operation

package
v0.0.0-...-7ece11e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 29, 2023 License: MIT Imports: 8 Imported by: 4

Documentation

Overview

Package operation allows for basic manipulation of scalars & group elements

Index

Constants

View Source 
const (
	Ed25519KeySize     = 32
	TxRandomIndexSize  = 4
	CStringBulletProof = "bulletproof"
	CStringAssetTag    = "blindedassettag"
	CStringOTA         = "onetimeaddress"
)
View Source 
const (
	PedersenPrivateKeyIndex = byte(0x00)
	PedersenValueIndex      = byte(0x01)
	PedersenSndIndex        = byte(0x02)
	PedersenShardIDIndex    = byte(0x03)
	PedersenRandomnessIndex = byte(0x04)
)

Variables

View Source 
var ScMinusOne = NewScalar().Negate(ScOne)
View Source 
var ScOne = NewScalar().FromUint64(1)
View Source 
var ScZero = NewScalar()

Functions

func CheckDuplicateScalarArray 

func CheckDuplicateScalarArray(arr []*Scalar) bool

CheckDuplicateScalarArray is a legacy function

func Compare 

func Compare(sca, scb *Scalar) int

Compare the value of two Scalars (as non-negative integers)

func IsPointEqual 

func IsPointEqual(pa *Point, pb *Point) bool

IsPointEqual checks the equality of 2 `Point`s

func IsScalarEqual 

func IsScalarEqual(sc1, sc2 *Scalar) bool

IsScalarEqual checks if two Scalars are equal

func Reverse 

func Reverse(x [32]byte) (result [32]byte)

Reverse returns a 32-byte array in reverse order (does not change the input)

Types

type MultiScalarMultBuilder 

type MultiScalarMultBuilder struct {
	// contains filtered or unexported fields
}

MultiScalarMultBuilder is a helper struct to make best use of MultiScalarMult functions. The idea is to delay the invocation of Point multiplications so we can combine them into 1 large `MultiScalarMult` operation, which is faster.

MultiScalarMultBuilder keeps track of lists of scalars & points of guaranteed matching length; it evaluates to `sum(scalars[i] * points[i]) + sum(static_scalars[i] * static_points[i])`. Static members are precomputed.

This struct assumes caller never passes "nil" scalars / points

func NewMultBuilder 

func NewMultBuilder(_useVarTime bool) *MultiScalarMultBuilder

NewMultBuilder returns a new instance of MultiScalarMultBuilder, with fields initialized to zero except static ones (which need a call to WithStaticPoints)

func (*MultiScalarMultBuilder) Append 

func (b *MultiScalarMultBuilder) Append(scLst []*Scalar, pLst []*Point) error

Append appends more scalars and points to b, making sure their lengths match. It does not clone but consumes its inputs.

This adds `sum(scLst[i] * pLst[i])` to evaluation of b.

func (*MultiScalarMultBuilder) AppendSingle 

func (b *MultiScalarMultBuilder) AppendSingle(sc *Scalar, p *Point)

AppendSingle appends 1 scalar & 1 point to b.

This adds `sc * p` to evaluation of b.

func (*MultiScalarMultBuilder) Clone 

func (b *MultiScalarMultBuilder) Clone() *MultiScalarMultBuilder

Clone returns an exact clone of b, with newly allocated members

func (*MultiScalarMultBuilder) ConcatScaled 

func (b *MultiScalarMultBuilder) ConcatScaled(b1 *MultiScalarMultBuilder, n *Scalar) error

ConcatScaled first scales the evaluation of `b1` by `n`, then concatenates it to the fields of b.

Dynamic members are appended, while static members are summed by-column.

This adds `sum(scalars_1[i] * points_1[i]) + sum(static_scalars_1[i] * static_points_1[i])` to the evaluation of b.

func (MultiScalarMultBuilder) Debug 

func (b MultiScalarMultBuilder) Debug()

func (*MultiScalarMultBuilder) Eval 

func (b *MultiScalarMultBuilder) Eval() (result *Point)

Eval invokes a multiscalar-mult function to finalize the builder `b`, returning the resulted Point.

It chooses the constant-time or variable-time variant of multiscalar-mult based on the contents of `b`; it clears `b` after execution.

func (*MultiScalarMultBuilder) MustAppend 

func (b *MultiScalarMultBuilder) MustAppend(scLst []*Scalar, pLst []*Point)

MustAppend appends more scalars and points to b. Caller must pass slices of matching lengths or it panics. It does not clone but consumes its inputs.

This adds `sum(scLst[i] * pLst[i])` to evaluation of b.

func (*MultiScalarMultBuilder) MustSetStatic 

func (sb *MultiScalarMultBuilder) MustSetStatic(startIndex int, scLst ...*Scalar)

MustSetStatic is the equivalent of MustAppend for static members. Static Points are identified using index.

func (*MultiScalarMultBuilder) SetStatic 

func (sb *MultiScalarMultBuilder) SetStatic(startIndex int, scLst ...*Scalar) error

SetStatic is the equivalent of Append for static members. Static Points are identified using index.

func (*MultiScalarMultBuilder) WithStaticPoints 

func (sb *MultiScalarMultBuilder) WithStaticPoints(ppLst []PrecomputedPoint) *staticPointMultBuilder

WithStaticPoints sets the list of static Points for the builder.

The slice is not cloned since PrecomputedPoint is immutable.

type PedersenCommitment 

type PedersenCommitment struct {
	G []*Point // generators
}

PedersenCommitment represents the parameters for the commitment 

var PedCom PedersenCommitment = NewPedersenParams()

func NewPedersenParams 

func NewPedersenParams() PedersenCommitment

NewPedersenParams returns the generators used for Pedersen commitments

func (PedersenCommitment) CommitAll 

func (com PedersenCommitment) CommitAll(openings []*Scalar) (*Point, error)

CommitAll commits a list of PCM_CAPACITY value(s)

func (PedersenCommitment) CommitAtIndex 

func (com PedersenCommitment) CommitAtIndex(value, rand *Scalar, index byte) *Point

CommitAtIndex commits specific value with index and returns `g^v x h^rand`

type Point 

type Point struct {
	// contains filtered or unexported fields
}

Point is a wrapper for `edwards25519.Point`, representing a point on the curve. It needs to be instantiated via constructor; while `new(Point)` can only be used as receiver. 

var GBase, HBase, RandomBase *Point

func HashToPoint 

func HashToPoint(b []byte) *Point

HashToPoint is a legacy map-to-point implementation

func HashToPointFromIndex 

func HashToPointFromIndex(index int32, padStr string) *Point

HashToPointFromIndex is a legacy function; it maps an index to a Point

func NewGeneratorPoint 

func NewGeneratorPoint() *Point

NewGeneratorPoint returns a new instance of the curve generator point

func NewIdentityPoint 

func NewIdentityPoint() *Point

NewIdentityPoint returns a new instance of the curve identity point

func RandomPoint 

func RandomPoint() *Point

RandomPoint returns a random point in the group, using `crypto/`'s randomness

func (*Point) Add 

func (p *Point) Add(pa, pb *Point) *Point

Add sets `p = p_a + p_b`, then returns `p`

func (*Point) AddPedersen 

func (p *Point) AddPedersen(a *Scalar, A *Point, b *Scalar, B *Point) *Point

AddPedersen computes a Pedersen commitment; it sets `p = aA + bB`, then returns `p`

func (*Point) Derive 

func (p *Point) Derive(pa *Point, a *Scalar, b *Scalar) *Point

Derive is a privacy-v1 legacy function; it performs the SN-derivation algorithm, then sets and returns `p`

func (*Point) FromBytes 

func (p *Point) FromBytes(bArr [32]byte) (*Point, error)

FromBytes unmarshals `p` from a byte array, then returns `p`

func (*Point) FromBytesS 

func (p *Point) FromBytesS(b []byte) (*Point, error)

FromBytesS unmarshals `p` from a byte slice, then returns `p`

func (Point) GetKey 

func (p Point) GetKey() [32]byte

GetKey is a legacy function & alias of `ToBytes`

func (*Point) Identity 

func (p *Point) Identity() *Point

Identity sets `p`'s value to identity

func (Point) IsIdentity 

func (p Point) IsIdentity() bool

IsIdentity checks if Point `p` is equal to identity

func (Point) MarshalText 

func (p Point) MarshalText() []byte

MarshalText returns the hex string representation of `p` but as bytes

func (*Point) MixedVarTimeMultiScalarMult 

func (p *Point) MixedVarTimeMultiScalarMult(scalarLs []*Scalar, pointLs []*Point, staticScalarLs []*Scalar, staticPointLs []PrecomputedPoint) *Point

MixedVarTimeMultiScalarMult is a multiscalar-mult variant that uses variable-time logic and takes static (precomputed) points in combination with dynamic points. The caller must pass scalar lists of matching length for dynamic & static points respectively.

func (*Point) MultiScalarMult 

func (p *Point) MultiScalarMult(scalarLs []*Scalar, pointLs []*Point) *Point

MultiScalarMult performs a multi-scalar multiplication on the group; sets and returns `p = sum(scalarLs[i] * pointLs[i])`. The caller must pass inputs of matching length to it.

func (*Point) PointValid 

func (p *Point) PointValid() bool

PointValid checks that `p` belongs to the group (p first needs to be a valid Point object)

func (*Point) ScalarMult 

func (p *Point) ScalarMult(pa *Point, a *Scalar) *Point

ScalarMultBase sets `p = a * p_a`, then returns `p`

func (*Point) ScalarMultBase 

func (p *Point) ScalarMultBase(a *Scalar) *Point

ScalarMultBase sets `p = a * G` where a is a scalar and G is the curve basepoint, then returns `p`

func (*Point) Set 

func (p *Point) Set(q *Point) *Point

Set sets the value of `p` to that of `q`, then returns `p`

func (*Point) SetKey 

func (p *Point) SetKey(bArr *[32]byte) (*Point, error)

SetKey is a legacy function & alias of `FromBytes`

func (Point) String 

func (p Point) String() string

String returns the hex string representation of `p`

func (*Point) Sub 

func (p *Point) Sub(pa, pb *Point) *Point

Sub sets `p = p_a - p_b`, then returns `p`

func (*Point) ToBytes 

func (p *Point) ToBytes() (result [32]byte)

ToBytes marshals `p` into a byte array

func (*Point) ToBytesS 

func (p *Point) ToBytesS() (result []byte)

ToBytesS marshals `p` into a byte slice

func (*Point) UnmarshalText 

func (p *Point) UnmarshalText(data []byte) (*Point, error)

UnmarshalText decodes a Point from its hex string form and sets `p` to it, then returns p

func (*Point) VarTimeMultiScalarMult 

func (p *Point) VarTimeMultiScalarMult(scalarLs []*Scalar, pointLs []*Point) *Point

VarTimeMultiScalarMult is a multiscalar-mult variant that uses variable-time logic instead of constant-time. The caller must pass inputs of matching length to it.

type PrecomputedPoint 

type PrecomputedPoint struct {
	// contains filtered or unexported fields
}

PrecomputedPoint wraps the struct edwards25519.PrecomputedPoint which stores precomputed field elements to speed up computation

func (*PrecomputedPoint) From 

func (pp *PrecomputedPoint) From(q *Point) *PrecomputedPoint

From populates this PrecomputedPoint to the value of Point p

type Scalar 

type Scalar struct {
	// contains filtered or unexported fields
}

Scalar is a wrapper for `edwards25519.Scalar`, representing an integer modulo group order

func HashToScalar 

func HashToScalar(data []byte) *Scalar

HashToScalar creates a Scalar using the bytes from `data` by first hashing it

func NewScalar 

func NewScalar() *Scalar

NewScalar returns a new zero scalar

func RandomScalar 

func RandomScalar() *Scalar

RandomScalar returns a random Scalar, generated using `crypto/`'s randomness

func (*Scalar) Add 

func (sc *Scalar) Add(a, b *Scalar) *Scalar

Add sets `sc = a + b` (modulo l), then returns `sc`

func (*Scalar) FromBytes 

func (sc *Scalar) FromBytes(bArr [32]byte) *Scalar

FromBytes unmarshals `sc` from a byte array, then returns `sc`

func (*Scalar) FromBytesS 

func (sc *Scalar) FromBytesS(b []byte) *Scalar

FromBytesS unmarshals `sc` from a byte slice, then returns `sc`

func (*Scalar) FromUint64 

func (sc *Scalar) FromUint64(i uint64) *Scalar

FromUint64 sets the value of `sc` to that of `i`

func (*Scalar) Invert 

func (sc *Scalar) Invert(a *Scalar) *Scalar

func (*Scalar) IsZero 

func (sc *Scalar) IsZero() bool

IsZero checks if `sc` equals zero

func (Scalar) MarshalText 

func (sc Scalar) MarshalText() []byte

MarshalText returns the hex string representation of `sc` but as bytes

func (*Scalar) Mul 

func (sc *Scalar) Mul(a, b *Scalar) *Scalar

Mul sets `sc = a * b` (modulo l), then returns `sc`

func (*Scalar) MulAdd 

func (sc *Scalar) MulAdd(a, b, c *Scalar) *Scalar

MulAdd sets `sc = a * b + c` (modulo l), then returns `sc`

func (*Scalar) Negate 

func (sc *Scalar) Negate(a *Scalar) *Scalar

Negate sets `sc` to `-a` (modulo l), then returns `sc`

func (*Scalar) ScalarValid 

func (sc *Scalar) ScalarValid() bool

ScalarValid checks the validity of `sc` for use in group operations

func (*Scalar) Set 

func (sc *Scalar) Set(a *Scalar) *Scalar

Set sets the value of `sc` to that of `a`, then returns `sc`

func (*Scalar) SetKey 

func (sc *Scalar) SetKey(a *[32]byte) (*Scalar, error)

SetKey is a legacy function

func (Scalar) String 

func (sc Scalar) String() string

String returns the hex string representation of `sc`

func (*Scalar) Sub 

func (sc *Scalar) Sub(a, b *Scalar) *Scalar

Sub sets `sc = a - b` (modulo l), then returns `sc`

func (Scalar) ToBytes 

func (sc Scalar) ToBytes() (result [32]byte)

ToBytes marshals `sc` into a byte array

func (Scalar) ToBytesS 

func (sc Scalar) ToBytesS() []byte

ToBytesS marshals `sc` into a byte slice

func (*Scalar) ToUint64Little 

func (sc *Scalar) ToUint64Little() uint64

ToUint64Little returns the value of `sc` as uint64. The value needs to be in range or this outputs zero.

func (*Scalar) UnmarshalText 

func (sc *Scalar) UnmarshalText(data []byte) (*Scalar, error)

UnmarshalText decodes a Scalar from its hex string form and sets `sc` to it, then returns `sc`

Source Files

View all Source files

Directories

Path Synopsis
Package edwards25519 implements group logic for the twisted Edwards curve
 Package edwards25519 implements group logic for the twisted Edwards curve
field
Package field implements fast arithmetic modulo 2^255-19.
 Package field implements fast arithmetic modulo 2^255-19.
v1
curve25519

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.