Skip to content

Instantly share code, notes, and snippets.

View HarryR's full-sized avatar
🏴‍☠️
My time travel machine is stuck at 60 seconds per minute

HaRold HarryR

🏴‍☠️
My time travel machine is stuck at 60 seconds per minute
336 followers · 428 following
View GitHub Profile
@HarryR
HarryR / mimcsponge.py
Created June 26, 2019 12:51
implements MiMC-2n/n as hash using a sponge construction.
# Based on https://github.com/kobigurk/circomlib/blob/feature/mimcsponge/circuits/mimcsponge.circom
from sha3 import keccak_256
SNARK_SCALAR_FIELD = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001
DEFAULT_SEED = b"mimcsponge"
DEFAULT_ROUNDS = 220
DEFAULT_p = SNARK_SCALAR_FIELD
@HarryR
HarryR / jubjub-naf.sol
Created June 11, 2019 21:08
2-bit NAF window, for JubJub Scalar Multiply
function scalarMultNAF(uint256 x, uint256 y, uint256 value)
internal view returns (uint256, uint256)
{
uint256 booth_double = 2*value;
require( booth_double > value );
uint256 a = 1<<255;
uint256 i = 0xFF;
// Window, [-1, R, 1], where R stores the result/accumulator
@HarryR
HarryR / wnaf-counts.txt
Created June 9, 2019 16:33
Reducing the number of point operations using wNAF
>>> FQ._reset_counts()
>>> mult_naf(Point.generator().as_etec(), x).as_point()
Point(x=18987354351012593630129515515975733900217139077132107335425740392119527171078, y=11428057720979390895821506067617152623056492299921105588788883268262875559933)
>>> FQ._print_counts()
add = 768
inv = 1
mul = 3491
@HarryR
HarryR / LZ19.py
Created June 5, 2019 22:21
https://eprint.iacr.org/2019/262.pdf
RandomBinaryVector = lambda length: vector(G, [randint(0,1) for _ in range(length)])
EuclideanNorm = lambda _: int(sqrt(sum([int(i)**2 for i in _])))
n = k = 128
q = 1244142437461793964053
m = 9088
beta = 9.71468927453313e18
G = GF(q)
A = MatrixSpace(G, n, m).random_element()
@HarryR
HarryR / bls.py
Created May 24, 2019 11:49
BLS signatures for Python / Ethereum (WIP)
from functools import reduce
import binascii
from os import urandom
from py_ecc.bn128 import *
from sha3 import keccak_256
"""
Implements BLS signatture aggregation as described at:
https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html
@HarryR
HarryR / secd.py
Created May 22, 2019 21:54
Implements the SECD machine in Python using Pampy
# https://webdocs.cs.ualberta.ca/~you/courses/325/Mynotes/Fun/SECD-slides.html
from pampy import match, ANY, REST
CAR = lambda s: [s[0][0]] + s[1:]
CDR = lambda s: [s[0][1:]] + s[1:]
ADD = lambda s: [s[0] + s[1]] + s[2:]
MUL = lambda s: [s[0] * s[1]] + s[2:]
DIV = lambda s: [s[0] / s[1]] + s[2:]
EQ = lambda s: [s[0] == s[1]] + s[2:]
@HarryR
HarryR / BrokenSISAccumulator.py
Last active May 10, 2019 16:36
Work-in-progress, experimenting with SIS over prime fields
# Papers
#
# https://cims.nyu.edu/~regev/papers/average.pdf
# https://eccc.weizmann.ac.il/eccc-reports/1996/TR96-007/Paper.pdf (Ajtai's paper)
# https://eprint.iacr.org/2018/857.pdf
#
# https://web.eecs.umich.edu/~cpeikert/pubs/slides-abit5.pdf
# - notes that column-wise multiplication is not sure
# - not collision resistant
#
@HarryR
HarryR / MillerRabin.sol
Last active October 18, 2022 08:04
Miller Rabin probabilistic primality test for Solidity, and RSA-2048 modexp
pragma solidity ^0.5.0;
contract MillerRabin
{
function modexp_rsa2048(uint256[8] memory b, uint256 e)
public view returns(uint256[8] memory result)
{
bool success;
assembly {
let freemem := mload(0x40)
@HarryR
HarryR / finding-pairing-friendly-curve-params.md
Last active February 28, 2019 20:47
Notes and Guides for finding pairing-friendly elliptic curves
@HarryR
HarryR / avoid-builtin-one-zero.py
Created February 22, 2019 15:16
Using *only* R1CS constraints to algebraically prove that one is non-zero etc.
from copy import copy
from ethsnarks.field import FQ
def validate_one_zero(one, zero, negone):
# Eliminates the case one=0, zero=1
if one * zero != zero:
return False
# Eliminates the case one=1, zero=1