starkshield 1.0.0

package/circomlib/test/pedersen2.js

@@ -0,0 +1,56 @@
+const path = require("path");
+
+const Scalar = require("ffjavascript").Scalar;
+
+const buildPedersenHash = require("circomlibjs").buildPedersenHash;
+const buildBabyJub = require("circomlibjs").buildBabyjub;
+
+const wasm_tester = require("circom_tester").wasm;
+
+
+describe("Pedersen test", function() {
+    let babyJub
+    let pedersen;
+    let F;
+    let circuit;
+    this.timeout(100000);
+    before( async() => {
+
+        babyJub = await buildBabyJub();
+        F = babyJub.F;
+        pedersen = await buildPedersenHash();
+        circuit = await wasm_tester(path.join(__dirname, "circuits", "pedersen2_test.circom"));
+    });
+    it("Should pedersen at zero", async () => {
+
+        let w;
+
+        w = await circuit.calculateWitness({ in: 0}, true);
+
+        const b = Buffer.alloc(32);
+
+        const h = pedersen.hash(b);
+        const hP = babyJub.unpackPoint(h);
+
+        await circuit.assertOut(w, {out: [F.toObject(hP[0]), F.toObject(hP[1])] });
+
+    });
+    it("Should pedersen with 253 ones", async () => {
+
+        let w;
+
+        const n = F.e(Scalar.sub(Scalar.shl(Scalar.e(1), 253), Scalar.e(1)));
+
+        w = await circuit.calculateWitness({ in: F.toObject(n)}, true);
+
+        const b = Buffer.alloc(32);
+        for (let i=0; i<31; i++) b[i] = 0xFF;
+        b[31] = 0x1F;
+
+        const h = pedersen.hash(b);
+        const hP = babyJub.unpackPoint(h);
+
+        await circuit.assertOut(w, {out: [F.toObject(hP[0]), F.toObject(hP[1])] });
+
+    });
+});

package/circomlib/test/point2bits.js

@@ -0,0 +1,30 @@
+const path = require("path");
+const wasm_tester = require("circom_tester").wasm;
+const buildBabyJub = require("circomlibjs").buildBabyjub;
+
+const babyJub = require("circomlibjs").babyjub;
+
+
+describe("Point 2 bits test", function() {
+    let babyJub;
+    let F;
+    let circuit;
+    this.timeout(100000);
+    before( async() => {
+        babyJub = await buildBabyJub();
+        F = babyJub.F;
+
+        circuit = await wasm_tester(path.join(__dirname, "circuits", "pointbits_loopback.circom"));
+    });
+
+    it("Should do the both convertions for 8Base", async () => {
+        const w = await circuit.calculateWitness({ in: [F.toObject(babyJub.Base8[0]), F.toObject(babyJub.Base8[1])]}, true);
+
+        await circuit.checkConstraints(w);
+    });
+    it("Should do the both convertions for Zero point", async () => {
+        const w = await circuit.calculateWitness({ in: [0, 1]}, true);
+
+        await circuit.checkConstraints(w);
+    });
+});

package/circomlib/test/poseidoncircuit.js

@@ -0,0 +1,80 @@
+const chai = require("chai");
+const path = require("path");
+const wasm_tester = require("circom_tester").wasm;
+
+const buildPoseidon = require("circomlibjs").buildPoseidon;
+
+const assert = chai.assert;
+
+describe("Poseidon Circuit test", function () {
+    let poseidon;
+    let F;
+    let circuit6;
+    let circuit3;
+    let circuitEx;
+
+    this.timeout(1000000);
+
+    before( async () => {
+        poseidon = await buildPoseidon();
+        F = poseidon.F;
+        circuit6 = await wasm_tester(path.join(__dirname, "circuits", "poseidon6_test.circom"));
+        circuit3 = await wasm_tester(path.join(__dirname, "circuits", "poseidon3_test.circom"));
+        circuitEx = await wasm_tester(path.join(__dirname, "circuits", "poseidonex_test.circom"));
+    });
+
+    it("Should check constrain of hash([1, 2]) t=6", async () => {
+        const w = await circuit6.calculateWitness({inputs: [1, 2, 0,0,0]}, true);
+
+        const res2 = poseidon([1,2,0,0,0]);
+
+        assert(F.eq(F.e("1018317224307729531995786483840663576608797660851238720571059489595066344487"), F.e(res2)));
+        await circuit6.assertOut(w, {out : F.toObject(res2)});
+        await circuit6.checkConstraints(w);
+    });
+
+    it("Should check constrain of hash([3, 4]) t=6", async () => {
+        const w = await circuit6.calculateWitness({inputs: [3, 4,5,10,23]});
+
+        const res2 = poseidon([3, 4,5,10,23]);
+
+        assert(F.eq(F.e("13034429309846638789535561449942021891039729847501137143363028890275222221409"), F.e(res2)));
+        await circuit6.assertOut(w, {out : F.toObject(res2)});
+        await circuit6.checkConstraints(w);
+    });
+
+
+    it("Should check constrain of hash([1, 2]) t=3", async () => {
+        const w = await circuit3.calculateWitness({inputs: [1, 2]});
+
+        const res2 = poseidon([1,2]);
+
+        assert(F.eq(F.e("7853200120776062878684798364095072458815029376092732009249414926327459813530"), F.e(res2)));
+        await circuit3.assertOut(w, {out : F.toObject(res2)});
+        await circuit3.checkConstraints(w);
+    });
+
+    it("Should check constrain of hash([3, 4]) t=3", async () => {
+        const w = await circuit3.calculateWitness({inputs: [3, 4]});
+
+        const res2 = poseidon([3, 4]);
+
+        assert(F.eq(F.e("14763215145315200506921711489642608356394854266165572616578112107564877678998"), F.e(res2)));
+        await circuit3.assertOut(w, {out : F.toObject(res2)});
+        await circuit3.checkConstraints(w);
+    });
+
+    it("Should check constrain of hash with state and 16 ins and outs", async () => {
+        const ins = [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16]
+        const w = await circuitEx.calculateWitness({inputs: ins, initialState: 17});
+
+        const res2 = poseidon(ins, 17, 17);
+        const res2f = [];
+        for (let i=0; i<res2.length; i++) {
+            res2f[i] = F.toObject(res2[i]);
+        }
+        await circuitEx.assertOut(w, {out : res2f});
+        await circuitEx.checkConstraints(w);
+    });
+
+});

package/circomlib/test/sha256.js

@@ -0,0 +1,118 @@
+const chai = require("chai");
+const path = require("path");
+const crypto = require("crypto");
+const F1Field = require("ffjavascript").F1Field;
+const Scalar = require("ffjavascript").Scalar;
+exports.p = Scalar.fromString("21888242871839275222246405745257275088548364400416034343698204186575808495617");
+const Fr = new F1Field(exports.p);
+
+const assert = chai.assert;
+
+const sha256 = require("./helpers/sha256");
+
+const wasm_tester = require("circom_tester").wasm;
+
+// const printSignal = require("./helpers/printsignal");
+
+
+function buffer2bitArray(b) {
+    const res = [];
+    for (let i=0; i<b.length; i++) {
+        for (let j=0; j<8; j++) {
+            res.push((b[i] >> (7-j) &1));
+        }
+    }
+    return res;
+}
+
+function bitArray2buffer(a) {
+    const len = Math.floor((a.length -1 )/8)+1;
+    const b = new Buffer.alloc(len);
+
+    for (let i=0; i<a.length; i++) {
+        const p = Math.floor(i/8);
+        b[p] = b[p] | (Number(a[i]) << ( 7 - (i%8)  ));
+    }
+    return b;
+}
+
+
+describe("SHA256 test", function () {
+    this.timeout(100000);
+
+
+    it("Should work bits to array and array to bits", async () => {
+        const b = new Buffer.alloc(64);
+        for (let i=0; i<64; i++) {
+            b[i] = i+1;
+        }
+        const a = buffer2bitArray(b);
+        const b2 = bitArray2buffer(a);
+
+        assert.equal(b.toString("hex"), b2.toString("hex"), true);
+    });
+
+    it("Should calculate a hash of 1 compressor", async () => {
+        const cir = await wasm_tester(path.join(__dirname, "circuits", "sha256_2_test.circom"));
+
+        const witness = await cir.calculateWitness({ "a": "1", "b": "2" }, true);
+
+        const b = new Buffer.alloc(54);
+        b[26] = 1;
+        b[53] = 2;
+
+        const hash = crypto.createHash("sha256")
+            .update(b)
+            .digest("hex");
+        const r = "0x" + hash.slice(10);
+
+        const hash2 = sha256.hash(b.toString("hex"), {msgFormat: "hex-bytes"});
+
+        assert.equal(hash, hash2);
+
+        assert(Fr.eq(witness[1], Fr.e(r)));
+    }).timeout(1000000);
+
+    it("Should calculate a hash of 2 compressor", async () => {
+        const cir = await wasm_tester(path.join(__dirname, "circuits", "sha256_test512.circom"));
+
+        const b = new Buffer.alloc(64);
+        for (let i=0; i<64; i++) {
+            b[i] = i+1;
+        }
+
+        const hash = crypto.createHash("sha256")
+            .update(b)
+            .digest("hex");
+
+        const arrIn = buffer2bitArray(b);
+        const witness = await cir.calculateWitness({ "in": arrIn }, true);
+
+        const arrOut = witness.slice(1, 257);
+        const hash2 = bitArray2buffer(arrOut).toString("hex");
+
+        assert.equal(hash, hash2);
+
+    }).timeout(1000000);
+    it ("Should calculate a hash of 2 compressor", async () => {
+        const cir = await wasm_tester(path.join(__dirname, "circuits", "sha256_test448.circom"));
+
+        const testStr = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+
+        const b = Buffer.from(testStr, "utf8");
+
+        const hash = crypto.createHash("sha256")
+            .update(b)
+            .digest("hex");
+
+        const arrIn = buffer2bitArray(b);
+
+        const witness = await cir.calculateWitness({ "in": arrIn }, true);
+
+        const arrOut = witness.slice(1, 257);
+        const hash2 = bitArray2buffer(arrOut).toString("hex");
+
+        assert.equal(hash, hash2);
+    });
+
+});

package/circomlib/test/sign.js

@@ -0,0 +1,82 @@
+const path = require("path");
+const F1Field = require("ffjavascript").F1Field;
+const Scalar = require("ffjavascript").Scalar;
+exports.p = Scalar.fromString("21888242871839275222246405745257275088548364400416034343698204186575808495617");
+const Fr = new F1Field(exports.p);
+const wasm_tester = require("circom_tester").wasm;
+
+function print(circuit, w, s) {
+    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
+}
+
+function getBits(v, n) {
+    const res = [];
+    for (let i=0; i<n; i++) {
+        if (Scalar.isOdd(Scalar.shr(v, i))) {
+            res.push(Fr.one);
+        } else {
+            res.push(Fr.zero);
+        }
+    }
+    return res;
+}
+
+const q = Scalar.fromString("21888242871839275222246405745257275088548364400416034343698204186575808495617");
+
+describe("Sign test", function() {
+    let circuit;
+    this.timeout(100000);
+
+    before( async() => {
+        circuit = await wasm_tester(path.join(__dirname, "circuits", "sign_test.circom"));
+    });
+
+    it("Sign of 0", async () => {
+        const inp = getBits(Scalar.e(0), 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 0});
+    });
+
+    it("Sign of 3", async () => {
+        const inp = getBits(Scalar.e(3), 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 0});
+    });
+
+    it("Sign of q/2", async () => {
+        const inp = getBits(Scalar.shr(q, 1), 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 0});
+    });
+
+    it("Sign of q/2+1", async () => {
+        const inp = getBits(Scalar.add(Scalar.shr(q, 1), 1) , 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 1});
+    });
+
+    it("Sign of q-1", async () => {
+        const inp = getBits(Scalar.sub(q, 1), 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 1});
+    });
+
+    it("Sign of q", async () => {
+        const inp = getBits(q, 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 1});
+    });
+
+    it("Sign of all ones", async () => {
+        const inp = getBits(Scalar.sub(Scalar.shl(1,254),1), 254);
+        const w = await circuit.calculateWitness({in: inp}, true);
+
+        await circuit.assertOut(w, {sign: 1});
+    });
+});

package/circomlib/test/smtprocessor.js

@@ -0,0 +1,219 @@
+const chai = require("chai");
+const path = require("path");
+const wasm_tester = require("circom_tester").wasm;
+const F1Field = require("ffjavascript").F1Field;
+const Scalar = require("ffjavascript").Scalar;
+
+const newMemEmptyTrie = require("circomlibjs").newMemEmptyTrie;
+
+const assert = chai.assert;
+
+function print(circuit, w, s) {
+    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
+}
+
+async function testInsert(tree, _key, _value, circuit ) {
+    const key = tree.F.e(_key);
+    const value = tree.F.e(_value)
+
+    const res = await tree.insert(key,value);
+    let siblings = res.siblings;
+    for (let i=0; i<siblings.length; i++) siblings[i] = tree.F.toObject(siblings[i]);
+    while (siblings.length<10) siblings.push(0);
+
+    const w = await circuit.calculateWitness({
+        fnc: [1,0],
+        oldRoot: tree.F.toObject(res.oldRoot),
+        siblings: siblings,
+        oldKey: res.isOld0 ? 0 : tree.F.toObject(res.oldKey),
+        oldValue: res.isOld0 ? 0 : tree.F.toObject(res.oldValue),
+        isOld0: res.isOld0 ? 1 : 0,
+        newKey: tree.F.toObject(key),
+        newValue: tree.F.toObject(value)
+    }, true);
+
+    await circuit.checkConstraints(w);
+
+    await circuit.assertOut(w, {newRoot: tree.F.toObject(res.newRoot)});
+
+}
+
+async function testDelete(tree, _key, circuit) {
+    const key = tree.F.e(_key);
+    const res = await tree.delete(key);
+    let siblings = res.siblings;
+    for (let i=0; i<siblings.length; i++) siblings[i] = tree.F.toObject(siblings[i]);
+    while (siblings.length<10) siblings.push(0);
+
+    const w = await circuit.calculateWitness({
+        fnc: [1,1],
+        oldRoot: tree.F.toObject(res.oldRoot),
+        siblings: siblings,
+        oldKey: res.isOld0 ? 0 : tree.F.toObject(res.oldKey),
+        oldValue: res.isOld0 ? 0 : tree.F.toObject(res.oldValue),
+        isOld0: res.isOld0 ? 1 : 0,
+        newKey: tree.F.toObject(res.delKey),
+        newValue: tree.F.toObject(res.delValue)
+    }, true);
+
+    await circuit.checkConstraints(w);
+
+    await circuit.assertOut(w, {newRoot: tree.F.toObject(res.newRoot)});
+}
+
+async function testUpdate(tree, _key, _newValue, circuit) {
+    const key = tree.F.e(_key);
+    const newValue = tree.F.e(_newValue);
+    const res = await tree.update(key, newValue);
+    let siblings = res.siblings;
+    for (let i=0; i<siblings.length; i++) siblings[i] = tree.F.toObject(siblings[i]);
+    while (siblings.length<10) siblings.push(0);
+
+    const w = await circuit.calculateWitness({
+        fnc: [0,1],
+        oldRoot: tree.F.toObject(res.oldRoot),
+        siblings: siblings,
+        oldKey: tree.F.toObject(res.oldKey),
+        oldValue: tree.F.toObject(res.oldValue),
+        isOld0: 0,
+        newKey: tree.F.toObject(res.newKey),
+        newValue: tree.F.toObject(res.newValue)
+    });
+
+    await circuit.checkConstraints(w);
+
+    await circuit.assertOut(w, {newRoot: tree.F.toObject(res.newRoot)});
+}
+
+
+describe("SMT Processor test", function () {
+    let circuit;
+    let tree;
+    let Fr;
+
+    this.timeout(1000000000);
+
+    before( async () => {
+        circuit = await wasm_tester(path.join(__dirname, "circuits", "smtprocessor10_test.circom"));
+        await circuit.loadSymbols();
+
+        tree = await newMemEmptyTrie();
+        Fr = tree.F;
+    });
+
+    it("Should verify an insert to an empty tree", async () => {
+        const key = Fr.e(111);
+        const value = Fr.e(222);
+
+        await testInsert(tree, key, value, circuit);
+    });
+
+    it("It should add another element", async () => {
+        const key = Fr.e(333);
+        const value = Fr.e(444);
+
+        await testInsert(tree, key, value, circuit);
+    });
+
+    it("Should remove an element", async () => {
+        await testDelete(tree, 111, circuit);
+        await testDelete(tree, 333, circuit);
+    });
+
+    it("Should test convination of adding and removing 3 elements", async () => {
+        const keys = [Fr.e(8), Fr.e(9), Fr.e(32)];
+        const values = [Fr.e(88), Fr.e(99), Fr.e(3232)];
+        const tree1 = await newMemEmptyTrie();
+        const tree2 = await newMemEmptyTrie();
+        const tree3 = await newMemEmptyTrie();
+        const tree4 = await newMemEmptyTrie();
+        const tree5 = await newMemEmptyTrie();
+        const tree6 = await newMemEmptyTrie();
+
+        await testInsert(tree1,keys[0],values[0], circuit);
+        await testInsert(tree1,keys[1],values[1], circuit);
+        await testInsert(tree1,keys[2],values[2], circuit);
+
+        await testInsert(tree2,keys[0],values[0], circuit);
+        await testInsert(tree2,keys[2],values[2], circuit);
+        await testInsert(tree2,keys[1],values[1], circuit);
+
+        await testInsert(tree3,keys[1],values[1], circuit);
+        await testInsert(tree3,keys[0],values[0], circuit);
+        await testInsert(tree3,keys[2],values[2], circuit);
+
+        await testInsert(tree4,keys[1],values[1], circuit);
+        await testInsert(tree4,keys[2],values[2], circuit);
+        await testInsert(tree4,keys[0],values[0], circuit);
+
+        await testInsert(tree5,keys[2],values[2], circuit);
+        await testInsert(tree5,keys[0],values[0], circuit);
+        await testInsert(tree5,keys[1],values[1], circuit);
+
+        await testInsert(tree6,keys[2],values[2], circuit);
+        await testInsert(tree6,keys[1],values[1], circuit);
+        await testInsert(tree6,keys[0],values[0], circuit);
+
+
+        await testDelete(tree1, keys[0], circuit);
+        await testDelete(tree1, keys[1], circuit);
+        await testDelete(tree2, keys[1], circuit);
+        await testDelete(tree2, keys[0], circuit);
+
+        await testDelete(tree3, keys[0], circuit);
+        await testDelete(tree3, keys[2], circuit);
+        await testDelete(tree4, keys[2], circuit);
+        await testDelete(tree4, keys[0], circuit);
+
+
+        await testDelete(tree5, keys[1], circuit);
+        await testDelete(tree5, keys[2], circuit);
+        await testDelete(tree6, keys[2], circuit);
+        await testDelete(tree6, keys[1], circuit);
+
+        await testDelete(tree1, keys[2], circuit);
+        await testDelete(tree2, keys[2], circuit);
+        await testDelete(tree3, keys[1], circuit);
+        await testDelete(tree4, keys[1], circuit);
+        await testDelete(tree5, keys[0], circuit);
+        await testDelete(tree6, keys[0], circuit);
+    });
+
+    it("Should match a NOp with random vals", async () => {
+        let siblings = [];
+        while (siblings.length<10) siblings.push(88);
+        const w = await circuit.calculateWitness({
+            fnc: [0,0],
+            oldRoot: 11,
+            siblings: siblings,
+            oldKey: 33,
+            oldValue: 44,
+            isOld0: 55,
+            newKey: 66,
+            newValue: 77
+        });
+
+        const root1 = Fr.e(w[circuit.symbols["main.oldRoot"].varIdx]);
+        const root2 = Fr.e(w[circuit.symbols["main.newRoot"].varIdx]);
+
+        await circuit.checkConstraints(w);
+
+        assert(Fr.eq(root1, root2));
+    });
+    it("Should update an element", async () => {
+        const tree1 = await newMemEmptyTrie();
+        const tree2 = await newMemEmptyTrie();
+
+        await testInsert(tree1,8,88, circuit);
+        await testInsert(tree1,9,99, circuit);
+        await testInsert(tree1,32,3232, circuit);
+
+        await testInsert(tree2,8,888, circuit);
+        await testInsert(tree2,9,999, circuit);
+        await testInsert(tree2,32,323232, circuit);
+
+        await testUpdate(tree1, 8, 888, circuit);
+        await testUpdate(tree1, 9, 999, circuit);
+        await testUpdate(tree1, 32, 323232, circuit);
+    });
+});