Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
c_bind.cpp
Go to the documentation of this file.
1// === AUDIT STATUS ===
2// internal: { status: not started, auditors: [], date: YYYY-MM-DD }
3// external_1: { status: not started, auditors: [], date: YYYY-MM-DD }
4// external_2: { status: not started, auditors: [], date: YYYY-MM-DD }
5// =====================
6
7#include "c_bind.hpp"
8#include "multisig.hpp"
9#include "schnorr.hpp"
10
11using namespace bb;
12using namespace bb::crypto;
13
14using affine_element = grumpkin::g1::affine_element;
15using multisig = crypto::schnorr_multisig<grumpkin::g1, KeccakHasher, Blake2sHasher>;
16using multisig_public_key = typename multisig::MultiSigPublicKey;
17
18WASM_EXPORT void schnorr_compute_public_key(uint8_t const* private_key, uint8_t* public_key_buf)
19{
20 auto priv_key = from_buffer<grumpkin::fr>(private_key);
21 grumpkin::g1::affine_element pub_key = grumpkin::g1::one * priv_key;
22 write(public_key_buf, pub_key);
23}
24
25WASM_EXPORT void schnorr_negate_public_key(uint8_t const* public_key_buffer, uint8_t* output)
26{
27 // Negate the public key (effectively negating the y-coordinate of the public key) and return the resulting public
28 // key.
29 auto account_public_key = from_buffer<grumpkin::g1::affine_element>(public_key_buffer);
30 write(output, -account_public_key);
31}
32
33WASM_EXPORT void schnorr_construct_signature(uint8_t const* message_buf,
34 uint8_t const* private_key,
35 uint8_t* s,
36 uint8_t* e)
37{
38 auto message = from_buffer<std::string>(message_buf);
39 auto priv_key = from_buffer<grumpkin::fr>(private_key);
40 grumpkin::g1::affine_element pub_key = grumpkin::g1::one * priv_key;
41 crypto::schnorr_key_pair<grumpkin::fr, grumpkin::g1> key_pair = { priv_key, pub_key };
42 auto sig = crypto::schnorr_construct_signature<Blake2sHasher, grumpkin::fq>(message, key_pair);
43 write(s, sig.s);
44 write(e, sig.e);
45}
46
47WASM_EXPORT void schnorr_verify_signature(
48 uint8_t const* message_buf, uint8_t const* pub_key, uint8_t const* sig_s, uint8_t const* sig_e, bool* result)
49{
50 auto pubk = from_buffer<grumpkin::g1::affine_element>(pub_key);
51 auto message = from_buffer<std::string>(message_buf);
52 std::array<uint8_t, 32> s;
53 std::array<uint8_t, 32> e;
54 std::copy(sig_s, sig_s + 32, s.begin());
55 std::copy(sig_e, sig_e + 32, e.begin());
56 crypto::schnorr_signature sig = { s, e };
57 *result =
58 crypto::schnorr_verify_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(message, pubk, sig);
59}
60
61WASM_EXPORT void schnorr_multisig_create_multisig_public_key(uint8_t const* private_key, uint8_t* multisig_pubkey_buf)
62{
63 using multisig = crypto::schnorr_multisig<grumpkin::g1, KeccakHasher, Blake2sHasher>;
64 using multisig_public_key = typename multisig::MultiSigPublicKey;
65 auto priv_key = from_buffer<grumpkin::fr>(private_key);
66 grumpkin::g1::affine_element pub_key = grumpkin::g1::one * priv_key;
67 crypto::schnorr_key_pair<grumpkin::fr, grumpkin::g1> key_pair = { priv_key, pub_key };
68
69 auto agg_pubkey = multisig_public_key(key_pair);
70
71 serialize::write(multisig_pubkey_buf, agg_pubkey);
72}
73
74WASM_EXPORT void schnorr_multisig_validate_and_combine_signer_pubkeys(uint8_t const* signer_pubkey_buf,
75 affine_element::out_buf combined_key_buf,
76 bool* success)
77{
78 using multisig = crypto::schnorr_multisig<grumpkin::g1, KeccakHasher, Blake2sHasher>;
79 auto pubkeys = from_buffer<std::vector<multisig::MultiSigPublicKey>>(signer_pubkey_buf);
80
81 auto combined_key = multisig::validate_and_combine_signer_pubkeys(pubkeys);
82
83 if (combined_key) {
84 write(combined_key_buf, *combined_key);
85 *success = true;
86 } else {
87 write(combined_key_buf, affine_element::one());
88 *success = false;
89 }
90}
91
92WASM_EXPORT void schnorr_multisig_construct_signature_round_1(uint8_t* round_one_public_output_buf,
93 uint8_t* round_one_private_output_buf)
94{
95 using multisig = crypto::schnorr_multisig<grumpkin::g1, KeccakHasher, Blake2sHasher>;
96
97 auto [public_output, private_output] = multisig::construct_signature_round_1();
98 serialize::write(round_one_public_output_buf, public_output);
99 serialize::write(round_one_private_output_buf, private_output);
100}
101
102WASM_EXPORT void schnorr_multisig_construct_signature_round_2(uint8_t const* message_buf,
103 uint8_t const* private_key,
104 uint8_t const* signer_round_one_private_buf,
105 uint8_t const* signer_pubkeys_buf,
106 uint8_t const* round_one_public_buf,
107 uint8_t* round_two_buf,
108 bool* success)
109{
110 using multisig = crypto::schnorr_multisig<grumpkin::g1, KeccakHasher, Blake2sHasher>;
111 auto message = from_buffer<std::string>(message_buf);
112 auto priv_key = from_buffer<grumpkin::fr>(private_key);
113 grumpkin::g1::affine_element pub_key = grumpkin::g1::one * priv_key;
114 crypto::schnorr_key_pair<grumpkin::fr, grumpkin::g1> key_pair = { priv_key, pub_key };
115
116 auto signer_pubkeys = from_buffer<std::vector<multisig::MultiSigPublicKey>>(signer_pubkeys_buf);
117 auto round_one_outputs = from_buffer<std::vector<multisig::RoundOnePublicOutput>>(round_one_public_buf);
118
119 auto round_one_private = from_buffer<multisig::RoundOnePrivateOutput>(signer_round_one_private_buf);
120 auto round_two_output =
121 multisig::construct_signature_round_2(message, key_pair, round_one_private, signer_pubkeys, round_one_outputs);
122
123 if (round_two_output.has_value()) {
124 write(round_two_buf, *round_two_output);
125 *success = true;
126 } else {
127 *success = false;
128 }
129}
130
131WASM_EXPORT void schnorr_multisig_combine_signatures(uint8_t const* message_buf,
132 uint8_t const* signer_pubkeys_buf,
133 uint8_t const* round_one_buf,
134 uint8_t const* round_two_buf,
135 uint8_t* s,
136 uint8_t* e,
137 bool* success)
138{
139 using multisig = crypto::schnorr_multisig<grumpkin::g1, KeccakHasher, Blake2sHasher>;
140
141 auto message = from_buffer<std::string>(message_buf);
142 auto signer_pubkeys = from_buffer<std::vector<multisig::MultiSigPublicKey>>(signer_pubkeys_buf);
143 auto round_one_outputs = from_buffer<std::vector<multisig::RoundOnePublicOutput>>(round_one_buf);
144 auto round_two_outputs = from_buffer<std::vector<multisig::RoundTwoPublicOutput>>(round_two_buf);
145
146 auto sig = multisig::combine_signatures(message, signer_pubkeys, round_one_outputs, round_two_outputs);
147
148 if (sig.has_value()) {
149 write(s, (*sig).s);
150 write(e, (*sig).e);
151 *success = true;
152 } else {
153 *success = false;
154 }
155}
bb::crypto::schnorr_multisig
Implements the SpeedyMuSig protocol; a secure 2-round interactive multisignature scheme whose signatu...
Definition multisig.hpp:34
bb::crypto::schnorr_multisig::combine_signatures
static std::optional< schnorr_signature > combine_signatures(const std::string &message, const std::vector< MultiSigPublicKey > &signer_pubkeys, const std::vector< RoundOnePublicOutput > &round_1_nonces, const std::vector< RoundTwoPublicOutput > &round_2_signature_shares)
the final step in the SpeedyMuSig multisig scheme. Can be computed by an untrusted 3rd party....
Definition multisig.hpp:400
bb::crypto::schnorr_multisig::construct_signature_round_1
static std::pair< RoundOnePublicOutput, RoundOnePrivateOutput > construct_signature_round_1()
First round of SpeedyMuSig. Signers generate random nonce keypairs R = {r, [R]}, S = {s,...
Definition multisig.hpp:317
bb::crypto::schnorr_multisig::construct_signature_round_2
static std::optional< RoundTwoPublicOutput > construct_signature_round_2(const std::string &message, const key_pair &signer, const RoundOnePrivateOutput &signer_round_1_private_output, const std::vector< MultiSigPublicKey > &signer_pubkeys, const std::vector< RoundOnePublicOutput > &round_1_nonces)
Second round of SpeedyMuSig. Given the signer pubkeys and the output of round 1, round 2 has each sig...
Definition multisig.hpp:348
bb::crypto::schnorr_multisig::validate_and_combine_signer_pubkeys
static std::optional< affine_element > validate_and_combine_signer_pubkeys(const std::vector< MultiSigPublicKey > &signer_pubkeys)
Computes the sum of all signer pubkeys. Output is the public key of the public-facing schnorr multisi...
Definition multisig.hpp:271
bb::group_elements::affine_element
Definition affine_element.hpp:21
bb::group_elements::affine_element::out_buf
uint8_t * out_buf
Definition affine_element.hpp:29
bb::group_elements::affine_element::one
static constexpr affine_element one() noexcept
Definition affine_element.hpp:49
bb::group::affine_element
group_elements::affine_element< Fq, Fr, Params > affine_element
Definition group.hpp:42
bb::group::one
static constexpr element one
Definition group.hpp:46
schnorr_multisig_construct_signature_round_2
WASM_EXPORT void schnorr_multisig_construct_signature_round_2(uint8_t const *message_buf, uint8_t const *private_key, uint8_t const *signer_round_one_private_buf, uint8_t const *signer_pubkeys_buf, uint8_t const *round_one_public_buf, uint8_t *round_two_buf, bool *success)
Definition c_bind.cpp:102
schnorr_negate_public_key
WASM_EXPORT void schnorr_negate_public_key(uint8_t const *public_key_buffer, uint8_t *output)
Definition c_bind.cpp:25
schnorr_multisig_combine_signatures
WASM_EXPORT void schnorr_multisig_combine_signatures(uint8_t const *message_buf, uint8_t const *signer_pubkeys_buf, uint8_t const *round_one_buf, uint8_t const *round_two_buf, uint8_t *s, uint8_t *e, bool *success)
Definition c_bind.cpp:131
schnorr_verify_signature
WASM_EXPORT void schnorr_verify_signature(uint8_t const *message_buf, uint8_t const *pub_key, uint8_t const *sig_s, uint8_t const *sig_e, bool *result)
Definition c_bind.cpp:47
schnorr_multisig_construct_signature_round_1
WASM_EXPORT void schnorr_multisig_construct_signature_round_1(uint8_t *round_one_public_output_buf, uint8_t *round_one_private_output_buf)
Definition c_bind.cpp:92
schnorr_compute_public_key
WASM_EXPORT void schnorr_compute_public_key(uint8_t const *private_key, uint8_t *public_key_buf)
Definition c_bind.cpp:18
schnorr_multisig_validate_and_combine_signer_pubkeys
WASM_EXPORT void schnorr_multisig_validate_and_combine_signer_pubkeys(uint8_t const *signer_pubkey_buf, affine_element::out_buf combined_key_buf, bool *success)
Definition c_bind.cpp:74
schnorr_construct_signature
WASM_EXPORT void schnorr_construct_signature(uint8_t const *message_buf, uint8_t const *private_key, uint8_t *s, uint8_t *e)
Definition c_bind.cpp:33
multisig_public_key
typename multisig::MultiSigPublicKey multisig_public_key
Definition c_bind.cpp:16
schnorr_multisig_create_multisig_public_key
WASM_EXPORT void schnorr_multisig_create_multisig_public_key(uint8_t const *private_key, uint8_t *multisig_pubkey_buf)
Definition c_bind.cpp:61
bb::crypto::write
void write(B &buf, SchnorrProofOfPossession< G1, Hash > const &proof_of_possession)
Definition proof_of_possession.hpp:137
bb
Entry point for Barretenberg command-line interface.
Definition acir_format_getters.cpp:6
serialize::write
void write(auto &buf, const msgpack_concepts::HasMsgPack auto &obj)
Automatically derived write for any object that defines .msgpack() (implicitly defined by MSGPACK_FIE...
Definition serialize.hpp:538
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
c_bind.hpp
bb::crypto::schnorr_key_pair
Definition schnorr.hpp:22
bb::crypto::schnorr_multisig::MultiSigPublicKey
MultiSigPublicKey wraps a signer's public key g1::affine_element along with a proof of posession: a s...
Definition multisig.hpp:57
bb::crypto::schnorr_signature
Definition schnorr.hpp:30
WASM_EXPORT
#define WASM_EXPORT
Definition wasm_export.hpp:8