From f684b9a1c05ea0b22956d61ea68e9bc47bb4d56d Mon Sep 17 00:00:00 2001 From: Eric Mastro Date: Wed, 8 Jun 2022 15:16:58 +1000 Subject: [PATCH] WiP: more test cases added for BN254 Just need real proof test cases to be included. --- contracts/TestBn254.sol | 190 +++++------------- .../witnet/bls-solidity/contracts/BN256G1.sol | 3 +- .../witnet/bls-solidity/contracts/BN256G2.sol | 3 +- .../contracts/EllipticCurve.sol | 1 + test/Bn254.test.js | 125 ++++++++++-- test/Bn254Verifier.test.js | 48 ----- test/Proofs.test.js | 59 +++++- 7 files changed, 226 insertions(+), 203 deletions(-) delete mode 100644 test/Bn254Verifier.test.js diff --git a/contracts/TestBn254.sol b/contracts/TestBn254.sol index 2686110..b1c6128 100644 --- a/contracts/TestBn254.sol +++ b/contracts/TestBn254.sol @@ -7,146 +7,66 @@ import "./ecc/Types.sol"; contract TestBn254 { using Bn254 for *; - struct VerifyingKey { - Types.G2Point A; - Types.G1Point B; - Types.G2Point C; - Types.G2Point gamma; - Types.G1Point gammaBeta1; - Types.G2Point gammaBeta2; - Types.G2Point Z; - Types.G1Point[] IC; + + function p1Generator() public pure returns (Types.G1Point memory) { + return Bn254._p1Generator(); } - struct Proof { - Types.G1Point A; - Types.G1Point A_p; - Types.G2Point B; - Types.G1Point B_p; - Types.G1Point C; - Types.G1Point C_p; - Types.G1Point K; - Types.G1Point H; + + function p2Generator() public pure returns (Types.G2Point memory) { + return Bn254._p2Generator(); } - function f() public returns (bool) { - Types.G1Point memory p1; - Types.G1Point memory p2; - p1.x = 1; p1.y = 2; - p2.x = 1; p2.y = 2; - Types.G1Point memory explict_sum = Bn254._add(p1, p2); - Types.G1Point memory scalar_prod = Bn254._multiply(p1, 2); - return (explict_sum.x == scalar_prod.x && - explict_sum.y == scalar_prod.y); + + function add(Types.G1Point memory p, Types.G1Point memory q) + public + returns (Types.G1Point memory) + { + return p._add(q); } - function g() public returns (bool) { - Types.G1Point memory x = Bn254._add(Bn254._p1Generator(), Bn254._negate(Bn254._p1Generator())); - // should be zero - return (x.x == 0 && x.y == 0); + + function multiply(Types.G1Point memory p, uint256 k) + public + returns (Types.G1Point memory) + { + return p._multiply(k); } - function testMul() public returns (bool) { - Types.G1Point memory p; - // @TODO The points here are reported to be not well-formed - p.x = 14125296762497065001182820090155008161146766663259912659363835465243039841726; - p.y = 16229134936871442251132173501211935676986397196799085184804749187146857848057; - p = Bn254._multiply(p, 13986731495506593864492662381614386532349950841221768152838255933892789078521); - return - p.x == 18256332256630856740336504687838346961237861778318632856900758565550522381207 && - p.y == 6976682127058094634733239494758371323697222088503263230319702770853579280803; + + function negate(Types.G1Point memory p1) + public + pure + returns (Types.G1Point memory) + { + return p1._negate(); } + + function checkPairing( + Types.G1Point memory p, + Types.G2Point memory q, + Types.G1Point memory r, + Types.G2Point memory s + ) + public + returns (bool) + { + return p._checkPairing(q, r, s); + } + + function isOnCurve(Types.G1Point memory p1) + public + pure + returns (bool) + { + return p1._isOnCurve(); + } + + function hashToPoint(bytes memory _message) + public + pure + returns (Types.G1Point memory) + { + return _message._hashToPoint(); + } + function verifyProof(Types.Proof memory p) public returns (bool) { return p._verifyProof(); } - // function pair() public view returns (bool) { - // Types.G2Point memory fiveTimesP2 = Types.G2Point( - // [4540444681147253467785307942530223364530218361853237193970751657229138047649, 20954117799226682825035885491234530437475518021362091509513177301640194298072], - // [11631839690097995216017572651900167465857396346217730511548857041925508482915, 21508930868448350162258892668132814424284302804699005394342512102884055673846] - // ); - // // The prime p in the base field F_p for G1 - // uint p = 21888242871839275222246405745257275088696311157297823662689037894645226208583; - // Types.G1Point[] memory g1points = new Types.G1Point[](2); - // Types.G2Point[] memory g2points = new Types.G2Point[](2); - // // check e(5 P1, P2)e(-P1, 5 P2) == 1 - // g1points[0] = Bn254._p1Generator().multiply(5); - // g1points[1] = Bn254._p1Generator(); - // g1points[1].y = p - g1points[1].y; - // g2points[0] = Bn254._p2Generator(); - // g2points[1] = fiveTimesP2; - // if (!Bn254.checkPairing(g1points, g2points)) - // return false; - // // check e(P1, P2)e(-P1, P2) == 0 - // g1points[0] = Bn254._p1Generator(); - // g1points[1] = Bn254._p1Generator().negate(); - // g2points[0] = Bn254._p2Generator(); - // g2points[1] = Bn254._p2Generator(); - // if (!Bn254.checkPairing(g1points, g2points)) - // return false; - // return true; - // } - // function _verifyingKey() internal pure returns (VerifyingKey memory vk) { - // vk.A = Types.G2Point([0x209dd15ebff5d46c4bd888e51a93cf99a7329636c63514396b4a452003a35bf7, 0x04bf11ca01483bfa8b34b43561848d28905960114c8ac04049af4b6315a41678], [0x2bb8324af6cfc93537a2ad1a445cfd0ca2a71acd7ac41fadbf933c2a51be344d, 0x120a2a4cf30c1bf9845f20c6fe39e07ea2cce61f0c9bb048165fe5e4de877550]); - // vk.B = Types.G1Point(0x2eca0c7238bf16e83e7a1e6c5d49540685ff51380f309842a98561558019fc02, 0x03d3260361bb8451de5ff5ecd17f010ff22f5c31cdf184e9020b06fa5997db84); - // vk.C = Types.G2Point([0x2e89718ad33c8bed92e210e81d1853435399a271913a6520736a4729cf0d51eb, 0x01a9e2ffa2e92599b68e44de5bcf354fa2642bd4f26b259daa6f7ce3ed57aeb3], [0x14a9a87b789a58af499b314e13c3d65bede56c07ea2d418d6874857b70763713, 0x178fb49a2d6cd347dc58973ff49613a20757d0fcc22079f9abd10c3baee24590]); - // vk.gamma = Types.G2Point([0x25f83c8b6ab9de74e7da488ef02645c5a16a6652c3c71a15dc37fe3a5dcb7cb1, 0x22acdedd6308e3bb230d226d16a105295f523a8a02bfc5e8bd2da135ac4c245d], [0x065bbad92e7c4e31bf3757f1fe7362a63fbfee50e7dc68da116e67d600d9bf68, 0x06d302580dc0661002994e7cd3a7f224e7ddc27802777486bf80f40e4ca3cfdb]); - // vk.gammaBeta1 = Types.G1Point(0x15794ab061441e51d01e94640b7e3084a07e02c78cf3103c542bc5b298669f21, 0x14db745c6780e9df549864cec19c2daf4531f6ec0c89cc1c7436cc4d8d300c6d); - // vk.gammaBeta2 = Types.G2Point([0x1f39e4e4afc4bc74790a4a028aff2c3d2538731fb755edefd8cb48d6ea589b5e, 0x283f150794b6736f670d6a1033f9b46c6f5204f50813eb85c8dc4b59db1c5d39], [0x140d97ee4d2b36d99bc49974d18ecca3e7ad51011956051b464d9e27d46cc25e, 0x0764bb98575bd466d32db7b15f582b2d5c452b36aa394b789366e5e3ca5aabd4]); - // vk.Z = Types.G2Point([0x217cee0a9ad79a4493b5253e2e4e3a39fc2df38419f230d341f60cb064a0ac29, 0x0a3d76f140db8418ba512272381446eb73958670f00cf46f1d9e64cba057b53c], [0x26f64a8ec70387a13e41430ed3ee4a7db2059cc5fc13c067194bcc0cb49a9855, 0x2fd72bd9edb657346127da132e5b82ab908f5816c826acb499e22f2412d1a2d7]); - // vk.IC = new Types.G1Point[](10); - // vk.IC[0] = Types.G1Point(0x0aee46a7ea6e80a3675026dfa84019deee2a2dedb1bbe11d7fe124cb3efb4b5a, 0x044747b6e9176e13ede3a4dfd0d33ccca6321b9acd23bf3683a60adc0366ebaf); - // vk.IC[1] = Types.G1Point(0x1e39e9f0f91fa7ff8047ffd90de08785777fe61c0e3434e728fce4cf35047ddc, 0x2e0b64d75ebfa86d7f8f8e08abbe2e7ae6e0a1c0b34d028f19fa56e9450527cb); - // vk.IC[2] = Types.G1Point(0x1c36e713d4d54e3a9644dffca1fc524be4868f66572516025a61ca542539d43f, 0x042dcc4525b82dfb242b09cb21909d5c22643dcdbe98c4d082cc2877e96b24db); - // vk.IC[3] = Types.G1Point(0x17d5d09b4146424bff7e6fb01487c477bbfcd0cdbbc92d5d6457aae0b6717cc5, 0x02b5636903efbf46db9235bbe74045d21c138897fda32e079040db1a16c1a7a1); - // vk.IC[4] = Types.G1Point(0x0f103f14a584d4203c27c26155b2c955f8dfa816980b24ba824e1972d6486a5d, 0x0c4165133b9f5be17c804203af781bcf168da7386620479f9b885ecbcd27b17b); - // vk.IC[5] = Types.G1Point(0x232063b584fb76c8d07995bee3a38fa7565405f3549c6a918ddaa90ab971e7f8, 0x2ac9b135a81d96425c92d02296322ad56ffb16299633233e4880f95aafa7fda7); - // vk.IC[6] = Types.G1Point(0x09b54f111d3b2d1b2fe1ae9669b3db3d7bf93b70f00647e65c849275de6dc7fe, 0x18b2e77c63a3e400d6d1f1fbc6e1a1167bbca603d34d03edea231eb0ab7b14b4); - // vk.IC[7] = Types.G1Point(0x0c54b42137b67cc268cbb53ac62b00ecead23984092b494a88befe58445a244a, 0x18e3723d37fae9262d58b548a0575f59d9c3266db7afb4d5739555837f6b8b3e); - // vk.IC[8] = Types.G1Point(0x0a6de0e2240aa253f46ce0da883b61976e3588146e01c9d8976548c145fe6e4a, 0x04fbaa3a4aed4bb77f30ebb07a3ec1c7d77a7f2edd75636babfeff97b1ea686e); - // vk.IC[9] = Types.G1Point(0x111e2e2a5f8828f80ddad08f9f74db56dac1cc16c1cb278036f79a84cf7a116f, 0x1d7d62e192b219b9808faa906c5ced871788f6339e8d91b83ac1343e20a16b30); - // } - // function _verify(uint[] memory input, Proof memory proof) internal view returns (uint) { - // VerifyingKey memory vk = _verifyingKey(); - // require(input.length + 1 == vk.IC.length); - // // Compute the linear combination vk_x - // Types.G1Point memory vk_x = Types.G1Point(0, 0); - // for (uint i = 0; i < input.length; i++) - // vk_x = Bn254.add(vk_x, Bn254.multiply(vk.IC[i + 1], input[i])); - // vk_x = Bn254.add(vk_x, vk.IC[0]); - // if (!Bn254.pairingProd2(proof.A, vk.A, Bn254.negate(proof.A_p), Bn254._p2Generator())) return 1; - // if (!Bn254.pairingProd2(vk.B, proof.B, Bn254.negate(proof.B_p), Bn254._p2Generator())) return 2; - // if (!Bn254.pairingProd2(proof.C, vk.C, Bn254.negate(proof.C_p), Bn254._p2Generator())) return 3; - // if (!Bn254.pairingProd3( - // proof.K, vk.gamma, - // Bn254.negate(Bn254.add(vk_x, Bn254.add(proof.A, proof.C))), vk.gammaBeta2, - // Bn254.negate(vk.gammaBeta1), proof.B - // )) return 4; - // if (!Bn254.pairingProd3( - // Bn254.add(vk_x, proof.A), proof.B, - // Bn254.negate(proof.H), vk.Z, - // Bn254.negate(proof.C), Bn254._p2Generator() - // )) return 5; - // return 0; - // } - - // function verifyTx() public view returns (bool r) { - // uint[] memory input = new uint[](9); - // Proof memory proof; - // proof.A = Types.G1Point(12873740738727497448187997291915224677121726020054032516825496230827252793177, 21804419174137094775122804775419507726154084057848719988004616848382402162497); - // proof.A_p = Types.G1Point(7742452358972543465462254569134860944739929848367563713587808717088650354556, 7324522103398787664095385319014038380128814213034709026832529060148225837366); - // proof.B = Types.G2Point( - // [8176651290984905087450403379100573157708110416512446269839297438960217797614, 15588556568726919713003060429893850972163943674590384915350025440408631945055], - // [15347511022514187557142999444367533883366476794364262773195059233657571533367, 4265071979090628150845437155927259896060451682253086069461962693761322642015]); - // proof.B_p = Types.G1Point(2979746655438963305714517285593753729335852012083057917022078236006592638393, 6470627481646078059765266161088786576504622012540639992486470834383274712950); - // proof.C = Types.G1Point(6851077925310461602867742977619883934042581405263014789956638244065803308498, 10336382210592135525880811046708757754106524561907815205241508542912494488506); - // proof.C_p = Types.G1Point(12491625890066296859584468664467427202390981822868257437245835716136010795448, 13818492518017455361318553880921248537817650587494176379915981090396574171686); - // proof.H = Types.G1Point(12091046215835229523641173286701717671667447745509192321596954139357866668225, 14446807589950902476683545679847436767890904443411534435294953056557941441758); - // proof.K = Types.G1Point(21341087976609916409401737322664290631992568431163400450267978471171152600502, 2942165230690572858696920423896381470344658299915828986338281196715687693170); - // input[0] = 13986731495506593864492662381614386532349950841221768152838255933892789078521; - // input[1] = 622860516154313070522697309645122400675542217310916019527100517240519630053; - // input[2] = 11094488463398718754251685950409355128550342438297986977413505294941943071569; - // input[3] = 6627643779954497813586310325594578844876646808666478625705401786271515864467; - // input[4] = 2957286918163151606545409668133310005545945782087581890025685458369200827463; - // input[5] = 1384290496819542862903939282897996566903332587607290986044945365745128311081; - // input[6] = 5613571677741714971687805233468747950848449704454346829971683826953541367271; - // input[7] = 9643208548031422463313148630985736896287522941726746581856185889848792022807; - // input[8] = 18066496933330839731877828156604; - // return _verify(input, proof) == 0; - // } -} \ No newline at end of file +} diff --git a/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G1.sol b/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G1.sol index 5eef9df..f6826b2 100644 --- a/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G1.sol +++ b/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G1.sol @@ -1,5 +1,6 @@ // SPDX-License-Identifier: MIT - +// taken from: https://github.com/witnet/bls-solidity/blob/master/contracts/BN256G1.sol +// Adapated to use a higher compiler version. pragma solidity >=0.8.0 <=0.8.13; import "../../elliptic-curve-solidity/contracts/EllipticCurve.sol"; diff --git a/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G2.sol b/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G2.sol index f7e5fc7..177ac5f 100644 --- a/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G2.sol +++ b/contracts/ecc/vendor/witnet/bls-solidity/contracts/BN256G2.sol @@ -1,6 +1,7 @@ // SPDX-License-Identifier: MIT // solium-disable security/no-assign-params - +// taken from: https://github.com/witnet/bls-solidity/blob/master/contracts/BN256G1.sol +// Adapated to use a higher compiler version. pragma solidity >=0.8.0 <=0.8.13; diff --git a/contracts/ecc/vendor/witnet/elliptic-curve-solidity/contracts/EllipticCurve.sol b/contracts/ecc/vendor/witnet/elliptic-curve-solidity/contracts/EllipticCurve.sol index 8ec8d14..345b457 100644 --- a/contracts/ecc/vendor/witnet/elliptic-curve-solidity/contracts/EllipticCurve.sol +++ b/contracts/ecc/vendor/witnet/elliptic-curve-solidity/contracts/EllipticCurve.sol @@ -1,5 +1,6 @@ // SPDX-License-Identifier: MIT // taken from: https://github.com/witnet/elliptic-curve-solidity/blob/master/contracts/EllipticCurve.sol +// Adapated to use a higher compiler version. pragma solidity >=0.8.0 <=0.8.13; diff --git a/test/Bn254.test.js b/test/Bn254.test.js index 6b5cd03..9ab8bb6 100644 --- a/test/Bn254.test.js +++ b/test/Bn254.test.js @@ -22,17 +22,118 @@ describe("Bn254", function () { }) it("explicit sum and scalar prod are the same", async function () { - let fRes = await bn254.f() - console.log("f result: ") - console.log(JSON.stringify(fRes, null, 2)) - expect(await bn254.f()).to.be.true + const p1 = { x: 1, y: 2 } + const p2 = { x: 1, y: 2 } + const explicitSum = await bn254.callStatic.add(p1, p2) + const scalarProd = await bn254.callStatic.multiply(p1, 2) + expect(explicitSum.x).to.be.equal(scalarProd.x) + expect(explicitSum.y).to.be.equal(scalarProd.y) }) it("adding point to negation of itself should be zero", async function () { - expect(await bn254.g()).to.be.true + const p1Generator = await bn254.p1Generator() + const p1GeneratorNegated = await bn254.callStatic.negate(p1Generator) + const result = await bn254.callStatic.add(p1Generator, p1GeneratorNegated) + expect(result.x).to.be.equal(0) + expect(result.y).to.be.equal(0) }) - it("fails when first point is not on Bn254 curve", async function () { + it("should pair successfully", async function () { + const p = { + x: "0x1c76476f4def4bb94541d57ebba1193381ffa7aa76ada664dd31c16024c43f59", + y: "0x3034dd2920f673e204fee2811c678745fc819b55d3e9d294e45c9b03a76aef41", + } + const q = { + x: [ + "0x209dd15ebff5d46c4bd888e51a93cf99a7329636c63514396b4a452003a35bf7", + "0x04bf11ca01483bfa8b34b43561848d28905960114c8ac04049af4b6315a41678", + ], + y: [ + "0x2bb8324af6cfc93537a2ad1a445cfd0ca2a71acd7ac41fadbf933c2a51be344d", + "0x120a2a4cf30c1bf9845f20c6fe39e07ea2cce61f0c9bb048165fe5e4de877550", + ], + } + const r = { + x: "0x111e129f1cf1097710d41c4ac70fcdfa5ba2023c6ff1cbeac322de49d1b6df7c", + y: "0x2032c61a830e3c17286de9462bf242fca2883585b93870a73853face6a6bf411", + } + const s = { + x: [ + "0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2", + "0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed", + ], + y: [ + "0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b", + "0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa", + ], + } + let paired = await bn254.callStatic.checkPairing(p, q, r, s) + expect(paired).to.be.true + }) + + it("should fail pairing", async function () { + const p = { + x: "0x1c76476f4def4bb94541d57ebba1193381ffa7aa76ada664dd31c16024c43f59", + y: "0x3034dd2920f673e204fee2811c678745fc819b55d3e9d294e45c9b03a76aef41", + } + const q = { + x: [ + "0x209dd15ebff5d46c4bd888e51a93cf99a7329636c63514396b4a452003a35bf7", + "0x04bf11ca01483bfa8b34b43561848d28905960114c8ac04049af4b6315a41678", + ], + y: [ + "0x2bb8324af6cfc93537a2ad1a445cfd0ca2a71acd7ac41fadbf933c2a51be344d", + "0x120a2a4cf30c1bf9845f20c6fe39e07ea2cce61f0c9bb048165fe5e4de877550", + ], + } + const r = { + x: "0x111e129f1cf1097710d41c4ac70fcdfa5ba2023c6ff1cbeac322de49d1b6df7c", + y: "0x103188585e2364128fe25c70558f1560f4f9350baf3959e603cc91486e110936", + } + const s = { + x: [ + "0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2", + "0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed", + ], + y: [ + "0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b", + "0x12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa", + ], + } + let paired = await bn254.callStatic.checkPairing(p, q, r, s) + expect(paired).to.be.false + }) + + it("should create a point from a hash", async function () { + const message = 0x73616d706c65 + const point = await bn254.hashToPoint(message) + expect(point.x).to.be.equal( + "0x11e028f08c500889891cc294fe758a60e84495ec1e2d0bce208c9fc67b6486fd" + ) + expect(point.y).to.be.equal( + "0x0d6ac4f2b04c63535037985d348588d3e2a1f3aad7c3354e583bd77a93361364" + ) + }) + + it("should validate G1 point on curve", async function () { + const point = { + x: "0x2243525c5efd4b9c3d3c45ac0ca3fe4dd85e830a4ce6b65fa1eeaee202839703", + y: "0x301d1d33be6da8e509df21cc35964723180eed7532537db9ae5e7d48f195c915", + } + const isOnCurve = await bn254.isOnCurve(point) + expect(isOnCurve).to.be.true + }) + + it("should not validate G1 point not on curve", async function () { + const point = { + x: "0x2243525c5efd4b9c3d3c45ac0ca3fe4dd85e830a4ce6b65fa1eeaee202839703", + y: "0x301d1d33be6da8e509df21cc35964723180eed7532537db9ae5e7d48f195c916", + } + const isOnCurve = await bn254.isOnCurve(point) + expect(isOnCurve).to.be.false + }) + + it("should fail proof verification when first point is not on curve", async function () { let proof = { q: [ { i: -1, v: 1 }, @@ -52,18 +153,8 @@ describe("Bn254", function () { y: [1, 2], }, } - await expect(bn254.verifyProof(proof)).to.be.revertedWith( + expect(bn254.callStatic.verifyProof(proof)).to.be.revertedWith( "elliptic curve multiplication failed" ) }) - - // it("points should be paired correctly", async function () { - // expect(await bn254.pair()).to.be.true - // }) - - // it("can verify proof", async function () { - // let result = await bn254.verifyTx() - // console.log("verify result: " + JSON.stringify(result, null, 2)) - // expect(await bn254.verifyTx()).to.be.true - // }) }) diff --git a/test/Bn254Verifier.test.js b/test/Bn254Verifier.test.js deleted file mode 100644 index c70bca3..0000000 --- a/test/Bn254Verifier.test.js +++ /dev/null @@ -1,48 +0,0 @@ -const { expect } = require("chai") -const { ethers } = require("hardhat") -const { - snapshot, - revert, - ensureMinimumBlockHeight, - advanceTime, -} = require("./evm") - -describe("Bn254Verifier", function () { - let bn254 - - beforeEach(async function () { - await snapshot() - await ensureMinimumBlockHeight(256) - const Bn254Verifier = await ethers.getContractFactory("TestBn254Verifier") - verifier = await Bn254Verifier.deploy() - }) - - afterEach(async function () { - await revert() - }) - - it("fails when first point is not on Bn254 curve", async function () { - let proof = { - q: [ - { i: -1, v: 1 }, - { i: -2, v: 2 }, - { i: -3, v: 3 }, - ], - mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0], - sigma: { x: 1, y: 2 }, - u: [ - { x: 1, y: 2 }, - { x: 2, y: 2 }, - { x: 3, y: 3 }, - ], - name: ethers.utils.toUtf8Bytes("test"), - publicKey: { - x: [1, 2], - y: [1, 2], - }, - } - await expect(verifier.verifyProof(proof)).to.be.revertedWith( - "elliptic curve multiplication failed" - ) - }) -}) diff --git a/test/Proofs.test.js b/test/Proofs.test.js index c36e5fc..8306588 100644 --- a/test/Proofs.test.js +++ b/test/Proofs.test.js @@ -181,7 +181,26 @@ describe("Proofs", function () { }) it("fails proof submission when proof is incorrect", async function () { - await expect(proofs.submitProof(id, [])).to.be.revertedWith( + let proof = { + q: [ + { i: -1, v: 1 }, + { i: -2, v: 2 }, + { i: -3, v: 3 }, + ], + mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0], + sigma: { x: 1, y: 2 }, + u: [ + { x: 1, y: 2 }, + { x: 2, y: 2 }, + { x: 3, y: 3 }, + ], + name: ethers.utils.toUtf8Bytes("test"), + publicKey: { + x: [1, 2], + y: [1, 2], + }, + } + await expect(proofs.submitProof(id, proof)).to.be.revertedWith( "Invalid proof" ) }) @@ -194,6 +213,25 @@ describe("Proofs", function () { it("fails proof submission when already submitted", async function () { await advanceTimeTo(periodEnd(periodOf(await currentTime()))) + let proof = { + q: [ + { i: -1, v: 1 }, + { i: -2, v: 2 }, + { i: -3, v: 3 }, + ], + mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0], + sigma: { x: 1, y: 2 }, + u: [ + { x: 1, y: 2 }, + { x: 2, y: 2 }, + { x: 3, y: 3 }, + ], + name: ethers.utils.toUtf8Bytes("test"), + publicKey: { + x: [1, 2], + y: [1, 2], + }, + } await proofs.submitProof(id, proof) await expect(proofs.submitProof(id, proof)).to.be.revertedWith( "Proof already submitted" @@ -229,6 +267,25 @@ describe("Proofs", function () { it("does not mark a submitted proof as missing", async function () { await waitUntilProofIsRequired(id) let submittedPeriod = periodOf(await currentTime()) + let proof = { + q: [ + { i: -1, v: 1 }, + { i: -2, v: 2 }, + { i: -3, v: 3 }, + ], + mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0], + sigma: { x: 1, y: 2 }, + u: [ + { x: 1, y: 2 }, + { x: 2, y: 2 }, + { x: 3, y: 3 }, + ], + name: ethers.utils.toUtf8Bytes("test"), + publicKey: { + x: [1, 2], + y: [1, 2], + }, + } await proofs.submitProof(id, proof) await advanceTimeTo(periodEnd(submittedPeriod)) await expect(