npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

babyjubjub-utils

v0.1.0

Published

Node package implementing JS utils functions for interacting with the Baby Jubjub curve and the noir-elgamal Noir package.

Downloads

3

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jat9292jat9292

Keywords

babyjubjub

Readme

babyjubjub-utils

Node package implementing utility functions for interacting with the Baby Jubjub curve and the noir-elgamal Noir package.

This package can be used in a NodeJS backend as well as inside a browser.

The baby-step giant-step algorithm (discrete logarithm computation) for the last step of decryption has been optimized via conversion to WASM and parallelization with Web Workers.

Read the documentation in this Readme after the Table of Contents. Alternatively the JSDocs can be read in the html page.

Several examples on how to use the package are available in the tests.

⚠️ Warning: the current implementation of the baby-step giant-step algorithm in the last step of decryption could be vulnerable to timing attacks, as the running time depends on the input. Please keep this in mind and apply extra caution if you wish to use it in production.

How to install

Create a JS project with npm, then install the babyjubjub-utils via :

npm i babyjubjub-utils

How to use in a front-end

If you want to use the entirety of the functions available in a front-end, it is important to configure your module bundler correctly as this package relies on some WASM and multithreading features for decryption.

As an example, see this simple Next JS project that we provided within the repository. It is doing key generation, encryption and decryption on the client side. The most crucial part is the way we set up the next.config.js file to make it compatible with the babyjubjub-utils package.

babyjubjub-utils

Table of Contents

Point

Type: Object

Properties

  • x bigint The X coordinate.
  • y bigint The Y coordinate.

KeyPair

Type: Object

Properties

  • privateKey bigint The private key.
  • publicKey Point The public key in uncompressed format, i.e a point on Baby Jubjub.

EncryptedValue

Type: Object

Properties

  • C1 Point C1 is the first part of the ciphertext, a point in Baby Jubjub. Same notations as on wikipedia.
  • C2 Point C2 is the second part of the ciphertext, a point in Baby Jubjub. Same notations as on wikipedia.
  • randomness bigint randomness parameter. Warning: should stay private and owned by the encryptor, but he could use it as a private input in the circuits.

privateToPublicKey

Converts a private key to its corresponding public key point on the Baby Jubjub curve.

Parameters

  • privateKey bigint The private key. Warning: should be a BigInt sampled randomly between 0 and l-1, where l is the order of the bigprime subgroup of Baby Jubjub. i.e l=2736030358979909402780800718157159386076813972158567259200215660948447373041

Returns Point The public key point with x and y coordinates which corresponds to the private key.

generatePrivateAndPublicKey

Generates randomly a pair of private/public keys on Baby Jubjub.

Returns KeyPair The generated private key and its associated uncompressed/unpacked public key.

elgamalEncrypt

Encrypts a plaintext value between 0 and 2**40-1=1099511627775 for a specific publicKey. The returned ciphertext using ElGamal encryption is a pair of Baby Jubjub points (C1,C2).

Parameters

  • publicKey Point The public key. Warning: The developer must ensures that this point is a valid public key, i.e a point on the big prime subgroup of Baby Jubjub.
  • plaintext number The plaintext. Warning: should be a number between 0 and 2**40-1=1099511627775 if you want to be able to decrypt it later using the baby-step giant-step algorithm.

Returns EncryptedValue The encryption of plaintext. (C1,C2) is the ciphertext composed of two Baby Jubjub points, and randomness is the big integer used as randomness during encryption which should stay private for the encryptor.

elgamalDecryptEmbedded

Decrypts the ciphertext in an embedded form, i.e as a point on the Baby Jubjub curve defined by G^(plaintext), G is the generator point. You would still need to appy the Baby-step Giant-step algorithm via the compute_dlog function, to get back the original unencrypted value.

Parameters

  • privateKey bigint The privatekey key. Warning: Please make sure to use the correct private key, or else the decryption will lead to an incorrect result.
  • C1 Point the first part of the ciphertext, a point in Baby Jubjub. Same notations as on wikipedia.
  • C2 Point the second part of the ciphertext, a point in Baby Jubjub. Same notations as on wikipedia.

Returns Point The decrypted value in embedded form.

addPoints

Adds two points on the Baby Jubjub curve. Could be used for homomorphic addition of ciphertexts, eg : (C1,C2)+(C1',C2')=((C1+C1'),(C2+C2'))

Parameters

  • P1 Point First point. Warning: The developer must ensures that this point is on the Baby Jubjub curve.
  • P2 Point Second point. Warning: The developer must ensures that this point is on the Baby Jubjub curve.

Returns Point The resulting point from addition, i.e P1+P2.

packPoint

Packs a public key, from uncompressed form (i.e a point on the big subgroup of Baby Jubjub) to a compressed form (i.e a BigInt)

Parameters

  • publicKey Point The uncompressed/unpacked public key. Warning: The developer must ensures that this point is on the Baby Jubjub curve, and more specifically in its big prime subgroup.

Returns bigint The resulting compressed/packed public key.

unpackPoint

Unpacks a packed public key, this is the opposite of packPoint

Parameters

  • packedPublicKey bigint The packed public key. Warning: The developer must ensures that it is a valid public key.

Returns Point The resulting compressed/packed public key.

bigintToBytes32

Converts a bigint to a string in hex format with 0s padded on the left if needed, to later cast it easily as a bytes32 in Solidity or Noir.

Parameters

  • bigInt bigint The big integer. Warning: The developer must ensures that it is a valid uint256/bytes32.

Returns string The resulting hex string.

elgamalEncryptPacked

This function is identical to elgamalEncrypt except that it takes the public key in packed form instead of its unpacked form. Encrypts a plaintext value between 0 and 2**40-1=1099511627775 for a specific packed publicKey. The returned ciphertext using ElGamal encryption is a pair of Baby Jubjub points (C1,C2).

Parameters

  • packedPublicKey bigint The public key. Warning: The developer must ensures that this point is a valid packed public key.
  • plaintext number The plaintext. Warning: should be a number between 0 and 2**40-1=1099511627775 if you want to be able to decrypt it later using the baby-step giant-step algorithm.

Returns EncryptedValue The encryption of plaintext. (C1,C2) is the ciphertext composed of two Baby Jubjub points, and randomness is the big integer used as randomness during encryption which should stay private for the encryptor.

compute_dlog

This function solves the discrete logarithm problem by applying the baby-step giant-step algorithm (optimized implementation in WASM). It is used to convert the decrypted value from its embedded form to its original integer value. ⚠️ Warning: the current implementation of the baby-step giant-step algorithm could be vulnerable to timing attacks, as the running time depends on the input. Please keep this in mind and apply extra caution if you wish to use it in production.

Parameters

  • decryptedEmbedded Point The decrypted value in embedded form, i.e typically the point outputed by elgamalDecryptEmbedded.
  • numberOfWorkers number The number of workers used for parallelization. For faster computation we recommend between 5 to 8 workers, if the client has enough cores.

Returns number The integer corresponding the original unencrypted value. Warning: The decryption will fail if the original value was outside the [0,2**40-1] range or if a wrong private key was used during the first step of decryption.

elgamalDecrypt

This function is identical to elgamalDecryptEmbedded followed by compute_dlog, so it returns directly the original unencrypted value as an integer, instead of its embedding on Baby Jubjub. ⚠️ Warning: the current implementation of compute_dlog could be vulnerable to timing attacks, as the running time depends on the input. Please keep this in mind and apply extra caution if you wish to use it in production.

Parameters

  • privateKey bigint The privatekey key. Warning: Please make sure to use the correct private key, or else the decryption will fail or lead to an incorrect result.
  • C1 Point the first part of the ciphertext, a point in Baby Jubjub. Same notations as on wikipedia.
  • C2 Point the second part of the ciphertext, a point in Baby Jubjub. Same notations as on wikipedia.
  • numberOfWorkers number The number of workers used for parallelization during the computation of the discrete logarithm. For faster computation we recommend between 5 to 8 workers, if the client has enough cores.

Returns number The integer corresponding the original unencrypted value. Warning: The decryption will fail if the original value was outside the [0,2**40-1] range or if a wrong private key was used.