From f3d1afe968f84fc996e22f79233195696c7904d9 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 4 May 2023 16:53:22 +0100 Subject: [PATCH 01/19] Copy ECDSA from commit 92ef9b4 --- .../test_data/ecdsa_secp256k1/Nargo.toml | 6 + .../test_data/ecdsa_secp256k1/Prover.toml | 168 ++++++++++++++++++ .../test_data/ecdsa_secp256k1/src/main.nr | 19 ++ 3 files changed, 193 insertions(+) create mode 100644 crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Nargo.toml create mode 100644 crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml create mode 100644 crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Nargo.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Nargo.toml new file mode 100644 index 00000000000..7199d3305bf --- /dev/null +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Nargo.toml @@ -0,0 +1,6 @@ +[package] +name = "ECDSA secp256k1 verification" +authors = [""] +compiler_version = "0.1" + +[dependencies] diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml new file mode 100644 index 00000000000..7f6fda9dd4f --- /dev/null +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -0,0 +1,168 @@ +hashed_message = [ + 84, + 112, + 91, + 163, + 186, + 175, + 219, + 223, + 186, + 140, + 95, + 154, + 112, + 247, + 168, + 155, + 238, + 152, + 217, + 6, + 181, + 62, + 49, + 7, + 77, + 167, + 186, + 236, + 220, + 13, + 169, + 173, +] +pub_key_x = [ + 77, + 75, + 108, + 209, + 54, + 16, + 50, + 202, + 155, + 210, + 174, + 185, + 217, + 0, + 170, + 77, + 69, + 217, + 234, + 216, + 10, + 201, + 66, + 51, + 116, + 196, + 81, + 167, + 37, + 77, + 7, + 102, +] +pub_key_y = [ + 42, + 62, + 173, + 162, + 208, + 254, + 32, + 139, + 109, + 37, + 124, + 235, + 15, + 6, + 66, + 132, + 102, + 46, + 133, + 127, + 87, + 182, + 107, + 84, + 193, + 152, + 189, + 49, + 13, + 237, + 54, + 208, +] +signature = [ + 100, + 235, + 162, + 94, + 185, + 111, + 28, + 107, + 66, + 168, + 87, + 57, + 125, + 222, + 85, + 114, + 140, + 61, + 161, + 105, + 140, + 229, + 209, + 158, + 178, + 38, + 160, + 164, + 142, + 171, + 167, + 202, + 46, + 231, + 34, + 171, + 10, + 190, + 86, + 37, + 238, + 245, + 49, + 189, + 207, + 208, + 54, + 107, + 61, + 247, + 167, + 163, + 157, + 86, + 108, + 223, + 78, + 8, + 252, + 169, + 61, + 158, + 6, + 42, +] diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr new file mode 100644 index 00000000000..16802bdd4b6 --- /dev/null +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -0,0 +1,19 @@ +use dep::std; + +// This is not fully supported by any backend +// Barretenberg backend will not verify a proof, even though it +// is below the WASM limit. +// +// This is here for two reasons: +// - To check for API regressions. +// - Noir should be agnostic to backends, so even though +// the only backend implemented does not work properly for this, +// we can still implement it on the frontend. +fn main(hashed_message : [32]u8, pub_key_x : [32]u8, pub_key_y : [32]u8, signature : [64]u8) { + + // Is there ever a situation where someone would want + // to ensure that a signature was invalid? + priv x = std::ecdsa_secp256k1::verify_signature(signature, hashed_message,pub_key_x,pub_key_y); + + constrain x == 1; +} \ No newline at end of file From fad18548a4ac857e914f66529992db5b790e79df Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 4 May 2023 17:02:31 +0100 Subject: [PATCH 02/19] rework for new syntax --- .../nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index 16802bdd4b6..ba369917970 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -9,11 +9,10 @@ use dep::std; // - Noir should be agnostic to backends, so even though // the only backend implemented does not work properly for this, // we can still implement it on the frontend. -fn main(hashed_message : [32]u8, pub_key_x : [32]u8, pub_key_y : [32]u8, signature : [64]u8) { +fn main(hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { // Is there ever a situation where someone would want // to ensure that a signature was invalid? - priv x = std::ecdsa_secp256k1::verify_signature(signature, hashed_message,pub_key_x,pub_key_y); - - constrain x == 1; + let x = std::ecdsa_secp256k1::verify_signature(signature, hashed_message,pub_key_x,pub_key_y); + assert(x == 1); } \ No newline at end of file From b7903ad414318ff25a2beed1e29e1a1d1bc0364b Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 4 May 2023 17:24:58 +0100 Subject: [PATCH 03/19] commit since github was down --- crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr | 1 - 1 file changed, 1 deletion(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index ba369917970..5866a54dc58 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -10,7 +10,6 @@ use dep::std; // the only backend implemented does not work properly for this, // we can still implement it on the frontend. fn main(hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { - // Is there ever a situation where someone would want // to ensure that a signature was invalid? let x = std::ecdsa_secp256k1::verify_signature(signature, hashed_message,pub_key_x,pub_key_y); From 9d2b338c92b54f3e9426909d47d7ff384cd77282 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 4 May 2023 17:40:16 +0100 Subject: [PATCH 04/19] [NOT MERGEABLE] - Skip all tests except ecdsa --- crates/nargo_cli/tests/prove_and_verify.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crates/nargo_cli/tests/prove_and_verify.rs b/crates/nargo_cli/tests/prove_and_verify.rs index 070db6d8ce8..c89f87d8645 100644 --- a/crates/nargo_cli/tests/prove_and_verify.rs +++ b/crates/nargo_cli/tests/prove_and_verify.rs @@ -72,6 +72,9 @@ mod tests { test_dir.file_name().into_string().expect("Directory can't be converted to string"); let test_program_dir = &test_dir.path(); + if test_name != "ecdsa_secp256k1" { + continue; + } if config_data["exclude"].contains(&test_name) { println!("Skipping test {test_name}"); continue; From 1bb191c17195d7d29079360b85a089e910ab8f1e Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Thu, 4 May 2023 17:41:53 +0100 Subject: [PATCH 05/19] change parameter order --- crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index 5866a54dc58..d4b56201b5d 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -12,6 +12,6 @@ use dep::std; fn main(hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { // Is there ever a situation where someone would want // to ensure that a signature was invalid? - let x = std::ecdsa_secp256k1::verify_signature(signature, hashed_message,pub_key_x,pub_key_y); + let x = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message,); assert(x == 1); } \ No newline at end of file From 19dff3f4711736a29983bf292971ff2b956ac656 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Tue, 9 May 2023 14:58:06 +0100 Subject: [PATCH 06/19] update flake.lock --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 8d6445d3cf6..f3be3ea4b66 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ ] }, "locked": { - "lastModified": 1683314474, - "narHash": "sha256-gfHYpOnVTfS+4fhScBhfkB/e5z+jPFCi8zSy+aEh+8s=", + "lastModified": 1683639407, + "narHash": "sha256-TyjeCb0pqpQbteYCxXGtIOMz+8d0U450FBAGZ3gZOB0=", "owner": "AztecProtocol", "repo": "barretenberg", - "rev": "ad615ee7dc931d3dbea041e47c96b9d8dccebf98", + "rev": "bb08dfa2134a00fbc91b38c8cdb0be868a523c1c", "type": "github" }, "original": { From cf189bc7ab83d81ed43c8d078a151954f70b6bca Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Tue, 9 May 2023 14:58:24 +0100 Subject: [PATCH 07/19] update test --- .../test_data/ecdsa_secp256k1/Prover.toml | 326 +++++++++--------- .../test_data/ecdsa_secp256k1/src/main.nr | 2 +- 2 files changed, 167 insertions(+), 161 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index 7f6fda9dd4f..c5421a9258a 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -1,168 +1,174 @@ hashed_message = [ - 84, - 112, - 91, - 163, - 186, - 175, - 219, - 223, - 186, - 140, - 95, - 154, - 112, - 247, - 168, - 155, - 238, - 152, - 217, - 6, - 181, - 62, - 49, - 7, - 77, - 167, - 186, - 236, - 220, - 13, - 169, - 173, + 0x49, + 0x6e, + 0x73, + 0x74, + 0x72, + 0x75, + 0x63, + 0x74, + 0x69, + 0x6f, + 0x6e, + 0x73, + 0x20, + 0x75, + 0x6e, + 0x63, + 0x6c, + 0x65, + 0x61, + 0x72, + 0x2c, + 0x20, + 0x61, + 0x73, + 0x6b, + 0x20, + 0x61, + 0x67, + 0x61, + 0x69, + 0x6e, + 0x20, + 0x6c, + 0x61, + 0x74, + 0x65, + 0x72, + 0x2e, ] pub_key_x = [ - 77, - 75, - 108, - 209, - 54, - 16, - 50, - 202, - 155, - 210, - 174, - 185, - 217, - 0, - 170, - 77, - 69, - 217, - 234, - 216, - 10, - 201, - 66, - 51, - 116, - 196, - 81, - 167, - 37, - 77, - 7, - 102, + 0xb3, + 0x35, + 0xfa, + 0x16, + 0xd6, + 0xc8, + 0xb7, + 0xcc, + 0x46, + 0x7a, + 0x87, + 0x55, + 0x86, + 0x43, + 0xea, + 0xdd, + 0xd6, + 0x57, + 0xe3, + 0x6b, + 0x57, + 0xd8, + 0xb3, + 0x62, + 0x60, + 0x5b, + 0xf9, + 0x75, + 0x73, + 0x10, + 0x73, + 0xda, ] pub_key_y = [ - 42, - 62, - 173, - 162, - 208, - 254, - 32, - 139, - 109, - 37, - 124, - 235, - 15, - 6, - 66, - 132, - 102, - 46, - 133, - 127, - 87, - 182, - 107, - 84, - 193, - 152, - 189, - 49, - 13, - 237, - 54, - 208, + 0xd9, + 0xb5, + 0x64, + 0xa9, + 0x8a, + 0xe9, + 0xfa, + 0xcf, + 0xb9, + 0x53, + 0xb9, + 0x38, + 0x57, + 0x84, + 0x96, + 0x52, + 0x49, + 0x15, + 0xfc, + 0xb5, + 0x23, + 0x26, + 0x27, + 0xe5, + 0x23, + 0xc7, + 0xde, + 0xe3, + 0x9d, + 0xd5, + 0x85, + 0xd2, ] signature = [ - 100, - 235, - 162, - 94, - 185, - 111, - 28, - 107, - 66, - 168, - 87, - 57, - 125, - 222, - 85, - 114, - 140, - 61, - 161, - 105, - 140, - 229, - 209, - 158, - 178, - 38, - 160, - 164, - 142, - 171, - 167, - 202, - 46, - 231, - 34, - 171, - 10, - 190, - 86, - 37, - 238, - 245, - 49, - 189, - 207, - 208, - 54, - 107, - 61, - 247, - 167, - 163, - 157, - 86, - 108, - 223, - 78, - 8, - 252, - 169, - 61, - 158, - 6, - 42, + 0x99, + 0x7f, + 0x5b, + 0xe7, + 0x0f, + 0x54, + 0xb8, + 0xb6, + 0xc5, + 0x29, + 0x98, + 0x0c, + 0x09, + 0x11, + 0xde, + 0x91, + 0xe8, + 0x77, + 0xf9, + 0x34, + 0x85, + 0xea, + 0xcf, + 0xe5, + 0xc2, + 0x38, + 0x46, + 0x4b, + 0x2e, + 0x7c, + 0x1c, + 0x4b, + 0xc2, + 0x2a, + 0x65, + 0x86, + 0x92, + 0x2e, + 0x5f, + 0x6e, + 0xf4, + 0x17, + 0xad, + 0xda, + 0xf8, + 0x2e, + 0x48, + 0x1f, + 0x7a, + 0x7a, + 0xa5, + 0xe9, + 0xf1, + 0xc5, + 0x7e, + 0xa2, + 0xe9, + 0x1f, + 0xef, + 0xc3, + 0xeb, + 0x60, + 0xbe, + 0x4f, ] diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index d4b56201b5d..62bf738d385 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -9,7 +9,7 @@ use dep::std; // - Noir should be agnostic to backends, so even though // the only backend implemented does not work properly for this, // we can still implement it on the frontend. -fn main(hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { +fn main(hashed_message : [u8;38], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { // Is there ever a situation where someone would want // to ensure that a signature was invalid? let x = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message,); From 6935f5a2b8389dc92a09f137ef008007ec5fce48 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 18:15:39 +0100 Subject: [PATCH 08/19] update flake.lock --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index f3be3ea4b66..b17c5a5f89c 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ ] }, "locked": { - "lastModified": 1683639407, - "narHash": "sha256-TyjeCb0pqpQbteYCxXGtIOMz+8d0U450FBAGZ3gZOB0=", + "lastModified": 1683738159, + "narHash": "sha256-v9FrY07bj1B+/Nud9EQQiDqSt3Lk6I74OGiNCZ9JwhM=", "owner": "AztecProtocol", "repo": "barretenberg", - "rev": "bb08dfa2134a00fbc91b38c8cdb0be868a523c1c", + "rev": "41d1570d14304776f86460c9734876b2784cae4e", "type": "github" }, "original": { From eed5e70d7fd751bfa673d5e12383c4c9682864ab Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 19:39:35 +0100 Subject: [PATCH 09/19] update flake.lock --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index b17c5a5f89c..090f58af448 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ ] }, "locked": { - "lastModified": 1683738159, - "narHash": "sha256-v9FrY07bj1B+/Nud9EQQiDqSt3Lk6I74OGiNCZ9JwhM=", + "lastModified": 1683743846, + "narHash": "sha256-YEy3Qf94HDVBxc+wztsuneeL7xLlcJ+0LxOjIyfPvhY=", "owner": "AztecProtocol", "repo": "barretenberg", - "rev": "41d1570d14304776f86460c9734876b2784cae4e", + "rev": "964f22a83571442fa959869e72070bf5c4330995", "type": "github" }, "original": { From a693d741ec7a8c5ba0ec5ddff487b25fcb534b80 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 19:44:18 +0100 Subject: [PATCH 10/19] modify test --- crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml | 2 +- crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index c5421a9258a..02d14112587 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -1,4 +1,4 @@ -hashed_message = [ +message = [ 0x49, 0x6e, 0x73, diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index 62bf738d385..700a7defa00 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -9,9 +9,10 @@ use dep::std; // - Noir should be agnostic to backends, so even though // the only backend implemented does not work properly for this, // we can still implement it on the frontend. -fn main(hashed_message : [u8;38], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { +fn main(message : [u8;38], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { // Is there ever a situation where someone would want // to ensure that a signature was invalid? - let x = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message,); + let hashed_message = std::hash::sha256(message); + let x = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); assert(x == 1); } \ No newline at end of file From 315a0574552da6b7febf7d3b77f3f352cc5107cd Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 20:04:04 +0100 Subject: [PATCH 11/19] add message + hashed_message to program --- .../test_data/ecdsa_secp256k1/Prover.toml | 40 +++++++++++++++++-- .../test_data/ecdsa_secp256k1/src/main.nr | 15 +++++-- 2 files changed, 49 insertions(+), 6 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index 02d14112587..d155361e80a 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -1,3 +1,37 @@ +hashed_message = [ + 0x3a, + 0x73, + 0xf4, + 0x12, + 0x3a, + 0x5c, + 0xd2, + 0x12, + 0x1f, + 0x21, + 0xcd, + 0x7e, + 0x8d, + 0x35, + 0x88, + 0x35, + 0x47, + 0x69, + 0x49, + 0xd0, + 0x35, + 0xd9, + 0xc2, + 0xda, + 0x68, + 0x06, + 0xb4, + 0x63, + 0x3a, + 0xc8, + 0xc1, + 0xe2, +] message = [ 0x49, 0x6e, @@ -38,7 +72,7 @@ message = [ 0x72, 0x2e, ] -pub_key_x = [ +_pub_key_x = [ 0xb3, 0x35, 0xfa, @@ -72,7 +106,7 @@ pub_key_x = [ 0x73, 0xda, ] -pub_key_y = [ +_pub_key_y = [ 0xd9, 0xb5, 0x64, @@ -106,7 +140,7 @@ pub_key_y = [ 0x85, 0xd2, ] -signature = [ +_signature = [ 0x99, 0x7f, 0x5b, diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index 700a7defa00..0ea53d4d240 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -9,10 +9,19 @@ use dep::std; // - Noir should be agnostic to backends, so even though // the only backend implemented does not work properly for this, // we can still implement it on the frontend. -fn main(message : [u8;38], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { +fn main(message : [u8;38],hashed_message : [u8;32], _pub_key_x : [u8;32], _pub_key_y : [u8;32], _signature : [u8;64]) { // Is there ever a situation where someone would want // to ensure that a signature was invalid? - let hashed_message = std::hash::sha256(message); + let expected= std::hash::sha256(message); + assert(hashed_message == expected); + let x = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); assert(x == 1); -} \ No newline at end of file +} + +// TODO: The following will fail in ssa: +// +// +//fn main(message : [u8;38],hashed_message : [u8;32], _pub_key_x : [u8;32], _pub_key_y : [u8;32], _signature : [u8;64]) { +// assert(hashed_message == std::hash::sha256(message)); +//} \ No newline at end of file From 21e3b8784d010ae44c242823687504dfb2e2544e Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 20:06:16 +0100 Subject: [PATCH 12/19] remove underscore --- .../nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml | 6 +++--- .../nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index d155361e80a..5f60c8e3d63 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -72,7 +72,7 @@ message = [ 0x72, 0x2e, ] -_pub_key_x = [ +pub_key_x = [ 0xb3, 0x35, 0xfa, @@ -106,7 +106,7 @@ _pub_key_x = [ 0x73, 0xda, ] -_pub_key_y = [ +pub_key_y = [ 0xd9, 0xb5, 0x64, @@ -140,7 +140,7 @@ _pub_key_y = [ 0x85, 0xd2, ] -_signature = [ +signature = [ 0x99, 0x7f, 0x5b, diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index 0ea53d4d240..f31f597f42b 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -9,7 +9,7 @@ use dep::std; // - Noir should be agnostic to backends, so even though // the only backend implemented does not work properly for this, // we can still implement it on the frontend. -fn main(message : [u8;38],hashed_message : [u8;32], _pub_key_x : [u8;32], _pub_key_y : [u8;32], _signature : [u8;64]) { +fn main(message : [u8;38],hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { // Is there ever a situation where someone would want // to ensure that a signature was invalid? let expected= std::hash::sha256(message); From 66e6633aca17107c8a309d3e622866551054bb6d Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 20:43:47 +0100 Subject: [PATCH 13/19] modify input to use low-S --- .../test_data/ecdsa_secp256k1/Prover.toml | 238 +++++++++--------- 1 file changed, 119 insertions(+), 119 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index 5f60c8e3d63..f755698d9c4 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -73,136 +73,136 @@ message = [ 0x2e, ] pub_key_x = [ - 0xb3, - 0x35, - 0xfa, - 0x16, - 0xd6, - 0xc8, - 0xb7, - 0xcc, - 0x46, - 0x7a, - 0x87, - 0x55, - 0x86, - 0x43, - 0xea, - 0xdd, - 0xd6, - 0x57, - 0xe3, - 0x6b, - 0x57, - 0xd8, - 0xb3, - 0x62, - 0x60, - 0x5b, - 0xf9, - 0x75, - 0x73, - 0x10, - 0x73, - 0xda, -] -pub_key_y = [ - 0xd9, - 0xb5, + 0x21, + 0x25, + 0x3b, + 0x99, + 0xf6, + 0x71, + 0xf1, + 0x1b, 0x64, - 0xa9, - 0x8a, - 0xe9, - 0xfa, - 0xcf, - 0xb9, - 0x53, - 0xb9, - 0x38, - 0x57, - 0x84, - 0x96, - 0x52, - 0x49, - 0x15, - 0xfc, 0xb5, - 0x23, - 0x26, - 0x27, - 0xe5, - 0x23, - 0xc7, 0xde, - 0xe3, - 0x9d, - 0xd5, + 0xd7, + 0x3a, + 0x80, + 0x88, + 0xaf, + 0x08, + 0xd7, + 0xad, + 0x78, + 0xc7, + 0x28, + 0x5c, + 0x24, + 0xa5, + 0xfc, + 0x88, + 0xb7, + 0xfe, + 0x54, + 0x81, + 0xc2, +] +pub_key_y = [ + 0xe1, + 0x6d, + 0x9c, + 0xd4, + 0x1d, + 0x34, + 0xa2, + 0x25, + 0xf6, 0x85, - 0xd2, + 0xcd, + 0xf7, + 0xb3, + 0x0b, + 0x95, + 0xb3, + 0xdd, + 0x80, + 0xfc, + 0xa9, + 0x1f, + 0xa6, + 0xce, + 0x64, + 0x25, + 0x61, + 0x41, + 0x60, + 0x01, + 0xd8, + 0x4c, + 0x2c, ] signature = [ - 0x99, - 0x7f, - 0x5b, - 0xe7, + 0x67, + 0xfc, 0x0f, + 0xf8, + 0x10, + 0x3a, 0x54, - 0xb8, - 0xb6, - 0xc5, - 0x29, - 0x98, - 0x0c, - 0x09, - 0x11, - 0xde, - 0x91, - 0xe8, - 0x77, - 0xf9, - 0x34, - 0x85, - 0xea, + 0x8f, + 0x25, + 0x96, + 0xbb, + 0x31, + 0xc8, + 0xf4, + 0x16, + 0x97, + 0x89, + 0x89, + 0x41, 0xcf, - 0xe5, - 0xc2, - 0x38, - 0x46, - 0x4b, - 0x2e, - 0x7c, - 0x1c, - 0x4b, + 0x6a, + 0xef, + 0x36, + 0x72, + 0x95, + 0xa1, + 0xdb, + 0x7e, + 0xba, 0xc2, - 0x2a, - 0x65, - 0x86, - 0x92, - 0x2e, - 0x5f, - 0x6e, - 0xf4, - 0x17, - 0xad, - 0xda, + 0x0f, + 0x58, + 0xe0, + 0x44, + 0x9e, + 0xa5, 0xf8, - 0x2e, - 0x48, - 0x1f, - 0x7a, - 0x7a, + 0xb3, + 0x69, + 0xe5, + 0x1c, + 0x8b, + 0x5b, + 0x47, 0xa5, - 0xe9, - 0xf1, - 0xc5, - 0x7e, - 0xa2, - 0xe9, - 0x1f, - 0xef, + 0x9a, + 0xb6, + 0xa6, 0xc3, - 0xeb, - 0x60, - 0xbe, - 0x4f, + 0xf1, + 0x3d, + 0x96, + 0x89, + 0xb3, + 0x43, + 0x1e, + 0xda, + 0xc8, + 0x9b, + 0x87, + 0x16, + 0xde, + 0x7d, + 0x4c, ] From 37dc0e951784f5539aa57912451bf70b243227f1 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 20:53:58 +0100 Subject: [PATCH 14/19] commit s variant 1 --- .../test_data/ecdsa_secp256k1/Prover.toml | 239 +++++++++--------- 1 file changed, 120 insertions(+), 119 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index f755698d9c4..96c26acd9f2 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -1,3 +1,4 @@ + hashed_message = [ 0x3a, 0x73, @@ -73,136 +74,136 @@ message = [ 0x2e, ] pub_key_x = [ - 0x21, - 0x25, - 0x3b, - 0x99, - 0xf6, - 0x71, - 0xf1, - 0x1b, - 0x64, - 0xb5, - 0xde, - 0xd7, - 0x3a, - 0x80, - 0x88, - 0xaf, - 0x08, - 0xd7, - 0xad, - 0x78, - 0xc7, - 0x28, - 0x5c, - 0x24, - 0xa5, - 0xfc, - 0x88, - 0xb7, - 0xfe, - 0x54, - 0x81, + 0xa0, + 0x43, + 0x4d, + 0x9e, + 0x47, + 0xf3, + 0xc8, + 0x62, + 0x35, + 0x47, + 0x7c, + 0x7b, + 0x1a, + 0xe6, + 0xae, + 0x5d, + 0x34, + 0x42, + 0xd4, + 0x9b, + 0x19, + 0x43, 0xc2, + 0xb7, + 0x52, + 0xa6, + 0x8e, + 0x2a, + 0x47, + 0xe2, + 0x47, + 0xc7, ] pub_key_y = [ - 0xe1, - 0x6d, - 0x9c, - 0xd4, - 0x1d, - 0x34, + 0x89, + 0x3a, + 0xba, + 0x42, + 0x54, + 0x19, + 0xbc, + 0x27, + 0xa3, + 0xb6, + 0xc7, + 0xe6, + 0x93, 0xa2, - 0x25, - 0xf6, - 0x85, - 0xcd, - 0xf7, - 0xb3, - 0x0b, - 0x95, - 0xb3, - 0xdd, - 0x80, - 0xfc, - 0xa9, - 0x1f, - 0xa6, - 0xce, - 0x64, - 0x25, - 0x61, - 0x41, - 0x60, - 0x01, - 0xd8, 0x4c, - 0x2c, + 0x69, + 0x6f, + 0x79, + 0x4c, + 0x2e, + 0xd8, + 0x77, + 0xa1, + 0x59, + 0x3c, + 0xbe, + 0xe5, + 0x3b, + 0x03, + 0x73, + 0x68, + 0xd7, ] signature = [ + 0xd7, + 0xee, 0x67, - 0xfc, - 0x0f, - 0xf8, - 0x10, - 0x3a, - 0x54, + 0x6b, + 0xcb, + 0xb1, + 0x8e, + 0x48, + 0x78, 0x8f, - 0x25, - 0x96, - 0xbb, - 0x31, - 0xc8, + 0x33, + 0x6c, + 0xe2, + 0x9e, + 0x0b, + 0x7d, + 0xcd, + 0xf3, + 0xd1, + 0x5c, + 0xd8, + 0x5d, + 0x36, + 0xd2, + 0xbe, + 0x70, + 0x79, + 0xf2, + 0x5e, + 0xd6, + 0x73, + 0xec, + 0x28, + 0x11, + 0x98, + 0x94, + 0x34, + 0x4e, + 0x71, + 0xb7, + 0x87, + 0x70, + 0xcc, + 0x93, + 0x1d, + 0x61, 0xf4, - 0x16, - 0x97, - 0x89, + 0x80, + 0xec, + 0xbb, + 0x0b, 0x89, - 0x41, - 0xcf, - 0x6a, - 0xef, - 0x36, - 0x72, - 0x95, - 0xa1, - 0xdb, - 0x7e, - 0xba, - 0xc2, - 0x0f, - 0x58, - 0xe0, - 0x44, - 0x9e, - 0xa5, - 0xf8, - 0xb3, + 0xd6, + 0xeb, 0x69, - 0xe5, - 0x1c, - 0x8b, - 0x5b, - 0x47, - 0xa5, + 0x69, + 0x01, + 0x61, + 0xe4, 0x9a, - 0xb6, - 0xa6, - 0xc3, - 0xf1, - 0x3d, - 0x96, - 0x89, - 0xb3, - 0x43, - 0x1e, - 0xda, - 0xc8, - 0x9b, - 0x87, - 0x16, - 0xde, - 0x7d, - 0x4c, + 0x71, + 0x5f, + 0xcd, + 0x55, ] From 0a4e0eb389fa531510e6f8890659f2c8a3bc8e48 Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 20:55:39 +0100 Subject: [PATCH 15/19] commit variant S2 --- .../test_data/ecdsa_secp256k1/Prover.toml | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index 96c26acd9f2..edfe7c88dc0 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -142,6 +142,38 @@ pub_key_y = [ 0xd7, ] signature = [ + 0xe5, + 0x08, + 0x1c, + 0x80, + 0xab, + 0x42, + 0x7d, + 0xc3, + 0x70, + 0x34, + 0x6f, + 0x4a, + 0x0e, + 0x31, + 0xaa, + 0x2b, + 0xad, + 0x8d, + 0x97, + 0x98, + 0xc3, + 0x80, + 0x61, + 0xdb, + 0x9a, + 0xe5, + 0x5a, + 0x4e, + 0x8d, + 0xf4, + 0x54, + 0xfd, 0xd7, 0xee, 0x67, @@ -174,36 +206,4 @@ signature = [ 0xd6, 0x73, 0xec, - 0x28, - 0x11, - 0x98, - 0x94, - 0x34, - 0x4e, - 0x71, - 0xb7, - 0x87, - 0x70, - 0xcc, - 0x93, - 0x1d, - 0x61, - 0xf4, - 0x80, - 0xec, - 0xbb, - 0x0b, - 0x89, - 0xd6, - 0xeb, - 0x69, - 0x69, - 0x01, - 0x61, - 0xe4, - 0x9a, - 0x71, - 0x5f, - 0xcd, - 0x55, ] From 73c3e083f5c37a9d0ea17d68c5d2a839dbfa146e Mon Sep 17 00:00:00 2001 From: Kevaundray Wedderburn Date: Wed, 10 May 2023 21:01:12 +0100 Subject: [PATCH 16/19] modify s value in signature to value that passes in acvm/pwg --- .../test_data/ecdsa_secp256k1/Prover.toml | 60 +++++++++---------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml index edfe7c88dc0..412c7b36e4c 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/Prover.toml @@ -174,36 +174,36 @@ signature = [ 0xf4, 0x54, 0xfd, - 0xd7, - 0xee, - 0x67, - 0x6b, - 0xcb, - 0xb1, - 0x8e, - 0x48, - 0x78, - 0x8f, - 0x33, - 0x6c, - 0xe2, - 0x9e, - 0x0b, - 0x7d, - 0xcd, - 0xf3, - 0xd1, - 0x5c, - 0xd8, - 0x5d, - 0x36, - 0xd2, - 0xbe, + 0x28, + 0x11, + 0x98, + 0x94, + 0x34, + 0x4e, + 0x71, + 0xb7, + 0x87, 0x70, - 0x79, - 0xf2, - 0x5e, - 0xd6, - 0x73, + 0xcc, + 0x93, + 0x1d, + 0x61, + 0xf4, + 0x80, 0xec, + 0xbb, + 0x0b, + 0x89, + 0xd6, + 0xeb, + 0x69, + 0x69, + 0x01, + 0x61, + 0xe4, + 0x9a, + 0x71, + 0x5f, + 0xcd, + 0x55, ] From 23d48eb17b27d59879e31c90cacca7b43a6f10b8 Mon Sep 17 00:00:00 2001 From: kevaundray Date: Thu, 11 May 2023 21:06:02 +0000 Subject: [PATCH 17/19] update flake.lock --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 090f58af448..62abdb4a42e 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ ] }, "locked": { - "lastModified": 1683743846, - "narHash": "sha256-YEy3Qf94HDVBxc+wztsuneeL7xLlcJ+0LxOjIyfPvhY=", + "lastModified": 1683839119, + "narHash": "sha256-pVoW3C5Ek9/878PBzvXqnt51KpIDrxPt5HVtNwdErnE=", "owner": "AztecProtocol", "repo": "barretenberg", - "rev": "964f22a83571442fa959869e72070bf5c4330995", + "rev": "223b9dee2542145d67126cc8a5aa0e9b9d82c244", "type": "github" }, "original": { From a43aea3dbc7c9cab1bd7caef9d47d65e416c1e47 Mon Sep 17 00:00:00 2001 From: kevaundray Date: Thu, 11 May 2023 21:13:03 +0000 Subject: [PATCH 18/19] remove if statement to make tests go faster --- crates/nargo_cli/tests/prove_and_verify.rs | 3 --- 1 file changed, 3 deletions(-) diff --git a/crates/nargo_cli/tests/prove_and_verify.rs b/crates/nargo_cli/tests/prove_and_verify.rs index c89f87d8645..070db6d8ce8 100644 --- a/crates/nargo_cli/tests/prove_and_verify.rs +++ b/crates/nargo_cli/tests/prove_and_verify.rs @@ -72,9 +72,6 @@ mod tests { test_dir.file_name().into_string().expect("Directory can't be converted to string"); let test_program_dir = &test_dir.path(); - if test_name != "ecdsa_secp256k1" { - continue; - } if config_data["exclude"].contains(&test_name) { println!("Skipping test {test_name}"); continue; From 5a3fe3e93cd6f075f50c13cbcdfd3459ee8aaef7 Mon Sep 17 00:00:00 2001 From: kevaundray Date: Thu, 11 May 2023 21:13:12 +0000 Subject: [PATCH 19/19] cleanup test --- .../test_data/ecdsa_secp256k1/src/main.nr | 22 +++---------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr index f31f597f42b..1cb40f09cd0 100644 --- a/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr +++ b/crates/nargo_cli/tests/test_data/ecdsa_secp256k1/src/main.nr @@ -1,27 +1,11 @@ use dep::std; -// This is not fully supported by any backend -// Barretenberg backend will not verify a proof, even though it -// is below the WASM limit. -// -// This is here for two reasons: -// - To check for API regressions. -// - Noir should be agnostic to backends, so even though -// the only backend implemented does not work properly for this, -// we can still implement it on the frontend. + fn main(message : [u8;38],hashed_message : [u8;32], pub_key_x : [u8;32], pub_key_y : [u8;32], signature : [u8;64]) { - // Is there ever a situation where someone would want - // to ensure that a signature was invalid? + // Hash the message, since secp256k1 expects a hashed_message let expected= std::hash::sha256(message); assert(hashed_message == expected); let x = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); assert(x == 1); -} - -// TODO: The following will fail in ssa: -// -// -//fn main(message : [u8;38],hashed_message : [u8;32], _pub_key_x : [u8;32], _pub_key_y : [u8;32], _signature : [u8;64]) { -// assert(hashed_message == std::hash::sha256(message)); -//} \ No newline at end of file +} \ No newline at end of file