Documentation
¶
Index ¶
- Variables
- func DivMod(n, m, p *big.Int) *big.Int
- func FmtKecBytes(in *big.Int, rolen int) (buf []byte)
- func MaskBits(mask, wordSize int, slice []byte) (ret []byte)
- type CurveOption
- type StarkCurve
- func (sc StarkCurve) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int)
- func (sc StarkCurve) ComputeHashOnElements(elems []*big.Int) (hash *big.Int, err error)
- func (sc StarkCurve) Double(x1, y1 *big.Int) (x, y *big.Int)
- func (sc StarkCurve) EcMult(m, x1, y1 *big.Int) (x, y *big.Int)
- func (sc StarkCurve) GenerateSecret(msgHash, privKey, seed *big.Int) (secret *big.Int)
- func (sc StarkCurve) GetRandomPrivateKey() (priv *big.Int, err error)
- func (sc StarkCurve) GetYCoordinate(starkX *big.Int) *big.Int
- func (sc StarkCurve) HashElements(elems []*big.Int) (hash *big.Int, err error)
- func (sc StarkCurve) InvModCurveSize(x *big.Int) *big.Int
- func (sc StarkCurve) IsOnCurve(x, y *big.Int) bool
- func (sc StarkCurve) MimicEcMultAir(mout, x1, y1, x2, y2 *big.Int) (x *big.Int, y *big.Int, err error)
- func (sc StarkCurve) PedersenHash(elems []*big.Int) (hash *big.Int, err error)
- func (sc StarkCurve) PoseidonArray(felts ...*felt.Felt) *felt.Felt
- func (sc StarkCurve) PrivateToPoint(privKey *big.Int) (x, y *big.Int, err error)
- func (sc StarkCurve) ScalarBaseMult(k []byte) (x, y *big.Int)
- func (sc StarkCurve) ScalarMult(x1, y1 *big.Int, k []byte) (x, y *big.Int)
- func (sc StarkCurve) Sign(msgHash, privKey *big.Int, seed ...*big.Int) (x, y *big.Int, err error)
- func (sc StarkCurve) SignFelt(msgHash, privKey *felt.Felt) (*felt.Felt, *felt.Felt, error)
- func (sc StarkCurve) StarknetKeccak(b []byte) (*felt.Felt, error)
- func (sc StarkCurve) Verify(msgHash, r, s, pubX, pubY *big.Int) bool
- type StarkCurvePayload
Constants ¶
This section is empty.
Variables ¶
var PedersenParamsRaw []byte
Functions ¶
func DivMod ¶
DivMod calculates the quotient and remainder of a division operation between two big integers (0 <= x < p such that (m * x) % p == n). (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/math_utils.py#L50)
Parameters: - n: a pointer to a big integer representing the dividend - m: a pointer to a big integer representing the divisor - p: a pointer to a big integer representing the modulus Returns: - *big.Int: a pointer to a big integer representing the remainder of the division operation.
func FmtKecBytes ¶
FmtKecBytes formats a big integer into a Keccak hash.
Parameters: - in: a pointer to a big.Int - rolen: an integer representing the desired length of the output byte slice Returns: - buf: a byte slice containing the formatted Keccak hash
func MaskBits ¶
MaskBits masks the specified (excess) bits in a byte slice.
Parameters: - mask: is an integer representing the number of bits to mask - wordSize: is an integer representing the number of bits in each element of the slice - slice: is a byte slice on which the masking operation is performed Returns: - []byte: a new byte slice that contains the masked bits
Types ¶
type CurveOption ¶
type CurveOption interface {
// contains filtered or unexported methods
}
func WithConstants ¶
func WithConstants(paramsPath ...string) CurveOption
WithConstants creates a CurveOption (a curve initialized with constant points) that initializes the constants of the curve.
Parameters: - paramsPath: a variadic parameter of type string, representing the path(s) to the parameters Returns: - a new instance of CurveOption
type StarkCurve ¶
type StarkCurve struct {
*elliptic.CurveParams
EcGenX *big.Int
EcGenY *big.Int
MinusShiftPointX *big.Int
MinusShiftPointY *big.Int
Max *big.Int
Alpha *big.Int
ConstantPoints [][]*big.Int
}
Returned stark curve includes several values above and beyond what the 'elliptic' interface calls for to facilitate common starkware functions
var Curve StarkCurve
func (StarkCurve) Add ¶
func (sc StarkCurve) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int)
Add computes the sum of two points on the StarkCurve. Assumes affine form (x, y) is spread (x1 *big.Int, y1 *big.Int) (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/math_utils.py#L59)
Parameters: - x1, y1: The coordinates of the first point as pointers to big.Int on the curve - x2, y2: The coordinates of the second point as pointers to big.Int on the curve Returns: - x, y: two pointers to big.Int, representing the x and y coordinates of the sum of the two input points
func (StarkCurve) ComputeHashOnElements ¶
ComputeHashOnElements computes the hash on the given elements using a golang Pedersen Hash implementation. (ref: https://github.com/starkware-libs/cairo-lang/blob/13cef109cd811474de114925ee61fd5ac84a25eb/src/starkware/cairo/common/hash_state.py#L6)
The function appends the length of `elems` to the slice and then calls the `HashElements` method of the `Curve` struct, passing in `elems` as an argument. The resulting hash and any error that occurred during computation are returned.
Parameters: - elems: slice of big.Int pointers to be hashed Returns: - hash: The hash of the list of elements - err: An error if any
func (StarkCurve) Double ¶
func (sc StarkCurve) Double(x1, y1 *big.Int) (x, y *big.Int)
Double calculates the double of a point on a StarkCurve (equation y^2 = x^3 + alpha*x + beta mod p). Assumes affine form (x, y) is spread (x1 *big.Int, y1 *big.Int) (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/math_utils.py#L79)
The function takes two pointers to big.Int values, x1 and y1, which represent the coordinates of the point to be doubled on the StarkCurve. It returns two pointers to big.Int values, x and y, which represent the coordinates of the resulting point after the doubling operation.
Parameters: - x1, y1: The coordinates of the point to be doubled on the StarkCurve. Returns: - x, y: two pointers to big.Int, representing the x and y coordinates of the resulting point
func (StarkCurve) EcMult ¶
func (sc StarkCurve) EcMult(m, x1, y1 *big.Int) (x, y *big.Int)
EcMult multiplies a point (equation y^2 = x^3 + alpha*x + beta mod p) on the StarkCurve by a scalar value. Assumes affine form (x, y) is spread (x1 *big.Int, y1 *big.Int) and that 0 < m < order(point). (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/math_utils.py#L91)
Parameters: - m: The scalar value to multiply the point by. - x1, y1: The coordinates of the point on the curve. Returns: - x, y: The coordinates of the resulting point after multiplication.
func (StarkCurve) GenerateSecret ¶
func (sc StarkCurve) GenerateSecret(msgHash, privKey, seed *big.Int) (secret *big.Int)
GenerateSecret generates a secret using the StarkCurve struct. implementation based on https://github.com/codahale/rfc6979/blob/master/rfc6979.go for the specification, see https://tools.ietf.org/html/rfc6979#section-3.2
Parameters: - msgHash: a pointer to a big.Int representing the message hash - privKey: a pointer to a big.Int representing the private key - seed: a pointer to a big.Int representing the seed Returns: - secret: a pointer to a big.Int representing the generated secret
func (StarkCurve) GetRandomPrivateKey ¶
func (sc StarkCurve) GetRandomPrivateKey() (priv *big.Int, err error)
GetRandomPrivateKey generates a random private key for the StarkCurve struct. NOTE: to be used for testing purposes
Parameters: - none Returns: - priv: a pointer to a big.Int representing the generated private key - err: an error if any
func (StarkCurve) GetYCoordinate ¶
func (sc StarkCurve) GetYCoordinate(starkX *big.Int) *big.Int
GetYCoordinate calculates the y-coordinate of a point on the StarkCurve. (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/signature.py#L84) point (x,y) is on the curve. Note: the real y coordinate is either y or -y.
Parameters: - starkX: The x-coordinate of the point Returns: - *big.Int: The calculated y-coordinate of the point a possible y coordinate such that together the point (x,y) is on the curve Note: the real y coordinate is either y or -y
func (StarkCurve) HashElements ¶
HashElements calculates the hash of a list of elements using the StarkCurve struct and a golang Pedersen Hash. (ref: https://github.com/seanjameshan/starknet.js/blob/main/src/utils/ellipticCurve.ts)
Parameters: - elems: slice of big.Int pointers to be hashed Returns: - hash: The hash of the list of elements - err: An error if any
func (StarkCurve) InvModCurveSize ¶
func (sc StarkCurve) InvModCurveSize(x *big.Int) *big.Int
InvModCurveSize calculates the inverse modulus of a given big integer 'x' with respect to the StarkCurve 'sc'. (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/math_utils.py)
Parameters: - x: The big integer to calculate the inverse modulus for Returns: - The inverse modulus of 'x' with respect to 'sc.N'
func (StarkCurve) IsOnCurve ¶
func (sc StarkCurve) IsOnCurve(x, y *big.Int) bool
IsOnCurve checks if the given point (x, y) lies on the curve defined by the StarkCurve instance.
Parameters: - x: the x-coordinate of the point - y: the y-coordinate of the point Return type: bool
func (StarkCurve) MimicEcMultAir ¶
func (sc StarkCurve) MimicEcMultAir(mout, x1, y1, x2, y2 *big.Int) (x *big.Int, y *big.Int, err error)
MimicEcMultAir performs a computation on the StarkCurve struct (m * point + shift_point) using the same steps like the AIR. (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/signature.py#L176) AIR : Algebraic Intermediate Representation of computation
Parameters: - mout: a pointer to a big.Int variable - x1, y1: a pointer to a big.Int point on the curve - x2, y2: a pointer to a big.Int point on the curve Returns: - x, y: a pointer to a big.Int point on the curve - err: an error if any
func (StarkCurve) PedersenHash ¶
PedersenHash calculates the Pedersen hash of the given elements. NOTE: This function assumes the curve has been initialized with constant points (ref: https://github.com/seanjameshan/starknet.js/blob/main/src/utils/ellipticCurve.ts)
The function requires that the precomputed constant points have been initiated. If the length of `sc.ConstantPoints` is zero, an error is returned. The function iterates over the elements in `elems` and performs the Pedersen hash calculation. For each element, it checks if the value is within the valid range. If the value is invalid, an error is returned. For each bit in the element, the function performs an addition operation on `ptx` and `pty` using the corresponding constant point from the precomputed constant points. If the constant point is a duplicate of `ptx`, an error is returned. The function returns the resulting hash and a nil error if the calculation is successful. Otherwise, it returns `ptx` and an error describing the issue encountered.
Parameters: - elems: An array of big integers representing the elements to hash. Returns: - hash: The resulting Pedersen hash as a big integer. - err: An error, if any, encountered during the calculation.
func (StarkCurve) PoseidonArray ¶
func (sc StarkCurve) PoseidonArray(felts ...*felt.Felt) *felt.Felt
PoseidonArray is a function that takes a variadic number of felt.Felt pointers as parameters and NOTE: This function just wraps the Juno implementation (ref: https://github.com/NethermindEth/juno/blob/main/core/crypto/poseidon_hash.go#L74) calls the PoseidonArray function from the junoCrypto package with the provided parameters.
Parameters: - felts: A variadic number of pointers to felt.Felt Returns: - *felt.Felt: pointer to a felt.Felt
func (StarkCurve) PrivateToPoint ¶
PrivateToPoint generates a point on the StarkCurve from a private key.
It takes a private key as a parameter and returns the x and y coordinates of the generated point on the curve. If the private key is not within the range of the curve, it returns an error.
Parameters: - privKey: The private key used to generate the point Return values: - x: The x coordinate of the generated point - y: The y coordinate of the generated point - err: An error if the private key is not within the curve range
func (StarkCurve) ScalarBaseMult ¶
func (sc StarkCurve) ScalarBaseMult(k []byte) (x, y *big.Int)
ScalarBaseMult returns the result of multiplying the base point of the StarkCurve by the given scalar value.
Parameters: - k: The scalar value to multiply the base point by Returns: - x: The x-coordinate of the resulting point - y: The y-coordinate of the resulting point
func (StarkCurve) ScalarMult ¶
ScalarMult performs scalar multiplication on a point (x1, y1) with a scalar value k.
Parameters: - x1: The x-coordinate of the point to be multiplied. - y1: The y-coordinate of the point to be multiplied. - k: The scalar value to multiply the point with. Returns: - x: The x-coordinate of the resulting point. - y: The y-coordinate of the resulting point.
func (StarkCurve) Sign ¶
Sign calculates the signature of a message using the StarkCurve algorithm. Secret is generated using a golang implementation of RFC 6979. Implementation does not yet include "extra entropy" or "retry gen". (ref: https://datatracker.ietf.org/doc/html/rfc6979)
Parameters: - msgHash: The hash of the message to be signed - privKey: The private key used for signing - seed: (Optional) Additional seed values used for generating the secret Returns: - x, y: The coordinates of the signature point on the curve - err: An error if any occurred during the signing process
func (StarkCurve) SignFelt ¶
SignFelt signs a message hash with a private key using the StarkCurve. just wraps Sign (previous function).
Parameters: - msgHash: the message hash to be signed - privKey: the private key used for signing Returns: - xFelt: The x-coordinate of the signed message - yFelt: The y-coordinate of the signed message - error: An error if the signing process fails
func (StarkCurve) StarknetKeccak ¶
func (sc StarkCurve) StarknetKeccak(b []byte) (*felt.Felt, error)
StarknetKeccak computes the Starknet Keccak hash of the given byte slice. NOTE: This function just wraps the Juno implementation (ref: https://github.com/NethermindEth/juno/blob/main/core/crypto/keccak.go#L11)
Parameters: - b: The byte slice to hash Returns: - *felt.Felt: pointer to a felt.Felt - error: An error if any
func (StarkCurve) Verify ¶
func (sc StarkCurve) Verify(msgHash, r, s, pubX, pubY *big.Int) bool
Verify verifies the validity of the signature for a given message hash using the StarkCurve. (ref: https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/crypto/signature/signature.py#L217)
Parameters: - msgHash: The message hash to be verified - r: The r component of the signature - s: The s component of the signature - pubX: The x-coordinate of the public key used for verification - pubY: The y-coordinate of the public key used for verification Returns: - bool: true if the signature is valid, false otherwise
type StarkCurvePayload ¶
type StarkCurvePayload struct {
License []string `json:"_license"`
Comment string `json:"_comment"`
FieldPrime *big.Int `json:"FIELD_PRIME"`
FieldGen int `json:"FIELD_GEN"`
EcOrder *big.Int `json:"EC_ORDER"`
Alpha int64 `json:"ALPHA"`
Beta *big.Int `json:"BETA"`
ConstantPoints [][]*big.Int `json:"CONSTANT_POINTS"`
}
struct definition for parsing 'pedersen_params.json'
var PedersenParams StarkCurvePayload
Source Files