Skip to main content

ForeignCurveNotNeeded

Defined in: lib/provable/crypto/foreign-curve.ts:402

@see: ForeignCurve

Extends

Constructors

new ForeignCurveNotNeeded()

new ForeignCurveNotNeeded(g: {
x: number | bigint | Field3 | AlmostForeignField;
y: number | bigint | Field3 | AlmostForeignField;
}): ForeignCurveNotNeeded

Defined in: lib/provable/crypto/foreign-curve.ts:403

Parameters

g
x

number | bigint | Field3 | AlmostForeignField

y

number | bigint | Field3 | AlmostForeignField

Returns

ForeignCurveNotNeeded

Overrides

ForeignCurve.constructor

Properties

x

x: AlmostForeignField;

Defined in: lib/provable/crypto/foreign-curve.ts:31

Inherited from

ForeignCurve.x


y

y: AlmostForeignField;

Defined in: lib/provable/crypto/foreign-curve.ts:32

Inherited from

ForeignCurve.y


_Bigint?

static optional _Bigint: {};

Defined in: lib/provable/crypto/foreign-curve.ts:360

Inherited from

ForeignCurve._Bigint


_Field?

static optional _Field: typeof AlmostForeignField;

Defined in: lib/provable/crypto/foreign-curve.ts:361

Inherited from

ForeignCurve._Field


_provable?

static optional _provable: ProvablePureExtended<ForeignCurve, {
x: bigint;
y: bigint;
}, {
x: string;
y: string;
}>;

Defined in: lib/provable/crypto/foreign-curve.ts:363

Inherited from

ForeignCurve._provable


_Scalar?

static optional _Scalar: typeof AlmostForeignField;

Defined in: lib/provable/crypto/foreign-curve.ts:362

Inherited from

ForeignCurve._Scalar

Accessors

Constructor

Get Signature

get Constructor(): typeof ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:357

Returns

typeof ForeignCurve

Inherited from

ForeignCurve.Constructor


modulus

Get Signature

get modulus(): bigint

Defined in: lib/provable/crypto/foreign-curve.ts:200

The size of the curve's base field.

Returns

bigint

Inherited from

ForeignCurve.modulus


Bigint

Get Signature

get static Bigint(): {}

Defined in: lib/provable/crypto/foreign-curve.ts:372

Curve arithmetic on JS bigints.

Returns
{}

Inherited from

ForeignCurve.Bigint


Field

Get Signature

get static Field(): typeof AlmostForeignField

Defined in: lib/provable/crypto/foreign-curve.ts:379

The base field of this curve as a ForeignField.

Returns

typeof AlmostForeignField

Inherited from

ForeignCurve.Field


generator

Get Signature

get static generator(): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:188

The constant generator point.

Returns

ForeignCurve

Inherited from

ForeignCurve.generator


modulus

Get Signature

get static modulus(): bigint

Defined in: lib/provable/crypto/foreign-curve.ts:194

The size of the curve's base field.

Returns

bigint

Inherited from

ForeignCurve.modulus


provable

Get Signature

get static provable(): ProvablePureExtended<ForeignCurve, {
x: bigint;
y: bigint;
}, {
x: string;
y: string;
}>

Defined in: lib/provable/crypto/foreign-curve.ts:393

Provable<ForeignCurve>

Returns

ProvablePureExtended<ForeignCurve, { x: bigint; y: bigint; }, { x: string; y: string; }>

Inherited from

ForeignCurve.provable


Scalar

Get Signature

get static Scalar(): typeof AlmostForeignField

Defined in: lib/provable/crypto/foreign-curve.ts:386

The scalar field of this curve as a ForeignField.

Returns

typeof AlmostForeignField

Inherited from

ForeignCurve.Scalar

Methods

add()

add(h: 
| ForeignCurve
| FlexiblePoint): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:241

Elliptic curve addition.

let r = p.add(q); // r = p + q

Important: this is incomplete addition and does not handle the degenerate cases:

  • Inputs are equal, g = h (where you would use double). In this case, the result of this method is garbage and can be manipulated arbitrarily by a malicious prover.
  • Inputs are inverses of each other, g = -h, so that the result would be the zero point. In this case, the proof fails.

If you want guaranteed soundness regardless of the input, use addSafe instead.

Parameters

h

ForeignCurve | FlexiblePoint

Returns

ForeignCurve

Throws

if the inputs are inverses of each other.

Inherited from

ForeignCurve.add


addSafe()

addSafe(h: 
| ForeignCurve
| FlexiblePoint): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:259

Safe elliptic curve addition.

This is the same as add, but additionally proves that the inputs are not equal. Therefore, the method is guaranteed to either fail or return a valid addition result.

Beware: this is more expensive than add, and is still incomplete in that it does not succeed on equal or inverse inputs.

Parameters

h

ForeignCurve | FlexiblePoint

Returns

ForeignCurve

Throws

if the inputs are equal or inverses of each other.

Inherited from

ForeignCurve.addSafe


assertInSubgroup()

assertInSubgroup(): void

Defined in: lib/provable/crypto/foreign-curve.ts:339

Assert that this point lies in the subgroup defined by order*P = 0.

Note: this is a no-op if the curve has cofactor equal to 1. Otherwise it performs the full scalar multiplication order*P and is expensive.

Returns

void

Inherited from

ForeignCurve.assertInSubgroup


assertOnCurve()

assertOnCurve(): void

Defined in: lib/provable/crypto/foreign-curve.ts:323

Assert that this point lies on the elliptic curve, which means it satisfies the equation y^2 = x^3 + ax + b

Returns

void

Inherited from

ForeignCurve.assertOnCurve


double()

double(): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:278

Elliptic curve doubling.

Returns

ForeignCurve

Example

let r = p.double(); // r = 2 * p

Inherited from

ForeignCurve.double


negate()

negate(): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:292

Elliptic curve negation.

Returns

ForeignCurve

Example

let r = p.negate(); // r = -p

Inherited from

ForeignCurve.negate


scale()

scale(scalar: number | bigint | AlmostForeignField): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:308

Elliptic curve scalar multiplication, where the scalar is represented as a ForeignField element.

Important: this proves that the result of the scalar multiplication is not the zero point.

Parameters

scalar

number | bigint | AlmostForeignField

Returns

ForeignCurve

Throws

if the scalar multiplication results in the zero point; for example, if the scalar is zero.

Example

let r = p.scale(s); // r = s * p

Inherited from

ForeignCurve.scale


toBigint()

toBigint(): GroupAffine

Defined in: lib/provable/crypto/foreign-curve.ts:217

Convert this curve point to a point with bigint coordinates.

Returns

GroupAffine

Inherited from

ForeignCurve.toBigint


assertInSubgroup()

static assertInSubgroup(g: ForeignCurve): void

Defined in: lib/provable/crypto/foreign-curve.ts:327

Parameters

g

ForeignCurve

Returns

void

Inherited from

ForeignCurve.assertInSubgroup


assertOnCurve()

static assertOnCurve(g: ForeignCurve): void

Defined in: lib/provable/crypto/foreign-curve.ts:315

Parameters

g

ForeignCurve

Returns

void

Inherited from

ForeignCurve.assertOnCurve


check()

static check(g: ForeignCurveNotNeeded): void

Defined in: lib/provable/crypto/foreign-curve.ts:410

Check that this is a valid element of the target subgroup of the curve:

  • Check that the coordinates are valid field elements
  • Use () to check that the point lies on the curve
  • If the curve has cofactor unequal to 1, use ().

Parameters

g

ForeignCurveNotNeeded

Returns

void

Overrides

ForeignCurve.check


from()

static from(g: 
| ForeignCurve
| FlexiblePoint): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:64

Coerce the input to a ForeignCurve.

Parameters

g

ForeignCurve | FlexiblePoint

Returns

ForeignCurve

Inherited from

ForeignCurve.from


fromEthers()

static fromEthers(hex: string): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:142

Create a new ForeignCurve instance from an Ethereum public key in hex format, which may be either compressed or uncompressed. This method is designed to handle the parsing of public keys as used by the ethers.js library.

The input should represent the affine x and y coordinates of the point, in hexadecimal format. Compressed keys are 33 bytes long and begin with 0x02 or 0x03, while uncompressed keys are 65 bytes long and begin with 0x04.

Warning: This method is specifically designed for use with the Secp256k1 curve. Using it with other curves may result in incorrect behavior or errors. Ensure that the curve setup matches Secp256k1, as shown in the example, to avoid unintended issues.

Parameters

hex

string

The public key as a hexadecimal string (without the "0x" prefix).

Returns

ForeignCurve

A new instance of the curve representing the given public key.

Example

import { Wallet, Signature, getBytes } from 'ethers';

class Secp256k1 extends createForeignCurve(Crypto.CurveParams.Secp256k1) {}

const wallet = Wallet.createRandom();

const publicKey = Secp256k1.fromEthers(wallet.publicKey.slice(2));

Inherited from

ForeignCurve.fromEthers


fromHex()

static fromHex(hex: string): ForeignCurve

Defined in: lib/provable/crypto/foreign-curve.ts:91

Parses a hexadecimal string representing an uncompressed elliptic curve point and coerces it into a ForeignCurve point.

The method extracts the x and y coordinates from the provided hex string and verifies that the resulting point lies on the curve.

Note: This method only supports uncompressed elliptic curve points, which are 65 bytes in total (1-byte prefix + 32 bytes for x + 32 bytes for y).

Parameters

hex

string

The hexadecimal string representing the uncompressed elliptic curve point.

Returns

ForeignCurve

  • A point on the foreign curve, parsed from the given hexadecimal string.

Throws

  • Throws an error if the input is not a valid public key.

Example

class Secp256k1 extends createForeignCurve(Crypto.CurveParams.Secp256k1) {}

const publicKeyHex = '04f8b8db25c619d0c66b2dc9e97ecbafafae...'; // Example hex string for uncompressed point
const point = Secp256k1.fromHex(publicKeyHex);

Important: This method is only designed to handle uncompressed elliptic curve points in hex format.

Inherited from

ForeignCurve.fromHex