Forked from JacobEberhardt/ZoKrates Proof of Private Key Ownership
Created
April 9, 2019 14:54
-
-
Save Schaeff/b015deaae607a15ae01a69ded9d5bffb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import "ecc/edwardsAdd.code" as add | |
import "ecc/edwardsScalarMult.code" as multiply | |
import "utils/pack/unpack256.code" as unpack256 | |
/// Verifies match of a given public/private keypair. | |
/// | |
/// Checks if the following equation holds for the provided keypair: | |
/// pk = sk*G | |
/// where G is the chosen base point of the subgroup | |
/// and * denotes scalar multiplication in the subgroup | |
/// | |
/// Arguments: | |
/// pk: Curve point. Public key. | |
/// sk: Field element. Private key. | |
/// context: Curve parameters (including generator G) used to create keypair. | |
/// | |
/// Returns: | |
/// Return 1 for pk/sk being a valid keypair, 0 otherwise. | |
def main(field[2] pk, private field sk, field[10] context) -> (field): | |
field[2] G = [context[4], context[5]] | |
field[256] skBits = unpack256(sk) | |
field[2] ptExp = multiply(skBits, G, context) | |
field out = if ptExp[0] == pk[0] && ptExp[1] == pk[1] then 1 else 0 fi | |
return out |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment