eddsa

package
v0.8.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 4, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package eddsa provides a ZKP-circuit function to verify a EdDSA signature.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Verify

func Verify(curve twistededwards.Curve, sig Signature, msg frontend.Variable, pubKey PublicKey, hash hash.Hash) error

Verify verifies an eddsa signature using MiMC hash function cf https://en.wikipedia.org/wiki/EdDSA

Types

type PublicKey

type PublicKey struct {
	A twistededwards.Point
}

PublicKey stores an eddsa public key (to be used in gnark circuit)

func (*PublicKey) Assign

func (p *PublicKey) Assign(curveID ecc.ID, buf []byte)

Assign is a helper to assigned a compressed binary public key representation into its uncompressed form

type Signature

type Signature struct {
	R twistededwards.Point
	S frontend.Variable
}

Signature stores a signature (to be used in gnark circuit) An EdDSA signature is a tuple (R,S) where R is a point on the twisted Edwards curve and S a scalar. Since the base field of the twisted Edwards is Fr, the number of points N on the Edwards is < r+1+2sqrt(r)+2 (since the curve has 2 points of multiplicity 2). The subgroup l used in eddsa is <1/2N, so the reduction mod l ensures S < r, therefore there is no risk of overflow.

func (*Signature) Assign

func (s *Signature) Assign(curveID ecc.ID, buf []byte)

Assign is a helper to assigned a compressed binary signature representation into its uncompressed form

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL