circomlibjs-hinkal-fork 0.0.1 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. package/build/main.cjs +13 -2029
  2. package/main.js +0 -18
  3. package/package.json +2 -7
  4. package/src/eddsa.js +0 -286
  5. package/src/evmasm.js +0 -209
  6. package/src/mimc7.js +0 -78
  7. package/src/mimc7_gencontract.js +0 -113
  8. package/src/mimc7_print_iv.js +0 -18
  9. package/src/mimc7_printconstants.js +0 -26
  10. package/src/mimc7_printcontract.js +0 -14
  11. package/src/mimcsponge.js +0 -100
  12. package/src/mimcsponge_gencontract.js +0 -125
  13. package/src/mimcsponge_printconstants.js +0 -25
  14. package/src/mimcsponge_printcontract.js +0 -14
  15. package/src/pedersen_hash.js +0 -132
  16. package/src/pedersen_printbases.js +0 -36
  17. package/src/poseidon_gencontract.js +0 -209
  18. package/src/poseidon_opt.js +0 -119
  19. package/src/poseidon_printcontract.js +0 -14
  20. package/src/poseidon_printmatrix.js +0 -22
  21. package/src/poseidon_reference.js +0 -83
  22. package/src/smt.js +0 -309
  23. package/src/smt_hashes_mimc.js +0 -16
  24. package/src/smt_hashes_poseidon.js +0 -17
  25. package/src/smt_memdb.js +0 -57
  26. package/src/testblake.js +0 -18
package/main.js CHANGED
@@ -1,25 +1,7 @@
1
1
  export {default as buildBabyjub} from "./src/babyjub.js";
2
- export {default as buildEddsa} from "./src/eddsa.js";
3
- export {default as evmasm} from "./src/evmasm.js";
4
2
 
5
- export {default as buildMimc7} from "./src/mimc7.js";
6
- import * as _mimc7Contract from "./src/mimc7_gencontract.js";
7
- export const mimc7Contract=_mimc7Contract;
8
3
 
9
- export {default as buildMimcSponge} from "./src/mimcsponge.js";
10
- import * as _mimcSpongeContract from "./src/mimcsponge_gencontract.js";
11
- export const mimcSpongecontract=_mimcSpongeContract;
12
-
13
- export {default as buildPedersenHash} from "./src/pedersen_hash.js";
14
4
 
15
5
  export { buildPoseidon, buildPoseidonWasm } from "./src/poseidon_wasm.js";
16
- import * as _poseidonContract from "./src/poseidon_gencontract.js";
17
- export const poseidonContract=_poseidonContract;
18
-
19
- export {default as buildPoseidonReference} from "./src/poseidon_reference.js";
20
- export {default as buildPoseidonOpt} from "./src/poseidon_opt.js";
21
-
22
- export {SMT, buildSMT, newMemEmptyTrie} from "./src/smt.js";
23
6
 
24
- export { default as SMTMemDb } from "./src/smt_memdb.js";
25
7
 
package/package.json CHANGED
@@ -7,7 +7,7 @@
7
7
  "import": "./main.js",
8
8
  "require": "./build/main.cjs"
9
9
  },
10
- "version": "0.0.1",
10
+ "version": "0.0.3",
11
11
  "description": "Javascript library to work with circomlib",
12
12
  "scripts": {
13
13
  "test": "mocha",
@@ -30,11 +30,6 @@
30
30
  "mocha": "^9.1.3"
31
31
  },
32
32
  "dependencies": {
33
- "blake-hash": "^2.0.0",
34
- "blake2b": "^2.1.3",
35
- "ethers": "^5.5.1",
36
- "ffjavascript": "^0.3.0",
37
- "buffer": "6.0.3",
38
- "process": "0.11.10"
33
+ "ffjavascript": "^0.3.0"
39
34
  }
40
35
  }
package/src/eddsa.js DELETED
@@ -1,286 +0,0 @@
1
- import { Scalar } from "ffjavascript";
2
- import buildBabyJub from "./babyjub.js";
3
- import buildPedersenHash from "./pedersen_hash.js";
4
- import buildMimc7 from "./mimc7.js";
5
- import { buildPoseidon } from "./poseidon_wasm.js";
6
- import buildMimcSponge from "./mimcsponge.js";
7
- import createBlakeHash from "blake-hash";
8
- import {Buffer} from 'buffer';
9
-
10
- export default async function buildEddsa() {
11
- const babyJub = await buildBabyJub("bn128");
12
- const pedersenHash = await buildPedersenHash();
13
- const mimc7 = await buildMimc7();
14
- const poseidon = await buildPoseidon();
15
- const mimcSponge = await buildMimcSponge();
16
- return new Eddsa(babyJub, pedersenHash, mimc7, poseidon, mimcSponge);
17
- }
18
-
19
- class Eddsa {
20
-
21
- constructor(babyJub, pedersenHash, mimc7, poseidon, mimcSponge) {
22
- this.babyJub = babyJub;
23
- this.pedersenHash = pedersenHash;
24
- this.mimc7 = mimc7;
25
- this.poseidon = poseidon;
26
- this.mimcSponge = mimcSponge;
27
- this.F = babyJub.F;
28
- }
29
-
30
- pruneBuffer(buff) {
31
- buff[0] = buff[0] & 0xF8;
32
- buff[31] = buff[31] & 0x7F;
33
- buff[31] = buff[31] | 0x40;
34
- return buff;
35
- }
36
-
37
- prv2pub(prv) {
38
- const F = this.babyJub.F;
39
- const sBuff = this.pruneBuffer(createBlakeHash("blake512").update(Buffer.from(prv)).digest());
40
- let s = Scalar.fromRprLE(sBuff, 0, 32);
41
- const A = this.babyJub.mulPointEscalar(this.babyJub.Base8, Scalar.shr(s,3));
42
- return A;
43
- }
44
-
45
- signPedersen(prv, msg) {
46
- const F = this.babyJub.F;
47
- const sBuff = this.pruneBuffer(createBlakeHash("blake512").update(Buffer.from(prv)).digest());
48
- const s = Scalar.fromRprLE(sBuff, 0, 32);
49
- const A = this.babyJub.mulPointEscalar(this.babyJub.Base8, Scalar.shr(s, 3));
50
-
51
- const composeBuff = new Uint8Array(32 + msg.length);
52
- composeBuff.set(sBuff.slice(32), 0);
53
- composeBuff.set(msg, 32);
54
- const rBuff = createBlakeHash("blake512").update(Buffer.from(composeBuff)).digest();
55
- let r = Scalar.mod(Scalar.fromRprLE(rBuff, 0, 64), this.babyJub.subOrder);
56
- const R8 = this.babyJub.mulPointEscalar(this.babyJub.Base8, r);
57
- const R8p = this.babyJub.packPoint(R8);
58
- const Ap = this.babyJub.packPoint(A);
59
-
60
- const composeBuff2 = new Uint8Array(64 + msg.length);
61
- composeBuff2.set(R8p, 0);
62
- composeBuff2.set(Ap, 32);
63
- composeBuff2.set(msg, 64);
64
-
65
- const hmBuff = this.pedersenHash.hash(composeBuff2);
66
- const hm = Scalar.fromRprLE(hmBuff, 0, 32);
67
-
68
- const S = Scalar.mod(
69
- Scalar.add(
70
- r,
71
- Scalar.mul(hm, s)
72
- ),
73
- this.babyJub.subOrder
74
- )
75
- return {
76
- R8: R8,
77
- S: S
78
- };
79
- }
80
-
81
- signMiMC(prv, msg) {
82
- const F = this.babyJub.F;
83
- const sBuff = this.pruneBuffer(createBlakeHash("blake512").update(Buffer.from(prv)).digest());
84
- const s = Scalar.fromRprLE(sBuff, 0, 32);
85
- const A = this.babyJub.mulPointEscalar(this.babyJub.Base8, Scalar.shr(s, 3));
86
-
87
-
88
- const composeBuff = new Uint8Array(32 + msg.length);
89
- composeBuff.set(sBuff.slice(32), 0);
90
- F.toRprLE(composeBuff, 32, msg);
91
- const rBuff = createBlakeHash("blake512").update(Buffer.from(composeBuff)).digest();
92
- let r = Scalar.mod(Scalar.fromRprLE(rBuff, 0, 64), this.babyJub.subOrder);
93
- const R8 = this.babyJub.mulPointEscalar(this.babyJub.Base8, r);
94
-
95
- const hm = this.mimc7.multiHash([R8[0], R8[1], A[0], A[1], msg]);
96
- const hms = Scalar.e(this.babyJub.F.toObject(hm));
97
- const S = Scalar.mod(
98
- Scalar.add(
99
- r,
100
- Scalar.mul(hms, s)
101
- ),
102
- this.babyJub.subOrder
103
- )
104
- return {
105
- R8: R8,
106
- S: S
107
- };
108
- }
109
-
110
- signMiMCSponge(prv, msg) {
111
- const F = this.babyJub.F;
112
- const sBuff = this.pruneBuffer(createBlakeHash("blake512").update(Buffer.from(prv)).digest());
113
- const s = Scalar.fromRprLE(sBuff, 0, 32);
114
- const A = this.babyJub.mulPointEscalar(this.babyJub.Base8, Scalar.shr(s, 3));
115
-
116
- const composeBuff = new Uint8Array(32 + msg.length);
117
- composeBuff.set(sBuff.slice(32), 0);
118
- F.toRprLE(composeBuff, 32, msg);
119
- const rBuff = createBlakeHash("blake512").update(Buffer.from(composeBuff)).digest();
120
- let r = Scalar.mod(Scalar.fromRprLE(rBuff, 0, 64), this.babyJub.subOrder);
121
- const R8 = this.babyJub.mulPointEscalar(this.babyJub.Base8, r);
122
-
123
- const hm = this.mimcSponge.multiHash([R8[0], R8[1], A[0], A[1], msg]);
124
- const hms = Scalar.e(this.babyJub.F.toObject(hm));
125
- const S = Scalar.mod(
126
- Scalar.add(
127
- r,
128
- Scalar.mul(hms, s)
129
- ),
130
- this.babyJub.subOrder
131
- )
132
- return {
133
- R8: R8,
134
- S: S
135
- };
136
- }
137
-
138
- signPoseidon(prv, msg) {
139
- const F = this.babyJub.F;
140
- const sBuff = this.pruneBuffer(createBlakeHash("blake512").update(Buffer.from(prv)).digest());
141
- const s = Scalar.fromRprLE(sBuff, 0, 32);
142
- const A = this.babyJub.mulPointEscalar(this.babyJub.Base8, Scalar.shr(s, 3));
143
-
144
- const composeBuff = new Uint8Array(32 + msg.length);
145
- composeBuff.set(sBuff.slice(32), 0);
146
- F.toRprLE(composeBuff, 32, msg);
147
- const rBuff = createBlakeHash("blake512").update(Buffer.from(composeBuff)).digest();
148
- let r = Scalar.mod(Scalar.fromRprLE(rBuff, 0, 64), this.babyJub.subOrder);
149
- const R8 = this.babyJub.mulPointEscalar(this.babyJub.Base8, r);
150
-
151
- const hm = this.poseidon([R8[0], R8[1], A[0], A[1], msg]);
152
- const hms = Scalar.e(this.babyJub.F.toObject(hm));
153
- const S = Scalar.mod(
154
- Scalar.add(
155
- r,
156
- Scalar.mul(hms, s)
157
- ),
158
- this.babyJub.subOrder
159
- )
160
- return {
161
- R8: R8,
162
- S: S
163
- };
164
- }
165
-
166
- verifyPedersen(msg, sig, A) {
167
- // Check parameters
168
- if (typeof sig != "object") return false;
169
- if (!Array.isArray(sig.R8)) return false;
170
- if (sig.R8.length!= 2) return false;
171
- if (!this.babyJub.inCurve(sig.R8)) return false;
172
- if (!Array.isArray(A)) return false;
173
- if (A.length!= 2) return false;
174
- if (!this.babyJub.inCurve(A)) return false;
175
- if (Scalar.geq(sig.S, this.babyJub.subOrder)) return false;
176
-
177
- const R8p = this.babyJub.packPoint(sig.R8);
178
- const Ap = this.babyJub.packPoint(A);
179
-
180
-
181
- const composeBuff2 = new Uint8Array(64 + msg.length);
182
- composeBuff2.set(R8p, 0);
183
- composeBuff2.set(Ap, 32);
184
- composeBuff2.set(msg, 64);
185
-
186
-
187
- const hmBuff = this.pedersenHash.hash(composeBuff2);
188
- const hm = Scalar.fromRprLE(hmBuff, 0, 32);
189
-
190
- const Pleft = this.babyJub.mulPointEscalar(this.babyJub.Base8, sig.S);
191
- let Pright = this.babyJub.mulPointEscalar(A, Scalar.mul(hm,8));
192
- Pright = this.babyJub.addPoint(sig.R8, Pright);
193
-
194
- if (!this.babyJub.F.eq(Pleft[0],Pright[0])) return false;
195
- if (!this.babyJub.F.eq(Pleft[1],Pright[1])) return false;
196
- return true;
197
- }
198
-
199
- verifyMiMC(msg, sig, A) {
200
- // Check parameters
201
- if (typeof sig != "object") return false;
202
- if (!Array.isArray(sig.R8)) return false;
203
- if (sig.R8.length!= 2) return false;
204
- if (!this.babyJub.inCurve(sig.R8)) return false;
205
- if (!Array.isArray(A)) return false;
206
- if (A.length!= 2) return false;
207
- if (!this.babyJub.inCurve(A)) return false;
208
- if (sig.S>= this.babyJub.subOrder) return false;
209
-
210
- const hm = this.mimc7.multiHash([sig.R8[0], sig.R8[1], A[0], A[1], msg]);
211
- const hms = Scalar.e(this.babyJub.F.toObject(hm));
212
-
213
- const Pleft = this.babyJub.mulPointEscalar(this.babyJub.Base8, sig.S);
214
- let Pright = this.babyJub.mulPointEscalar(A, Scalar.mul(hms, 8));
215
- Pright = this.babyJub.addPoint(sig.R8, Pright);
216
-
217
- if (!this.babyJub.F.eq(Pleft[0],Pright[0])) return false;
218
- if (!this.babyJub.F.eq(Pleft[1],Pright[1])) return false;
219
- return true;
220
- }
221
-
222
- verifyPoseidon(msg, sig, A) {
223
-
224
- // Check parameters
225
- if (typeof sig != "object") return false;
226
- if (!Array.isArray(sig.R8)) return false;
227
- if (sig.R8.length!= 2) return false;
228
- if (!this.babyJub.inCurve(sig.R8)) return false;
229
- if (!Array.isArray(A)) return false;
230
- if (A.length!= 2) return false;
231
- if (!this.babyJub.inCurve(A)) return false;
232
- if (sig.S>= this.babyJub.subOrder) return false;
233
-
234
- const hm = this.poseidon([sig.R8[0], sig.R8[1], A[0], A[1], msg]);
235
- const hms = Scalar.e(this.babyJub.F.toObject(hm));
236
-
237
- const Pleft = this.babyJub.mulPointEscalar(this.babyJub.Base8, sig.S);
238
- let Pright = this.babyJub.mulPointEscalar(A, Scalar.mul(hms, 8));
239
- Pright = this.babyJub.addPoint(sig.R8, Pright);
240
-
241
- if (!this.babyJub.F.eq(Pleft[0],Pright[0])) return false;
242
- if (!this.babyJub.F.eq(Pleft[1],Pright[1])) return false;
243
- return true;
244
- }
245
-
246
- verifyMiMCSponge(msg, sig, A) {
247
-
248
- // Check parameters
249
- if (typeof sig != "object") return false;
250
- if (!Array.isArray(sig.R8)) return false;
251
- if (sig.R8.length!= 2) return false;
252
- if (!this.babyJub.inCurve(sig.R8)) return false;
253
- if (!Array.isArray(A)) return false;
254
- if (A.length!= 2) return false;
255
- if (!this.babyJub.inCurve(A)) return false;
256
- if (sig.S>= this.babyJub.subOrder) return false;
257
-
258
- const hm = this.mimcSponge.multiHash([sig.R8[0], sig.R8[1], A[0], A[1], msg]);
259
- const hms = Scalar.e(this.babyJub.F.toObject(hm));
260
-
261
- const Pleft = this.babyJub.mulPointEscalar(this.babyJub.Base8, sig.S);
262
- let Pright = this.babyJub.mulPointEscalar(A, Scalar.mul(hms, 8));
263
- Pright = this.babyJub.addPoint(sig.R8, Pright);
264
-
265
- if (!this.babyJub.F.eq(Pleft[0],Pright[0])) return false;
266
- if (!this.babyJub.F.eq(Pleft[1],Pright[1])) return false;
267
- return true;
268
- }
269
-
270
- packSignature(sig) {
271
- const buff = new Uint8Array(64);
272
- const R8p = this.babyJub.packPoint(sig.R8);
273
- buff.set(R8p, 0)
274
- const Sp = Scalar.toRprLE(buff, 32, sig.S, 32);
275
- return buff;
276
- }
277
-
278
- unpackSignature(sigBuff) {
279
- return {
280
- R8: this.babyJub.unpackPoint(sigBuff.slice(0,32)),
281
- S: Scalar.fromRprLE(sigBuff, 32, 32)
282
- };
283
- }
284
- }
285
-
286
-
package/src/evmasm.js DELETED
@@ -1,209 +0,0 @@
1
- // Copyright (c) 2018 Jordi Baylina
2
- // License: LGPL-3.0+
3
- //
4
-
5
- import { ethers } from "ethers";
6
- import {Scalar} from "ffjavascript";
7
-
8
- export default class Contract {
9
- constructor() {
10
- this.code = [];
11
- this.labels = {};
12
- this.pendingLabels = {};
13
- }
14
-
15
- createTxData() {
16
- let C;
17
-
18
- // Check all labels are defined
19
- const pendingLabels = Object.keys(this.pendingLabels);
20
- if (pendingLabels.length>0) {
21
- throw new Error("Lables not defined: "+ pendingLabels.join(", "));
22
- }
23
-
24
- let setLoaderLength = 0;
25
- let genLoadedLength = -1;
26
-
27
- while (genLoadedLength!=setLoaderLength) {
28
- setLoaderLength = genLoadedLength;
29
- C = new Contract();
30
- C.codesize();
31
- C.push(setLoaderLength);
32
- C.push(0);
33
- C.codecopy();
34
-
35
- C.push(this.code.length);
36
- C.push(0);
37
- C.return();
38
- genLoadedLength = C.code.length;
39
- }
40
-
41
- return ethers.utils.hexlify(C.code.concat(this.code));
42
- }
43
-
44
- stop() { this.code.push(0x00); }
45
- add() { this.code.push(0x01); }
46
- mul() { this.code.push(0x02); }
47
- sub() { this.code.push(0x03); }
48
- div() { this.code.push(0x04); }
49
- sdiv() { this.code.push(0x05); }
50
- mod() { this.code.push(0x06); }
51
- smod() { this.code.push(0x07); }
52
- addmod() { this.code.push(0x08); }
53
- mulmod() { this.code.push(0x09); }
54
- exp() { this.code.push(0x0a); }
55
- signextend() { this.code.push(0x0b); }
56
-
57
- lt() { this.code.push(0x10); }
58
- gt() { this.code.push(0x11); }
59
- slt() { this.code.push(0x12); }
60
- sgt() { this.code.push(0x13); }
61
- eq() { this.code.push(0x14); }
62
- iszero() { this.code.push(0x15); }
63
- and() { this.code.push(0x16); }
64
- or() { this.code.push(0x17); }
65
- shor() { this.code.push(0x18); }
66
- not() { this.code.push(0x19); }
67
- byte() { this.code.push(0x1a); }
68
-
69
- keccak() { this.code.push(0x20); }
70
- sha3() { this.code.push(0x20); } // alias
71
-
72
- address() { this.code.push(0x30); }
73
- balance() { this.code.push(0x31); }
74
- origin() { this.code.push(0x32); }
75
- caller() { this.code.push(0x33); }
76
- callvalue() { this.code.push(0x34); }
77
- calldataload() { this.code.push(0x35); }
78
- calldatasize() { this.code.push(0x36); }
79
- calldatacopy() { this.code.push(0x37); }
80
- codesize() { this.code.push(0x38); }
81
- codecopy() { this.code.push(0x39); }
82
- gasprice() { this.code.push(0x3a); }
83
- extcodesize() { this.code.push(0x3b); }
84
- extcodecopy() { this.code.push(0x3c); }
85
- returndatasize() { this.code.push(0x3d); }
86
- returndatacopy() { this.code.push(0x3e); }
87
-
88
- blockhash() { this.code.push(0x40); }
89
- coinbase() { this.code.push(0x41); }
90
- timestamp() { this.code.push(0x42); }
91
- number() { this.code.push(0x43); }
92
- difficulty() { this.code.push(0x44); }
93
- gaslimit() { this.code.push(0x45); }
94
-
95
- pop() { this.code.push(0x50); }
96
- mload() { this.code.push(0x51); }
97
- mstore() { this.code.push(0x52); }
98
- mstore8() { this.code.push(0x53); }
99
- sload() { this.code.push(0x54); }
100
- sstore() { this.code.push(0x55); }
101
-
102
- _pushLabel(label) {
103
- if (typeof this.labels[label] != "undefined") {
104
- this.push(this.labels[label]);
105
- } else {
106
- this.pendingLabels[label] = this.pendingLabels[label] || [];
107
- this.pendingLabels[label].push(this.code.length);
108
- this.push("0x000000");
109
- }
110
- }
111
-
112
- _fillLabel(label) {
113
- if (!this.pendingLabels[label]) return;
114
-
115
- let dst = this.labels[label];
116
-
117
- const dst3 = [dst >> 16, (dst >> 8) & 0xFF, dst & 0xFF];
118
-
119
- this.pendingLabels[label].forEach((p) => {
120
- for (let i=0; i<3; i++) {
121
- this.code[p+i+1] = dst3[i];
122
- }
123
- });
124
-
125
- delete this.pendingLabels[label];
126
- }
127
-
128
-
129
- jmp(label) {
130
- if (typeof label !== "undefined") {
131
- this._pushLabel(label);
132
- }
133
- this.code.push(0x56);
134
- }
135
-
136
- jmpi(label) {
137
- if (typeof label !== "undefined") {
138
- this._pushLabel(label);
139
- }
140
- this.code.push(0x57);
141
- }
142
-
143
- pc() { this.code.push(0x58); }
144
- msize() { this.code.push(0x59); }
145
- gas() { this.code.push(0x5a); }
146
- label(name) {
147
- if (typeof this.labels[name] != "undefined") {
148
- throw new Error("Label already defined");
149
- }
150
- this.labels[name] = this.code.length;
151
- this.code.push(0x5b);
152
-
153
- this._fillLabel(name);
154
- }
155
-
156
- push(data) {
157
- if ((typeof data !== "string") || (data.slice(0,2) != "0x")) {
158
- let v = Scalar.e(data);
159
- if (Scalar.isNegative(v)) {
160
- v = Scalar.add(Scalar.shl(Scalar.e(1), 256), v);
161
- }
162
- let S = Scalar.toString(v, 16);
163
- if (S.length % 2) S = "0"+S;
164
- S = "0x" +S;
165
- data = S;
166
- }
167
- const d = ethers.utils.arrayify(data);
168
- if (d.length == 0 || d.length > 32) {
169
- throw new Error("Assertion failed");
170
- }
171
- const a = [];
172
- this.code.push(0x5F + d.length);
173
- for (let i=0; i<d.length; i++) {
174
- this.code.push(d[i]);
175
- }
176
- }
177
-
178
- dup(n) {
179
- if (n < 0 || n >= 16) {
180
- throw new Error("Assertion failed");
181
- }
182
- this.code.push(0x80 + n);
183
- }
184
-
185
- swap(n) {
186
- if (n < 1 || n > 16) {
187
- throw new Error("Assertion failed");
188
- }
189
- this.code.push(0x8f + n);
190
- }
191
-
192
- log0() { this.code.push(0xa0); }
193
- log1() { this.code.push(0xa1); }
194
- log2() { this.code.push(0xa2); }
195
- log3() { this.code.push(0xa3); }
196
- log4() { this.code.push(0xa4); }
197
-
198
- create() { this.code.push(0xf0); }
199
- call() { this.code.push(0xf1); }
200
- callcode() { this.code.push(0xf2); }
201
- return() { this.code.push(0xf3); }
202
- delegatecall() { this.code.push(0xf4); }
203
-
204
- staticcall() { this.code.push(0xfa); }
205
- revert() { this.code.push(0xfd); }
206
- invalid() { this.code.push(0xfe); }
207
- selfdestruct() { this.code.push(0xff); }
208
- }
209
-
package/src/mimc7.js DELETED
@@ -1,78 +0,0 @@
1
- import {getCurveFromName, Scalar} from "ffjavascript";
2
-
3
- import { ethers } from "ethers";
4
-
5
- const SEED = "mimc";
6
- const NROUNDS = 91;
7
-
8
- export default async function buildMimc7() {
9
- const bn128 = await getCurveFromName("bn128", true);
10
- return new Mimc7(bn128.Fr);
11
- }
12
-
13
-
14
- class Mimc7 {
15
- constructor (F) {
16
- this.F = F;
17
- this.cts = this.getConstants(SEED, 91);
18
- }
19
-
20
- getIV(seed) {
21
- const F = this.F;
22
- if (typeof seed === "undefined") seed = SEED;
23
- const c = ethers.utils.keccak256(ethers.utils.toUtf8Bytes(seed+"_iv"));
24
- const cn = Scalar.e(c);
25
- const iv = Scalar.mod(cn, F.p);
26
- return iv;
27
- };
28
-
29
- getConstants(seed, nRounds) {
30
- const F = this.F;
31
- if (typeof seed === "undefined") seed = SEED;
32
- if (typeof nRounds === "undefined") nRounds = NROUNDS;
33
- const cts = new Array(nRounds);
34
- let c = ethers.utils.keccak256(ethers.utils.toUtf8Bytes(SEED));
35
- for (let i=1; i<nRounds; i++) {
36
- c = ethers.utils.keccak256(c);
37
-
38
- cts[i] = F.e(c);
39
- }
40
- cts[0] = F.e(0);
41
- return cts;
42
- }
43
-
44
- hash (_x_in, _k) {
45
- const F = this.F;
46
- const x_in = F.e(_x_in);
47
- const k = F.e(_k);
48
- let r;
49
- for (let i=0; i<NROUNDS; i++) {
50
- const c = this.cts[i];
51
- const t = (i==0) ? F.add(x_in, k) : F.add(F.add(r, k), c);
52
- const t2 = F.square(t);
53
- const t4 = F.square(t2);
54
- r = F.mul(F.mul(t4, t2), t);
55
- }
56
- return F.add(r, k);
57
- }
58
-
59
- multiHash(arr, key) {
60
- const F = this.F;
61
- let r;
62
- if (typeof(key) === "undefined") {
63
- r = F.zero;
64
- } else {
65
- r = F.e(key);
66
- }
67
- for (let i=0; i<arr.length; i++) {
68
- r = F.add(
69
- F.add(
70
- r,
71
- F.e(arr[i])
72
- ),
73
- this.hash(F.e(arr[i]), r)
74
- );
75
- }
76
- return r;
77
- }
78
- }