Home Esplora Aiuto
Registrati Accedi
seven
/
bot-28
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 717b51f178
Rami (Branch) Tag
bot-28
/
node
/
node_modules
/
@noble
/
curves
/
jubjub.js

jubjub.js 2.6 KB
Cronologia Originale

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 
  1. "use strict";
    2. 

  2. Object.defineProperty(exports, "__esModule", { value: true });
    3. 

  3. exports.jubjub = void 0;
    4. 

  4. exports.groupHash = groupHash;
    5. 

  5. exports.findGroupHash = findGroupHash;
    6. 

  6. /*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
    7. 

  7. const blake2s_1 = require("@noble/hashes/blake2s");
    8. 

  8. const sha512_1 = require("@noble/hashes/sha512");
    9. 

  9. const utils_1 = require("@noble/hashes/utils");
    10. 

  10. const edwards_js_1 = require("./abstract/edwards.js");
    11. 

  11. const modular_js_1 = require("./abstract/modular.js");
    12. 

  12. /**
    13. 

  13.  * jubjub Twisted Edwards curve.
    14. 

  14.  * https://neuromancer.sk/std/other/JubJub
    15. 

  15.  * jubjub does not use EdDSA, so `hash`/sha512 params are passed because interface expects them.
    16. 

  16.  */
    17. 

  17. exports.jubjub = (0, edwards_js_1.twistedEdwards)({
    18. 

  18.     // Params: a, d
    19. 

  19.     a: BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000000'),
    20. 

  20.     d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'),
    21. 

  21.     // Finite field 𝔽p over which we'll do calculations
    22. 

  22.     // Same value as bls12-381 Fr (not Fp)
    23. 

  23.     Fp: (0, modular_js_1.Field)(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')),
    24. 

  24.     // Subgroup order: how many points curve has
    25. 

  25.     n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'),
    26. 

  26.     // Cofactor
    27. 

  27.     h: BigInt(8),
    28. 

  28.     // Base point (x, y) aka generator point
    29. 

  29.     Gx: BigInt('0x11dafe5d23e1218086a365b99fbf3d3be72f6afd7d1f72623e6b071492d1122b'),
    30. 

  30.     Gy: BigInt('0x1d523cf1ddab1a1793132e78c866c0c33e26ba5cc220fed7cc3f870e59d292aa'),
    31. 

  31.     hash: sha512_1.sha512,
    32. 

  32.     randomBytes: utils_1.randomBytes,
    33. 

  33. });
    34. 

  34. const GH_FIRST_BLOCK = (0, utils_1.utf8ToBytes)('096b36a5804bfacef1691e173c366a47ff5ba84a44f26ddd7e8d9f79d5b42df0');
    35. 

  35. // Returns point at JubJub curve which is prime order and not zero
    36. 

  36. function groupHash(tag, personalization) {
    37. 

  37.     const h = blake2s_1.blake2s.create({ personalization, dkLen: 32 });
    38. 

  38.     h.update(GH_FIRST_BLOCK);
    39. 

  39.     h.update(tag);
    40. 

  40.     // NOTE: returns ExtendedPoint, in case it will be multiplied later
    41. 

  41.     let p = exports.jubjub.ExtendedPoint.fromHex(h.digest());
    42. 

  42.     // NOTE: cannot replace with isSmallOrder, returns Point*8
    43. 

  43.     p = p.multiply(exports.jubjub.CURVE.h);
    44. 

  44.     if (p.equals(exports.jubjub.ExtendedPoint.ZERO))
    45. 

  45.         throw new Error('Point has small order');
    46. 

  46.     return p;
    47. 

  47. }
    48. 

  48. function findGroupHash(m, personalization) {
    49. 

  49.     const tag = (0, utils_1.concatBytes)(m, new Uint8Array([0]));
    50. 

  50.     for (let i = 0; i < 256; i++) {
    51. 

  51.         tag[tag.length - 1] = i;
    52. 

  52.         try {
    53. 

  53.             return groupHash(tag, personalization);
    54. 

  54.         }
    55. 

  55.         catch (e) { }
    56. 

  56.     }
    57. 

  57.     throw new Error('findGroupHash tag overflow');
    58. 

  58. }
    59. 

  59. //# sourceMappingURL=jubjub.js.map
    60.