@arcium-hq/client 0.6.1 → 0.6.3

package/build/index.mjs

@@ -480,7 +480,11 @@ function randMatrix(field, nrows, ncols) {
 /**
  * Curve25519 base field as an IField instance.
  */
-const CURVE25519_BASE_FIELD = ed25519.CURVE.Fp;
+const CURVE25519_BASE_FIELD = ed25519.Point.Fp;
+/**
+ * Curve25519 scalar field as an IField instance.
+ */
+const CURVE25519_SCALAR_FIELD = ed25519.Point.Fn;
 // Security level for the block cipher.
 const SECURITY_LEVEL_BLOCK_CIPHER = 128;
 // Security level for the hash function.
@@ -876,8 +880,8 @@ class RescuePrimeHash {
     /**
      * Constructs a RescuePrimeHash instance with rate = 7 and capacity = 5.
      */
-    constructor() {
-        this.desc = new RescueDesc(CURVE25519_BASE_FIELD, { kind: 'hash', m: 12, capacity: 5 });
+    constructor(field) {
+        this.desc = new RescueDesc(field, { kind: 'hash', m: 12, capacity: 5 });
         this.rate = 7;
         this.digestLength = 5;
     }
@@ -931,15 +935,32 @@ const RESCUE_CIPHER_BLOCK_SIZE = 5;
  * The Rescue cipher in Counter (CTR) mode, with a fixed block size m = 5.
  * See: https://tosc.iacr.org/index.php/ToSC/article/view/8695/8287
  */
-class RescueCipher {
+class RescueCipherCommon {
     desc;
     /**
-     * Constructs a RescueCipher instance using a shared secret.
+     * Constructs a RescueCipherCommon instance using a shared secret.
      * The key is derived using RescuePrimeHash and used to initialize the RescueDesc.
      * @param sharedSecret - The shared secret to derive the cipher key from.
      */
-    constructor(sharedSecret) {
-        const hasher = new RescuePrimeHash();
+    constructor(sharedSecret, field) {
+        if (sharedSecret.length != 32) {
+            throw Error(`sharedSecret must be of length 32 (found ${sharedSecret.length})`);
+        }
+        const hasher = new RescuePrimeHash(field);
+        // In case `field` is different from CURVE25519_BASE_FIELD we need to injectively map sharedSecret
+        // to a vector of elements over `field`.
+        const converted = [];
+        if (field === CURVE25519_BASE_FIELD) {
+            converted.push(deserializeLE(sharedSecret));
+        }
+        else {
+            // We chunk sharedSecret by field.BYTES - 1 and convert.
+            const chunkSize = field.BYTES - 1;
+            const nChunks = Math.ceil(sharedSecret.length / chunkSize);
+            for (let i = 0; i < nChunks; ++i) {
+                converted.push(deserializeLE(sharedSecret.slice(i * chunkSize, (i + 1) * chunkSize)));
+            }
+        }
         // We follow [Section 4, Option 1.](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr2.pdf).
         // For our choice of hash function, we have:
         // - H_outputBits = hasher.digestLength = RESCUE_CIPHER_BLOCK_SIZE
@@ -948,9 +969,9 @@ class RescueCipher {
         // - L = RESCUE_CIPHER_BLOCK_SIZE.
         // Build the vector `counter || Z || FixedInfo` (we only have i = 1, since reps = 1).
         // For the FixedInfo we simply take L.
-        const counter = [1n, deserializeLE(sharedSecret), BigInt(RESCUE_CIPHER_BLOCK_SIZE)];
+        const counter = [1n, ...converted, BigInt(RESCUE_CIPHER_BLOCK_SIZE)];
         const rescueKey = hasher.digest(counter);
-        this.desc = new RescueDesc(CURVE25519_BASE_FIELD, { kind: 'cipher', key: rescueKey });
+        this.desc = new RescueDesc(field, { kind: 'cipher', key: rescueKey });
     }
     /**
      * Encrypts the plaintext vector in Counter (CTR) mode (raw, returns bigints).
@@ -972,7 +993,7 @@ class RescueCipher {
             const ciphertext = [];
             for (let i = 0; i < ptxt.length; ++i) {
                 if (!verifyBinSize(ptxt[i], binSize - 1n) || ctSignBit(ptxt[i], binSize) || !ctLt(ptxt[i], desc.field.ORDER, binSize)) {
-                    throw Error(`plaintext must be non-negative and at most ${desc.field.ORDER}`);
+                    throw Error(`plaintext must be non-negative and less than ${desc.field.ORDER}`);
                 }
                 const sum = ctAdd(ptxt[i], encryptedCounter.data[i][0], binSize);
                 ciphertext.push(ctSelect(ctLt(sum, desc.field.ORDER, binSize), sum, ctSub(sum, desc.field.ORDER, binSize), binSize));
@@ -1070,6 +1091,74 @@ function getCounter(nonce, nBlocks) {
     return counter;
 }
 
+/**
+ * The Rescue cipher over Curve25519's base field in Counter (CTR) mode, with a fixed block size m = 5.
+ * See: https://tosc.iacr.org/index.php/ToSC/article/view/8695/8287
+ */
+class RescueCipher {
+    cipher;
+    /**
+     * Constructs a RescueCipher instance using a shared secret.
+     * The key is derived using RescuePrimeHash and used to initialize the RescueDesc.
+     * @param sharedSecret - The shared secret to derive the cipher key from.
+     */
+    constructor(sharedSecret) {
+        this.cipher = new RescueCipherCommon(sharedSecret, CURVE25519_BASE_FIELD);
+    }
+    /**
+     * Encrypts the plaintext vector in Counter (CTR) mode and serializes each block.
+     * @param plaintext - The array of plaintext bigints to encrypt.
+     * @param nonce - A 16-byte nonce for CTR mode.
+     * @returns The ciphertext as an array of arrays of numbers (each 32 bytes).
+     */
+    encrypt(plaintext, nonce) {
+        return this.cipher.encrypt(plaintext, nonce);
+    }
+    /**
+     * Deserializes and decrypts the ciphertext vector in Counter (CTR) mode.
+     * @param ciphertext - The array of arrays of numbers (each 32 bytes) to decrypt.
+     * @param nonce - A 16-byte nonce for CTR mode.
+     * @returns The decrypted plaintext as an array of bigints.
+     */
+    decrypt(ciphertext, nonce) {
+        return this.cipher.decrypt(ciphertext, nonce);
+    }
+}
+
+/**
+ * The Rescue cipher over Curve25519's scalar field in Counter (CTR) mode, with a fixed block size m = 5.
+ * See: https://tosc.iacr.org/index.php/ToSC/article/view/8695/8287
+ */
+class CSplRescueCipher {
+    cipher;
+    /**
+     * Constructs a RescueCipher instance using a shared secret.
+     * The key is derived using RescuePrimeHash and used to initialize the RescueDesc.
+     * @param sharedSecret - The shared secret to derive the cipher key from.
+     */
+    constructor(sharedSecret) {
+        this.cipher = new RescueCipherCommon(sharedSecret, CURVE25519_SCALAR_FIELD);
+    }
+    /**
+     * Encrypts the plaintext vector in Counter (CTR) mode and serializes each block.
+     * @param plaintext - The array of plaintext bigints to encrypt.
+     * @param nonce - A 16-byte nonce for CTR mode.
+     * @returns The ciphertext as an array of arrays of numbers (each 32 bytes).
+     */
+    encrypt(plaintext, nonce) {
+        return this.cipher.encrypt(plaintext, nonce);
+    }
+    /**
+     * Deserializes and decrypts the ciphertext vector in Counter (CTR) mode.
+     * @param ciphertext - The array of arrays of numbers (each 32 bytes) to decrypt.
+     * @param nonce - A 16-byte nonce for CTR mode.
+     * @returns The decrypted plaintext as an array of bigints.
+     */
+    decrypt(ciphertext, nonce) {
+        return this.cipher.decrypt(ciphertext, nonce);
+    }
+}
+
 // The arcisEd25519 signature scheme. This is essentially ed25519 but we use the hash function
 // SHA3-512 instead of SHA-512 since its multiplicative depth is much lower, which
 // makes it much better suited to be evaluated in MPC.
@@ -1701,7 +1790,7 @@ function createPacker(fields, typeName = 'Packer') {
 var address = "Arcj82pX7HxYKLR92qvgZUAd7vGS1k4hQvAFcPATFdEQ";
 var metadata = {
 	name: "arcium",
-	version: "0.6.1",
+	version: "0.6.3",
 	spec: "0.1.0",
 	description: "The Arcium program"
 };
@@ -2789,6 +2878,10 @@ var instructions = [
 			{
 				name: "mxe_program",
 				type: "pubkey"
+			},
+			{
+				name: "output_len_bytes",
+				type: "u32"
 			}
 		]
 	},
@@ -2874,18 +2967,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -3557,6 +3656,55 @@ var instructions = [
 						}
 					]
 				}
+			},
+			{
+				name: "comp_def_raw",
+				docs: [
+					"At least the first raw circuit account must exist before finalizing"
+				],
+				pda: {
+					seeds: [
+						{
+							kind: "const",
+							value: [
+								67,
+								111,
+								109,
+								112,
+								117,
+								116,
+								97,
+								116,
+								105,
+								111,
+								110,
+								68,
+								101,
+								102,
+								105,
+								110,
+								105,
+								116,
+								105,
+								111,
+								110,
+								82,
+								97,
+								119
+							]
+						},
+						{
+							kind: "account",
+							path: "comp_def_acc"
+						},
+						{
+							kind: "const",
+							value: [
+								0
+							]
+						}
+					]
+				}
 			}
 		],
 		args: [
@@ -3651,18 +3799,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -4006,18 +4160,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -5120,18 +5280,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -5293,18 +5459,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -7461,18 +7633,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -8701,18 +8879,24 @@ var instructions = [
 						{
 							kind: "const",
 							value: [
-								109,
+								77,
 								120,
 								101,
-								95,
-								114,
+								82,
 								101,
 								99,
 								111,
 								118,
 								101,
 								114,
-								121
+								121,
+								65,
+								99,
+								99,
+								111,
+								117,
+								110,
+								116
 							]
 						},
 						{
@@ -9826,6 +10010,11 @@ var errors = [
 		code: 6713,
 		name: "BackupClusterNotSet",
 		msg: "Backup MXE cluster is not set"
+	},
+	{
+		code: 6714,
+		name: "ShareAlreadySubmitted",
+		msg: "Share already submitted"
 	}
 ];
 var types = [
@@ -11686,17 +11875,11 @@ var types = [
 			kind: "struct",
 			fields: [
 				{
-					name: "bitmap",
+					name: "key_recovery_finalize_offset",
 					docs: [
-						"Bitmap tracking which peers have uploaded their shares.",
-						"Bit index corresponds to the index in the original MXE's recovery_peers array."
+						"The computation offset for the queued key_recovery_finalize circuit."
 					],
-					type: {
-						array: [
-							"u8",
-							13
-						]
-					}
+					type: "u64"
 				},
 				{
 					name: "shares",
@@ -11722,52 +11905,32 @@ var types = [
 					}
 				},
 				{
-					name: "is_finalized",
-					docs: [
-						"Whether the recovery has been finalized (threshold met and marked ready)."
-					],
-					type: "u8"
+					name: "original_mxe_pubkey",
+					type: "pubkey"
 				},
 				{
-					name: "_padding1",
-					docs: [
-						"Padding for u64 alignment (need 5 bytes to align key_recovery_final_offset at 8-byte",
-						"boundary)"
-					],
-					type: {
-						array: [
-							"u8",
-							2
-						]
-					}
+					name: "backup_mxe_pubkey",
+					type: "pubkey"
 				},
 				{
-					name: "key_recovery_finalize_offset",
+					name: "is_finalized",
 					docs: [
-						"The computation offset for the queued key_recovery_finalize circuit."
+						"Whether the recovery has been finalized (threshold met and marked ready)."
 					],
-					type: "u64"
+					type: "u8"
 				},
 				{
 					name: "_padding2",
 					docs: [
-						"Padding to ensure struct size is multiple of 8 (for zero_copy alignment after bump field)"
+						"Padding to ensure struct size is u64 aligned (6 bytes)"
 					],
 					type: {
 						array: [
 							"u8",
-							7
+							6
 						]
 					}
 				},
-				{
-					name: "original_mxe_pubkey",
-					type: "pubkey"
-				},
-				{
-					name: "backup_mxe_pubkey",
-					type: "pubkey"
-				},
 				{
 					name: "bump",
 					type: "u8"
@@ -12756,7 +12919,7 @@ const RECOVERY_CLUSTER_ACC_SEED = 'RecoveryClusterAccount';
  * Seed for MxeRecoveryAccount PDA
  * @constant {string}
  */
-const MXE_RECOVERY_ACC_SEED = 'mxe_recovery';
+const MXE_RECOVERY_ACC_SEED = 'MxeRecoveryAccount';
 /**
  * Maximum number of bytes that can be reallocated per instruction.
  * @constant {number}
@@ -13582,4 +13745,4 @@ async function awaitEvent(eventListener, eventName, eventCheck, commitment = 'co
     return { event: foundEvent[0], sig: foundEvent[1] };
 }
 
-export { ARCIUM_ADDR, ARCIUM_IDL, Aes128Cipher, Aes192Cipher, Aes256Cipher, ArcisModule, ArcisType, ArcisValueField, CURVE25519_BASE_FIELD, CURVE25519_SCALAR_FIELD_MODULUS, IntegerInfo, Matrix, RescueCipher, RescueDesc, RescuePrimeHash, arcisEd25519, awaitComputationFinalization, buildFinalizeCompDefTx, createPacker, deserializeLE, finalizeKeyRecoveryExecution, generateRandomFieldElem, getArciumAccountBaseSeed, getArciumEnv, getArciumProgram, getArciumProgramId, getArxNodeAccAddress, getClockAccAddress, getClusterAccAddress, getCompDefAccAddress, getCompDefAccOffset, getComputationAccAddress, getComputationsInMempool, getExecutingPoolAccAddress, getExecutingPoolAccInfo, getFeePoolAccAddress, getMXEAccAddress, getMXEArcisEd25519VerifyingKey, getMXEPublicKey, getMempoolAccAddress, getMempoolAccInfo, getMempoolPriorityFeeStats, getMxeRecoveryAccAddress, getRecoveryClusterAccAddress, initKeyRecoveryExecution, initMxePart1, initMxePart2, isNullRef, positiveModulo, queueKeyRecoveryInit, randMatrix, recoverMxe, serializeLE, sha256, submitKeyRecoveryShare, toVec, uploadCircuit };
+export { ARCIUM_ADDR, ARCIUM_IDL, Aes128Cipher, Aes192Cipher, Aes256Cipher, ArcisModule, ArcisType, ArcisValueField, CSplRescueCipher, CURVE25519_BASE_FIELD, CURVE25519_SCALAR_FIELD, CURVE25519_SCALAR_FIELD_MODULUS, IntegerInfo, Matrix, RescueCipher, RescueDesc, RescuePrimeHash, arcisEd25519, awaitComputationFinalization, buildFinalizeCompDefTx, createPacker, deserializeLE, finalizeKeyRecoveryExecution, generateRandomFieldElem, getArciumAccountBaseSeed, getArciumEnv, getArciumProgram, getArciumProgramId, getArxNodeAccAddress, getClockAccAddress, getClusterAccAddress, getCompDefAccAddress, getCompDefAccOffset, getComputationAccAddress, getComputationsInMempool, getExecutingPoolAccAddress, getExecutingPoolAccInfo, getFeePoolAccAddress, getMXEAccAddress, getMXEArcisEd25519VerifyingKey, getMXEPublicKey, getMempoolAccAddress, getMempoolAccInfo, getMempoolPriorityFeeStats, getMxeRecoveryAccAddress, getRecoveryClusterAccAddress, initKeyRecoveryExecution, initMxePart1, initMxePart2, isNullRef, positiveModulo, queueKeyRecoveryInit, randMatrix, recoverMxe, serializeLE, sha256, submitKeyRecoveryShare, toVec, uploadCircuit };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@arcium-hq/client",
-  "version": "0.6.1",
+  "version": "0.6.3",
   "description": "Client SDK for interacting with encrypted Solana programs",
   "author": "Arcium",
   "license": "GPL-3.0-only",