Cradicle Explorer
circomlib
/ test / eddsaposeidon.js
eddsaposeidon.js
  1  const chai = require("chai");
  2  const path = require("path");
  3  const wasm_tester = require("circom_tester").wasm;
  4  
  5  const buildEddsa = require("circomlibjs").buildEddsa;
  6  const buildBabyjub = require("circomlibjs").buildBabyjub;
  7  
  8  const assert = chai.assert;
  9  
 10  describe("EdDSA Poseidon test", function () {
 11      let circuit;
 12      let eddsa;
 13      let babyJub;
 14      let F;
 15  
 16      this.timeout(100000);
 17  
 18      before( async () => {
 19          eddsa = await buildEddsa();
 20          babyJub = await buildBabyjub();
 21          F = babyJub.F;
 22          circuit = await wasm_tester(path.join(__dirname, "circuits", "eddsaposeidon_test.circom"));
 23      });
 24  
 25      it("Sign a single number", async () => {
 26          const msg = F.e(1234);
 27  
 28          const prvKey = Buffer.from("0001020304050607080900010203040506070809000102030405060708090001", "hex");
 29  
 30          const pubKey = eddsa.prv2pub(prvKey);
 31  
 32          const signature = eddsa.signPoseidon(prvKey, msg);
 33  
 34          assert(eddsa.verifyPoseidon(msg, signature, pubKey));
 35  
 36          const input = {
 37              enabled: 1,
 38              Ax: F.toObject(pubKey[0]),
 39              Ay: F.toObject(pubKey[1]),
 40              R8x: F.toObject(signature.R8[0]),
 41              R8y: F.toObject(signature.R8[1]),
 42              S: signature.S,
 43              M: F.toObject(msg)
 44          };
 45  
 46          // console.log(JSON.stringify(utils.stringifyBigInts(input)));
 47  
 48          const w = await circuit.calculateWitness(input, true);
 49  
 50          await circuit.checkConstraints(w);
 51      });
 52  
 53      it("Detect Invalid signature", async () => {
 54          const msg = F.e(1234);
 55  
 56          const prvKey = Buffer.from("0001020304050607080900010203040506070809000102030405060708090001", "hex");
 57  
 58          const pubKey = eddsa.prv2pub(prvKey);
 59  
 60  
 61          const signature = eddsa.signPoseidon(prvKey, msg);
 62  
 63          assert(eddsa.verifyPoseidon(msg, signature, pubKey));
 64          try {
 65              await circuit.calculateWitness({
 66                  enabled: 1,
 67                  Ax: F.toObject(pubKey[0]),
 68                  Ay: F.toObject(pubKey[1]),
 69                  R8x: F.toObject(F.add(signature.R8[0], F.e(1))),
 70                  R8y: F.toObject(signature.R8[1]),
 71                  S: signature.S,
 72                  M: F.toObject(msg)}, true);
 73              assert(false);
 74          } catch(err) {
 75  	    assert(err.message.includes("Assert Failed"));
 76          }
 77      });
 78  
 79  
 80      it("Test a dissabled circuit with a bad signature", async () => {
 81          const msg = F.e(1234);
 82  
 83          const prvKey = Buffer.from("0001020304050607080900010203040506070809000102030405060708090001", "hex");
 84  
 85          const pubKey = eddsa.prv2pub(prvKey);
 86  
 87  
 88          const signature = eddsa.signPoseidon(prvKey, msg);
 89  
 90          assert(eddsa.verifyPoseidon(msg, signature, pubKey));
 91  
 92          const w = await circuit.calculateWitness({
 93              enabled: 0,
 94              Ax: F.toObject(pubKey[0]),
 95              Ay: F.toObject(pubKey[1]),
 96              R8x: F.toObject(F.add(signature.R8[0], F.e(1))),
 97              R8y: F.toObject(signature.R8[1]),
 98              S: signature.S,
 99              M: F.toObject(msg)}, true);
100  
101          await circuit.checkConstraints(w);
102      });
103  });