maxgillett · February 4, 2022 20:23
diff --git a/bn128.py b/bn128.py
 from typing import List

 from eth_account.messages import encode_defunct, _hash_eip191_message
 from eth_utils import big_endian_to_int

 from fastecdsa.curve import Curve
 from fastecdsa import keys, ecdsa

 P = 0x2523648240000001ba344d80000000086121000000000013a700000000000013
 N = 0x2523648240000001ba344d8000000007ff9f800000000010a10000000000000d

 BN128 = Curve(
    name='BN128',
    p=P,
    a=0,
    b=2,
    q=N,
    gx=0x2523648240000001ba344d80000000086121000000000013a700000000000012,
    gy=1,
 )

 hex_message = '0x49e299a55346'
 message = encode_defunct(hexstr=hex_message)
 message_hash = _hash_eip191_message(message)

 priv_key = 6085657696930404735701793182981912633161924824257970801516674368760204638101
 pub_key = keys.get_public_key(priv_key, BN128)

 # Sign message
 r, s = ecdsa.sign(message_hash, priv_key, prehashed=True)
 z = big_endian_to_int(message_hash)

 # Verify signature
 valid = ecdsa.verify((r, s), message_hash, pub_key, curve=BN128, prehashed=True)
 print(valid)

 # Encode into BigInt3
 def split(num: int) -> List[int]:
    """
    Takes a 256-bit integer and returns its canonical representation as:
        d0 + BASE * d1 + BASE**2 * d2,
    where BASE = 2**86.
    """
    BASE = 2 ** 86
    a = []
    for _ in range(3):
        num, residue = divmod(num, BASE)
        a.append(hex(residue))
    assert num == 0
    return a

 print("pub_key:", split(pub_key.x), split(pub_key.y))
 print("r:", split(r))
 print("s:", split(s))
 print("msg_hash:", split(z))
	from typing import List

	from eth_account.messages import encode_defunct, _hash_eip191_message
	from eth_utils import big_endian_to_int

	from fastecdsa.curve import Curve
	from fastecdsa import keys, ecdsa

	P = 0x2523648240000001ba344d80000000086121000000000013a700000000000013
	N = 0x2523648240000001ba344d8000000007ff9f800000000010a10000000000000d

	BN128 = Curve(
	name='BN128',
	p=P,
	a=0,
	b=2,
	q=N,
	gx=0x2523648240000001ba344d80000000086121000000000013a700000000000012,
	gy=1,
	)

	hex_message = '0x49e299a55346'
	message = encode_defunct(hexstr=hex_message)
	message_hash = _hash_eip191_message(message)

	priv_key = 6085657696930404735701793182981912633161924824257970801516674368760204638101
	pub_key = keys.get_public_key(priv_key, BN128)

	# Sign message
	r, s = ecdsa.sign(message_hash, priv_key, prehashed=True)
	z = big_endian_to_int(message_hash)

	# Verify signature
	valid = ecdsa.verify((r, s), message_hash, pub_key, curve=BN128, prehashed=True)
	print(valid)

	# Encode into BigInt3
	def split(num: int) -> List[int]:
	"""
	Takes a 256-bit integer and returns its canonical representation as:
	d0 + BASE * d1 + BASE*2 d2,
	where BASE = 2**86.
	"""
	BASE = 2 ** 86
	a = []
	for _ in range(3):
	num, residue = divmod(num, BASE)
	a.append(hex(residue))
	assert num == 0
	return a

	print("pub_key:", split(pub_key.x), split(pub_key.y))
	print("r:", split(r))
	print("s:", split(s))
	print("msg_hash:", split(z))