@noble/curves 0.7.3 → 0.8.1

package/esm/stark.js

@@ -1,251 +0,0 @@
-/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
-import { keccak_256 } from '@noble/hashes/sha3';
-import { sha256 } from '@noble/hashes/sha256';
-import { utf8ToBytes } from '@noble/hashes/utils';
-import { Fp, mod, validateField } from './abstract/modular.js';
-import { poseidon } from './abstract/poseidon.js';
-import { weierstrass } from './abstract/weierstrass.js';
-import { bitMask, bytesToHex, bytesToNumberBE, concatBytes, ensureBytes as ensureBytesOrig, hexToBytes, hexToNumber, numberToVarBytesBE, } from './abstract/utils.js';
-import { getHash } from './_shortw_utils.js';
-const CURVE_ORDER = BigInt('3618502788666131213697322783095070105526743751716087489154079457884512865583');
-const nBitLength = 252;
-function bits2int(bytes) {
-    while (bytes[0] === 0)
-        bytes = bytes.subarray(1); // strip leading 0s
-    // Copy-pasted from weierstrass.ts
-    const delta = bytes.length * 8 - nBitLength;
-    const num = bytesToNumberBE(bytes);
-    return delta > 0 ? num >> BigInt(delta) : num;
-}
-function hex0xToBytes(hex) {
-    if (typeof hex === 'string') {
-        hex = strip0x(hex); // allow 0x prefix
-        if (hex.length & 1)
-            hex = '0' + hex; // allow unpadded hex
-    }
-    return hexToBytes(hex);
-}
-const curve = weierstrass({
-    a: BigInt(1),
-    b: BigInt('3141592653589793238462643383279502884197169399375105820974944592307816406665'),
-    // Field over which we'll do calculations; 2n**251n + 17n * 2n**192n + 1n
-    // There is no efficient sqrt for field (P%4==1)
-    Fp: Fp(BigInt('0x800000000000011000000000000000000000000000000000000000000000001')),
-    n: CURVE_ORDER,
-    nBitLength,
-    // Base point (x, y) aka generator point
-    Gx: BigInt('874739451078007766457464989774322083649278607533249481151382481072868806602'),
-    Gy: BigInt('152666792071518830868575557812948353041420400780739481342941381225525861407'),
-    h: BigInt(1),
-    lowS: false,
-    ...getHash(sha256),
-    // Custom truncation routines for stark curve
-    bits2int,
-    bits2int_modN: (bytes) => {
-        // 2102820b232636d200cb21f1d330f20d096cae09d1bf3edb1cc333ddee11318 =>
-        // 2102820b232636d200cb21f1d330f20d096cae09d1bf3edb1cc333ddee113180
-        const hex = bytesToNumberBE(bytes).toString(16); // toHex unpadded
-        if (hex.length === 63)
-            bytes = hex0xToBytes(hex + '0'); // append trailing 0
-        return mod(bits2int(bytes), CURVE_ORDER);
-    },
-});
-export const _starkCurve = curve;
-function ensureBytes(hex) {
-    return ensureBytesOrig('', typeof hex === 'string' ? hex0xToBytes(hex) : hex);
-}
-function normPrivKey(privKey) {
-    return bytesToHex(ensureBytes(privKey)).padStart(64, '0');
-}
-export function getPublicKey(privKey, isCompressed = false) {
-    return curve.getPublicKey(normPrivKey(privKey), isCompressed);
-}
-export function getSharedSecret(privKeyA, pubKeyB) {
-    return curve.getSharedSecret(normPrivKey(privKeyA), pubKeyB);
-}
-export function sign(msgHash, privKey, opts) {
-    return curve.sign(ensureBytes(msgHash), normPrivKey(privKey), opts);
-}
-export function verify(signature, msgHash, pubKey) {
-    const sig = signature instanceof Signature ? signature : ensureBytes(signature);
-    return curve.verify(sig, ensureBytes(msgHash), ensureBytes(pubKey));
-}
-const { CURVE, ProjectivePoint, Signature, utils } = curve;
-export { CURVE, ProjectivePoint, Signature, utils };
-function extractX(bytes) {
-    const hex = bytesToHex(bytes.subarray(1));
-    const stripped = hex.replace(/^0+/gm, ''); // strip leading 0s
-    return `0x${stripped}`;
-}
-function strip0x(hex) {
-    return hex.replace(/^0x/i, '');
-}
-function numberTo0x16(num) {
-    // can't use utils.numberToHexUnpadded: adds leading 0 for even byte length
-    return `0x${num.toString(16)}`;
-}
-// seed generation
-export function grindKey(seed) {
-    const _seed = ensureBytes(seed);
-    const sha256mask = 2n ** 256n;
-    const limit = sha256mask - mod(sha256mask, CURVE_ORDER);
-    for (let i = 0;; i++) {
-        const key = sha256Num(concatBytes(_seed, numberToVarBytesBE(BigInt(i))));
-        if (key < limit)
-            return mod(key, CURVE_ORDER).toString(16); // key should be in [0, limit)
-        if (i === 100000)
-            throw new Error('grindKey is broken: tried 100k vals'); // prevent dos
-    }
-}
-export function getStarkKey(privateKey) {
-    return extractX(getPublicKey(privateKey, true));
-}
-export function ethSigToPrivate(signature) {
-    signature = strip0x(signature);
-    if (signature.length !== 130)
-        throw new Error('Wrong ethereum signature');
-    return grindKey(signature.substring(0, 64));
-}
-const MASK_31 = 2n ** 31n - 1n;
-const int31 = (n) => Number(n & MASK_31);
-export function getAccountPath(layer, application, ethereumAddress, index) {
-    const layerNum = int31(sha256Num(layer));
-    const applicationNum = int31(sha256Num(application));
-    const eth = hexToNumber(strip0x(ethereumAddress));
-    return `m/2645'/${layerNum}'/${applicationNum}'/${int31(eth)}'/${int31(eth >> 31n)}'/${index}`;
-}
-// https://docs.starkware.co/starkex/pedersen-hash-function.html
-const PEDERSEN_POINTS = [
-    new ProjectivePoint(2089986280348253421170679821480865132823066470938446095505822317253594081284n, 1713931329540660377023406109199410414810705867260802078187082345529207694986n, 1n),
-    new ProjectivePoint(996781205833008774514500082376783249102396023663454813447423147977397232763n, 1668503676786377725805489344771023921079126552019160156920634619255970485781n, 1n),
-    new ProjectivePoint(2251563274489750535117886426533222435294046428347329203627021249169616184184n, 1798716007562728905295480679789526322175868328062420237419143593021674992973n, 1n),
-    new ProjectivePoint(2138414695194151160943305727036575959195309218611738193261179310511854807447n, 113410276730064486255102093846540133784865286929052426931474106396135072156n, 1n),
-    new ProjectivePoint(2379962749567351885752724891227938183011949129833673362440656643086021394946n, 776496453633298175483985398648758586525933812536653089401905292063708816422n, 1n),
-];
-function pedersenPrecompute(p1, p2) {
-    const out = [];
-    let p = p1;
-    for (let i = 0; i < 248; i++) {
-        out.push(p);
-        p = p.double();
-    }
-    // NOTE: we cannot use wNAF here, because last 4 bits will require full 248 bits multiplication
-    // We can add support for this to wNAF, but it will complicate wNAF.
-    p = p2;
-    for (let i = 0; i < 4; i++) {
-        out.push(p);
-        p = p.double();
-    }
-    return out;
-}
-const PEDERSEN_POINTS1 = pedersenPrecompute(PEDERSEN_POINTS[1], PEDERSEN_POINTS[2]);
-const PEDERSEN_POINTS2 = pedersenPrecompute(PEDERSEN_POINTS[3], PEDERSEN_POINTS[4]);
-function pedersenArg(arg) {
-    let value;
-    if (typeof arg === 'bigint') {
-        value = arg;
-    }
-    else if (typeof arg === 'number') {
-        if (!Number.isSafeInteger(arg))
-            throw new Error(`Invalid pedersenArg: ${arg}`);
-        value = BigInt(arg);
-    }
-    else {
-        value = bytesToNumberBE(ensureBytes(arg));
-    }
-    if (!(0n <= value && value < curve.CURVE.Fp.ORDER))
-        throw new Error(`PedersenArg should be 0 <= value < CURVE.P: ${value}`); // [0..Fp)
-    return value;
-}
-function pedersenSingle(point, value, constants) {
-    let x = pedersenArg(value);
-    for (let j = 0; j < 252; j++) {
-        const pt = constants[j];
-        if (pt.px === point.px)
-            throw new Error('Same point');
-        if ((x & 1n) !== 0n)
-            point = point.add(pt);
-        x >>= 1n;
-    }
-    return point;
-}
-// shift_point + x_low * P_0 + x_high * P1 + y_low * P2  + y_high * P3
-export function pedersen(x, y) {
-    let point = PEDERSEN_POINTS[0];
-    point = pedersenSingle(point, x, PEDERSEN_POINTS1);
-    point = pedersenSingle(point, y, PEDERSEN_POINTS2);
-    return extractX(point.toRawBytes(true));
-}
-export function hashChain(data, fn = pedersen) {
-    if (!Array.isArray(data) || data.length < 1)
-        throw new Error('data should be array of at least 1 element');
-    if (data.length === 1)
-        return numberTo0x16(pedersenArg(data[0]));
-    return Array.from(data)
-        .reverse()
-        .reduce((acc, i) => fn(i, acc));
-}
-// Same as hashChain, but computes hash even for single element and order is not revesed
-export const computeHashOnElements = (data, fn = pedersen) => [0, ...data, data.length].reduce((x, y) => fn(x, y));
-const MASK_250 = bitMask(250);
-export const keccak = (data) => bytesToNumberBE(keccak_256(data)) & MASK_250;
-const sha256Num = (data) => bytesToNumberBE(sha256(data));
-// Poseidon hash
-export const Fp253 = Fp(BigInt('14474011154664525231415395255581126252639794253786371766033694892385558855681')); // 2^253 + 2^199 + 1
-export const Fp251 = Fp(BigInt('3618502788666131213697322783095070105623107215331596699973092056135872020481')); // 2^251 + 17 * 2^192 + 1
-function poseidonRoundConstant(Fp, name, idx) {
-    const val = Fp.fromBytes(sha256(utf8ToBytes(`${name}${idx}`)));
-    return Fp.create(val);
-}
-// NOTE: doesn't check eiginvalues and possible can create unsafe matrix. But any filtration here will break compatibility with starknet
-// Please use only if you really know what you doing.
-// https://eprint.iacr.org/2019/458.pdf Section 2.3 (Avoiding Insecure Matrices)
-export function _poseidonMDS(Fp, name, m, attempt = 0) {
-    const x_values = [];
-    const y_values = [];
-    for (let i = 0; i < m; i++) {
-        x_values.push(poseidonRoundConstant(Fp, `${name}x`, attempt * m + i));
-        y_values.push(poseidonRoundConstant(Fp, `${name}y`, attempt * m + i));
-    }
-    if (new Set([...x_values, ...y_values]).size !== 2 * m)
-        throw new Error('X and Y values are not distinct');
-    return x_values.map((x) => y_values.map((y) => Fp.inv(Fp.sub(x, y))));
-}
-const MDS_SMALL = [
-    [3, 1, 1],
-    [1, -1, 1],
-    [1, 1, -2],
-].map((i) => i.map(BigInt));
-export function poseidonBasic(opts, mds) {
-    validateField(opts.Fp);
-    if (!Number.isSafeInteger(opts.rate) || !Number.isSafeInteger(opts.capacity))
-        throw new Error(`Wrong poseidon opts: ${opts}`);
-    const m = opts.rate + opts.capacity;
-    const rounds = opts.roundsFull + opts.roundsPartial;
-    const roundConstants = [];
-    for (let i = 0; i < rounds; i++) {
-        const row = [];
-        for (let j = 0; j < m; j++)
-            row.push(poseidonRoundConstant(opts.Fp, 'Hades', m * i + j));
-        roundConstants.push(row);
-    }
-    return poseidon({
-        ...opts,
-        t: m,
-        sboxPower: 3,
-        reversePartialPowIdx: true,
-        mds,
-        roundConstants,
-    });
-}
-export function poseidonCreate(opts, mdsAttempt = 0) {
-    const m = opts.rate + opts.capacity;
-    if (!Number.isSafeInteger(mdsAttempt))
-        throw new Error(`Wrong mdsAttempt=${mdsAttempt}`);
-    return poseidonBasic(opts, _poseidonMDS(opts.Fp, 'HadesMDS', m, mdsAttempt));
-}
-export const poseidonSmall = poseidonBasic({ Fp: Fp251, rate: 2, capacity: 1, roundsFull: 8, roundsPartial: 83 }, MDS_SMALL);
-export function poseidonHash(x, y, fn = poseidonSmall) {
-    return fn([x, y, 2n])[0];
-}
-//# sourceMappingURL=stark.js.map

package/esm/stark.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"stark.js","sourceRoot":"","sources":["../src/stark.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,EAAE,EAAE,GAAG,EAAS,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtE,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,WAAW,EAAgC,MAAM,2BAA2B,CAAC;AACtF,OAAO,EAEL,OAAO,EACP,UAAU,EACV,eAAe,EACf,WAAW,EACX,WAAW,IAAI,eAAe,EAC9B,UAAU,EACV,WAAW,EACX,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAM7C,MAAM,WAAW,GAAG,MAAM,CACxB,8EAA8E,CAC/E,CAAC;AACF,MAAM,UAAU,GAAG,GAAG,CAAC;AACvB,SAAS,QAAQ,CAAC,KAAiB;IACjC,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QAAE,KAAK,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;IACrE,kCAAkC;IAClC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,UAAU,CAAC;IAC5C,MAAM,GAAG,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACnC,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;AAChD,CAAC;AACD,SAAS,YAAY,CAAC,GAAW;IAC/B,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,kBAAkB;QACtC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;YAAE,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC,qBAAqB;KAC3D;IACD,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC;AACD,MAAM,KAAK,GAAG,WAAW,CAAC;IACxB,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,8EAA8E,CAAC;IACzF,yEAAyE;IACzE,gDAAgD;IAChD,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,mEAAmE,CAAC,CAAC;IACnF,CAAC,EAAE,WAAW;IACd,UAAU;IACV,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,6EAA6E,CAAC;IACzF,EAAE,EAAE,MAAM,CAAC,6EAA6E,CAAC;IACzF,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,KAAK;IACX,GAAG,OAAO,CAAC,MAAM,CAAC;IAClB,6CAA6C;IAC7C,QAAQ;IACR,aAAa,EAAE,CAAC,KAAiB,EAAU,EAAE;QAC3C,qEAAqE;QACrE,mEAAmE;QACnE,MAAM,GAAG,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB;QAClE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE;YAAE,KAAK,GAAG,YAAY,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,oBAAoB;QAC5E,OAAO,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,WAAW,CAAC,CAAC;IAC3C,CAAC;CACF,CAAC,CAAC;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,CAAC;AAEjC,SAAS,WAAW,CAAC,GAAQ;IAC3B,OAAO,eAAe,CAAC,EAAE,EAAE,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAChF,CAAC;AAED,SAAS,WAAW,CAAC,OAAY;IAC/B,OAAO,UAAU,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;AAC5D,CAAC;AACD,MAAM,UAAU,YAAY,CAAC,OAAY,EAAE,YAAY,GAAG,KAAK;IAC7D,OAAO,KAAK,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,YAAY,CAAC,CAAC;AAChE,CAAC;AACD,MAAM,UAAU,eAAe,CAAC,QAAa,EAAE,OAAY;IACzD,OAAO,KAAK,CAAC,eAAe,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,CAAC;AAC/D,CAAC;AACD,MAAM,UAAU,IAAI,CAAC,OAAY,EAAE,OAAY,EAAE,IAAU;IACzD,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;AACtE,CAAC;AACD,MAAM,UAAU,MAAM,CAAC,SAA8B,EAAE,OAAY,EAAE,MAAW;IAC9E,MAAM,GAAG,GAAG,SAAS,YAAY,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IAChF,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,WAAW,CAAC,OAAO,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC;AACtE,CAAC;AAED,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC;AAC3D,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AAEpD,SAAS,QAAQ,CAAC,KAAiB;IACjC,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,mBAAmB;IAC9D,OAAO,KAAK,QAAQ,EAAE,CAAC;AACzB,CAAC;AACD,SAAS,OAAO,CAAC,GAAW;IAC1B,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACjC,CAAC;AACD,SAAS,YAAY,CAAC,GAAW;IAC/B,2EAA2E;IAC3E,OAAO,KAAK,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;AACjC,CAAC;AAED,kBAAkB;AAClB,MAAM,UAAU,QAAQ,CAAC,IAAS;IAChC,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,EAAE,IAAI,IAAI,CAAC;IAC9B,MAAM,KAAK,GAAG,UAAU,GAAG,GAAG,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IACxD,KAAK,IAAI,CAAC,GAAG,CAAC,GAAI,CAAC,EAAE,EAAE;QACrB,MAAM,GAAG,GAAG,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACzE,IAAI,GAAG,GAAG,KAAK;YAAE,OAAO,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,8BAA8B;QAC1F,IAAI,CAAC,KAAK,MAAM;YAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC,CAAC,cAAc;KACzF;AACH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,UAAe;IACzC,OAAO,QAAQ,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,SAAiB;IAC/C,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/B,IAAI,SAAS,CAAC,MAAM,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC1E,OAAO,QAAQ,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,MAAM,OAAO,GAAG,EAAE,IAAI,GAAG,GAAG,EAAE,CAAC;AAC/B,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC;AACjD,MAAM,UAAU,cAAc,CAC5B,KAAa,EACb,WAAmB,EACnB,eAAuB,EACvB,KAAa;IAEb,MAAM,QAAQ,GAAG,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACzC,MAAM,cAAc,GAAG,KAAK,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,CAAC;IACrD,MAAM,GAAG,GAAG,WAAW,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC;IAClD,OAAO,WAAW,QAAQ,KAAK,cAAc,KAAK,KAAK,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,KAAK,EAAE,CAAC;AACjG,CAAC;AAED,gEAAgE;AAChE,MAAM,eAAe,GAAG;IACtB,IAAI,eAAe,CACjB,6EAA6E,EAC7E,6EAA6E,EAC7E,EAAE,CACH;IACD,IAAI,eAAe,CACjB,4EAA4E,EAC5E,6EAA6E,EAC7E,EAAE,CACH;IACD,IAAI,eAAe,CACjB,6EAA6E,EAC7E,6EAA6E,EAC7E,EAAE,CACH;IACD,IAAI,eAAe,CACjB,6EAA6E,EAC7E,4EAA4E,EAC5E,EAAE,CACH;IACD,IAAI,eAAe,CACjB,6EAA6E,EAC7E,4EAA4E,EAC5E,EAAE,CACH;CACF,CAAC;AAEF,SAAS,kBAAkB,CAAC,EAAmB,EAAE,EAAmB;IAClE,MAAM,GAAG,GAAsB,EAAE,CAAC;IAClC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC5B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACZ,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;KAChB;IACD,+FAA+F;IAC/F,oEAAoE;IACpE,CAAC,GAAG,EAAE,CAAC;IACP,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACZ,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;KAChB;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AACD,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;AACpF,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;AAGpF,SAAS,WAAW,CAAC,GAAgB;IACnC,IAAI,KAAa,CAAC;IAClB,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAC3B,KAAK,GAAG,GAAG,CAAC;KACb;SAAM,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;QAClC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAC;QAC/E,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;KACrB;SAAM;QACL,KAAK,GAAG,eAAe,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;KAC3C;IACD,IAAI,CAAC,CAAC,EAAE,IAAI,KAAK,IAAI,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,+CAA+C,KAAK,EAAE,CAAC,CAAC,CAAC,UAAU;IACrF,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,KAAsB,EAAE,KAAkB,EAAE,SAA4B;IAC9F,IAAI,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC5B,MAAM,EAAE,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QACxB,IAAI,EAAE,CAAC,EAAE,KAAK,KAAK,CAAC,EAAE;YAAE,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QACtD,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE;YAAE,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC3C,CAAC,KAAK,EAAE,CAAC;KACV;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,QAAQ,CAAC,CAAc,EAAE,CAAc;IACrD,IAAI,KAAK,GAAoB,eAAe,CAAC,CAAC,CAAC,CAAC;IAChD,KAAK,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,EAAE,gBAAgB,CAAC,CAAC;IACnD,KAAK,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,EAAE,gBAAgB,CAAC,CAAC;IACnD,OAAO,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,IAAmB,EAAE,EAAE,GAAG,QAAQ;IAC1D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC;QACzC,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;SACpB,OAAO,EAAE;SACT,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;AACpC,CAAC;AACD,wFAAwF;AACxF,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,IAAmB,EAAE,EAAE,GAAG,QAAQ,EAAE,EAAE,CAC1E,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAEvD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;AAC9B,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,IAAgB,EAAU,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,QAAQ,CAAC;AACjG,MAAM,SAAS,GAAG,CAAC,IAAyB,EAAU,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAEvF,gBAAgB;AAChB,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE,CACrB,MAAM,CAAC,+EAA+E,CAAC,CACxF,CAAC,CAAC,oBAAoB;AACvB,MAAM,CAAC,MAAM,KAAK,GAAG,EAAE,CACrB,MAAM,CAAC,8EAA8E,CAAC,CACvF,CAAC,CAAC,yBAAyB;AAE5B,SAAS,qBAAqB,CAAC,EAAiB,EAAE,IAAY,EAAE,GAAW;IACzE,MAAM,GAAG,GAAG,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,IAAI,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/D,OAAO,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,wIAAwI;AACxI,qDAAqD;AACrD,gFAAgF;AAChF,MAAM,UAAU,YAAY,CAAC,EAAiB,EAAE,IAAY,EAAE,CAAS,EAAE,OAAO,GAAG,CAAC;IAClF,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;QAC1B,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,EAAE,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACtE,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAAE,EAAE,GAAG,IAAI,GAAG,EAAE,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;KACvE;IACD,IAAI,IAAI,GAAG,CAAC,CAAC,GAAG,QAAQ,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACxE,CAAC;AAED,MAAM,SAAS,GAAG;IAChB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACT,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;IACV,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;CACX,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAU5B,MAAM,UAAU,aAAa,CAAC,IAAkB,EAAE,GAAe;IAC/D,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvB,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC;IAClD,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC;IACpC,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC;IACpD,MAAM,cAAc,GAAG,EAAE,CAAC;IAC1B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACzF,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KAC1B;IACD,OAAO,QAAQ,CAAC;QACd,GAAG,IAAI;QACP,CAAC,EAAE,CAAC;QACJ,SAAS,EAAE,CAAC;QACZ,oBAAoB,EAAE,IAAI;QAC1B,GAAG;QACH,cAAc;KACf,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAAkB,EAAE,UAAU,GAAG,CAAC;IAC/D,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC;IACpC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,oBAAoB,UAAU,EAAE,CAAC,CAAC;IACzF,OAAO,aAAa,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,aAAa,CACxC,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,aAAa,EAAE,EAAE,EAAE,EACrE,SAAS,CACV,CAAC;AAEF,MAAM,UAAU,YAAY,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,GAAG,aAAa;IACnE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3B,CAAC"}

package/src/stark.ts

@@ -1,318 +0,0 @@
-/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
-import { keccak_256 } from '@noble/hashes/sha3';
-import { sha256 } from '@noble/hashes/sha256';
-import { utf8ToBytes } from '@noble/hashes/utils';
-import { Fp, mod, Field, validateField } from './abstract/modular.js';
-import { poseidon } from './abstract/poseidon.js';
-import { weierstrass, ProjPointType, SignatureType } from './abstract/weierstrass.js';
-import {
-  Hex,
-  bitMask,
-  bytesToHex,
-  bytesToNumberBE,
-  concatBytes,
-  ensureBytes as ensureBytesOrig,
-  hexToBytes,
-  hexToNumber,
-  numberToVarBytesBE,
-} from './abstract/utils.js';
-import { getHash } from './_shortw_utils.js';
-
-// Stark-friendly elliptic curve
-// https://docs.starkware.co/starkex/stark-curve.html
-
-type ProjectivePoint = ProjPointType<bigint>;
-const CURVE_ORDER = BigInt(
-  '3618502788666131213697322783095070105526743751716087489154079457884512865583'
-);
-const nBitLength = 252;
-function bits2int(bytes: Uint8Array): bigint {
-  while (bytes[0] === 0) bytes = bytes.subarray(1); // strip leading 0s
-  // Copy-pasted from weierstrass.ts
-  const delta = bytes.length * 8 - nBitLength;
-  const num = bytesToNumberBE(bytes);
-  return delta > 0 ? num >> BigInt(delta) : num;
-}
-function hex0xToBytes(hex: string): Uint8Array {
-  if (typeof hex === 'string') {
-    hex = strip0x(hex); // allow 0x prefix
-    if (hex.length & 1) hex = '0' + hex; // allow unpadded hex
-  }
-  return hexToBytes(hex);
-}
-const curve = weierstrass({
-  a: BigInt(1), // Params: a, b
-  b: BigInt('3141592653589793238462643383279502884197169399375105820974944592307816406665'),
-  // Field over which we'll do calculations; 2n**251n + 17n * 2n**192n + 1n
-  // There is no efficient sqrt for field (P%4==1)
-  Fp: Fp(BigInt('0x800000000000011000000000000000000000000000000000000000000000001')),
-  n: CURVE_ORDER, // Curve order, total count of valid points in the field.
-  nBitLength, // len(bin(N).replace('0b',''))
-  // Base point (x, y) aka generator point
-  Gx: BigInt('874739451078007766457464989774322083649278607533249481151382481072868806602'),
-  Gy: BigInt('152666792071518830868575557812948353041420400780739481342941381225525861407'),
-  h: BigInt(1), // cofactor
-  lowS: false, // Allow high-s signatures
-  ...getHash(sha256),
-  // Custom truncation routines for stark curve
-  bits2int,
-  bits2int_modN: (bytes: Uint8Array): bigint => {
-    // 2102820b232636d200cb21f1d330f20d096cae09d1bf3edb1cc333ddee11318 =>
-    // 2102820b232636d200cb21f1d330f20d096cae09d1bf3edb1cc333ddee113180
-    const hex = bytesToNumberBE(bytes).toString(16); // toHex unpadded
-    if (hex.length === 63) bytes = hex0xToBytes(hex + '0'); // append trailing 0
-    return mod(bits2int(bytes), CURVE_ORDER);
-  },
-});
-export const _starkCurve = curve;
-
-function ensureBytes(hex: Hex): Uint8Array {
-  return ensureBytesOrig('', typeof hex === 'string' ? hex0xToBytes(hex) : hex);
-}
-
-function normPrivKey(privKey: Hex): string {
-  return bytesToHex(ensureBytes(privKey)).padStart(64, '0');
-}
-export function getPublicKey(privKey: Hex, isCompressed = false): Uint8Array {
-  return curve.getPublicKey(normPrivKey(privKey), isCompressed);
-}
-export function getSharedSecret(privKeyA: Hex, pubKeyB: Hex): Uint8Array {
-  return curve.getSharedSecret(normPrivKey(privKeyA), pubKeyB);
-}
-export function sign(msgHash: Hex, privKey: Hex, opts?: any): SignatureType {
-  return curve.sign(ensureBytes(msgHash), normPrivKey(privKey), opts);
-}
-export function verify(signature: SignatureType | Hex, msgHash: Hex, pubKey: Hex) {
-  const sig = signature instanceof Signature ? signature : ensureBytes(signature);
-  return curve.verify(sig, ensureBytes(msgHash), ensureBytes(pubKey));
-}
-
-const { CURVE, ProjectivePoint, Signature, utils } = curve;
-export { CURVE, ProjectivePoint, Signature, utils };
-
-function extractX(bytes: Uint8Array): string {
-  const hex = bytesToHex(bytes.subarray(1));
-  const stripped = hex.replace(/^0+/gm, ''); // strip leading 0s
-  return `0x${stripped}`;
-}
-function strip0x(hex: string) {
-  return hex.replace(/^0x/i, '');
-}
-function numberTo0x16(num: bigint) {
-  // can't use utils.numberToHexUnpadded: adds leading 0 for even byte length
-  return `0x${num.toString(16)}`;
-}
-
-// seed generation
-export function grindKey(seed: Hex) {
-  const _seed = ensureBytes(seed);
-  const sha256mask = 2n ** 256n;
-  const limit = sha256mask - mod(sha256mask, CURVE_ORDER);
-  for (let i = 0; ; i++) {
-    const key = sha256Num(concatBytes(_seed, numberToVarBytesBE(BigInt(i))));
-    if (key < limit) return mod(key, CURVE_ORDER).toString(16); // key should be in [0, limit)
-    if (i === 100000) throw new Error('grindKey is broken: tried 100k vals'); // prevent dos
-  }
-}
-
-export function getStarkKey(privateKey: Hex): string {
-  return extractX(getPublicKey(privateKey, true));
-}
-
-export function ethSigToPrivate(signature: string): string {
-  signature = strip0x(signature);
-  if (signature.length !== 130) throw new Error('Wrong ethereum signature');
-  return grindKey(signature.substring(0, 64));
-}
-
-const MASK_31 = 2n ** 31n - 1n;
-const int31 = (n: bigint) => Number(n & MASK_31);
-export function getAccountPath(
-  layer: string,
-  application: string,
-  ethereumAddress: string,
-  index: number
-): string {
-  const layerNum = int31(sha256Num(layer));
-  const applicationNum = int31(sha256Num(application));
-  const eth = hexToNumber(strip0x(ethereumAddress));
-  return `m/2645'/${layerNum}'/${applicationNum}'/${int31(eth)}'/${int31(eth >> 31n)}'/${index}`;
-}
-
-// https://docs.starkware.co/starkex/pedersen-hash-function.html
-const PEDERSEN_POINTS = [
-  new ProjectivePoint(
-    2089986280348253421170679821480865132823066470938446095505822317253594081284n,
-    1713931329540660377023406109199410414810705867260802078187082345529207694986n,
-    1n
-  ),
-  new ProjectivePoint(
-    996781205833008774514500082376783249102396023663454813447423147977397232763n,
-    1668503676786377725805489344771023921079126552019160156920634619255970485781n,
-    1n
-  ),
-  new ProjectivePoint(
-    2251563274489750535117886426533222435294046428347329203627021249169616184184n,
-    1798716007562728905295480679789526322175868328062420237419143593021674992973n,
-    1n
-  ),
-  new ProjectivePoint(
-    2138414695194151160943305727036575959195309218611738193261179310511854807447n,
-    113410276730064486255102093846540133784865286929052426931474106396135072156n,
-    1n
-  ),
-  new ProjectivePoint(
-    2379962749567351885752724891227938183011949129833673362440656643086021394946n,
-    776496453633298175483985398648758586525933812536653089401905292063708816422n,
-    1n
-  ),
-];
-
-function pedersenPrecompute(p1: ProjectivePoint, p2: ProjectivePoint): ProjectivePoint[] {
-  const out: ProjectivePoint[] = [];
-  let p = p1;
-  for (let i = 0; i < 248; i++) {
-    out.push(p);
-    p = p.double();
-  }
-  // NOTE: we cannot use wNAF here, because last 4 bits will require full 248 bits multiplication
-  // We can add support for this to wNAF, but it will complicate wNAF.
-  p = p2;
-  for (let i = 0; i < 4; i++) {
-    out.push(p);
-    p = p.double();
-  }
-  return out;
-}
-const PEDERSEN_POINTS1 = pedersenPrecompute(PEDERSEN_POINTS[1], PEDERSEN_POINTS[2]);
-const PEDERSEN_POINTS2 = pedersenPrecompute(PEDERSEN_POINTS[3], PEDERSEN_POINTS[4]);
-
-type PedersenArg = Hex | bigint | number;
-function pedersenArg(arg: PedersenArg): bigint {
-  let value: bigint;
-  if (typeof arg === 'bigint') {
-    value = arg;
-  } else if (typeof arg === 'number') {
-    if (!Number.isSafeInteger(arg)) throw new Error(`Invalid pedersenArg: ${arg}`);
-    value = BigInt(arg);
-  } else {
-    value = bytesToNumberBE(ensureBytes(arg));
-  }
-  if (!(0n <= value && value < curve.CURVE.Fp.ORDER))
-    throw new Error(`PedersenArg should be 0 <= value < CURVE.P: ${value}`); // [0..Fp)
-  return value;
-}
-
-function pedersenSingle(point: ProjectivePoint, value: PedersenArg, constants: ProjectivePoint[]) {
-  let x = pedersenArg(value);
-  for (let j = 0; j < 252; j++) {
-    const pt = constants[j];
-    if (pt.px === point.px) throw new Error('Same point');
-    if ((x & 1n) !== 0n) point = point.add(pt);
-    x >>= 1n;
-  }
-  return point;
-}
-
-// shift_point + x_low * P_0 + x_high * P1 + y_low * P2  + y_high * P3
-export function pedersen(x: PedersenArg, y: PedersenArg): string {
-  let point: ProjectivePoint = PEDERSEN_POINTS[0];
-  point = pedersenSingle(point, x, PEDERSEN_POINTS1);
-  point = pedersenSingle(point, y, PEDERSEN_POINTS2);
-  return extractX(point.toRawBytes(true));
-}
-
-export function hashChain(data: PedersenArg[], fn = pedersen) {
-  if (!Array.isArray(data) || data.length < 1)
-    throw new Error('data should be array of at least 1 element');
-  if (data.length === 1) return numberTo0x16(pedersenArg(data[0]));
-  return Array.from(data)
-    .reverse()
-    .reduce((acc, i) => fn(i, acc));
-}
-// Same as hashChain, but computes hash even for single element and order is not revesed
-export const computeHashOnElements = (data: PedersenArg[], fn = pedersen) =>
-  [0, ...data, data.length].reduce((x, y) => fn(x, y));
-
-const MASK_250 = bitMask(250);
-export const keccak = (data: Uint8Array): bigint => bytesToNumberBE(keccak_256(data)) & MASK_250;
-const sha256Num = (data: Uint8Array | string): bigint => bytesToNumberBE(sha256(data));
-
-// Poseidon hash
-export const Fp253 = Fp(
-  BigInt('14474011154664525231415395255581126252639794253786371766033694892385558855681')
-); // 2^253 + 2^199 + 1
-export const Fp251 = Fp(
-  BigInt('3618502788666131213697322783095070105623107215331596699973092056135872020481')
-); // 2^251 + 17 * 2^192 + 1
-
-function poseidonRoundConstant(Fp: Field<bigint>, name: string, idx: number) {
-  const val = Fp.fromBytes(sha256(utf8ToBytes(`${name}${idx}`)));
-  return Fp.create(val);
-}
-
-// NOTE: doesn't check eiginvalues and possible can create unsafe matrix. But any filtration here will break compatibility with starknet
-// Please use only if you really know what you doing.
-// https://eprint.iacr.org/2019/458.pdf Section 2.3 (Avoiding Insecure Matrices)
-export function _poseidonMDS(Fp: Field<bigint>, name: string, m: number, attempt = 0) {
-  const x_values: bigint[] = [];
-  const y_values: bigint[] = [];
-  for (let i = 0; i < m; i++) {
-    x_values.push(poseidonRoundConstant(Fp, `${name}x`, attempt * m + i));
-    y_values.push(poseidonRoundConstant(Fp, `${name}y`, attempt * m + i));
-  }
-  if (new Set([...x_values, ...y_values]).size !== 2 * m)
-    throw new Error('X and Y values are not distinct');
-  return x_values.map((x) => y_values.map((y) => Fp.inv(Fp.sub(x, y))));
-}
-
-const MDS_SMALL = [
-  [3, 1, 1],
-  [1, -1, 1],
-  [1, 1, -2],
-].map((i) => i.map(BigInt));
-
-export type PoseidonOpts = {
-  Fp: Field<bigint>;
-  rate: number;
-  capacity: number;
-  roundsFull: number;
-  roundsPartial: number;
-};
-
-export function poseidonBasic(opts: PoseidonOpts, mds: bigint[][]) {
-  validateField(opts.Fp);
-  if (!Number.isSafeInteger(opts.rate) || !Number.isSafeInteger(opts.capacity))
-    throw new Error(`Wrong poseidon opts: ${opts}`);
-  const m = opts.rate + opts.capacity;
-  const rounds = opts.roundsFull + opts.roundsPartial;
-  const roundConstants = [];
-  for (let i = 0; i < rounds; i++) {
-    const row = [];
-    for (let j = 0; j < m; j++) row.push(poseidonRoundConstant(opts.Fp, 'Hades', m * i + j));
-    roundConstants.push(row);
-  }
-  return poseidon({
-    ...opts,
-    t: m,
-    sboxPower: 3,
-    reversePartialPowIdx: true, // Why?!
-    mds,
-    roundConstants,
-  });
-}
-
-export function poseidonCreate(opts: PoseidonOpts, mdsAttempt = 0) {
-  const m = opts.rate + opts.capacity;
-  if (!Number.isSafeInteger(mdsAttempt)) throw new Error(`Wrong mdsAttempt=${mdsAttempt}`);
-  return poseidonBasic(opts, _poseidonMDS(opts.Fp, 'HadesMDS', m, mdsAttempt));
-}
-
-export const poseidonSmall = poseidonBasic(
-  { Fp: Fp251, rate: 2, capacity: 1, roundsFull: 8, roundsPartial: 83 },
-  MDS_SMALL
-);
-
-export function poseidonHash(x: bigint, y: bigint, fn = poseidonSmall) {
-  return fn([x, y, 2n])[0];
-}

package/stark.d.ts

@@ -1,83 +0,0 @@
-import { Field } from './abstract/modular.js';
-import { ProjPointType, SignatureType } from './abstract/weierstrass.js';
-import { Hex } from './abstract/utils.js';
-declare type ProjectivePoint = ProjPointType<bigint>;
-export declare const _starkCurve: import("./abstract/weierstrass.js").CurveFn;
-export declare function getPublicKey(privKey: Hex, isCompressed?: boolean): Uint8Array;
-export declare function getSharedSecret(privKeyA: Hex, pubKeyB: Hex): Uint8Array;
-export declare function sign(msgHash: Hex, privKey: Hex, opts?: any): SignatureType;
-export declare function verify(signature: SignatureType | Hex, msgHash: Hex, pubKey: Hex): boolean;
-declare const CURVE: Readonly<{
-    readonly nBitLength: number;
-    readonly nByteLength: number;
-    readonly Fp: Field<bigint>;
-    readonly n: bigint;
-    readonly h: bigint;
-    readonly hEff?: bigint | undefined;
-    readonly Gx: bigint;
-    readonly Gy: bigint;
-    readonly allowInfinityPoint?: boolean | undefined;
-    readonly a: bigint;
-    readonly b: bigint;
-    readonly allowedPrivateKeyLengths?: readonly number[] | undefined;
-    readonly wrapPrivateKey?: boolean | undefined;
-    readonly endo?: {
-        beta: bigint;
-        splitScalar: (k: bigint) => {
-            k1neg: boolean;
-            k1: bigint;
-            k2neg: boolean;
-            k2: bigint;
-        };
-    } | undefined;
-    readonly isTorsionFree?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: ProjPointType<bigint>) => boolean) | undefined;
-    readonly clearCofactor?: ((c: import("./abstract/weierstrass.js").ProjConstructor<bigint>, point: ProjPointType<bigint>) => ProjPointType<bigint>) | undefined;
-    readonly hash: import("./abstract/utils.js").CHash;
-    readonly hmac: (key: Uint8Array, ...messages: Uint8Array[]) => Uint8Array;
-    readonly randomBytes: (bytesLength?: number | undefined) => Uint8Array;
-    lowS: boolean;
-    readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
-    readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
-}>, ProjectivePoint: import("./abstract/weierstrass.js").ProjConstructor<bigint>, Signature: import("./abstract/weierstrass.js").SignatureConstructor, utils: {
-    normPrivateKeyToScalar: (key: import("./abstract/utils.js").PrivKey) => bigint;
-    isValidPrivateKey(privateKey: import("./abstract/utils.js").PrivKey): boolean;
-    randomPrivateKey: () => Uint8Array;
-    precompute: (windowSize?: number | undefined, point?: ProjPointType<bigint> | undefined) => ProjPointType<bigint>;
-};
-export { CURVE, ProjectivePoint, Signature, utils };
-export declare function grindKey(seed: Hex): string;
-export declare function getStarkKey(privateKey: Hex): string;
-export declare function ethSigToPrivate(signature: string): string;
-export declare function getAccountPath(layer: string, application: string, ethereumAddress: string, index: number): string;
-declare type PedersenArg = Hex | bigint | number;
-export declare function pedersen(x: PedersenArg, y: PedersenArg): string;
-export declare function hashChain(data: PedersenArg[], fn?: typeof pedersen): PedersenArg;
-export declare const computeHashOnElements: (data: PedersenArg[], fn?: typeof pedersen) => PedersenArg;
-export declare const keccak: (data: Uint8Array) => bigint;
-export declare const Fp253: Readonly<Field<bigint> & Required<Pick<Field<bigint>, "isOdd">>>;
-export declare const Fp251: Readonly<Field<bigint> & Required<Pick<Field<bigint>, "isOdd">>>;
-export declare function _poseidonMDS(Fp: Field<bigint>, name: string, m: number, attempt?: number): bigint[][];
-export declare type PoseidonOpts = {
-    Fp: Field<bigint>;
-    rate: number;
-    capacity: number;
-    roundsFull: number;
-    roundsPartial: number;
-};
-export declare function poseidonBasic(opts: PoseidonOpts, mds: bigint[][]): {
-    (values: bigint[]): bigint[];
-    roundConstants: bigint[][];
-};
-export declare function poseidonCreate(opts: PoseidonOpts, mdsAttempt?: number): {
-    (values: bigint[]): bigint[];
-    roundConstants: bigint[][];
-};
-export declare const poseidonSmall: {
-    (values: bigint[]): bigint[];
-    roundConstants: bigint[][];
-};
-export declare function poseidonHash(x: bigint, y: bigint, fn?: {
-    (values: bigint[]): bigint[];
-    roundConstants: bigint[][];
-}): bigint;
-//# sourceMappingURL=stark.d.ts.map