From 0b73463b5af450624e01a8c483ac55def7629221 Mon Sep 17 00:00:00 2001 From: benesjan Date: Tue, 9 Jul 2024 12:24:39 +0000 Subject: [PATCH] WIP --- .../aztec/src/encrypted_logs/header.nr | 6 ++--- .../aztec/src/encrypted_logs/incoming_body.nr | 11 ++++---- .../aztec/src/encrypted_logs/outgoing_body.nr | 25 +++++++++---------- .../aztec/src/encrypted_logs/payload.nr | 10 ++++---- .../aztec/src/keys/point_to_symmetric_key.nr | 15 +++++------ .../contracts/avm_test_contract/src/main.nr | 8 +++--- .../src/types/token_note.nr | 22 ++++++++-------- .../contracts/test_contract/src/main.nr | 10 ++++---- .../contracts/test_log_contract/src/main.nr | 4 +-- .../src/private_kernel_reset.nr | 6 ++--- .../src/private_kernel_tail.nr | 2 +- .../private_validation_request_processor.nr | 3 +-- .../src/reset/key_validation_hint.nr | 8 +++--- .../crates/types/src/embedded_curve_scalar.nr | 8 ------ .../crates/types/src/lib.nr | 2 +- .../crates/types/src/scalar.nr | 16 ++++++++++++ .../l1_payload/encrypted_log_outgoing_body.ts | 4 +-- .../circuits.js/src/keys/derivation.ts | 2 +- .../foundation/src/fields/fields.test.ts | 4 +-- yarn-project/foundation/src/fields/fields.ts | 4 +-- yarn-project/key-store/src/key_store.ts | 8 +++--- .../src/type_conversion.ts | 6 ++--- .../src/avm/opcodes/multi_scalar_mul.test.ts | 4 +-- 23 files changed, 95 insertions(+), 93 deletions(-) delete mode 100644 noir-projects/noir-protocol-circuits/crates/types/src/embedded_curve_scalar.nr create mode 100644 noir-projects/noir-protocol-circuits/crates/types/src/scalar.nr diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr index 8d36fdb57d5..0737cd62a42 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr @@ -1,4 +1,4 @@ -use dep::protocol_types::{address::AztecAddress, embedded_curve_scalar::EmbeddedCurveScalar, point::Point}; +use dep::protocol_types::{address::AztecAddress, scalar::Scalar, point::Point}; use crate::keys::point_to_symmetric_key::point_to_symmetric_key; @@ -13,7 +13,7 @@ impl EncryptedLogHeader { EncryptedLogHeader { address } } - fn compute_ciphertext(self, secret: EmbeddedCurveScalar, point: Point) -> [u8; 48] { + fn compute_ciphertext(self, secret: Scalar, point: Point) -> [u8; 48] { let full_key = point_to_symmetric_key(secret, point); let mut sym_key = [0; 16]; let mut iv = [0; 16]; @@ -32,7 +32,7 @@ impl EncryptedLogHeader { fn test_encrypted_log_header() { let address = AztecAddress::from_field(0xdeadbeef); let header = EncryptedLogHeader::new(address); - let secret = EmbeddedCurveScalar::new( + let secret = Scalar::new( 0x0000000000000000000000000000000023b3127c127b1f29a7adff5cccf8fb06, 0x00000000000000000000000000000000649e7ca01d9de27b21624098b897babd ); diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/incoming_body.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/incoming_body.nr index 80de101495e..9336c1f6396 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/incoming_body.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/incoming_body.nr @@ -1,6 +1,6 @@ use crate::note::note_interface::NoteInterface; use crate::event::event_interface::EventInterface; -use dep::protocol_types::{embedded_curve_scalar::EmbeddedCurveScalar, point::Point}; +use dep::protocol_types::{scalar::Scalar, point::Point}; use std::aes128::aes128_encrypt; use crate::keys::point_to_symmetric_key::point_to_symmetric_key; @@ -20,7 +20,7 @@ impl EncryptedLogIncomingBody { EncryptedLogIncomingBody { plaintext } } - pub fn compute_ciphertext(self, eph_sk: EmbeddedCurveScalar, ivpk_app: Point) -> [u8] { + pub fn compute_ciphertext(self, eph_sk: Scalar, ivpk_app: Point) -> [u8] { let full_key = point_to_symmetric_key(eph_sk, ivpk_app); let mut sym_key = [0; 16]; let mut iv = [0; 16]; @@ -37,8 +37,7 @@ mod test { use crate::encrypted_logs::incoming_body::EncryptedLogIncomingBody; use dep::protocol_types::{ address::AztecAddress, traits::Empty, constants::GENERATOR_INDEX__NOTE_NULLIFIER, - embedded_curve_scalar::EmbeddedCurveScalar, point::Point, traits::Serialize, - abis::event_selector::EventSelector + scalar::Scalar, point::Point, traits::Serialize, abis::event_selector::EventSelector }; use crate::{ @@ -119,7 +118,7 @@ mod test { let storage_slot = 2; - let eph_sk = EmbeddedCurveScalar::new( + let eph_sk = Scalar::new( 0x0000000000000000000000000000000023b3127c127b1f29a7adff5cccf8fb06, 0x00000000000000000000000000000000649e7ca01d9de27b21624098b897babd ); @@ -218,7 +217,7 @@ mod test { fn test_encrypted_log_event_incoming_body() { let test_event = TestEvent { value0: 1, value1: 2, value2: 3 }; - let eph_sk = EmbeddedCurveScalar::new( + let eph_sk = Scalar::new( 0x0000000000000000000000000000000023b3127c127b1f29a7adff5cccf8fb06, 0x00000000000000000000000000000000649e7ca01d9de27b21624098b897babd ); diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/outgoing_body.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/outgoing_body.nr index a068fb500cc..33485246822 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/outgoing_body.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/outgoing_body.nr @@ -1,6 +1,6 @@ use dep::protocol_types::{ - address::AztecAddress, embedded_curve_scalar::EmbeddedCurveScalar, point::Point, - constants::GENERATOR_INDEX__SYMMETRIC_KEY, hash::poseidon2_hash + address::AztecAddress, scalar::Scalar, point::Point, constants::GENERATOR_INDEX__SYMMETRIC_KEY, + hash::poseidon2_hash }; use std::aes128::aes128_encrypt; @@ -8,25 +8,24 @@ use std::aes128::aes128_encrypt; use crate::keys::point_to_symmetric_key::point_to_symmetric_key; struct EncryptedLogOutgoingBody { - eph_sk: EmbeddedCurveScalar, + eph_sk: Scalar, recipient: AztecAddress, recipient_ivpk_app: Point, } impl EncryptedLogOutgoingBody { - pub fn new(eph_sk: EmbeddedCurveScalar, recipient: AztecAddress, recipient_ivpk_app: Point) -> Self { + pub fn new(eph_sk: Scalar, recipient: AztecAddress, recipient_ivpk_app: Point) -> Self { Self { eph_sk, recipient, recipient_ivpk_app } } - pub fn compute_ciphertext(self, ovsk_app: EmbeddedCurveScalar, eph_pk: Point) -> [u8; 176] { + pub fn compute_ciphertext(self, ovsk_app: Scalar, eph_pk: Point) -> [u8; 176] { // Again, we could compute `eph_pk` here, but we keep the interface more similar // and also make it easier to optimise it later as we just pass it along let mut buffer: [u8; 160] = [0; 160]; - let serialized_eph_sk: [Field; 2] = self.eph_sk.serialize(); - let serialized_eph_sk_high = serialized_eph_sk[0].to_be_bytes(32); - let serialized_eph_sk_low = serialized_eph_sk[1].to_be_bytes(32); + let serialized_eph_sk_high = self.eph_sk.hi.to_be_bytes(32); + let serialized_eph_sk_low = self.eph_sk.lo.to_be_bytes(32); let address_bytes = self.recipient.to_field().to_be_bytes(32); let serialized_recipient_ivpk_app = self.recipient_ivpk_app.serialize(); @@ -44,7 +43,7 @@ impl EncryptedLogOutgoingBody { // We compute the symmetric key using poseidon. let full_key: [u8; 32] = poseidon2_hash( [ - ovsk_app.high, ovsk_app.low, eph_pk.x, eph_pk.y, + ovsk_app.hi, ovsk_app.lo, eph_pk.x, eph_pk.y, GENERATOR_INDEX__SYMMETRIC_KEY as Field ] ).to_be_bytes(32).as_array(); @@ -64,22 +63,22 @@ mod test { use crate::encrypted_logs::outgoing_body::EncryptedLogOutgoingBody; use dep::protocol_types::{ address::AztecAddress, traits::Empty, constants::GENERATOR_INDEX__NOTE_NULLIFIER, - embedded_curve_scalar::EmbeddedCurveScalar, point::Point, hash::poseidon2_hash + scalar::Scalar, point::Point, hash::poseidon2_hash }; use crate::context::PrivateContext; #[test] fn test_encrypted_log_outgoing_body() { - let eph_sk = EmbeddedCurveScalar::new( + let eph_sk = Scalar::new( 0x000000000000000000000000000000000f096b423017226a18461115fa8d34bb, 0x00000000000000000000000000000000d0d302ee245dfaf2807e604eec4715fe ); - let recipient_ivsk_app = EmbeddedCurveScalar::new( + let recipient_ivsk_app = Scalar::new( 0x000000000000000000000000000000000f4d97c25d578f9348251a71ca17ae31, 0x000000000000000000000000000000004828f8f95676ebb481df163f87fd4022 ); - let sender_ovsk_app = EmbeddedCurveScalar::new( + let sender_ovsk_app = Scalar::new( 0x00000000000000000000000000000000089c6887cb1446d86c64e81afc78048b, 0x0000000000000000000000000000000074d2e28c6bc5176ac02cf7c7d36a444e ); diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr index a7190786ef2..37c853c90a0 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr @@ -1,5 +1,5 @@ use dep::protocol_types::{ - address::AztecAddress, embedded_curve_scalar::EmbeddedCurveScalar, point::{Point, pub_key_to_bytes}, + address::AztecAddress, scalar::Scalar, point::{Point, pub_key_to_bytes}, constants::{GENERATOR_INDEX__IVSK_M, GENERATOR_INDEX__OVSK_M}, hash::poseidon2_hash }; @@ -24,7 +24,7 @@ pub fn compute_encrypted_event_log( event: Event ) -> [u8; OB] where Event: EventInterface { // @todo Need to draw randomness from the full domain of Fq not only Fr - let eph_sk: EmbeddedCurveScalar = fr_to_private_key(unsafe_rand()); + let eph_sk: Scalar = fr_to_private_key(unsafe_rand()); let eph_pk = eph_sk.derive_public_key(); // TODO: (#7177) This value needs to be populated! @@ -81,7 +81,7 @@ pub fn compute_encrypted_note_log( note: Note ) -> [u8; M] where Note: NoteInterface { // @todo Need to draw randomness from the full domain of Fq not only Fr - let eph_sk: EmbeddedCurveScalar = fr_to_private_key(unsafe_rand()); + let eph_sk: Scalar = fr_to_private_key(unsafe_rand()); let eph_pk = eph_sk.derive_public_key(); // TODO: (#7177) This value needs to be populated! @@ -129,7 +129,7 @@ pub fn compute_encrypted_note_log( encrypted_bytes } -fn fr_to_private_key(r: Field) -> EmbeddedCurveScalar { +fn fr_to_private_key(r: Field) -> Scalar { let r_bytes = r.to_be_bytes(32); let mut high_bytes = [0; 32]; @@ -143,7 +143,7 @@ fn fr_to_private_key(r: Field) -> EmbeddedCurveScalar { let low = bytes32_to_field(low_bytes); let high = bytes32_to_field(high_bytes); - EmbeddedCurveScalar::new(high, low) + Scalar::new(high, low) } fn compute_ivpk_app(ivpk: Point, contract_address: AztecAddress) -> Point { diff --git a/noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr b/noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr index 74bc7457193..6e6f0e3e01a 100644 --- a/noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr +++ b/noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr @@ -1,16 +1,13 @@ use dep::protocol_types::{ - constants::GENERATOR_INDEX__SYMMETRIC_KEY, embedded_curve_scalar::EmbeddedCurveScalar, - point::{Point, pub_key_to_bytes}, utils::arr_copy_slice + constants::GENERATOR_INDEX__SYMMETRIC_KEY, scalar::Scalar, point::{Point, pub_key_to_bytes}, + utils::arr_copy_slice }; -use std::{hash::sha256, embedded_curve_ops::{EmbeddedCurveScalar, multi_scalar_mul}}; +use std::{hash::sha256, embedded_curve_ops::multi_scalar_mul}; // TODO(#5726): This function is called deriveAESSecret in TS. I don't like point_to_symmetric_key name much since // point is not the only input of the function. Unify naming with TS once we have a better name. -pub fn point_to_symmetric_key(secret: EmbeddedCurveScalar, point: Point) -> [u8; 32] { - let shared_secret_fields = multi_scalar_mul( - [Point { x: point.x, y: point.y, is_infinite: false }], - [EmbeddedCurveScalar { lo: secret.low, hi: secret.high }] - ); +pub fn point_to_symmetric_key(secret: Scalar, point: Point) -> [u8; 32] { + let shared_secret_fields = multi_scalar_mul([point], [secret]); // TODO(https://github.com/AztecProtocol/aztec-packages/issues/6061): make the func return Point struct directly let shared_secret = pub_key_to_bytes(Point::new(shared_secret_fields[0], shared_secret_fields[1], false)); let mut shared_secret_bytes_with_separator = [0 as u8; 65]; @@ -22,7 +19,7 @@ pub fn point_to_symmetric_key(secret: EmbeddedCurveScalar, point: Point) -> [u8; #[test] fn check_point_to_symmetric_key() { // Value taken from "derive shared secret" test in encrypt_buffer.test.ts - let secret = EmbeddedCurveScalar::new( + let secret = Scalar::new( 0x0000000000000000000000000000000023b3127c127b1f29a7adff5cccf8fb06, 0x00000000000000000000000000000000649e7ca01d9de27b21624098b897babd ); diff --git a/noir-projects/noir-contracts/contracts/avm_test_contract/src/main.nr b/noir-projects/noir-contracts/contracts/avm_test_contract/src/main.nr index 02d2de9fabb..cb7aef45b53 100644 --- a/noir-projects/noir-contracts/contracts/avm_test_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/avm_test_contract/src/main.nr @@ -24,11 +24,11 @@ contract AvmTest { global big_field_136_bits: Field = 0x991234567890abcdef1234567890abcdef; // Libs - use std::embedded_curve_ops::{EmbeddedCurveScalar, multi_scalar_mul}; + use std::embedded_curve_ops::multi_scalar_mul; use dep::aztec::protocol_types::constants::CONTRACT_INSTANCE_LENGTH; use dep::aztec::prelude::{Map, Deserialize}; use dep::aztec::state_vars::PublicMutable; - use dep::aztec::protocol_types::{address::{AztecAddress, EthAddress}, constants::L1_TO_L2_MESSAGE_LENGTH, point::Point}; + use dep::aztec::protocol_types::{address::{AztecAddress, EthAddress}, constants::L1_TO_L2_MESSAGE_LENGTH, point::Point, scalar::Scalar}; use dep::aztec::oracle::get_contract_instance::{get_contract_instance_avm, get_contract_instance_internal_avm}; use dep::aztec::protocol_types::abis::function_selector::FunctionSelector; use dep::aztec::context::gas::GasOpts; @@ -147,8 +147,8 @@ contract AvmTest { #[aztec(public)] fn variable_base_msm() -> [Field; 3] { let g = Point { x: 1, y: 17631683881184975370165255887551781615748388533673675138860, is_infinite: false }; - let scalar = EmbeddedCurveScalar { lo: 3, hi: 0 }; - let scalar2 = EmbeddedCurveScalar { lo: 20, hi: 0 }; + let scalar = Scalar { lo: 3, hi: 0 }; + let scalar2 = Scalar { lo: 20, hi: 0 }; let triple_g = multi_scalar_mul([g, g], [scalar, scalar2]); triple_g } diff --git a/noir-projects/noir-contracts/contracts/private_token_contract/src/types/token_note.nr b/noir-projects/noir-contracts/contracts/private_token_contract/src/types/token_note.nr index 21f99a36c40..0be1dc18f52 100644 --- a/noir-projects/noir-contracts/contracts/private_token_contract/src/types/token_note.nr +++ b/noir-projects/noir-contracts/contracts/private_token_contract/src/types/token_note.nr @@ -1,11 +1,11 @@ use dep::aztec::{ prelude::{AztecAddress, NoteHeader, NoteInterface, PrivateContext}, - protocol_types::{constants::GENERATOR_INDEX__NOTE_NULLIFIER, point::Point, hash::poseidon2_hash}, + protocol_types::{constants::GENERATOR_INDEX__NOTE_NULLIFIER, point::Point, scalar::Scalar, hash::poseidon2_hash}, note::utils::compute_note_hash_for_consumption, oracle::unsafe_rand::unsafe_rand, keys::getters::get_nsk_app, note::note_getter_options::PropertySelector }; use dep::std::field::bn254::decompose; -use dep::std::embedded_curve_ops::{EmbeddedCurveScalar, multi_scalar_mul, fixed_base_scalar_mul}; +use dep::std::embedded_curve_ops::multi_scalar_mul; trait OwnedNote { fn new(amount: U128, owner_npk_m_hash: Field) -> Self; @@ -80,15 +80,15 @@ impl NoteInterface for TokenNote { // by leveraging homomorphism. multi_scalar_mul( [G1, G1, G1], - [EmbeddedCurveScalar { + [Scalar { lo: self.amount.to_integer(), hi: 0 }, - EmbeddedCurveScalar { + Scalar { lo: npk_lo, hi: npk_hi }, - EmbeddedCurveScalar { + Scalar { lo: random_lo, hi: random_hi, }] @@ -204,11 +204,11 @@ impl PrivatelyRefundable for TokenNote { // 2. Now that we have correct representationsn of fee payer and randomness we can compute `G ^ (fee_payer_npk + randomness)` let incomplete_fee_payer_point = multi_scalar_mul( [G1, G1], - [EmbeddedCurveScalar { + [Scalar { lo: fee_payer_npk_m_hash_lo, hi: fee_payer_npk_m_hash_hi }, - EmbeddedCurveScalar { + Scalar { lo: fee_payer_randomness_lo, hi: fee_payer_randomness_hi }] @@ -223,15 +223,15 @@ impl PrivatelyRefundable for TokenNote { // 4. We compute `G ^ (user_npk_m_hash + funded_amount + randomness)` let incomplete_user_point = multi_scalar_mul( [G1, G1, G1], - [EmbeddedCurveScalar { + [Scalar { lo: user_lo, hi: user_hi }, - EmbeddedCurveScalar { + Scalar { lo: funded_amount_lo, hi: funded_amount_hi }, - EmbeddedCurveScalar { + Scalar { lo: user_randomness_lo, hi: user_randomness_hi }] @@ -256,7 +256,7 @@ impl PrivatelyRefundable for TokenNote { // 2. We compute the fee point as `G ^ transaction_fee` let fee_point_raw = multi_scalar_mul( [G1], - [EmbeddedCurveScalar { + [Scalar { lo: transaction_fee_lo, hi: transaction_fee_hi, }] diff --git a/noir-projects/noir-contracts/contracts/test_contract/src/main.nr b/noir-projects/noir-contracts/contracts/test_contract/src/main.nr index 678261018db..97aaec35ace 100644 --- a/noir-projects/noir-contracts/contracts/test_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/test_contract/src/main.nr @@ -13,7 +13,7 @@ contract Test { use dep::aztec::protocol_types::{ abis::private_circuit_public_inputs::PrivateCircuitPublicInputs, constants::{MAX_NOTE_HASH_READ_REQUESTS_PER_CALL, CANONICAL_KEY_REGISTRY_ADDRESS}, - traits::{Serialize, ToField, FromField}, point::Point, embedded_curve_scalar::EmbeddedCurveScalar, + traits::{Serialize, ToField, FromField}, point::Point, scalar::Scalar, storage::map::derive_storage_slot_in_map }; @@ -404,14 +404,14 @@ contract Test { } #[aztec(private)] - fn compute_note_header_ciphertext(secret: EmbeddedCurveScalar, point: Point) -> [u8; 48] { + fn compute_note_header_ciphertext(secret: Scalar, point: Point) -> [u8; 48] { EncryptedLogHeader::new(context.this_address()).compute_ciphertext(secret, point) } // 64 bytes + 32 * #fields + 16 = 112 bytes #[aztec(private)] fn compute_incoming_log_body_ciphertext( - secret: EmbeddedCurveScalar, + secret: Scalar, point: Point, storage_slot: Field, value: Field @@ -422,10 +422,10 @@ contract Test { #[aztec(private)] fn compute_outgoing_log_body_ciphertext( - eph_sk: EmbeddedCurveScalar, + eph_sk: Scalar, recipient: AztecAddress, recipient_ivpk_app: Point, - ovsk_app: EmbeddedCurveScalar + ovsk_app: Scalar ) -> [u8; 176] { let eph_pk = eph_sk.derive_public_key(); EncryptedLogOutgoingBody::new(eph_sk, recipient, recipient_ivpk_app).compute_ciphertext(ovsk_app, eph_pk) diff --git a/noir-projects/noir-contracts/contracts/test_log_contract/src/main.nr b/noir-projects/noir-contracts/contracts/test_log_contract/src/main.nr index 168c9a3692b..01a65af901b 100644 --- a/noir-projects/noir-contracts/contracts/test_log_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/test_log_contract/src/main.nr @@ -1,6 +1,6 @@ contract TestLog { use dep::aztec::prelude::PrivateSet; - use dep::aztec::protocol_types::{traits::Serialize, point::Point, embedded_curve_scalar::EmbeddedCurveScalar, address::AztecAddress}; + use dep::aztec::protocol_types::{traits::Serialize, point::Point, scalar::Scalar, address::AztecAddress}; use dep::value_note::value_note::ValueNote; use dep::aztec::encrypted_logs::incoming_body::EncryptedLogIncomingBody; use dep::aztec::event::event_interface::EventInterface; @@ -29,7 +29,7 @@ contract TestLog { #[aztec(private)] fn compute_incoming_log_body_ciphertext( - secret: EmbeddedCurveScalar, + secret: Scalar, point: Point, randomness: Field, event_type_id: Field, diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr index 2bca8d9265b..bd442c0eaf4 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr @@ -113,9 +113,9 @@ mod tests { max_block_number::MaxBlockNumber, note_hash::{NoteHash, ScopedNoteHash}, nullifier::{Nullifier, ScopedNullifier}, log_hash::NoteLogHash, read_request::ScopedReadRequest }, - address::AztecAddress, embedded_curve_scalar::EmbeddedCurveScalar, - tests::{fixture_builder::FixtureBuilder}, utils::{arrays::{array_eq, array_length}}, - traits::{Empty, is_empty, is_empty_array}, point::Point + address::AztecAddress, scalar::Scalar, tests::{fixture_builder::FixtureBuilder}, + utils::{arrays::{array_eq, array_length}}, traits::{Empty, is_empty, is_empty_array}, + point::Point }; struct PrivateKernelResetInputsBuilder { diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_tail.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_tail.nr index b5147b3c683..1be64106118 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_tail.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_tail.nr @@ -61,7 +61,7 @@ mod tests { kernel_circuit_public_inputs::KernelCircuitPublicInputs, max_block_number::MaxBlockNumber, note_hash::{NoteHash, ScopedNoteHash}, nullifier::{Nullifier, ScopedNullifier}, gas::Gas }, - address::{AztecAddress, EthAddress}, embedded_curve_scalar::EmbeddedCurveScalar, + address::{AztecAddress, EthAddress}, scalar::Scalar, hash::{ sha256_to_field, silo_note_hash, silo_nullifier, compute_siloed_encrypted_log_hash, compute_siloed_unencrypted_log_hash diff --git a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/private_validation_request_processor.nr b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/private_validation_request_processor.nr index e120ef8773d..e8ed87e4582 100644 --- a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/private_validation_request_processor.nr +++ b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/private_validation_request_processor.nr @@ -13,8 +13,7 @@ use dep::types::{ MAX_NOTE_HASHES_PER_TX, MAX_NULLIFIERS_PER_TX, MAX_KEY_VALIDATION_REQUESTS_PER_TX, GENERATOR_INDEX__NSK_M, MAX_NOTE_HASH_READ_REQUESTS_PER_TX, MAX_NULLIFIER_READ_REQUESTS_PER_TX }, - embedded_curve_scalar::EmbeddedCurveScalar, hash::poseidon2_hash, traits::is_empty, - utils::arrays::filter_array_to_bounded_vec + scalar::Scalar, hash::poseidon2_hash, traits::is_empty, utils::arrays::filter_array_to_bounded_vec }; struct PrivateValidationRequestProcessor { diff --git a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr index 403efefda12..a682550ccb4 100644 --- a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr +++ b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr @@ -1,18 +1,18 @@ use dep::types::{ traits::{Empty, is_empty}, abis::{validation_requests::ScopedKeyValidationRequestAndGenerator}, - constants::MAX_KEY_VALIDATION_REQUESTS_PER_TX, embedded_curve_scalar::EmbeddedCurveScalar, - hash::poseidon2_hash, utils::arrays::filter_array_to_bounded_vec + constants::MAX_KEY_VALIDATION_REQUESTS_PER_TX, scalar::Scalar, hash::poseidon2_hash, + utils::arrays::filter_array_to_bounded_vec }; struct KeyValidationHint { - sk_m: EmbeddedCurveScalar, + sk_m: Scalar, request_index: u64, } impl Empty for KeyValidationHint { fn empty() -> Self { KeyValidationHint { - sk_m: EmbeddedCurveScalar::empty(), + sk_m: Scalar::empty(), request_index: 0, } } diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/embedded_curve_scalar.nr b/noir-projects/noir-protocol-circuits/crates/types/src/embedded_curve_scalar.nr deleted file mode 100644 index ca639b5d9a1..00000000000 --- a/noir-projects/noir-protocol-circuits/crates/types/src/embedded_curve_scalar.nr +++ /dev/null @@ -1,8 +0,0 @@ -use dep::std::embedded_curve_ops::EmbeddedCurveScalar; -use crate::{embedded_curve_point::EmbeddedCurvePoint, traits::Empty}; - -impl Empty for EmbeddedCurveScalar { - fn empty() -> Self { - Self { hi: 0, lo: 0 } - } -} \ No newline at end of file diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/lib.nr b/noir-projects/noir-protocol-circuits/crates/types/src/lib.nr index 4f76655f4ac..e70b3103d77 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/lib.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/lib.nr @@ -2,7 +2,7 @@ mod utils; mod address; mod debug_log; mod point; -mod embedded_curve_scalar; +mod scalar; // This is intentionally spelled like this // since contract is a reserved keyword, so it cannot // be used as an ident. diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/scalar.nr b/noir-projects/noir-protocol-circuits/crates/types/src/scalar.nr new file mode 100644 index 00000000000..5bb83e55a0e --- /dev/null +++ b/noir-projects/noir-protocol-circuits/crates/types/src/scalar.nr @@ -0,0 +1,16 @@ +use dep::std::embedded_curve_ops::EmbeddedCurveScalar as Scalar; +use crate::traits::{Empty, Serialize}; + +global SCALAR_SIZE: Field = 2; + +impl Empty for Scalar { + fn empty() -> Self { + Self { hi: 0, lo: 0 } + } +} + +impl Serialize for Scalar { + fn serialize(self) -> [Field; SCALAR_SIZE] { + [self.hi, self.lo] + } +} \ No newline at end of file diff --git a/yarn-project/circuit-types/src/logs/l1_payload/encrypted_log_outgoing_body.ts b/yarn-project/circuit-types/src/logs/l1_payload/encrypted_log_outgoing_body.ts index 402e64d0b46..09e3f728c30 100644 --- a/yarn-project/circuit-types/src/logs/l1_payload/encrypted_log_outgoing_body.ts +++ b/yarn-project/circuit-types/src/logs/l1_payload/encrypted_log_outgoing_body.ts @@ -13,7 +13,7 @@ export class EncryptedLogOutgoingBody { */ public toBuffer(): Buffer { // The serialization of Fq is [high, low] check `grumpkin_private_key.nr` - const ephSkBytes = serializeToBuffer([this.ephSk.high, this.ephSk.low]); + const ephSkBytes = serializeToBuffer([this.ephSk.hi, this.ephSk.lo]); return serializeToBuffer(ephSkBytes, this.recipient, this.recipientIvpkApp); } @@ -95,6 +95,6 @@ export class EncryptedLogOutgoingBody { // For performance reasons, we do NOT use the usual `deriveAESSecret` function here and instead we compute it using // poseidon. Note that we can afford to use poseidon here instead of deriving shared secret using Diffie-Hellman // because for outgoing we are encrypting for ourselves and hence we don't need to perform a key exchange. - return poseidon2Hash([ovskApp.high, ovskApp.low, ephPk.x, ephPk.y, GeneratorIndex.SYMMETRIC_KEY]).toBuffer(); + return poseidon2Hash([ovskApp.hi, ovskApp.lo, ephPk.x, ephPk.y, GeneratorIndex.SYMMETRIC_KEY]).toBuffer(); } } diff --git a/yarn-project/circuits.js/src/keys/derivation.ts b/yarn-project/circuits.js/src/keys/derivation.ts index 6f6af52669b..4f9c308e295 100644 --- a/yarn-project/circuits.js/src/keys/derivation.ts +++ b/yarn-project/circuits.js/src/keys/derivation.ts @@ -18,7 +18,7 @@ export function computeAppNullifierSecretKey(masterNullifierSecretKey: EmbeddedC export function computeAppSecretKey(skM: EmbeddedCurveScalar, app: AztecAddress, keyPrefix: KeyPrefix): Fr { const generator = getKeyGenerator(keyPrefix); - return poseidon2Hash([skM.high, skM.low, app, generator]); + return poseidon2Hash([skM.hi, skM.lo, app, generator]); } export function computeIvpkApp(ivpk: PublicKey, address: AztecAddress) { diff --git a/yarn-project/foundation/src/fields/fields.test.ts b/yarn-project/foundation/src/fields/fields.test.ts index ff94978f0d1..193db5720a0 100644 --- a/yarn-project/foundation/src/fields/fields.test.ts +++ b/yarn-project/foundation/src/fields/fields.test.ts @@ -4,8 +4,8 @@ describe('GrumpkinScalar Serialization', () => { // Test case for GrumpkinScalar.fromHighLow it('fromHighLow should serialize and deserialize correctly', () => { const original = GrumpkinScalar.random(); - const high = original.high; - const low = original.low; + const high = original.hi; + const low = original.lo; const deserialized = GrumpkinScalar.fromHighLow(high, low); diff --git a/yarn-project/foundation/src/fields/fields.ts b/yarn-project/foundation/src/fields/fields.ts index a3d65d3f333..2bc10de40a7 100644 --- a/yarn-project/foundation/src/fields/fields.ts +++ b/yarn-project/foundation/src/fields/fields.ts @@ -304,11 +304,11 @@ export class Fq extends BaseField { return `Fq<${this.toString()}>`; } - get low(): Fr { + get lo(): Fr { return new Fr(this.toBigInt() & Fq.LOW_MASK); } - get high(): Fr { + get hi(): Fr { return new Fr(this.toBigInt() >> Fq.HIGH_SHIFT); } diff --git a/yarn-project/key-store/src/key_store.ts b/yarn-project/key-store/src/key_store.ts index a872e169f9e..b630995463d 100644 --- a/yarn-project/key-store/src/key_store.ts +++ b/yarn-project/key-store/src/key_store.ts @@ -233,8 +233,8 @@ export class KeyStore { return Promise.resolve( poseidon2Hash([ - masterIncomingViewingSecretKey.high, - masterIncomingViewingSecretKey.low, + masterIncomingViewingSecretKey.hi, + masterIncomingViewingSecretKey.lo, app, GeneratorIndex.IVSK_M, ]), @@ -259,8 +259,8 @@ export class KeyStore { return Promise.resolve( poseidon2Hash([ - masterOutgoingViewingSecretKey.high, - masterOutgoingViewingSecretKey.low, + masterOutgoingViewingSecretKey.hi, + masterOutgoingViewingSecretKey.lo, app, GeneratorIndex.OVSK_M, ]), diff --git a/yarn-project/noir-protocol-circuits-types/src/type_conversion.ts b/yarn-project/noir-protocol-circuits-types/src/type_conversion.ts index 17bb71ea43a..775758e48ab 100644 --- a/yarn-project/noir-protocol-circuits-types/src/type_conversion.ts +++ b/yarn-project/noir-protocol-circuits-types/src/type_conversion.ts @@ -309,8 +309,8 @@ export function mapPointFromNoir(point: NoirPoint): Point { */ export function mapEmbeddedCurveScalarToNoir(privateKey: EmbeddedCurveScalar): EmbeddedCurveScalarNoir { return { - high: mapFieldToNoir(privateKey.high), - low: mapFieldToNoir(privateKey.low), + hi: mapFieldToNoir(privateKey.hi), + lo: mapFieldToNoir(privateKey.lo), }; } @@ -332,7 +332,7 @@ export function mapKeyValidationHintToNoir(hint: KeyValidationHint): KeyValidati * @returns The EmbeddedCurveScalar. */ export function mapEmbeddedCurveScalarFromNoir(privateKey: EmbeddedCurveScalarNoir): EmbeddedCurveScalar { - return GrumpkinScalar.fromHighLow(mapFieldFromNoir(privateKey.high), mapFieldFromNoir(privateKey.low)); + return GrumpkinScalar.fromHighLow(mapFieldFromNoir(privateKey.hi), mapFieldFromNoir(privateKey.lo)); } /** diff --git a/yarn-project/simulator/src/avm/opcodes/multi_scalar_mul.test.ts b/yarn-project/simulator/src/avm/opcodes/multi_scalar_mul.test.ts index 1c4e76fb3c3..133f215dfad 100644 --- a/yarn-project/simulator/src/avm/opcodes/multi_scalar_mul.test.ts +++ b/yarn-project/simulator/src/avm/opcodes/multi_scalar_mul.test.ts @@ -46,7 +46,7 @@ describe('MultiScalarMul Opcode', () => { const scalarsLength = scalars.length * 2; // multiplied by 2 since we will store them as lo and hi limbs in avm memory // Transform the points and scalars into the format that we will write to memory // We just store the x and y coordinates here, and handle the infinities when we write to memory - const storedScalars: Field[] = scalars.flatMap(s => [new Field(s.low), new Field(s.high)]); + const storedScalars: Field[] = scalars.flatMap(s => [new Field(s.lo), new Field(s.hi)]); // Points are stored as [x1, y1, inf1, x2, y2, inf2, ...] where the types are [Field, Field, Uint8, Field, Field, Uint8, ...] const storedPoints: MemoryValue[] = points .map(p => p.toFields()) @@ -86,7 +86,7 @@ describe('MultiScalarMul Opcode', () => { const scalarsLength = scalars.length * 2; // multiplied by 2 since we will store them as lo and hi limbs in avm memory // Transform the points and scalars into the format that we will write to memory // We just store the x and y coordinates here, and handle the infinities when we write to memory - const storedScalars: Field[] = scalars.flatMap(s => [new Field(s.low), new Field(s.high)]); + const storedScalars: Field[] = scalars.flatMap(s => [new Field(s.lo), new Field(s.hi)]); // Points are stored as [x1, y1, inf1, x2, y2, inf2, ...] where the types are [Field, Field, Uint8, Field, Field, Uint8, ...] const storedPoints: MemoryValue[] = points .map(p => p.toFields())