- Install Noir by following these instructions.
- Change MSG_LEN constant to the length of the message you want to pass to the program.
- Run
noir check
command. - Pass the bytes of your message,
c
ands
constants,nullifier
andpk
(public key) points in format[[x_bytes], [y_bytes]]
to theProver.toml
file generated by the compiler. - Run
noir prove
command to getplume.proof
file inproofs
directory.
For plume_v1 and msg of length 29:
ACIR Opcodes: 4556085
Backend Circuit Size: 17125141
For plume_v2 and msg of length 29:
ACIR Opcodes: 4555884
Backend Circuit Size: 17117111
Implementation of the hash-to-curve algorithm based on this description.
Checked with the test described here.
hash_to_curve(msg)
Input: msg, an arbitrary-length byte string.
Output: P, a point in the secp256k1 curve.
Steps:
1. u = hash_to_field(msg)
2. Q0 = map_to_curve(u[0])
3. Q1 = map_to_curve(u[1])
4. P = iso_map(Q0) + iso_map(Q1)
5. return P
Implemented in src/hash_to_field.nr
.
Follows the algorithm described here.
Implemented in src/map_to_curve.nr
.
Follows the algorithm described here.
Implemented in src/iso_map.nr
.
Follows the algorithm described here.
Implemented in src/point_add.nr
.
Follows the algorithm described here.
Auxiliary library of large numbers implemented in src/hash_to_field.nr
. Based on this code.
For msg of length 3:
ACIR Opcodes: 1615724
Backend Circuit Size: 3786276