From 74c66a795151b8f4f94576511f7ec0de4d596f9d Mon Sep 17 00:00:00 2001
From: Suyash Bagad <suyash@aztecprotocol.com>
Date: Thu, 2 Mar 2023 15:00:17 +0530
Subject: [PATCH] Add ecdsa signature in types. (#193)

Rebase fixes.

Fix. (#195)

Fix `to_nt`
---
 cpp/src/aztec/crypto/ecdsa/ecdsa.hpp          | 38 +++++++++++++++++++
 .../proofs/join_split/c_bind.cpp              |  2 +-
 .../proofs/join_split/join_split.cpp          |  5 ++-
 .../proofs/join_split/join_split.hpp          |  2 +-
 .../aztec/stdlib/encryption/ecdsa/ecdsa.hpp   | 11 ++++++
 .../aztec/stdlib/hash/sha256/sha256.bench.cpp |  4 +-
 cpp/src/aztec/stdlib/types/circuit_types.hpp  |  2 +
 cpp/src/aztec/stdlib/types/convert.hpp        | 32 ++++++++++++++++
 cpp/src/aztec/stdlib/types/native_types.hpp   |  4 +-
 9 files changed, 93 insertions(+), 7 deletions(-)

diff --git a/cpp/src/aztec/crypto/ecdsa/ecdsa.hpp b/cpp/src/aztec/crypto/ecdsa/ecdsa.hpp
index fb9d7644fc..bce89a7243 100644
--- a/cpp/src/aztec/crypto/ecdsa/ecdsa.hpp
+++ b/cpp/src/aztec/crypto/ecdsa/ecdsa.hpp
@@ -1,6 +1,8 @@
+#pragma once
 #include "../hashers/hashers.hpp"
 #include <array>
 #include <string>
+#include <ecc/curves/secp256k1/secp256k1.hpp>
 
 namespace crypto {
 namespace ecdsa {
@@ -21,6 +23,42 @@ template <typename Hash, typename Fq, typename Fr, typename G1>
 bool verify_signature(const std::string& message,
                       const typename G1::affine_element& public_key,
                       const signature& signature);
+
+inline bool operator==(signature const& lhs, signature const& rhs)
+{
+    return lhs.r == rhs.r && lhs.s == rhs.s;
+}
+
+inline std::ostream& operator<<(std::ostream& os, signature const& sig)
+{
+    os << "{ " << sig.r << ", " << sig.s << " }";
+    return os;
+}
+
+template <typename B> inline void read(B& it, signature& sig)
+{
+    read(it, sig.r);
+    read(it, sig.s);
+}
+
+template <typename B> inline void write(B& buf, signature const& sig)
+{
+    write(buf, sig.r);
+    write(buf, sig.s);
+}
+
+template <typename B> inline void read(B& it, key_pair<secp256k1::fr, secp256k1::g1>& keypair)
+{
+    read(it, keypair.private_key);
+    read(it, keypair.public_key);
+}
+
+template <typename B> inline void write(B& buf, key_pair<secp256k1::fr, secp256k1::g1> const& keypair)
+{
+    write(buf, keypair.private_key);
+    write(buf, keypair.public_key);
+}
+
 } // namespace ecdsa
 } // namespace crypto
 
diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp
index 81cd60a157..bea25ddf29 100644
--- a/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp
+++ b/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp
@@ -95,7 +95,7 @@ WASM_EXPORT void* join_split__new_prover(uint8_t const* join_split_buf, bool moc
 {
     auto tx = from_buffer<join_split_tx>(join_split_buf);
     auto prover = new_join_split_prover(tx, mock);
-    auto heapProver = new plonk::TurboProver(std::move(prover));
+    auto heapProver = new plonk::stdlib::types::Prover(std::move(prover));
     return heapProver;
 }
 
diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp
index 8cab72ce2e..08009b9656 100644
--- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp
+++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp
@@ -64,7 +64,7 @@ void init_verification_key(std::shared_ptr<bonk::VerifierMemReferenceString> con
     verification_key = std::make_shared<bonk::verification_key>(std::move(vk_data), crs);
 }
 
-plonk::TurboProver new_join_split_prover(join_split_tx const& tx, bool mock)
+plonk::stdlib::types::Prover new_join_split_prover(join_split_tx const& tx, bool mock)
 {
     Composer composer(proving_key, nullptr);
     join_split_circuit(composer, tx);
@@ -89,7 +89,8 @@ plonk::TurboProver new_join_split_prover(join_split_tx const& tx, bool mock)
 
 bool verify_proof(plonk::proof const& proof)
 {
-    plonk::TurboVerifier verifier(verification_key, Composer::create_manifest(verification_key->num_public_inputs));
+    plonk::stdlib::types::Verifier verifier(verification_key,
+                                            Composer::create_manifest(verification_key->num_public_inputs));
 
     std::unique_ptr<plonk::KateCommitmentScheme<plonk::turbo_settings>> kate_commitment_scheme =
         std::make_unique<plonk::KateCommitmentScheme<plonk::turbo_settings>>();
diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp
index 50b0ddf25c..4cd6b28f9a 100644
--- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp
+++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp
@@ -21,7 +21,7 @@ void init_verification_key(std::unique_ptr<bonk::ReferenceStringFactory>&& crs_f
 void init_verification_key(std::shared_ptr<bonk::VerifierMemReferenceString> const& crs,
                            bonk::verification_key_data&& vk_data);
 
-plonk::TurboProver new_join_split_prover(join_split_tx const& tx, bool mock);
+plonk::stdlib::types::Prover new_join_split_prover(join_split_tx const& tx, bool mock);
 
 bool verify_proof(plonk::proof const& proof);
 
diff --git a/cpp/src/aztec/stdlib/encryption/ecdsa/ecdsa.hpp b/cpp/src/aztec/stdlib/encryption/ecdsa/ecdsa.hpp
index bdd67f46b4..56528c2bde 100644
--- a/cpp/src/aztec/stdlib/encryption/ecdsa/ecdsa.hpp
+++ b/cpp/src/aztec/stdlib/encryption/ecdsa/ecdsa.hpp
@@ -1,5 +1,6 @@
 #pragma once
 
+#include <crypto/ecdsa/ecdsa.hpp>
 #include "../../primitives/byte_array/byte_array.hpp"
 #include "../../primitives/composers/composers_fwd.hpp"
 
@@ -16,6 +17,16 @@ template <typename Composer, typename Curve, typename Fq, typename Fr, typename
 bool_t<Composer> verify_signature(const stdlib::byte_array<Composer>& message,
                                   const G1& public_key,
                                   const signature<Composer>& sig);
+
+template <typename Composer>
+static signature<Composer> from_witness(Composer* ctx, const crypto::ecdsa::signature& input)
+{
+    byte_array x(ctx, input.r);
+    byte_array y(ctx, input.s);
+    signature<Composer> out(x, y);
+    return out;
+}
+
 } // namespace ecdsa
 } // namespace stdlib
 } // namespace plonk
diff --git a/cpp/src/aztec/stdlib/hash/sha256/sha256.bench.cpp b/cpp/src/aztec/stdlib/hash/sha256/sha256.bench.cpp
index 25d0efc159..0c2a92cc32 100644
--- a/cpp/src/aztec/stdlib/hash/sha256/sha256.bench.cpp
+++ b/cpp/src/aztec/stdlib/hash/sha256/sha256.bench.cpp
@@ -29,8 +29,8 @@ void generate_test_plonk_circuit(Composer& composer, size_t num_bytes)
 }
 
 Composer composers[NUM_HASHES];
-plonk::TurboProver provers[NUM_HASHES];
-plonk::TurboVerifier verifiers[NUM_HASHES];
+plonk::stdlib::types::Prover provers[NUM_HASHES];
+plonk::stdlib::types::Verifier verifiers[NUM_HASHES];
 plonk::proof proofs[NUM_HASHES];
 
 void construct_witnesses_bench(State& state) noexcept
diff --git a/cpp/src/aztec/stdlib/types/circuit_types.hpp b/cpp/src/aztec/stdlib/types/circuit_types.hpp
index ac224c0f35..68b2257f43 100644
--- a/cpp/src/aztec/stdlib/types/circuit_types.hpp
+++ b/cpp/src/aztec/stdlib/types/circuit_types.hpp
@@ -1,6 +1,7 @@
 #pragma once
 #include <stdlib/primitives/address/address.hpp>
 #include <stdlib/encryption/schnorr/schnorr.hpp>
+#include <stdlib/encryption/ecdsa/ecdsa.hpp>
 #include <stdlib/primitives/bigfield/bigfield.hpp>
 #include <stdlib/primitives/biggroup/biggroup.hpp>
 #include <stdlib/primitives/bit_array/bit_array.hpp>
@@ -53,6 +54,7 @@ template <typename Composer> struct CircuitTypes {
     // typedef packed_byte_array<Composer> packed_byte_array;
 
     // typedef stdlib::schnorr::signature_bits<Composer> signature;
+    typedef stdlib::ecdsa::signature<Composer> ecdsa_signature;
 
     typedef stdlib::recursion::recursion_output<bn254> AggregationObject;
     typedef stdlib::recursion::verification_key<bn254> VK;
diff --git a/cpp/src/aztec/stdlib/types/convert.hpp b/cpp/src/aztec/stdlib/types/convert.hpp
index 5a341f3873..9489a1e0a6 100644
--- a/cpp/src/aztec/stdlib/types/convert.hpp
+++ b/cpp/src/aztec/stdlib/types/convert.hpp
@@ -56,6 +56,12 @@ typename CT<Composer>::bn254_point to_ct(Composer& composer, typename NT::bn254_
     return CT<Composer>::bn254_point::from_witness(&composer, e);
 };
 
+template <typename Composer>
+typename CT<Composer>::ecdsa_signature to_ct(Composer& composer, typename NT::ecdsa_signature const& e)
+{
+    return CT<Composer>::ecdsa_signature::template from_witness<Composer>(&composer, e);
+};
+
 template <typename Composer>
 std::optional<typename CT<Composer>::boolean> to_ct(Composer& composer, std::optional<typename NT::boolean> const& e)
 {
@@ -81,6 +87,13 @@ std::optional<typename CT<Composer>::grumpkin_point> to_ct(Composer& composer,
     return e ? std::make_optional<typename CT<Composer>::grumpkin_point>(to_ct(composer, *e)) : std::nullopt;
 };
 
+template <typename Composer>
+std::optional<typename CT<Composer>::ecdsa_signature> to_ct(Composer& composer,
+                                                            std::optional<typename NT::ecdsa_signature> const& e)
+{
+    return e ? std::make_optional<typename CT<Composer>::ecdsa_signature>(to_ct(&composer, e)) : std::nullopt;
+};
+
 template <typename Composer>
 std::vector<typename CT<Composer>::fr> to_ct(Composer& composer, std::vector<typename NT::fr> const& vec)
 {
@@ -155,6 +168,19 @@ template <typename Composer> typename NT::bn254_point to_nt(typename CT<Composer
     return e.get_value();
 };
 
+template <typename Composer> typename NT::ecdsa_signature to_nt(typename CT<Composer>::ecdsa_signature const& e)
+{
+    std::vector<uint8_t> r_bytes = e.r.get_value();
+    std::vector<uint8_t> s_bytes = e.s.get_value();
+
+    std::array<uint8_t, 32> r_array;
+    std::array<uint8_t, 32> s_array;
+    std::copy(r_bytes.begin(), r_bytes.end(), r_array.begin());
+    std::copy(s_bytes.begin(), s_bytes.end(), s_array.begin());
+
+    return NT::ecdsa_signature{ r_array, s_array };
+};
+
 template <typename Composer>
 std::optional<typename NT::boolean> to_nt(std::optional<typename CT<Composer>::boolean> const& e)
 {
@@ -178,6 +204,12 @@ std::optional<typename NT::grumpkin_point> to_nt(std::optional<typename CT<Compo
     return e ? std::make_optional<typename NT::grumpkin_point>(to_nt<Composer>(*e)) : std::nullopt;
 };
 
+template <typename Composer>
+std::optional<typename NT::ecdsa_signature> to_nt(std::optional<typename CT<Composer>::ecdsa_signature> const& e)
+{
+    return e ? std::make_optional<typename NT::ecdsa_signature>(to_nt<Composer>(*e)) : std::nullopt;
+};
+
 template <typename Composer> std::vector<typename NT::fr> to_nt(std::vector<typename CT<Composer>::fr> const& vec)
 {
     auto ref_to_nt = [&](typename CT<Composer>::fr const& e) { return to_nt<Composer>(e); };
diff --git a/cpp/src/aztec/stdlib/types/native_types.hpp b/cpp/src/aztec/stdlib/types/native_types.hpp
index f45a0269d9..60691d105c 100644
--- a/cpp/src/aztec/stdlib/types/native_types.hpp
+++ b/cpp/src/aztec/stdlib/types/native_types.hpp
@@ -3,13 +3,14 @@
 #include <crypto/pedersen_commitment/pedersen.hpp>
 #include <crypto/generators/generator_data.hpp>
 #include <crypto/schnorr/schnorr.hpp>
+#include <crypto/ecdsa/ecdsa.hpp>
 #include <ecc/curves/bn254/fq.hpp>
 #include <ecc/curves/bn254/fr.hpp>
 #include <ecc/curves/bn254/g1.hpp>
 #include <ecc/curves/grumpkin/grumpkin.hpp>
 #include <numeric/uint256/uint256.hpp>
 #include <proof_system/verification_key/verification_key.hpp>
-#include <plonk/proof_system/types/plonk_proof.hpp>
+#include <plonk/proof_system/types/proof.hpp>
 #include <stdlib/recursion/verifier/verifier.hpp>
 
 // #include <stdlib/primitives/bit_array/bit_array.hpp>
@@ -54,6 +55,7 @@ struct NativeTypes {
     // typedef packed_byte_array packed_byte_array;
 
     // typedef crypto::schnorr::signature signature;
+    typedef crypto::ecdsa::signature ecdsa_signature;
 
     typedef stdlib::recursion::native_recursion_output AggregationObject;
     typedef bonk::verification_key_data VKData;