Skip to content

Commit

Permalink
ecdsa secp_k1
Browse files Browse the repository at this point in the history
  • Loading branch information
@AntoineCyr
AntoineCyr committed Feb 27, 2025
1 parent 977dced commit 42a7992
Show file tree
Hide file tree
Showing 15 changed files with 393 additions and 129 deletions.
14 changes: 14 additions & 0 deletions ...s/blueprint/include/nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_double.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
#include <nil/blueprint/bbf/components/detail/range_check_multi.hpp>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
Expand Down Expand Up @@ -268,6 +269,19 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_ec_double
: public ec_double<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type> {
using Base = ec_double<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
14 changes: 14 additions & 0 deletions ...blueprint/include/nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_full_add.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
#include <nil/blueprint/bbf/components/detail/range_check_multi.hpp>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
Expand Down Expand Up @@ -385,6 +386,19 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_ec_full_add
: public ec_full_add<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type> {
using Base = ec_full_add<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
14 changes: 14 additions & 0 deletions ...int/include/nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_incomplete_add.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
#include <nil/blueprint/bbf/components/detail/range_check_multi.hpp>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
Expand Down Expand Up @@ -271,6 +272,19 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_ec_incomplete_add
: public ec_incomplete_add<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type> {
using Base = ec_incomplete_add<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
14 changes: 14 additions & 0 deletions ...eprint/include/nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_scalar_mult.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
#include <nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_two_t_plus_q.hpp>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
Expand Down Expand Up @@ -407,6 +408,19 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_ec_scalar_mult
: public ec_scalar_mult<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type> {
using Base = ec_scalar_mult<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
14 changes: 14 additions & 0 deletions ...print/include/nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_two_t_plus_q.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
#include <nil/blueprint/bbf/components/detail/range_check_multi.hpp>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
Expand Down Expand Up @@ -298,6 +299,19 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_ec_two_t_plus_q
: public ec_two_t_plus_q<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type> {
using Base = ec_two_t_plus_q<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
2 changes: 2 additions & 0 deletions .../blueprint/include/nil/blueprint/bbf/components/algebra/fields/non_native/check_mod_p.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,8 @@ namespace nil {

if (expect_output) {
output = ca.c;
}
else {
copy_constrain(ca.c, input.zero);
}
}
Expand Down
14 changes: 14 additions & 0 deletions ...ueprint/include/nil/blueprint/bbf/components/algebra/fields/non_native/negation_mod_p.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
#include <nil/blueprint/bbf/components/detail/range_check_multi.hpp>
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>

namespace nil {
Expand Down Expand Up @@ -193,6 +194,19 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_negation_mod_p
: public negation_mod_p<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type> {
using Base = negation_mod_p<
FieldType, stage,
crypto3::algebra::curves::secp_k1<256>::base_field_type>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
24 changes: 19 additions & 5 deletions crypto3/libs/blueprint/include/nil/blueprint/bbf/components/pubkey/ecdsa/ecdsa_recovery.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
#include <nil/blueprint/bbf/generic.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>

namespace nil {
namespace blueprint {
Expand Down Expand Up @@ -407,7 +408,7 @@ namespace nil {
}
V = input.v.data;

integral_type pow = 1;
scalar_integral_type pow = 1;
SCALAR_TYPE z = 0, r = 0, s = 0;

for (std::size_t i = 0; i < num_chunks; ++i) {
Expand All @@ -422,6 +423,7 @@ namespace nil {
pow;
pow <<= bit_size_chunk;
}

SCALAR_TYPE i1, i3, i6;
BASE_TYPE i5, d2, i8;

Expand All @@ -443,7 +445,7 @@ namespace nil {
? (x1 * x1 * x1 + a).sqrt()
: 1; // should be signaled as invalid signaure
if (base_basic_integral_type(y1.data) % 2 !=
scalar_basic_integral_type(V.data) % 2) {
scalar_basic_integral_type(integral_type(V.data)) % 2) {
y1 = -y1;
}
C[5] = (x1 * x1 * x1 + a - y1 * y1).is_zero();
Expand All @@ -461,10 +463,10 @@ namespace nil {
.inversed();

C[7] = ((base_basic_integral_type(y1.data) % 2) ==
(scalar_basic_integral_type(V.data) % 2));
(scalar_basic_integral_type(integral_type(V.data)) % 2));
d2 = (base_basic_integral_type(y1.data) +
base_basic_integral_type(
scalar_basic_integral_type(V.data))) /
scalar_basic_integral_type(integral_type(V.data)))) /
2;

SCALAR_TYPE
Expand All @@ -480,6 +482,7 @@ namespace nil {
ec_point_value_type(scalar_basic_integral_type(x1.data),
scalar_basic_integral_type(y1.data));
QA = G * u1 + R * u2;

C[8] = 1 - QA.is_zero();

i8 = QA.Y.is_zero() ? 0 : QA.Y.inversed();
Expand Down Expand Up @@ -693,7 +696,7 @@ namespace nil {
CopyConstrain(t30, CHUNKED_BIT); // t30 = (0,...,0,c8)

// c = c[1]*....*c[8]
CHUNKED_BIT[0] = C[1];
CHUNKED_BIT[0] = C[0];
auto t32 = ChoiceFunction(C[2], CHUNKED_ZERO, CHUNKED_BIT);
auto t33 = ChoiceFunction(C[3], CHUNKED_ZERO, t32);
auto t34 = ChoiceFunction(C[4], CHUNKED_ZERO, t33);
Expand Down Expand Up @@ -733,6 +736,17 @@ namespace nil {
using Base::Base;
};

template<typename FieldType, GenerationStage stage>
class secp_k1_256_ecdsa_recovery
: public ecdsa_recovery<FieldType, stage,
crypto3::algebra::curves::secp_k1<256>> {
using Base =
ecdsa_recovery<FieldType, stage, crypto3::algebra::curves::secp_k1<256>>;

public:
using Base::Base;
};

} // namespace components
} // namespace bbf
} // namespace blueprint
Expand Down
33 changes: 26 additions & 7 deletions crypto3/libs/blueprint/test/bbf/algebra/curves/weierstrass/ec_double.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
#include <nil/blueprint/bbf/circuit_builder.hpp>
#include <nil/blueprint/bbf/components/algebra/curves/weierstrass/ec_double.hpp>
#include <nil/crypto3/algebra/curves/pallas.hpp>
#include <nil/crypto3/algebra/curves/secp_k1.hpp>
#include <nil/crypto3/algebra/curves/vesta.hpp>
#include <nil/crypto3/random/algebraic_engine.hpp>

Expand All @@ -42,7 +43,9 @@ void test_ec_double(
using TYPE = typename FieldType::value_type;
using NON_NATIVE_TYPE = typename NonNativeFieldType::value_type;
using integral_type = typename BlueprintFieldType::integral_type;
using non_native_integral_type = typename BlueprintFieldType::integral_type;
typedef nil::crypto3::multiprecision::big_uint<2 *
NonNativeFieldType::modulus_bits>
non_native_integral_type;

non_native_integral_type pow = 1;
NON_NATIVE_TYPE xQ = 0, yQ = 0;
Expand Down Expand Up @@ -114,6 +117,16 @@ void test_ec_double(
bbf::circuit_builder<FieldType, bbf::components::vesta_ec_double, std::size_t,
std::size_t>(num_chunks, bit_size_chunk);

assign_and_check(B, input);
} else if constexpr (std::is_same_v<
NonNativeFieldType,
crypto3::algebra::curves::secp_k1<256>::base_field_type>) {
typename bbf::components::secp_k1_256_ec_double<
FieldType, bbf::GenerationStage::ASSIGNMENT>::input_type input;
auto B =
bbf::circuit_builder<FieldType, bbf::components::secp_k1_256_ec_double,
std::size_t, std::size_t>(num_chunks, bit_size_chunk);

assign_and_check(B, input);
}
}
Expand All @@ -124,16 +137,17 @@ void ec_double_tests() {
using NonNativeFieldType = typename Curve::base_field_type;
using value_type = typename BlueprintFieldType::value_type;
using integral_type = typename BlueprintFieldType::integral_type;
using foreign_value_type = typename NonNativeFieldType::value_type;
using foreign_value_type = typename Curve::scalar_field_type::value_type;
using foreign_integral_type = typename NonNativeFieldType::integral_type;
using ec_point_value_type = typename Curve::template g1_type<
nil::crypto3::algebra::curves::coordinates::affine>::value_type;

typedef nil::crypto3::multiprecision::big_uint<2 * NonNativeFieldType::modulus_bits>
extended_integral_type;

static boost::random::mt19937 seed_seq;
static nil::crypto3::random::algebraic_engine<BlueprintFieldType> generate_random(
seed_seq);
static nil::crypto3::random::algebraic_engine<typename Curve::scalar_field_type>
generate_random(seed_seq);
boost::random::uniform_int_distribution<> t_dist(0, 1);

extended_integral_type mask = (extended_integral_type(1) << bit_size_chunk) - 1;
Expand All @@ -145,13 +159,13 @@ void ec_double_tests() {
ext_pow = extended_base << (num_chunks * bit_size_chunk),
p = NonNativeFieldType::modulus, pp = ext_pow - p;

value_type d = generate_random();
foreign_value_type d = generate_random();
ec_point_value_type Q = ec_point_value_type::one();
Q = Q * d;

public_input.resize(5 * num_chunks);
integral_type xQ = integral_type(Q.X.data);
integral_type yQ = integral_type(Q.Y.data);
foreign_integral_type xQ = foreign_integral_type(Q.X.data);
foreign_integral_type yQ = foreign_integral_type(Q.Y.data);
for (std::size_t j = 0; j < num_chunks; j++) {
public_input[j] = value_type(xQ & mask);
xQ >>= bit_size_chunk;
Expand Down Expand Up @@ -180,6 +194,7 @@ BOOST_AUTO_TEST_CASE(blueprint_plonk_bbf_ec_double_test) {
// The curve is passed in as an argument to access additionnal properties
using pallas = typename crypto3::algebra::curves::pallas;
using vesta = typename crypto3::algebra::curves::vesta;
using secp_k1_256 = typename crypto3::algebra::curves::secp_k1<256>;

ec_double_tests<pallas::base_field_type, vesta, 8, 32, random_tests_amount>();

Expand All @@ -188,6 +203,10 @@ BOOST_AUTO_TEST_CASE(blueprint_plonk_bbf_ec_double_test) {
ec_double_tests<vesta::base_field_type, pallas, 4, 65, random_tests_amount>();

ec_double_tests<vesta::base_field_type, pallas, 12, 22, random_tests_amount>();

ec_double_tests<pallas::base_field_type, secp_k1_256, 3, 96, random_tests_amount>();

ec_double_tests<vesta::base_field_type, secp_k1_256, 3, 96, random_tests_amount>();
}

BOOST_AUTO_TEST_SUITE_END()
Loading

0 comments on commit 42a7992

Please sign in to comment.