Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
Public Member Functions | Public Attributes | Friends | List of all members
acir_format::EcdsaConstraint Struct Reference

ECDSA constraints. More...

#include <ecdsa_constraints.hpp>

Public Member Functions

 MSGPACK_FIELDS (hashed_message, signature, pub_x_indices, pub_y_indices, predicate, result)
 

Public Attributes

bb::CurveType type
 
std::array< uint32_t, 32 > hashed_message
 
std::array< uint32_t, 64 > signature
 
std::array< uint32_t, 32 > pub_x_indices
 
std::array< uint32_t, 32 > pub_y_indices
 
WitnessOrConstant< bb::frpredicate
 
uint32_t result
 

Friends

bool operator== (EcdsaConstraint const &lhs, EcdsaConstraint const &rhs)=default
 

Detailed Description

ECDSA constraints.

ECDSA constraints have seven components:

  1. type, the curve type used to distinguish which curve the ECDSA constraint is over
  2. hashed_message, an array of length 32 representing the witness indices of the byte representation of the hash of the message for which the signature must be verified
  3. signature, an array of length 64 representing the witness indices of the signature \((r, s)\) which must be verified. The components are represented as big-endian, 32-byte numbers.
  4. pub_x_indices, an array of length 32 representing the witness indices of the byte representation the x coordinate of the public key against which the signature should be verified.
  5. pub_y_indices, an array of length 32 representing the witness indices of the byte representation the y coordinate of the public key against which the signature should be verified.
  6. result, an array of length 1 representing the witness index of the expected result of the signature verification.
  7. predicate, a boolean witness (or constant) indicating whether the constraint should be disabled or not. If the predicate is witness false, then the constraint is disabled, i.e it must not fail and can return whatever. When predicate is set to witness false, we override some values to ensure that all the circuit constraints are satisfied:
    • We set - r = s = H(m) = 1 (the hash is set to 1 to avoid failures in the byte_array constructor)
    • We set the public key to be 2 times the generator of the curve.

Definition at line 40 of file ecdsa_constraints.hpp.

Member Function Documentation

◆ MSGPACK_FIELDS()

acir_format::EcdsaConstraint::MSGPACK_FIELDS ( hashed_message  ,
signature  ,
pub_x_indices  ,
pub_y_indices  ,
predicate  ,
result   
)

Friends And Related Symbol Documentation

◆ operator==

bool operator== ( EcdsaConstraint const &  lhs,
EcdsaConstraint const &  rhs 
)
friend

Member Data Documentation

◆ hashed_message

std::array<uint32_t, 32> acir_format::EcdsaConstraint::hashed_message

Definition at line 44 of file ecdsa_constraints.hpp.

◆ predicate

WitnessOrConstant<bb::fr> acir_format::EcdsaConstraint::predicate

Definition at line 58 of file ecdsa_constraints.hpp.

◆ pub_x_indices

std::array<uint32_t, 32> acir_format::EcdsaConstraint::pub_x_indices

Definition at line 52 of file ecdsa_constraints.hpp.

◆ pub_y_indices

std::array<uint32_t, 32> acir_format::EcdsaConstraint::pub_y_indices

Definition at line 53 of file ecdsa_constraints.hpp.

◆ result

uint32_t acir_format::EcdsaConstraint::result

Definition at line 61 of file ecdsa_constraints.hpp.

◆ signature

std::array<uint32_t, 64> acir_format::EcdsaConstraint::signature

Definition at line 47 of file ecdsa_constraints.hpp.

◆ type

bb::CurveType acir_format::EcdsaConstraint::type

Definition at line 41 of file ecdsa_constraints.hpp.

The documentation for this struct was generated from the following file: