def test_1(self):
for main_secret_exponent in range(500, 600):
hidden_puzzle_hash = DEFAULT_HIDDEN_PUZZLE.get_tree_hash()
main_pubkey = G1Element.generator() * main_secret_exponent
offset = calculate_synthetic_offset(main_pubkey,
hidden_puzzle_hash)
offset_pubkey = G1Element.generator() * offset
spk1 = main_pubkey + offset_pubkey
spk2 = calculate_synthetic_public_key(main_pubkey,
hidden_puzzle_hash)
assert spk1 == spk2
return 0
def op_pubkey_for_exp(args):
(i0, ) = args_as_int_list("pubkey_for_exp", args, 1)
i0 %= 0x73EDA753299D7D483339D80809A1D80553BDA402FFFE5BFEFFFFFFFF00000001
try:
r = args.to(bytes(G1Element.generator() * i0))
cost = PUBKEY_BASE_COST
cost += limbs_for_int(i0) // PUBKEY_COST_PER_BYTE_DIVIDER
return cost, r
except Exception as ex:
raise EvalError("problem in op_pubkey_for_exp: %s" % ex, args)
def aggregate_verify(pks: List[G1Element],
msgs: List[bytes],
sig: G2Element,
force_cache: bool = False,
cache: LRUCache = LOCAL_CACHE):
pairings: List[GTElement] = get_pairings(cache, pks, msgs, force_cache)
if len(pairings) == 0:
return AugSchemeMPL.aggregate_verify(pks, msgs, sig)
pairings_prod: GTElement = functools.reduce(GTElement.__mul__, pairings)
return pairings_prod == sig.pair(G1Element.generator())
def op_point_add(items):
cost = POINT_ADD_BASE_COST
p = G1Element.generator() * 0
for _ in items.as_iter():
try:
p += G1Element.from_bytes(_.as_atom())
cost += POINT_ADD_COST_PER_ARG
except Exception as ex:
raise EvalError("point_add expects blob, got %s: %s" % (_, ex),
items)
return cost, items.to(p)
def test():
b1 = BN([1, 2])
b2 = BN([3, 1, 4, 1, 5, 9])
i1 = int.from_bytes(bytes([1, 2]), byteorder='big', signed=False)
i2 = int.from_bytes(bytes([3,1,4,1,5,9]), byteorder='big', signed=False)
g1 = G1.generator()
g2 = G2.generator()
u1 = G1() # unity
u2 = G2()
x1 = g1 * b1
x2 = g1 * b2
y1 = g2 * b1
y2 = g2 * b2
# Implicit conversion from python ints to BNWrapper
assert x1 == g1 * i1 == i1 * g1
assert x2 == g1 * i2 == i2 * g1
assert y1 == g2 * i1 == i1 * g2
assert y2 == g2 * i2 == i2 * g2
# G1
assert x1 != x2
assert x1 * b1 == b1 * x1
assert x1 * b1 != x1 * b2
assert x1 + u1 == x1
assert x1 + x2 == x2 + x1
assert x1 + x1.inverse() == u1
# G2
assert y1 != y2
assert y1 * b1 == b1 * y1
assert y1 * b1 != y1 * b2
assert y1 + u2 == y1
assert y1 + y2 == y2 + y1
assert y1 + y1.inverse() == u2
# pairing operation
pair = x1 & y1
assert pair != x1 & y2
assert pair != x2 & y1
assert pair == x1.pair(y1)
def test_elements():
b1 = BNWrapper([1, 2])
b2 = BNWrapper([3, 1, 4, 1, 5, 9])
i1 = int.from_bytes(bytes([1, 2]), byteorder="big")
i2 = int.from_bytes(bytes([3, 1, 4, 1, 5, 9]), byteorder="big")
g1 = G1Element.generator()
g2 = G2Element.generator()
u1 = G1Element.infinity() # unity
u2 = G2Element.infinity()
# Does not allow construction
try:
i = G1Element()
assert False
except Exception:
pass
try:
i = G2Element()
assert False
except Exception:
pass
x1 = g1 * b1
x2 = g1 * b2
y1 = g2 * b1
y2 = g2 * b2
# Implicit conversion from python ints to BNWrapperWrapperWrapper
assert x1 == g1 * i1 == i1 * g1
assert x2 == g1 * i2 == i2 * g1
assert y1 == g2 * i1 == i1 * g2
assert y2 == g2 * i2 == i2 * g2
# G1
assert x1 != x2
assert x1 * b1 == b1 * x1
assert x1 * b1 != x1 * b2
assert x1 + u1 == x1
assert x1 + x2 == x2 + x1
assert x1 + x1.negate() == u1
assert x1 == G1Element(bytes(x1))
copy = deepcopy(x1)
assert x1 == copy
x1 += x2
assert x1 != copy
# G2
assert y1 != y2
assert y1 * b1 == b1 * y1
assert y1 * b1 != y1 * b2
assert y1 + u2 == y1
assert y1 + y2 == y2 + y1
assert y1 + y1.negate() == u2
assert y1 == G2Element(bytes(y1))
copy = deepcopy(y1)
assert y1 == copy
y1 += y2
assert y1 != copy
# pairing operation
pair = x1 & y1
assert pair != x1 & y2
assert pair != x2 & y1
assert pair == x1.pair(y1)
assert pair == GTElement(bytes(pair))
copy = deepcopy(pair)
assert pair == copy
pair = None
assert pair != copy
def create_throwaway_pubkey(seed: bytes) -> G1Element:
return G1Element.generator()
def test_schemes():
# fmt: off
seed = bytes([
0, 50, 6, 244, 24, 199, 1, 25, 52, 88, 192, 19, 18, 12, 89, 6, 220, 18,
102, 58, 209, 82, 12, 62, 89, 110, 182, 9, 44, 20, 254, 22
])
# fmt: on
msg = bytes([100, 2, 254, 88, 90, 45, 23])
msg2 = bytes([1, 2, 3, 4, 5, 6, 7, 8, 9, 10])
sk = BasicSchemeMPL.key_gen(seed)
pk = sk.get_g1()
assert sk == PrivateKey.from_bytes(bytes(sk))
assert pk == G1Element.from_bytes(bytes(pk))
for Scheme in (BasicSchemeMPL, AugSchemeMPL, PopSchemeMPL):
sig = Scheme.sign(sk, msg)
assert sig == G2Element.from_bytes(bytes(sig))
assert Scheme.verify(pk, msg, sig)
seed = bytes([1]) + seed[1:]
sk1 = BasicSchemeMPL.key_gen(seed)
pk1 = sk1.get_g1()
seed = bytes([2]) + seed[1:]
sk2 = BasicSchemeMPL.key_gen(seed)
pk2 = sk2.get_g1()
for Scheme in (BasicSchemeMPL, AugSchemeMPL, PopSchemeMPL):
# Aggregate same message
agg_pk = pk1 + pk2
if Scheme is AugSchemeMPL:
sig1 = Scheme.sign(sk1, msg, agg_pk)
sig2 = Scheme.sign(sk2, msg, agg_pk)
else:
sig1 = Scheme.sign(sk1, msg)
sig2 = Scheme.sign(sk2, msg)
agg_sig = Scheme.aggregate([sig1, sig2])
assert Scheme.verify(agg_pk, msg, agg_sig)
# Aggregate different message
sig1 = Scheme.sign(sk1, msg)
sig2 = Scheme.sign(sk2, msg2)
agg_sig = Scheme.aggregate([sig1, sig2])
assert Scheme.aggregate_verify([pk1, pk2], [msg, msg2], agg_sig)
# Manual pairing calculation and verification
if Scheme is AugSchemeMPL:
# AugSchemeMPL requires prepending the public key to message
aug_msg1 = bytes(pk1) + msg
aug_msg2 = bytes(pk2) + msg2
else:
aug_msg1 = msg
aug_msg2 = msg2
pair1 = pk1.pair(Scheme.g2_from_message(aug_msg1))
pair2 = pk2.pair(Scheme.g2_from_message(aug_msg2))
pair = pair1 * pair2
agg_sig_pair = G1Element.generator().pair(agg_sig)
assert pair == agg_sig_pair
# HD keys
child = Scheme.derive_child_sk(sk1, 123)
childU = Scheme.derive_child_sk_unhardened(sk1, 123)
childUPk = Scheme.derive_child_pk_unhardened(pk1, 123)
sig_child = Scheme.sign(child, msg)
assert Scheme.verify(child.get_g1(), msg, sig_child)
sigU_child = Scheme.sign(childU, msg)
assert Scheme.verify(childUPk, msg, sigU_child)
import unittest
from blspy import G1Element, PrivateKey
bls12_381_generator = G1Element.generator()
class BLS12_381_Test(unittest.TestCase):
def test_stream(self):
for _ in range(1, 64):
p = PrivateKey.from_bytes(_.to_bytes(32, "big")).get_g1()
blob = bytes(p)
p1 = G1Element.from_bytes(blob)
self.assertEqual(len(blob), 48)
self.assertEqual(p, p1)
