@noble/curves 0.8.2 ā 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +232 -176
- package/_shortw_utils.d.ts +3 -2
- package/_shortw_utils.d.ts.map +1 -1
- package/abstract/bls.d.ts +15 -15
- package/abstract/bls.d.ts.map +1 -1
- package/abstract/bls.js.map +1 -1
- package/abstract/curve.d.ts +9 -7
- package/abstract/curve.d.ts.map +1 -1
- package/abstract/curve.js +5 -1
- package/abstract/curve.js.map +1 -1
- package/abstract/edwards.d.ts +4 -3
- package/abstract/edwards.d.ts.map +1 -1
- package/abstract/hash-to-curve.d.ts +6 -6
- package/abstract/hash-to-curve.d.ts.map +1 -1
- package/abstract/hash-to-curve.js.map +1 -1
- package/abstract/modular.d.ts +24 -12
- package/abstract/modular.d.ts.map +1 -1
- package/abstract/modular.js +16 -3
- package/abstract/modular.js.map +1 -1
- package/abstract/montgomery.d.ts +3 -3
- package/abstract/montgomery.d.ts.map +1 -1
- package/abstract/poseidon.d.ts +4 -4
- package/abstract/poseidon.d.ts.map +1 -1
- package/abstract/poseidon.js.map +1 -1
- package/abstract/utils.d.ts +7 -7
- package/abstract/utils.d.ts.map +1 -1
- package/abstract/weierstrass.d.ts +40 -18
- package/abstract/weierstrass.d.ts.map +1 -1
- package/abstract/weierstrass.js +20 -6
- package/abstract/weierstrass.js.map +1 -1
- package/bls12-381.d.ts +14 -14
- package/bls12-381.d.ts.map +1 -1
- package/bls12-381.js +2 -2
- package/bls12-381.js.map +1 -1
- package/bn.js +1 -1
- package/bn.js.map +1 -1
- package/ed25519.d.ts +1 -1
- package/ed25519.d.ts.map +1 -1
- package/ed25519.js +2 -2
- package/ed25519.js.map +1 -1
- package/ed448.js +1 -1
- package/ed448.js.map +1 -1
- package/esm/abstract/bls.js.map +1 -1
- package/esm/abstract/curve.js +5 -1
- package/esm/abstract/curve.js.map +1 -1
- package/esm/abstract/hash-to-curve.js.map +1 -1
- package/esm/abstract/modular.js +14 -1
- package/esm/abstract/modular.js.map +1 -1
- package/esm/abstract/poseidon.js.map +1 -1
- package/esm/abstract/weierstrass.js +20 -6
- package/esm/abstract/weierstrass.js.map +1 -1
- package/esm/bls12-381.js +2 -2
- package/esm/bls12-381.js.map +1 -1
- package/esm/bn.js +2 -2
- package/esm/bn.js.map +1 -1
- package/esm/ed25519.js +3 -2
- package/esm/ed25519.js.map +1 -1
- package/esm/ed448.js +1 -1
- package/esm/ed448.js.map +1 -1
- package/esm/jubjub.js +2 -2
- package/esm/jubjub.js.map +1 -1
- package/esm/p256.js +1 -1
- package/esm/p256.js.map +1 -1
- package/esm/p384.js +1 -1
- package/esm/p384.js.map +1 -1
- package/esm/p521.js +1 -1
- package/esm/p521.js.map +1 -1
- package/esm/pasta.js +2 -2
- package/esm/pasta.js.map +1 -1
- package/esm/secp256k1.js +1 -1
- package/esm/secp256k1.js.map +1 -1
- package/jubjub.js +1 -1
- package/jubjub.js.map +1 -1
- package/p256.d.ts +4 -2
- package/p256.d.ts.map +1 -1
- package/p256.js +1 -1
- package/p256.js.map +1 -1
- package/p384.d.ts +4 -2
- package/p384.d.ts.map +1 -1
- package/p384.js +1 -1
- package/p384.js.map +1 -1
- package/p521.d.ts +4 -2
- package/p521.d.ts.map +1 -1
- package/p521.js +1 -1
- package/p521.js.map +1 -1
- package/package.json +9 -9
- package/pasta.js +2 -2
- package/pasta.js.map +1 -1
- package/secp256k1.d.ts +2 -1
- package/secp256k1.d.ts.map +1 -1
- package/secp256k1.js +1 -1
- package/secp256k1.js.map +1 -1
- package/src/abstract/bls.ts +11 -11
- package/src/abstract/curve.ts +7 -3
- package/src/abstract/hash-to-curve.ts +2 -2
- package/src/abstract/modular.ts +28 -19
- package/src/abstract/poseidon.ts +2 -2
- package/src/abstract/weierstrass.ts +27 -11
- package/src/bls12-381.ts +5 -5
- package/src/bn.ts +2 -2
- package/src/ed25519.ts +1 -1
- package/src/ed448.ts +1 -1
- package/src/jubjub.ts +2 -2
- package/src/p256.ts +1 -1
- package/src/p384.ts +1 -1
- package/src/p521.ts +1 -1
- package/src/pasta.ts +2 -2
- package/src/secp256k1.ts +2 -3
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@noble/curves",
|
|
3
|
-
"version": "0.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "0.9.0",
|
|
4
|
+
"description": "Audited & minimal JS implementation of elliptic curve cryptography",
|
|
5
5
|
"files": [
|
|
6
6
|
"abstract",
|
|
7
7
|
"esm",
|
|
@@ -28,17 +28,17 @@
|
|
|
28
28
|
},
|
|
29
29
|
"license": "MIT",
|
|
30
30
|
"dependencies": {
|
|
31
|
-
"@noble/hashes": "1.
|
|
31
|
+
"@noble/hashes": "1.3.0"
|
|
32
32
|
},
|
|
33
33
|
"devDependencies": {
|
|
34
|
-
"@scure/bip32": "~1.
|
|
35
|
-
"@scure/bip39": "~1.
|
|
36
|
-
"@types/node": "18.11.
|
|
34
|
+
"@scure/bip32": "~1.2.0",
|
|
35
|
+
"@scure/bip39": "~1.2.0",
|
|
36
|
+
"@types/node": "18.11.18",
|
|
37
37
|
"fast-check": "3.0.0",
|
|
38
38
|
"micro-bmark": "0.3.1",
|
|
39
39
|
"micro-should": "0.4.0",
|
|
40
|
-
"prettier": "2.8.
|
|
41
|
-
"typescript": "
|
|
40
|
+
"prettier": "2.8.4",
|
|
41
|
+
"typescript": "5.0.2"
|
|
42
42
|
},
|
|
43
43
|
"main": "index.js",
|
|
44
44
|
"exports": {
|
|
@@ -171,7 +171,7 @@
|
|
|
171
171
|
"bn254",
|
|
172
172
|
"pasta",
|
|
173
173
|
"bls",
|
|
174
|
-
"
|
|
174
|
+
"noble",
|
|
175
175
|
"ecc",
|
|
176
176
|
"ecdsa",
|
|
177
177
|
"eddsa",
|
package/pasta.js
CHANGED
|
@@ -12,7 +12,7 @@ exports.q = BigInt('0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100
|
|
|
12
12
|
exports.pallas = (0, weierstrass_js_1.weierstrass)({
|
|
13
13
|
a: BigInt(0),
|
|
14
14
|
b: BigInt(5),
|
|
15
|
-
Fp: mod.
|
|
15
|
+
Fp: mod.Field(exports.p),
|
|
16
16
|
n: exports.q,
|
|
17
17
|
Gx: mod.mod(BigInt(-1), exports.p),
|
|
18
18
|
Gy: BigInt(2),
|
|
@@ -23,7 +23,7 @@ exports.pallas = (0, weierstrass_js_1.weierstrass)({
|
|
|
23
23
|
exports.vesta = (0, weierstrass_js_1.weierstrass)({
|
|
24
24
|
a: BigInt(0),
|
|
25
25
|
b: BigInt(5),
|
|
26
|
-
Fp: mod.
|
|
26
|
+
Fp: mod.Field(exports.q),
|
|
27
27
|
n: exports.p,
|
|
28
28
|
Gx: mod.mod(BigInt(-1), exports.q),
|
|
29
29
|
Gy: BigInt(2),
|
package/pasta.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pasta.js","sourceRoot":"","sources":["src/pasta.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,8DAAwD;AACxD,yDAA6C;AAC7C,6CAA6C;AAEhC,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AACjF,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE9F,0CAA0C;AAC7B,QAAA,MAAM,GAAG,IAAA,4BAAW,EAAC;IAChC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"pasta.js","sourceRoot":"","sources":["src/pasta.ts"],"names":[],"mappings":";;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,8DAAwD;AACxD,yDAA6C;AAC7C,6CAA6C;AAEhC,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AACjF,QAAA,CAAC,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAE9F,0CAA0C;AAC7B,QAAA,MAAM,GAAG,IAAA,4BAAW,EAAC;IAChC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,SAAC,CAAC;IAChB,CAAC,EAAE,SAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,SAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC;AACH,yCAAyC;AAC5B,QAAA,KAAK,GAAG,IAAA,4BAAW,EAAC;IAC/B,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,SAAC,CAAC;IAChB,CAAC,EAAE,SAAC;IACJ,EAAE,EAAE,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,SAAC,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IACb,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,GAAG,IAAA,0BAAO,EAAC,eAAM,CAAC;CACnB,CAAC,CAAC"}
|
package/secp256k1.d.ts
CHANGED
|
@@ -8,7 +8,7 @@ export declare const secp256k1: Readonly<{
|
|
|
8
8
|
CURVE: Readonly<{
|
|
9
9
|
readonly nBitLength: number;
|
|
10
10
|
readonly nByteLength: number;
|
|
11
|
-
readonly Fp: import("./abstract/modular.js").
|
|
11
|
+
readonly Fp: import("./abstract/modular.js").IField<bigint>;
|
|
12
12
|
readonly n: bigint;
|
|
13
13
|
readonly h: bigint;
|
|
14
14
|
readonly hEff?: bigint | undefined;
|
|
@@ -36,6 +36,7 @@ export declare const secp256k1: Readonly<{
|
|
|
36
36
|
lowS: boolean;
|
|
37
37
|
readonly bits2int?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
38
38
|
readonly bits2int_modN?: ((bytes: Uint8Array) => bigint) | undefined;
|
|
39
|
+
readonly p: bigint;
|
|
39
40
|
}>;
|
|
40
41
|
getPublicKey: (privateKey: PrivKey, isCompressed?: boolean | undefined) => Uint8Array;
|
|
41
42
|
getSharedSecret: (privateA: PrivKey, publicB: Hex, isCompressed?: boolean | undefined) => Uint8Array;
|
package/secp256k1.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secp256k1.d.ts","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":"AAGA,OAAO,
|
|
1
|
+
{"version":3,"file":"secp256k1.d.ts","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":"AAGA,OAAO,EAAS,GAAG,EAAQ,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,aAAa,IAAI,SAAS,EAAuB,MAAM,2BAA2B,CAAC;AAC5F,OAAO,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,eAAe,EAA6C,MAAM,qBAAqB,CAAC;AACjG,OAAO,KAAK,GAAG,MAAM,6BAA6B,CAAC;AAuCnD,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2CrB,CAAC;AASF,iBAAS,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,GAAG,UAAU,CAQtE;AAkBD;;;GAGG;AACH,iBAAS,MAAM,CAAC,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,CAS5C;AAQD;;GAEG;AACH,iBAAS,mBAAmB,CAAC,UAAU,EAAE,GAAG,GAAG,UAAU,CAExD;AAED;;;GAGG;AACH,iBAAS,WAAW,CAClB,OAAO,EAAE,GAAG,EACZ,UAAU,EAAE,OAAO,EACnB,OAAO,GAAE,GAAqB,GAC7B,UAAU,CAgBZ;AAED;;;GAGG;AACH,iBAAS,aAAa,CAAC,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,GAAG,OAAO,CAiB5E;AAED,eAAO,MAAM,OAAO;;;;;;;8BA5FS,UAAU,MAAM,CAAC;;;;;;CAyG7C,CAAC;AAuCF,eAAO,MAAQ,WAAW,qFAAE,aAAa,mFAexC,CAAC"}
|
package/secp256k1.js
CHANGED
|
@@ -43,7 +43,7 @@ function sqrtMod(y) {
|
|
|
43
43
|
throw new Error('Cannot find square root');
|
|
44
44
|
return root;
|
|
45
45
|
}
|
|
46
|
-
const Fp = (0, modular_js_1.
|
|
46
|
+
const Fp = (0, modular_js_1.Field)(secp256k1P, undefined, undefined, { sqrt: sqrtMod });
|
|
47
47
|
exports.secp256k1 = (0, _shortw_utils_js_1.createCurve)({
|
|
48
48
|
a: BigInt(0),
|
|
49
49
|
b: BigInt(7),
|
package/secp256k1.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secp256k1.js","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":";;;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAAkD;AAClD,sDAA+D;AAC/D,8DAA4F;AAE5F,kDAAiG;AACjG,mDAAmD;AACnD,yDAAiD;AAEjD,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAE/D;;;GAGG;AACH,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,CAAC,GAAG,UAAU,CAAC;IACrB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM;IACpC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC9B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,EAAE,GAAG,IAAA,eAAK,EAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AAGzD,QAAA,SAAS,GAAG,IAAA,8BAAW,EAClC;IACE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE;IACF,CAAC,EAAE,UAAU;IACb,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,IAAI;IACV;;;;;OAKG;IACH,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC,oEAAoE,CAAC;QAClF,WAAW,EAAE,CAAC,CAAS,EAAE,EAAE;YACzB,MAAM,CAAC,GAAG,UAAU,CAAC;YACrB,MAAM,EAAE,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YACxD,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC;YACzD,MAAM,EAAE,GAAG,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC,CAAC,0BAA0B;YAE3F,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAClC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACvC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,EAAE,GAAG,SAAS,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,CAAC,CAAC;aAC7D;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAClC,CAAC;KACF;CACF,EACD,eAAM,CACP,CAAC;AAEF,+FAA+F;AAC/F,iEAAiE;AACjE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,wFAAwF;AACxF,MAAM,oBAAoB,GAAkC,EAAE,CAAC;AAC/D,SAAS,UAAU,CAAC,GAAW,EAAE,GAAG,QAAsB;IACxD,IAAI,IAAI,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,IAAI,GAAG,IAAA,eAAM,EAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,GAAG,IAAA,sBAAW,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC/B,oBAAoB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;KAClC;IACD,OAAO,IAAA,eAAM,EAAC,IAAA,sBAAW,EAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,oFAAoF;AACpF,MAAM,YAAY,GAAG,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,KAAK,GAAG,iBAAS,CAAC,eAAe,CAAC;AACxC,MAAM,OAAO,GAAG,CAAC,CAAoB,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAE3C,oCAAoC;AACpC,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,EAAE,GAAG,iBAAS,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,yCAAyC;IAChG,IAAI,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,4CAA4C;IAC9E,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC;AACD;;;GAGG;AACH,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,iBAAiB;IACvE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC5D,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC/C,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE;QAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;IACpF,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mDAAmD;IACnF,CAAC,CAAC,cAAc,EAAE,CAAC;IACnB,OAAO,CAAC,CAAC;AACX,CAAC;AACD;;GAEG;AACH,SAAS,SAAS,CAAC,GAAG,IAAkB;IACtC,OAAO,IAAI,CAAC,IAAA,0BAAe,EAAC,UAAU,CAAC,mBAAmB,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,UAAe;IAC1C,OAAO,mBAAmB,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,oDAAoD;AACpG,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAY,EACZ,UAAmB,EACnB,UAAe,IAAA,mBAAW,EAAC,EAAE,CAAC;IAE9B,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,gCAAgC;IAClG,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IAC1F,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,IAAA,0BAAe,EAAC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,yDAAyD;IAChI,MAAM,IAAI,GAAG,UAAU,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,4CAA4C;IAChG,MAAM,EAAE,GAAG,IAAI,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,EAAE,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB;IAC7E,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;IAC1E,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAChG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,+CAA+C;IAC/E,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvC,iEAAiE;IACjE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACpF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,SAAc,EAAE,OAAY,EAAE,SAAc;IACjE,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,IAAI;QACF,MAAM,CAAC,GAAG,MAAM,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAClF,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;QACzF,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAC3F,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAChG,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACnD,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAC/E,OAAO,IAAI,CAAC,CAAC,yDAAyD;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAEY,QAAA,OAAO,GAAG;IACrB,YAAY,EAAE,mBAAmB;IACjC,IAAI,EAAE,WAAW;IACjB,MAAM,EAAE,aAAa;IACrB,KAAK,EAAE;QACL,gBAAgB,EAAE,iBAAS,CAAC,KAAK,CAAC,gBAAgB;QAClD,MAAM;QACN,YAAY;QACZ,eAAe,EAAf,0BAAe;QACf,eAAe,EAAf,0BAAe;QACf,UAAU;QACV,GAAG,EAAH,gBAAG;KACJ;CACF,CAAC;AAEF,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAC3B,EAAE,EACF;IACE,OAAO;IACP;QACE,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6B,CAClE,CAAC;AACF,MAAM,MAAM,GAAG,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACrC,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC;AACU,KAAiC,GAAG,CAAC,YAAY,CAC5D,iBAAS,CAAC,eAAe,EACzB,CAAC,OAAiB,EAAE,EAAE;IACpB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtB,CAAC,EACD;IACE,GAAG,EAAE,gCAAgC;IACrC,SAAS,EAAE,gCAAgC;IAC3C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CACF,EAfc,mBAAW,mBAAE,qBAAa,oBAevC"}
|
|
1
|
+
{"version":3,"file":"secp256k1.js","sourceRoot":"","sources":["src/secp256k1.ts"],"names":[],"mappings":";;;;AAAA,sEAAsE;AACtE,iDAA8C;AAC9C,+CAAkD;AAClD,sDAAyD;AACzD,8DAA4F;AAE5F,kDAAiG;AACjG,mDAAmD;AACnD,yDAAiD;AAEjD,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,UAAU,GAAG,MAAM,CAAC,oEAAoE,CAAC,CAAC;AAChG,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,UAAU,GAAG,CAAC,CAAS,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;AAE/D;;;GAGG;AACH,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,CAAC,GAAG,UAAU,CAAC;IACrB,kBAAkB;IAClB,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC7E,kBAAkB;IAClB,MAAM,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9D,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU;IACtC,MAAM,EAAE,GAAG,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM;IACpC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,GAAG,CAAC,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,IAAI,GAAG,IAAA,iBAAI,EAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAC9B,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,EAAE,GAAG,IAAA,kBAAK,EAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;AAEzD,QAAA,SAAS,GAAG,IAAA,8BAAW,EAClC;IACE,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,EAAE;IACF,CAAC,EAAE,UAAU;IACb,wCAAwC;IACxC,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,EAAE,EAAE,MAAM,CAAC,+EAA+E,CAAC;IAC3F,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IACZ,IAAI,EAAE,IAAI;IACV;;;;;OAKG;IACH,IAAI,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC,oEAAoE,CAAC;QAClF,WAAW,EAAE,CAAC,CAAS,EAAE,EAAE;YACzB,MAAM,CAAC,GAAG,UAAU,CAAC;YACrB,MAAM,EAAE,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YACxD,MAAM,EAAE,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC;YACzD,MAAM,EAAE,GAAG,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,MAAM,CAAC,qCAAqC,CAAC,CAAC,CAAC,0BAA0B;YAE3F,MAAM,EAAE,GAAG,UAAU,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YACjC,MAAM,EAAE,GAAG,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAClC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACvC,IAAI,EAAE,GAAG,IAAA,gBAAG,EAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;YACpC,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,MAAM,KAAK,GAAG,EAAE,GAAG,SAAS,CAAC;YAC7B,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,KAAK;gBAAE,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,EAAE,GAAG,SAAS,IAAI,EAAE,GAAG,SAAS,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,CAAC,CAAC;aAC7D;YACD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAClC,CAAC;KACF;CACF,EACD,eAAM,CACP,CAAC;AAEF,+FAA+F;AAC/F,iEAAiE;AACjE,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;AACtB,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,MAAM,EAAE,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC;AAC7E,wFAAwF;AACxF,MAAM,oBAAoB,GAAkC,EAAE,CAAC;AAC/D,SAAS,UAAU,CAAC,GAAW,EAAE,GAAG,QAAsB;IACxD,IAAI,IAAI,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,IAAI,GAAG,IAAA,eAAM,EAAC,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,GAAG,IAAA,sBAAW,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC/B,oBAAoB,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;KAClC;IACD,OAAO,IAAA,eAAM,EAAC,IAAA,sBAAW,EAAC,IAAI,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC;AAChD,CAAC;AAED,oFAAoF;AACpF,MAAM,YAAY,GAAG,CAAC,KAAwB,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,0BAAe,EAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACvD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,IAAI,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAA,gBAAG,EAAC,CAAC,EAAE,UAAU,CAAC,CAAC;AAC/C,MAAM,KAAK,GAAG,iBAAS,CAAC,eAAe,CAAC;AACxC,MAAM,OAAO,GAAG,CAAC,CAAoB,EAAE,CAAS,EAAE,CAAS,EAAE,EAAE,CAC7D,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;AAE3C,oCAAoC;AACpC,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,EAAE,GAAG,iBAAS,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,yCAAyC;IAChG,IAAI,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,4CAA4C;IAC9E,MAAM,MAAM,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC;AACD;;;GAGG;AACH,SAAS,MAAM,CAAC,CAAS;IACvB,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,iBAAiB;IACvE,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;IAC5D,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,2BAA2B;IAC/C,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE;QAAE,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,mDAAmD;IACpF,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,mDAAmD;IACnF,CAAC,CAAC,cAAc,EAAE,CAAC;IACnB,OAAO,CAAC,CAAC;AACX,CAAC;AACD;;GAEG;AACH,SAAS,SAAS,CAAC,GAAG,IAAkB;IACtC,OAAO,IAAI,CAAC,IAAA,0BAAe,EAAC,UAAU,CAAC,mBAAmB,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,UAAe;IAC1C,OAAO,mBAAmB,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,oDAAoD;AACpG,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAY,EACZ,UAAmB,EACnB,UAAe,IAAA,mBAAW,EAAC,EAAE,CAAC;IAE9B,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC,gCAAgC;IAClG,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,2CAA2C;IAC1F,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,GAAG,IAAA,0BAAe,EAAC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,yDAAyD;IAChI,MAAM,IAAI,GAAG,UAAU,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,4CAA4C;IAChG,MAAM,EAAE,GAAG,IAAI,CAAC,IAAA,0BAAe,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,2BAA2B;IACnE,IAAI,EAAE,KAAK,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC,kBAAkB;IAC7E,MAAM,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;IAC1E,MAAM,CAAC,GAAG,SAAS,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,gEAAgE;IAChG,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,+CAA+C;IAC/E,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACf,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACvC,iEAAiE;IACjE,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACpF,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,SAAc,EAAE,OAAY,EAAE,SAAc;IACjE,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAA,sBAAW,EAAC,WAAW,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC;IACpD,IAAI;QACF,MAAM,CAAC,GAAG,MAAM,CAAC,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAClF,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,yCAAyC;QACzF,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAC3F,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;QACzB,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,0CAA0C;QAChG,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB;QACnD,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;QAC/E,OAAO,IAAI,CAAC,CAAC,yDAAyD;KACvE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,KAAK,CAAC;KACd;AACH,CAAC;AAEY,QAAA,OAAO,GAAG;IACrB,YAAY,EAAE,mBAAmB;IACjC,IAAI,EAAE,WAAW;IACjB,MAAM,EAAE,aAAa;IACrB,KAAK,EAAE;QACL,gBAAgB,EAAE,iBAAS,CAAC,KAAK,CAAC,gBAAgB;QAClD,MAAM;QACN,YAAY;QACZ,eAAe,EAAf,0BAAe;QACf,eAAe,EAAf,0BAAe;QACf,UAAU;QACV,GAAG,EAAH,gBAAG;KACJ;CACF,CAAC;AAEF,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,CAC3B,EAAE,EACF;IACE,OAAO;IACP;QACE,oEAAoE;QACpE,mEAAmE;QACnE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;KACrE;IACD,OAAO;IACP;QACE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE;QACpE,oEAAoE,EAAE,SAAS;KAChF;CACF,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAA6C,CAClF,CAAC;AACF,MAAM,MAAM,GAAG,IAAA,oCAAmB,EAAC,EAAE,EAAE;IACrC,CAAC,EAAE,MAAM,CAAC,oEAAoE,CAAC;IAC/E,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;CAC5B,CAAC,CAAC;AACU,KAAiC,GAAG,CAAC,YAAY,CAC5D,iBAAS,CAAC,eAAe,EACzB,CAAC,OAAiB,EAAE,EAAE;IACpB,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtB,CAAC,EACD;IACE,GAAG,EAAE,gCAAgC;IACrC,SAAS,EAAE,gCAAgC;IAC3C,CAAC,EAAE,EAAE,CAAC,KAAK;IACX,CAAC,EAAE,CAAC;IACJ,CAAC,EAAE,GAAG;IACN,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,eAAM;CACb,CACF,EAfc,mBAAW,mBAAE,qBAAa,oBAevC"}
|
package/src/abstract/bls.ts
CHANGED
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
* Some projects may prefer to swap this relation, it is not supported for now.
|
|
13
13
|
*/
|
|
14
14
|
import { AffinePoint } from './curve.js';
|
|
15
|
-
import {
|
|
15
|
+
import { IField, hashToPrivateScalar } from './modular.js';
|
|
16
16
|
import { Hex, PrivKey, CHash, bitLen, bitGet, ensureBytes } from './utils.js';
|
|
17
17
|
import * as htf from './hash-to-curve.js';
|
|
18
18
|
import {
|
|
@@ -41,15 +41,15 @@ export type CurveType<Fp, Fp2, Fp6, Fp12> = {
|
|
|
41
41
|
htfDefaults: htf.Opts;
|
|
42
42
|
};
|
|
43
43
|
x: bigint;
|
|
44
|
-
Fp:
|
|
45
|
-
Fr:
|
|
46
|
-
Fp2:
|
|
44
|
+
Fp: IField<Fp>;
|
|
45
|
+
Fr: IField<bigint>;
|
|
46
|
+
Fp2: IField<Fp2> & {
|
|
47
47
|
reim: (num: Fp2) => { re: bigint; im: bigint };
|
|
48
48
|
multiplyByB: (num: Fp2) => Fp2;
|
|
49
49
|
frobeniusMap(num: Fp2, power: number): Fp2;
|
|
50
50
|
};
|
|
51
|
-
Fp6:
|
|
52
|
-
Fp12:
|
|
51
|
+
Fp6: IField<Fp6>;
|
|
52
|
+
Fp12: IField<Fp12> & {
|
|
53
53
|
frobeniusMap(num: Fp12, power: number): Fp12;
|
|
54
54
|
multiplyBy014(num: Fp12, o0: Fp2, o1: Fp2, o4: Fp2): Fp12;
|
|
55
55
|
conjugate(num: Fp12): Fp12;
|
|
@@ -62,11 +62,11 @@ export type CurveType<Fp, Fp2, Fp6, Fp12> = {
|
|
|
62
62
|
|
|
63
63
|
export type CurveFn<Fp, Fp2, Fp6, Fp12> = {
|
|
64
64
|
CURVE: CurveType<Fp, Fp2, Fp6, Fp12>;
|
|
65
|
-
Fr:
|
|
66
|
-
Fp:
|
|
67
|
-
Fp2:
|
|
68
|
-
Fp6:
|
|
69
|
-
Fp12:
|
|
65
|
+
Fr: IField<bigint>;
|
|
66
|
+
Fp: IField<Fp>;
|
|
67
|
+
Fp2: IField<Fp2>;
|
|
68
|
+
Fp6: IField<Fp6>;
|
|
69
|
+
Fp12: IField<Fp12>;
|
|
70
70
|
G1: CurvePointsRes<Fp> & ReturnType<typeof htf.createHasher<Fp>>;
|
|
71
71
|
G2: CurvePointsRes<Fp2> & ReturnType<typeof htf.createHasher<Fp2>>;
|
|
72
72
|
Signature: SignatureCoder<Fp2>;
|
package/src/abstract/curve.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
2
|
// Abelian group utilities
|
|
3
|
-
import {
|
|
3
|
+
import { IField, validateField, nLength } from './modular.js';
|
|
4
4
|
import { validateObject } from './utils.js';
|
|
5
5
|
const _0n = BigInt(0);
|
|
6
6
|
const _1n = BigInt(1);
|
|
@@ -168,7 +168,7 @@ export function wNAF<T extends Group<T>>(c: GroupConstructor<T>, bits: number) {
|
|
|
168
168
|
// Generic BasicCurve interface: works even for polynomial fields (BLS): P, n, h would be ok.
|
|
169
169
|
// Though generator can be different (Fp2 / Fp6 for BLS).
|
|
170
170
|
export type BasicCurve<T> = {
|
|
171
|
-
Fp:
|
|
171
|
+
Fp: IField<T>; // Field over which we'll do calculations (Fp)
|
|
172
172
|
n: bigint; // Curve order, total count of valid points in the field
|
|
173
173
|
nBitLength?: number; // bit length of curve order
|
|
174
174
|
nByteLength?: number; // byte length of curve order
|
|
@@ -195,5 +195,9 @@ export function validateBasic<FP, T>(curve: BasicCurve<FP> & T) {
|
|
|
195
195
|
}
|
|
196
196
|
);
|
|
197
197
|
// Set defaults
|
|
198
|
-
return Object.freeze({
|
|
198
|
+
return Object.freeze({
|
|
199
|
+
...nLength(curve.n, curve.nBitLength),
|
|
200
|
+
...curve,
|
|
201
|
+
...{ p: curve.Fp.ORDER },
|
|
202
|
+
} as const);
|
|
199
203
|
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
2
|
import type { Group, GroupConstructor, AffinePoint } from './curve.js';
|
|
3
|
-
import { mod,
|
|
3
|
+
import { mod, IField } from './modular.js';
|
|
4
4
|
import { bytesToNumberBE, CHash, concatBytes, utf8ToBytes, validateObject } from './utils.js';
|
|
5
5
|
|
|
6
6
|
/**
|
|
@@ -163,7 +163,7 @@ export function hash_to_field(msg: Uint8Array, count: number, options: Opts): bi
|
|
|
163
163
|
return u;
|
|
164
164
|
}
|
|
165
165
|
|
|
166
|
-
export function isogenyMap<T, F extends
|
|
166
|
+
export function isogenyMap<T, F extends IField<T>>(field: F, map: [T[], T[], T[], T[]]) {
|
|
167
167
|
// Make same order as in spec
|
|
168
168
|
const COEFF = map.map((i) => Array.from(i).reverse());
|
|
169
169
|
return (x: T, y: T) => {
|
package/src/abstract/modular.ts
CHANGED
|
@@ -97,7 +97,7 @@ export function tonelliShanks(P: bigint) {
|
|
|
97
97
|
// Fast-path
|
|
98
98
|
if (S === 1) {
|
|
99
99
|
const p1div4 = (P + _1n) / _4n;
|
|
100
|
-
return function tonelliFast<T>(Fp:
|
|
100
|
+
return function tonelliFast<T>(Fp: IField<T>, n: T) {
|
|
101
101
|
const root = Fp.pow(n, p1div4);
|
|
102
102
|
if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root');
|
|
103
103
|
return root;
|
|
@@ -106,7 +106,7 @@ export function tonelliShanks(P: bigint) {
|
|
|
106
106
|
|
|
107
107
|
// Slow-path
|
|
108
108
|
const Q1div2 = (Q + _1n) / _2n;
|
|
109
|
-
return function tonelliSlow<T>(Fp:
|
|
109
|
+
return function tonelliSlow<T>(Fp: IField<T>, n: T): T {
|
|
110
110
|
// Step 0: Check that n is indeed a square: (n | p) should not be ā” -1
|
|
111
111
|
if (Fp.pow(n, legendreC) === Fp.neg(Fp.ONE)) throw new Error('Cannot find square root');
|
|
112
112
|
let r = S;
|
|
@@ -146,7 +146,7 @@ export function FpSqrt(P: bigint) {
|
|
|
146
146
|
// 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn;
|
|
147
147
|
// const NUM = 72057594037927816n;
|
|
148
148
|
const p1div4 = (P + _1n) / _4n;
|
|
149
|
-
return function sqrt3mod4<T>(Fp:
|
|
149
|
+
return function sqrt3mod4<T>(Fp: IField<T>, n: T) {
|
|
150
150
|
const root = Fp.pow(n, p1div4);
|
|
151
151
|
// Throw if root**2 != n
|
|
152
152
|
if (!Fp.eql(Fp.sqr(root), n)) throw new Error('Cannot find square root');
|
|
@@ -157,7 +157,7 @@ export function FpSqrt(P: bigint) {
|
|
|
157
157
|
// Atkin algorithm for q ā” 5 (mod 8), https://eprint.iacr.org/2012/685.pdf (page 10)
|
|
158
158
|
if (P % _8n === _5n) {
|
|
159
159
|
const c1 = (P - _5n) / _8n;
|
|
160
|
-
return function sqrt5mod8<T>(Fp:
|
|
160
|
+
return function sqrt5mod8<T>(Fp: IField<T>, n: T) {
|
|
161
161
|
const n2 = Fp.mul(n, _2n);
|
|
162
162
|
const v = Fp.pow(n2, c1);
|
|
163
163
|
const nv = Fp.mul(n, v);
|
|
@@ -203,7 +203,7 @@ export const isNegativeLE = (num: bigint, modulo: bigint) => (mod(num, modulo) &
|
|
|
203
203
|
// - unreadable mess: addition, multiply, square, squareRoot, inversion, divide, power, equals, subtract
|
|
204
204
|
|
|
205
205
|
// Field is not always over prime, Fp2 for example has ORDER(q)=p^m
|
|
206
|
-
export interface
|
|
206
|
+
export interface IField<T> {
|
|
207
207
|
ORDER: bigint;
|
|
208
208
|
BYTES: number;
|
|
209
209
|
BITS: number;
|
|
@@ -249,7 +249,7 @@ const FIELD_FIELDS = [
|
|
|
249
249
|
'eql', 'add', 'sub', 'mul', 'pow', 'div',
|
|
250
250
|
'addN', 'subN', 'mulN', 'sqrN'
|
|
251
251
|
] as const;
|
|
252
|
-
export function validateField<T>(field:
|
|
252
|
+
export function validateField<T>(field: IField<T>) {
|
|
253
253
|
const initial = {
|
|
254
254
|
ORDER: 'bigint',
|
|
255
255
|
MASK: 'bigint',
|
|
@@ -264,7 +264,7 @@ export function validateField<T>(field: Field<T>) {
|
|
|
264
264
|
}
|
|
265
265
|
|
|
266
266
|
// Generic field functions
|
|
267
|
-
export function FpPow<T>(f:
|
|
267
|
+
export function FpPow<T>(f: IField<T>, num: T, power: bigint): T {
|
|
268
268
|
// Should have same speed as pow for bigints
|
|
269
269
|
// TODO: benchmark!
|
|
270
270
|
if (power < _0n) throw new Error('Expected power > 0');
|
|
@@ -280,7 +280,8 @@ export function FpPow<T>(f: Field<T>, num: T, power: bigint): T {
|
|
|
280
280
|
return p;
|
|
281
281
|
}
|
|
282
282
|
|
|
283
|
-
|
|
283
|
+
// 0 is non-invertible: non-batched version will throw on 0
|
|
284
|
+
export function FpInvertBatch<T>(f: IField<T>, nums: T[]): T[] {
|
|
284
285
|
const tmp = new Array(nums.length);
|
|
285
286
|
// Walk from first to last, multiply them by each other MOD p
|
|
286
287
|
const lastMultiplied = nums.reduce((acc, num, i) => {
|
|
@@ -299,12 +300,12 @@ export function FpInvertBatch<T>(f: Field<T>, nums: T[]): T[] {
|
|
|
299
300
|
return tmp;
|
|
300
301
|
}
|
|
301
302
|
|
|
302
|
-
export function FpDiv<T>(f:
|
|
303
|
+
export function FpDiv<T>(f: IField<T>, lhs: T, rhs: T | bigint): T {
|
|
303
304
|
return f.mul(lhs, typeof rhs === 'bigint' ? invert(rhs, f.ORDER) : f.inv(rhs));
|
|
304
305
|
}
|
|
305
306
|
|
|
306
307
|
// This function returns True whenever the value x is a square in the field F.
|
|
307
|
-
export function FpIsSquare<T>(f:
|
|
308
|
+
export function FpIsSquare<T>(f: IField<T>) {
|
|
308
309
|
const legendreConst = (f.ORDER - _1n) / _2n; // Integer arithmetic
|
|
309
310
|
return (x: T): boolean => {
|
|
310
311
|
const p = f.pow(x, legendreConst);
|
|
@@ -320,16 +321,24 @@ export function nLength(n: bigint, nBitLength?: number) {
|
|
|
320
321
|
return { nBitLength: _nBitLength, nByteLength };
|
|
321
322
|
}
|
|
322
323
|
|
|
323
|
-
|
|
324
|
-
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
|
|
328
|
-
|
|
324
|
+
type FpField = IField<bigint> & Required<Pick<IField<bigint>, 'isOdd'>>;
|
|
325
|
+
/**
|
|
326
|
+
* Initializes a galois field over prime. Non-primes are not supported for now.
|
|
327
|
+
* Do not init in loop: slow. Very fragile: always run a benchmark on change.
|
|
328
|
+
* Major performance gains:
|
|
329
|
+
* a) non-normalized operations like mulN instead of mul
|
|
330
|
+
* b) `Object.freeze`
|
|
331
|
+
* c) Same object shape: never add or remove keys
|
|
332
|
+
* @param ORDER prime positive bigint
|
|
333
|
+
* @param bitLen how many bits the field consumes
|
|
334
|
+
* @param isLE (def: false) if encoding / decoding should be in little-endian
|
|
335
|
+
* @param redef optional faster redefinitions of sqrt and other methods
|
|
336
|
+
*/
|
|
337
|
+
export function Field(
|
|
329
338
|
ORDER: bigint,
|
|
330
339
|
bitLen?: number,
|
|
331
340
|
isLE = false,
|
|
332
|
-
redef: Partial<
|
|
341
|
+
redef: Partial<IField<bigint>> = {}
|
|
333
342
|
): Readonly<FpField> {
|
|
334
343
|
if (ORDER <= _0n) throw new Error(`Expected Fp ORDER > 0, got ${ORDER}`);
|
|
335
344
|
const { nBitLength: BITS, nByteLength: BYTES } = nLength(ORDER, bitLen);
|
|
@@ -382,13 +391,13 @@ export function Fp(
|
|
|
382
391
|
return Object.freeze(f);
|
|
383
392
|
}
|
|
384
393
|
|
|
385
|
-
export function FpSqrtOdd<T>(Fp:
|
|
394
|
+
export function FpSqrtOdd<T>(Fp: IField<T>, elm: T) {
|
|
386
395
|
if (!Fp.isOdd) throw new Error(`Field doesn't have isOdd`);
|
|
387
396
|
const root = Fp.sqrt(elm);
|
|
388
397
|
return Fp.isOdd(root) ? root : Fp.neg(root);
|
|
389
398
|
}
|
|
390
399
|
|
|
391
|
-
export function FpSqrtEven<T>(Fp:
|
|
400
|
+
export function FpSqrtEven<T>(Fp: IField<T>, elm: T) {
|
|
392
401
|
if (!Fp.isOdd) throw new Error(`Field doesn't have isOdd`);
|
|
393
402
|
const root = Fp.sqrt(elm);
|
|
394
403
|
return Fp.isOdd(root) ? Fp.neg(root) : root;
|
package/src/abstract/poseidon.ts
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
2
|
// Poseidon Hash: https://eprint.iacr.org/2019/458.pdf, https://www.poseidon-hash.info
|
|
3
|
-
import {
|
|
3
|
+
import { IField, FpPow, validateField } from './modular.js';
|
|
4
4
|
// We don't provide any constants, since different implementations use different constants.
|
|
5
5
|
// For reference constants see './test/poseidon.test.js'.
|
|
6
6
|
export type PoseidonOpts = {
|
|
7
|
-
Fp:
|
|
7
|
+
Fp: IField<bigint>;
|
|
8
8
|
t: number;
|
|
9
9
|
roundsFull: number;
|
|
10
10
|
roundsPartial: number;
|
|
@@ -82,8 +82,8 @@ export interface ProjConstructor<T> extends GroupConstructor<ProjPointType<T>> {
|
|
|
82
82
|
|
|
83
83
|
export type CurvePointsType<T> = BasicWCurve<T> & {
|
|
84
84
|
// Bytes
|
|
85
|
-
fromBytes
|
|
86
|
-
toBytes
|
|
85
|
+
fromBytes?: (bytes: Uint8Array) => AffinePoint<T>;
|
|
86
|
+
toBytes?: (c: ProjConstructor<T>, point: ProjPointType<T>, isCompressed: boolean) => Uint8Array;
|
|
87
87
|
};
|
|
88
88
|
|
|
89
89
|
function validatePointOpts<T>(curve: CurvePointsType<T>) {
|
|
@@ -93,8 +93,6 @@ function validatePointOpts<T>(curve: CurvePointsType<T>) {
|
|
|
93
93
|
{
|
|
94
94
|
a: 'field',
|
|
95
95
|
b: 'field',
|
|
96
|
-
fromBytes: 'function',
|
|
97
|
-
toBytes: 'function',
|
|
98
96
|
},
|
|
99
97
|
{
|
|
100
98
|
allowedPrivateKeyLengths: 'array',
|
|
@@ -102,6 +100,8 @@ function validatePointOpts<T>(curve: CurvePointsType<T>) {
|
|
|
102
100
|
isTorsionFree: 'function',
|
|
103
101
|
clearCofactor: 'function',
|
|
104
102
|
allowInfinityPoint: 'boolean',
|
|
103
|
+
fromBytes: 'function',
|
|
104
|
+
toBytes: 'function',
|
|
105
105
|
}
|
|
106
106
|
);
|
|
107
107
|
const { endo, Fp, a } = opts;
|
|
@@ -184,6 +184,23 @@ export function weierstrassPoints<T>(opts: CurvePointsType<T>) {
|
|
|
184
184
|
const CURVE = validatePointOpts(opts);
|
|
185
185
|
const { Fp } = CURVE; // All curves has same field / group length as for now, but they can differ
|
|
186
186
|
|
|
187
|
+
const toBytes =
|
|
188
|
+
CURVE.toBytes ||
|
|
189
|
+
((c: ProjConstructor<T>, point: ProjPointType<T>, isCompressed: boolean) => {
|
|
190
|
+
const a = point.toAffine();
|
|
191
|
+
return ut.concatBytes(Uint8Array.from([0x04]), Fp.toBytes(a.x), Fp.toBytes(a.y));
|
|
192
|
+
});
|
|
193
|
+
const fromBytes =
|
|
194
|
+
CURVE.fromBytes ||
|
|
195
|
+
((bytes: Uint8Array) => {
|
|
196
|
+
// const head = bytes[0];
|
|
197
|
+
const tail = bytes.subarray(1);
|
|
198
|
+
// if (head !== 0x04) throw new Error('Only non-compressed encoding is supported');
|
|
199
|
+
const x = Fp.fromBytes(tail.subarray(0, Fp.BYTES));
|
|
200
|
+
const y = Fp.fromBytes(tail.subarray(Fp.BYTES, 2 * Fp.BYTES));
|
|
201
|
+
return { x, y };
|
|
202
|
+
});
|
|
203
|
+
|
|
187
204
|
/**
|
|
188
205
|
* yĀ² = xĀ³ + ax + b: Short weierstrass curve formula
|
|
189
206
|
* @returns yĀ²
|
|
@@ -280,7 +297,7 @@ export function weierstrassPoints<T>(opts: CurvePointsType<T>) {
|
|
|
280
297
|
* @param hex short/long ECDSA hex
|
|
281
298
|
*/
|
|
282
299
|
static fromHex(hex: Hex): Point {
|
|
283
|
-
const P = Point.fromAffine(
|
|
300
|
+
const P = Point.fromAffine(fromBytes(ensureBytes('pointHex', hex)));
|
|
284
301
|
P.assertValidity();
|
|
285
302
|
return P;
|
|
286
303
|
}
|
|
@@ -563,7 +580,7 @@ export function weierstrassPoints<T>(opts: CurvePointsType<T>) {
|
|
|
563
580
|
|
|
564
581
|
toRawBytes(isCompressed = true): Uint8Array {
|
|
565
582
|
this.assertValidity();
|
|
566
|
-
return
|
|
583
|
+
return toBytes(Point, this, isCompressed);
|
|
567
584
|
}
|
|
568
585
|
|
|
569
586
|
toHex(isCompressed = true): string {
|
|
@@ -574,6 +591,7 @@ export function weierstrassPoints<T>(opts: CurvePointsType<T>) {
|
|
|
574
591
|
const wnaf = wNAF(Point, CURVE.endo ? Math.ceil(_bits / 2) : _bits);
|
|
575
592
|
|
|
576
593
|
return {
|
|
594
|
+
CURVE,
|
|
577
595
|
ProjectivePoint: Point as ProjConstructor<T>,
|
|
578
596
|
normPrivateKeyToScalar,
|
|
579
597
|
weierstrassEquation,
|
|
@@ -652,8 +670,7 @@ export type CurveFn = {
|
|
|
652
670
|
|
|
653
671
|
export function weierstrass(curveDef: CurveType): CurveFn {
|
|
654
672
|
const CURVE = validateOpts(curveDef) as ReturnType<typeof validateOpts>;
|
|
655
|
-
const CURVE_ORDER = CURVE
|
|
656
|
-
const Fp = CURVE.Fp;
|
|
673
|
+
const { Fp, n: CURVE_ORDER } = CURVE;
|
|
657
674
|
const compressedLen = Fp.BYTES + 1; // e.g. 33 for 32
|
|
658
675
|
const uncompressedLen = 2 * Fp.BYTES + 1; // e.g. 65 for 32
|
|
659
676
|
|
|
@@ -1055,11 +1072,10 @@ export function weierstrass(curveDef: CurveType): CurveFn {
|
|
|
1055
1072
|
}
|
|
1056
1073
|
|
|
1057
1074
|
// Implementation of the Shallue and van de Woestijne method for any Weierstrass curve
|
|
1058
|
-
|
|
1059
1075
|
// TODO: check if there is a way to merge this with uvRatio in Edwards && move to modular?
|
|
1060
1076
|
// b = True and y = sqrt(u / v) if (u / v) is square in F, and
|
|
1061
1077
|
// b = False and y = sqrt(Z * (u / v)) otherwise.
|
|
1062
|
-
export function SWUFpSqrtRatio<T>(Fp: mod.
|
|
1078
|
+
export function SWUFpSqrtRatio<T>(Fp: mod.IField<T>, Z: T) {
|
|
1063
1079
|
// Generic implementation
|
|
1064
1080
|
const q = Fp.ORDER;
|
|
1065
1081
|
let l = 0n;
|
|
@@ -1124,7 +1140,7 @@ export function SWUFpSqrtRatio<T>(Fp: mod.Field<T>, Z: T) {
|
|
|
1124
1140
|
}
|
|
1125
1141
|
// From draft-irtf-cfrg-hash-to-curve-16
|
|
1126
1142
|
export function mapToCurveSimpleSWU<T>(
|
|
1127
|
-
Fp: mod.
|
|
1143
|
+
Fp: mod.IField<T>,
|
|
1128
1144
|
opts: {
|
|
1129
1145
|
A: T;
|
|
1130
1146
|
B: T;
|
package/src/bls12-381.ts
CHANGED
|
@@ -72,13 +72,13 @@ import { isogenyMap } from './abstract/hash-to-curve.js';
|
|
|
72
72
|
// CURVE FIELDS
|
|
73
73
|
// Finite field over p.
|
|
74
74
|
const Fp =
|
|
75
|
-
mod.
|
|
75
|
+
mod.Field(
|
|
76
76
|
0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn
|
|
77
77
|
);
|
|
78
78
|
type Fp = bigint;
|
|
79
79
|
// Finite field over r.
|
|
80
80
|
// This particular field is not used anywhere in bls12-381, but it is still useful.
|
|
81
|
-
const Fr = mod.
|
|
81
|
+
const Fr = mod.Field(0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001n);
|
|
82
82
|
|
|
83
83
|
// Fpā over complex plane
|
|
84
84
|
type BigintTuple = [bigint, bigint];
|
|
@@ -124,7 +124,7 @@ const FP2_ORDER =
|
|
|
124
124
|
0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaabn **
|
|
125
125
|
2n;
|
|
126
126
|
|
|
127
|
-
const Fp2: mod.
|
|
127
|
+
const Fp2: mod.IField<Fp2> & Fp2Utils = {
|
|
128
128
|
ORDER: FP2_ORDER,
|
|
129
129
|
BITS: bitLen(FP2_ORDER),
|
|
130
130
|
BYTES: Math.ceil(bitLen(FP2_ORDER) / 8),
|
|
@@ -333,7 +333,7 @@ type Fp6Utils = {
|
|
|
333
333
|
multiplyByFp2(lhs: Fp6, rhs: Fp2): Fp6;
|
|
334
334
|
};
|
|
335
335
|
|
|
336
|
-
const Fp6: mod.
|
|
336
|
+
const Fp6: mod.IField<Fp6> & Fp6Utils = {
|
|
337
337
|
ORDER: Fp2.ORDER, // TODO: unused, but need to verify
|
|
338
338
|
BITS: 3 * Fp2.BITS,
|
|
339
339
|
BYTES: 3 * Fp2.BYTES,
|
|
@@ -545,7 +545,7 @@ type Fp12Utils = {
|
|
|
545
545
|
_cyclotomicExp(num: Fp12, n: bigint): Fp12;
|
|
546
546
|
};
|
|
547
547
|
|
|
548
|
-
const Fp12: mod.
|
|
548
|
+
const Fp12: mod.IField<Fp12> & Fp12Utils = {
|
|
549
549
|
ORDER: Fp2.ORDER, // TODO: unused, but need to verify
|
|
550
550
|
BITS: 2 * Fp2.BITS,
|
|
551
551
|
BYTES: 2 * Fp2.BYTES,
|
package/src/bn.ts
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
import { sha256 } from '@noble/hashes/sha256';
|
|
3
3
|
import { weierstrass } from './abstract/weierstrass.js';
|
|
4
4
|
import { getHash } from './_shortw_utils.js';
|
|
5
|
-
import {
|
|
5
|
+
import { Field } from './abstract/modular.js';
|
|
6
6
|
/**
|
|
7
7
|
* bn254 pairing-friendly curve.
|
|
8
8
|
* Previously known as alt_bn_128, when it had 128-bit security.
|
|
@@ -12,7 +12,7 @@ import { Fp } from './abstract/modular.js';
|
|
|
12
12
|
export const bn254 = weierstrass({
|
|
13
13
|
a: BigInt(0),
|
|
14
14
|
b: BigInt(3),
|
|
15
|
-
Fp:
|
|
15
|
+
Fp: Field(BigInt('0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47')),
|
|
16
16
|
n: BigInt('0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001'),
|
|
17
17
|
Gx: BigInt(1),
|
|
18
18
|
Gy: BigInt(2),
|
package/src/ed25519.ts
CHANGED
|
@@ -3,7 +3,7 @@ import { sha512 } from '@noble/hashes/sha512';
|
|
|
3
3
|
import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils';
|
|
4
4
|
import { twistedEdwards, ExtPointType } from './abstract/edwards.js';
|
|
5
5
|
import { montgomery } from './abstract/montgomery.js';
|
|
6
|
-
import { mod, pow2, isNegativeLE,
|
|
6
|
+
import { mod, pow2, isNegativeLE, Field, FpSqrtEven } from './abstract/modular.js';
|
|
7
7
|
import {
|
|
8
8
|
equalBytes,
|
|
9
9
|
bytesToHex,
|
package/src/ed448.ts
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
import { shake256 } from '@noble/hashes/sha3';
|
|
3
3
|
import { concatBytes, randomBytes, utf8ToBytes, wrapConstructor } from '@noble/hashes/utils';
|
|
4
4
|
import { twistedEdwards } from './abstract/edwards.js';
|
|
5
|
-
import { mod, pow2,
|
|
5
|
+
import { mod, pow2, Field } from './abstract/modular.js';
|
|
6
6
|
import { montgomery } from './abstract/montgomery.js';
|
|
7
7
|
import * as htf from './abstract/hash-to-curve.js';
|
|
8
8
|
|
package/src/jubjub.ts
CHANGED
|
@@ -3,7 +3,7 @@ import { sha512 } from '@noble/hashes/sha512';
|
|
|
3
3
|
import { concatBytes, randomBytes, utf8ToBytes } from '@noble/hashes/utils';
|
|
4
4
|
import { twistedEdwards } from './abstract/edwards.js';
|
|
5
5
|
import { blake2s } from '@noble/hashes/blake2s';
|
|
6
|
-
import {
|
|
6
|
+
import { Field } from './abstract/modular.js';
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
9
|
* jubjub Twisted Edwards curve.
|
|
@@ -17,7 +17,7 @@ export const jubjub = twistedEdwards({
|
|
|
17
17
|
d: BigInt('0x2a9318e74bfa2b48f5fd9207e6bd7fd4292d7f6d37579d2601065fd6d6343eb1'),
|
|
18
18
|
// Finite field š½p over which we'll do calculations
|
|
19
19
|
// Same value as bls12-381 Fr (not Fp)
|
|
20
|
-
Fp:
|
|
20
|
+
Fp: Field(BigInt('0x73eda753299d7d483339d80809a1d80553bda402fffe5bfeffffffff00000001')),
|
|
21
21
|
// Subgroup order: how many points curve has
|
|
22
22
|
n: BigInt('0xe7db4ea6533afa906673b0101343b00a6682093ccc81082d0970e5ed6f72cb7'),
|
|
23
23
|
// Cofactor
|
package/src/p256.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
2
|
import { createCurve } from './_shortw_utils.js';
|
|
3
3
|
import { sha256 } from '@noble/hashes/sha256';
|
|
4
|
-
import {
|
|
4
|
+
import { Field } from './abstract/modular.js';
|
|
5
5
|
import { mapToCurveSimpleSWU } from './abstract/weierstrass.js';
|
|
6
6
|
import * as htf from './abstract/hash-to-curve.js';
|
|
7
7
|
|
package/src/p384.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
2
|
import { createCurve } from './_shortw_utils.js';
|
|
3
3
|
import { sha384 } from '@noble/hashes/sha512';
|
|
4
|
-
import {
|
|
4
|
+
import { Field } from './abstract/modular.js';
|
|
5
5
|
import { mapToCurveSimpleSWU } from './abstract/weierstrass.js';
|
|
6
6
|
import * as htf from './abstract/hash-to-curve.js';
|
|
7
7
|
|
package/src/p521.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/*! noble-curves - MIT License (c) 2022 Paul Miller (paulmillr.com) */
|
|
2
2
|
import { createCurve } from './_shortw_utils.js';
|
|
3
3
|
import { sha512 } from '@noble/hashes/sha512';
|
|
4
|
-
import {
|
|
4
|
+
import { Field } from './abstract/modular.js';
|
|
5
5
|
import { mapToCurveSimpleSWU } from './abstract/weierstrass.js';
|
|
6
6
|
import * as htf from './abstract/hash-to-curve.js';
|
|
7
7
|
|