@aztec/foundation 0.0.0-test.1 → 0.0.1-commit.1142ef1

package/dest/crypto/bls/bn254_keystore.js

@@ -0,0 +1,218 @@
+import { randomBytes } from '@aztec/foundation/crypto/random';
+import { createCipheriv, createDecipheriv, createHash, pbkdf2Sync, randomUUID } from 'crypto';
+import { readFileSync } from 'fs';
+import { z } from 'zod';
+/**
+ * BN254 Keystore Format
+ *
+ * Implements encryption and decryption of keystores for BN254 BLS private keys
+ * using PBKDF2 and AES-128-CTR. This format is inspired by EIP-2335 but adapted
+ * for BN254 keys rather than BLS12-381.
+ *
+ * @see https://eips.ethereum.org/EIPS/eip-2335
+ */ /**
+ * Zod schema for validating BN254 keystore structure
+ */ const bn254KeystoreSchema = z.object({
+    crypto: z.object({
+        kdf: z.object({
+            function: z.literal('pbkdf2'),
+            params: z.object({
+                dklen: z.number(),
+                c: z.number(),
+                prf: z.string(),
+                salt: z.string()
+            }),
+            message: z.string()
+        }),
+        checksum: z.object({
+            function: z.literal('sha256'),
+            params: z.object({}),
+            message: z.string()
+        }),
+        cipher: z.object({
+            function: z.literal('aes-128-ctr'),
+            params: z.object({
+                iv: z.string()
+            }),
+            message: z.string()
+        })
+    }),
+    description: z.string().optional(),
+    pubkey: z.string(),
+    path: z.string(),
+    uuid: z.string(),
+    version: z.number()
+});
+/**
+ * Error thrown when BN254 keystore operations fail
+ */ export class Bn254KeystoreError extends Error {
+    cause;
+    constructor(message, cause){
+        super(message), this.cause = cause;
+        this.name = 'Bn254KeystoreError';
+    }
+}
+/**
+ * Creates a BN254 keystore object for a BN254 BLS private key.
+ *
+ * Uses PBKDF2 with SHA-256 for key derivation and AES-128-CTR for encryption,
+ * following the EIP-2335 specification format.
+ *
+ * @param password - Password for encrypting the private key
+ * @param privateKeyHex - Private key as 0x-prefixed hex string (32 bytes)
+ * @param pubkeyHex - Public key as hex string (compressed or uncompressed)
+ * @param derivationPath - BIP-44 style derivation path (e.g., "m/12381/3600/0/0/0")
+ * @returns BN254 keystore object ready to be serialized to JSON
+ * @throws Error if private key is not 32-byte hex
+ */ export function createBn254Keystore(password, privateKeyHex, pubkeyHex, derivationPath) {
+    const ensureHex = (hex)=>hex.replace(/^0x/i, '');
+    const privHex = ensureHex(privateKeyHex);
+    if (!/^[0-9a-fA-F]{64}$/.test(privHex)) {
+        throw new Error('BLS private key must be 32-byte hex');
+    }
+    const salt = randomBytes(32);
+    const iv = randomBytes(16);
+    const dk = pbkdf2Sync(Buffer.from(password.normalize('NFKD'), 'utf8'), salt, 262144, 32, 'sha256');
+    const cipherKey = dk.subarray(0, 16);
+    const cipher = createCipheriv('aes-128-ctr', cipherKey, iv);
+    const plaintext = Buffer.from(privHex, 'hex');
+    const ciphertext = Buffer.concat([
+        cipher.update(plaintext),
+        cipher.final()
+    ]);
+    const checksum = createHash('sha256').update(Buffer.concat([
+        dk.subarray(16, 32),
+        ciphertext
+    ])).digest();
+    const uuid = randomUUID();
+    return {
+        crypto: {
+            kdf: {
+                function: 'pbkdf2',
+                params: {
+                    dklen: 32,
+                    c: 262144,
+                    prf: 'hmac-sha256',
+                    salt: salt.toString('hex')
+                },
+                message: ''
+            },
+            checksum: {
+                function: 'sha256',
+                params: {},
+                message: checksum.toString('hex')
+            },
+            cipher: {
+                function: 'aes-128-ctr',
+                params: {
+                    iv: iv.toString('hex')
+                },
+                message: ciphertext.toString('hex')
+            }
+        },
+        description: ensureHex(pubkeyHex),
+        pubkey: pubkeyHex,
+        path: derivationPath ?? '',
+        uuid,
+        version: 4
+    };
+}
+/**
+ * Loads and validates a BN254 keystore file.
+ *
+ * @param filePath - Path to the BN254 keystore JSON file
+ * @returns Validated keystore object
+ * @throws Bn254KeystoreError if file cannot be read or validated
+ */ export function loadBn254Keystore(filePath) {
+    try {
+        const content = readFileSync(filePath, 'utf-8');
+        const json = JSON.parse(content);
+        return bn254KeystoreSchema.parse(json);
+    } catch (error) {
+        if (error instanceof SyntaxError) {
+            throw new Bn254KeystoreError(`Invalid JSON in keystore file: ${filePath}`, error);
+        }
+        if (error && typeof error === 'object' && 'issues' in error) {
+            const issues = error.issues ?? [];
+            const message = issues.map((e)=>`${e.message} at ${e.path?.join('.') ?? 'root'}`).join('; ');
+            throw new Bn254KeystoreError(`Invalid BN254 keystore format: ${message}`);
+        }
+        throw new Bn254KeystoreError(`Failed to load keystore from ${filePath}: ${String(error)}`, error);
+    }
+}
+/**
+ * Decrypts a BN254 BLS private key from a keystore file.
+ *
+ * @param filePath - Path to the BN254 keystore JSON file
+ * @param password - Password to decrypt the keystore
+ * @returns Decrypted private key as 0x-prefixed hex string (32 bytes)
+ * @throws Bn254KeystoreError if decryption fails or checksum is invalid
+ */ export function decryptBn254Keystore(filePath, password) {
+    const keystore = loadBn254Keystore(filePath);
+    return decryptBn254KeystoreFromObject(keystore, password);
+}
+/**
+ * Decrypts a BN254 BLS private key from a keystore object.
+ *
+ * @param keystore - BN254 keystore object
+ * @param password - Password to decrypt the keystore
+ * @returns Decrypted private key as 0x-prefixed hex string (32 bytes)
+ * @throws Bn254KeystoreError if decryption fails or checksum is invalid
+ */ export function decryptBn254KeystoreFromObject(keystore, password) {
+    try {
+        const { crypto } = keystore;
+        // Only support PBKDF2 + AES-128-CTR (as per our implementation)
+        if (crypto.kdf.function !== 'pbkdf2') {
+            throw new Bn254KeystoreError(`Unsupported KDF function: ${crypto.kdf.function}`);
+        }
+        if (crypto.cipher.function !== 'aes-128-ctr') {
+            throw new Bn254KeystoreError(`Unsupported cipher function: ${crypto.cipher.function}`);
+        }
+        // Derive decryption key using PBKDF2
+        const salt = Buffer.from(crypto.kdf.params.salt, 'hex');
+        const dk = pbkdf2Sync(Buffer.from(password.normalize('NFKD'), 'utf8'), salt, crypto.kdf.params.c, crypto.kdf.params.dklen, 'sha256');
+        const cipherKey = dk.subarray(0, 16);
+        const checksumKey = dk.subarray(16, 32);
+        // Decrypt the ciphertext
+        const iv = Buffer.from(crypto.cipher.params.iv, 'hex');
+        const ciphertext = Buffer.from(crypto.cipher.message, 'hex');
+        const decipher = createDecipheriv('aes-128-ctr', cipherKey, iv);
+        const decrypted = Buffer.concat([
+            decipher.update(ciphertext),
+            decipher.final()
+        ]);
+        // Verify checksum
+        const computedChecksum = createHash('sha256').update(Buffer.concat([
+            checksumKey,
+            ciphertext
+        ])).digest();
+        const expectedChecksum = Buffer.from(crypto.checksum.message, 'hex');
+        if (!computedChecksum.equals(expectedChecksum)) {
+            throw new Bn254KeystoreError('Checksum verification failed - incorrect password or corrupted keystore');
+        }
+        // Return as 0x-prefixed hex
+        return '0x' + decrypted.toString('hex');
+    } catch (error) {
+        if (error instanceof Bn254KeystoreError) {
+            throw error;
+        }
+        throw new Bn254KeystoreError(`Failed to decrypt keystore: ${String(error)}`, error);
+    }
+}
+/**
+ * Validates that a decrypted private key matches the public key in the keystore.
+ *
+ * @param privateKeyHex - Decrypted private key (0x-prefixed)
+ * @param expectedPubkey - Expected public key from keystore
+ * @param computePublicKey - Function to compute public key from private key
+ * @returns true if keys match, false otherwise
+ */ export function verifyBn254Keypair(privateKeyHex, expectedPubkey, computePublicKey) {
+    try {
+        const computedPubkey = computePublicKey(privateKeyHex);
+        const normalizedExpected = expectedPubkey.toLowerCase().replace(/^0x/i, '');
+        const normalizedComputed = computedPubkey.toLowerCase().replace(/^0x/i, '');
+        return normalizedExpected === normalizedComputed;
+    } catch  {
+        return false;
+    }
+}

package/dest/crypto/bls/index.d.ts

@@ -0,0 +1,13 @@
+import type { Hex } from '@aztec/foundation/string';
+export declare function deriveBlsPrivateKey(mnemonic: string | undefined, ikm: string | undefined, path: string): Hex<32>;
+/**
+ * Deterministically derive a BN254 BLS private key from mnemonic and derivation path.
+ * Returns a 0x-prefixed 32-byte hex string representing an Fr in [1, r-1].
+ */
+export declare function deriveBlsKeyFromMnemonic(mnemonic: string, derivationPath: string, passphrase?: string): string;
+/**
+ * Deterministically derive a BN254 BLS private key from input keying material (IKM) and derivation path.
+ * Returns a 0x-prefixed 32-byte hex string representing an Fr in [1, r-1].
+ */
+export declare function deriveBlsKeyFromEntropy(ikm: string, derivationPath: string): string;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vYmxzL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sS0FBSyxFQUFFLEdBQUcsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBUXBELHdCQUFnQixtQkFBbUIsQ0FBQyxRQUFRLEVBQUUsTUFBTSxHQUFHLFNBQVMsRUFBRSxHQUFHLEVBQUUsTUFBTSxHQUFHLFNBQVMsRUFBRSxJQUFJLEVBQUUsTUFBTSxHQUFHLEdBQUcsQ0FBQyxFQUFFLENBQUMsQ0FRaEg7QUFFRDs7O0dBR0c7QUFDSCx3QkFBZ0Isd0JBQXdCLENBQUMsUUFBUSxFQUFFLE1BQU0sRUFBRSxjQUFjLEVBQUUsTUFBTSxFQUFFLFVBQVUsU0FBSyxHQUFHLE1BQU0sQ0FLMUc7QUFFRDs7O0dBR0c7QUFDSCx3QkFBZ0IsdUJBQXVCLENBQUMsR0FBRyxFQUFFLE1BQU0sRUFBRSxjQUFjLEVBQUUsTUFBTSxHQUFHLE1BQU0sQ0FLbkYifQ==

package/dest/crypto/bls/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/bls/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,0BAA0B,CAAC;AAQpD,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,SAAS,EAAE,GAAG,EAAE,MAAM,GAAG,SAAS,EAAE,IAAI,EAAE,MAAM,GAAG,GAAG,CAAC,EAAE,CAAC,CAQhH;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,UAAU,SAAK,GAAG,MAAM,CAK1G;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,MAAM,CAKnF"}

package/dest/crypto/bls/index.js

@@ -0,0 +1,87 @@
+import { Fr } from '@aztec/foundation/curves/bn254';
+import { mod } from '@noble/curves/abstract/modular';
+import { bytesToNumberBE } from '@noble/curves/abstract/utils';
+import { hmac } from '@noble/hashes/hmac';
+import { sha512 } from '@noble/hashes/sha2';
+import { mnemonicToSeedSync } from '@scure/bip39';
+export function deriveBlsPrivateKey(mnemonic, ikm, path) {
+    if (ikm) {
+        return deriveBlsKeyFromEntropy(ikm, path);
+    }
+    if (!mnemonic) {
+        throw new Error('Either mnemonic or ikm must be provided for BLS derivation');
+    }
+    return deriveBlsKeyFromMnemonic(mnemonic, path);
+}
+/**
+ * Deterministically derive a BN254 BLS private key from mnemonic and derivation path.
+ * Returns a 0x-prefixed 32-byte hex string representing an Fr in [1, r-1].
+ */ export function deriveBlsKeyFromMnemonic(mnemonic, derivationPath, passphrase = '') {
+    const seed = Buffer.from(mnemonicToSeedSync(mnemonic, passphrase)); // 64 bytes
+    const data = Buffer.concat([
+        Buffer.from([
+            0x00
+        ]),
+        seed,
+        Buffer.from(derivationPath, 'utf8')
+    ]);
+    const sk = deriveBn254ScalarFromData(data);
+    return `0x${toFixed32(sk).toString('hex')}`;
+}
+/**
+ * Deterministically derive a BN254 BLS private key from input keying material (IKM) and derivation path.
+ * Returns a 0x-prefixed 32-byte hex string representing an Fr in [1, r-1].
+ */ export function deriveBlsKeyFromEntropy(ikm, derivationPath) {
+    const ikmBytes = parseIkm(ikm);
+    const data = Buffer.concat([
+        Buffer.from([
+            0x01
+        ]),
+        ikmBytes,
+        Buffer.from(derivationPath, 'utf8')
+    ]);
+    const sk = deriveBn254ScalarFromData(data);
+    return `0x${toFixed32(sk).toString('hex')}`;
+}
+function deriveBn254ScalarFromData(data) {
+    // Domain-separated HMAC-SHA512, then map to BN254 Fr using noble modular math. Retry on zero.
+    const domainKey = Buffer.from('Aztec bn254 key', 'utf8');
+    for(let counter = 0;; counter = counter + 1 & 0xff){
+        const msg = counter === 0 ? data : Buffer.concat([
+            data,
+            Buffer.from([
+                counter
+            ])
+        ]);
+        const digest = hmac(sha512, domainKey, msg); // 64 bytes
+        const x = bytesToNumberBE(digest);
+        const sk = mod(x, Fr.MODULUS);
+        if (sk !== 0n) {
+            return sk;
+        }
+    }
+}
+function parseIkm(ikm) {
+    const hexMatch = ikm.replace(/^0x/i, '');
+    if (/^[0-9a-fA-F]+$/.test(hexMatch) && hexMatch.length >= 2) {
+        const normalized = hexMatch.length % 2 === 1 ? `0${hexMatch}` : hexMatch;
+        return Buffer.from(normalized, 'hex');
+    }
+    return Buffer.from(ikm, 'utf8');
+}
+function toFixed32(x) {
+    const hex = x.toString(16);
+    const padded = hex.length % 2 === 1 ? `0${hex}` : hex;
+    const buf = Buffer.from(padded, 'hex');
+    if (buf.length === 32) {
+        return buf;
+    }
+    if (buf.length < 32) {
+        return Buffer.concat([
+            Buffer.alloc(32 - buf.length, 0),
+            buf
+        ]);
+    }
+    // Should never happen since x < bn254.Fr.ORDER < 2^256, but guard anyway
+    return buf.subarray(buf.length - 32);
+}

package/dest/crypto/bn254/index.d.ts

@@ -0,0 +1,39 @@
+/**
+ * BN254 utility functions for point operations.
+ * Provides compression, decompression, and public key generation for the BN254 curve.
+ * Uses the bb.js Barretenberg backend for point operations.
+ */
+/**
+ * Generate a compressed BN254 G1 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns Compressed G1 point (32 bytes with sign bit in MSB)
+ */
+export declare function computeBn254G1PublicKeyCompressed(privateKeyHex: string): Promise<string>;
+/**
+ * Generate uncompressed BN254 G1 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns G1 point in affine coordinates
+ */
+export declare function computeBn254G1PublicKey(privateKeyHex: string): Promise<{
+    x: bigint;
+    y: bigint;
+}>;
+/**
+ * Generate BN254 G2 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns G2 point in affine coordinates
+ */
+export declare function computeBn254G2PublicKey(privateKeyHex: string): Promise<{
+    x: {
+        c0: bigint;
+        c1: bigint;
+    };
+    y: {
+        c0: bigint;
+        c1: bigint;
+    };
+}>;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vYm4yNTQvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBR0E7Ozs7R0FJRztBQUVIOzs7OztHQUtHO0FBQ0gsd0JBQXNCLGlDQUFpQyxDQUFDLGFBQWEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxDQVU5RjtBQUVEOzs7OztHQUtHO0FBQ0gsd0JBQXNCLHVCQUF1QixDQUFDLGFBQWEsRUFBRSxNQUFNLEdBQUcsT0FBTyxDQUFDO0lBQUUsQ0FBQyxFQUFFLE1BQU0sQ0FBQztJQUFDLENBQUMsRUFBRSxNQUFNLENBQUE7Q0FBRSxDQUFDLENBUXRHO0FBRUQ7Ozs7O0dBS0c7QUFDSCx3QkFBc0IsdUJBQXVCLENBQUMsYUFBYSxFQUFFLE1BQU0sR0FBRyxPQUFPLENBQUM7SUFDNUUsQ0FBQyxFQUFFO1FBQUUsRUFBRSxFQUFFLE1BQU0sQ0FBQztRQUFDLEVBQUUsRUFBRSxNQUFNLENBQUE7S0FBRSxDQUFDO0lBQzlCLENBQUMsRUFBRTtRQUFFLEVBQUUsRUFBRSxNQUFNLENBQUM7UUFBQyxFQUFFLEVBQUUsTUFBTSxDQUFBO0tBQUUsQ0FBQztDQUMvQixDQUFDLENBV0QifQ==

package/dest/crypto/bn254/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/bn254/index.ts"],"names":[],"mappings":"AAGA;;;;GAIG;AAEH;;;;;GAKG;AACH,wBAAsB,iCAAiC,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAU9F;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,CAAC,EAAE,MAAM,CAAC;IAAC,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAQtG;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC;IAC5E,CAAC,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9B,CAAC,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,EAAE,EAAE,MAAM,CAAA;KAAE,CAAC;CAC/B,CAAC,CAWD"}

package/dest/crypto/bn254/index.js

@@ -0,0 +1,56 @@
+import { Fr } from '../../curves/bn254/field.js';
+import { Bn254G1Point, Bn254G2Point } from '../../curves/bn254/point.js';
+/**
+ * BN254 utility functions for point operations.
+ * Provides compression, decompression, and public key generation for the BN254 curve.
+ * Uses the bb.js Barretenberg backend for point operations.
+ */ /**
+ * Generate a compressed BN254 G1 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns Compressed G1 point (32 bytes with sign bit in MSB)
+ */ export async function computeBn254G1PublicKeyCompressed(privateKeyHex) {
+    const sk = BigInt(privateKeyHex);
+    const skReduced = sk % Fr.MODULUS;
+    // Generate G1 point on BN254 curve using bb.js
+    const scalar = Fr.fromString(skReduced.toString());
+    const pk1 = await Bn254G1Point.generator(scalar);
+    // Compress the point using the primitive method
+    return '0x' + pk1.compress().toString('hex');
+}
+/**
+ * Generate uncompressed BN254 G1 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns G1 point in affine coordinates
+ */ export async function computeBn254G1PublicKey(privateKeyHex) {
+    const sk = BigInt(privateKeyHex);
+    const skReduced = sk % Fr.MODULUS;
+    const scalar = Fr.fromString(skReduced.toString());
+    const pk1 = await Bn254G1Point.generator(scalar);
+    return {
+        x: pk1.x.toBigInt(),
+        y: pk1.y.toBigInt()
+    };
+}
+/**
+ * Generate BN254 G2 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns G2 point in affine coordinates
+ */ export async function computeBn254G2PublicKey(privateKeyHex) {
+    const sk = BigInt(privateKeyHex);
+    const skReduced = sk % Fr.MODULUS;
+    const scalar = Fr.fromString(skReduced.toString());
+    const pk2 = await Bn254G2Point.generator(scalar);
+    return {
+        x: {
+            c0: pk2.x[0].toBigInt(),
+            c1: pk2.x[1].toBigInt()
+        },
+        y: {
+            c0: pk2.y[0].toBigInt(),
+            c1: pk2.y[1].toBigInt()
+        }
+    };
+}

package/dest/crypto/ecdsa/index.d.ts

@@ -1,5 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node" resolution-mode="require"/>
 import { EcdsaSignature } from './signature.js';
 export * from './signature.js';
 /**
@@ -7,6 +5,8 @@ export * from './signature.js';
  * TODO: Replace with codegen api on bb.js.
  */
 export declare class Ecdsa {
+    private curve;
+    constructor(curve?: 'secp256k1' | 'secp256r1');
     /**
      * Computes a secp256k1 public key from a private key.
      * @param privateKey - Secp256k1 private key.
@@ -36,4 +36,4 @@ export declare class Ecdsa {
      */
     verifySignature(msg: Uint8Array, pubKey: Buffer, sig: EcdsaSignature): Promise<boolean>;
 }
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vZWNkc2EvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBRUEsT0FBTyxFQUFFLGNBQWMsRUFBRSxNQUFNLGdCQUFnQixDQUFDO0FBRWhELGNBQWMsZ0JBQWdCLENBQUM7QUFFL0I7OztHQUdHO0FBQ0gscUJBQWEsS0FBSztJQUNKLE9BQU8sQ0FBQyxLQUFLO0lBQXpCLFlBQW9CLEtBQUssR0FBRSxXQUFXLEdBQUcsV0FBeUIsRUFBSTtJQUN0RTs7OztPQUlHO0lBQ1UsZ0JBQWdCLENBQUMsVUFBVSxFQUFFLE1BQU0sR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLENBUWpFO0lBRUQ7Ozs7O09BS0c7SUFDVSxrQkFBa0IsQ0FBQyxHQUFHLEVBQUUsVUFBVSxFQUFFLFVBQVUsRUFBRSxNQUFNLDJCQVFsRTtJQUVEOzs7OztPQUtHO0lBQ1UsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLFVBQVUsRUFBRSxHQUFHLEVBQUUsY0FBYyxHQUFHLE9BQU8sQ0FBQyxNQUFNLENBQUMsQ0FRbkY7SUFFRDs7Ozs7O09BTUc7SUFDVSxlQUFlLENBQUMsR0FBRyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLEdBQUcsRUFBRSxjQUFjLG9CQW9CaEY7Q0FDRiJ9

package/dest/crypto/ecdsa/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/ecdsa/index.ts"],"names":[],"mappings":";;AAIA,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEhD,cAAc,gBAAgB,CAAC;AAE/B;;;GAGG;AACH,qBAAa,KAAK;IAChB;;;;OAIG;IACU,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAMlE;;;;;OAKG;IACU,kBAAkB,CAAC,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM;IASnE;;;;;OAKG;IACU,gBAAgB,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC;IASpF;;;;;;OAMG;IACU,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,cAAc;CAQlF"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/ecdsa/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEhD,cAAc,gBAAgB,CAAC;AAE/B;;;GAGG;AACH,qBAAa,KAAK;IACJ,OAAO,CAAC,KAAK;IAAzB,YAAoB,KAAK,GAAE,WAAW,GAAG,WAAyB,EAAI;IACtE;;;;OAIG;IACU,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAQjE;IAED;;;;;OAKG;IACU,kBAAkB,CAAC,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,2BAQlE;IAED;;;;;OAKG;IACU,gBAAgB,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,CAQnF;IAED;;;;;;OAMG;IACU,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,cAAc,oBAoBhF;CACF"}

package/dest/crypto/ecdsa/index.js

@@ -1,24 +1,30 @@
 import { BarretenbergSync } from '@aztec/bb.js';
-import { numToInt32BE } from '@aztec/foundation/serialize';
-import { concatenateUint8Arrays } from '../serialize.js';
 import { EcdsaSignature } from './signature.js';
 export * from './signature.js';
 /**
  * ECDSA signature construction and helper operations.
  * TODO: Replace with codegen api on bb.js.
  */ export class Ecdsa {
+    curve;
+    constructor(curve = 'secp256k1'){
+        this.curve = curve;
+    }
     /**
    * Computes a secp256k1 public key from a private key.
    * @param privateKey - Secp256k1 private key.
    * @returns A secp256k1 public key.
    */ async computePublicKey(privateKey) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const [result] = api.getWasm().callWasmExport('ecdsa__compute_public_key', [
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = this.curve === 'secp256r1' ? api.ecdsaSecp256r1ComputePublicKey({
+            privateKey
+        }) : api.ecdsaSecp256k1ComputePublicKey({
             privateKey
-        ], [
-            64
+        });
+        return Buffer.concat([
+            Buffer.from(response.publicKey.x),
+            Buffer.from(response.publicKey.y)
         ]);
-        return Buffer.from(result);
     }
     /**
    * Constructs an ECDSA signature given a msg and a private key.
@@ -26,20 +32,18 @@ export * from './signature.js';
    * @param privateKey - The secp256k1 private key of the signer.
    * @returns An ECDSA signature of the form (r, s, v).
    */ async constructSignature(msg, privateKey) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const messageArray = concatenateUint8Arrays([
-            numToInt32BE(msg.length),
-            msg
-        ]);
-        const [r, s, v] = api.getWasm().callWasmExport('ecdsa__construct_signature_', [
-            messageArray,
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = this.curve === 'secp256r1' ? api.ecdsaSecp256r1ConstructSignature({
+            message: msg,
             privateKey
-        ], [
-            32,
-            32,
-            1
-        ]);
-        return new EcdsaSignature(Buffer.from(r), Buffer.from(s), Buffer.from(v));
+        }) : api.ecdsaSecp256k1ConstructSignature({
+            message: msg,
+            privateKey
+        });
+        return new EcdsaSignature(Buffer.from(response.r), Buffer.from(response.s), Buffer.from([
+            response.v
+        ]));
     }
     /**
    * Recovers a secp256k1 public key from an ECDSA signature (similar to ecrecover).
@@ -47,20 +51,23 @@ export * from './signature.js';
    * @param sig - The ECDSA signature.
    * @returns The secp256k1 public key of the signer.
    */ async recoverPublicKey(msg, sig) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const messageArray = concatenateUint8Arrays([
-            numToInt32BE(msg.length),
-            msg
-        ]);
-        const [result] = api.getWasm().callWasmExport('ecdsa__recover_public_key_from_signature_', [
-            messageArray,
-            sig.r,
-            sig.s,
-            sig.v
-        ], [
-            64
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = this.curve === 'secp256r1' ? api.ecdsaSecp256r1RecoverPublicKey({
+            message: msg,
+            r: sig.r,
+            s: sig.s,
+            v: sig.v[0]
+        }) : api.ecdsaSecp256k1RecoverPublicKey({
+            message: msg,
+            r: sig.r,
+            s: sig.s,
+            v: sig.v[0]
+        });
+        return Buffer.concat([
+            Buffer.from(response.publicKey.x),
+            Buffer.from(response.publicKey.y)
         ]);
-        return Buffer.from(result);
     }
     /**
    * Verifies and ECDSA signature given a secp256k1 public key.
@@ -69,20 +76,27 @@ export * from './signature.js';
    * @param sig - The ECDSA signature.
    * @returns True or false.
    */ async verifySignature(msg, pubKey, sig) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const messageArray = concatenateUint8Arrays([
-            numToInt32BE(msg.length),
-            msg
-        ]);
-        const [result] = api.getWasm().callWasmExport('ecdsa__verify_signature_', [
-            messageArray,
-            pubKey,
-            sig.r,
-            sig.s,
-            sig.v
-        ], [
-            1
-        ]);
-        return result[0] === 1;
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = this.curve === 'secp256r1' ? api.ecdsaSecp256r1VerifySignature({
+            message: msg,
+            publicKey: {
+                x: pubKey.subarray(0, 32),
+                y: pubKey.subarray(32, 64)
+            },
+            r: sig.r,
+            s: sig.s,
+            v: sig.v[0]
+        }) : api.ecdsaSecp256k1VerifySignature({
+            message: msg,
+            publicKey: {
+                x: pubKey.subarray(0, 32),
+                y: pubKey.subarray(32, 64)
+            },
+            r: sig.r,
+            s: sig.s,
+            v: sig.v[0]
+        });
+        return response.verified;
     }
 }

package/dest/crypto/ecdsa/signature.d.ts

@@ -1,23 +1,12 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node" resolution-mode="require"/>
-import { Fr } from '@aztec/foundation/fields';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import type { Signature } from '../signature/index.js';
 /**
  * ECDSA signature used for transactions.
  * @see cpp/barretenberg/cpp/src/barretenberg/crypto/ecdsa/ecdsa.hpp
  */
 export declare class EcdsaSignature implements Signature {
-    /**
-     * The r byte-array (32 bytes) in an ECDSA signature.
-     */
     r: Buffer;
-    /**
-     * The s byte-array (32 bytes) in an ECDSA signature.
-     */
     s: Buffer;
-    /**
-     * The recovery id (1 byte) in an ECDSA signature.
-     */
     v: Buffer;
     constructor(
     /**
@@ -36,7 +25,7 @@ export declare class EcdsaSignature implements Signature {
      * Converts an ECDSA signature to a buffer.
      * @returns A buffer.
      */
-    toBuffer(): Buffer;
+    toBuffer(): Buffer<ArrayBuffer>;
     /**
      * Deserializes the signature from a buffer.
      * @param buffer - The buffer from which to deserialize the signature.
@@ -68,4 +57,4 @@ export declare class EcdsaSignature implements Signature {
      */
     toFields(includeV?: boolean): Fr[];
 }
-//# sourceMappingURL=signature.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmF0dXJlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY3J5cHRvL2VjZHNhL3NpZ25hdHVyZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFFQSxPQUFPLEVBQUUsRUFBRSxFQUFFLE1BQU0sZ0NBQWdDLENBQUM7QUFHcEQsT0FBTyxLQUFLLEVBQUUsU0FBUyxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFFdkQ7OztHQUdHO0FBQ0gscUJBQWEsY0FBZSxZQUFXLFNBQVM7SUFLckMsQ0FBQyxFQUFFLE1BQU07SUFJVCxDQUFDLEVBQUUsTUFBTTtJQUlULENBQUMsRUFBRSxNQUFNO0lBWmxCO0lBQ0U7O09BRUc7SUFDSSxDQUFDLEVBQUUsTUFBTTtJQUNoQjs7T0FFRztJQUNJLENBQUMsRUFBRSxNQUFNO0lBQ2hCOztPQUVHO0lBQ0ksQ0FBQyxFQUFFLE1BQU0sRUFXakI7SUFFRDs7O09BR0c7SUFDSCxRQUFRLHdCQUVQO0lBRUQ7Ozs7T0FJRztJQUNILE9BQWMsVUFBVSxDQUFDLE1BQU0sRUFBRSxNQUFNLGtCQUV0QztJQUVEOzs7Ozs7T0FNRztJQUNILE9BQWMsV0FBVyxDQUFDLENBQUMsRUFBRSxNQUFNLEVBQUUsQ0FBQyxFQUFFLE1BQU0sRUFBRSxDQUFDLEVBQUUsTUFBTSxrQkFFeEQ7SUFFRDs7O09BR0c7SUFDSCxPQUFjLE1BQU0sbUJBRW5CO0lBRUQ7OztPQUdHO0lBQ0gsUUFBUSxXQUVQO0lBRUQ7Ozs7T0FJRztJQUNILFFBQVEsQ0FBQyxRQUFRLFVBQVEsR0FBRyxFQUFFLEVBQUUsQ0FZL0I7Q0FDRiJ9

package/dest/crypto/ecdsa/signature.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"signature.d.ts","sourceRoot":"","sources":["../../../src/crypto/ecdsa/signature.ts"],"names":[],"mappings":";;AAEA,OAAO,EAAE,EAAE,EAAE,MAAM,0BAA0B,CAAC;AAG9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;GAGG;AACH,qBAAa,cAAe,YAAW,SAAS;IAE5C;;OAEG;IACI,CAAC,EAAE,MAAM;IAChB;;OAEG;IACI,CAAC,EAAE,MAAM;IAChB;;OAEG;IACI,CAAC,EAAE,MAAM;;IAXhB;;OAEG;IACI,CAAC,EAAE,MAAM;IAChB;;OAEG;IACI,CAAC,EAAE,MAAM;IAChB;;OAEG;IACI,CAAC,EAAE,MAAM;IAalB;;;OAGG;IACH,QAAQ;IAIR;;;;OAIG;WACW,UAAU,CAAC,MAAM,EAAE,MAAM;IAIvC;;;;;;OAMG;WACW,WAAW,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM;IAIzD;;;OAGG;WACW,MAAM;IAIpB;;;OAGG;IACH,QAAQ;IAIR;;;;OAIG;IACH,QAAQ,CAAC,QAAQ,UAAQ,GAAG,EAAE,EAAE;CAajC"}
+{"version":3,"file":"signature.d.ts","sourceRoot":"","sources":["../../../src/crypto/ecdsa/signature.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AAGpD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;GAGG;AACH,qBAAa,cAAe,YAAW,SAAS;IAKrC,CAAC,EAAE,MAAM;IAIT,CAAC,EAAE,MAAM;IAIT,CAAC,EAAE,MAAM;IAZlB;IACE;;OAEG;IACI,CAAC,EAAE,MAAM;IAChB;;OAEG;IACI,CAAC,EAAE,MAAM;IAChB;;OAEG;IACI,CAAC,EAAE,MAAM,EAWjB;IAED;;;OAGG;IACH,QAAQ,wBAEP;IAED;;;;OAIG;IACH,OAAc,UAAU,CAAC,MAAM,EAAE,MAAM,kBAEtC;IAED;;;;;;OAMG;IACH,OAAc,WAAW,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,kBAExD;IAED;;;OAGG;IACH,OAAc,MAAM,mBAEnB;IAED;;;OAGG;IACH,QAAQ,WAEP;IAED;;;;OAIG;IACH,QAAQ,CAAC,QAAQ,UAAQ,GAAG,EAAE,EAAE,CAY/B;CACF"}

package/dest/crypto/ecdsa/signature.js

@@ -1,6 +1,6 @@
 import { toBufferBE } from '@aztec/foundation/bigint-buffer';
-import { randomBytes } from '@aztec/foundation/crypto';
-import { Fr } from '@aztec/foundation/fields';
+import { randomBytes } from '@aztec/foundation/crypto/random';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import { mapTuple } from '@aztec/foundation/serialize';
 /**
  * ECDSA signature used for transactions.