Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
schnorr.test.cpp
Go to the documentation of this file.
1#include <gtest/gtest.h>
2
3#include "barretenberg/circuit_checker/circuit_checker.hpp"
4#include "barretenberg/crypto/pedersen_commitment/pedersen.hpp"
5#include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp"
6#include "barretenberg/stdlib_circuit_builders/ultra_circuit_builder.hpp"
7#include "schnorr.hpp"
8
9using namespace bb;
10using namespace bb::crypto;
11
12using Builder = UltraCircuitBuilder;
13using bool_ct = stdlib::bool_t<Builder>;
14using byte_array_ct = stdlib::byte_array<Builder>;
15using field_ct = stdlib::field_t<Builder>;
16using witness_ct = stdlib::witness_t<Builder>;
17
23TEST(stdlib_schnorr, schnorr_verify_signature)
24{
25 std::string longer_string = "This is a test string of length 34";
26
27 std::vector<size_t> test_lengths({ 0, 1, 32, 33 });
28 for (size_t i : test_lengths) {
29 Builder builder = Builder();
30 auto message_string = longer_string.substr(0, i);
31
32 schnorr_key_pair<grumpkin::fr, grumpkin::g1> account;
33 account.private_key = grumpkin::fr::random_element();
34 account.public_key = grumpkin::g1::one * account.private_key;
35
36 schnorr_signature signature =
37 schnorr_construct_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(message_string,
38 account);
39
40 bool first_result = schnorr_verify_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(
41 message_string, account.public_key, signature);
42 EXPECT_EQ(first_result, true);
43
44 stdlib::cycle_group<Builder> pub_key{ witness_ct(&builder, account.public_key.x),
45 witness_ct(&builder, account.public_key.y),
46 false };
47 stdlib::schnorr_signature_bits sig = stdlib::schnorr_convert_signature(&builder, signature);
48 byte_array_ct message(&builder, message_string);
49 schnorr_verify_signature(message, pub_key, sig);
50
51 info("num gates = ", builder.get_estimated_num_finalized_gates());
52 bool result = CircuitChecker::check(builder);
53 EXPECT_EQ(result, true);
54 }
55}
56
61TEST(stdlib_schnorr, verify_signature_failure)
62{
63 Builder builder = Builder();
64 std::string message_string = "This is a test string of length 34";
65
66 // create key pair 1
67 schnorr_key_pair<grumpkin::fr, grumpkin::g1> account1;
68 account1.private_key = grumpkin::fr::random_element();
69 account1.public_key = grumpkin::g1::one * account1.private_key;
70
71 // create key pair 2
72 schnorr_key_pair<grumpkin::fr, grumpkin::g1> account2;
73 account2.private_key = grumpkin::fr::random_element();
74 account2.public_key = grumpkin::g1::one * account2.private_key;
75
76 // sign the message with account 1 private key
77 schnorr_signature signature =
78 schnorr_construct_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(message_string, account1);
79
80 // check native verification with account 2 public key fails
81 bool native_result = schnorr_verify_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(
82 message_string, account2.public_key, signature);
83 EXPECT_EQ(native_result, false);
84
85 // check stdlib verification with account 2 public key fails
86 stdlib::cycle_group<Builder> pub_key2_ct{ witness_ct(&builder, account2.public_key.x),
87 witness_ct(&builder, account2.public_key.y),
88 false };
89 stdlib::schnorr_signature_bits sig = stdlib::schnorr_convert_signature(&builder, signature);
90 byte_array_ct message(&builder, message_string);
91 schnorr_verify_signature(message, pub_key2_ct, sig);
92
93 info("num gates = ", builder.get_estimated_num_finalized_gates());
94
95 bool verification_result = CircuitChecker::check(builder);
96 EXPECT_EQ(verification_result, false);
97}
98
103TEST(stdlib_schnorr, schnorr_signature_verification_result)
104{
105 std::string longer_string = "This is a test string of length 34";
106
107 Builder builder = Builder();
108
109 schnorr_key_pair<grumpkin::fr, grumpkin::g1> account;
110 account.private_key = grumpkin::fr::random_element();
111 account.public_key = grumpkin::g1::one * account.private_key;
112
113 schnorr_signature signature =
114 schnorr_construct_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(longer_string, account);
115
116 bool first_result = schnorr_verify_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(
117 longer_string, account.public_key, signature);
118 EXPECT_EQ(first_result, true);
119
120 stdlib::cycle_group<Builder> pub_key{ witness_ct(&builder, account.public_key.x),
121 witness_ct(&builder, account.public_key.y),
122 false };
123 stdlib::schnorr_signature_bits sig = stdlib::schnorr_convert_signature(&builder, signature);
124 byte_array_ct message(&builder, longer_string);
125 bool_ct signature_result = schnorr_signature_verification_result(message, pub_key, sig);
126 EXPECT_EQ(signature_result.witness_bool, true);
127
128 info("num gates = ", builder.get_estimated_num_finalized_gates());
129
130 bool result = CircuitChecker::check(builder);
131 EXPECT_EQ(result, true);
132}
133
138TEST(stdlib_schnorr, signature_verification_result_failure)
139{
140 Builder builder = Builder();
141 std::string message_string = "This is a test string of length 34";
142
143 // create key pair 1
144 schnorr_key_pair<grumpkin::fr, grumpkin::g1> account1;
145 account1.private_key = grumpkin::fr::random_element();
146 account1.public_key = grumpkin::g1::one * account1.private_key;
147
148 // create key pair 2
149 schnorr_key_pair<grumpkin::fr, grumpkin::g1> account2;
150 account2.private_key = grumpkin::fr::random_element();
151 account2.public_key = grumpkin::g1::one * account2.private_key;
152
153 // sign the message with account 1 private key
154 schnorr_signature signature =
155 schnorr_construct_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(message_string, account1);
156
157 // check native verification with account 2 public key fails
158 bool native_result = schnorr_verify_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(
159 message_string, account2.public_key, signature);
160 EXPECT_EQ(native_result, false);
161
162 // check stdlib verification with account 2 public key fails
163 stdlib::cycle_group<Builder> pub_key2_ct{ witness_ct(&builder, account2.public_key.x),
164 witness_ct(&builder, account2.public_key.y),
165 false };
166 stdlib::schnorr_signature_bits sig = stdlib::schnorr_convert_signature(&builder, signature);
167 byte_array_ct message(&builder, message_string);
168 bool_ct signature_result = schnorr_signature_verification_result(message, pub_key2_ct, sig);
169 EXPECT_EQ(signature_result.witness_bool, false);
170
171 info("num gates = ", builder.get_estimated_num_finalized_gates());
172
173 bool verification_result = CircuitChecker::check(builder);
174 EXPECT_EQ(verification_result, true);
175}
circuit_checker.hpp
bb::TranslatorCircuitChecker::check
static bool check(const Builder &circuit)
Check the witness satisifies the circuit.
Definition translator_circuit_checker.cpp:20
bb::group::one
static constexpr element one
Definition group.hpp:46
bb::stdlib::bool_t
Implements boolean logic in-circuit.
Definition bool.hpp:59
bb::stdlib::bool_t::witness_bool
bool witness_bool
Definition bool.hpp:131
bb::stdlib::byte_array
Represents a dynamic array of bytes in-circuit.
Definition byte_array.hpp:28
bb::stdlib::cycle_group
cycle_group represents a group Element of the proving system's embedded curve i.e....
Definition cycle_group.hpp:36
bb::stdlib::field_t< Builder >
bb::stdlib::witness_t
Definition witness.hpp:16
info
void info(Args... args)
Definition log.hpp:70
builder
AluTraceBuilder builder
Definition alu.test.cpp:123
pedersen.hpp
bb::crypto::schnorr_verify_signature
bool schnorr_verify_signature(const std::string &message, const typename G1::affine_element &public_key, const schnorr_signature &sig)
bb::stdlib::schnorr_convert_signature
schnorr_signature_bits< C > schnorr_convert_signature(C *context, const crypto::schnorr_signature &signature)
Instantiate a witness containing the signature (s, e) as a quadruple of field_t elements (s_lo,...
Definition schnorr.cpp:22
bb
Entry point for Barretenberg command-line interface.
Definition acir_format_getters.cpp:6
bb::TEST
TEST(MegaCircuitBuilder, CopyConstructor)
Definition mega_circuit_builder.test.cpp:14
bb::UltraCircuitBuilder
UltraCircuitBuilder_< UltraExecutionTraceBlocks > UltraCircuitBuilder
Definition circuit_builders_fwd.hpp:24
witness_ct
stdlib::witness_t< Builder > witness_ct
Definition schnorr.test.cpp:16
Builder
UltraCircuitBuilder Builder
Definition schnorr.test.cpp:12
bb::crypto::schnorr_key_pair
Definition schnorr.hpp:22
bb::crypto::schnorr_key_pair::private_key
Fr private_key
Definition schnorr.hpp:23
bb::crypto::schnorr_key_pair::public_key
G1::affine_element public_key
Definition schnorr.hpp:24
bb::crypto::schnorr_signature
Definition schnorr.hpp:30
bb::field< Bn254FqParams >::random_element
static field random_element(numeric::RNG *engine=nullptr) noexcept
Definition field_impl.hpp:665
bb::stdlib::schnorr_signature_bits
Definition schnorr.hpp:17
ultra_circuit_builder.hpp