@aztec/accounts 5.0.0-rc.1 → 5.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (43) hide show
  1. package/artifacts/EcdsaKAccount.json +1565 -1061
  2. package/artifacts/EcdsaRAccount.json +1562 -1058
  3. package/artifacts/SchnorrAccount.json +1658 -1154
  4. package/artifacts/SchnorrInitializerlessAccount.json +605 -361
  5. package/artifacts/SimulatedEcdsaAccount.json +990 -814
  6. package/artifacts/SimulatedSchnorrAccount.json +1163 -967
  7. package/dest/schnorr/initializerless/index.d.ts +4 -4
  8. package/dest/schnorr/initializerless/index.d.ts.map +1 -1
  9. package/dest/schnorr/initializerless/index.js +7 -7
  10. package/dest/schnorr/initializerless/lazy.d.ts +4 -4
  11. package/dest/schnorr/initializerless/lazy.d.ts.map +1 -1
  12. package/dest/schnorr/initializerless/lazy.js +7 -7
  13. package/dest/schnorr/private_immutable/index.d.ts +4 -4
  14. package/dest/schnorr/private_immutable/index.d.ts.map +1 -1
  15. package/dest/schnorr/private_immutable/index.js +7 -7
  16. package/dest/schnorr/private_immutable/lazy.d.ts +4 -4
  17. package/dest/schnorr/private_immutable/lazy.d.ts.map +1 -1
  18. package/dest/schnorr/private_immutable/lazy.js +7 -7
  19. package/dest/testing/configuration.d.ts +1 -1
  20. package/dest/testing/configuration.d.ts.map +1 -1
  21. package/dest/testing/configuration.js +6 -2
  22. package/dest/testing/index.d.ts +1 -1
  23. package/dest/testing/index.d.ts.map +1 -1
  24. package/dest/testing/index.js +13 -11
  25. package/dest/testing/lazy.d.ts +1 -1
  26. package/dest/testing/lazy.d.ts.map +1 -1
  27. package/dest/testing/lazy.js +13 -11
  28. package/dest/utils/index.d.ts +2 -1
  29. package/dest/utils/index.d.ts.map +1 -1
  30. package/dest/utils/index.js +1 -0
  31. package/dest/utils/key_derivation.d.ts +9 -0
  32. package/dest/utils/key_derivation.d.ts.map +1 -0
  33. package/dest/utils/key_derivation.js +16 -0
  34. package/package.json +6 -6
  35. package/src/schnorr/initializerless/index.ts +8 -8
  36. package/src/schnorr/initializerless/lazy.ts +8 -8
  37. package/src/schnorr/private_immutable/index.ts +8 -8
  38. package/src/schnorr/private_immutable/lazy.ts +8 -8
  39. package/src/testing/configuration.ts +6 -2
  40. package/src/testing/index.ts +13 -13
  41. package/src/testing/lazy.ts +13 -13
  42. package/src/utils/index.ts +1 -0
  43. package/src/utils/key_derivation.ts +15 -0
@@ -10,8 +10,8 @@ import { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
10
10
  import type { ContractArtifact } from '@aztec/stdlib/abi';
11
11
  import { loadContractArtifact } from '@aztec/stdlib/abi';
12
12
  import type { AztecAddress } from '@aztec/stdlib/aztec-address';
13
- import { deriveSigningKey } from '@aztec/stdlib/keys';
14
13
 
14
+ import { deriveSecretKeyFromSigningKey } from '../../utils/key_derivation.js';
15
15
  import { SchnorrBaseAccountContract } from '../account_contract.js';
16
16
 
17
17
  /**
@@ -45,16 +45,16 @@ export class SchnorrAccountContract extends SchnorrBaseAccountContract {
45
45
 
46
46
  /**
47
47
  * Compute the address of a schnorr account contract.
48
- * @param secret - A seed for deriving the signing key and public keys.
48
+ * @param signingPrivateKey - The account's signing private key.
49
49
  * @param salt - The contract address salt.
50
- * @param signingPrivateKey - A specific signing private key that's not derived from the secret.
50
+ * @param secretKey - Seed for the account's privacy keys. Derived from the signing key when omitted.
51
51
  */
52
52
  export async function getSchnorrAccountContractAddress(
53
- secret: Fr,
53
+ signingPrivateKey: GrumpkinScalar,
54
54
  salt: Fr,
55
- signingPrivateKey?: GrumpkinScalar,
55
+ secretKey?: Fr,
56
56
  ): Promise<AztecAddress> {
57
- const signingKey = signingPrivateKey ?? deriveSigningKey(secret);
58
- const accountContract = new SchnorrAccountContract(signingKey);
59
- return await getAccountContractAddress(accountContract, secret, salt);
57
+ const resolvedSecretKey = secretKey ?? (await deriveSecretKeyFromSigningKey(signingPrivateKey));
58
+ const accountContract = new SchnorrAccountContract(signingPrivateKey);
59
+ return await getAccountContractAddress(accountContract, resolvedSecretKey, salt);
60
60
  }
@@ -12,8 +12,12 @@ export const INITIAL_TEST_SECRET_KEYS = [
12
12
  export const INITIAL_TEST_ENCRYPTION_KEYS = INITIAL_TEST_SECRET_KEYS.map(secretKey =>
13
13
  deriveMasterIncomingViewingSecretKey(secretKey),
14
14
  );
15
- // TODO(#5837): come up with a standard signing key derivation scheme instead of using ivsk_m as signing keys here
16
- export const INITIAL_TEST_SIGNING_KEYS = INITIAL_TEST_ENCRYPTION_KEYS;
15
+
16
+ export const INITIAL_TEST_SIGNING_KEYS = [
17
+ GrumpkinScalar.fromHexString('0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f'),
18
+ GrumpkinScalar.fromHexString('202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e'),
19
+ GrumpkinScalar.fromHexString('404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e'),
20
+ ];
17
21
 
18
22
  export const INITIAL_TEST_ACCOUNT_SALTS = [Fr.ZERO, Fr.ZERO, Fr.ZERO];
19
23
 
@@ -4,14 +4,13 @@
4
4
  * @packageDocumentation
5
5
  */
6
6
  import { Fr } from '@aztec/aztec.js/fields';
7
- import type { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
8
- import { deriveSigningKey } from '@aztec/stdlib/keys';
7
+ import { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
9
8
 
10
9
  import { getSchnorrInitializerlessAccountContractAddress } from '../schnorr/initializerless/index.js';
11
10
  import { getSchnorrAccountContractAddress } from '../schnorr/private_immutable/index.js';
11
+ import { deriveSecretKeyFromSigningKey } from '../utils/key_derivation.js';
12
12
  import {
13
13
  INITIAL_TEST_ACCOUNT_SALTS,
14
- INITIAL_TEST_ENCRYPTION_KEYS,
15
14
  INITIAL_TEST_SECRET_KEYS,
16
15
  INITIAL_TEST_SIGNING_KEYS,
17
16
  type InitialAccountData,
@@ -28,10 +27,10 @@ export {
28
27
  } from './configuration.js';
29
28
 
30
29
  /** Derives the account contract address for the given type */
31
- function getTestAccountAddress(type: InitialAccountType, secret: Fr, salt: Fr, signingKey?: GrumpkinScalar) {
30
+ function getTestAccountAddress(type: InitialAccountType, signingKey: GrumpkinScalar, salt: Fr, secret?: Fr) {
32
31
  return type === 'schnorr'
33
- ? getSchnorrAccountContractAddress(secret, salt, signingKey)
34
- : getSchnorrInitializerlessAccountContractAddress(secret, salt, signingKey);
32
+ ? getSchnorrAccountContractAddress(signingKey, salt, secret)
33
+ : getSchnorrInitializerlessAccountContractAddress(signingKey, salt, secret);
35
34
  }
36
35
 
37
36
  /**
@@ -41,13 +40,13 @@ export function getInitialTestAccountsData(): Promise<InitialAccountData[]> {
41
40
  return Promise.all(
42
41
  INITIAL_TEST_SECRET_KEYS.map(async (secret, i) => ({
43
42
  secret,
44
- signingKey: INITIAL_TEST_ENCRYPTION_KEYS[i],
43
+ signingKey: INITIAL_TEST_SIGNING_KEYS[i],
45
44
  salt: INITIAL_TEST_ACCOUNT_SALTS[i],
46
45
  type: 'schnorr_initializerless' as const,
47
46
  address: await getSchnorrInitializerlessAccountContractAddress(
48
- secret,
49
- INITIAL_TEST_ACCOUNT_SALTS[i],
50
47
  INITIAL_TEST_SIGNING_KEYS[i],
48
+ INITIAL_TEST_ACCOUNT_SALTS[i],
49
+ secret,
51
50
  ),
52
51
  })),
53
52
  );
@@ -60,16 +59,17 @@ export async function generateSchnorrAccounts(
60
59
  numberOfAccounts: number,
61
60
  type: InitialAccountType = 'schnorr_initializerless',
62
61
  ): Promise<InitialAccountData[]> {
63
- const secrets = Array.from({ length: numberOfAccounts }, () => Fr.random());
62
+ const signingKeys = Array.from({ length: numberOfAccounts }, () => GrumpkinScalar.random());
64
63
  return await Promise.all(
65
- secrets.map(async secret => {
64
+ signingKeys.map(async signingKey => {
66
65
  const salt = Fr.random();
66
+ const secret = await deriveSecretKeyFromSigningKey(signingKey);
67
67
  return {
68
68
  secret,
69
- signingKey: deriveSigningKey(secret),
69
+ signingKey,
70
70
  salt,
71
71
  type,
72
- address: await getTestAccountAddress(type, secret, salt),
72
+ address: await getTestAccountAddress(type, signingKey, salt, secret),
73
73
  };
74
74
  }),
75
75
  );
@@ -4,14 +4,13 @@
4
4
  * @packageDocumentation
5
5
  */
6
6
  import { Fr } from '@aztec/aztec.js/fields';
7
- import type { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
8
- import { deriveSigningKey } from '@aztec/stdlib/keys';
7
+ import { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
9
8
 
10
9
  import { getSchnorrInitializerlessAccountContractAddress } from '../schnorr/initializerless/lazy.js';
11
10
  import { getSchnorrAccountContractAddress } from '../schnorr/private_immutable/lazy.js';
11
+ import { deriveSecretKeyFromSigningKey } from '../utils/key_derivation.js';
12
12
  import {
13
13
  INITIAL_TEST_ACCOUNT_SALTS,
14
- INITIAL_TEST_ENCRYPTION_KEYS,
15
14
  INITIAL_TEST_SECRET_KEYS,
16
15
  INITIAL_TEST_SIGNING_KEYS,
17
16
  type InitialAccountData,
@@ -21,10 +20,10 @@ import {
21
20
  export { INITIAL_TEST_ACCOUNT_SALTS, INITIAL_TEST_SECRET_KEYS } from './configuration.js';
22
21
 
23
22
  /** Derives the account contract address for the given type */
24
- function getTestAccountAddress(type: InitialAccountType, secret: Fr, salt: Fr, signingKey?: GrumpkinScalar) {
23
+ function getTestAccountAddress(type: InitialAccountType, signingKey: GrumpkinScalar, salt: Fr, secret?: Fr) {
25
24
  return type === 'schnorr'
26
- ? getSchnorrAccountContractAddress(secret, salt, signingKey)
27
- : getSchnorrInitializerlessAccountContractAddress(secret, salt, signingKey);
25
+ ? getSchnorrAccountContractAddress(signingKey, salt, secret)
26
+ : getSchnorrInitializerlessAccountContractAddress(signingKey, salt, secret);
28
27
  }
29
28
 
30
29
  /**
@@ -34,13 +33,13 @@ export function getInitialTestAccountsData(): Promise<InitialAccountData[]> {
34
33
  return Promise.all(
35
34
  INITIAL_TEST_SECRET_KEYS.map(async (secret, i) => ({
36
35
  secret,
37
- signingKey: INITIAL_TEST_ENCRYPTION_KEYS[i],
36
+ signingKey: INITIAL_TEST_SIGNING_KEYS[i],
38
37
  salt: INITIAL_TEST_ACCOUNT_SALTS[i],
39
38
  type: 'schnorr_initializerless' as const,
40
39
  address: await getSchnorrInitializerlessAccountContractAddress(
41
- secret,
42
- INITIAL_TEST_ACCOUNT_SALTS[i],
43
40
  INITIAL_TEST_SIGNING_KEYS[i],
41
+ INITIAL_TEST_ACCOUNT_SALTS[i],
42
+ secret,
44
43
  ),
45
44
  })),
46
45
  );
@@ -53,16 +52,17 @@ export async function generateSchnorrAccounts(
53
52
  numberOfAccounts: number,
54
53
  type: InitialAccountType = 'schnorr_initializerless',
55
54
  ): Promise<InitialAccountData[]> {
56
- const secrets = Array.from({ length: numberOfAccounts }, () => Fr.random());
55
+ const signingKeys = Array.from({ length: numberOfAccounts }, () => GrumpkinScalar.random());
57
56
  return await Promise.all(
58
- secrets.map(async secret => {
57
+ signingKeys.map(async signingKey => {
59
58
  const salt = Fr.random();
59
+ const secret = await deriveSecretKeyFromSigningKey(signingKey);
60
60
  return {
61
61
  secret,
62
- signingKey: deriveSigningKey(secret),
62
+ signingKey,
63
63
  salt,
64
64
  type,
65
- address: await getTestAccountAddress(type, secret, salt),
65
+ address: await getTestAccountAddress(type, signingKey, salt, secret),
66
66
  };
67
67
  }),
68
68
  );
@@ -1 +1,2 @@
1
+ export * from './key_derivation.js';
1
2
  export * from './ssh_agent.js';
@@ -0,0 +1,15 @@
1
+ import { poseidon2Hash } from '@aztec/foundation/crypto/poseidon';
2
+ import { sha256ToField } from '@aztec/foundation/crypto/sha256';
3
+ import type { Fr } from '@aztec/foundation/curves/bn254';
4
+ import type { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
5
+
6
+ const SIGNING_KEY_TO_SECRET_KEY_SEPARATOR = sha256ToField([Buffer.from('@aztec/accounts/signing_key_to_secret_key')]);
7
+
8
+ /**
9
+ * Derives the privacy secret key (the seed for the viewing/nullifier keyset that PXE holds) from the account's signing
10
+ * key. The signing key is the ownership root the user controls; the privacy keyset hangs off it through this one-way
11
+ * hash, so a value handled by PXE can never be used to recover the signing key.
12
+ */
13
+ export function deriveSecretKeyFromSigningKey(signingKey: GrumpkinScalar): Promise<Fr> {
14
+ return poseidon2Hash([SIGNING_KEY_TO_SECRET_KEY_SEPARATOR, signingKey.hi, signingKey.lo]);
15
+ }