def check_mul(client, cls, xxx, yyy): check_contract_binop( client, f'mul_{bls(cls.name)}', cls.to_hex(xxx), Fr.to_hex(yyy), cls.to_hex(cls.mul(xxx, yyy)), )
def run_pairing_property_contract(client): g1 = G1.random() g2 = G2.random() a = Fr.random() b = Fr.random() ab = a * b # e(g1^a, g2^b) * e(g1, g2^-ab) = 1 args = [(G1.mul(g1, a), G2.mul(g2, b)), (g1, G2.neg(G2.mul(g2, ab)))] # check if equality holds result = pairing_check(args) assert result stack_args = [(G1.to_hex(g1), G2.to_hex(g2)) for g1, g2 in args] stack_args = [f'Pair {g1} {g2}' for g1, g2 in stack_args] stack_args = f'{{ {"; ".join(stack_args)} }}' print("CONTRACT: ", CONTRACTS['pairing_check']) print("STACK ARGS: ", stack_args) check_contract(client, CONTRACTS['pairing_check'], stack_args, result)
def test_signature_aggregation(self, client_regtest): for _ in RANDOM_ITERATIONS: sk0 = Fr.random(self.gen) # secret key pk0 = G2.mul(G2.one, sk0) # public key # we don't have hash-to-curve on g1, so compute a random point msg_hash = G1.random(self.gen) # message hash sig0 = G1.mul(msg_hash, sk0) # signature args0 = [(msg_hash, pk0), (G1.neg(sig0), G2.one)] check_pairing_check(client_regtest, args0) sk1 = Fr.random(self.gen) # secret key pk1 = G2.mul(G2.one, sk1) # public key # we don't have hash-to-curve on g1, so compute a random point sig1 = G1.mul(msg_hash, sk1) # signature args1 = [ (G1.add(msg_hash, msg_hash), G2.add(pk0, pk1)), (G1.neg(G1.add(sig0, sig1)), G2.add(G2.one, G2.one)), ] check_pairing_check(client_regtest, args1)
def test_mul_random_random(self, client_regtest, cls): for _ in RANDOM_ITERATIONS: check_mul(client_regtest, cls, cls.random(self.gen), Fr.random(self.gen))