How to add public keys (EC points)?

[tuphan-dn]

I would like to add 2 public keys and found an add function in tweetnacl. Unfortunately, there is no docs or comments on that function for people to understand how to use it. Really appreciate if anyone could guide me.

[CMEONE]

I'm guessing you're referring to the nacl.lowlevel.add function, we don't have documentation/comments for those low-level functions for the following reason (from @dchest):

To be fair, I would like to avoid exposing internals at all — they are mostly translated from the C code without proper JS conventions, and require a lot of care to use correctly; they should have a properly designed API. I wanted to eventually remove all .lowlevel stuff, but since people already started building on top of it, it will break third-party packages.

I'm not super familiar with the low-level functions, but if you are willing to share what your application is trying to accomplish, we might be able to help you figure out a good way to achieve what you want using higher-level functions or libraries.

[tuphan-dn]

First of all, appreciate your support @CMEONE . I want to build a simple zero-knowledge proof by nacl apis, which is very lightweight and fast. So to implement a homomorphic addition, I would like to know how to use nacl.lowlevel.add to add 2 points on the curve.

[CMEONE]

simple zero-knowledge proof

Haha I don't think I've ever heard "simple" and "zero-knowledge proof" used next to each other!

If you're looking into homomorphic encryption, I'm not sure that TweetNaCl is the best library for that, especially if you're trying to use undocumented, low-level functions for it (these functions should be avoided if at all possible, and the only reason that they have not been removed from the public API interface is because of backwards compatibility). Perhaps this list of homomorphic encryption libraries might help you find a library with a high-level interface for what you want to do, also you may want to take a look at a JS/WASM port of Microsoft SEAL.

[tuphan-dn]

@CMEONE Oh, actually I need to implement my owned zk solution, which is novel. The things I would like to inherit from nacl are the elliptic curve ed25519 and the finite field operation. If you know some cool lib that serve the functions, please suggest me. I have searched around but seems nacl is the most suitable to me. Many thanks @CMEONE

[CMEONE]

Ah ok, @dchest may be able to provide further guidance on how best to use the internal functions and which ones are the right ones for your use case, although I will note that "cooking your own crypto" is generally frowned upon, so you should ensure that your novel zk solution is being designed by highly experienced cryptographers and is well tested and audited before being used in a production environment.

[tuphan-dn]

haha for sure, thank you so much @CMEONE 😊🙏