@aztec/foundation 3.0.0-canary.a9708bd → 3.0.0-devnet.2-patch.1

package/dest/crypto/poseidon/index.js

@@ -1,5 +1,5 @@
-import { BarretenbergSync, Fr as FrBarretenberg } from '@aztec/bb.js';
-import { Fr } from '../../fields/fields.js';
+import { BarretenbergSync } from '@aztec/bb.js';
+import { Fr } from '../../curves/bn254/field.js';
 import { serializeToFields } from '../../serialize/serialize.js';
 /**
  * Create a poseidon hash (field) from an array of input fields.
@@ -7,9 +7,12 @@ import { serializeToFields } from '../../serialize/serialize.js';
  * @returns The poseidon hash.
  */ export async function poseidon2Hash(input) {
     const inputFields = serializeToFields(input);
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const hash = api.poseidon2Hash(inputFields.map((i)=>new FrBarretenberg(i.toBuffer())));
-    return Fr.fromBuffer(Buffer.from(hash.toBuffer()));
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+    const response = api.poseidon2Hash({
+        inputs: inputFields.map((i)=>i.toBuffer())
+    });
+    return Fr.fromBuffer(Buffer.from(response.hash));
 }
 /**
  * Create a poseidon hash (field) from an array of input fields and a domain separator.
@@ -19,15 +22,21 @@ import { serializeToFields } from '../../serialize/serialize.js';
  */ export async function poseidon2HashWithSeparator(input, separator) {
     const inputFields = serializeToFields(input);
     inputFields.unshift(new Fr(separator));
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const hash = api.poseidon2Hash(inputFields.map((i)=>new FrBarretenberg(i.toBuffer())));
-    return Fr.fromBuffer(Buffer.from(hash.toBuffer()));
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+    const response = api.poseidon2Hash({
+        inputs: inputFields.map((i)=>i.toBuffer())
+    });
+    return Fr.fromBuffer(Buffer.from(response.hash));
 }
 export async function poseidon2HashAccumulate(input) {
     const inputFields = serializeToFields(input);
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const result = api.poseidon2HashAccumulate(inputFields.map((i)=>new FrBarretenberg(i.toBuffer())));
-    return Fr.fromBuffer(Buffer.from(result.toBuffer()));
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+    const response = api.poseidon2HashAccumulate({
+        inputs: inputFields.map((i)=>i.toBuffer())
+    });
+    return Fr.fromBuffer(Buffer.from(response.hash));
 }
 /**
  * Runs a Poseidon2 permutation.
@@ -37,11 +46,14 @@ export async function poseidon2HashAccumulate(input) {
     const inputFields = serializeToFields(input);
     // We'd like this assertion but it's not possible to use it in the browser.
     // assert(input.length === 4, 'Input state must be of size 4');
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const res = api.poseidon2Permutation(inputFields.map((i)=>new FrBarretenberg(i.toBuffer())));
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+    const response = api.poseidon2Permutation({
+        inputs: inputFields.map((i)=>i.toBuffer())
+    });
     // We'd like this assertion but it's not possible to use it in the browser.
-    // assert(res.length === 4, 'Output state must be of size 4');
-    return res.map((o)=>Fr.fromBuffer(Buffer.from(o.toBuffer())));
+    // assert(response.outputs.length === 4, 'Output state must be of size 4');
+    return response.outputs.map((o)=>Fr.fromBuffer(Buffer.from(o)));
 }
 export async function poseidon2HashBytes(input) {
     const inputFields = [];
@@ -52,7 +64,10 @@ export async function poseidon2HashBytes(input) {
         fieldBytes.reverse();
         inputFields.push(Fr.fromBuffer(fieldBytes));
     }
-    const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-    const res = api.poseidon2Hash(inputFields.map((i)=>new FrBarretenberg(i.toBuffer())));
-    return Fr.fromBuffer(Buffer.from(res.toBuffer()));
+    await BarretenbergSync.initSingleton();
+    const api = BarretenbergSync.getSingleton();
+    const response = api.poseidon2Hash({
+        inputs: inputFields.map((i)=>i.toBuffer())
+    });
+    return Fr.fromBuffer(Buffer.from(response.hash));
 }

package/dest/crypto/random/index.d.ts

@@ -20,4 +20,4 @@ export declare const randomBigInt: (max: bigint) => bigint;
  * @returns A random boolean value.
  */
 export declare const randomBoolean: () => boolean;
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vcmFuZG9tL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUlBLGVBQU8sTUFBTSxXQUFXLDBDQU92QixDQUFDO0FBRUY7Ozs7OztHQU1HO0FBQ0gsZUFBTyxNQUFNLFNBQVMseUJBSXJCLENBQUM7QUFFRjs7Ozs7O0dBTUc7QUFDSCxlQUFPLE1BQU0sWUFBWSx5QkFJeEIsQ0FBQztBQUVGOzs7R0FHRztBQUNILGVBQU8sTUFBTSxhQUFhLGVBR3pCLENBQUMifQ==

package/dest/crypto/random/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/random/index.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,WAAW,GAAI,KAAK,MAAM,4BAOtC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,SAAS,GAAI,KAAK,MAAM,WAIpC,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,YAAY,GAAI,KAAK,MAAM,WAIvC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,aAAa,eAGzB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/random/index.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,WAAW,0CAOvB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,SAAS,yBAIrB,CAAC;AAEF;;;;;;GAMG;AACH,eAAO,MAAM,YAAY,yBAIxB,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,aAAa,eAGzB,CAAC"}

package/dest/crypto/random/randomness_singleton.d.ts

@@ -20,4 +20,4 @@ export declare class RandomnessSingleton {
     isDeterministic(): boolean;
     getBytes(length: number): Buffer;
 }
-//# sourceMappingURL=randomness_singleton.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmFuZG9tbmVzc19zaW5nbGV0b24uZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vcmFuZG9tL3JhbmRvbW5lc3Nfc2luZ2xldG9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUVBOzs7Ozs7O0dBT0c7QUFDSCxxQkFBYSxtQkFBbUI7SUFNNUIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7SUFDdEIsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHO0lBTnRCLE9BQU8sQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFzQjtJQUU3QyxPQUFPLENBQUMsT0FBTyxDQUFLO0lBRXBCLE9BQU8sZUFVTjtJQUVELE9BQWMsV0FBVyxJQUFJLG1CQUFtQixDQU8vQztJQUVEOzs7T0FHRztJQUNJLGVBQWUsSUFBSSxPQUFPLENBRWhDO0lBRU0sUUFBUSxDQUFDLE1BQU0sRUFBRSxNQUFNLEdBQUcsTUFBTSxDQWdCdEM7Q0FDRiJ9

package/dest/crypto/random/randomness_singleton.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"randomness_singleton.d.ts","sourceRoot":"","sources":["../../../src/crypto/random/randomness_singleton.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,qBAAa,mBAAmB;IAM5B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;IACtB,OAAO,CAAC,QAAQ,CAAC,GAAG;IANtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAsB;IAE7C,OAAO,CAAC,OAAO,CAAK;IAEpB,OAAO;WAYO,WAAW,IAAI,mBAAmB;IAShD;;;OAGG;IACI,eAAe,IAAI,OAAO;IAI1B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM;CAiBxC"}
+{"version":3,"file":"randomness_singleton.d.ts","sourceRoot":"","sources":["../../../src/crypto/random/randomness_singleton.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,qBAAa,mBAAmB;IAM5B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;IACtB,OAAO,CAAC,QAAQ,CAAC,GAAG;IANtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAsB;IAE7C,OAAO,CAAC,OAAO,CAAK;IAEpB,OAAO,eAUN;IAED,OAAc,WAAW,IAAI,mBAAmB,CAO/C;IAED;;;OAGG;IACI,eAAe,IAAI,OAAO,CAEhC;IAEM,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAgBtC;CACF"}

package/dest/crypto/schnorr/index.d.ts

@@ -1,4 +1,5 @@
-import { type GrumpkinScalar, Point } from '@aztec/foundation/fields';
+import type { GrumpkinScalar } from '@aztec/foundation/curves/grumpkin';
+import { Point } from '@aztec/foundation/curves/grumpkin';
 import { SchnorrSignature } from './signature.js';
 export * from './signature.js';
 /**
@@ -27,4 +28,4 @@ export declare class Schnorr {
      */
     verifySignature(msg: Uint8Array, pubKey: Point, sig: SchnorrSignature): Promise<boolean>;
 }
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vc2Nobm9yci9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFDQSxPQUFPLEtBQUssRUFBRSxjQUFjLEVBQUUsTUFBTSxtQ0FBbUMsQ0FBQztBQUN4RSxPQUFPLEVBQUUsS0FBSyxFQUFFLE1BQU0sbUNBQW1DLENBQUM7QUFFMUQsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sZ0JBQWdCLENBQUM7QUFFbEQsY0FBYyxnQkFBZ0IsQ0FBQztBQUUvQjs7R0FFRztBQUNILHFCQUFhLE9BQU87SUFDbEI7Ozs7T0FJRztJQUNVLGdCQUFnQixDQUFDLFVBQVUsRUFBRSxjQUFjLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxDQUt4RTtJQUVEOzs7OztPQUtHO0lBQ1Usa0JBQWtCLENBQUMsR0FBRyxFQUFFLFVBQVUsRUFBRSxVQUFVLEVBQUUsY0FBYyw2QkFRMUU7SUFFRDs7Ozs7O09BTUc7SUFDVSxlQUFlLENBQUMsR0FBRyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsS0FBSyxFQUFFLEdBQUcsRUFBRSxnQkFBZ0Isb0JBVWpGO0NBQ0YifQ==

package/dest/crypto/schnorr/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/schnorr/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,cAAc,EAAE,KAAK,EAAE,MAAM,0BAA0B,CAAC;AAItE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElD,cAAc,gBAAgB,CAAC;AAE/B;;GAEG;AACH,qBAAa,OAAO;IAClB;;;;OAIG;IACU,gBAAgB,CAAC,UAAU,EAAE,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC;IAMzE;;;;;OAKG;IACU,kBAAkB,CAAC,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE,cAAc;IAS3E;;;;;;OAMG;IACU,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,gBAAgB;CAQnF"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/schnorr/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AACxE,OAAO,EAAE,KAAK,EAAE,MAAM,mCAAmC,CAAC;AAE1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAElD,cAAc,gBAAgB,CAAC;AAE/B;;GAEG;AACH,qBAAa,OAAO;IAClB;;;;OAIG;IACU,gBAAgB,CAAC,UAAU,EAAE,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,CAKxE;IAED;;;;;OAKG;IACU,kBAAkB,CAAC,GAAG,EAAE,UAAU,EAAE,UAAU,EAAE,cAAc,6BAQ1E;IAED;;;;;;OAMG;IACU,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,gBAAgB,oBAUjF;CACF"}

package/dest/crypto/schnorr/index.js

@@ -1,7 +1,5 @@
 import { BarretenbergSync } from '@aztec/bb.js';
-import { Point } from '@aztec/foundation/fields';
-import { numToInt32BE } from '@aztec/foundation/serialize';
-import { concatenateUint8Arrays } from '../serialize.js';
+import { Point } from '@aztec/foundation/curves/grumpkin';
 import { SchnorrSignature } from './signature.js';
 export * from './signature.js';
 /**
@@ -12,13 +10,15 @@ export * from './signature.js';
    * @param privateKey - The private key.
    * @returns A grumpkin public key.
    */ async computePublicKey(privateKey) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const [result] = api.getWasm().callWasmExport('schnorr_compute_public_key', [
-            privateKey.toBuffer()
-        ], [
-            64
-        ]);
-        return Point.fromBuffer(Buffer.from(result));
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = api.schnorrComputePublicKey({
+            privateKey: privateKey.toBuffer()
+        });
+        return Point.fromBuffer(Buffer.concat([
+            Buffer.from(response.publicKey.x),
+            Buffer.from(response.publicKey.y)
+        ]));
     }
     /**
    * Constructs a Schnorr signature given a msg and a private key.
@@ -26,21 +26,15 @@ export * from './signature.js';
    * @param privateKey - The private key of the signer.
    * @returns A Schnorr signature of the form (s, e).
    */ async constructSignature(msg, privateKey) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const messageArray = concatenateUint8Arrays([
-            numToInt32BE(msg.length),
-            msg
-        ]);
-        const [s, e] = api.getWasm().callWasmExport('schnorr_construct_signature', [
-            messageArray,
-            privateKey.toBuffer()
-        ], [
-            32,
-            32
-        ]);
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = api.schnorrConstructSignature({
+            message: msg,
+            privateKey: privateKey.toBuffer()
+        });
         return new SchnorrSignature(Buffer.from([
-            ...s,
-            ...e
+            ...response.s,
+            ...response.e
         ]));
     }
     /**
@@ -50,19 +44,17 @@ export * from './signature.js';
    * @param sig - The Schnorr signature.
    * @returns True or false.
    */ async verifySignature(msg, pubKey, sig) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const messageArray = concatenateUint8Arrays([
-            numToInt32BE(msg.length),
-            msg
-        ]);
-        const [result] = api.getWasm().callWasmExport('schnorr_verify_signature', [
-            messageArray,
-            pubKey.toBuffer(),
-            sig.s,
-            sig.e
-        ], [
-            1
-        ]);
-        return result[0] === 1;
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = api.schnorrVerifySignature({
+            message: msg,
+            publicKey: {
+                x: pubKey.x.toBuffer(),
+                y: pubKey.y.toBuffer()
+            },
+            s: sig.s,
+            e: sig.e
+        });
+        return response.verified;
     }
 }

package/dest/crypto/schnorr/signature.d.ts

@@ -1,4 +1,4 @@
-import { Fr } from '@aztec/foundation/fields';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import { BufferReader } from '@aztec/foundation/serialize';
 import type { Signature } from '../signature/index.js';
 /**
@@ -65,4 +65,4 @@ export declare class SchnorrSignature implements Signature {
      */
     toFields(): Fr[];
 }
-//# sourceMappingURL=signature.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmF0dXJlLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY3J5cHRvL3NjaG5vcnIvc2lnbmF0dXJlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUNBLE9BQU8sRUFBRSxFQUFFLEVBQUUsTUFBTSxnQ0FBZ0MsQ0FBQztBQUNwRCxPQUFPLEVBQUUsWUFBWSxFQUFZLE1BQU0sNkJBQTZCLENBQUM7QUFFckUsT0FBTyxLQUFLLEVBQUUsU0FBUyxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFFdkQ7OztHQUdHO0FBQ0gscUJBQWEsZ0JBQWlCLFlBQVcsU0FBUztJQVdwQyxPQUFPLENBQUMsTUFBTTtJQVYxQjs7T0FFRztJQUNILE9BQWMsSUFBSSxTQUFNO0lBRXhCOztPQUVHO0lBQ0gsT0FBYyxLQUFLLG1CQUEwQztJQUU3RCxZQUFvQixNQUFNLEVBQUUsTUFBTSxFQUlqQztJQUVEOzs7O09BSUc7SUFDSCxPQUFjLFdBQVcsQ0FBQyxTQUFTLEVBQUUsTUFBTSxXQUUxQztJQUVEOzs7O09BSUc7SUFDSCxPQUFjLFVBQVUsQ0FBQyxTQUFTLEVBQUUsTUFBTSxvQkFLekM7SUFFRDs7O09BR0c7SUFDSCxPQUFjLE1BQU0scUJBRW5CO0lBRUQ7OztPQUdHO0lBQ0gsSUFBSSxDQUFDLDRCQUVKO0lBRUQ7OztPQUdHO0lBQ0gsSUFBSSxDQUFDLDRCQUVKO0lBRUQ7OztPQUdHO0lBQ0gsUUFBUSw0QkFFUDtJQUVEOzs7O09BSUc7SUFDSCxNQUFNLENBQUMsVUFBVSxDQUFDLE1BQU0sRUFBRSxNQUFNLEdBQUcsWUFBWSxHQUFHLGdCQUFnQixDQUdqRTtJQUVEOzs7T0FHRztJQUNILFFBQVEsV0FFUDtJQUVEOzs7T0FHRztJQUNILFFBQVEsSUFBSSxFQUFFLEVBQUUsQ0FZZjtDQUNGIn0=

package/dest/crypto/schnorr/signature.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"signature.d.ts","sourceRoot":"","sources":["../../../src/crypto/schnorr/signature.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,EAAE,EAAE,MAAM,0BAA0B,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAY,MAAM,6BAA6B,CAAC;AAErE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;GAGG;AACH,qBAAa,gBAAiB,YAAW,SAAS;IAWpC,OAAO,CAAC,MAAM;IAV1B;;OAEG;IACH,OAAc,IAAI,SAAM;IAExB;;OAEG;IACH,OAAc,KAAK,mBAA0C;gBAEzC,MAAM,EAAE,MAAM;IAMlC;;;;OAIG;WACW,WAAW,CAAC,SAAS,EAAE,MAAM;IAI3C;;;;OAIG;WACW,UAAU,CAAC,SAAS,EAAE,MAAM;IAO1C;;;OAGG;WACW,MAAM;IAIpB;;;OAGG;IACH,IAAI,CAAC,4BAEJ;IAED;;;OAGG;IACH,IAAI,CAAC,4BAEJ;IAED;;;OAGG;IACH,QAAQ;IAIR;;;;OAIG;IACH,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,GAAG,gBAAgB;IAKlE;;;OAGG;IACH,QAAQ;IAIR;;;OAGG;IACH,QAAQ,IAAI,EAAE,EAAE;CAajB"}
+{"version":3,"file":"signature.d.ts","sourceRoot":"","sources":["../../../src/crypto/schnorr/signature.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,EAAE,EAAE,MAAM,gCAAgC,CAAC;AACpD,OAAO,EAAE,YAAY,EAAY,MAAM,6BAA6B,CAAC;AAErE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD;;;GAGG;AACH,qBAAa,gBAAiB,YAAW,SAAS;IAWpC,OAAO,CAAC,MAAM;IAV1B;;OAEG;IACH,OAAc,IAAI,SAAM;IAExB;;OAEG;IACH,OAAc,KAAK,mBAA0C;IAE7D,YAAoB,MAAM,EAAE,MAAM,EAIjC;IAED;;;;OAIG;IACH,OAAc,WAAW,CAAC,SAAS,EAAE,MAAM,WAE1C;IAED;;;;OAIG;IACH,OAAc,UAAU,CAAC,SAAS,EAAE,MAAM,oBAKzC;IAED;;;OAGG;IACH,OAAc,MAAM,qBAEnB;IAED;;;OAGG;IACH,IAAI,CAAC,4BAEJ;IAED;;;OAGG;IACH,IAAI,CAAC,4BAEJ;IAED;;;OAGG;IACH,QAAQ,4BAEP;IAED;;;;OAIG;IACH,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,YAAY,GAAG,gBAAgB,CAGjE;IAED;;;OAGG;IACH,QAAQ,WAEP;IAED;;;OAGG;IACH,QAAQ,IAAI,EAAE,EAAE,CAYf;CACF"}

package/dest/crypto/schnorr/signature.js

@@ -1,5 +1,5 @@
-import { randomBytes } from '@aztec/foundation/crypto';
-import { Fr } from '@aztec/foundation/fields';
+import { randomBytes } from '@aztec/foundation/crypto/random';
+import { Fr } from '@aztec/foundation/curves/bn254';
 import { BufferReader, mapTuple } from '@aztec/foundation/serialize';
 /**
  * Schnorr signature used for transactions.

package/dest/crypto/secp256k1/index.d.ts

@@ -27,4 +27,4 @@ export declare class Secp256k1 {
      */
     reduce512BufferToFr(uint512Buf: Buffer): Promise<Buffer<ArrayBuffer>>;
 }
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vc2VjcDI1NmsxL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUVBOztHQUVHO0FBQ0gscUJBQWEsU0FBUztJQUVwQixNQUFNLENBQUMsU0FBUyxzQkFLYjtJQUVIOzs7T0FHRztJQUNJLFNBQVMsSUFBSSxNQUFNLENBRXpCO0lBRUQ7Ozs7O09BS0c7SUFDVSxHQUFHLENBQUMsS0FBSyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsVUFBVSxnQ0FRckQ7SUFFRDs7O09BR0c7SUFDVSxXQUFXLGlDQUt2QjtJQUVEOzs7O09BSUc7SUFDVSxtQkFBbUIsQ0FBQyxVQUFVLEVBQUUsTUFBTSxnQ0FLbEQ7Q0FDRiJ9

package/dest/crypto/secp256k1/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/secp256k1/index.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,qBAAa,SAAS;IAEpB,MAAM,CAAC,SAAS,sBAKb;IAEH;;;OAGG;IACI,SAAS,IAAI,MAAM;IAI1B;;;;;OAKG;IACU,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU;IAMtD;;;OAGG;IACU,WAAW;IAMxB;;;;OAIG;IACU,mBAAmB,CAAC,UAAU,EAAE,MAAM;CAOpD"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/secp256k1/index.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,qBAAa,SAAS;IAEpB,MAAM,CAAC,SAAS,sBAKb;IAEH;;;OAGG;IACI,SAAS,IAAI,MAAM,CAEzB;IAED;;;;;OAKG;IACU,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,gCAQrD;IAED;;;OAGG;IACU,WAAW,iCAKvB;IAED;;;;OAIG;IACU,mBAAmB,CAAC,UAAU,EAAE,MAAM,gCAKlD;CACF"}

package/dest/crypto/secp256k1/index.js

@@ -81,36 +81,41 @@ import { BarretenbergSync } from '@aztec/bb.js';
    * @param scalar - Scalar to multiply by.
    * @returns Result of the multiplication.
    */ async mul(point, scalar) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const [result] = api.getWasm().callWasmExport('ecc_secp256k1__mul', [
-            point,
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = api.secp256k1Mul({
+            point: {
+                x: point.subarray(0, 32),
+                y: point.subarray(32, 64)
+            },
             scalar
-        ], [
-            64
+        });
+        return Buffer.concat([
+            Buffer.from(response.point.x),
+            Buffer.from(response.point.y)
         ]);
-        return Buffer.from(result);
     }
     /**
    * Gets a random field element.
    * @returns Random field element.
    */ async getRandomFr() {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const [result] = api.getWasm().callWasmExport('ecc_secp256k1__get_random_scalar_mod_circuit_modulus', [], [
-            32
-        ]);
-        return Buffer.from(result);
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = api.secp256k1GetRandomFr({
+            dummy: 0
+        });
+        return Buffer.from(response.value);
     }
     /**
    * Converts a 512 bits long buffer to a field.
    * @param uint512Buf - The buffer to convert.
    * @returns Buffer representation of the field element.
    */ async reduce512BufferToFr(uint512Buf) {
-        const api = await BarretenbergSync.initSingleton(process.env.BB_WASM_PATH);
-        const [result] = api.getWasm().callWasmExport('ecc_secp256k1__reduce512_buffer_mod_circuit_modulus', [
-            uint512Buf
-        ], [
-            32
-        ]);
-        return Buffer.from(result);
+        await BarretenbergSync.initSingleton();
+        const api = BarretenbergSync.getSingleton();
+        const response = api.secp256k1Reduce512({
+            input: uint512Buf
+        });
+        return Buffer.from(response.value);
     }
 }

package/dest/crypto/secp256k1-signer/index.d.ts

@@ -1,3 +1,3 @@
 export * from './secp256k1_signer.js';
 export * from './utils.js';
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vc2VjcDI1NmsxLXNpZ25lci9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxjQUFjLHVCQUF1QixDQUFDO0FBQ3RDLGNBQWMsWUFBWSxDQUFDIn0=

package/dest/crypto/secp256k1-signer/secp256k1_signer.d.ts

@@ -21,4 +21,4 @@ export declare class Secp256k1Signer {
     signMessage(message: Buffer32): Signature;
     static random(): Secp256k1Signer;
 }
-//# sourceMappingURL=secp256k1_signer.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjcDI1NmsxX3NpZ25lci5kLnRzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NyeXB0by9zZWNwMjU2azEtc2lnbmVyL3NlY3AyNTZrMV9zaWduZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLDBCQUEwQixDQUFDO0FBQ3BELE9BQU8sS0FBSyxFQUFFLFVBQVUsRUFBRSxNQUFNLCtCQUErQixDQUFDO0FBQ2hFLE9BQU8sS0FBSyxFQUFFLFNBQVMsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBSWpFOzs7Ozs7R0FNRztBQUNILHFCQUFhLGVBQWU7SUFHZCxPQUFPLENBQUMsVUFBVTtJQUY5QixTQUFnQixPQUFPLEVBQUUsVUFBVSxDQUFDO0lBRXBDLFlBQW9CLFVBQVUsRUFBRSxRQUFRLEVBRXZDO0lBRUQsSUFBSSxDQUFDLE9BQU8sRUFBRSxRQUFRLEdBQUcsU0FBUyxDQUVqQztJQUVEOzs7O09BSUc7SUFDSCxXQUFXLENBQUMsT0FBTyxFQUFFLFFBQVEsR0FBRyxTQUFTLENBR3hDO0lBRUQsTUFBTSxDQUFDLE1BQU0sSUFBSSxlQUFlLENBRS9CO0NBQ0YifQ==

package/dest/crypto/secp256k1-signer/secp256k1_signer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"secp256k1_signer.d.ts","sourceRoot":"","sources":["../../../src/crypto/secp256k1-signer/secp256k1_signer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAIjE;;;;;;GAMG;AACH,qBAAa,eAAe;IAGd,OAAO,CAAC,UAAU;IAF9B,SAAgB,OAAO,EAAE,UAAU,CAAC;gBAEhB,UAAU,EAAE,QAAQ;IAIxC,IAAI,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS;IAIlC;;;;OAIG;IACH,WAAW,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS;IAKzC,MAAM,CAAC,MAAM,IAAI,eAAe;CAGjC"}
+{"version":3,"file":"secp256k1_signer.d.ts","sourceRoot":"","sources":["../../../src/crypto/secp256k1-signer/secp256k1_signer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iCAAiC,CAAC;AAIjE;;;;;;GAMG;AACH,qBAAa,eAAe;IAGd,OAAO,CAAC,UAAU;IAF9B,SAAgB,OAAO,EAAE,UAAU,CAAC;IAEpC,YAAoB,UAAU,EAAE,QAAQ,EAEvC;IAED,IAAI,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAEjC;IAED;;;;OAIG;IACH,WAAW,CAAC,OAAO,EAAE,QAAQ,GAAG,SAAS,CAGxC;IAED,MAAM,CAAC,MAAM,IAAI,eAAe,CAE/B;CACF"}

package/dest/crypto/secp256k1-signer/utils.d.ts

@@ -1,6 +1,24 @@
 import { Buffer32 } from '../../buffer/buffer32.js';
 import { EthAddress } from '../../eth-address/index.js';
 import { Signature } from '../../eth-signature/eth_signature.js';
+/** Signature recovery options */
+type RecoveryOpts = {
+    /**
+     * Whether to allow s-values in the high half of the curve (s >= CURVE.n/2).
+     * These are discouraged by EIP2 to prevent signature malleability, and outright
+     * rejected in OpenZeppelin's ECDSA recover, which we use in our Rollup contract.
+     */
+    allowMalleable?: boolean;
+    /**
+     * Whether to allow an y-parity 0-1 bit instead of the standard v value 27-28.
+     */
+    allowYParityAsV?: boolean;
+};
+export declare class Secp256k1Error extends Error {
+    constructor(message: string, opts?: {
+        cause: unknown;
+    });
+}
 export declare function makeEthSignDigest(message: Buffer32): Buffer32;
 /**
  * Converts a private key to a public key.
@@ -18,9 +36,19 @@ export declare function addressFromPrivateKey(privateKey: Buffer): EthAddress;
  * Recovers an address from a hash and a signature.
  * @param hash - The hash to recover the address from.
  * @param signature - The signature to recover the address from.
+ * @param opts - Recovery options.
  * @returns The address.
+ * @throws Error if signature recovery fails or if signature is malleable and allowMalleable is false.
  */
-export declare function recoverAddress(hash: Buffer32, signature: Signature): EthAddress;
+export declare function recoverAddress(hash: Buffer32, signature: Signature, opts?: RecoveryOpts): EthAddress;
+/**
+ * Safely attempts to recover an address from a hash and a signature.
+ * @param hash - The hash to recover the address from.
+ * @param signature - The signature to recover the address from.
+ * @param opts - Recovery options.
+ * @returns The address if recovery succeeds, undefined otherwise.
+ */
+export declare function tryRecoverAddress(hash: Buffer32, signature: Signature, opts?: RecoveryOpts): EthAddress | undefined;
 /**
  * @attribution - viem
  * Converts a yParityOrV value to a recovery bit.
@@ -35,11 +63,29 @@ export declare function toRecoveryBit(yParityOrV: number): 0 | 1;
  * @returns The signature.
  */
 export declare function signMessage(message: Buffer32, privateKey: Buffer): Signature;
+/**
+ * Flips an ECDSA signature.
+ * If the signature has a low s-value (s < CURVE.n/2), it flips it to high s-value (CURVE.n - s) and vice versa.
+ * Also flips the v value accordingly (27 <-> 28, or 0 <-> 1).
+ * This is useful for testing signature malleability handling.
+ * @param signature - The signature to flip.
+ * @returns A new signature with flipped s-value and v-value.
+ */
+export declare function flipSignature(signature: Signature): Signature;
+/**
+ * Normalizes an ECDSA signature.
+ * If the signature has a high s-value (s >= CURVE.n/2), it flips it to low s-value (CURVE.n - s), and flips v accordingly.
+ * If the signature uses a recovery bit of 0/1, it is converted to a v-value 27/28 for ecrecover.
+ * @remarks This does not handle post EIP155 tx signatures which embed the chain id in v. Use it only for feeding into ECRECOVER precompiles.
+ * @param signature - The signature to normalize.
+ */
+export declare function normalizeSignature(signature: Signature): Signature;
 /**
  * Recovers a public key from a hash and a signature.
  * @param hash - The hash to recover the public key from.
  * @param signature - The signature to recover the public key from.
  * @returns The public key.
  */
-export declare function recoverPublicKey(hash: Buffer32, signature: Signature): Buffer;
-//# sourceMappingURL=utils.d.ts.map
+export declare function recoverPublicKey(hash: Buffer32, signature: Signature, opts?: RecoveryOpts): Buffer;
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbHMuZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vc2VjcDI1NmsxLXNpZ25lci91dGlscy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFFQSxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFDcEQsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLDRCQUE0QixDQUFDO0FBQ3hELE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxzQ0FBc0MsQ0FBQztBQUtqRSxpQ0FBaUM7QUFDakMsS0FBSyxZQUFZLEdBQUc7SUFDbEI7Ozs7T0FJRztJQUNILGNBQWMsQ0FBQyxFQUFFLE9BQU8sQ0FBQztJQUN6Qjs7T0FFRztJQUNILGVBQWUsQ0FBQyxFQUFFLE9BQU8sQ0FBQztDQUMzQixDQUFDO0FBRUYscUJBQWEsY0FBZSxTQUFRLEtBQUs7SUFDdkMsWUFBWSxPQUFPLEVBQUUsTUFBTSxFQUFFLElBQUksQ0FBQyxFQUFFO1FBQUUsS0FBSyxFQUFFLE9BQU8sQ0FBQTtLQUFFLEVBR3JEO0NBQ0Y7QUFHRCx3QkFBZ0IsaUJBQWlCLENBQUMsT0FBTyxFQUFFLFFBQVEsR0FBRyxRQUFRLENBRzdEO0FBWUQ7Ozs7R0FJRztBQUNILHdCQUFnQix1QkFBdUIsQ0FBQyxVQUFVLEVBQUUsTUFBTSxHQUFHLE1BQU0sQ0FFbEU7QUFFRDs7OztHQUlHO0FBQ0gsd0JBQWdCLHFCQUFxQixDQUFDLFVBQVUsRUFBRSxNQUFNLEdBQUcsVUFBVSxDQUdwRTtBQUVEOzs7Ozs7O0dBT0c7QUFDSCx3QkFBZ0IsY0FBYyxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsRUFBRSxZQUFZLEdBQUcsVUFBVSxDQVVwRztBQUVEOzs7Ozs7R0FNRztBQUNILHdCQUFnQixpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxTQUFTLEVBQUUsSUFBSSxDQUFDLEVBQUUsWUFBWSxHQUFHLFVBQVUsR0FBRyxTQUFTLENBT25IO0FBRUQ7Ozs7O0dBS0c7QUFDSCx3QkFBZ0IsYUFBYSxDQUFDLFVBQVUsRUFBRSxNQUFNLFNBVy9DO0FBRUQ7Ozs7O0dBS0c7QUFDSCx3QkFBZ0IsV0FBVyxDQUFDLE9BQU8sRUFBRSxRQUFRLEVBQUUsVUFBVSxFQUFFLE1BQU0sYUFHaEU7QUFFRDs7Ozs7OztHQU9HO0FBQ0gsd0JBQWdCLGFBQWEsQ0FBQyxTQUFTLEVBQUUsU0FBUyxHQUFHLFNBQVMsQ0FNN0Q7QUFFRDs7Ozs7O0dBTUc7QUFDSCx3QkFBZ0Isa0JBQWtCLENBQUMsU0FBUyxFQUFFLFNBQVMsR0FBRyxTQUFTLENBVWxFO0FBNkJEOzs7OztHQUtHO0FBQ0gsd0JBQWdCLGdCQUFnQixDQUFDLElBQUksRUFBRSxRQUFRLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxJQUFJLEdBQUUsWUFBaUIsR0FBRyxNQUFNLENBWXRHIn0=

package/dest/crypto/secp256k1-signer/utils.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/crypto/secp256k1-signer/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,sCAAsC,CAAC;AAMjE,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,QAAQ,GAAG,QAAQ,CAG7D;AAYD;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAElE;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,CAGpE;AAED;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,GAAG,UAAU,CAS/E;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,UAAU,EAAE,MAAM,SAW/C;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,aAGhE;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,GAAG,MAAM,CAM7E"}
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/crypto/secp256k1-signer/utils.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,sCAAsC,CAAC;AAKjE,iCAAiC;AACjC,KAAK,YAAY,GAAG;IAClB;;;;OAIG;IACH,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;OAEG;IACH,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B,CAAC;AAEF,qBAAa,cAAe,SAAQ,KAAK;IACvC,YAAY,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QAAE,KAAK,EAAE,OAAO,CAAA;KAAE,EAGrD;CACF;AAGD,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,QAAQ,GAAG,QAAQ,CAG7D;AAYD;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAElE;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,GAAG,UAAU,CAGpE;AAED;;;;;;;GAOG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,YAAY,GAAG,UAAU,CAUpG;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,EAAE,YAAY,GAAG,UAAU,GAAG,SAAS,CAOnH;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,UAAU,EAAE,MAAM,SAW/C;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,aAGhE;AAED;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,SAAS,GAAG,SAAS,CAM7D;AAED;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,SAAS,GAAG,SAAS,CAUlE;AA6BD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,GAAE,YAAiB,GAAG,MAAM,CAYtG"}

package/dest/crypto/secp256k1-signer/utils.js

@@ -4,6 +4,12 @@ import { EthAddress } from '../../eth-address/index.js';
 import { Signature } from '../../eth-signature/eth_signature.js';
 import { keccak256 } from '../keccak/index.js';
 const ETH_SIGN_PREFIX = '\x19Ethereum Signed Message:\n32';
+export class Secp256k1Error extends Error {
+    constructor(message, opts){
+        super(message, opts);
+        this.name = 'Secp256k1Error';
+    }
+}
 // We just hash the message to make it easier to work with in the smart contract.
 export function makeEthSignDigest(message) {
     const prefix = Buffer.from(ETH_SIGN_PREFIX);
@@ -39,13 +45,31 @@ export function makeEthSignDigest(message) {
  * Recovers an address from a hash and a signature.
  * @param hash - The hash to recover the address from.
  * @param signature - The signature to recover the address from.
+ * @param opts - Recovery options.
  * @returns The address.
- */ export function recoverAddress(hash, signature) {
+ * @throws Error if signature recovery fails or if signature is malleable and allowMalleable is false.
+ */ export function recoverAddress(hash, signature, opts) {
     try {
-        const publicKey = recoverPublicKey(hash, signature);
+        const publicKey = recoverPublicKey(hash, signature, opts);
         return publicKeyToAddress(publicKey);
     } catch (err) {
-        throw new Error(`Error recovering Ethereum address from hash ${hash.toString()} and signature ${signature.toString()}: ${err}`);
+        throw new Secp256k1Error(`Error recovering Ethereum address from hash ${hash.toString()} and signature ${signature.toString()}`, {
+            cause: err
+        });
+    }
+}
+/**
+ * Safely attempts to recover an address from a hash and a signature.
+ * @param hash - The hash to recover the address from.
+ * @param signature - The signature to recover the address from.
+ * @param opts - Recovery options.
+ * @returns The address if recovery succeeds, undefined otherwise.
+ */ export function tryRecoverAddress(hash, signature, opts) {
+    try {
+        const publicKey = recoverPublicKey(hash, signature, opts);
+        return publicKeyToAddress(publicKey);
+    } catch  {
+        return undefined;
     }
 }
 /**
@@ -63,7 +87,7 @@ export function makeEthSignDigest(message) {
     if (yParityOrV === 28) {
         return 1;
     }
-    throw new Error('Invalid yParityOrV value');
+    throw new Secp256k1Error(`Invalid yParityOrV value ${yParityOrV}`);
 }
 /**
  * Signs a message using ecdsa over the secp256k1 curve.
@@ -74,15 +98,73 @@ export function makeEthSignDigest(message) {
     const { r, s, recovery } = secp256k1.sign(message.buffer, privateKey);
     return new Signature(Buffer32.fromBigInt(r), Buffer32.fromBigInt(s), recovery ? 28 : 27);
 }
+/**
+ * Flips an ECDSA signature.
+ * If the signature has a low s-value (s < CURVE.n/2), it flips it to high s-value (CURVE.n - s) and vice versa.
+ * Also flips the v value accordingly (27 <-> 28, or 0 <-> 1).
+ * This is useful for testing signature malleability handling.
+ * @param signature - The signature to flip.
+ * @returns A new signature with flipped s-value and v-value.
+ */ export function flipSignature(signature) {
+    const { r, s, v } = signature;
+    const sig = new secp256k1.Signature(r.toBigInt(), s.toBigInt());
+    const flippedS = secp256k1.CURVE.n - sig.s;
+    return new Signature(r, Buffer32.fromBigInt(flippedS), flipV(v));
+}
+/**
+ * Normalizes an ECDSA signature.
+ * If the signature has a high s-value (s >= CURVE.n/2), it flips it to low s-value (CURVE.n - s), and flips v accordingly.
+ * If the signature uses a recovery bit of 0/1, it is converted to a v-value 27/28 for ecrecover.
+ * @remarks This does not handle post EIP155 tx signatures which embed the chain id in v. Use it only for feeding into ECRECOVER precompiles.
+ * @param signature - The signature to normalize.
+ */ export function normalizeSignature(signature) {
+    const { r, s, v } = signature;
+    const sig = new secp256k1.Signature(r.toBigInt(), s.toBigInt());
+    if (sig.hasHighS()) {
+        const newV = flipV(v);
+        const newS = sig.normalizeS().s;
+        return new Signature(r, Buffer32.fromBigInt(newS), toVFromYParityOrV(newV));
+    }
+    return new Signature(r, s, toVFromYParityOrV(v));
+}
+/** Converts a yParityOrV value to a pre-EIP155 v-value 27-28. */ function toVFromYParityOrV(yParityOrV) {
+    if (yParityOrV === 0 || yParityOrV === 1) {
+        return yParityOrV + 27;
+    } else if (yParityOrV === 27 || yParityOrV === 28) {
+        return yParityOrV;
+    } else {
+        throw new Secp256k1Error(`Invalid yParityOrV value ${yParityOrV}`);
+    }
+}
+/** Flips the recovery bit or v-value */ function flipV(v) {
+    switch(v){
+        case 27:
+            return 28;
+        case 28:
+            return 27;
+        case 0:
+            return 1;
+        case 1:
+            return 0;
+        default:
+            throw new Secp256k1Error(`Invalid v value ${v}`);
+    }
+}
 /**
  * Recovers a public key from a hash and a signature.
  * @param hash - The hash to recover the public key from.
  * @param signature - The signature to recover the public key from.
  * @returns The public key.
- */ export function recoverPublicKey(hash, signature) {
+ */ export function recoverPublicKey(hash, signature, opts = {}) {
     const { r, s, v } = signature;
+    if (!opts.allowYParityAsV && v !== 27 && v !== 28) {
+        throw new Secp256k1Error(`Invalid v value ${v} (expected 27 or 28)`);
+    }
     const recoveryBit = toRecoveryBit(v);
     const sig = new secp256k1.Signature(r.toBigInt(), s.toBigInt()).addRecoveryBit(recoveryBit);
+    if (!opts.allowMalleable && sig.hasHighS()) {
+        throw new Secp256k1Error('Signature has high s-value (malleable signature)');
+    }
     const publicKey = sig.recoverPublicKey(hash.buffer).toHex(false);
     return Buffer.from(publicKey, 'hex');
 }

package/dest/crypto/serialize.d.ts

@@ -48,4 +48,4 @@ export declare function deserializeField(buf: Buffer, offset?: number): {
 };
 export declare function concatenateUint8Arrays(arrayOfUint8Arrays: Uint8Array[]): Uint8Array<ArrayBuffer>;
 export {};
-//# sourceMappingURL=serialize.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VyaWFsaXplLmQudHMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY3J5cHRvL3NlcmlhbGl6ZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFFQSxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sUUFBUSxDQUFDO0FBRWhDOzs7OztHQUtHO0FBQ0gsd0JBQWdCLDRCQUE0QixDQUFDLEdBQUcsRUFBRSxNQUFNLEVBQUUsdUJBSXpEO0FBRUQ7O0dBRUc7QUFDSCxLQUFLLGFBQWEsQ0FBQyxDQUFDLElBQUksQ0FDdEIsR0FBRyxFQUFFLE1BQU0sRUFDWCxNQUFNLEVBQUUsTUFBTSxLQUNYO0lBQ0g7O09BRUc7SUFDSCxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQ1I7O09BRUc7SUFDSCxHQUFHLEVBQUUsTUFBTSxDQUFDO0NBQ2IsQ0FBQztBQUVGOzs7OztHQUtHO0FBQ0gsd0JBQWdCLDBCQUEwQixDQUFDLENBQUMsRUFBRSxXQUFXLEVBQUUsYUFBYSxDQUFDLENBQUMsQ0FBQyxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsTUFBTSxTQUFJOzs7RUFXdEc7QUFFRDs7Ozs7R0FLRztBQUNILHdCQUFnQixhQUFhLENBQUMsQ0FBQyxFQUFFLE1BQU0sRUFBRSxVQUFVLFNBQUksdUJBSXREO0FBRUQ7Ozs7O0dBS0c7QUFDSCx3QkFBZ0IsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLE1BQU0sRUFBRSxNQUFNLFNBQUk7OztFQUd2RDtBQUVELHdCQUFnQixzQkFBc0IsQ0FBQyxrQkFBa0IsRUFBRSxVQUFVLEVBQUUsMkJBU3RFIn0=

package/dest/crypto/sha256/index.d.ts

@@ -1,4 +1,4 @@
-import { Fr } from '../../fields/fields.js';
+import { Fr } from '../../curves/bn254/field.js';
 import { type Bufferable } from '../../serialize/serialize.js';
 import type { Hasher } from '../../trees/hasher.js';
 export declare function sha256(data: Buffer): Buffer<ArrayBuffer>;
@@ -34,4 +34,4 @@ export declare class SHA256Trunc implements Hasher {
     hash(lhs: Uint8Array, rhs: Uint8Array): Buffer<ArrayBuffer>;
     hashInputs(inputs: Buffer[]): Buffer<ArrayBuffer>;
 }
-//# sourceMappingURL=index.d.ts.map
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vc2hhMjU2L2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUdBLE9BQU8sRUFBRSxFQUFFLEVBQUUsTUFBTSw2QkFBNkIsQ0FBQztBQUVqRCxPQUFPLEVBQUUsS0FBSyxVQUFVLEVBQXFCLE1BQU0sOEJBQThCLENBQUM7QUFDbEYsT0FBTyxLQUFLLEVBQUUsTUFBTSxFQUFFLE1BQU0sdUJBQXVCLENBQUM7QUFFcEQsd0JBQWdCLE1BQU0sQ0FBQyxJQUFJLEVBQUUsTUFBTSx1QkFFbEM7QUFFRCx3QkFBZ0IsV0FBVyxDQUFDLElBQUksRUFBRSxNQUFNLDJCQUV2QztBQUVELHdCQUFnQixhQUFhLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRSxNQUcvQztBQUVEOzs7Ozs7Ozs7O0dBVUc7QUFDSCx3QkFBZ0IsaUJBQWlCLENBQUMsS0FBSyxFQUFFLFdBQVcsRUFBRSxNQUFNLEVBQUUsV0FBVyxHQUFHLFdBQVcsQ0F5RXRGO0FBNENEOzs7O0dBSUc7QUFDSCxxQkFBYSxNQUFPLFlBQVcsTUFBTTtJQUs1QixJQUFJLENBQUMsR0FBRyxFQUFFLFVBQVUsRUFBRSxHQUFHLEVBQUUsVUFBVSx1QkFFM0M7SUFNTSxVQUFVLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSx1QkFFakM7Q0FDRjtBQUVEOzs7O0dBSUc7QUFDSCxxQkFBYSxXQUFZLFlBQVcsTUFBTTtJQUtqQyxJQUFJLENBQUMsR0FBRyxFQUFFLFVBQVUsRUFBRSxHQUFHLEVBQUUsVUFBVSx1QkFFM0M7SUFNTSxVQUFVLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSx1QkFFakM7Q0FDRiJ9

package/dest/crypto/sha256/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/sha256/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,EAAE,EAAE,MAAM,wBAAwB,CAAC;AAE5C,OAAO,EAAE,KAAK,UAAU,EAAqB,MAAM,8BAA8B,CAAC;AAClF,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAEpD,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,uBAElC;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,2BAEvC;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE,UAAU,EAAE,MAG/C;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,WAAW,GAAG,WAAW,CAyEtF;AA4CD;;;;GAIG;AACH,qBAAa,MAAO,YAAW,MAAM;IAK5B,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,GAC4B,MAAM,CAAC,WAAW,CAAC;IAOpF,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GACQ,MAAM,CAAC,WAAW,CAAC;CAE9D;AAED;;;;GAIG;AACH,qBAAa,WAAY,YAAW,MAAM;IAKjC,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,GAC4C,MAAM,CAAC,WAAW,CAAC;IAOpG,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GACwB,MAAM,CAAC,WAAW,CAAC;CAE9E"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/crypto/sha256/index.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,EAAE,EAAE,MAAM,6BAA6B,CAAC;AAEjD,OAAO,EAAE,KAAK,UAAU,EAAqB,MAAM,8BAA8B,CAAC;AAClF,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAEpD,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,uBAElC;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,2BAEvC;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE,UAAU,EAAE,MAG/C;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,WAAW,GAAG,WAAW,CAyEtF;AA4CD;;;;GAIG;AACH,qBAAa,MAAO,YAAW,MAAM;IAK5B,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,uBAE3C;IAMM,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,uBAEjC;CACF;AAED;;;;GAIG;AACH,qBAAa,WAAY,YAAW,MAAM;IAKjC,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,uBAE3C;IAMM,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,uBAEjC;CACF"}

package/dest/crypto/sha256/index.js

@@ -1,5 +1,5 @@
 /* eslint-disable camelcase */ import { default as hash } from 'hash.js';
-import { Fr } from '../../fields/fields.js';
+import { Fr } from '../../curves/bn254/field.js';
 import { truncateAndPad } from '../../serialize/free_funcs.js';
 import { serializeToBuffer } from '../../serialize/serialize.js';
 export function sha256(data) {

package/dest/crypto/sha512/index.d.ts

@@ -1,9 +1,9 @@
 import { type Bufferable } from '../../serialize/serialize.js';
-export declare const sha512: (data: Buffer) => Buffer<ArrayBuffer>;
+export declare const sha512: (data: Buffer<ArrayBufferLike>) => Buffer<ArrayBuffer>;
 /**
  * @dev We don't truncate in this function (unlike in sha256ToField) because this function is used in situations where
  * we don't care only about collision resistance but we need the output to be uniformly distributed as well. This is
  * because we use it as a pseudo-random function.
  */
-export declare const sha512ToGrumpkinScalar: (data: Bufferable[]) => import("../../fields/fields.js").Fq;
-//# sourceMappingURL=index.d.ts.map
+export declare const sha512ToGrumpkinScalar: (data: Bufferable[]) => import("../../schemas/schemas.js").Fq;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguZC50cyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9jcnlwdG8vc2hhNTEyL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUdBLE9BQU8sRUFBRSxLQUFLLFVBQVUsRUFBcUIsTUFBTSw4QkFBOEIsQ0FBQztBQUVsRixlQUFPLE1BQU0sTUFBTSx3REFBcUUsQ0FBQztBQUV6Rjs7OztHQUlHO0FBQ0gsZUFBTyxNQUFNLHNCQUFzQiwrREFHbEMsQ0FBQyJ9