UNPKG

@ieigen/zkzru

Version:

An implementation of [ZK-ZKRollup](https://github.com/ieigen/ZKZRU) in which the relayer **does not** publish transaction data to the main chain, but only publishes the new Merkle root at every update. This provides gas savings but not data availability g

42 lines (35 loc) 1.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
const ffj = require("ffjavascript"); const buildEddsa = require("circomlibjs").buildEddsa; const buildPoseidon = require("circomlibjs").buildPoseidon; const buildBabyjub = require("circomlibjs").buildBabyjub; const ethers = require("ethers"); const crypto = require("crypto"); module.exports = class TwistedElGamal { constructor(babyJub, eddsa) { this.babyJub = babyJub; this.eddsa = eddsa; } random(size) { return ethers.utils.randomBytes(size) } pubkey(sk) { return this.eddsa.prv2pub(sk) } encrypt(publicKey, H, amount) { const buf = crypto.randomBytes(32); const r = ffj.Scalar.shr(ffj.Scalar.fromRprLE(buf, 0, 32), 3) let c_l = this.babyJub.mulPointEscalar(publicKey, r) let c_r = this.babyJub.addPoint( this.babyJub.mulPointEscalar(this.babyJub.Base8, r), this.babyJub.mulPointEscalar(H, amount) ); return { r: r, c_l: c_l, c_r: c_r } } decrypt(sk, c_l, c_r) { throw new Exception("not implemented") } }