LCOV - code coverage report
Current view: top level - flamenco/runtime/program/zksdk/instructions - fd_zksdk_pubkey_validity.c (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 0 46 0.0 %
Date: 2025-03-20 12:08:36 Functions: 0 3 0.0 % 

          Line data    Source code
       1             : #include "../fd_zksdk_private.h"
       2             : 
       3             : static inline void
       4             : pubkey_validity_transcript_init( fd_zksdk_transcript_t *                    transcript,
       5           0 :                                  fd_zksdk_pubkey_validity_context_t const * context ) {
       6           0 :   fd_zksdk_transcript_init( transcript, FD_TRANSCRIPT_LITERAL("pubkey-validity-instruction") );
       7           0 :   fd_zksdk_transcript_append_pubkey( transcript, FD_TRANSCRIPT_LITERAL("pubkey"), context->pubkey );
       8           0 : }
       9             : 
      10             : /* https://github.com/anza-xyz/agave/blob/v2.0.1/zk-sdk/src/sigma_proofs/pubkey_validity.rs#L91 */
      11             : static inline int
      12             : fd_zksdk_verify_proof_pubkey_validity(
      13             :   fd_zksdk_pubkey_validity_proof_t const * proof,
      14             :   uchar const                              pubkey[ 32 ],
      15           0 :   fd_zksdk_transcript_t *                  transcript ) {
      16             :   /*
      17             :     We need to verify the following equivalence:
      18             :         z H =?= c P + Y
      19             :     or:
      20             :         Y =?= z H - c P
      21             :   */
      22             : 
      23             :   /* Validate all inputs */
      24           0 :   uchar scalars[ 2 * 32 ];
      25           0 :   fd_ristretto255_point_t points[2];
      26           0 :   fd_ristretto255_point_t y[1];
      27           0 :   fd_ristretto255_point_t res[1];
      28             : 
      29           0 :   if( FD_UNLIKELY( fd_curve25519_scalar_validate( proof->z )==NULL ) ) {
      30           0 :     return FD_ZKSDK_VERIFY_PROOF_ERROR;
      31           0 :   }
      32             : 
      33           0 :   fd_ristretto255_point_set( &points[0], fd_zksdk_basepoint_H );
      34           0 :   if( FD_UNLIKELY( fd_ristretto255_point_decompress( &points[1], pubkey )==NULL ) ) {
      35           0 :     return FD_ZKSDK_VERIFY_PROOF_ERROR;
      36           0 :   }
      37           0 :   if( FD_UNLIKELY( fd_ristretto255_point_decompress( y, proof->y )==NULL ) ) {
      38           0 :     return FD_ZKSDK_VERIFY_PROOF_ERROR;
      39           0 :   }
      40             : 
      41             :   /* Finalize transcript and extract challenges */
      42           0 :   fd_zksdk_transcript_domsep_pubkey_proof( transcript );
      43           0 :   int val = FD_TRANSCRIPT_SUCCESS;
      44           0 :   val |= fd_zksdk_transcript_validate_and_append_point( transcript, FD_TRANSCRIPT_LITERAL("Y"), proof->y);
      45           0 :   if( FD_UNLIKELY( val != FD_TRANSCRIPT_SUCCESS ) ) {
      46           0 :     return FD_ZKSDK_VERIFY_PROOF_ERROR;
      47           0 :   }
      48             : 
      49           0 :   uchar c[ 32 ];
      50           0 :   fd_zksdk_transcript_challenge_scalar( c, transcript, FD_TRANSCRIPT_LITERAL("c") );
      51             : 
      52             :   /* Compute scalars */
      53           0 :   fd_curve25519_scalar_set( &scalars[ 0*32 ], proof->z ); //  z
      54           0 :   fd_curve25519_scalar_neg( &scalars[ 1*32 ], c );        // -c
      55             : 
      56             :   /* Compute the final MSM */
      57           0 :   fd_ristretto255_multi_scalar_mul( res, scalars, points, 2 );
      58             : 
      59           0 :   if( FD_LIKELY( fd_ristretto255_point_eq( res, y ) ) ) {
      60           0 :     return FD_EXECUTOR_INSTR_SUCCESS;
      61           0 :   }
      62           0 :   return FD_ZKSDK_VERIFY_PROOF_ERROR;
      63           0 : }
      64             : 
      65             : /* https://github.com/anza-xyz/agave/blob/v2.0.1/zk-sdk/src/zk_elgamal_proof_program/proof_data/pubkey_validity.rs#L73 */
      66             : int
      67           0 : fd_zksdk_instr_verify_proof_pubkey_validity( void const * _context, void const * _proof ) {
      68           0 :   fd_zksdk_transcript_t transcript[1];
      69           0 :   fd_zksdk_pubkey_validity_context_t const * context = _context;
      70           0 :   fd_zksdk_pubkey_validity_proof_t const *   proof   = _proof;
      71             : 
      72           0 :   pubkey_validity_transcript_init( transcript, context );
      73           0 :   return fd_zksdk_verify_proof_pubkey_validity(
      74           0 :     proof,
      75           0 :     context->pubkey,
      76           0 :     transcript
      77           0 :   );
      78           0 : }

Generated by: LCOV version 1.14