Merge pull request #17 from uZhW8Rgl/mergebranch

@uZhW8Rgl - support for the Decaf377 - RC1
ZK-Plus · Mar 22, 2024 · 295b145 · 295b145
2 parents 68f0a85 + 8b8a8a3
commit 295b145
Show file tree

Hide file tree

Showing 4 changed files with 99 additions and 3 deletions.
diff --git a/tests/decaf377_test.py b/tests/decaf377_test.py
@@ -0,0 +1,64 @@
+import unittest
+
+from os import urandom
+
+from znakes.fields import BLS12_377Field as FQ
+from znakes.curves import Decaf377 as JubJub
+
+
+JUBJUB_C = JubJub.JUBJUB_C
+JUBJUB_E = JubJub.JUBJUB_E
+
+
+class TestJubjub(unittest.TestCase):
+    def _point_g(self):
+        return JubJub.generator()
+
+    # Hardcoded for now till we have automatic test generation for ZoKrates test framework
+    def _fe_rnd(self):
+        return [FQ(1234), FQ(5678), FQ(7890)]
+
+    def test_double(self):
+        G = self._point_g()
+        G_times_2 = G.mult(2)
+        G_dbl = G.add(G)
+        self.assertEqual(G_times_2, G_dbl)
+
+    # test taken form: https://protocol.penumbra.zone/main/crypto/decaf377.html
+    def test_cyclic(self):
+        G = self._point_g()
+        scalar = 2111115437357092606062206234695386632838870926408408195193685246394721360383
+        self.assertEqual(G.mult(JUBJUB_C).mult(scalar), JubJub.infinity())
+
+    def test_multiplicative(self):
+        G = self._point_g()
+        a, b, _ = self._fe_rnd()
+        A = G.mult(a)
+        B = G.mult(b)
+
+        ab = (a.n * b.n) % JUBJUB_E
+        AB = G.mult(FQ(ab))
+        self.assertEqual(A.mult(b), AB)
+        self.assertEqual(B.mult(a), AB)
+
+    def test_multiplicative_associativity(self):
+        G = self._point_g()
+
+        a, b, c = self._fe_rnd()
+
+        res1 = G.mult(a).mult(b).mult(c)
+        res2 = G.mult(b).mult(c).mult(a)
+        res3 = G.mult(c).mult(a).mult(b)
+
+        self.assertEqual(res1, res2)
+        self.assertEqual(res2, res3)
+        self.assertEqual(res1, res3)
+
+    def test_identities(self):
+        G = self._point_g()
+        self.assertEqual(G + JubJub.infinity(), G)
+        self.assertEqual(G + G.neg(), JubJub.infinity())
+
+
+if __name__ == "__main__":
+    unittest.main()
diff --git a/znakes/curves.py b/znakes/curves.py
@@ -8,7 +8,7 @@
 """
 
 from abc import ABC, abstractmethod
-from .fields import FQ, BN128Field, BLS12_381Field
+from .fields import FQ, BN128Field, BLS12_381Field, BLS12_377Field
 from .numbertheory import square_root_mod_prime, SquareRootError
 
 
@@ -304,3 +304,29 @@ def generator(cls):
     @staticmethod
     def infinity():
         return JubJub(BLS12_381Field(0), BLS12_381Field(1))
+
+
+# values taken from https://protocol.penumbra.zone/main/crypto/decaf377.html
+class Decaf377(EdwardsCurve):
+    FIELD_TYPE = BLS12_377Field
+    # order of the field
+    JUBJUB_Q = BLS12_377Field.FIELD
+    # order of the curve
+    JUBJUB_E = 8444461749428370424248824938781546531355483705633632780774740985578885441532  # C*L == E
+    JUBJUB_C = BLS12_377Field(4)  # Cofactor
+    JUBJUB_L = BLS12_377Field(2111115437357092606062206234695386632838870926408408195193685246394721360383)
+    JUBJUB_A = BLS12_377Field(-1)  # Coefficient A
+    JUBJUB_D = BLS12_377Field(3021)  # Coefficient D
+
+    def __init__(self, x: BLS12_377Field, y: BLS12_377Field):
+        super().__init__(x, y)
+
+    @classmethod
+    def generator(cls):
+        x = 4959445789346820725352484487855828915252512307947624787834978378872129235627
+        y = 6060471950081851567114691557659790004756535011754163002297540472747064943288
+        return cls(BLS12_377Field(x), BLS12_377Field(y))
+
+    @staticmethod
+    def infinity():
+        return Decaf377(BLS12_377Field(0), BLS12_377Field(1))    
diff --git a/znakes/eddsa.py b/znakes/eddsa.py
@@ -35,8 +35,8 @@
 from os import urandom
 from abc import ABCMeta
 
-from .curves import EdwardsCurve, BabyJubJub, JubJub
-from .fields import FQ, BN128Field, BLS12_381Field
+from .curves import EdwardsCurve, BabyJubJub, JubJub, Decaf377
+from .fields import FQ, BN128Field, BLS12_381Field, BLS12_377Field
 from .utils import to_bytes
 
 
@@ -49,6 +49,8 @@ def __init__(self, sk: int, curve: ABCMeta):
             field = BN128Field
         elif curve == JubJub:
             field = BLS12_381Field
+        elif curve == Decaf377:
+            field = BLS12_377Field
         else:
             raise ValueError('Edwardscurve not supported')
         self.curve = curve

diff --git a/znakes/fields.py b/znakes/fields.py
@@ -96,3 +96,7 @@ class BN128Field(FQ):
 
 class BLS12_381Field(FQ):
     FIELD = 52435875175126190479447740508185965837690552500527637822603658699938581184513
+
+
+class BLS12_377Field(FQ):
+    FIELD = 8444461749428370424248824938781546531375899335154063827935233455917409239041