o1js/src/examples/crypto/ecdsa/run.ts

TypeScript framework for zk-SNARKs and zkApps

import assert from 'assert';
import { Performance } from '../../../lib/testing/perf-regression.js';
import { Bytes32, Ecdsa, Secp256k1, ecdsa, ecdsaEthers, keccakAndEcdsa } from './ecdsa.js';

// create an example ecdsa signature

let privateKey = Secp256k1.Scalar.random();
let publicKey = Secp256k1.generator.scale(privateKey);

let message = Bytes32.fromString("what's up");

let signature = Ecdsa.sign(message.toBytes(), privateKey.toBigInt());

// investigate the constraint system generated by ECDSA verify

console.time('ecdsa verify only (build constraint system)');
let csEcdsa = await ecdsa.analyzeMethods();
console.timeEnd('ecdsa verify only (build constraint system)');
console.log(csEcdsa.verifySignedHash.summary());

console.time('keccak + ecdsa verify (build constraint system)');
let cs = await keccakAndEcdsa.analyzeMethods();
console.timeEnd('keccak + ecdsa verify (build constraint system)');
console.log(cs.verifyEcdsa.summary());

// compile and prove

const perfKeccakEcdsa = Performance.create(keccakAndEcdsa.name, cs);
perfKeccakEcdsa.start('compile');
await keccakAndEcdsa.compile();
perfKeccakEcdsa.end();

perfKeccakEcdsa.start('prove', 'verifyEcdsa');
let { proof } = await keccakAndEcdsa.verifyEcdsa(message, signature, publicKey);
perfKeccakEcdsa.end();

proof.publicOutput.assertTrue('signature verification failed!');

perfKeccakEcdsa.start('verify', 'verifyEcdsa');
const isValid = await keccakAndEcdsa.verify(proof);
perfKeccakEcdsa.end();

assert(isValid, 'proof verification failed!');

// Hardcoded ethers.js signature and inputs for verification in o1js

// message signed using ethers.js
const msg = 'Secrets hidden, truth in ZKPs ;)';

// uncompressed public key generated by ethers.js
const uncompressedPublicKey =
  '0x040957928494c38660d254dc03ba78f091a4aea0270afb447f193c4daf6648f02b720071af9b5bda4936998ec186e632f4be82886914851d7c753747b0a949d1a4';

// compressed public key generated by ethers.js
const compressedPublicKey = '0x020957928494c38660d254dc03ba78f091a4aea0270afb447f193c4daf6648f02b';

// ECDSA signature generated by ethers.js
const rawSignature =
  '0x6fada464c3bc2ae127f8c907c0c4bccbd05ba83a584156edb808b7400346b4c9558598d9c7869f5fd75d81128711f6621e4cb5ba2f52a2a51c46c859f49a833a1b';

const publicKeyE = Secp256k1.fromEthers(compressedPublicKey);
const signatureE = Ecdsa.fromHex(rawSignature);
const msgBytes = Bytes32.fromString(msg);

// investigate the constraint system generated by ECDSA verifyEthers
console.time('ethers verify only (build constraint system)');
let csEcdsaEthers = await ecdsaEthers.analyzeMethods();
console.timeEnd('ethers verify only (build constraint system)');
console.log(csEcdsaEthers.verifyEthers.summary());

// compile and prove
const perfEcdsaEthers = Performance.create(ecdsaEthers.name, csEcdsaEthers);
perfEcdsaEthers.start('compile');
await ecdsaEthers.compile();
perfEcdsaEthers.end();

perfEcdsaEthers.start('prove', 'verifyEthers');
let { proof: proofE } = await ecdsaEthers.verifyEthers(msgBytes, signatureE, publicKeyE);
perfEcdsaEthers.end();

proofE.publicOutput.assertTrue('signature verification failed!');

perfEcdsaEthers.start('verify', 'verifyEthers');
const isValidE = await ecdsaEthers.verify(proofE);
perfEcdsaEthers.end();

assert(isValidE, 'proof verification failed!');