Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
seven
/
bot-28
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Árvore: 717b51f178
Ramos Etiquetas
bot-28
/
node
/
node_modules
/
@noble
/
curves
/
esm
/
jubjub.js

jubjub.js 2.4 KB
Histórico Em bruto

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 
  1. /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
    2. 

  2. import { blake2s } from '@noble/hashes/blake2s';
    3. 

  3. import { sha512 } from '@noble/hashes/sha512';
    4. 

  4. import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils';
    5. 

  5. import { twistedEdwards } from './abstract/edwards.js';
    6. 

  6. import { Field } from './abstract/modular.js';
    7. 

  7. /**
    8. 

  8.  * jubjub Twisted Edwards curve.
    9. 

  9.  * https://neuromancer.sk/std/other/JubJub
    10. 

  10.  * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them.
    11. 

  11.  */
    12. 

  12. export const jubjub = /* @__PURE__ */ twistedEdwards({
    13. 

  13.     // Params: a, d
    14. 

  14.     a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'),
    15. 

  15.     d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'),
    16. 

  16.     // Finite field 𝔽p over which we'll do calculations
    17. 

  17.     // Same value as bls12-381 Fr (not Fp)
    18. 

  18.     Fp: Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')),
    19. 

  19.     // Subgroup order: how many points curve has
    20. 

  20.     n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'),
    21. 

  21.     // Cofactor
    22. 

  22.     h: BigInt(8),
    23. 

  23.     // Base point (x, y) aka generator point
    24. 

  24.     Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'),
    25. 

  25.     Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'),
    26. 

  26.     hash: sha512,
    27. 

  27.     randomBytes,
    28. 

  28. });
    29. 

  29. const GH_FIRST_BLOCK = utf8ToBytes('096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0');
    30. 

  30. // Returns point at JubJub curve which is prime order and not zero
    31. 

  31. export function groupHash(tag, personalization) {
    32. 

  32.     const h = blake2s.create({ personalization, dkLen: 32 });
    33. 

  33.     h.update(GH_FIRST_BLOCK);
    34. 

  34.     h.update(tag);
    35. 

  35.     // NOTE: returns ExtendedPoint, in case it will be multiplied later
    36. 

  36.     let p = jubjub.ExtendedPoint.fromHex(h.digest());
    37. 

  37.     // NOTE: cannot replace with isSmallOrder, returns Point*8
    38. 

  38.     p = p.multiply(jubjub.CURVE.h);
    39. 

  39.     if (p.equals(jubjub.ExtendedPoint.ZERO))
    40. 

  40.         throw new Error('Point has small order');
    41. 

  41.     return p;
    42. 

  42. }
    43. 

  43. export function findGroupHash(m, personalization) {
    44. 

  44.     const tag = concatBytes(m, new Uint8Array([0]));
    45. 

  45.     for (let i = 0; i < 256; i++) {
    46. 

  46.         tag[tag.length - 1] = i;
    47. 

  47.         try {
    48. 

  48.             return groupHash(tag, personalization);
    49. 

  49.         }
    50. 

  50.         catch (e) { }
    51. 

  51.     }
    52. 

  52.     throw new Error('findGroupHash tag overflow');
    53. 

  53. }
    54. 

  54. //# sourceMappingURL=jubjub.js.map
    55.