messages[msgIdx + 2]); + const witness2 = witnessGen(messages[msgIdx]); + const witness3 = witnessGen(messages[msgIdx + 1]); + const witness4 = witnessGen(messages[msgIdx + 2]); const witnesses: Uint8Array[] = []; witnesses.push(witness1); @@ -255,36 +216,36 @@ describe("Prove and verify bounds on signed messages", () => { console.time("proof gen"); proof = generateCompositeProofG1WithDeconstructedProofSpec( - proverStatements, - metaStatements, - provingSetupParams, - witnesses, - undefined, - nonce + proverStatements, + metaStatements, + provingSetupParams, + witnesses, + undefined, + nonce ); console.timeEnd("proof gen"); console.time("bound check verifier setup param"); const verifierSetupParams: Uint8Array[] = []; verifierSetupParams.push( - generateSetupParamForLegoVerifyingKey(snarkVkDecom, true) + setupParamVerifier(verifierParams, true) ); console.timeEnd("bound check verifier setup param"); - const statement5 = generateBoundCheckLegoVerifierStatementFromParamRefs( - min, - max, - 0 + const statement5 = verifierStmt( + min, + max, + 0 ); - const statement6 = generateBoundCheckLegoVerifierStatementFromParamRefs( - min, - max, - 0 + const statement6 = verifierStmt( + min, + max, + 0 ); - const statement7 = generateBoundCheckLegoVerifierStatementFromParamRefs( - min, - max, - 0 + const statement7 = verifierStmt( + min, + max, + 0 ); const verifierStatements: Uint8Array[] = []; @@ -295,14 +256,138 @@ describe("Prove and verify bounds on signed messages", () => { console.time("proof ver"); const res = verifyCompositeProofG1WithDeconstructedProofSpec( - proof, - verifierStatements, - metaStatements, - verifierSetupParams, - undefined, - nonce + proof, + verifierStatements, + metaStatements, + verifierSetupParams, + undefined, + nonce ); console.timeEnd("proof ver"); expect(res.verified).toBe(true); + } + + beforeAll(async () => { + await initializeWasm(); + }); + + it("verifier setup for Legogroth16 based", () => { + snarkPk = boundCheckSnarkSetup(false); + }, 10000); + + it("public setup for Bulletproofs++ based", () => { + bppSetupParams = boundCheckBppSetup(stringToBytes("test"), base, valueBitSize, false); + }, 10000); + + it("verifier setup for set-membership check based", () => { + smcSetupParams = boundCheckSmcSetup(stringToBytes("test"), base, false); + }, 10000); + + it("verifier setup for set-membership check based with keyed-verification", () => { + smcWithKVSetup = boundCheckSmcWithKVSetup(stringToBytes("test"), base, false); + }, 10000); + + it("decompress snark proving and verifying key", () => { + console.time("Snark Pk decompressed"); + snarkPkDecom = legosnarkDecompressPk(snarkPk); + console.timeEnd("Snark Pk decompressed"); + + console.time("Snark Vk decompressed"); + snarkVkDecom = legosnarkVkFromPk(snarkPk, true); + console.timeEnd("Snark Vk decompressed"); + }, 50000); + + it("decompress Bulletproofs++ params", () => { + console.time("Bulletproofs++ params decompressed"); + bppSetupParamsDecom = decompressBppParams(bppSetupParams); + console.timeEnd("Bulletproofs++ params decompressed"); + }, 50000); + + it("decompress set-membership check params", () => { + console.time("set-membership check params decompressed"); + smcSetupParamsDecom = decompressSmcParams(smcSetupParams); + console.timeEnd("set-membership check params decompressed"); + }, 50000); + + it("decompress set-membership check with keyed verification params", () => { + console.time("set-membership check params decompressed"); + smcWithKVProverParams = decompressSmcParams(smcWithKVSetup[0]); + smcWithKVVerifierParams = decompressSmcParamsAndSk(smcWithKVSetup[1]); + console.timeEnd("set-membership check params decompressed"); + }, 50000); + + it("signature setup and sign messages", () => { + sigParams = bbsPlusGenerateSignatureParamsG1(messageCount); + sigSk = bbsPlusGenerateSigningKey(); + sigPk = bbsPlusGeneratePublicKeyG2(sigSk, sigParams); + + min = 100; + max = 200; + for (let i = 0; i < messageCount; i++) { + let m = generateFieldElementFromNumber(min + 1 + i); + messages.push(m); + } + sig = bbsPlusSignG1(messages, sigSk, sigParams, false); + const res = bbsPlusVerifyG1(messages, sig, sigPk, sigParams, false); + expect(res.verified).toBe(true); + }); + + it("bounds should be positive integers", () => { + expect(() => + generateBoundCheckLegoProverStatement(-6, max, snarkPkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoVerifierStatement(-6, max, snarkVkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoProverStatement(10.1, max, snarkPkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoVerifierStatement(10.1, max, snarkVkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoProverStatement(10, 20.8, snarkPkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoVerifierStatement(10, 20.8, snarkVkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoProverStatement(10, -90, snarkPkDecom, true) + ).toThrow(); + expect(() => + generateBoundCheckLegoVerifierStatement(10, -90, snarkVkDecom, true) + ).toThrow(); + }); + + it("create and verify a proof over single signed message using Legogroth16", () => { + checkOverSingleMessage(generateBoundCheckLegoProverStatement, generateBoundCheckLegoVerifierStatement, generateBoundCheckWitness, snarkPkDecom, snarkVkDecom) + }, 10000); + + it("create and verify a proof over single signed message using Bulletproofs++", () => { + checkOverSingleMessage(generateBoundCheckBppStatement, generateBoundCheckBppStatement, generateBoundCheckBppWitness, bppSetupParamsDecom, bppSetupParamsDecom) + }, 10000); + + it("create and verify a proof over single signed message using set-membership check", () => { + checkOverSingleMessage(generateBoundCheckSmcStatement, generateBoundCheckSmcStatement, generateBoundCheckSmcWitness, smcSetupParamsDecom, smcSetupParamsDecom) + }, 10000); + + it("create and verify a proof over single signed message using set-membership check with keyed-verification", () => { + checkOverSingleMessage(generateBoundCheckSmcWithKVProverStatement, generateBoundCheckSmcWithKVVerifierStatement, generateBoundCheckSmcWithKVWitness, smcWithKVProverParams, smcWithKVVerifierParams) + }, 10000); + + it("create and verify a proof over multiple signed messages using Legogroth16", () => { + checkOverMultipleMessages(generateSetupParamForLegoProvingKey, generateSetupParamForLegoVerifyingKey, generateBoundCheckLegoProverStatementFromParamRefs, generateBoundCheckLegoVerifierStatementFromParamRefs, generateBoundCheckWitness, snarkPkDecom, snarkVkDecom) + }, 10000); + + it("create and verify a proof over multiple signed messages using Bulletproofs++", () => { + checkOverMultipleMessages(generateSetupParamForBppParams, generateSetupParamForBppParams, generateBoundCheckBppStatementFromParamRefs, generateBoundCheckBppStatementFromParamRefs, generateBoundCheckBppWitness, bppSetupParamsDecom, bppSetupParamsDecom) + }, 10000); + + it("create and verify a proof over multiple signed messages using set-membership check", () => { + checkOverMultipleMessages(generateSetupParamForSmcParams, generateSetupParamForSmcParams, generateBoundCheckSmcStatementFromParamRefs, generateBoundCheckSmcStatementFromParamRefs, generateBoundCheckSmcWitness, smcSetupParamsDecom, smcSetupParamsDecom) + }, 10000); + + it("create and verify a proof over multiple signed messages using set-membership check with keyed-verification", () => { + checkOverMultipleMessages(generateSetupParamForSmcParams, generateSetupParamForSmcParamsAndSk, generateBoundCheckSmcWithKVProverStatementFromParamRefs, generateBoundCheckSmcWithKVVerifierStatementFromParamRefs, generateBoundCheckSmcWithKVWitness, smcWithKVProverParams, smcWithKVVerifierParams) }, 10000); }); diff --git a/tests/js/proofSystem.spec.ts b/tests/js/proofSystem.spec.ts index 55da180..84ab93f 100644 --- a/tests/js/proofSystem.spec.ts +++ b/tests/js/proofSystem.spec.ts @@ -77,7 +77,6 @@ import { generatePoKBBSSignatureStatement, bbsSign, generatePoKBBSSignatureWitness, - generateSetupParamForPSSignatureParameters, generateSetupParamForBBSSignatureParameters, generatePoKBBSSignatureStatementFromParamRefs, } from "../../lib"; diff --git a/tests/saver.rs b/tests/saver.rs index 3c33da9..5edfaa8 100644 --- a/tests/saver.rs +++ b/tests/saver.rs @@ -19,7 +19,7 @@ use dock_crypto_wasm::{ mod common; use common::{bbs_params_and_keys, get_revealed_unrevealed, get_witness_equality_statement}; -use dock_crypto_wasm::composite_proof_system::statement::{ +use dock_crypto_wasm::composite_proof_system::statements::{ generate_pok_bbs_plus_sig_statement, generate_saver_prover_statement, generate_saver_verifier_statement, };