search

Consensys / gnark-crypto

gnark-crypto provides elliptic curve and pairing-based cryptography on BN, BLS12, BLS24 and BW6 curves. It also provides various algorithms (algebra, crypto) of particular interest to zero knowledge proof systems.
Apache License 2.0
505 stars 163 forks source link

EdDSA signature process with MIMC_BN254 results in Error: "invalid fr.Element encoding" #387

Closed drakstik closed 1 year ago

drakstik commented 1 year ago

So I'm trying something that seems like it should be working, but do not know why I get the output I get. Any help would be appreciated.

In my main function I run:

// instantiate hash function
    hFunc := hash.MIMC_BN254.New()

    // create a eddsa key pair
    randBytes := []byte{4}
    _, err := rand.Read(randBytes)
    if err != nil {
        fmt.Println("Error while creating random bytes:" + err.Error())
    }

    privateKey, err := eddsa.New(twistededwards.BN254, rand.Reader)
    if err != nil {
        fmt.Println("Error while creating EdDSA private key" + err.Error())
    }
    publicKey := privateKey.Public()

    // note that the message is on 4 bytes
    msg := []byte{0xde, 0xad, 0xf0, 0x0d}

    msg = padBytes(msg, 32)

    // sign the message
    signature, err := privateKey.Sign(msg, hFunc)
    if err != nil {
        fmt.Println("Error while creating signature:" + err.Error())
    }

    // verifies signature
    isValid, err := publicKey.Verify(signature, msg, hFunc)
    if err != nil {
        fmt.Println("Error while verifying sig, msg:" + err.Error())
    }

    if !isValid {
        fmt.Println("1. invalid signature")
    } else {
        fmt.Println("1. valid signature")
    }

I get this output, which seems to me like it is not working appropriately. Would appreciate any help with understanding why the signature is invalid and why I get those two errors.

Error while creating signature: invalid fr.Element encoding
Error while verifying sig, msg: short buffer
1. invalid signature
drakstik commented 1 year ago

Changed my code to this instead:


// instantiate hash function
hFunc := hash.MIMC_BN254.New()

// create a eddsa key pair
privateKey, _ := eddsa.GenerateKey(rand.Reader)
publicKey := privateKey.PublicKey

// // generate a message (the size must be a multiple of the size of Fr)
// var _msg fr.Element
// _msg.SetRandom()
// msg := _msg.Marshal()
msg := []byte{0xde, 0xad, 0xf0, 0x0d}
var msgFr fr.Element
msgFr.SetBytes(msg)
msg = msgFr.Marshal()

// sign the message
signature, _ := privateKey.Sign(msg, hFunc)

// verifies signature
isValid, _ := publicKey.Verify(signature, msg, hFunc)
if !isValid {
fmt.Println("1. invalid signature")
} else {
fmt.Println("1. valid signature")
}```

And that did the trick. Sorry for the silly question :)
drakstik commented 1 year ago

I had issues with eddsa.GenerateKey(), changed it to gnark-crypto's eddsa.New(). Have to import "github.com/consensys/gnark-crypto/signature/eddsa"

import ceddsa "github.com/consensys/gnark-crypto/signature/eddsa"

// instantiate hash function
    hFunc := hash.MIMC_BN254.New()

    // create a eddsa key pair
    privateKey, _ := ceddsa.New(1, rand.Reader) // secret
    publicKey := privateKey.Public()

    // generate a message (the size must be a multiple of the size of Fr)
    msg := []byte{0xde, 0xad, 0xf0, 0x0d}
    var msgFr fr.Element
    msgFr.SetBytes(msg)
    msg = msgFr.Marshal()

    // sign the message
    signature, _ := privateKey.Sign(msg, hFunc)

    // verifies signature
    isValid, _ := publicKey.Verify(signature, msg, hFunc)
    if !isValid {
        fmt.Println("1. invalid signature")
    } else {
        fmt.Println("1. valid signature")
    }