@aztec/foundation 0.0.0-test.1 → 0.0.1-commit.b655e406

package/src/crypto/bls/index.ts

@@ -0,0 +1,77 @@
+import { Fr } from '@aztec/foundation/fields';
+import type { Hex } from '@aztec/foundation/string';
+
+import { mod } from '@noble/curves/abstract/modular';
+import { bytesToNumberBE } from '@noble/curves/abstract/utils';
+import { hmac } from '@noble/hashes/hmac';
+import { sha512 } from '@noble/hashes/sha2';
+import { mnemonicToSeedSync } from '@scure/bip39';
+
+export function deriveBlsPrivateKey(mnemonic: string | undefined, ikm: string | undefined, path: string): Hex<32> {
+  if (ikm) {
+    return deriveBlsKeyFromEntropy(ikm, path) as Hex<32>;
+  }
+  if (!mnemonic) {
+    throw new Error('Either mnemonic or ikm must be provided for BLS derivation');
+  }
+  return deriveBlsKeyFromMnemonic(mnemonic, path) as Hex<32>;
+}
+
+/**
+ * Deterministically derive a BN254 BLS private key from mnemonic and derivation path.
+ * Returns a 0x-prefixed 32-byte hex string representing an Fr in [1, r-1].
+ */
+export function deriveBlsKeyFromMnemonic(mnemonic: string, derivationPath: string, passphrase = ''): string {
+  const seed = Buffer.from(mnemonicToSeedSync(mnemonic, passphrase)); // 64 bytes
+  const data = Buffer.concat([Buffer.from([0x00]), seed, Buffer.from(derivationPath, 'utf8')]);
+  const sk = deriveBn254ScalarFromData(data);
+  return `0x${toFixed32(sk).toString('hex')}`;
+}
+
+/**
+ * Deterministically derive a BN254 BLS private key from input keying material (IKM) and derivation path.
+ * Returns a 0x-prefixed 32-byte hex string representing an Fr in [1, r-1].
+ */
+export function deriveBlsKeyFromEntropy(ikm: string, derivationPath: string): string {
+  const ikmBytes = parseIkm(ikm);
+  const data = Buffer.concat([Buffer.from([0x01]), ikmBytes, Buffer.from(derivationPath, 'utf8')]);
+  const sk = deriveBn254ScalarFromData(data);
+  return `0x${toFixed32(sk).toString('hex')}`;
+}
+
+function deriveBn254ScalarFromData(data: Buffer): bigint {
+  // Domain-separated HMAC-SHA512, then map to BN254 Fr using noble modular math. Retry on zero.
+  const domainKey = Buffer.from('Aztec bn254 key', 'utf8');
+  for (let counter = 0; ; counter = (counter + 1) & 0xff) {
+    const msg = counter === 0 ? data : Buffer.concat([data, Buffer.from([counter])]);
+    const digest = hmac(sha512, domainKey, msg); // 64 bytes
+    const x = bytesToNumberBE(digest);
+    const sk = mod(x, Fr.MODULUS);
+    if (sk !== 0n) {
+      return sk;
+    }
+  }
+}
+
+function parseIkm(ikm: string): Buffer {
+  const hexMatch = ikm.replace(/^0x/i, '');
+  if (/^[0-9a-fA-F]+$/.test(hexMatch) && hexMatch.length >= 2) {
+    const normalized = hexMatch.length % 2 === 1 ? `0${hexMatch}` : hexMatch;
+    return Buffer.from(normalized, 'hex');
+  }
+  return Buffer.from(ikm, 'utf8');
+}
+
+function toFixed32(x: bigint): Buffer {
+  const hex = x.toString(16);
+  const padded = hex.length % 2 === 1 ? `0${hex}` : hex;
+  const buf = Buffer.from(padded, 'hex');
+  if (buf.length === 32) {
+    return buf;
+  }
+  if (buf.length < 32) {
+    return Buffer.concat([Buffer.alloc(32 - buf.length, 0), buf]);
+  }
+  // Should never happen since x < bn254.Fr.ORDER < 2^256, but guard anyway
+  return buf.subarray(buf.length - 32);
+}

package/src/crypto/bn254/bn254_utils.ts

@@ -0,0 +1,64 @@
+import { Fr } from '../../fields/fields.js';
+import { Bn254G1Point, Bn254G2Point } from './index.js';
+
+/**
+ * BN254 utility functions for point operations.
+ * Provides compression, decompression, and public key generation for the BN254 curve.
+ * Uses the bb.js Barretenberg backend for point operations.
+ */
+
+/**
+ * Generate a compressed BN254 G1 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns Compressed G1 point (32 bytes with sign bit in MSB)
+ */
+export async function computeBn254G1PublicKeyCompressed(privateKeyHex: string): Promise<string> {
+  const sk = BigInt(privateKeyHex);
+  const skReduced = sk % Fr.MODULUS;
+
+  // Generate G1 point on BN254 curve using bb.js
+  const scalar = Fr.fromString(skReduced.toString());
+  const pk1 = await Bn254G1Point.generator(scalar);
+
+  // Compress the point using the primitive method
+  return '0x' + pk1.compress().toString('hex');
+}
+
+/**
+ * Generate uncompressed BN254 G1 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns G1 point in affine coordinates
+ */
+export async function computeBn254G1PublicKey(privateKeyHex: string): Promise<{ x: bigint; y: bigint }> {
+  const sk = BigInt(privateKeyHex);
+  const skReduced = sk % Fr.MODULUS;
+
+  const scalar = Fr.fromString(skReduced.toString());
+  const pk1 = await Bn254G1Point.generator(scalar);
+
+  return { x: pk1.x.toBigInt(), y: pk1.y.toBigInt() };
+}
+
+/**
+ * Generate BN254 G2 public key from a private key.
+ *
+ * @param privateKeyHex - Private key as 0x-prefixed hex string
+ * @returns G2 point in affine coordinates
+ */
+export async function computeBn254G2PublicKey(privateKeyHex: string): Promise<{
+  x: { c0: bigint; c1: bigint };
+  y: { c0: bigint; c1: bigint };
+}> {
+  const sk = BigInt(privateKeyHex);
+  const skReduced = sk % Fr.MODULUS;
+
+  const scalar = Fr.fromString(skReduced.toString());
+  const pk2 = await Bn254G2Point.generator(scalar);
+
+  return {
+    x: { c0: pk2.x[0].toBigInt(), c1: pk2.x[1].toBigInt() },
+    y: { c0: pk2.y[0].toBigInt(), c1: pk2.y[1].toBigInt() },
+  };
+}

package/src/crypto/bn254/index.ts

@@ -0,0 +1,170 @@
+import {
+  BN254_G1_GENERATOR,
+  BN254_G2_GENERATOR,
+  BarretenbergSync,
+  type Bn254G1Point as BbApiBn254G1Point,
+  type Bn254G2Point as BbApiBn254G2Point,
+} from '@aztec/bb.js';
+
+import { Fq, Fr } from '../../fields/fields.js';
+
+/**
+ * BN254 G1 point using foundation field classes.
+ * Represents a point on the BN254 elliptic curve in affine coordinates.
+ */
+export class Bn254G1Point {
+  constructor(
+    public readonly x: Fq,
+    public readonly y: Fq,
+  ) {}
+
+  private toBbApiPoint(): BbApiBn254G1Point {
+    return {
+      x: this.x.toBuffer(),
+      y: this.y.toBuffer(),
+    };
+  }
+
+  private static fromBbApiPoint(point: BbApiBn254G1Point): Bn254G1Point {
+    return new Bn254G1Point(Fq.fromBuffer(Buffer.from(point.x)), Fq.fromBuffer(Buffer.from(point.y)));
+  }
+
+  async isOnCurve(): Promise<boolean> {
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+
+    const apiPoint = this.toBbApiPoint();
+    const response = api.bn254G1IsOnCurve({ point: apiPoint });
+    return response.isOnCurve;
+  }
+
+  /**
+   * Get the generator point for BN254 G1, or perform scalar multiplication.
+   * When called without arguments, returns the base generator point.
+   * When called with a scalar, returns scalar * generator (useful for public key derivation).
+   */
+  static async generator(scalar?: Fr): Promise<Bn254G1Point> {
+    if (!scalar) {
+      return new Bn254G1Point(
+        Fq.fromBuffer(Buffer.from(BN254_G1_GENERATOR.x)),
+        Fq.fromBuffer(Buffer.from(BN254_G1_GENERATOR.y)),
+      );
+    }
+
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+
+    const response = api.bn254G1Mul({
+      point: BN254_G1_GENERATOR,
+      scalar: scalar.toBuffer(),
+    });
+
+    return Bn254G1Point.fromBbApiPoint(response.point);
+  }
+
+  /**
+   * Decompress a BN254 G1 point from compressed form (32 bytes).
+   * The compressed format encodes the x-coordinate and the sign bit of the y-coordinate
+   * in the most significant bit.
+   */
+  static async fromCompressed(compressed: Buffer): Promise<Bn254G1Point> {
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+
+    const response = api.bn254G1FromCompressed({
+      compressed: new Uint8Array(compressed),
+    });
+
+    return Bn254G1Point.fromBbApiPoint(response.point);
+  }
+
+  /**
+   * Compress this BN254 G1 point to 32 bytes.
+   * The compressed format encodes the x-coordinate and the sign bit of the y-coordinate
+   * in the most significant bit (bit 255).
+   */
+  compress(): Buffer {
+    const xBytes = this.x.toBuffer();
+    // Get the least significant bit of y to determine the sign
+    const yLsb = this.y.toBigInt() & 1n;
+    // If y is odd, set the most significant bit (bit 255) of the output
+    if (yLsb === 1n) {
+      xBytes[0] |= 0x80;
+    }
+    return xBytes;
+  }
+
+  equals(other: Bn254G1Point): boolean {
+    return this.x.equals(other.x) && this.y.equals(other.y);
+  }
+
+  toString(): string {
+    return `Bn254G1Point(x: ${this.x.toString()}, y: ${this.y.toString()})`;
+  }
+}
+
+/**
+ * BN254 G2 point using foundation field classes.
+ * Represents a point on the BN254 G2 curve (twist curve) in affine coordinates.
+ * G2 points use extension field coordinates (Fq2).
+ */
+export class Bn254G2Point {
+  constructor(
+    public readonly x: [Fq, Fq],
+    public readonly y: [Fq, Fq],
+  ) {}
+
+  private toBbApiPoint(): BbApiBn254G2Point {
+    return {
+      x: [this.x[0].toBuffer(), this.x[1].toBuffer()],
+      y: [this.y[0].toBuffer(), this.y[1].toBuffer()],
+    };
+  }
+
+  private static fromBbApiPoint(point: BbApiBn254G2Point): Bn254G2Point {
+    return new Bn254G2Point(
+      [Fq.fromBuffer(Buffer.from(point.x[0])), Fq.fromBuffer(Buffer.from(point.x[1]))],
+      [Fq.fromBuffer(Buffer.from(point.y[0])), Fq.fromBuffer(Buffer.from(point.y[1]))],
+    );
+  }
+
+  /**
+   * Get the generator point for BN254 G2, or perform scalar multiplication.
+   * When called without arguments, returns the base generator point.
+   * When called with a scalar, returns scalar * generator.
+   */
+  static async generator(scalar?: Fr): Promise<Bn254G2Point> {
+    if (!scalar) {
+      return new Bn254G2Point(
+        [Fq.fromBuffer(Buffer.from(BN254_G2_GENERATOR.x[0])), Fq.fromBuffer(Buffer.from(BN254_G2_GENERATOR.x[1]))],
+        [Fq.fromBuffer(Buffer.from(BN254_G2_GENERATOR.y[0])), Fq.fromBuffer(Buffer.from(BN254_G2_GENERATOR.y[1]))],
+      );
+    }
+
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+
+    const response = api.bn254G2Mul({
+      point: BN254_G2_GENERATOR as BbApiBn254G2Point,
+      scalar: scalar.toBuffer(),
+    });
+
+    return Bn254G2Point.fromBbApiPoint(response.point);
+  }
+
+  equals(other: Bn254G2Point): boolean {
+    return (
+      this.x[0].equals(other.x[0]) &&
+      this.x[1].equals(other.x[1]) &&
+      this.y[0].equals(other.y[0]) &&
+      this.y[1].equals(other.y[1])
+    );
+  }
+
+  toString(): string {
+    return `Bn254G2Point(x: (${this.x[0].toString()}, ${this.x[1].toString()}), y: (${this.y[0].toString()}, ${this.y[1].toString()}))`;
+  }
+}
+
+// Re-export BN254 point utility functions
+export { computeBn254G1PublicKeyCompressed, computeBn254G1PublicKey, computeBn254G2PublicKey } from './bn254_utils.js';

package/src/crypto/ecdsa/index.ts

@@ -1,7 +1,5 @@
 import { BarretenbergSync } from '@aztec/bb.js';
-import { numToInt32BE } from '@aztec/foundation/serialize';
 
-import { concatenateUint8Arrays } from '../serialize.js';
 import { EcdsaSignature } from './signature.js';
 
 export * from './signature.js';
@@ -11,15 +9,20 @@ export * from './signature.js';
  * TODO: Replace with codegen api on bb.js.
  */
 export class Ecdsa {
+  constructor(private curve: 'secp256k1' | 'secp256r1' = 'secp256k1') {}
   /**
    * Computes a secp256k1 public key from a private key.
    * @param privateKey - Secp256k1 private key.
    * @returns A secp256k1 public key.
    */
   public async computePublicKey(privateKey: Buffer): Promise<Buffer> {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const [result] = api.getWasm().callWasmExport('ecdsa__compute_public_key', [privateKey], [64]);
-    return Buffer.from(result);
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response =
+      this.curve === 'secp256r1'
+        ? api.ecdsaSecp256r1ComputePublicKey({ privateKey })
+        : api.ecdsaSecp256k1ComputePublicKey({ privateKey });
+    return Buffer.concat([Buffer.from(response.publicKey.x), Buffer.from(response.publicKey.y)]);
   }
 
   /**
@@ -29,12 +32,13 @@ export class Ecdsa {
    * @returns An ECDSA signature of the form (r, s, v).
    */
   public async constructSignature(msg: Uint8Array, privateKey: Buffer) {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const messageArray = concatenateUint8Arrays([numToInt32BE(msg.length), msg]);
-    const [r, s, v] = api
-      .getWasm()
-      .callWasmExport('ecdsa__construct_signature_', [messageArray, privateKey], [32, 32, 1]);
-    return new EcdsaSignature(Buffer.from(r), Buffer.from(s), Buffer.from(v));
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response =
+      this.curve === 'secp256r1'
+        ? api.ecdsaSecp256r1ConstructSignature({ message: msg, privateKey })
+        : api.ecdsaSecp256k1ConstructSignature({ message: msg, privateKey });
+    return new EcdsaSignature(Buffer.from(response.r), Buffer.from(response.s), Buffer.from([response.v]));
   }
 
   /**
@@ -44,12 +48,13 @@ export class Ecdsa {
    * @returns The secp256k1 public key of the signer.
    */
   public async recoverPublicKey(msg: Uint8Array, sig: EcdsaSignature): Promise<Buffer> {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const messageArray = concatenateUint8Arrays([numToInt32BE(msg.length), msg]);
-    const [result] = api
-      .getWasm()
-      .callWasmExport('ecdsa__recover_public_key_from_signature_', [messageArray, sig.r, sig.s, sig.v], [64]);
-    return Buffer.from(result);
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response =
+      this.curve === 'secp256r1'
+        ? api.ecdsaSecp256r1RecoverPublicKey({ message: msg, r: sig.r, s: sig.s, v: sig.v[0] })
+        : api.ecdsaSecp256k1RecoverPublicKey({ message: msg, r: sig.r, s: sig.s, v: sig.v[0] });
+    return Buffer.concat([Buffer.from(response.publicKey.x), Buffer.from(response.publicKey.y)]);
   }
 
   /**
@@ -60,11 +65,24 @@ export class Ecdsa {
    * @returns True or false.
    */
   public async verifySignature(msg: Uint8Array, pubKey: Buffer, sig: EcdsaSignature) {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const messageArray = concatenateUint8Arrays([numToInt32BE(msg.length), msg]);
-    const [result] = api
-      .getWasm()
-      .callWasmExport('ecdsa__verify_signature_', [messageArray, pubKey, sig.r, sig.s, sig.v], [1]);
-    return result[0] === 1;
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response =
+      this.curve === 'secp256r1'
+        ? api.ecdsaSecp256r1VerifySignature({
+            message: msg,
+            publicKey: { x: pubKey.subarray(0, 32), y: pubKey.subarray(32, 64) },
+            r: sig.r,
+            s: sig.s,
+            v: sig.v[0],
+          })
+        : api.ecdsaSecp256k1VerifySignature({
+            message: msg,
+            publicKey: { x: pubKey.subarray(0, 32), y: pubKey.subarray(32, 64) },
+            r: sig.r,
+            s: sig.s,
+            v: sig.v[0],
+          });
+    return response.verified;
   }
 }

package/src/crypto/grumpkin/index.ts

@@ -6,31 +6,27 @@ import { Fr, type GrumpkinScalar, Point } from '@aztec/foundation/fields';
  */
 export class Grumpkin {
   // prettier-ignore
-  static generator = Point.fromBuffer(Buffer.from([
+  static readonly generator = Point.fromBuffer(Buffer.from([
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xcf, 0x13, 0x5e, 0x75, 0x06, 0xa4, 0x5d, 0x63,
     0x2d, 0x27, 0x0d, 0x45, 0xf1, 0x18, 0x12, 0x94, 0x83, 0x3f, 0xc4, 0x8d, 0x82, 0x3f, 0x27, 0x2c,
   ]));
 
-  /**
-   * Point generator
-   * @returns The generator for the curve.
-   */
-  public generator(): Point {
-    return Grumpkin.generator;
-  }
-
   /**
    * Multiplies a point by a scalar (adds the point `scalar` amount of times).
    * @param point - Point to multiply.
    * @param scalar - Scalar to multiply by.
    * @returns Result of the multiplication.
    */
-  public async mul(point: Point, scalar: GrumpkinScalar): Promise<Point> {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const [result] = api.getWasm().callWasmExport('ecc_grumpkin__mul', [point.toBuffer(), scalar.toBuffer()], [64]);
-    return Point.fromBuffer(Buffer.from(result));
+  public static async mul(point: Point, scalar: GrumpkinScalar): Promise<Point> {
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response = api.grumpkinMul({
+      point: { x: point.x.toBuffer(), y: point.y.toBuffer() },
+      scalar: scalar.toBuffer(),
+    });
+    return Point.fromBuffer(Buffer.concat([Buffer.from(response.point.x), Buffer.from(response.point.y)]));
   }
 
   /**
@@ -39,10 +35,14 @@ export class Grumpkin {
    * @param b - Point b to add to a
    * @returns Result of the addition.
    */
-  public async add(a: Point, b: Point): Promise<Point> {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const [result] = api.getWasm().callWasmExport('ecc_grumpkin__add', [a.toBuffer(), b.toBuffer()], [64]);
-    return Point.fromBuffer(Buffer.from(result));
+  public static async add(a: Point, b: Point): Promise<Point> {
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response = api.grumpkinAdd({
+      pointA: { x: a.x.toBuffer(), y: a.y.toBuffer() },
+      pointB: { x: b.x.toBuffer(), y: b.y.toBuffer() },
+    });
+    return Point.fromBuffer(Buffer.concat([Buffer.from(response.point.x), Buffer.from(response.point.y)]));
   }
 
   /**
@@ -51,35 +51,26 @@ export class Grumpkin {
    * @param scalar - Scalar to multiply by.
    * @returns Points multiplied by the scalar.
    */
-  public async batchMul(points: Point[], scalar: GrumpkinScalar) {
-    const concatenatedPoints: Buffer = Buffer.concat(points.map(point => point.toBuffer()));
-
-    const pointsByteLength = points.length * Point.SIZE_IN_BYTES;
-
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const [result] = api
-      .getWasm()
-      .callWasmExport(
-        'ecc_grumpkin__batch_mul',
-        [concatenatedPoints, scalar.toBuffer(), points.length],
-        [pointsByteLength],
-      );
+  public static async batchMul(points: Point[], scalar: GrumpkinScalar) {
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response = api.grumpkinBatchMul({
+      points: points.map(p => ({ x: p.x.toBuffer(), y: p.y.toBuffer() })),
+      scalar: scalar.toBuffer(),
+    });
 
-    const parsedResult: Point[] = [];
-    for (let i = 0; i < pointsByteLength; i += 64) {
-      parsedResult.push(Point.fromBuffer(Buffer.from(result.subarray(i, i + 64))));
-    }
-    return parsedResult;
+    return response.points.map(p => Point.fromBuffer(Buffer.concat([Buffer.from(p.x), Buffer.from(p.y)])));
   }
 
   /**
    * Gets a random field element.
    * @returns Random field element.
    */
-  public async getRandomFr(): Promise<Fr> {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const [result] = api.getWasm().callWasmExport('ecc_grumpkin__get_random_scalar_mod_circuit_modulus', [], [32]);
-    return Fr.fromBuffer(Buffer.from(result));
+  public static async getRandomFr(): Promise<Fr> {
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response = api.grumpkinGetRandomFr({ dummy: 0 });
+    return Fr.fromBuffer(Buffer.from(response.value));
   }
 
   /**
@@ -87,11 +78,10 @@ export class Grumpkin {
    * @param uint512Buf - The buffer to convert.
    * @returns Buffer representation of the field element.
    */
-  public async reduce512BufferToFr(uint512Buf: Buffer): Promise<Fr> {
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const [result] = api
-      .getWasm()
-      .callWasmExport('ecc_grumpkin__reduce512_buffer_mod_circuit_modulus', [uint512Buf], [32]);
-    return Fr.fromBuffer(Buffer.from(result));
+  public static async reduce512BufferToFr(uint512Buf: Buffer): Promise<Fr> {
+    await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+    const api = BarretenbergSync.getSingleton();
+    const response = api.grumpkinReduce512({ input: uint512Buf });
+    return Fr.fromBuffer(Buffer.from(response.value));
   }
 }

package/src/crypto/index.ts

@@ -7,8 +7,10 @@ export * from './poseidon/index.js';
 export * from './secp256k1-signer/index.js';
 export * from './keys/index.js';
 export * from './aes128/index.js';
+export * from './bn254/index.js';
 export * from './grumpkin/index.js';
 export * from './ecdsa/index.js';
 export * from './secp256k1/index.js';
 export * from './schnorr/index.js';
 export * from './signature/index.js';
+export * from './bls/index.js';

package/src/crypto/keys/index.ts

@@ -1,10 +1,10 @@
-import { BarretenbergSync, RawBuffer } from '@aztec/bb.js';
+import { BarretenbergSync } from '@aztec/bb.js';
 
 import { Fr } from '../../fields/fields.js';
 
 export async function vkAsFieldsMegaHonk(input: Buffer): Promise<Fr[]> {
-  const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-  const result = api.acirVkAsFieldsMegaHonk(new RawBuffer(input));
-
-  return result.map(bbFr => Fr.fromBuffer(Buffer.from(bbFr.toBuffer()))); // TODO(#4189): remove this conversion
+  await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+  const api = BarretenbergSync.getSingleton();
+  const response = api.megaVkAsFields({ verificationKey: input });
+  return response.fields.map(field => Fr.fromBuffer(Buffer.from(field)));
 }

package/src/crypto/pedersen/pedersen.wasm.ts

@@ -1,4 +1,4 @@
-import { BarretenbergSync, Fr as FrBarretenberg } from '@aztec/bb.js';
+import { BarretenbergSync } from '@aztec/bb.js';
 
 import { Fr } from '../../fields/fields.js';
 import { type Fieldable, serializeToFields } from '../../serialize/serialize.js';
@@ -12,14 +12,13 @@ export async function pedersenCommit(input: Buffer[], offset = 0) {
     throw new Error('All Pedersen Commit input buffers must be <= 32 bytes.');
   }
   input = input.map(i => (i.length < 32 ? Buffer.concat([Buffer.alloc(32 - i.length, 0), i]) : i));
-  const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-  const point = api.pedersenCommit(
-    input.map(i => new FrBarretenberg(i)),
-    offset,
-  );
-  // toBuffer returns Uint8Arrays (browser/worker-boundary friendly).
-  // TODO: rename toTypedArray()?
-  return [Buffer.from(point.x.toBuffer()), Buffer.from(point.y.toBuffer())];
+  await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+  const api = BarretenbergSync.getSingleton();
+  const response = api.pedersenCommit({
+    inputs: input,
+    hashIndex: offset,
+  });
+  return [Buffer.from(response.point.x), Buffer.from(response.point.y)];
 }
 
 /**
@@ -30,19 +29,24 @@ export async function pedersenCommit(input: Buffer[], offset = 0) {
  */
 export async function pedersenHash(input: Fieldable[], index = 0): Promise<Fr> {
   const inputFields = serializeToFields(input);
-  const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-  const hash = api.pedersenHash(
-    inputFields.map(i => new FrBarretenberg(i.toBuffer())), // TODO(#4189): remove this stupid conversion
-    index,
-  );
-  return Fr.fromBuffer(Buffer.from(hash.toBuffer()));
+  await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+  const api = BarretenbergSync.getSingleton();
+  const response = api.pedersenHash({
+    inputs: inputFields.map(i => i.toBuffer()),
+    hashIndex: index,
+  });
+  return Fr.fromBuffer(Buffer.from(response.hash));
 }
 
 /**
  * Create a pedersen hash from an arbitrary length buffer.
  */
 export async function pedersenHashBuffer(input: Buffer, index = 0) {
-  const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-  const result = api.pedersenHashBuffer(input, index);
-  return Buffer.from(result.toBuffer());
+  await BarretenbergSync.initSingleton({ wasmPath: process.env.BB_WASM_PATH });
+  const api = BarretenbergSync.getSingleton();
+  const response = api.pedersenHashBuffer({
+    input,
+    hashIndex: index,
+  });
+  return Buffer.from(response.hash);
 }