@feelyourprotocol/evm 8141.0.0

package/dist/esm/precompiles/bls12_381/mcl.js

@@ -0,0 +1,254 @@
+import { bytesToBigInt, bytesToUnprefixedHex, concatBytes, equalsBytes, setLengthLeft, unprefixedHexToBytes, } from '@feelyourprotocol/util';
+import { EVMError } from "../../errors.js";
+import { BLS_FIELD_MODULUS, BLS_G1_INFINITY_POINT_BYTES, BLS_G1_POINT_BYTE_LENGTH, BLS_G2_INFINITY_POINT_BYTES, BLS_G2_POINT_BYTE_LENGTH, BLS_ONE_BUFFER, BLS_ZERO_BUFFER, } from "./constants.js";
+/**
+ * Converts an Uint8Array to a MCL G1 point. Raises errors if the point is not on the curve
+ * and (if activated) if the point is in the subgroup / order check.
+ * @param input Input Uint8Array. Should be 128 bytes
+ * @param mcl MCL instance
+ * @param verifyOrder Perform the subgroup check (defaults to true)
+ * @returns MCL G1 point
+ */
+function BLS12_381_ToG1Point(input, mcl, verifyOrder = true) {
+    if (equalsBytes(input, BLS_G1_INFINITY_POINT_BYTES)) {
+        return new mcl.G1();
+    }
+    // Using deprecated bytesToUnprefixedHex for performance: mcl library expects unprefixed hex strings.
+    const p_x = bytesToUnprefixedHex(input.subarray(16, BLS_G1_POINT_BYTE_LENGTH / 2));
+    const p_y = bytesToUnprefixedHex(input.subarray(80, BLS_G1_POINT_BYTE_LENGTH));
+    const G1 = new mcl.G1();
+    const Fp_X = new mcl.Fp();
+    const Fp_Y = new mcl.Fp();
+    const One = new mcl.Fp();
+    Fp_X.setStr(p_x, 16);
+    Fp_Y.setStr(p_y, 16);
+    One.setStr('1', 16);
+    G1.setX(Fp_X);
+    G1.setY(Fp_Y);
+    G1.setZ(One);
+    mcl.verifyOrderG1(verifyOrder);
+    if (verifyOrder && G1.isValidOrder() === false) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_POINT_NOT_ON_CURVE);
+    }
+    // Check if these coordinates are actually on the curve.
+    if (G1.isValid() === false) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_POINT_NOT_ON_CURVE);
+    }
+    return G1;
+}
+// input: a mcl G1 point
+// output: a 128-byte Uint8Array
+function BLS12_381_FromG1Point(input) {
+    // TODO: figure out if there is a better way to decode these values.
+    const decodeStr = input.getStr(16); //return a string of pattern "1 <x_coord> <y_coord>"
+    const decoded = decodeStr.match(/"?[0-9a-f]+"?/g); // match above pattern.
+    if (decodeStr === '0') {
+        return new Uint8Array(BLS_G1_POINT_BYTE_LENGTH);
+    }
+    const xBytes = setLengthLeft(unprefixedHexToBytes(decoded[1]), 64);
+    const yBytes = setLengthLeft(unprefixedHexToBytes(decoded[2]), 64);
+    return concatBytes(xBytes, yBytes);
+}
+// input: two 64-byte buffers
+// output: a mcl Fp2 point
+function BLS12_381_ToFp2Point(fpXCoordinate, fpYCoordinate, mcl) {
+    // check if the coordinates are in the field
+    if (bytesToBigInt(fpXCoordinate) >= BLS_FIELD_MODULUS) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_FP_NOT_IN_FIELD);
+    }
+    if (bytesToBigInt(fpYCoordinate) >= BLS_FIELD_MODULUS) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_FP_NOT_IN_FIELD);
+    }
+    const fp_x = new mcl.Fp();
+    const fp_y = new mcl.Fp();
+    const fp2 = new mcl.Fp2();
+    // Using deprecated bytesToUnprefixedHex for performance: mcl library expects unprefixed hex strings.
+    fp_x.setStr(bytesToUnprefixedHex(fpXCoordinate.subarray(16)), 16);
+    fp_y.setStr(bytesToUnprefixedHex(fpYCoordinate.subarray(16)), 16);
+    fp2.set_a(fp_x);
+    fp2.set_b(fp_y);
+    return fp2;
+}
+/**
+ * Converts an Uint8Array to a MCL G2 point. Raises errors if the point is not on the curve
+ * and (if activated) if the point is in the subgroup / order check.
+ * @param input Input Uint8Array. Should be 256 bytes
+ * @param mcl MCL instance
+ * @param verifyOrder Perform the subgroup check (defaults to true)
+ * @returns MCL G2 point
+ */
+function BLS12_381_ToG2Point(input, mcl, verifyOrder = true) {
+    if (equalsBytes(input, BLS_G2_INFINITY_POINT_BYTES)) {
+        return new mcl.G2();
+    }
+    const p_x_1 = input.subarray(0, 64);
+    const p_x_2 = input.subarray(64, BLS_G2_POINT_BYTE_LENGTH / 2);
+    const p_y_1 = input.subarray(128, 192);
+    const p_y_2 = input.subarray(192, BLS_G2_POINT_BYTE_LENGTH);
+    const Fp2X = BLS12_381_ToFp2Point(p_x_1, p_x_2, mcl);
+    const Fp2Y = BLS12_381_ToFp2Point(p_y_1, p_y_2, mcl);
+    const FpOne = new mcl.Fp();
+    FpOne.setStr('1', 16);
+    const FpZero = new mcl.Fp();
+    FpZero.setStr('0', 16);
+    const Fp2One = new mcl.Fp2();
+    Fp2One.set_a(FpOne);
+    Fp2One.set_b(FpZero);
+    const p = new mcl.G2();
+    p.setX(Fp2X);
+    p.setY(Fp2Y);
+    p.setZ(Fp2One);
+    mcl.verifyOrderG2(verifyOrder);
+    if (verifyOrder && p.isValidOrder() === false) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_POINT_NOT_ON_CURVE);
+    }
+    if (p.isValid() === false) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_POINT_NOT_ON_CURVE);
+    }
+    return p;
+}
+// input: a mcl G2 point
+// output: a 256-byte Uint8Array
+function BLS12_381_FromG2Point(input) {
+    // TODO: figure out if there is a better way to decode these values.
+    const decodeStr = input.getStr(16); //return a string of pattern "1 <x_coord_1> <x_coord_2> <y_coord_1> <y_coord_2>"
+    if (decodeStr === '0') {
+        return new Uint8Array(BLS_G2_POINT_BYTE_LENGTH);
+    }
+    const decoded = decodeStr.match(/"?[0-9a-f]+"?/g); // match above pattern.
+    const xBytes1 = setLengthLeft(unprefixedHexToBytes(decoded[1]), 64);
+    const xBytes2 = setLengthLeft(unprefixedHexToBytes(decoded[2]), 64);
+    const yBytes1 = setLengthLeft(unprefixedHexToBytes(decoded[3]), 64);
+    const yBytes2 = setLengthLeft(unprefixedHexToBytes(decoded[4]), 64);
+    return concatBytes(xBytes1, xBytes2, yBytes1, yBytes2);
+}
+// input: a 32-byte hex scalar Uint8Array
+// output: a mcl Fr point
+function BLS12_381_ToFrPoint(input, mcl) {
+    // Using deprecated bytesToUnprefixedHex for performance: mcl library expects unprefixed hex strings.
+    const mclHex = mcl.fromHexStr(bytesToUnprefixedHex(input));
+    const Fr = new mcl.Fr();
+    Fr.setBigEndianMod(mclHex);
+    return Fr;
+}
+// input: a 64-byte buffer
+// output: a mcl Fp point
+function BLS12_381_ToFpPoint(fpCoordinate, mcl) {
+    // check if point is in field
+    if (bytesToBigInt(fpCoordinate) >= BLS_FIELD_MODULUS) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_FP_NOT_IN_FIELD);
+    }
+    const fp = new mcl.Fp();
+    // Using deprecated bytesToUnprefixedHex for performance: mcl library expects unprefixed hex strings.
+    fp.setBigEndianMod(mcl.fromHexStr(bytesToUnprefixedHex(fpCoordinate)));
+    return fp;
+}
+/**
+ * Implementation of the `EVMBLSInterface` using the `mcl-wasm` WASM `mcl` wrapper library,
+ * see https://github.com/herumi/mcl-wasm.
+ *
+ * This can be optionally used to replace the build-in Noble implementation (`NobleBLS`) with
+ * a more performant WASM variant. See EVM `bls` constructor option on how to use.
+ */
+export class MCLBLS {
+    constructor(mcl) {
+        this._mcl = mcl;
+    }
+    init() {
+        this._mcl.setMapToMode(this._mcl.IRTF); // set the right map mode; otherwise mapToG2 will return wrong values.
+        this._mcl.verifyOrderG1(true); // subgroup checks for G1
+        this._mcl.verifyOrderG2(true); // subgroup checks for G2
+    }
+    addG1(input) {
+        // convert input to G1 points, add them, and convert the output to a Uint8Array.
+        const p1 = BLS12_381_ToG1Point(input.subarray(0, BLS_G1_POINT_BYTE_LENGTH), this._mcl, false);
+        const p2 = BLS12_381_ToG1Point(input.subarray(BLS_G1_POINT_BYTE_LENGTH, BLS_G1_POINT_BYTE_LENGTH * 2), this._mcl, false);
+        const result = this._mcl.add(p1, p2);
+        return BLS12_381_FromG1Point(result);
+    }
+    addG2(input) {
+        // convert input to G1 points, add them, and convert the output to a Uint8Array.
+        const p1 = BLS12_381_ToG2Point(input.subarray(0, BLS_G2_POINT_BYTE_LENGTH), this._mcl, false);
+        const p2 = BLS12_381_ToG2Point(input.subarray(BLS_G2_POINT_BYTE_LENGTH, BLS_G2_POINT_BYTE_LENGTH * 2), this._mcl, false);
+        const result = this._mcl.add(p1, p2);
+        return BLS12_381_FromG2Point(result);
+    }
+    mapFPtoG1(input) {
+        // convert input to Fp1 point
+        const Fp1Point = BLS12_381_ToFpPoint(input.subarray(0, 64), this._mcl);
+        // map it to G1
+        const result = Fp1Point.mapToG1();
+        return BLS12_381_FromG1Point(result);
+    }
+    mapFP2toG2(input) {
+        // convert input to Fp2 point
+        const Fp2Point = BLS12_381_ToFp2Point(input.subarray(0, 64), input.subarray(64, 128), this._mcl);
+        // map it to G2
+        const result = Fp2Point.mapToG2();
+        return BLS12_381_FromG2Point(result);
+    }
+    msmG1(input) {
+        const pairLength = 160;
+        const numPairs = input.length / pairLength;
+        const G1Array = [];
+        const FrArray = [];
+        for (let k = 0; k < numPairs; k++) {
+            const pairStart = pairLength * k;
+            const G1 = BLS12_381_ToG1Point(input.subarray(pairStart, pairStart + BLS_G1_POINT_BYTE_LENGTH), this._mcl);
+            const Fr = BLS12_381_ToFrPoint(input.subarray(pairStart + BLS_G1_POINT_BYTE_LENGTH, pairStart + pairLength), this._mcl);
+            G1Array.push(G1);
+            FrArray.push(Fr);
+        }
+        const result = this._mcl.mulVec(G1Array, FrArray);
+        return BLS12_381_FromG1Point(result);
+    }
+    msmG2(input) {
+        const pairLength = 288;
+        const numPairs = input.length / pairLength;
+        const G2Array = [];
+        const FrArray = [];
+        for (let k = 0; k < numPairs; k++) {
+            const pairStart = pairLength * k;
+            const G2 = BLS12_381_ToG2Point(input.subarray(pairStart, pairStart + BLS_G2_POINT_BYTE_LENGTH), this._mcl);
+            const Fr = BLS12_381_ToFrPoint(input.subarray(pairStart + BLS_G2_POINT_BYTE_LENGTH, pairStart + pairLength), this._mcl);
+            G2Array.push(G2);
+            FrArray.push(Fr);
+        }
+        const result = this._mcl.mulVec(G2Array, FrArray);
+        return BLS12_381_FromG2Point(result);
+    }
+    pairingCheck(input) {
+        const pairLength = 384;
+        const pairs = [];
+        for (let k = 0; k < input.length / pairLength; k++) {
+            const pairStart = pairLength * k;
+            const G1 = BLS12_381_ToG1Point(input.subarray(pairStart, pairStart + BLS_G1_POINT_BYTE_LENGTH), this._mcl);
+            const g2start = pairStart + BLS_G1_POINT_BYTE_LENGTH;
+            const G2 = BLS12_381_ToG2Point(input.subarray(g2start, g2start + BLS_G2_POINT_BYTE_LENGTH), this._mcl);
+            pairs.push([G1, G2]);
+        }
+        // run the pairing check
+        // reference (Nethermind): https://github.com/NethermindEth/nethermind/blob/374b036414722b9c8ad27e93d64840b8f63931b9/src/Nethermind/Nethermind.Evm/Precompiles/Bls/Mcl/PairingPrecompile.cs#L93
+        let GT;
+        for (let index = 0; index < pairs.length; index++) {
+            const pair = pairs[index];
+            const G1 = pair[0];
+            const G2 = pair[1];
+            if (index === 0) {
+                GT = this._mcl.millerLoop(G1, G2);
+            }
+            else {
+                GT = this._mcl.mul(GT, this._mcl.millerLoop(G1, G2));
+            }
+        }
+        GT = this._mcl.finalExp(GT);
+        if (GT.isOne() === true) {
+            return BLS_ONE_BUFFER;
+        }
+        else {
+            return BLS_ZERO_BUFFER;
+        }
+    }
+}
+export { BLS12_381_FromG1Point, BLS12_381_FromG2Point, BLS12_381_ToFp2Point, BLS12_381_ToFpPoint, BLS12_381_ToFrPoint, BLS12_381_ToG1Point, BLS12_381_ToG2Point, };
+//# sourceMappingURL=mcl.js.map

package/dist/esm/precompiles/bls12_381/mcl.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcl.js","sourceRoot":"","sources":["../../../../src/precompiles/bls12_381/mcl.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,WAAW,EACX,WAAW,EACX,aAAa,EACb,oBAAoB,GACrB,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,OAAO,EACL,iBAAiB,EACjB,2BAA2B,EAC3B,wBAAwB,EACxB,2BAA2B,EAC3B,wBAAwB,EACxB,cAAc,EACd,eAAe,GAChB,MAAM,gBAAgB,CAAA;AAIvB;;;;;;;GAOG;AACH,SAAS,mBAAmB,CAAC,KAAiB,EAAE,GAAQ,EAAE,WAAW,GAAG,IAAI;IAC1E,IAAI,WAAW,CAAC,KAAK,EAAE,2BAA2B,CAAC,EAAE,CAAC;QACpD,OAAO,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IACrB,CAAC;IAED,qGAAqG;IACrG,MAAM,GAAG,GAAG,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,wBAAwB,GAAG,CAAC,CAAC,CAAC,CAAA;IAClF,MAAM,GAAG,GAAG,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAA;IAE9E,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAEvB,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IACzB,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IACzB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAExB,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;IACpB,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;IACpB,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;IAEnB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACb,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACb,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAEZ,GAAG,CAAC,aAAa,CAAC,WAAW,CAAC,CAAA;IAC9B,IAAI,WAAW,IAAI,EAAE,CAAC,YAAY,EAAE,KAAK,KAAK,EAAE,CAAC;QAC/C,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAA;IAC1E,CAAC;IAED,wDAAwD;IACxD,IAAI,EAAE,CAAC,OAAO,EAAE,KAAK,KAAK,EAAE,CAAC;QAC3B,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAA;IAC1E,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED,wBAAwB;AACxB,gCAAgC;AAChC,SAAS,qBAAqB,CAAC,KAAU;IACvC,oEAAoE;IACpE,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA,CAAC,oDAAoD;IACvF,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAA,CAAC,uBAAuB;IAEzE,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;QACtB,OAAO,IAAI,UAAU,CAAC,wBAAwB,CAAC,CAAA;IACjD,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAClE,MAAM,MAAM,GAAG,aAAa,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAElE,OAAO,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;AACpC,CAAC;AAED,6BAA6B;AAC7B,0BAA0B;AAE1B,SAAS,oBAAoB,CAAC,aAAyB,EAAE,aAAyB,EAAE,GAAQ;IAC1F,4CAA4C;IAC5C,IAAI,aAAa,CAAC,aAAa,CAAC,IAAI,iBAAiB,EAAE,CAAC;QACtD,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAA;IACvE,CAAC;IACD,IAAI,aAAa,CAAC,aAAa,CAAC,IAAI,iBAAiB,EAAE,CAAC;QACtD,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAA;IACvE,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IACzB,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAEzB,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAA;IACzB,qGAAqG;IACrG,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACjE,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAEjE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACf,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEf,OAAO,GAAG,CAAA;AACZ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,mBAAmB,CAAC,KAAiB,EAAE,GAAQ,EAAE,WAAW,GAAG,IAAI;IAC1E,IAAI,WAAW,CAAC,KAAK,EAAE,2BAA2B,CAAC,EAAE,CAAC;QACpD,OAAO,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IACrB,CAAC;IAED,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnC,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,wBAAwB,GAAG,CAAC,CAAC,CAAA;IAC9D,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IACtC,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAA;IAE3D,MAAM,IAAI,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;IACpD,MAAM,IAAI,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;IAEpD,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAC1B,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;IAErB,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAC3B,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,CAAA;IAEtB,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAA;IAE5B,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IACnB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAEpB,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAEtB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACZ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACZ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IAEd,GAAG,CAAC,aAAa,CAAC,WAAW,CAAC,CAAA;IAC9B,IAAI,WAAW,IAAI,CAAC,CAAC,YAAY,EAAE,KAAK,KAAK,EAAE,CAAC;QAC9C,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAA;IAC1E,CAAC;IAED,IAAI,CAAC,CAAC,OAAO,EAAE,KAAK,KAAK,EAAE,CAAC;QAC1B,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAA;IAC1E,CAAC;IAED,OAAO,CAAC,CAAA;AACV,CAAC;AAED,wBAAwB;AACxB,gCAAgC;AAChC,SAAS,qBAAqB,CAAC,KAAU;IACvC,oEAAoE;IACpE,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA,CAAC,gFAAgF;IACnH,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;QACtB,OAAO,IAAI,UAAU,CAAC,wBAAwB,CAAC,CAAA;IACjD,CAAC;IACD,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAA,CAAC,uBAAuB;IAEzE,MAAM,OAAO,GAAG,aAAa,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnE,MAAM,OAAO,GAAG,aAAa,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnE,MAAM,OAAO,GAAG,aAAa,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnE,MAAM,OAAO,GAAG,aAAa,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAEnE,OAAO,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;AACxD,CAAC;AAED,yCAAyC;AACzC,yBAAyB;AAEzB,SAAS,mBAAmB,CAAC,KAAiB,EAAE,GAAQ;IACtD,qGAAqG;IACrG,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,CAAA;IAC1D,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IACvB,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;IAC1B,OAAO,EAAE,CAAA;AACX,CAAC;AAED,0BAA0B;AAC1B,yBAAyB;AAEzB,SAAS,mBAAmB,CAAC,YAAwB,EAAE,GAAQ;IAC7D,6BAA6B;IAC7B,IAAI,aAAa,CAAC,YAAY,CAAC,IAAI,iBAAiB,EAAE,CAAC;QACrD,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAA;IACvE,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAA;IAEvB,qGAAqG;IACrG,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;IAEtE,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,MAAM;IAGjB,YAAY,GAAQ;QAClB,IAAI,CAAC,IAAI,GAAG,GAAG,CAAA;IACjB,CAAC;IAED,IAAI;QACF,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA,CAAC,sEAAsE;QAC7G,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA,CAAC,yBAAyB;QACvD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA,CAAC,yBAAyB;IACzD,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,gFAAgF;QAChF,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,wBAAwB,CAAC,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC7F,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,wBAAwB,EAAE,wBAAwB,GAAG,CAAC,CAAC,EACtE,IAAI,CAAC,IAAI,EACT,KAAK,CACN,CAAA;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAEpC,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;IACtC,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,gFAAgF;QAChF,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,wBAAwB,CAAC,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC7F,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,wBAAwB,EAAE,wBAAwB,GAAG,CAAC,CAAC,EACtE,IAAI,CAAC,IAAI,EACT,KAAK,CACN,CAAA;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAEpC,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;IACtC,CAAC;IAED,SAAS,CAAC,KAAiB;QACzB,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;QACtE,eAAe;QACf,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAA;QAEjC,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;IACtC,CAAC;IAED,UAAU,CAAC,KAAiB;QAC1B,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;QAChG,eAAe;QACf,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAA;QAEjC,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;IACtC,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,MAAM,UAAU,GAAG,GAAG,CAAA;QACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,UAAU,CAAA;QAC1C,MAAM,OAAO,GAAG,EAAE,CAAA;QAClB,MAAM,OAAO,GAAG,EAAE,CAAA;QAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;YAChC,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,wBAAwB,CAAC,EAC/D,IAAI,CAAC,IAAI,CACV,CAAA;YACD,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,GAAG,wBAAwB,EAAE,SAAS,GAAG,UAAU,CAAC,EAC5E,IAAI,CAAC,IAAI,CACV,CAAA;YAED,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAChB,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAClB,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QAEjD,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;IACtC,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,MAAM,UAAU,GAAG,GAAG,CAAA;QACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,UAAU,CAAA;QAC1C,MAAM,OAAO,GAAG,EAAE,CAAA;QAClB,MAAM,OAAO,GAAG,EAAE,CAAA;QAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;YAChC,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,wBAAwB,CAAC,EAC/D,IAAI,CAAC,IAAI,CACV,CAAA;YACD,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,GAAG,wBAAwB,EAAE,SAAS,GAAG,UAAU,CAAC,EAC5E,IAAI,CAAC,IAAI,CACV,CAAA;YAED,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAChB,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAClB,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QACjD,OAAO,qBAAqB,CAAC,MAAM,CAAC,CAAA;IACtC,CAAC;IAED,YAAY,CAAC,KAAiB;QAC5B,MAAM,UAAU,GAAG,GAAG,CAAA;QACtB,MAAM,KAAK,GAAG,EAAE,CAAA;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;YACnD,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;YAChC,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,wBAAwB,CAAC,EAC/D,IAAI,CAAC,IAAI,CACV,CAAA;YAED,MAAM,OAAO,GAAG,SAAS,GAAG,wBAAwB,CAAA;YACpD,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,wBAAwB,CAAC,EAC3D,IAAI,CAAC,IAAI,CACV,CAAA;YAED,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;QACtB,CAAC;QAED,wBAAwB;QACxB,+LAA+L;QAC/L,IAAI,EAAE,CAAA;QACN,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,CAAC;YAClD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAA;YACzB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAA;YAClB,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAA;YAElB,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;gBAChB,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;YACnC,CAAC;iBAAM,CAAC;gBACN,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAA;YACtD,CAAC;QACH,CAAC;QAED,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;QAE3B,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE,CAAC;YACxB,OAAO,cAAc,CAAA;QACvB,CAAC;aAAM,CAAC;YACN,OAAO,eAAe,CAAA;QACxB,CAAC;IACH,CAAC;CACF;AAED,OAAO,EACL,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,CAAA"}

package/dist/esm/precompiles/bls12_381/noble.d.ts

@@ -0,0 +1,39 @@
+import type { Fp2 } from '@noble/curves/abstract/tower.js';
+import type { AffinePoint } from '@noble/curves/abstract/weierstrass.js';
+import type { EVMBLSInterface } from '../../types.ts';
+declare function BLS12_381_ToFp2Point(fpXCoordinate: Uint8Array, fpYCoordinate: Uint8Array): Fp2;
+/**
+ * Converts an Uint8Array to a Noble G1 point. Raises errors if the point is not on the curve
+ * and (if activated) if the point is in the subgroup / order check.
+ * @param input Input Uint8Array. Should be 128 bytes
+ * @returns Noble G1 point
+ */
+declare function BLS12_381_ToG1Point(input: Uint8Array, verifyOrder?: boolean): import("@noble/curves/abstract/weierstrass.js").WeierstrassPoint<bigint>;
+declare function BLS12_381_FromG1Point(input: AffinePoint<bigint>): Uint8Array;
+/**
+ * Converts an Uint8Array to a Noble G2 point. Raises errors if the point is not on the curve
+ * and (if activated) if the point is in the subgroup / order check.
+ * @param input Input Uint8Array. Should be 256 bytes
+ * @returns Noble G2 point
+ */
+declare function BLS12_381_ToG2Point(input: Uint8Array, verifyOrder?: boolean): import("@noble/curves/abstract/weierstrass.js").WeierstrassPoint<Fp2>;
+declare function BLS12_381_FromG2Point(input: AffinePoint<Fp2>): Uint8Array;
+declare function BLS12_381_ToFrPoint(input: Uint8Array): bigint;
+declare function BLS12_381_ToFpPoint(fpCoordinate: Uint8Array): bigint;
+/**
+ * Implementation of the `EVMBLSInterface` using the `ethereum-cryptography (`@noble/curves`)
+ * JS library, see https://github.com/ethereum/js-ethereum-cryptography.
+ *
+ * This is the EVM default implementation.
+ */
+export declare class NobleBLS implements EVMBLSInterface {
+    addG1(input: Uint8Array): Uint8Array;
+    addG2(input: Uint8Array): Uint8Array;
+    mapFPtoG1(input: Uint8Array): Uint8Array;
+    mapFP2toG2(input: Uint8Array): Uint8Array;
+    msmG1(input: Uint8Array): Uint8Array;
+    msmG2(input: Uint8Array): Uint8Array;
+    pairingCheck(input: Uint8Array): Uint8Array;
+}
+export { BLS12_381_FromG1Point, BLS12_381_FromG2Point, BLS12_381_ToFp2Point, BLS12_381_ToFpPoint, BLS12_381_ToFrPoint, BLS12_381_ToG1Point, BLS12_381_ToG2Point, };
+//# sourceMappingURL=noble.d.ts.map

package/dist/esm/precompiles/bls12_381/noble.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"noble.d.ts","sourceRoot":"","sources":["../../../../src/precompiles/bls12_381/noble.ts"],"names":[],"mappings":"AAsBA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,iCAAiC,CAAA;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uCAAuC,CAAA;AACxE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAMrD,iBAAS,oBAAoB,CAAC,aAAa,EAAE,UAAU,EAAE,aAAa,EAAE,UAAU,OAajF;AAED;;;;;GAKG;AACH,iBAAS,mBAAmB,CAAC,KAAK,EAAE,UAAU,EAAE,WAAW,UAAO,4EAqBjE;AAID,iBAAS,qBAAqB,CAAC,KAAK,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,UAAU,CAKrE;AAED;;;;;GAKG;AACH,iBAAS,mBAAmB,CAAC,KAAK,EAAE,UAAU,EAAE,WAAW,UAAO,yEA0BjE;AAID,iBAAS,qBAAqB,CAAC,KAAK,EAAE,WAAW,CAAC,GAAG,CAAC,GAAG,UAAU,CAOlE;AAKD,iBAAS,mBAAmB,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAMtD;AAKD,iBAAS,mBAAmB,CAAC,YAAY,EAAE,UAAU,UAOpD;AAED;;;;;GAKG;AACH,qBAAa,QAAS,YAAW,eAAe;IAC9C,KAAK,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;IAapC,KAAK,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;IAYpC,SAAS,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;IAUxC,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;IAUzC,KAAK,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;IAgCpC,KAAK,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;IAgCpC,YAAY,CAAC,KAAK,EAAE,UAAU,GAAG,UAAU;CA6B5C;AAED,OAAO,EACL,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,CAAA"}

package/dist/esm/precompiles/bls12_381/noble.js

@@ -0,0 +1,218 @@
+import { BIGINT_0, bigIntToBytes, bytesToBigInt, concatBytes, equalsBytes, setLengthLeft, } from '@feelyourprotocol/util';
+import { bls12_381 } from '@noble/curves/bls12-381.js';
+import { EVMError } from "../../errors.js";
+import { BLS_FIELD_MODULUS, BLS_G1_INFINITY_POINT_BYTES, BLS_G1_POINT_BYTE_LENGTH, BLS_G2_INFINITY_POINT_BYTES, BLS_G2_POINT_BYTE_LENGTH, BLS_ONE_BUFFER, BLS_ZERO_BUFFER, } from "./constants.js";
+const G1_ZERO = bls12_381.G1.Point.ZERO;
+const G2_ZERO = bls12_381.G2.Point.ZERO;
+function BLS12_381_ToFp2Point(fpXCoordinate, fpYCoordinate) {
+    // check if the coordinates are in the field
+    if (bytesToBigInt(fpXCoordinate) >= BLS_FIELD_MODULUS) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_FP_NOT_IN_FIELD);
+    }
+    if (bytesToBigInt(fpYCoordinate) >= BLS_FIELD_MODULUS) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_FP_NOT_IN_FIELD);
+    }
+    const fpBytes = concatBytes(fpXCoordinate.subarray(16), fpYCoordinate.subarray(16));
+    const FP = bls12_381.fields.Fp2.fromBytes(fpBytes);
+    return FP;
+}
+/**
+ * Converts an Uint8Array to a Noble G1 point. Raises errors if the point is not on the curve
+ * and (if activated) if the point is in the subgroup / order check.
+ * @param input Input Uint8Array. Should be 128 bytes
+ * @returns Noble G1 point
+ */
+function BLS12_381_ToG1Point(input, verifyOrder = true) {
+    if (equalsBytes(input, BLS_G1_INFINITY_POINT_BYTES) === true) {
+        return G1_ZERO;
+    }
+    const x = bytesToBigInt(input.subarray(16, BLS_G1_POINT_BYTE_LENGTH / 2));
+    const y = bytesToBigInt(input.subarray(80, BLS_G1_POINT_BYTE_LENGTH));
+    const G1 = bls12_381.G1.Point.fromAffine({
+        x,
+        y,
+    });
+    try {
+        G1.assertValidity();
+    }
+    catch (e) {
+        if (verifyOrder || e.message !== 'bad point: not in prime-order subgroup')
+            throw new EVMError(EVMError.errorMessages.BLS_12_381_POINT_NOT_ON_CURVE);
+    }
+    return G1;
+}
+// input: a Noble G1 point
+// output: a 128-byte Uint8Array
+function BLS12_381_FromG1Point(input) {
+    const xBytes = setLengthLeft(bigIntToBytes(input.x), 64);
+    const yBytes = setLengthLeft(bigIntToBytes(input.y), 64);
+    return concatBytes(xBytes, yBytes);
+}
+/**
+ * Converts an Uint8Array to a Noble G2 point. Raises errors if the point is not on the curve
+ * and (if activated) if the point is in the subgroup / order check.
+ * @param input Input Uint8Array. Should be 256 bytes
+ * @returns Noble G2 point
+ */
+function BLS12_381_ToG2Point(input, verifyOrder = true) {
+    if (equalsBytes(input, BLS_G2_INFINITY_POINT_BYTES) === true) {
+        return G2_ZERO;
+    }
+    const p_x_1 = input.subarray(0, 64);
+    const p_x_2 = input.subarray(64, BLS_G2_POINT_BYTE_LENGTH / 2);
+    const p_y_1 = input.subarray(128, 192);
+    const p_y_2 = input.subarray(192, BLS_G2_POINT_BYTE_LENGTH);
+    const Fp2X = BLS12_381_ToFp2Point(p_x_1, p_x_2);
+    const Fp2Y = BLS12_381_ToFp2Point(p_y_1, p_y_2);
+    const pG2 = bls12_381.G2.Point.fromAffine({
+        x: Fp2X,
+        y: Fp2Y,
+    });
+    try {
+        pG2.assertValidity();
+    }
+    catch (e) {
+        if (verifyOrder || e.message !== 'bad point: not in prime-order subgroup')
+            throw new EVMError(EVMError.errorMessages.BLS_12_381_POINT_NOT_ON_CURVE);
+    }
+    return pG2;
+}
+// input: a Noble G1 point
+// output: a 128-byte Uint8Array
+function BLS12_381_FromG2Point(input) {
+    const xBytes1 = setLengthLeft(bigIntToBytes(input.x.c0), 64);
+    const xBytes2 = setLengthLeft(bigIntToBytes(input.x.c1), 64);
+    const yBytes1 = setLengthLeft(bigIntToBytes(input.y.c0), 64);
+    const yBytes2 = setLengthLeft(bigIntToBytes(input.y.c1), 64);
+    return concatBytes(xBytes1, xBytes2, yBytes1, yBytes2);
+}
+// input: a 32-byte hex scalar Uint8Array
+// output: a Noble Fr point
+function BLS12_381_ToFrPoint(input) {
+    const Fr = bls12_381.fields.Fr.fromBytes(input);
+    if (Fr >= bls12_381.fields.Fr.ORDER) {
+        return bls12_381.fields.Fr.create(Fr % bls12_381.fields.Fr.ORDER);
+    }
+    return bls12_381.fields.Fr.create(Fr);
+}
+// input: a 64-byte buffer
+// output: a Noble Fp point
+function BLS12_381_ToFpPoint(fpCoordinate) {
+    // check if point is in field
+    if (bytesToBigInt(fpCoordinate) >= BLS_FIELD_MODULUS) {
+        throw new EVMError(EVMError.errorMessages.BLS_12_381_FP_NOT_IN_FIELD);
+    }
+    const FP = bls12_381.fields.Fp.fromBytes(fpCoordinate.slice(16));
+    return FP;
+}
+/**
+ * Implementation of the `EVMBLSInterface` using the `ethereum-cryptography (`@noble/curves`)
+ * JS library, see https://github.com/ethereum/js-ethereum-cryptography.
+ *
+ * This is the EVM default implementation.
+ */
+export class NobleBLS {
+    addG1(input) {
+        const p1 = BLS12_381_ToG1Point(input.subarray(0, BLS_G1_POINT_BYTE_LENGTH), false);
+        const p2 = BLS12_381_ToG1Point(input.subarray(BLS_G1_POINT_BYTE_LENGTH, BLS_G1_POINT_BYTE_LENGTH * 2), false);
+        const p = p1.add(p2);
+        const result = BLS12_381_FromG1Point(p.toAffine());
+        return result;
+    }
+    addG2(input) {
+        const p1 = BLS12_381_ToG2Point(input.subarray(0, BLS_G2_POINT_BYTE_LENGTH), false);
+        const p2 = BLS12_381_ToG2Point(input.subarray(BLS_G2_POINT_BYTE_LENGTH, BLS_G2_POINT_BYTE_LENGTH * 2), false);
+        const p = p1.add(p2);
+        const result = BLS12_381_FromG2Point(p.toAffine());
+        return result;
+    }
+    mapFPtoG1(input) {
+        // convert input to Fp1 point
+        const FP = BLS12_381_ToFpPoint(input.subarray(0, 64));
+        // @ts-expect-error - @noble/curves v2 type resolution mismatch
+        const result = bls12_381.G1.mapToCurve(FP).toAffine();
+        const resultBytes = BLS12_381_FromG1Point(result);
+        return resultBytes;
+    }
+    mapFP2toG2(input) {
+        // convert input to Fp2 point
+        const Fp2Point = BLS12_381_ToFp2Point(input.subarray(0, 64), input.subarray(64, 128));
+        // @ts-expect-error - @noble/curves v2 type resolution mismatch
+        const result = bls12_381.G2.mapToCurve([Fp2Point.c0, Fp2Point.c1]).toAffine();
+        const resultBytes = BLS12_381_FromG2Point(result);
+        return resultBytes;
+    }
+    msmG1(input) {
+        // Note: This implementation is using the naive "algorithm" of just doing
+        // p1G1*v1F1 + p2G1*v1F1 + ... while the EIP is suggesting to use an optimized
+        // algorithm (Pippenger's algorithm, see https://eips.ethereum.org/EIPS/eip-2537#g1g2-msm).
+        //
+        // While this functionally works the approach is not "gas-cost-competitive" and an
+        // optimization should be considered in the future.
+        const pairLength = 160;
+        const numPairs = input.length / pairLength;
+        let pRes = G1_ZERO;
+        for (let k = 0; k < numPairs; k++) {
+            const pairStart = pairLength * k;
+            const G1 = BLS12_381_ToG1Point(input.subarray(pairStart, pairStart + BLS_G1_POINT_BYTE_LENGTH));
+            const Fr = BLS12_381_ToFrPoint(input.subarray(pairStart + BLS_G1_POINT_BYTE_LENGTH, pairStart + pairLength));
+            let pMul;
+            if (Fr === BIGINT_0) {
+                pMul = G1_ZERO;
+            }
+            else {
+                pMul = G1.multiplyUnsafe(Fr);
+            }
+            pRes = pRes.add(pMul);
+        }
+        return BLS12_381_FromG1Point(pRes.toAffine());
+    }
+    msmG2(input) {
+        // Note: This implementation is using the naive "algorithm" of just doing
+        // p1G1*v1F1 + p2G1*v1F1 + ... while the EIP is suggesting to use an optimized
+        // algorithm (Pippenger's algorithm, see https://eips.ethereum.org/EIPS/eip-2537#g1g2-msm).
+        //
+        // While this functionally works the approach is not "gas-cost-competitive" and an
+        // optimization should be considered in the future.
+        const pairLength = 288;
+        const numPairs = input.length / pairLength;
+        let pRes = G2_ZERO;
+        for (let k = 0; k < numPairs; k++) {
+            const pairStart = pairLength * k;
+            const G2 = BLS12_381_ToG2Point(input.subarray(pairStart, pairStart + BLS_G2_POINT_BYTE_LENGTH));
+            const Fr = BLS12_381_ToFrPoint(input.subarray(pairStart + BLS_G2_POINT_BYTE_LENGTH, pairStart + pairLength));
+            let pMul;
+            if (Fr === BIGINT_0) {
+                pMul = G2_ZERO;
+            }
+            else {
+                pMul = G2.multiplyUnsafe(Fr);
+            }
+            pRes = pRes.add(pMul);
+        }
+        return BLS12_381_FromG2Point(pRes.toAffine());
+    }
+    pairingCheck(input) {
+        // Extract the pairs from the input
+        const pairLength = 384;
+        const pairs = [];
+        for (let k = 0; k < input.length / pairLength; k++) {
+            const pairStart = pairLength * k;
+            const G1 = BLS12_381_ToG1Point(input.subarray(pairStart, pairStart + BLS_G1_POINT_BYTE_LENGTH));
+            const g2start = pairStart + BLS_G1_POINT_BYTE_LENGTH;
+            const G2 = BLS12_381_ToG2Point(input.subarray(g2start, g2start + BLS_G2_POINT_BYTE_LENGTH));
+            pairs.push({ g1: G1, g2: G2 });
+        }
+        // Filter out infinity pairs
+        const filteredPairs = pairs.filter((pair) => pair.g1.equals(G1_ZERO) === false && pair.g2.equals(G2_ZERO) === false);
+        const FP12 = bls12_381.pairingBatch(filteredPairs, true);
+        if (bls12_381.fields.Fp12.eql(FP12, bls12_381.fields.Fp12.ONE)) {
+            return BLS_ONE_BUFFER;
+        }
+        else {
+            return BLS_ZERO_BUFFER;
+        }
+    }
+}
+export { BLS12_381_FromG1Point, BLS12_381_FromG2Point, BLS12_381_ToFp2Point, BLS12_381_ToFpPoint, BLS12_381_ToFrPoint, BLS12_381_ToG1Point, BLS12_381_ToG2Point, };
+//# sourceMappingURL=noble.js.map

package/dist/esm/precompiles/bls12_381/noble.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"noble.js","sourceRoot":"","sources":["../../../../src/precompiles/bls12_381/noble.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,QAAQ,EACR,aAAa,EACb,aAAa,EACb,WAAW,EACX,WAAW,EACX,aAAa,GACd,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAA;AAEtD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAA;AAE1C,OAAO,EACL,iBAAiB,EACjB,2BAA2B,EAC3B,wBAAwB,EACxB,2BAA2B,EAC3B,wBAAwB,EACxB,cAAc,EACd,eAAe,GAChB,MAAM,gBAAgB,CAAA;AAMvB,MAAM,OAAO,GAAG,SAAS,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAA;AAEvC,MAAM,OAAO,GAAG,SAAS,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAA;AAEvC,SAAS,oBAAoB,CAAC,aAAyB,EAAE,aAAyB;IAChF,4CAA4C;IAC5C,IAAI,aAAa,CAAC,aAAa,CAAC,IAAI,iBAAiB,EAAE,CAAC;QACtD,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAA;IACvE,CAAC;IACD,IAAI,aAAa,CAAC,aAAa,CAAC,IAAI,iBAAiB,EAAE,CAAC;QACtD,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAA;IACvE,CAAC;IAED,MAAM,OAAO,GAAG,WAAW,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;IAEnF,MAAM,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;IAClD,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,KAAiB,EAAE,WAAW,GAAG,IAAI;IAChE,IAAI,WAAW,CAAC,KAAK,EAAE,2BAA2B,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7D,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,wBAAwB,GAAG,CAAC,CAAC,CAAC,CAAA;IACzE,MAAM,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAA;IAErE,MAAM,EAAE,GAAG,SAAS,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC;QACvC,CAAC;QACD,CAAC;KACF,CAAC,CAAA;IAEF,IAAI,CAAC;QACH,EAAE,CAAC,cAAc,EAAE,CAAA;IACrB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,WAAW,IAAK,CAAW,CAAC,OAAO,KAAK,wCAAwC;YAClF,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAA;IAC5E,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED,0BAA0B;AAC1B,gCAAgC;AAChC,SAAS,qBAAqB,CAAC,KAA0B;IACvD,MAAM,MAAM,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACxD,MAAM,MAAM,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IAExD,OAAO,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;AACpC,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,KAAiB,EAAE,WAAW,GAAG,IAAI;IAChE,IAAI,WAAW,CAAC,KAAK,EAAE,2BAA2B,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7D,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACnC,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,wBAAwB,GAAG,CAAC,CAAC,CAAA;IAC9D,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;IACtC,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,wBAAwB,CAAC,CAAA;IAE3D,MAAM,IAAI,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAC/C,MAAM,IAAI,GAAG,oBAAoB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAE/C,MAAM,GAAG,GAAG,SAAS,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC;QACxC,CAAC,EAAE,IAAI;QACP,CAAC,EAAE,IAAI;KACR,CAAC,CAAA;IAEF,IAAI,CAAC;QACH,GAAG,CAAC,cAAc,EAAE,CAAA;IACtB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,IAAI,WAAW,IAAK,CAAW,CAAC,OAAO,KAAK,wCAAwC;YAClF,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,6BAA6B,CAAC,CAAA;IAC5E,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,0BAA0B;AAC1B,gCAAgC;AAChC,SAAS,qBAAqB,CAAC,KAAuB;IACpD,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;IAC5D,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;IAC5D,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;IAC5D,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;IAE5D,OAAO,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,CAAA;AACxD,CAAC;AAED,yCAAyC;AACzC,2BAA2B;AAE3B,SAAS,mBAAmB,CAAC,KAAiB;IAC5C,MAAM,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IAC/C,IAAI,EAAE,IAAI,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACpC,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAA;IACnE,CAAC;IACD,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;AACvC,CAAC;AAED,0BAA0B;AAC1B,2BAA2B;AAE3B,SAAS,mBAAmB,CAAC,YAAwB;IACnD,6BAA6B;IAC7B,IAAI,aAAa,CAAC,YAAY,CAAC,IAAI,iBAAiB,EAAE,CAAC;QACrD,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAA;IACvE,CAAC;IACD,MAAM,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAA;IAChE,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;GAKG;AACH,MAAM,OAAO,QAAQ;IACnB,KAAK,CAAC,KAAiB;QACrB,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,wBAAwB,CAAC,EAAE,KAAK,CAAC,CAAA;QAClF,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,wBAAwB,EAAE,wBAAwB,GAAG,CAAC,CAAC,EACtE,KAAK,CACN,CAAA;QAED,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACpB,MAAM,MAAM,GAAG,qBAAqB,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;QAElD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,wBAAwB,CAAC,EAAE,KAAK,CAAC,CAAA;QAClF,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,wBAAwB,EAAE,wBAAwB,GAAG,CAAC,CAAC,EACtE,KAAK,CACN,CAAA;QACD,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACpB,MAAM,MAAM,GAAG,qBAAqB,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;QAElD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,SAAS,CAAC,KAAiB;QACzB,6BAA6B;QAC7B,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;QAErD,+DAA+D;QAC/D,MAAM,MAAM,GAAG,SAAS,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAA;QACrD,MAAM,WAAW,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAA;QACjD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,UAAU,CAAC,KAAiB;QAC1B,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAA;QAErF,+DAA+D;QAC/D,MAAM,MAAM,GAAG,SAAS,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAA;QAC7E,MAAM,WAAW,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAA;QACjD,OAAO,WAAW,CAAA;IACpB,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,yEAAyE;QACzE,8EAA8E;QAC9E,2FAA2F;QAC3F,EAAE;QACF,kFAAkF;QAClF,mDAAmD;QACnD,MAAM,UAAU,GAAG,GAAG,CAAA;QACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,UAAU,CAAA;QAE1C,IAAI,IAAI,GAAG,OAAO,CAAA;QAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;YAChC,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,wBAAwB,CAAC,CAChE,CAAA;YACD,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,GAAG,wBAAwB,EAAE,SAAS,GAAG,UAAU,CAAC,CAC7E,CAAA;YACD,IAAI,IAAI,CAAA;YACR,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;gBACpB,IAAI,GAAG,OAAO,CAAA;YAChB,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,EAAE,CAAC,cAAc,CAAC,EAAE,CAAC,CAAA;YAC9B,CAAC;YAED,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACvB,CAAC;QAED,OAAO,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED,KAAK,CAAC,KAAiB;QACrB,yEAAyE;QACzE,8EAA8E;QAC9E,2FAA2F;QAC3F,EAAE;QACF,kFAAkF;QAClF,mDAAmD;QACnD,MAAM,UAAU,GAAG,GAAG,CAAA;QACtB,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,UAAU,CAAA;QAE1C,IAAI,IAAI,GAAG,OAAO,CAAA;QAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;YAChC,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,wBAAwB,CAAC,CAChE,CAAA;YACD,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,GAAG,wBAAwB,EAAE,SAAS,GAAG,UAAU,CAAC,CAC7E,CAAA;YACD,IAAI,IAAI,CAAA;YACR,IAAI,EAAE,KAAK,QAAQ,EAAE,CAAC;gBACpB,IAAI,GAAG,OAAO,CAAA;YAChB,CAAC;iBAAM,CAAC;gBACN,IAAI,GAAG,EAAE,CAAC,cAAc,CAAC,EAAE,CAAC,CAAA;YAC9B,CAAC;YAED,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACvB,CAAC;QAED,OAAO,qBAAqB,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED,YAAY,CAAC,KAAiB;QAC5B,mCAAmC;QACnC,MAAM,UAAU,GAAG,GAAG,CAAA;QACtB,MAAM,KAAK,GAAG,EAAE,CAAA;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;YACnD,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;YAChC,MAAM,EAAE,GAAG,mBAAmB,CAC5B,KAAK,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,wBAAwB,CAAC,CAChE,CAAA;YAED,MAAM,OAAO,GAAG,SAAS,GAAG,wBAAwB,CAAA;YACpD,MAAM,EAAE,GAAG,mBAAmB,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,GAAG,wBAAwB,CAAC,CAAC,CAAA;YAE3F,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAA;QAChC,CAAC;QAED,4BAA4B;QAC5B,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAChC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,KAAK,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,KAAK,CACjF,CAAA;QAED,MAAM,IAAI,GAAG,SAAS,CAAC,YAAY,CAAC,aAAa,EAAE,IAAI,CAAC,CAAA;QAExD,IAAI,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/D,OAAO,cAAc,CAAA;QACvB,CAAC;aAAM,CAAC;YACN,OAAO,eAAe,CAAA;QACxB,CAAC;IACH,CAAC;CACF;AAED,OAAO,EACL,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,CAAA"}

package/dist/esm/precompiles/bls12_381/util.d.ts

@@ -0,0 +1,35 @@
+import type { PrecompileInput } from '../types.ts';
+/**
+ * Calculates the gas used for the MSM precompiles based on the number of pairs and
+ * calculating in some discount in relation to the number of pairs.
+ *
+ * @param numPairs - Number of pairings provided to the precompile
+ * @param gasUsedPerPair - Base gas cost per pairing
+ * @param discountTable - Discount table (pair count -> multiplier)
+ * @returns Total gas to charge after applying the discount table
+ */
+export declare const msmGasUsed: (numPairs: number, gasUsedPerPair: bigint, discountTable: [number, number][]) => bigint;
+/**
+ * BLS-specific zero check to check that the top 16 bytes of a 64 byte field element provided
+ * are always zero (see EIP notes on field element encoding).
+ *
+ * Zero byte ranges are expected to be passed in the following format (and so each referencing
+ * 16-byte ranges):
+ *
+ * ```ts
+ * const zeroByteRanges = [
+ *   [0, 16],
+ *   [64, 80],
+ *   [128, 144]
+ *
+ * ]
+ * ```
+ *
+ * @param opts - Precompile input wrapper containing the data to inspect
+ * @param zeroByteRanges - Ranges (as [start, end]) within which bytes must be zero
+ * @param pName - Human readable precompile name for logging
+ * @param pairStart - Optional offset into the data when iterating through pairs
+ * @returns `true` if every specified range contains only zero bytes
+ */
+export declare const leading16ZeroBytesCheck: (opts: PrecompileInput, zeroByteRanges: number[][], pName: string, pairStart?: number) => boolean;
+//# sourceMappingURL=util.d.ts.map

package/dist/esm/precompiles/bls12_381/util.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../../src/precompiles/bls12_381/util.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAIlD;;;;;;;;GAQG;AACH,eAAO,MAAM,UAAU,GACrB,UAAU,MAAM,EAChB,gBAAgB,MAAM,EACtB,eAAe,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,WAgBlC,CAAA;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,eAAO,MAAM,uBAAuB,GAClC,MAAM,eAAe,EACrB,gBAAgB,MAAM,EAAE,EAAE,EAC1B,OAAO,MAAM,EACb,kBAAa,YAed,CAAA"}

package/dist/esm/precompiles/bls12_381/util.js

@@ -0,0 +1,63 @@
+import { equalsBytes } from '@feelyourprotocol/util';
+const ZERO_BYTES_16 = new Uint8Array(16);
+/**
+ * Calculates the gas used for the MSM precompiles based on the number of pairs and
+ * calculating in some discount in relation to the number of pairs.
+ *
+ * @param numPairs - Number of pairings provided to the precompile
+ * @param gasUsedPerPair - Base gas cost per pairing
+ * @param discountTable - Discount table (pair count -> multiplier)
+ * @returns Total gas to charge after applying the discount table
+ */
+export const msmGasUsed = (numPairs, gasUsedPerPair, discountTable) => {
+    const gasDiscountMax = discountTable[discountTable.length - 1][1];
+    let gasDiscountMultiplier;
+    if (numPairs <= discountTable.length) {
+        if (numPairs === 0) {
+            gasDiscountMultiplier = 0; // this implicitly sets gasUsed to 0 as per the EIP.
+        }
+        else {
+            gasDiscountMultiplier = discountTable[numPairs - 1][1];
+        }
+    }
+    else {
+        gasDiscountMultiplier = gasDiscountMax;
+    }
+    // (numPairs * multiplication_cost * discount) / multiplier
+    return (BigInt(numPairs) * gasUsedPerPair * BigInt(gasDiscountMultiplier)) / BigInt(1000);
+};
+/**
+ * BLS-specific zero check to check that the top 16 bytes of a 64 byte field element provided
+ * are always zero (see EIP notes on field element encoding).
+ *
+ * Zero byte ranges are expected to be passed in the following format (and so each referencing
+ * 16-byte ranges):
+ *
+ * ```ts
+ * const zeroByteRanges = [
+ *   [0, 16],
+ *   [64, 80],
+ *   [128, 144]
+ *
+ * ]
+ * ```
+ *
+ * @param opts - Precompile input wrapper containing the data to inspect
+ * @param zeroByteRanges - Ranges (as [start, end]) within which bytes must be zero
+ * @param pName - Human readable precompile name for logging
+ * @param pairStart - Optional offset into the data when iterating through pairs
+ * @returns `true` if every specified range contains only zero bytes
+ */
+export const leading16ZeroBytesCheck = (opts, zeroByteRanges, pName, pairStart = 0) => {
+    for (const index in zeroByteRanges) {
+        const slicedBuffer = opts.data.subarray(zeroByteRanges[index][0] + pairStart, zeroByteRanges[index][1] + pairStart);
+        if (!(equalsBytes(slicedBuffer, ZERO_BYTES_16) === true)) {
+            if (opts._debug !== undefined) {
+                opts._debug(`${pName} failed: Point not on curve`);
+            }
+            return false;
+        }
+    }
+    return true;
+};
+//# sourceMappingURL=util.js.map