UNPKG

bls-sign

Version:

BLS threshold signatures creation and verification

github.com/wa1one/bls-sign

wa1one/bls-sign

1 lines • 24.3 kB

JavaScript

!function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e(require("alg-field"),require("bigint-crypto-utils")):"function"==typeof define&&define.amd?define(["alg-field","bigint-crypto-utils"],e):"object"==typeof exports?exports["bls-sign"]=e(require("alg-field"),require("bigint-crypto-utils")):t["bls-sign"]=e(t["alg-field"],t["bigint-crypto-utils"])}(global,(function(t,e){return n={506:(t,e,n)=>{function i(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function r(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function u(t,e,n){return e&&r(t.prototype,e),n&&r(t,n),t}function l(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}var s=n(115),o=n(26).Point2,a=n(360),f=n(2),c=f.BN128Fp,y=f.BN128Fp2,h=n(854).PairingCheck,p=function(){function t(e){var n=this;if(i(this,t),l(this,"toString",(function(){return n.s.toString()})),e)this.s=BigInt(e);else{var r=s.randBytesSync(1);this.s=BigInt(r[0])}}return u(t,[{key:"getPublicKey",value:function(){var t=new d;return t.init(this.s),t}},{key:"sign",value:function(t){var e=new b;return e.sH=t.multiply(this.s),this.id&&(e.id=this.id),e}},{key:"getMasterSecretKey",value:function(e){if(e<=1)throw Error("bad k "+e);var n=new Array(e);n[0]=this;for(var i=1;i<e;i++)n[i]=new t;return n}},{key:"share",value:function(e,n){for(var i=this.getMasterSecretKey(n),r=new Array(e),u=new Array(e),l=0;l<e;l++){var s=l+1;u[l]=s,r[l]=new t,r[l].s=v.eval(i,BigInt(s)),r[l].id=s}return r}},{key:"recover",value:function(t){this.s=v.lagrange(t),this.id=0}}]),t}(),b=function(){function t(){i(this,t)}return u(t,[{key:"recover",value:function(t,e){return this.sH=v.lagrange(t,e),this}},{key:"toString",value:function(){return this.sH.toString()}}]),t}(),d=function(){function t(e,n){i(this,t),this.sQ=n.multiply(e.s)}return u(t,[{key:"toString",value:function(){return this.sQ.toString()}}]),t}(),v=function(){function t(){i(this,t)}return u(t,null,[{key:"init",value:function(t,e){if(e<2)throw Error("bad k "+e);this.c=new Array(e),this.c[0]=t;for(var n=1;n<this.c.length;n++){var i=s.randBytesSync(1);this.c[n]=BigInt(i[0])}}},{key:"eval",value:function(t,e){for(var n=0n,i=0;i<t.length;i++)n+=t[i].s*Math.pow(e,BigInt(i));return n}},{key:"calcDelta",value:function(t){var e=t.length;if(e<2)throw Error("bad size"+e);for(var n=new Array(e),i=BigInt(t[0]),r=1;r<e;r++)i*=BigInt(t[r]);for(var u=0;u<e;u++){for(var l=BigInt(t[u]),s=0;s<e;s++)if(s!==u){var o=BigInt(t[s])-BigInt(t[u]);if(0n===o)throw Error("S has same id"+u+" "+s);l*=o}n[u]=i/l}return n}},{key:"lagrange",value:function(e,n){for(var i=new Array(e.length),r=0;r<e.length;r++)i[r]=e[r].id;for(var u=t.calcDelta(i),l=e[0].s?0n:new o(n),s=0;s<u.length;s++)l+=e[s].s?e[s].s*u[s]:e[s].sH*u[s];return l}}]),t}(),m=function(){function t(e){var n=this;i(this,t),l(this,"getRandomPointOnE",(function(){return n.G.multiply(s.randBetween(Math.pow(2n,2n)*BigInt(a.p.bitLength())))})),l(this,"getRandomPointOnEt",(function(){return n.G2.multiply(s.randBetween(Math.pow(2n,2n)*BigInt(a.p.bitLength())))})),l(this,"getPairing",(function(){return n.pair})),l(this,"getParameters",(function(){return n.bn})),l(this,"sign",(function(t,e){return t.multiply(e)})),this.G=c.create(1n,2n),this.G2=y.create(10857046999023057135944570762232829481370756359578518086990519993285655852781n,11559732032986387107991004021392285783925812861821192530917403151452391805634n,8495653923123431417604973247489272438418190587263600148770280649306958101930n,4082367875863433681332203403145435568316851327593401208105741076214120093531n)}return u(t,[{key:"verify",value:function(t,e,n,i){var r=h.create();r.addPair(n.sQ,e),r.run();var u=h.create();return u.addPair(t,i.sH),u.run(),r.result().eq(u.result())}}]),t}();t.exports={BLSSigner:m,BLSSecretKey:p,BLSSignature:b,BLSPublicKey:d,BLSPolynomial:v,Parameters:a}},2:(t,e,n)=>{function i(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function r(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function u(t,e,n){return e&&r(t.prototype,e),n&&r(t,n),t}function l(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}var s=n(882),o=s.Field,a=s.Fp2,f=function(){function t(e,n,r){var u=this;i(this,t),l(this,"neg",(function(){return new t(u.x,u.y.negate(),u.z)})),l(this,"isZero",(function(){return u.z.isZero()})),l(this,"toString",(function(){return"".concat(u.x.toString(),", ").concat(u.y.toString(),", ").concat(u.z.toString())})),e instanceof o&&n instanceof o&&r instanceof o&&(this.x=e,this.y=n,this.z=r)}return u(t,[{key:"toAffine",value:function(){if(this.isZero())return zero=t.ZERO,new BN128(zero.x,o._1,zero.z);var e=this.z.inverse(),n=e.square(),i=n.multiply(e);return new t(this.x.multiply(n),this.y.multiply(i),o._1)}},{key:"toEthNotation",value:function(){var e=this.toAffine();return e.isZero()?t.ZERO:e}},{key:"isOnCurve",value:function(){if(this.isZero())return!0;var e=this.z.square().multiply(this.z).square(),n=this.y.square(),i=this.x.square().multiply(this.x).add(t.B.multiply(e));return n.eq(i)}},{key:"add",value:function(e){if(this.isZero())return e;if(e.isZero())return this;var n=this.x,i=this.y,r=this.z,u=e.x,l=e.y,s=e.z,o=r.square(),a=s.square(),f=n.multiply(a),c=u.multiply(o),y=r.multiply(o),h=s.multiply(a),p=i.multiply(h),b=l.multiply(y);if(f.eq(c)&&p.eq(b))return this.double();var d=c.subtract(f),v=d.double().square(),m=d.multiply(v),w=b.subtract(p).double(),g=f.multiply(v),E=r.add(s).square().subtract(r.square()).subtract(s.square()),x=w.square().subtract(m).subtract(g.double());return new t(x,g.subtract(x).multiply(w).subtract(p.multiply(m).double()),E.multiply(d))}},{key:"multiply",value:function(e){if(0n==e)return t.ZERO;if(this.isZero())return this;for(var n=t.ZERO,i=e.bitLength()-1;i>=0;i--)n=n.double(),e.testBit(i)&&(n=n.add(this));return n}},{key:"double",value:function(){if(this.isZero())return this;var e=this.x.square(),n=this.y.square(),i=n.square(),r=this.x.add(n).square().subtract(e).subtract(i);r=r.add(r);var u=e.add(e).add(e),l=u.square().subtract(r.add(r));return new t(l,u.multiply(r.subtract(l)).subtract(i.double().double().double()),this.y.multiply(this.z).double())}},{key:"isValid",value:function(){return!(!this.x instanceof o||!this.y instanceof o||!this.z instanceof o||!this.isOnCurve())}},{key:"eq",value:function(e){if(this===e)return!0;if(!(e instanceof t))return!1;var n=e;return!!(null!=this.x?this.x.eq(n.x):null==n.x)&&!!(null!=this.y?this.y.eq(n.y):null==n.y)&&!(null!=this.z?!this.z.eq(n.z):null!=n.z)}},{key:"toString",value:function(){return this.x.toString()+" "+this.y.toString()+" "+this.z.toString()}}],[{key:"create",value:function(e,n){var i=new o(e),r=new o(n);if(i.isZero()&&r.isZero())return BN128.ZERO;var u=new t(i,r,o._1);return u.isValid()?u:null}}]),t}();l(f,"n",21888242871839275222246405745257275088548364400416034343698204186575808495617n),l(f,"ZERO",new f(o._0,o._0,o._0)),l(f,"B",new o(3n));var c=function(){function t(e,n,r){var u=this;i(this,t),l(this,"isZero",(function(){return u.z.isZero()})),e instanceof a&&n instanceof a&&r instanceof a&&(this.x=e,this.y=n,this.z=r)}return u(t,[{key:"toAffine",value:function(){if(this.isZero())return zero=zero(),new t(zero.x,a._1,zero.z);var e=this.z.inverse(),n=e.square(),i=n.multiply(e);return new t(this.x.multiply(n),this.y.multiply(i),a._1)}},{key:"toEthNotation",value:function(){var e=this.toAffine();return e.isZero()?t.ZERO:e}},{key:"isOnCurve",value:function(){if(this.isZero())return!0;var e=this.z.square().multiply(this.z).square(),n=this.y.square(),i=this.x.square().multiply(this.x).add(t.B_Fp2.multiply(e));return n.eq(i)}},{key:"add",value:function(e){if(this.isZero())return e;if(e.isZero())return this;var n=this.x,i=this.y,r=this.z,u=e.x,l=e.y,s=e.z,o=r.square(),a=s.square(),f=n.multiply(a),c=u.multiply(o),y=r.multiply(o),h=s.multiply(a),p=i.multiply(h),b=l.multiply(y);if(f.eq(c)&&p.eq(b))return this.double();var d=c.subtract(f),v=d.double().square(),m=d.multiply(v),w=b.subtract(p).double(),g=f.multiply(v),E=r.add(s).square().subtract(r.square()).subtract(s.square()),x=w.square().subtract(m).subtract(g.double());return new t(x,g.subtract(x).multiply(w).subtract(p.multiply(m).double()),E.multiply(d))}},{key:"multiply",value:function(e){if("bigint"!=typeof e&&(e=BigInt(e)),0n==e)return t.ZERO;if(this.isZero())return this;for(var n=t.ZERO,i=e.bitLength()-1;i>=0;i--)n=n.double(),e.testBit(i)&&(n=n.add(this));return n}},{key:"double",value:function(){if(this.isZero())return this;var e=this.x.square(),n=this.y.square(),i=n.square(),r=this.x.add(n).square().subtract(e).subtract(i);r=r.add(r);var u=e.add(e).add(e),l=u.square().subtract(r.add(r));return new t(l,u.multiply(r.subtract(l)).subtract(i.double().double().double()),this.y.multiply(this.z).double())}},{key:"isValid",value:function(){return!(!this.x instanceof a||!this.y instanceof a||!this.z instanceof a)&&this.isOnCurve()}},{key:"toString",value:function(){return"["+this.x.toString()+", "+this.y.toString()+", "+this.z.toString()+"]"}},{key:"eq",value:function(e){if(this===e)return!0;if(!(e instanceof t))return!1;var n=e;return!!(null!=this.x?this.x.eq(n.x):null==n.x)&&!!(null!=this.y?this.y.eq(n.y):null==n.y)&&!(null!=this.z?!this.z.eq(n.z):null!=n.z)}},{key:"mulByP",value:function(){var e=t.TWIST_MUL_BY_P_X.multiply(this.x.frobeniusMap(1n)),n=t.TWIST_MUL_BY_P_Y.multiply(this.y.frobeniusMap(1n));return new t(e,n,this.z.frobeniusMap(1n))}}],[{key:"create",value:function(e,n,i,r){var u=new a(new o(e),new o(n)),l=new a(new o(i),new o(r));if(u.isZero()&&l.isZero())return t.ZERO;var s=new t(u,l,a._1);return s.isValid()?s:null}}]),t}();l(c,"n",21888242871839275222246405745257275088548364400416034343698204186575808495617n),l(c,"TWIST_MUL_BY_P_X",new a(21575463638280843010398324269430826099269044274347216827212613867836435027261n,10307601595873709700152284273816112264069230130616436755625194854815875713954n)),l(c,"TWIST_MUL_BY_P_Y",new a(2821565182194536844548159561693502659359617185244120367078079554186484126554n,3505843767911556378687030309984248845540243509899259641013678093033130930403n)),l(c,"ZERO",new c(a._0,a._0,a._0)),l(c,"TWIST",new a(9n,1n)),l(c,"twinv",c.TWIST.inverse()),l(c,"B_Fp2",new a(c.twinv.a.multiply(new o(3n)),c.twinv.b.multiply(new o(3n)))),t.exports={BN128Fp:f,BN128Fp2:c}},854:(t,e,n)=>{function i(t,e){(null==e||e>t.length)&&(e=t.length);for(var n=0,i=new Array(e);n<e;n++)i[n]=t[n];return i}function r(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function u(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function l(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}var s=n(882),o=s.Field,a=s.Fp2,f=s.Fp12,c=n(2).BN128Fp2,y=function t(e,n,i){l(this,t),this.ell0=e,this.ellVW=n,this.ellVV=i},h=function(){function t(){l(this,t)}var e,n,u;return e=t,u=[{key:"create",value:function(){var e=new t;return e.pairs=[],e.product=f._1,e}}],(n=[{key:"addPair",value:function(t,e){this.pairs.push([t,e])}},{key:"run",value:function(){var t,e=function(t,e){var n;if("undefined"==typeof Symbol||null==t[Symbol.iterator]){if(Array.isArray(t)||(n=function(t,e){if(t){if("string"==typeof t)return i(t,e);var n=Object.prototype.toString.call(t).slice(8,-1);return"Object"===n&&t.constructor&&(n=t.constructor.name),"Map"===n||"Set"===n?Array.from(t):"Arguments"===n||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)?i(t,e):void 0}}(t))||e&&t&&"number"==typeof t.length){n&&(t=n);var r=0,u=function(){};return{s:u,n:function(){return r>=t.length?{done:!0}:{done:!1,value:t[r++]}},e:function(t){throw t},f:u}}throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}var l,s=!0,o=!1;return{s:function(){n=t[Symbol.iterator]()},n:function(){var t=n.next();return s=t.done,t},e:function(t){o=!0,l=t},f:function(){try{s||null==n.return||n.return()}finally{if(o)throw l}}}}(this.pairs);try{for(e.s();!(t=e.n()).done;){var n=t.value,r=this.millerLoop(n[0],n[1]);r.eq(f._1)||(this.product=this.product.multiply(r))}}catch(t){e.e(t)}finally{e.f()}this.product=this.finalExponentiation(this.product)}},{key:"result",value:function(){return this.product}},{key:"millerLoop",value:function(e,n){e=e.toAffine(),n=n.toAffine();for(var i=this.calcEllCoeffs(n),r=f._1,u=0,l=t.LOOP_COUNT.bitLength()-2;l>=0;l--){var s=i[u++];r=(r=r.square()).mulBy024(s.ell0,e.y.multiply(s.ellVW),e.x.multiply(s.ellVV)),t.LOOP_COUNT.testBit(l)&&(s=i[u++],r=r.mulBy024(s.ell0,e.y.multiply(s.ellVW),e.x.multiply(s.ellVV)))}var o=i[u++];return r=r.mulBy024(o.ell0,e.y.multiply(o.ellVW),e.x.multiply(o.ellVV)),o=i[u],r.mulBy024(o.ell0,e.y.multiply(o.ellVW),e.x.multiply(o.ellVV))}},{key:"calcEllCoeffs",value:function(e){for(var n=[],i=e,r=t.LOOP_COUNT.bitLength()-2;r>=0;r--){var u=this.flippedMillerLoopDoubling(i);if(i=u.g2,n.push(u.coeffs),t.LOOP_COUNT.testBit(r)){var l=this.flippedMillerLoopMixedAddition(e,i);i=l.g2,n.push(l.coeffs)}}var s=e.mulByP(),o=s.mulByP();o=new c(o.x,o.y.negate(),o.z);var a=this.flippedMillerLoopMixedAddition(s,i);return i=a.g2,n.push(a.coeffs),a=this.flippedMillerLoopMixedAddition(o,i),n.push(a.coeffs),n}},{key:"flippedMillerLoopMixedAddition",value:function(e,n){var i=n.x,r=n.y,u=n.z,l=e.x,s=e.y,o=i.subtract(l.multiply(u)),a=r.subtract(s.multiply(u)),f=o.square(),h=a.square(),p=o.multiply(f),b=i.multiply(f),d=p.add(u.multiply(h)).subtract(b.double()),v=o.multiply(d),m=a.multiply(b.subtract(d)).subtract(p.multiply(r)),w=u.multiply(p),g=t.TWIST.multiply(a.multiply(l).subtract(o.multiply(s))),E=a.negate(),x=o;return{g2:new c(v,m,w),coeffs:new y(g,x,E)}}},{key:"flippedMillerLoopDoubling",value:function(e){var n=e.x,i=e.y,r=e.z,u=n.multiply(i),l=new a(u.a.multiply(o._2_INV),u.b.multiply(o._2_INV)),s=i.square(),f=r.square(),h=f.add(f).add(f),p=t.TWIST.inverse(),b=new a(p.a.multiply(new o(3n)),p.b.multiply(new o(3n))).multiply(h),d=b.add(b).add(b),v=s.add(d),m=new a(v.a.multiply(o._2_INV),v.b.multiply(o._2_INV)),w=i.add(r).square().subtract(s.add(f)),g=b.subtract(s),E=n.square(),x=b.square(),q=l.multiply(s.subtract(d)),_=m.square().subtract(x.add(x).add(x)),S=s.multiply(w),k=t.TWIST.multiply(g),O=w.negate(),z=E.add(E).add(E);return{g2:new c(q,_,S),coeffs:new y(k,O,z)}}},{key:"finalExponentiation",value:function(e){var n=new f(e.a,e.b.negate()),i=e.inverse(),r=n.multiply(i),u=r.frobeniusMap(2n).multiply(r),l=u.negExp(t.PAIRING_FINAL_EXPONENT_Z).cyclotomicSquared(),s=l.cyclotomicSquared().multiply(l),o=s.negExp(t.PAIRING_FINAL_EXPONENT_Z),a=o.cyclotomicSquared().negExp(t.PAIRING_FINAL_EXPONENT_Z),c=s.unitaryInverse(),y=a.unitaryInverse().multiply(o).multiply(c),h=y.multiply(l),p=y.multiply(o).multiply(u),b=h.frobeniusMap(1n).multiply(p),d=y.frobeniusMap(2n).multiply(b);return u.unitaryInverse().multiply(h).frobeniusMap(3n).multiply(d)}}])&&r(e.prototype,n),u&&r(e,u),t}();u(h,"TWIST",new a(9n,1n)),u(h,"PAIRING_FINAL_EXPONENT_Z",4965661367192848881n),u(h,"LOOP_COUNT",29793968203157093288n),t.exports={PairingCheck:h}},360:t=>{function e(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}var n=function t(){!function(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}(this,t)};e(n,"p",21888242871839275222246405745257275088696311157297823662689037894645226208583n),e(n,"n",21888242871839275222246405745257275088548364400416034343698204186575808495617n),t.exports=n},26:(t,e,n)=>{function i(t){return(i="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(t){return typeof t}:function(t){return t&&"function"==typeof Symbol&&t.constructor===Symbol&&t!==Symbol.prototype?"symbol":typeof t})(t)}function r(t,e){if("function"!=typeof e&&null!==e)throw new TypeError("Super expression must either be null or a function");t.prototype=Object.create(e&&e.prototype,{constructor:{value:t,writable:!0,configurable:!0}}),e&&u(t,e)}function u(t,e){return(u=Object.setPrototypeOf||function(t,e){return t.__proto__=e,t})(t,e)}function l(t){var e=function(){if("undefined"==typeof Reflect||!Reflect.construct)return!1;if(Reflect.construct.sham)return!1;if("function"==typeof Proxy)return!0;try{return Date.prototype.toString.call(Reflect.construct(Date,[],(function(){}))),!0}catch(t){return!1}}();return function(){var n,i=a(t);if(e){var r=a(this).constructor;n=Reflect.construct(i,arguments,r)}else n=i.apply(this,arguments);return s(this,n)}}function s(t,e){return!e||"object"!==i(e)&&"function"!=typeof e?o(t):e}function o(t){if(void 0===t)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return t}function a(t){return(a=Object.setPrototypeOf?Object.getPrototypeOf:function(t){return t.__proto__||Object.getPrototypeOf(t)})(t)}function f(t){throw new Error('"'+t+'" is read-only')}function c(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}function y(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function h(t,e,n){return e&&y(t.prototype,e),n&&y(t,n),t}function p(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}var b=n(882),d=b.Field2,v=b.Field12,m=function(){function t(e,n,i){var r=this;if(c(this,t),p(this,"zero",(function(){return r.inf})),p(this,"same",(function(t){return r.E.bn===t.E.bn})),p(this,"neg",(function(){return r.y.zero()?new t(r.E,r.x,r.y):new t(r.E,r.x,r.y.neg())})),p(this,"subtract",(function(t){return r.add(t.neg())})),p(this,"toString",(function(){return"("+r.x.toString()+","+r.y.toString()+")"})),this.preComp=null,1===arguments.length&&e instanceof t){var u=e;this.E=u.E,this.x=u.x,this.y=u.y,this.inf=u.inf}if(3===arguments.length){if(n instanceof d&&i instanceof d&&(this.E=e,this.x=n,this.y=i,this.inf=!1),"bigint"==typeof n){var l=i;this.E=e;var s=e.bn.p;if(this.x=ExNumber.mod(n,s),0===n.signum())throw new Error("The given point does not belong to the given elliptic curve");if(this.y=e.bn.sqrt(ExNumber(n.multiply(n).multiply(n).add(e.b)).mod(s)),null===this.y)throw new Error("The given point does not belong to the given elliptic curve");this.y.testBit(0)!==(1==(1&l))&&(this.y=s.subtract(i))}if("bigint"==typeof i){var o=n;this.E=e;var a=e.bn.p;if(this.y=i.mod(a),0===i.signum())throw new Error("The given point does not belong to the given elliptic curve");if(this.x=e.bn.cbrt(i.multiply(i).subtract(e.b).mod(a)),null===this.x)throw new Error("The given point does not belong to the given elliptic curve");if(this.x.mod(e.bn._3)!==o){var f=e.bn.zeta;if(this.x=f.multiply(n).mod(a),this.x.mod(e.bn._3)!==o&&(this.x=f.multiply(n).mod(a),this.x.mod(e.bn._3)!==o))throw new Error("The given point does not belong to the given elliptic curve")}}}}return h(t,[{key:"eq",value:function(e){return!!(e instanceof t&&this.same(e))&&this.x.eq(e.x)&&this.y.eq(e.y)}},{key:"add",value:function(e){if(this.zero())return e;if(e.zero())return this;var n=this.x,i=this.y,r=e.x,u=e.y;if(n.eq(r)&&i.eq(u))return this.double(e);if(n.eq(r))return this.E.infinity;var l=u.subtract(i).divide(r.subtract(n)),s=l.exp(2n).subtract(n).subtract(r),o=l.neg().multiply(s).add(l.multiply(n)).subtract(i);return new t(this.E,s,o)}},{key:"double",value:function(){var e=this.x,n=this.y,i=new d(this.E.bn.p,2),r=new d(this.E.bn.p,3).multiply(e).multiply(e).divide(i.multiply(n)),u=r.exp(2).subtract(i.multiply(e)),l=r.neg().multiply(u).add(r.multiply(e)).subtract(n);return new t(this.E,u,l)}},{key:"twice",value:function(e){if(this.zero())return this;for(var n=new t(this.E,this.x,this.y),i=0;i<e;i++)f("P"),n=n.double();return n}},{key:"multiply",value:function(t){return t.isZero()?this.E.infinity:t.equals(1)?this:t.mod(2).isZero()?this.double().multiply(t.divide(2)):this.add(this.double().multiply(t.divide(2)))}},{key:"toF12",value:function(){if(this.eq(this.E.infinity))return this.E.infinity;var t=new v(this.E.bn,[new d(this.E.bn.p,this.x.re,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1)]),e=new v(this.E.bn,[new d(this.E.bn.p,this.y.re,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1)]);return new g(this.E,t,e)}}]),t}(),w=function(t){r(n,t);var e=l(n);function n(t,i,r){var u;if(c(this,n),u=e.call(this,t,i,r),1===arguments.length&&t instanceof n){var l=t;u.E=l.E,u.x=l.x,u.y=l.y,u.inf=l.inf}if(3===arguments.length&&i instanceof d&&r instanceof d&&(u.E=t,u.x=i,u.y=r,u.inf=!1,!t.contains(o(u))))throw new Error("pointNotOnCurve");return u}return h(n,[{key:"add",value:function(t){if(this.zero())return t;if(t.zero())return this;var e=this.x,i=this.y,r=t.x,u=t.y;if(e.eq(r)&&i.eq(u))return this.double(t);if(e.eq(r))return this.E.infinity;var l=u.subtract(i).divide(r.subtract(e)),s=l.exp(2).subtract(e).subtract(r),o=l.neg().multiply(s).add(l.multiply(e)).subtract(i);return new n(this.E,s,o)}},{key:"twice",value:function(t){if(this.zero())return this;for(var e=new n(this.E,this.x,this.y),i=0;i<t;i++)f("P"),e=e.double();return e}},{key:"double",value:function(){var t=this.x,e=this.y,i=new d(this.E.bn.p,2),r=new d(this.E.bn.p,3).multiply(t).multiply(t).divide(i.multiply(e)),u=r.exp(2).subtract(i.multiply(t)),l=r.neg().multiply(u).add(r.multiply(t)).subtract(e);return new n(this.E,u,l)}},{key:"toF12",value:function(){if(this.eq(this.E.infinity))return this.E.infinity;var t=this.x,e=this.y,n=new d(this.E.bn.p,t.re),i=new d(this.E.bn.p,e.re),r=new d(this.E.bn.p,t.im),u=new d(this.E.bn.p,e.im),l=n.subtract(r.multiply(9)),s=i.subtract(u.multiply(9)),o=new v(this.E.bn,[new d(this.E.bn.p,0,bigInt.one,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1)]),a=new v(this.E.bn,[new d(this.E.bn.p,l.re,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,t.im,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1)]),c=new v(this.E.bn,[new d(this.E.bn.p,s.re,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,e.im,0,!1),new d(this.E.bn.p,0,0,!1),new d(this.E.bn.p,0,0,!1)]);return f("nx"),a=a.multiply(o).multiply(o),f("ny"),c=c.multiply(o).multiply(o).multiply(o),new g(this.E,a,c)}},{key:"toString",value:function(){return"("+this.x.toString()+","+this.y.toString()+")"}}]),n}(m),g=function(t){r(n,t);var e=l(n);function n(t,i,r){var u;if(c(this,n),p(o(u=e.call(this,t,i,r)),"toString",(function(){return"("+u.x.toString()+", "+u.y.toString()+")"})),1===arguments.length&&(t instanceof Curve2&&(u.E=t,u.x=t.Fp12_1,u.y=t.Fp12_1,u.inf=!0),t instanceof w)){var l=t;u.E=l.E,u.x=l.x,u.y=l.y,u.inf=l.inf}return 3===arguments.length&&i instanceof v&&r instanceof v&&(u.E=t,u.x=i,u.y=r,u.inf=!1),u}return h(n,[{key:"add",value:function(t){if(this.zero())return t;if(t.zero())return this;var e=this.x,i=this.y,r=t.x,u=t.y;if(e.eq(r)&&i.eq(u))return this.double(t);if(e.eq(r))return this.E.infinity;var l=u.subtract(i).divide(r.subtract(e)),s=l.multiply(l).subtract(e).subtract(r),o=l.neg().multiply(s).add(l.multiply(e)).subtract(i);return new n(this.E,s,o)}},{key:"twice",value:function(t){if(this.zero())return this;for(var e=new n(this.E,this.x,this.y),i=0;i<t;i++)f("P"),e=e.double();return e}},{key:"double",value:function(){var t=this.x,e=this.y,i=new v(this.E.bn,3),r=new v(this.E.bn,2),u=i.multiply(t).multiply(t).divide(r.multiply(e)),l=u.multiply(u).subtract(r.multiply(t)),s=u.neg().multiply(l).add(u.multiply(t)).subtract(e);return new n(this.E,l,s)}}]),n}(w);t.exports={Point:m,Point2:w,Point12:g}},882:e=>{"use strict";e.exports=t},115:t=>{"use strict";t.exports=e}},i={},function t(e){if(i[e])return i[e].exports;var r=i[e]={exports:{}};return n[e](r,r.exports,t),r.exports}(506);var n,i}));