@aztec/foundation 0.0.0-test.1 → 0.0.1-commit.5476d83

package/dest/fields/bls12_point.d.ts

@@ -0,0 +1,220 @@
+import type { ProjPointType } from '@noble/curves/abstract/weierstrass';
+import { inspect } from 'util';
+import { BufferReader } from '../serialize/index.js';
+import { BLS12Fq, BLS12Fr } from './bls12_fields.js';
+import { Fr } from './fields.js';
+/**
+ * Represents a Point on an elliptic curve with x and y coordinates.
+ * The Point class provides methods for creating instances from different input types,
+ * converting instances to various output formats, and checking the equality of points.
+ * TODO(#7386): Clean up this class.
+ */
+export declare class BLS12Point {
+    readonly x: BLS12Fq;
+    readonly y: BLS12Fq;
+    readonly isInfinite: boolean;
+    static ZERO: BLS12Point;
+    static ONE: BLS12Point;
+    static SIZE_IN_BYTES: number;
+    static COMPRESSED_SIZE_IN_BYTES: number;
+    static COMPRESSED_ZERO: Buffer<ArrayBufferLike>;
+    constructor(
+    /**
+     * The point's x coordinate
+     */
+    x: BLS12Fq, 
+    /**
+     * The point's y coordinate
+     */
+    y: BLS12Fq, 
+    /**
+     * Whether the point is at infinity
+     */
+    isInfinite: boolean);
+    toJSON(): `0x${string}`;
+    [inspect.custom](): string;
+    static get schema(): import("zod").ZodType<BLS12Point, any, string>;
+    /**
+     * Generate a random Point instance.
+     *
+     * @returns A randomly generated Point instance.
+     */
+    static random(): BLS12Point;
+    /**
+     * Create a Point instance from a given buffer or BufferReader.
+     * The input 'buffer' should have exactly 96 bytes representing the x and y coordinates.
+     *
+     * @param buffer - The buffer or BufferReader containing the x and y coordinates of the point.
+     * @returns A Point instance.
+     */
+    static fromBuffer(buffer: Buffer | BufferReader): BLS12Point;
+    /**
+     * Create a Point instance from a hex-encoded string.
+     * The input should be prefixed with '0x' or not, and have exactly 128 hex characters representing the x and y coordinates.
+     * Throws an error if the input length is invalid or coordinate values are out of range.
+     *
+     * @param str - The hex-encoded string representing the Point coordinates.
+     * @returns A Point instance.
+     */
+    static fromString(str: string): BLS12Point;
+    /**
+     * Create a compressed buffer instance from a point.
+     * @dev NOTE: The compression standard for BLS12-381 differs from BN curves. Instead of
+     * one is_positive flag, we have three flags to prepend:
+     * - is_compressed: indicator that the point is compressed
+     * - is_infinity: whether the point the point at infinity
+     * - is_greater: only set if is_compressed && !is_infinity && y > (p - 1)/2
+     * See https://github.com/arkworks-rs/algebra/blob/master/curves/bls12_381/src/curves/g1.rs -> serialize_with_mode() -> encoding
+     * and noble-curves/src/bls12-381.ts -> setMask()
+     * @dev Most of the logic below is taken from noble-curves/src/bls12-381.ts -> toBytes()
+     * @param point A BLS12Point instance.
+     * @returns The buffer containing the x coordinate and the flags of the y coordinate.
+     */
+    compress(): Buffer;
+    /**
+     * Create a Point instance from a compressed buffer.
+     * @dev See compress() above for compression encoding for BLS12-381.
+     * @dev Most of the logic below is taken from noble-curves/src/bls12-381.ts -> fromBytes()
+     * @param buffer - The buffer containing the x coordinate and the flags of the y coordinate.
+     * @returns A BLS12Point instance.
+     */
+    static decompress(buffer: Buffer): BLS12Point;
+    /**
+     * Converts a Point to two BN254 Fr elements by storing its compressed form (48 bytes) as:
+     * +-------------------+------------------------+
+     * |      31 bytes     |         17 bytes       |
+     * +-------------------+------------------------+
+     * |  Field Element 1  |     Field Element 2    |
+     * |  [0][bytes 0-30]  |  [0...0][bytes 31-47]  |
+     * +-------------------+------------------------+
+     * Used in the rollup circuits to store blob commitments in the native field type. See blob.ts.
+     * @param point - A BLS12Point instance.
+     * @returns The point fields.
+     */
+    toBN254Fields(): Fr[];
+    /**
+     * Creates a Point instance from 2 BN254 Fr fields as encoded in toBNFields() above.
+     * Used in the rollup circuits to store blob commitments in the native field type. See blob.ts.
+     * @param fields - The encoded BN254 fields.
+     * @returns The point fields.
+     */
+    static fromBN254Fields(fields: [Fr, Fr]): BLS12Point;
+    /**
+     * Creates a point from an array of 2 fields.
+     * @returns The point
+     */
+    static fromBLS12FqFields(fields: BLS12Fq[]): BLS12Point;
+    /**
+     * Creates a point from @noble/curves projective point definition.
+     * @returns The point
+     */
+    static fromNobleProjectivePoint(point: ProjPointType<bigint>): BLS12Point;
+    /**
+     * Uses the x coordinate and isPositive flag (+/-) to reconstruct the point.
+     * @param x - The x coordinate of the point
+     * @param sign - The "sign" of the y coordinate - note that this is not a sign as is known in integer arithmetic.
+     * Instead it is a boolean flag that determines whether the y coordinate is <= (Fr.MODULUS - 1) / 2
+     * @returns The point as an array of 2 fields
+     */
+    static fromXAndSign(x: BLS12Fq, sign: boolean): BLS12Point;
+    /**
+     * @param x - The x coordinate of the point
+     * @returns y^2 such that y^2 = x^3 + 4
+     */
+    static YSquaredFromX(x: BLS12Fq): BLS12Fq;
+    /**
+     * @param x - The x coordinate of the point
+     * @returns The y coordinate of the point, if it exists on BLS12-381
+     */
+    static YFromX(x: BLS12Fq): BLS12Fq | null;
+    /**
+     * @param x - The x coordinate of the point
+     * @param y - The y coordinate of the point
+     * @returns Whether the point exists on BLS12-381
+     */
+    static isOnCurve(x: BLS12Fq, y: BLS12Fq): boolean;
+    /**
+     * Returns the contents of the point as an array of 2 fields.
+     * @returns The point as an array of 2 fields
+     */
+    toBLS12FqFields(): BLS12Fq[];
+    /**
+     * Returns the x coordinate and the sign of the y coordinate.
+     * @dev The y sign can be determined by checking if the y coordinate is greater than half of the modulus.
+     * @returns The x coordinate and the sign of the y coordinate.
+     */
+    toXAndSign(): [BLS12Fq, boolean];
+    /**
+     * Returns the contents of the point as BigInts.
+     * @returns The point as BigInts
+     */
+    toBigInts(): {
+        x: bigint;
+        y: bigint;
+        isInfinite: bigint;
+    };
+    /**
+     * Converts the Point instance to a Buffer representation of the coordinates.
+     * @returns A Buffer representation of the Point instance.
+     * @dev Note that toBuffer does not include the isInfinite flag and other serialization methods do (e.g. toBigInts).
+     */
+    toBuffer(): Buffer<ArrayBufferLike>;
+    /**
+     * Convert the Point instance to a hexadecimal string representation.
+     * The output string is prefixed with '0x' and consists of exactly 128 hex characters,
+     * representing the concatenated x and y coordinates of the point.
+     *
+     * @returns A hex-encoded string representing the Point instance.
+     */
+    toString(): `0x${string}`;
+    /**
+     * Check if two Point instances are equal by comparing their buffer values.
+     * Returns true if the buffer values are the same, and false otherwise.
+     *
+     * @param rhs - The Point instance to compare with the current instance.
+     * @returns A boolean indicating whether the two Point instances are equal.
+     */
+    equals(rhs: BLS12Point): boolean;
+    /**
+     * Check whether the point is zero.
+     */
+    isZero(): boolean;
+    /**
+     * Check if this is point at infinity.
+     * Check this is consistent with how bb is encoding the point at infinity
+     */
+    get inf(): boolean;
+    /** Arithmetic - wrapper around noble curves */
+    toNobleProjectivePoint(): ProjPointType<bigint>;
+    add(rhs: BLS12Point): BLS12Point;
+    negate(): BLS12Point;
+    sub(rhs: BLS12Point): BLS12Point;
+    /**
+     * @dev From noble curves package:
+     * Constant time multiplication. Uses wNAF method. Windowed method may be 10% faster,
+     * but takes 2x longer to generate and consumes 2x memory.
+     * Uses precomputes when available, uses endomorphism for Koblitz curves.
+     * @param scalar by which the point would be multiplied
+     * @returns New point
+     */
+    mul(rhs: BLS12Fr): BLS12Point;
+    /**
+     * @dev From noble curves package:
+     * Non-constant-time multiplication. Uses double-and-add algorithm.
+     * It's faster, but should only be used when you don't care about an exposed private key e.g. sig verification, which works over *public* keys.
+     * @param scalar by which the point would be multiplied
+     * @returns New point
+     */
+    mulUnsafe(rhs: BLS12Fr): BLS12Point;
+    /**
+     * @dev From noble curves package:
+     * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly.
+     * Not using Strauss-Shamir trick: precomputation tables are faster. The trick could be useful if both P and Q are not G (not in our case).
+     * @returns affine point
+     */
+    mulAndAddUnsafe(a: BLS12Fr, b: BLS12Fr, Q: BLS12Point): BLS12Point;
+}
+export declare class BLSPointNotOnCurveError extends Error {
+    constructor(x: BLS12Fq, y?: BLS12Fq);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYmxzMTJfcG9pbnQuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9maWVsZHMvYmxzMTJfcG9pbnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLEVBQUUsYUFBYSxFQUFFLE1BQU0sb0NBQW9DLENBQUM7QUFHeEUsT0FBTyxFQUFFLE9BQU8sRUFBRSxNQUFNLE1BQU0sQ0FBQztBQUsvQixPQUFPLEVBQUUsWUFBWSxFQUFxQixNQUFNLHVCQUF1QixDQUFDO0FBRXhFLE9BQU8sRUFBRSxPQUFPLEVBQUUsT0FBTyxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDckQsT0FBTyxFQUFFLEVBQUUsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUVqQzs7Ozs7R0FLRztBQUNILHFCQUFhLFVBQVU7YUFXSCxDQUFDLEVBQUUsT0FBTzthQUlWLENBQUMsRUFBRSxPQUFPO2FBSVYsVUFBVSxFQUFFLE9BQU87SUFsQnJDLE1BQU0sQ0FBQyxJQUFJLGFBQW9EO0lBQy9ELE1BQU0sQ0FBQyxHQUFHLGFBQWlHO0lBQzNHLE1BQU0sQ0FBQyxhQUFhLFNBQTZCO0lBQ2pELE1BQU0sQ0FBQyx3QkFBd0IsU0FBeUI7SUFDeEQsTUFBTSxDQUFDLGVBQWUsMEJBQXNGO0lBRTVHO0lBQ0U7O09BRUc7SUFDYSxDQUFDLEVBQUUsT0FBTztJQUMxQjs7T0FFRztJQUNhLENBQUMsRUFBRSxPQUFPO0lBQzFCOztPQUVHO0lBQ2EsVUFBVSxFQUFFLE9BQU8sRUFRcEM7SUFFRCxNQUFNLGtCQUVMO0lBRUQsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLFdBTWY7SUFFRCxNQUFNLEtBQUssTUFBTSxtREFFaEI7SUFFRDs7OztPQUlHO0lBQ0gsTUFBTSxDQUFDLE1BQU0sZUFZWjtJQUVEOzs7Ozs7T0FNRztJQUNILE1BQU0sQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLE1BQU0sR0FBRyxZQUFZLGNBSTlDO0lBRUQ7Ozs7Ozs7T0FPRztJQUNILE1BQU0sQ0FBQyxVQUFVLENBQUMsR0FBRyxFQUFFLE1BQU0sY0FFNUI7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSCxRQUFRLElBQUksTUFBTSxDQU1qQjtJQUVEOzs7Ozs7T0FNRztJQUNILE1BQU0sQ0FBQyxVQUFVLENBQUMsTUFBTSxFQUFFLE1BQU0sR0FBRyxVQUFVLENBcUI1QztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0gsYUFBYSxTQUdaO0lBRUQ7Ozs7O09BS0c7SUFDSCxNQUFNLENBQUMsZUFBZSxDQUFDLE1BQU0sRUFBRSxDQUFDLEVBQUUsRUFBRSxFQUFFLENBQUMsY0FFdEM7SUFFRDs7O09BR0c7SUFDSCxNQUFNLENBQUMsaUJBQWlCLENBQUMsTUFBTSxFQUFFLE9BQU8sRUFBRSxjQUV6QztJQUVEOzs7T0FHRztJQUNILE1BQU0sQ0FBQyx3QkFBd0IsQ0FBQyxLQUFLLEVBQUUsYUFBYSxDQUFDLE1BQU0sQ0FBQyxjQU8zRDtJQUVEOzs7Ozs7T0FNRztJQUNILE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxjQWM1QztJQUVEOzs7T0FHRztJQUNILE1BQU0sQ0FBQyxhQUFhLENBQUMsQ0FBQyxFQUFFLE9BQU8sR0FBRyxPQUFPLENBRXhDO0lBRUQ7OztPQUdHO0lBQ0gsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLEVBQUUsT0FBTyxHQUFHLE9BQU8sR0FBRyxJQUFJLENBS3hDO0lBRUQ7Ozs7T0FJRztJQUNILE1BQU0sQ0FBQyxTQUFTLENBQUMsQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUUsT0FBTyxXQVd0QztJQUVEOzs7T0FHRztJQUNILGVBQWUsY0FFZDtJQUVEOzs7O09BSUc7SUFDSCxVQUFVLElBQUksQ0FBQyxPQUFPLEVBQUUsT0FBTyxDQUFDLENBRS9CO0lBRUQ7OztPQUdHO0lBQ0gsU0FBUzs7OztNQU1SO0lBRUQ7Ozs7T0FJRztJQUNILFFBQVEsNEJBTVA7SUFFRDs7Ozs7O09BTUc7SUFDSCxRQUFRLGtCQUVQO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsTUFBTSxDQUFDLEdBQUcsRUFBRSxVQUFVLFdBRXJCO0lBRUQ7O09BRUc7SUFDSCxNQUFNLFlBRUw7SUFFRDs7O09BR0c7SUFDSCxJQUFXLEdBQUcsWUFFYjtJQUVELCtDQUErQztJQUUvQyxzQkFBc0IsMEJBRXJCO0lBRUQsR0FBRyxDQUFDLEdBQUcsRUFBRSxVQUFVLGNBRWxCO0lBRUQsTUFBTSxlQUVMO0lBRUQsR0FBRyxDQUFDLEdBQUcsRUFBRSxVQUFVLGNBRWxCO0lBRUQ7Ozs7Ozs7T0FPRztJQUNILEdBQUcsQ0FBQyxHQUFHLEVBQUUsT0FBTyxjQU1mO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsU0FBUyxDQUFDLEdBQUcsRUFBRSxPQUFPLGNBRXJCO0lBRUQ7Ozs7O09BS0c7SUFDSCxlQUFlLENBQUMsQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLENBQUMsRUFBRSxVQUFVLGNBT3BEO0NBQ0Y7QUFFRCxxQkFBYSx1QkFBd0IsU0FBUSxLQUFLO0lBQ2hELFlBQVksQ0FBQyxFQUFFLE9BQU8sRUFBRSxDQUFDLENBQUMsRUFBRSxPQUFPLEVBR2xDO0NBQ0YifQ==

package/dest/fields/bls12_point.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bls12_point.d.ts","sourceRoot":"","sources":["../../src/fields/bls12_point.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AAGxE,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAK/B,OAAO,EAAE,YAAY,EAAqB,MAAM,uBAAuB,CAAC;AAExE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAEjC;;;;;GAKG;AACH,qBAAa,UAAU;aAWH,CAAC,EAAE,OAAO;aAIV,CAAC,EAAE,OAAO;aAIV,UAAU,EAAE,OAAO;IAlBrC,MAAM,CAAC,IAAI,aAAoD;IAC/D,MAAM,CAAC,GAAG,aAAiG;IAC3G,MAAM,CAAC,aAAa,SAA6B;IACjD,MAAM,CAAC,wBAAwB,SAAyB;IACxD,MAAM,CAAC,eAAe,0BAAsF;IAE5G;IACE;;OAEG;IACa,CAAC,EAAE,OAAO;IAC1B;;OAEG;IACa,CAAC,EAAE,OAAO;IAC1B;;OAEG;IACa,UAAU,EAAE,OAAO,EAQpC;IAED,MAAM,kBAEL;IAED,CAAC,OAAO,CAAC,MAAM,CAAC,WAMf;IAED,MAAM,KAAK,MAAM,mDAEhB;IAED;;;;OAIG;IACH,MAAM,CAAC,MAAM,eAYZ;IAED;;;;;;OAMG;IACH,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,cAI9C;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE,MAAM,cAE5B;IAED;;;;;;;;;;;;OAYG;IACH,QAAQ,IAAI,MAAM,CAMjB;IAED;;;;;;OAMG;IACH,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAqB5C;IAED;;;;;;;;;;;OAWG;IACH,aAAa,SAGZ;IAED;;;;;OAKG;IACH,MAAM,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,cAEtC;IAED;;;OAGG;IACH,MAAM,CAAC,iBAAiB,CAAC,MAAM,EAAE,OAAO,EAAE,cAEzC;IAED;;;OAGG;IACH,MAAM,CAAC,wBAAwB,CAAC,KAAK,EAAE,aAAa,CAAC,MAAM,CAAC,cAO3D;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,cAc5C;IAED;;;OAGG;IACH,MAAM,CAAC,aAAa,CAAC,CAAC,EAAE,OAAO,GAAG,OAAO,CAExC;IAED;;;OAGG;IACH,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,IAAI,CAKxC;IAED;;;;OAIG;IACH,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,WAWtC;IAED;;;OAGG;IACH,eAAe,cAEd;IAED;;;;OAIG;IACH,UAAU,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAE/B;IAED;;;OAGG;IACH,SAAS;;;;MAMR;IAED;;;;OAIG;IACH,QAAQ,4BAMP;IAED;;;;;;OAMG;IACH,QAAQ,kBAEP;IAED;;;;;;OAMG;IACH,MAAM,CAAC,GAAG,EAAE,UAAU,WAErB;IAED;;OAEG;IACH,MAAM,YAEL;IAED;;;OAGG;IACH,IAAW,GAAG,YAEb;IAED,+CAA+C;IAE/C,sBAAsB,0BAErB;IAED,GAAG,CAAC,GAAG,EAAE,UAAU,cAElB;IAED,MAAM,eAEL;IAED,GAAG,CAAC,GAAG,EAAE,UAAU,cAElB;IAED;;;;;;;OAOG;IACH,GAAG,CAAC,GAAG,EAAE,OAAO,cAMf;IAED;;;;;;OAMG;IACH,SAAS,CAAC,GAAG,EAAE,OAAO,cAErB;IAED;;;;;OAKG;IACH,eAAe,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,UAAU,cAOpD;CACF;AAED,qBAAa,uBAAwB,SAAQ,KAAK;IAChD,YAAY,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,OAAO,EAGlC;CACF"}

package/dest/fields/bls12_point.js

@@ -0,0 +1,398 @@
+/* eslint-disable camelcase */ import { bls12_381 } from '@noble/curves/bls12-381';
+import { inspect } from 'util';
+import { toBufferBE } from '../bigint-buffer/index.js';
+import { randomBoolean } from '../crypto/random/index.js';
+import { hexSchemaFor } from '../schemas/utils.js';
+import { BufferReader, serializeToBuffer } from '../serialize/index.js';
+import { bufferToHex, hexToBuffer } from '../string/index.js';
+import { BLS12Fq } from './bls12_fields.js';
+import { Fr } from './fields.js';
+/**
+ * Represents a Point on an elliptic curve with x and y coordinates.
+ * The Point class provides methods for creating instances from different input types,
+ * converting instances to various output formats, and checking the equality of points.
+ * TODO(#7386): Clean up this class.
+ */ export class BLS12Point {
+    x;
+    y;
+    isInfinite;
+    static ZERO = new BLS12Point(BLS12Fq.ZERO, BLS12Fq.ZERO, true);
+    static ONE = new BLS12Point(new BLS12Fq(bls12_381.G1.CURVE.Gx), new BLS12Fq(bls12_381.G1.CURVE.Gy), false);
+    static SIZE_IN_BYTES = BLS12Fq.SIZE_IN_BYTES * 2;
+    static COMPRESSED_SIZE_IN_BYTES = BLS12Fq.SIZE_IN_BYTES;
+    static COMPRESSED_ZERO = setMask(Buffer.alloc(BLS12Fq.SIZE_IN_BYTES), {
+        infinity: true,
+        compressed: true
+    });
+    constructor(/**
+     * The point's x coordinate
+     */ x, /**
+     * The point's y coordinate
+     */ y, /**
+     * Whether the point is at infinity
+     */ isInfinite){
+        this.x = x;
+        this.y = y;
+        this.isInfinite = isInfinite;
+        if (!BLS12Point.isOnCurve(x, y)) {
+            throw new BLSPointNotOnCurveError(x, y);
+        }
+        if (isInfinite && !(x.equals(BLS12Fq.ZERO) && y.equals(BLS12Fq.ZERO))) {
+            throw new Error(`BLS12-381 G1 point ( ${x.toString()}, ${y.toString()} ) is not infinite.`);
+        }
+    }
+    toJSON() {
+        return this.toString();
+    }
+    [inspect.custom]() {
+        return `BLS12Point {
+      x: ${inspect(this.x)},
+      y: ${inspect(this.y)},
+      isInfinite: ${inspect(this.isInfinite)},
+    }`;
+    }
+    static get schema() {
+        return hexSchemaFor(BLS12Point);
+    }
+    /**
+   * Generate a random Point instance.
+   *
+   * @returns A randomly generated Point instance.
+   */ static random() {
+        while(true){
+            try {
+                return BLS12Point.fromXAndSign(BLS12Fq.random(), randomBoolean());
+            } catch (e) {
+                if (!(e instanceof BLSPointNotOnCurveError)) {
+                    throw e;
+                }
+                continue;
+            }
+        }
+    }
+    /**
+   * Create a Point instance from a given buffer or BufferReader.
+   * The input 'buffer' should have exactly 96 bytes representing the x and y coordinates.
+   *
+   * @param buffer - The buffer or BufferReader containing the x and y coordinates of the point.
+   * @returns A Point instance.
+   */ static fromBuffer(buffer) {
+        const reader = BufferReader.asReader(buffer);
+        const [x, y] = [
+            BLS12Fq.fromBuffer(reader),
+            BLS12Fq.fromBuffer(reader)
+        ];
+        return new this(x, y, x.isZero() && y.isZero());
+    }
+    /**
+   * Create a Point instance from a hex-encoded string.
+   * The input should be prefixed with '0x' or not, and have exactly 128 hex characters representing the x and y coordinates.
+   * Throws an error if the input length is invalid or coordinate values are out of range.
+   *
+   * @param str - The hex-encoded string representing the Point coordinates.
+   * @returns A Point instance.
+   */ static fromString(str) {
+        return this.fromBuffer(hexToBuffer(str));
+    }
+    /**
+   * Create a compressed buffer instance from a point.
+   * @dev NOTE: The compression standard for BLS12-381 differs from BN curves. Instead of
+   * one is_positive flag, we have three flags to prepend:
+   * - is_compressed: indicator that the point is compressed
+   * - is_infinity: whether the point the point at infinity
+   * - is_greater: only set if is_compressed && !is_infinity && y > (p - 1)/2
+   * See https://github.com/arkworks-rs/algebra/blob/master/curves/bls12_381/src/curves/g1.rs -> serialize_with_mode() -> encoding
+   * and noble-curves/src/bls12-381.ts -> setMask()
+   * @dev Most of the logic below is taken from noble-curves/src/bls12-381.ts -> toBytes()
+   * @param point A BLS12Point instance.
+   * @returns The buffer containing the x coordinate and the flags of the y coordinate.
+   */ compress() {
+        if (this.isZero()) {
+            return BLS12Point.COMPRESSED_ZERO;
+        }
+        const isGreater = this.y.isNegative();
+        return setMask(toBufferBE(this.x.toBigInt(), BLS12Fq.SIZE_IN_BYTES), {
+            compressed: true,
+            sort: isGreater
+        });
+    }
+    /**
+   * Create a Point instance from a compressed buffer.
+   * @dev See compress() above for compression encoding for BLS12-381.
+   * @dev Most of the logic below is taken from noble-curves/src/bls12-381.ts -> fromBytes()
+   * @param buffer - The buffer containing the x coordinate and the flags of the y coordinate.
+   * @returns A BLS12Point instance.
+   */ static decompress(buffer) {
+        const { compressed, infinity, sort, value: decompressed } = parseMask(buffer);
+        if (decompressed.length === BLS12Fq.SIZE_IN_BYTES && compressed) {
+            const x = new BLS12Fq(decompressed);
+            if (infinity) {
+                if (!x.isZero()) {
+                    throw new Error('Non-empty compressed G1 point at infinity');
+                }
+                return new BLS12Point(x, BLS12Fq.ZERO, true);
+            }
+            let y = this.YFromX(x);
+            if (!y) {
+                throw new BLSPointNotOnCurveError(x);
+            }
+            if (y.isNegative() !== sort) {
+                y = y.negate();
+            }
+            return new BLS12Point(x, y, infinity);
+        } else {
+            throw new Error('Invalid compressed G1 point of BLS12-381');
+        }
+    }
+    /**
+   * Converts a Point to two BN254 Fr elements by storing its compressed form (48 bytes) as:
+   * +-------------------+------------------------+
+   * |      31 bytes     |         17 bytes       |
+   * +-------------------+------------------------+
+   * |  Field Element 1  |     Field Element 2    |
+   * |  [0][bytes 0-30]  |  [0...0][bytes 31-47]  |
+   * +-------------------+------------------------+
+   * Used in the rollup circuits to store blob commitments in the native field type. See blob.ts.
+   * @param point - A BLS12Point instance.
+   * @returns The point fields.
+   */ toBN254Fields() {
+        const compressed = this.compress();
+        return [
+            new Fr(compressed.subarray(0, 31)),
+            new Fr(compressed.subarray(31, 48))
+        ];
+    }
+    /**
+   * Creates a Point instance from 2 BN254 Fr fields as encoded in toBNFields() above.
+   * Used in the rollup circuits to store blob commitments in the native field type. See blob.ts.
+   * @param fields - The encoded BN254 fields.
+   * @returns The point fields.
+   */ static fromBN254Fields(fields) {
+        return BLS12Point.decompress(Buffer.concat([
+            fields[0].toBuffer().subarray(1),
+            fields[1].toBuffer().subarray(-17)
+        ]));
+    }
+    /**
+   * Creates a point from an array of 2 fields.
+   * @returns The point
+   */ static fromBLS12FqFields(fields) {
+        return new this(fields[0], fields[1], !fields[2].isEmpty());
+    }
+    /**
+   * Creates a point from @noble/curves projective point definition.
+   * @returns The point
+   */ static fromNobleProjectivePoint(point) {
+        const affine = point.toAffine();
+        return new BLS12Point(new BLS12Fq(affine.x), new BLS12Fq(affine.y), point.equals(bls12_381.G1.ProjectivePoint.ZERO));
+    }
+    /**
+   * Uses the x coordinate and isPositive flag (+/-) to reconstruct the point.
+   * @param x - The x coordinate of the point
+   * @param sign - The "sign" of the y coordinate - note that this is not a sign as is known in integer arithmetic.
+   * Instead it is a boolean flag that determines whether the y coordinate is <= (Fr.MODULUS - 1) / 2
+   * @returns The point as an array of 2 fields
+   */ static fromXAndSign(x, sign) {
+        const y = BLS12Point.YFromX(x);
+        if (y == null) {
+            throw new BLSPointNotOnCurveError(x);
+        }
+        const yPositiveBigInt = y.isNegative() ? BLS12Fq.MODULUS - y.toBigInt() : y.toBigInt();
+        const yNegativeBigInt = BLS12Fq.MODULUS - yPositiveBigInt;
+        // Choose the positive or negative root based on isPositive
+        const finalY = sign ? new BLS12Fq(yPositiveBigInt) : new BLS12Fq(yNegativeBigInt);
+        // Create and return the new Point
+        return new this(x, finalY, false);
+    }
+    /**
+   * @param x - The x coordinate of the point
+   * @returns y^2 such that y^2 = x^3 + 4
+   */ static YSquaredFromX(x) {
+        return new BLS12Fq(bls12_381.G1.weierstrassEquation(x.toBigInt()));
+    }
+    /**
+   * @param x - The x coordinate of the point
+   * @returns The y coordinate of the point, if it exists on BLS12-381
+   */ static YFromX(x) {
+        const ySquared = this.YSquaredFromX(x);
+        // y is then simply the square root. Note however that not all square roots exist in the field: if sqrt returns null
+        // then there is no point in the curve with this x coordinate.
+        return ySquared.sqrt();
+    }
+    /**
+   * @param x - The x coordinate of the point
+   * @param y - The y coordinate of the point
+   * @returns Whether the point exists on BLS12-381
+   */ static isOnCurve(x, y) {
+        if (x.isZero() && y.isZero()) {
+            // Representation of inf point
+            return true;
+        }
+        // The BLS12-381 equation is y^2 = x^3 + 4. We could use `YFromX` and then compare to `this.y`, but this would
+        // involve computing the square root of y, of which there are two possible valid values. This method is also faster.
+        const lhs = y.square();
+        const rhs = this.YSquaredFromX(x);
+        return lhs.equals(rhs);
+    }
+    /**
+   * Returns the contents of the point as an array of 2 fields.
+   * @returns The point as an array of 2 fields
+   */ toBLS12FqFields() {
+        return [
+            this.x,
+            this.y,
+            new BLS12Fq(this.isInfinite ? 1 : 0)
+        ];
+    }
+    /**
+   * Returns the x coordinate and the sign of the y coordinate.
+   * @dev The y sign can be determined by checking if the y coordinate is greater than half of the modulus.
+   * @returns The x coordinate and the sign of the y coordinate.
+   */ toXAndSign() {
+        return [
+            this.x,
+            !this.y.isNegative()
+        ];
+    }
+    /**
+   * Returns the contents of the point as BigInts.
+   * @returns The point as BigInts
+   */ toBigInts() {
+        return {
+            x: this.x.toBigInt(),
+            y: this.y.toBigInt(),
+            isInfinite: this.isInfinite ? 1n : 0n
+        };
+    }
+    /**
+   * Converts the Point instance to a Buffer representation of the coordinates.
+   * @returns A Buffer representation of the Point instance.
+   * @dev Note that toBuffer does not include the isInfinite flag and other serialization methods do (e.g. toBigInts).
+   */ toBuffer() {
+        const buf = serializeToBuffer([
+            this.x,
+            this.y
+        ]);
+        if (buf.length !== BLS12Point.SIZE_IN_BYTES) {
+            throw new Error(`Invalid buffer length for Point: ${buf.length}`);
+        }
+        return buf;
+    }
+    /**
+   * Convert the Point instance to a hexadecimal string representation.
+   * The output string is prefixed with '0x' and consists of exactly 128 hex characters,
+   * representing the concatenated x and y coordinates of the point.
+   *
+   * @returns A hex-encoded string representing the Point instance.
+   */ toString() {
+        return bufferToHex(this.toBuffer());
+    }
+    /**
+   * Check if two Point instances are equal by comparing their buffer values.
+   * Returns true if the buffer values are the same, and false otherwise.
+   *
+   * @param rhs - The Point instance to compare with the current instance.
+   * @returns A boolean indicating whether the two Point instances are equal.
+   */ equals(rhs) {
+        return this.x.equals(rhs.x) && this.y.equals(rhs.y);
+    }
+    /**
+   * Check whether the point is zero.
+   */ isZero() {
+        return this.x.isZero() && this.y.isZero();
+    }
+    /**
+   * Check if this is point at infinity.
+   * Check this is consistent with how bb is encoding the point at infinity
+   */ get inf() {
+        return this.isInfinite;
+    }
+    /** Arithmetic - wrapper around noble curves */ toNobleProjectivePoint() {
+        return bls12_381.G1.ProjectivePoint.fromAffine(this.toBigInts());
+    }
+    add(rhs) {
+        return BLS12Point.fromNobleProjectivePoint(this.toNobleProjectivePoint().add(rhs.toNobleProjectivePoint()));
+    }
+    negate() {
+        return new BLS12Point(this.x, this.y.negate(), this.isInfinite);
+    }
+    sub(rhs) {
+        return BLS12Point.fromNobleProjectivePoint(this.toNobleProjectivePoint().subtract(rhs.toNobleProjectivePoint()));
+    }
+    /**
+   * @dev From noble curves package:
+   * Constant time multiplication. Uses wNAF method. Windowed method may be 10% faster,
+   * but takes 2x longer to generate and consumes 2x memory.
+   * Uses precomputes when available, uses endomorphism for Koblitz curves.
+   * @param scalar by which the point would be multiplied
+   * @returns New point
+   */ mul(rhs) {
+        // Note: noble curves throws on 0
+        if (rhs.isZero()) {
+            return BLS12Point.ZERO;
+        }
+        return BLS12Point.fromNobleProjectivePoint(this.toNobleProjectivePoint().multiply(rhs.toBigInt()));
+    }
+    /**
+   * @dev From noble curves package:
+   * Non-constant-time multiplication. Uses double-and-add algorithm.
+   * It's faster, but should only be used when you don't care about an exposed private key e.g. sig verification, which works over *public* keys.
+   * @param scalar by which the point would be multiplied
+   * @returns New point
+   */ mulUnsafe(rhs) {
+        return BLS12Point.fromNobleProjectivePoint(this.toNobleProjectivePoint().multiplyUnsafe(rhs.toBigInt()));
+    }
+    /**
+   * @dev From noble curves package:
+   * Efficiently calculate `aP + bQ`. Unsafe, can expose private key, if used incorrectly.
+   * Not using Strauss-Shamir trick: precomputation tables are faster. The trick could be useful if both P and Q are not G (not in our case).
+   * @returns affine point
+   */ mulAndAddUnsafe(a, b, Q) {
+        const res = this.toNobleProjectivePoint().multiplyAndAddUnsafe(Q.toNobleProjectivePoint(), a.toBigInt(), b.toBigInt());
+        return res ? BLS12Point.fromNobleProjectivePoint(res) : BLS12Point.ZERO;
+    }
+}
+export class BLSPointNotOnCurveError extends Error {
+    constructor(x, y){
+        super('The given G1 point is not on the BLS12-381 curve: (' + x.toString() + ', ' + (y ? y.toString() : '') + ')');
+        this.name = 'NotOnCurveError';
+    }
+}
+/**
+ * Lifted from noble curves bls12_381 since it's not exposed. Sets the flags
+ * for BLS12-381 point compression.
+ * @dev 'sort' refers to 'is_greater' i.e. y > (p - 1)/2
+ */ function setMask(bytes, mask) {
+    if (bytes[0] & 0b1110_0000) {
+        throw new Error('setMask: non-empty mask');
+    }
+    if (mask.compressed) {
+        bytes[0] |= 0b1000_0000;
+    }
+    if (mask.infinity) {
+        bytes[0] |= 0b0100_0000;
+    }
+    if (mask.sort) {
+        bytes[0] |= 0b0010_0000;
+    }
+    return bytes;
+}
+/**
+ * Lifted from noble curves bls12_381 since it's not exposed. Reads the flags
+ * for BLS12-381 point compression.
+ * @dev 'sort' refers to 'is_greater' i.e. y > (p - 1)/2
+ */ function parseMask(bytes) {
+    // Copy, so we can remove mask data without affecting input bytes.
+    const value = Buffer.from(bytes);
+    const mask = value[0] & 0b1110_0000;
+    const compressed = !!(mask >> 7 & 1); // compression bit (0b1000_0000)
+    const infinity = !!(mask >> 6 & 1); // point at infinity bit (0b0100_0000)
+    const sort = !!(mask >> 5 & 1); // sort bit (0b0010_0000)
+    value[0] &= 0b0001_1111; // clear mask (zero first 3 bits)
+    return {
+        compressed,
+        infinity,
+        sort,
+        value
+    };
+}

package/dest/fields/coordinate.d.ts

@@ -1,5 +1,3 @@
-/// <reference types="node" resolution-mode="require"/>
-/// <reference types="node" resolution-mode="require"/>
 import type { Tuple } from '../serialize/types.js';
 import { Fr } from './fields.js';
 /**
@@ -11,9 +9,6 @@ import { Fr } from './fields.js';
  * Calls to 'toFieldsBuffer' will return a 64 bytes buffer containing the serialized fields.
  */
 export declare class Coordinate {
-    /**
-     * The fields of the coordinate value. Least significant limb at index 0.
-     */
     fields: Tuple<Fr, 2>;
     static ZERO: Coordinate;
     constructor(
@@ -65,4 +60,4 @@ export declare class Coordinate {
      */
     static fromField(coordinate: Fr): Coordinate;
 }
-//# sourceMappingURL=coordinate.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29vcmRpbmF0ZS5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2ZpZWxkcy9jb29yZGluYXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sS0FBSyxFQUFFLEtBQUssRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ25ELE9BQU8sRUFBRSxFQUFFLEVBQUUsTUFBTSxhQUFhLENBQUM7QUFFakM7Ozs7Ozs7R0FPRztBQUNILHFCQUFhLFVBQVU7SUFPWixNQUFNLEVBQUUsS0FBSyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFON0IsTUFBTSxDQUFDLElBQUksYUFBc0M7SUFFakQ7SUFDRTs7T0FFRztJQUNJLE1BQU0sRUFBRSxLQUFLLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxFQUN6QjtJQUVKOzs7T0FHRztJQUNILFFBQVEsSUFBSSxLQUFLLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUV2QjtJQUVEOzs7T0FHRztJQUNILE1BQU0sQ0FBQyxNQUFNLElBQUksVUFBVSxDQUUxQjtJQUVEOzs7T0FHRztJQUNILGNBQWMsSUFBSSxNQUFNLENBRXZCO0lBRUQ7OztPQUdHO0lBQ0gsUUFBUSxJQUFJLE1BQU0sQ0FLakI7SUFFRDs7OztPQUlHO0lBQ0gsTUFBTSxDQUFDLEtBQUssRUFBRSxVQUFVLEdBQUcsT0FBTyxDQUVqQztJQUVEOzs7T0FHRztJQUNILFFBQVEsSUFBSSxNQUFNLENBRWpCO0lBRUQ7Ozs7T0FJRztJQUNILE1BQU0sQ0FBQyxVQUFVLENBQUMsVUFBVSxFQUFFLE1BQU0sY0FVbkM7SUFFRDs7OztPQUlHO0lBQ0gsTUFBTSxDQUFDLFNBQVMsQ0FBQyxVQUFVLEVBQUUsRUFBRSxjQU05QjtDQUNGIn0=

package/dest/fields/coordinate.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"coordinate.d.ts","sourceRoot":"","sources":["../../src/fields/coordinate.ts"],"names":[],"mappings":";;AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAEjC;;;;;;;GAOG;AACH,qBAAa,UAAU;IAInB;;OAEG;IACI,MAAM,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAN7B,MAAM,CAAC,IAAI,aAAsC;;IAG/C;;OAEG;IACI,MAAM,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAG7B;;;OAGG;IACH,QAAQ,IAAI,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAIxB;;;OAGG;IACH,MAAM,CAAC,MAAM,IAAI,UAAU;IAI3B;;;OAGG;IACH,cAAc,IAAI,MAAM;IAIxB;;;OAGG;IACH,QAAQ,IAAI,MAAM;IAOlB;;;;OAIG;IACH,MAAM,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO;IAIlC;;;OAGG;IACH,QAAQ,IAAI,MAAM;IAIlB;;;;OAIG;IACH,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,MAAM;IAYpC;;;;OAIG;IACH,MAAM,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE;CAOhC"}
+{"version":3,"file":"coordinate.d.ts","sourceRoot":"","sources":["../../src/fields/coordinate.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AAEjC;;;;;;;GAOG;AACH,qBAAa,UAAU;IAOZ,MAAM,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IAN7B,MAAM,CAAC,IAAI,aAAsC;IAEjD;IACE;;OAEG;IACI,MAAM,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EACzB;IAEJ;;;OAGG;IACH,QAAQ,IAAI,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,CAEvB;IAED;;;OAGG;IACH,MAAM,CAAC,MAAM,IAAI,UAAU,CAE1B;IAED;;;OAGG;IACH,cAAc,IAAI,MAAM,CAEvB;IAED;;;OAGG;IACH,QAAQ,IAAI,MAAM,CAKjB;IAED;;;;OAIG;IACH,MAAM,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAEjC;IAED;;;OAGG;IACH,QAAQ,IAAI,MAAM,CAEjB;IAED;;;;OAIG;IACH,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE,MAAM,cAUnC;IAED;;;;OAIG;IACH,MAAM,CAAC,SAAS,CAAC,UAAU,EAAE,EAAE,cAM9B;CACF"}