-
Notifications
You must be signed in to change notification settings - Fork 0
/
sandbox-cheatsheet.txt
88 lines (73 loc) · 3.45 KB
/
sandbox-cheatsheet.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
1. install sandbox
```bash -i <(curl -s install.aztec.network)
2. Start the sandbox by running:
```cd ~/.aztec && docker-compose -f ./docker-compose.sandbox.yml up
3. Run PXE Mode in Another Terminal:
```aztec start --port 8081 --pxe nodeUrl=http://localhost:8080/
or
```aztec start --port 8081 nodeUrl=http://localhost:8080/ --pxe
contract BetterECDSA{
use dep::aztec::prelude::{PrivateContext, PrivateImmutable};
use dep::aztec::{
encrypted_logs::encrypted_note_emission::encode_and_encrypt_note_with_keys,
keys::getters::get_current_public_keys
};
use dep::authwit::{
entrypoint::{app::AppPayload, fee::FeePayload}, account::AccountActions,
auth_witness::get_auth_witness
};
use dep::ecdsa_public_key_note::EcdsaPublicKeyNote;
// Storage
#[aztec(storage)]
struct Storage{
public_key: PrivateState<EcdsaPublicKeyNote>,
}
#[aztec(private)]
#[aztec(initializer)]
fn constructor(signing_pub_key_x: [u8; 32], signing_pub_key_y: [u8; 32]) {
let this = context.this_address();
let this_keys = get_current_public_keys(&mut context, this);
let mut pub_key_note = EcdsaPublicKeyNote::new(signing_pub_key_x, signing_pub_key_y, this_keys.npk_m.hash());
storage.public_key.set(&mut pub_key_note).emit(encode_and_encrypt_note_with_keys(&mut context, this_keys.ovpk_m, this_keys.ivpk_m, this));
}
#[aztec(private)]
fn entrypoint(app_payload: AppPayload, fee_payload: FeePayload, cancellable: bool) {
let actions = AccountActions::init(&mut context, is_valid_impl);
actions.entrypoint(app_payload, fee_payload, cancellable);
}
#[aztec(private)]
#[aztec(noinitcheck)]
#[aztec(view)]
fn verify_private_authwit(inner_hash: Field) -> Field {
let actions = AccountActions::init(&mut context, is_valid_impl);
actions.verify_private_authwit(inner_hash)
}
#[contract_library_method]
fn is_valid_impl(context: &mut PrivateContext, outer_hash: Field) -> bool {
// Load public key from storage
let storage = Storage::init(context);
let public_key = storage.public_key.get_note();
// Load auth witness
let witness: [Field; 64] = unsafe {
get_auth_witness(outer_hash)
};
let mut signature: [u8; 64] = [0; 64];
for i in 0..64 {
signature[i] = witness[i] as u8;
}
// Verify payload signature using Ethereum's signing scheme
// Note that noir expects the hash of the message/challenge as input to the ECDSA verification.
let outer_hash_bytes: [u8; 32] = outer_hash.to_be_bytes();
let hashed_message: [u8; 32] = std::hash::sha256(outer_hash_bytes);
std::ecdsa_secp256k1::verify_signature(public_key.x, public_key.y, signature, hashed_message)
}
// New function to rotate the signing key
#[aztec(private)]
fn rotate_key(new_signing_pub_key_x: [u8; 32], new_signing_pub_key_y: [u8; 32]) {
let this = context.this_address();
let this_keys = get_current_public_keys(&mut context, this);
assert(is_valid_impl(&mut context, context.msg_sender()), "Unauthorized key rotation attempt");
let mut new_pub_key_note = EcdsaPublicKeyNote::new(new_signing_pub_key_x, new_signing_pub_key_y, this_keys.npk_m.hash());
storage.public_key.set(&mut new_pub_key_note).emit(encode_and_encrypt_note_with_keys(&mut context, this_keys.ovpk_m, this_keys.ivpk_m, this));
}
}