Skip to content

Instantly share code, notes, and snippets.

View notnotraju's full-sized avatar

Raju Krishnamoorthy notnotraju

View GitHub Profile
@notnotraju
notnotraju / zkhackIVpuzzle3.md
Last active April 25, 2024 07:52
description for zkhack IV puzzle 3 solution

Write-up for ZK Hack IV puzzle 3

1. Authenticated Encryption

Suppose we have two chimpanzees: Flint and Goliath. Flint wants to send Goliath a message $m$ on a public channel with the following desiderata:

  • No ape other than Goliath should be able to figure out what $m$ is; and
  • Goliath should be sure that it was indeed Flint who sent him the message.

There is a well-accepted solution to this type of problem: combining public key encryption schemes and digital signature schemes. More precisely: Goliath has a public encryption key $pk_{G,enc}$ and a secret decryption key $sk_{G,dec}$, while Flint has a secret signing key $sk_{F,sign}$ and a public verification key $pk_{F,ver}$. The protocol works as follows: Flint first encrypts $m$ with respect to Goliath's public encryption key and then signs the resulting encrypted message with his private signing key.

Flint->Goliath: $x:=Enc(m, pk_{G,enc})$
Flint->Goliath: $\sigma:=Sign(x, sk_{F,sign})$
@notnotraju
notnotraju / main.rs
Created January 31, 2024 00:02
solution for zkhack IV puzzle 3
use ark_bls12_381::{g2::Config, Bls12_381, Fr, G1Affine, G1Projective, G2Affine, G2Projective};
use ark_ec::{
hashing::{curve_maps::wb::WBMap, map_to_curve_hasher::MapToCurveBasedHasher, HashToCurve},
pairing::Pairing,
CurveGroup, Group,
};
use ark_ff::field_hashers::DefaultFieldHasher;
use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
use sha2::Sha256;
use std::{fs::File, io::Read, ops::Mul};
@notnotraju
notnotraju / zkhackIVpuzzle2.md
Last active February 5, 2024 16:07
description for zkhack IV, puzzle 2

Write-up for ZK Hack IV puzzle 2

1. BLS signatures

We briefly recall BLS signatures, following the summary given in section 1 of this article (from which we steal much of the notation, the organization, and also the LaTex). Our notation conforms to the notation in the puzzle

Let $$e\colon \mathbb G_1\times \mathbb G_2\rightarrow \boldsymbol{\mu}$$ be a non-degenerate bilinear map, with standard cryptographic assumptions. All groups in question have prime order $r$. In this note, group operations in $\mathbb G_i$ and $\boldsymbol{\mu}$ are written multiplicatively, while the group operation in the group $(\mathbb F_r,+)$ is writtenly additively.

Let $H\colon \mathcal M\rightarrow \mathbb G_2$ be a hash function from the space of messages $\mathcal M$ to $\mathbb G_2$. Let $g_i$ be a generator of $\mathbb G_i$ for $i=1,2$. BLS works as follows.

Key generation