SNARK-friendly STM: jubjub wrapper #2828
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
mithril-stm/src/signature_scheme/schnorr_signature/jubjub_wrapper/curve_points.rs
Fixed
Show fixed
Hide fixed
mithril-stm/src/signature_scheme/schnorr_signature/jubjub_wrapper/curve_points.rs
Fixed
Show fixed
Hide fixed
mithril-stm/src/signature_scheme/schnorr_signature/jubjub_wrapper/field_elements.rs
Fixed
Show fixed
Hide fixed
mithril-stm/src/signature_scheme/schnorr_signature/jubjub_wrapper/field_elements.rs
Fixed
Show fixed
Hide fixed
curiecrypt
temporarily deployed
to
testing-preview
GitHub Actions
Inactive
curiecrypt
force-pushed
the
curiecrypt/msnark/jubjub-wrapper
branch
from
bdab491 to
dc04ec6
Compare
curiecrypt
temporarily deployed
to
testing-preview
GitHub Actions
Inactive
curiecrypt
temporarily deployed
to
testing-preview
GitHub Actions
Inactive
There was a problem hiding this comment.
It seems a problem occurred during merging from your previous branch as this file should not be modified.
There was a problem hiding this comment.
Same comment about this file which should not be modified.
There was a problem hiding this comment.
Same comment about this file which should not be modified.
There was a problem hiding this comment.
Same comment about this file which should not be modified.
There was a problem hiding this comment.
Same comment about this file which should not be modified.
| pub(crate) fn from_prime_order_projective_point( | ||
| prime_order_projective_point: PrimeOrderProjectivePoint, | ||
| ) -> Self { |
There was a problem hiding this comment.
Maybe this conversion could be implemented with a From trait instead?
| let response_time_msg_hash_point = msg_hash_point.scalar_multiplication(&self.response); | ||
| let challenge_times_commitment_point = | ||
| self.commitment_point.scalar_multiplication(&self.challenge); | ||
| let random_point_1_recomputed = | ||
| response_time_msg_hash_point.add(challenge_times_commitment_point); |
There was a problem hiding this comment.
Maybe we could leverage the std::ops::Add, std::ops::Mul to provide some syntactic sugar for these expression? (also for the rest of the module).
This would allow to have some more readable code?:
let random_point_1_recomputed = self.response * msg_hash_point + self.challenge * self.commitment_point;| msg_hash, | ||
| verification_key.0.into(), | ||
| self.sigma, | ||
| let points_coordinates = BaseFieldElement::collect_coordinates_of_list_of_points(&[ |
There was a problem hiding this comment.
Maybe the collect_coordinates_of_list_of_points could be inlined in a more functional way with an iter/map pattern?
| use crate::{SchnorrSignature, SchnorrSigningKey, SchnorrVerificationKey}; | ||
| use rand_chacha::ChaCha20Rng; | ||
| use rand_core::SeedableRng; | ||
|
|
||
| #[test] | ||
| fn invalid_sig() { | ||
| let msg = vec![0, 0, 0, 1]; | ||
| let msg2 = vec![0, 0, 0, 2]; | ||
| let seed = [0u8; 32]; | ||
| let mut rng = ChaCha20Rng::from_seed(seed); | ||
| let sk = SchnorrSigningKey::try_generate(&mut rng).unwrap(); | ||
| let vk = SchnorrVerificationKey::from(&sk); | ||
| let sk2 = SchnorrSigningKey::try_generate(&mut rng).unwrap(); | ||
| let vk2 = SchnorrVerificationKey::from(&sk2); | ||
|
|
||
| let sig = sk.sign(&msg, &mut rng).unwrap(); | ||
| let sig2 = sk.sign(&msg2, &mut rng).unwrap(); | ||
|
|
||
| // Wrong verification key is used | ||
| let result1 = sig.verify(&msg, &vk2); | ||
| let result2 = sig2.verify(&msg, &vk); | ||
|
|
||
| result1.expect_err("Wrong verification key used, test should fail."); | ||
| // Wrong message is verified | ||
| result2.expect_err("Wrong message used, test should fail."); | ||
| } | ||
|
|
||
| #[test] | ||
| fn serialize_deserialize_signature() { | ||
| let mut rng = ChaCha20Rng::from_seed([0u8; 32]); | ||
|
|
||
| let msg = vec![0, 0, 0, 1]; | ||
| let sk = SchnorrSigningKey::try_generate(&mut rng).unwrap(); | ||
|
|
||
| let sig = sk.sign(&msg, &mut rng).unwrap(); | ||
| let sig_bytes: [u8; 96] = sig.to_bytes(); | ||
| let sig2 = SchnorrSignature::from_bytes(&sig_bytes).unwrap(); | ||
|
|
||
| assert_eq!(sig, sig2); | ||
| } | ||
|
|
||
| #[test] | ||
| fn from_bytes_signature_not_enough_bytes() { | ||
| let msg = vec![0u8; 95]; | ||
|
|
||
| let result = SchnorrSignature::from_bytes(&msg); | ||
|
|
||
| result.expect_err("Not enough bytes."); | ||
| } | ||
|
|
There was a problem hiding this comment.
I think that we should probably keep some unit test here for (de)serialization and basic signature unit tests.
There was a problem hiding this comment.
These sub-modules lack proper rust doc comments for types and functions,
Content
This PR includes the
jubjubwrapper for theschnorr_signaturemodule.The
jubjubexposer, located in../schnorr_signature/jubjub/, includes:curve_pointsfield_elementsposeidon_digestIt exposes the
jubjubfunctionality (fromduskfor today) required by the Schnorr signature.This wrapper removed all
duskimports from the Schnorr implementation.Pre-submit checklist
Comments
Issue(s)
Closes #2817