UNPKG

o1js

Version:

TypeScript framework for zk-SNARKs and zkApps

github.com/o1-labs/o1js/

o1-labs/o1js

410 lines (386 loc) 11.7 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
// generic encoding infrastructure import { assertNonNegativeInteger, NonNegativeInteger, PositiveInteger, } from '../crypto/non-negative.js'; import { bytesToBigInt, bigIntToBytes } from '../crypto/bigint-helpers.js'; import { GenericSignableField } from './generic.js'; export { Binable, defineBinable, withVersionNumber, tuple, record, enumWithArgument, prefixToField, bytesToBits, bitsToBytes, withBits, withCheck, BinableWithBits, stringToBytes, stringFromBytes, stringLengthInBytes, BinableString, BinableInt32, BinableInt64, BinableUint32, BinableUint64, }; type Binable<T> = { toBytes(t: T): number[]; readBytes<N extends number>( bytes: number[], offset: NonNegativeInteger<N> ): [value: T, offset: number]; fromBytes(bytes: number[]): T; }; type BinableWithBits<T> = Binable<T> & { toBits(t: T): boolean[]; fromBits(bits: boolean[]): T; sizeInBytes: number; sizeInBits: number; }; function defineBinable<T>({ toBytes, readBytes, }: { toBytes(t: T): number[]; readBytes<N extends number>( bytes: number[], offset: NonNegativeInteger<N> ): [value: T, offset: number]; }): Binable<T> { // spec: input offset has to be a non-negative integer, and be smaller than the bytes length // output offset has to be greater or equal input, and not exceed the bytes length let readBytes_ = <N extends number>( bytes: number[], offset: NonNegativeInteger<N> ) => { assertNonNegativeInteger(offset, 'readBytes: offset must be integer >= 0'); if (offset >= bytes.length) throw Error('readBytes: offset must be within bytes length'); let [value, end] = readBytes(bytes, offset); if (end < offset) throw Error( 'offset returned by readBytes must be greater than initial offset' ); if (end > bytes.length) throw Error('offset returned by readBytes must not exceed bytes length'); return [value, end] as [T, number]; }; return { toBytes, readBytes: readBytes_, // spec: fromBytes throws if the input bytes are not all used fromBytes(bytes) { let [value, offset] = readBytes_(bytes, 0); if (offset < bytes.length) throw Error('fromBytes: input bytes left over'); return value; }, }; } function withVersionNumber<T>( binable: Binable<T>, versionNumber: number ): Binable<T> { return defineBinable({ toBytes(t) { let bytes = binable.toBytes(t); bytes.unshift(versionNumber); return bytes; }, readBytes(bytes, offset) { let version = bytes[offset++]; if (version !== versionNumber) { throw Error( `fromBytes: Invalid version byte. Expected ${versionNumber}, got ${version}.` ); } return binable.readBytes(bytes, offset); }, }); } function withCheck<T>( { toBytes, readBytes }: Binable<T>, check: (t: T) => void ): Binable<T> { return defineBinable({ toBytes, readBytes(bytes, start) { let [value, end] = readBytes(bytes, start); check(value); return [value, end]; }, }); } type Tuple<T> = [T, ...T[]] | []; function record<Types extends Record<string, any>>( binables: { [i in keyof Types]: Binable<Types[i]>; }, keys: Tuple<keyof Types> ): Binable<Types> { let binablesTuple = keys.map((key) => binables[key]) as Tuple<Binable<any>>; let tupleBinable = tuple<Tuple<any>>(binablesTuple); return defineBinable({ toBytes(t) { let array = keys.map((key) => t[key]) as Tuple<any>; return tupleBinable.toBytes(array); }, readBytes(bytes, start) { let [tupleValue, end] = tupleBinable.readBytes(bytes, start); let value = Object.fromEntries( keys.map((key, i) => [key, tupleValue[i]]) ) as any; return [value, end]; }, }); } function tuple<Types extends Tuple<any>>(binables: { [i in keyof Types]: Binable<Types[i]>; }): Binable<Types> { let n = (binables as any[]).length; return defineBinable({ toBytes(t) { let bytes: number[] = []; for (let i = 0; i < n; i++) { let subBytes = binables[i].toBytes(t[i]); bytes.push(...subBytes); } return bytes; }, readBytes(bytes, offset) { let values = []; for (let i = 0; i < n; i++) { let [value, newOffset] = binables[i].readBytes(bytes, offset); offset = newOffset as any; values.push(value); } return [values as Types, offset]; }, }); } type EnumNoArgument<T extends string> = { type: T }; type EnumWithArgument<T extends string, V> = { type: T; value: V }; type AnyEnum = EnumNoArgument<string> | EnumWithArgument<string, any>; function enumWithArgument<Enum_ extends Tuple<AnyEnum>>(types: { [i in number]: Enum_[i] extends EnumWithArgument<string, any> ? { type: Enum_[i]['type']; value: Binable<Enum_[i]['value']>; } : { type: Enum_[i]['type'] }; }): Binable<Enum_[number]> { let typeToIndex = Object.fromEntries( (types as { type: string; value: any }[]).map(({ type }, i) => [type, i]) ); return defineBinable({ toBytes(en) { let i = typeToIndex[en.type]; let type = types[i]; if ('value' in type) { let binable = type.value; return [i, ...binable.toBytes((en as any).value)]; } return [i]; }, readBytes(bytes, offset) { let i = bytes[offset]; offset++; let type = types[i]; if ('value' in type) { let [value, end] = type.value.readBytes(bytes, offset); return [{ type: type.type, value }, end]; } return [{ type: type.type }, offset]; }, }); } const BinableString = defineBinable({ toBytes(t: string) { return [stringLengthInBytes(t), ...stringToBytes(t)]; }, readBytes(bytes, offset) { let length = bytes[offset++]; let end = offset + length; let string = stringFromBytes(bytes.slice(offset, end)); return [string, end]; }, }); const CODE_NEG_INT8 = 0xff; const CODE_INT16 = 0xfe; const CODE_INT32 = 0xfd; const CODE_INT64 = 0xfc; function BinableInt<N extends number>(bits: PositiveInteger<N>) { let maxValue = 1n << BigInt(bits - 1); let nBytes = bits >> 3; if (nBytes * 8 !== bits) throw Error('bits must be evenly divisible by 8'); return defineBinable({ toBytes(n: bigint) { if (n < -maxValue || n >= maxValue) throw Error(`int${bits} out of range, got ${n}`); if (n >= 0) { if (n < 0x80n) return bigIntToBytes(n, 1); if (n < 0x8000n) return [CODE_INT16, ...bigIntToBytes(n, 2)]; if (n < 0x80000000) return [CODE_INT32, ...bigIntToBytes(n, 4)]; else return [CODE_INT64, ...bigIntToBytes(n, 8)]; } else { let M = 1n << 64n; if (n >= -0x80n) return [CODE_NEG_INT8, ...bigIntToBytes((M + n) & 0xffn, 1)]; if (n >= -0x8000n) return [CODE_INT16, ...bigIntToBytes((M + n) & 0xffffn, 2)]; if (n >= -0x80000000) return [CODE_INT32, ...bigIntToBytes((M + n) & 0xffff_ffffn, 4)]; else return [CODE_INT64, ...bigIntToBytes(M + n, 8)]; } }, readBytes(bytes, offset) { let code = bytes[offset++]; if (code < 0x80) return [BigInt(code), offset]; let size = { [CODE_NEG_INT8]: 1, [CODE_INT16]: 2, [CODE_INT32]: 4, [CODE_INT64]: 8, }[code]; if (size === undefined) { throw Error('binable integer: invalid start byte'); } let end = offset + size; let x = fillUInt(bytes.slice(offset, end), nBytes); // map from uint to int range if (x >= maxValue) { x -= 2n * maxValue; } if (x < -maxValue || x >= maxValue) { throw Error(`int${bits} out of range, got ${x}`); } return [x, end]; }, }); } function fillUInt(startBytes: number[], nBytes: number) { let n = startBytes.length; // fill up int with the highest bit of startBytes let lastBit = startBytes[n - 1] >> 7; let fillByte = lastBit === 1 ? 0xff : 0x00; let intBytes = startBytes.concat(Array(nBytes - n).fill(fillByte)); // interpret result as a bigint > 0 let x = bytesToBigInt(intBytes); return x; } function BinableUint<N extends number>(bits: PositiveInteger<N>) { let binableInt = BinableInt(bits); let maxValue = 1n << BigInt(bits - 1); return iso(binableInt, { to(uint: bigint) { if (uint < 0n || uint >= 2n * maxValue) throw Error(`uint${bits} out of range, got ${uint}`); let ret = uint >= maxValue ? uint - 2n * maxValue : uint; return ret; }, from(int: bigint) { let uint = int < 0n ? int + 2n * maxValue : int; if (uint < 0n || uint >= 2n * maxValue) throw Error(`uint${bits} out of range, got ${uint}`); return uint; }, }); } const BinableInt64 = BinableInt(64); const BinableInt32 = BinableInt(32); const BinableUint64 = BinableUint(64); const BinableUint32 = BinableUint(32); // same as Random_oracle.prefix_to_field in OCaml // converts string to bytes and bytes to field; throws if bytes don't fit in one field function prefixToField<Field>( Field: GenericSignableField<Field>, prefix: string ) { let fieldSize = Field.sizeInBytes; if (prefix.length >= fieldSize) throw Error('prefix too long'); let stringBytes = stringToBytes(prefix); return Field.fromBytes( stringBytes.concat(Array(fieldSize - stringBytes.length).fill(0)) ); } function bitsToBytes([...bits]: boolean[]) { let bytes: number[] = []; while (bits.length > 0) { let byteBits = bits.splice(0, 8); let byte = 0; for (let i = 0; i < 8; i++) { if (!byteBits[i]) continue; byte |= 1 << i; } bytes.push(byte); } return bytes; } function bytesToBits(bytes: number[]) { return bytes .map((byte) => { let bits: boolean[] = Array(8); for (let i = 0; i < 8; i++) { bits[i] = !!(byte & 1); byte >>= 1; } return bits; }) .flat(); } /** * This takes a `Binable<T>` plus an optional `sizeInBits`, and derives toBits() / fromBits() functions. * - `sizeInBits` has to observe `Math.ceil(sizeInBits / 8) === sizeInBytes`, so the bit size can be slightly smaller than the byte size * - If `sizeInBits` is `< sizeInBytes * 8`, then we assume that toBytes() returns a byte sequence where the bits * higher than `sizeInBits` are all 0. This assumption manifests in toBits(), where we slice off those higher bits, * to return a result that is of length `sizeInBits`. * * This is useful for serializing field elements, where -- depending on the circumstance -- we either want a * 32-byte (= 256-bit) serialization, or a 255-bit serialization */ function withBits<T>( binable: Binable<T>, sizeInBits: number ): BinableWithBits<T> { return { ...binable, toBits(t: T) { return bytesToBits(binable.toBytes(t)).slice(0, sizeInBits); }, fromBits(bits: boolean[]) { return binable.fromBytes(bitsToBytes(bits)); }, sizeInBytes: Math.ceil(sizeInBits / 8), sizeInBits, }; } function iso<T, S>( binable: Binable<T>, { to, from }: { to(s: S): T; from(t: T): S } ): Binable<S> { return defineBinable({ toBytes(s: S) { return binable.toBytes(to(s)); }, readBytes(bytes, offset) { let [value, end] = binable.readBytes(bytes, offset); return [from(value), end]; }, }); } let encoder = new TextEncoder(); let decoder = new TextDecoder(); function stringToBytes(s: string) { return [...encoder.encode(s)]; } function stringFromBytes(bytes: number[]) { return decoder.decode(Uint8Array.from(bytes)); } function stringLengthInBytes(s: string) { return encoder.encode(s).length; }