astreum 0.2.7__py3-none-any.whl → 0.2.8__py3-none-any.whl

astreum/crypto/quadratic_form.py

@@ -0,0 +1,123 @@
+import math
+
+
+def extended_gcd(a: int, b: int) -> tuple[int, int, int]:
+    """
+    Return (g, x, y) such that a*x + b*y = g = gcd(a, b).
+    """
+    if b == 0:
+        return (a, 1, 0)
+    g, x1, y1 = extended_gcd(b, a % b)
+    return (g, y1, x1 - (a // b) * y1)
+
+
+def modinv(a: int, m: int) -> int:
+    """
+    Return modular inverse of a mod m.
+    """
+    g, x, _ = extended_gcd(a, m)
+    if g != 1:
+        raise ValueError(f"No modular inverse for {a} modulo {m}")
+    return x % m
+
+
+def is_reduced(q: 'QuadraticForm') -> bool:
+    """
+    Check if the form q is in reduced (Gauss) form:
+      |b| <= a <= c, and if a == c then b >= 0.
+    """
+    return abs(q.b) <= q.a <= q.c and not (q.a == q.c and q.b < 0)
+
+
+def is_primitive(a: int, b: int, c: int) -> bool:
+    """
+    Check if the form coefficients are coprime: gcd(a, b, c) == 1.
+    """
+    return math.gcd(math.gcd(a, b), c) == 1
+
+
+class QuadraticForm:
+    """
+    Represents the binary quadratic form ax^2 + bxy + cy^2 with discriminant D,
+    stored in reduced, primitive form.
+    """
+
+    def __init__(self, a: int, b: int, c: int, D: int):
+        if b*b - 4*a*c != D:
+            raise ValueError(f"Discriminant mismatch: b^2 - 4ac = {b*b - 4*a*c}, expected {D}")
+        if not is_primitive(a, b, c):
+            raise ValueError("Form coefficients are not coprime (not primitive)")
+        self.a = a
+        self.b = b
+        self.c = c
+        self.D = D
+
+    def reduce(self) -> 'QuadraticForm':
+        """
+        Perform Gauss reduction until the form is reduced.
+        """
+        while not is_reduced(self):
+            self._gauss_step()
+        return self
+
+    def _gauss_step(self) -> None:
+        """
+        One iteration of Gauss reduction on the current form.
+        """
+        a, b, c = self.a, self.b, self.c
+        # Compute m = round(b / (2a)) using integer arithmetic
+        sign = 1 if b >= 0 else -1
+        m = (b + sign * a) // (2 * a)
+        # Update b and c
+        b_new = b - 2 * m * a
+        c_new = m * m * a - m * b + c
+        # Assign back
+        self.b = b_new
+        self.c = c_new
+        # Swap if needed to ensure a <= c and proper sign
+        if a > self.c or (a == self.c and self.b < 0):
+            self.a, self.b, self.c = self.c, -self.b, a
+
+    def __mul__(self, other: 'QuadraticForm') -> 'QuadraticForm':
+        """
+        Dirichlet (NUCOMP) composition of two forms of the same discriminant.
+        """
+        if self.D != other.D:
+            raise ValueError("Cannot compose forms with different discriminants")
+        a1, b1, c1 = self.a, self.b, self.c
+        a2, b2, c2 = other.a, other.b, other.c
+        D = self.D
+        # Compute g = gcd(a1, a2, (b1 + b2)//2)
+        k = (b1 + b2) // 2
+        g = math.gcd(math.gcd(a1, a2), k)
+        a1p = a1 // g
+        a2p = a2 // g
+        # Solve m * a1p ≡ (b2 - b1)//2 mod a2p
+        diff = (b2 - b1) // 2
+        inv = modinv(a1p, a2p)
+        m = (diff * inv) % a2p
+        # Compute composed coefficients
+        b3 = b1 + 2 * m * a1
+        a3 = a1 * a2p
+        c3 = (b3 * b3 - D) // (4 * a3)
+        return QuadraticForm(a3, b3, c3, D).reduce()
+
+    def to_bytes(self) -> bytes:
+        """
+        Serialize this form to bytes (a and b, big-endian, fixed width).
+        """
+        # Width: enough to hold |D| bitlength / 8 rounded up
+        width = (self.D.bit_length() + 15) // 8
+        return self.a.to_bytes(width, 'big', signed=True) + \
+               self.b.to_bytes(width, 'big', signed=True)
+
+    @classmethod
+    def from_bytes(cls, data: bytes, D: int) -> 'QuadraticForm':
+        """
+        Deserialize bytes back into a QuadraticForm for discriminant D.
+        """
+        width = len(data) // 2
+        a = int.from_bytes(data[:width], 'big', signed=True)
+        b = int.from_bytes(data[width:], 'big', signed=True)
+        c = (b*b - D) // (4 * a)
+        return cls(a, b, c, D).reduce()

astreum/crypto/wesolowski.py

@@ -0,0 +1,154 @@
+import hashlib
+from typing import Tuple
+from quadratic_form import QuadraticForm
+
+# --- Helper functions ---------------------------------------------------
+
+def hash_to_int(*args: bytes) -> int:
+    """
+    Hash the concatenation of args (bytes) to a large integer using SHA-256.
+    """
+    h = hashlib.sha256()
+    for b in args:
+        h.update(b)
+    return int.from_bytes(h.digest(), 'big')
+
+# --- Class-group VDF functions using QuadraticForm ----------------------
+
+def group_mul(x: QuadraticForm, y: QuadraticForm) -> QuadraticForm:
+    """
+    Compose two class-group elements via QuadraticForm multiplication.
+    """
+    return (x * y)
+
+
+def identity(D: int) -> QuadraticForm:
+    """
+    Return the identity element of the class group for discriminant D.
+    """
+    # For D ≡ 1 mod 4, identity form is (1, 1, (1-D)//4)
+    b0 = 1
+    c0 = (b0*b0 - D) // 4
+    return QuadraticForm(1, b0, c0, D)
+
+
+def class_group_square(x: QuadraticForm) -> QuadraticForm:
+    """
+    One sequential squaring step in the class group.
+    """
+    return group_mul(x, x)
+
+
+def group_exp(x: QuadraticForm, exponent: int) -> QuadraticForm:
+    """
+    Fast exponentiation in the class group by repeated squaring.
+    """
+    result = identity(x.D)
+    base = x
+    e = exponent
+    while e > 0:
+        if e & 1:
+            result = group_mul(result, base)
+        base = group_mul(base, base)
+        e >>= 1
+    return result
+
+# --- Wesolowski proof and verify ----------------------------------------
+
+def compute_wesolowski_proof(
+    x0: QuadraticForm,
+    y: QuadraticForm,
+    T: int
+) -> QuadraticForm:
+    """
+    Compute the Wesolowski proof π for VDF evaluation:
+    Solve 2^T = c * q + r, where
+      c = hash(x0 || y || T)
+    Return π = x0^q in the class group.
+    """
+    # Derive challenge c
+    h_bytes = serialize(x0) + serialize(y) + T.to_bytes((T.bit_length()+7)//8, 'big')
+    c = hash_to_int(h_bytes)
+    # Divide exponent
+    two_T = 1 << T
+    q, r = divmod(two_T, c)
+    # π = x0^q
+    return group_exp(x0, q)
+
+
+def verify_wesolowski_proof(
+    x0: QuadraticForm,
+    y: QuadraticForm,
+    pi: QuadraticForm,
+    T: int
+) -> bool:
+    """
+    Verify π satisfies: π^c * x0^r == y.
+    """
+    h_bytes = serialize(x0) + serialize(y) + T.to_bytes((T.bit_length()+7)//8, 'big')
+    c = hash_to_int(h_bytes)
+    two_T = 1 << T
+    q, r = divmod(two_T, c)
+    lhs = group_mul(group_exp(pi, c), group_exp(x0, r))
+    return lhs == y
+
+# --- Serialization helpers ----------------------------------------------
+
+def serialize(x: QuadraticForm) -> bytes:
+    """
+    Serialize a QuadraticForm to bytes.
+    """
+    return x.to_bytes()
+
+
+def deserialize(data: bytes, D: int) -> QuadraticForm:
+    """
+    Deserialize bytes into a QuadraticForm of discriminant D.
+    """
+    return QuadraticForm.from_bytes(data, D)
+
+# --- Public VDF API -----------------------------------------------------
+
+def generate(
+    old_output: bytes,
+    T: int,
+    D: int
+) -> Tuple[bytes, bytes]:
+    """
+    Evaluate the VDF by sequentially squaring the previous output 'T' times,
+    then produce a Wesolowski proof.
+
+    Returns:
+      new_output : serialized new VDF output (y)
+      proof      : serialized proof (π)
+    """
+    # Decode previous output
+    x0 = deserialize(old_output, D)
+    # Sequential squarings
+    x = x0
+    for _ in range(T):
+        x = class_group_square(x)
+    # Serialize output
+    y_bytes = serialize(x)
+    # Compute proof
+    pi = compute_wesolowski_proof(x0, x, T)
+    proof_bytes = serialize(pi)
+    return y_bytes, proof_bytes
+
+
+def verify(
+    old_output: bytes,
+    new_output: bytes,
+    proof: bytes,
+    T: int,
+    D: int
+) -> bool:
+    """
+    Verify the Wesolowski VDF proof.
+
+    Returns True if valid, False otherwise.
+    """
+    x0 = deserialize(old_output, D)
+    y  = deserialize(new_output, D)
+    pi = deserialize(proof, D)
+    return verify_wesolowski_proof(x0, y, pi, T)

{astreum-0.2.7.dist-info → astreum-0.2.8.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: astreum
-Version: 0.2.7
+Version: 0.2.8
 Summary: Python library to interact with the Astreum blockchain and its Lispeum virtual machine.
 Author-email: "Roy R. O. Okello" <roy@stelar.xyz>
 Project-URL: Homepage, https://github.com/astreum/lib

{astreum-0.2.7.dist-info → astreum-0.2.8.dist-info}/RECORD

@@ -7,12 +7,14 @@ astreum/_node/storage/merkle.py,sha256=XCQBrHbwI0FuPTCUwHOy-Kva3uWbvCdw_-13hRPf1
 astreum/_node/storage/patricia.py,sha256=tynxn_qETCU9X7yJdeh_0GHpC8Pzcoq4CWrSZlMUeRc,11546
 astreum/crypto/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 astreum/crypto/ed25519.py,sha256=FRnvlN0kZlxn4j-sJKl-C9tqiz_0z4LZyXLj3KIj1TQ,1760
+astreum/crypto/quadratic_form.py,sha256=pJgbORey2NTWbQNhdyvrjy_6yjORudQ67jBz2ScHptg,4037
+astreum/crypto/wesolowski.py,sha256=FDAX82L5cceR6DGTtUO57ZhcxpBNiskGrnLWnd_3BSw,4084
 astreum/crypto/x25519.py,sha256=i29v4BmwKRcbz9E7NKqFDQyxzFtJUqN0St9jd7GS1uA,1137
 astreum/lispeum/__init__.py,sha256=K-NDzIjtIsXzC9X7lnYvlvIaVxjFcY7WNsgLIE3DH3U,58
 astreum/lispeum/parser.py,sha256=jQRzZYvBuSg8t_bxsbt1-WcHaR_LPveHNX7Qlxhaw-M,1165
 astreum/lispeum/tokenizer.py,sha256=J-I7MEd0r2ZoVqxvRPlu-Afe2ZdM0tKXXhf1R4SxYTo,1429
-astreum-0.2.7.dist-info/licenses/LICENSE,sha256=gYBvRDP-cPLmTyJhvZ346QkrYW_eleke4Z2Yyyu43eQ,1089
-astreum-0.2.7.dist-info/METADATA,sha256=XNEj0LtWAJMnTLPgvIfZDawrG7PIrLXiPm6pAv2g4Og,5453
-astreum-0.2.7.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-astreum-0.2.7.dist-info/top_level.txt,sha256=1EG1GmkOk3NPmUA98FZNdKouhRyget-KiFiMk0i2Uz0,8
-astreum-0.2.7.dist-info/RECORD,,
+astreum-0.2.8.dist-info/licenses/LICENSE,sha256=gYBvRDP-cPLmTyJhvZ346QkrYW_eleke4Z2Yyyu43eQ,1089
+astreum-0.2.8.dist-info/METADATA,sha256=mXlFwukobFtoWXDbgQOr__JH_9xnTfMWoginX-KoR7k,5453
+astreum-0.2.8.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+astreum-0.2.8.dist-info/top_level.txt,sha256=1EG1GmkOk3NPmUA98FZNdKouhRyget-KiFiMk0i2Uz0,8
+astreum-0.2.8.dist-info/RECORD,,