diff --git a/.github/workflows/sdk.yml b/.github/workflows/sdk.yml index f677dab..58e1339 100644 --- a/.github/workflows/sdk.yml +++ b/.github/workflows/sdk.yml @@ -45,4 +45,4 @@ jobs: python -m venv .env source .env/bin/activate maturin develop --release --features openssl/vendored - python test.py + python python/aleo/test.py diff --git a/sdk/Cargo.lock b/sdk/Cargo.lock index f59ff0d..e124744 100644 --- a/sdk/Cargo.lock +++ b/sdk/Cargo.lock @@ -43,6 +43,8 @@ name = "aleo" version = "0.2.0" dependencies = [ "anyhow", + "indexmap", + "once_cell", "openssl", "pyo3", "rand", diff --git a/sdk/Cargo.toml b/sdk/Cargo.toml index b9b447f..1f284e6 100644 --- a/sdk/Cargo.toml +++ b/sdk/Cargo.toml @@ -11,6 +11,8 @@ crate-type = ["cdylib"] [dependencies] anyhow = "1" +indexmap = "2.1.0" +once_cell = "1.18.0" openssl = "0.10" pyo3 = { version = "0.20.0", features = ["extension-module", "abi3-py37", "anyhow"] } rand = { version = "^0.8" } diff --git a/sdk/install.sh b/sdk/install.sh index 9f37efe..20f477d 100755 --- a/sdk/install.sh +++ b/sdk/install.sh @@ -7,4 +7,4 @@ python3 -m venv .env source .env/bin/activate pip install maturin maturin develop -python test.py +python python/aleo/test.py diff --git a/sdk/pyproject.toml b/sdk/pyproject.toml index 1de9300..822b436 100644 --- a/sdk/pyproject.toml +++ b/sdk/pyproject.toml @@ -9,6 +9,7 @@ description = "A Python SDK for zero-knowledge cryptography based on Aleo" repository = "https://github.com/AleoHQ/python-sdk/tree/master/sdk" license = "GPL-3.0-or-later" authors = ["Konstantin Pandl", "Mike Turner", "Roman Proskuryakov"] +python-source = "python" [tool.pyright] reportMissingModuleSource = false # don't report missing aleo.so for CI purposes diff --git a/sdk/python/aleo/__init__.py b/sdk/python/aleo/__init__.py new file mode 100644 index 0000000..e8a5894 --- /dev/null +++ b/sdk/python/aleo/__init__.py @@ -0,0 +1,58 @@ +from __future__ import annotations + +from .aleo import * + +__doc__ = aleo.__doc__ + +class Encryptor: + @staticmethod + # Encrypt a private key into ciphertext using a secret + def encrypt_private_key_with_secret(private_key: PrivateKey, secret: str) -> Ciphertext: + seed = private_key.seed() + return Encryptor.__encrypt_field(seed, secret, "private_key") + + @staticmethod + # Decrypt a private key from ciphertext using a secret + def decrypt_private_key_with_secret(ciphertext: Ciphertext, secret: str) -> PrivateKey: + seed = Encryptor.__decrypt_field(ciphertext, secret, "private_key") + return PrivateKey.from_seed(seed) + + @staticmethod + # Encrypted a field element into a ciphertext representation + def __encrypt_field(field: Field, secret: str, domain: str) -> Ciphertext: + domain_f = Field.domain_separator(domain) + secret_f = Field.domain_separator(secret) + + nonce = Field.random() + blinding = Network.hash_psd2([domain_f, nonce, secret_f]) + key = blinding * field + key_kv = (Identifier.from_string("key"), + Plaintext.from_literal(Literal.from_field(key))) + nonce_kv = (Identifier.from_string("nonce"), + Plaintext.from_literal(Literal.from_field(nonce))) + plaintext = Plaintext.new_struct([key_kv, nonce_kv]) + return plaintext.encrypt_symmetric(secret_f) + + @staticmethod + def __extract_value(plaintext: Plaintext, identifier: str) -> Field: + assert plaintext.is_struct() + ident = Identifier.from_string(identifier) + dec_map = plaintext.as_struct() + val = dec_map[ident] + assert val.is_literal() + literal = val.as_literal() + assert literal.type_name() == 'field' + return Field.from_string(str(literal)) + + @staticmethod + # Recover a field element encrypted within ciphertext + def __decrypt_field(ciphertext: Ciphertext, secret: str, domain: str) -> Field: + domain_f = Field.domain_separator(domain) + secret_f = Field.domain_separator(secret) + decrypted = ciphertext.decrypt_symmetric(secret_f) + assert decrypted.is_struct() + recovered_key = Encryptor.__extract_value(decrypted, "key") + recovered_nonce = Encryptor.__extract_value(decrypted, "nonce") + recovered_blinding = Network.hash_psd2([domain_f, recovered_nonce, secret_f]) + return recovered_key / recovered_blinding + diff --git a/sdk/aleo.pyi b/sdk/python/aleo/aleo.pyi similarity index 87% rename from sdk/aleo.pyi rename to sdk/python/aleo/aleo.pyi index 1df82fa..f5c7277 100644 --- a/sdk/aleo.pyi +++ b/sdk/python/aleo/aleo.pyi @@ -1,5 +1,5 @@ from __future__ import annotations -from typing import List, Optional, Tuple +from typing import List, Mapping, Optional, Tuple class Account: @@ -32,6 +32,13 @@ class Boolean: def __new__(cls, b: bool) -> Boolean: ... +class Ciphertext: + @staticmethod + def from_string(s: str) -> Ciphertext: ... + def decrypt(self, view_key: ViewKey, nonce: Group) -> Plaintext: ... + def decrypt_symmetric(self, plaintext_view_key: Field) -> Plaintext: ... + + class Credits: def __new__(cls, value: float) -> Credits: ... def micro(self) -> MicroCredits: ... @@ -54,6 +61,15 @@ class ComputeKey: def sk_prf(self) -> Scalar: ... +# class Encryptor: +# @staticmethod +# def encrypt_private_key_with_secret(private_key: PrivateKey, +# secret: str) -> Ciphertext: ... +# @staticmethod +# def decrypt_private_key_with_secret(ciphertext: Ciphertext, +# secret: str) -> PrivateKey: ... + + class EpochChallenge: @staticmethod def from_json(json: str) -> EpochChallenge: ... @@ -87,12 +103,18 @@ class Fee: class Field: + @staticmethod + def random() -> Field: ... @staticmethod def from_string(s: str) -> Field: ... @staticmethod + def domain_separator(domain: str) -> Field: ... + @staticmethod def from_u128(u128: int) -> Field: ... @staticmethod def zero() -> Field: ... + def __mul__(self, other: Field) -> Field: ... + def __truediv__(self, other: Field) -> Field: ... class Group: @@ -190,16 +212,39 @@ class Locator: def resource(self) -> Identifier: ... +class Network: + @staticmethod + def hash_psd2(input: List[Field]) -> Field: ... + + class MicroCredits: def __new__(cls, value: int) -> MicroCredits: ... def __int__(self) -> int: ... +class Plaintext: + @staticmethod + def from_string(s: str) -> Plaintext: ... + @staticmethod + def from_literal(literal: Literal) -> Plaintext: ... + @staticmethod + def new_struct(kv: List[Tuple[Identifier, Plaintext]]) -> Plaintext: ... + def encrypt(self, address: Address, randomizer: Scalar) -> Ciphertext: ... + def encrypt_symmetric(self, plaintext_view_key: Field) -> Ciphertext: ... + def is_literal(self) -> bool: ... + def is_struct(self) -> bool: ... + def is_array(self) -> bool: ... + def as_literal(self) -> Literal: ... + def as_struct(self) -> Mapping[Identifier, Plaintext]: ... + + class PrivateKey: def address(self) -> Address: ... def compute_key(self) -> ComputeKey: ... @staticmethod def from_string(private_key: str) -> PrivateKey: ... + @staticmethod + def from_seed(seed: Field) -> PrivateKey: ... def seed(self) -> Field: ... def sign(self, message: bytes) -> Signature: ... def sk_sig(self) -> Scalar: ... diff --git a/sdk/python/aleo/py.typed b/sdk/python/aleo/py.typed new file mode 100644 index 0000000..e69de29 diff --git a/sdk/test.py b/sdk/python/aleo/test.py similarity index 89% rename from sdk/test.py rename to sdk/python/aleo/test.py index 3f6a757..42e6054 100644 --- a/sdk/test.py +++ b/sdk/python/aleo/test.py @@ -1,7 +1,6 @@ # -*- coding: utf-8 -*- -import aleo import unittest - +import aleo class TestAleo(unittest.TestCase): @@ -66,6 +65,20 @@ def test_account_sanity(self): self.assertFalse(account.verify(signature, bad_message)) self.assertTrue(signature.verify(account.address(), message)) + def test_encrypt_decrypt_sk(self): + private_key = aleo.PrivateKey.from_string( + "APrivateKey1zkpJYx2NZeJYB74JHpzvQGpKneTP75Dk8dao6paugZXtCz3") + ciphertext = aleo.Ciphertext.from_string( + "ciphertext1qvqt0sp0pp49gjeh50alfalt7ug3g8y7ha6cl3jkavcsnz8d0y9jwr27taxfrwd5kly8lah53qure3vxav6zxr7txattdvscv0kf3vcuqv9cmzj32znx4uwxdawcj3273zhgm8qwpxqczlctuvjvc596mgsqjxwz37f") + recovered = Encryptor.decrypt_private_key_with_secret(ciphertext, "qwe123") + + self.assertEqual(private_key, recovered) + + encrypted = Encryptor.encrypt_private_key_with_secret(private_key, "asd123") + other_recovered = Encryptor.decrypt_private_key_with_secret(encrypted, "asd123") + + self.assertEqual(private_key, other_recovered) + def test_coinbase(self): address = aleo.Address.from_string( "aleo16xwtrvntrfnan84sy3qg2gdkkp5u5p7sjc882lx8n06fjx2k0yqsklw8sv") diff --git a/sdk/src/account/mod.rs b/sdk/src/account/mod.rs index 0fcc3f8..5a21636 100644 --- a/sdk/src/account/mod.rs +++ b/sdk/src/account/mod.rs @@ -29,6 +29,9 @@ pub use record::{RecordCiphertext, RecordPlaintext}; mod signature; pub use signature::Signature; +mod text; +pub use text::{Ciphertext, Plaintext}; + mod view_key; pub use view_key::ViewKey; diff --git a/sdk/src/account/private_key.rs b/sdk/src/account/private_key.rs index cc72486..407ba0e 100644 --- a/sdk/src/account/private_key.rs +++ b/sdk/src/account/private_key.rs @@ -55,6 +55,12 @@ impl PrivateKey { ComputeKeyNative::try_from(&self.0).unwrap().into() } + /// Reads in an account private key from a base58 string. + #[staticmethod] + fn from_seed(seed: Field) -> anyhow::Result { + PrivateKeyNative::try_from(seed.into()).map(Self) + } + /// Reads in an account private key from a base58 string. #[staticmethod] fn from_string(private_key: &str) -> anyhow::Result { diff --git a/sdk/src/account/text.rs b/sdk/src/account/text.rs new file mode 100644 index 0000000..071afbb --- /dev/null +++ b/sdk/src/account/text.rs @@ -0,0 +1,185 @@ +// Copyright (C) 2019-2023 Aleo Systems Inc. +// This file is part of the Aleo SDK library. + +// The Aleo SDK library is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. + +// The Aleo SDK library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. + +// You should have received a copy of the GNU General Public License +// along with the Aleo SDK library. If not, see . + +use crate::{ + types::{CiphertextNative, IdentifierNative, LiteralNative, PlaintextNative, U32Native}, + Address, Field, Group, Identifier, Literal, Scalar, ViewKey, U32, +}; +use std::ops::Deref; + +use once_cell::sync::OnceCell; +use pyo3::{exceptions::PyTypeError, prelude::*}; + +use std::{collections::HashMap, str::FromStr}; + +/// The Aleo ciphertext type. +#[pyclass(frozen)] +pub struct Ciphertext(CiphertextNative); + +#[pymethods] +impl Ciphertext { + /// Creates a ciphertext from string + #[staticmethod] + fn from_string(s: &str) -> anyhow::Result { + CiphertextNative::from_str(s).map(Self) + } + + /// Decrypts self into plaintext using the given account view key & nonce. + pub fn decrypt(&self, view_key: ViewKey, nonce: Group) -> anyhow::Result { + self.0 + .decrypt(view_key.into(), nonce.into()) + .map(Into::into) + } + + /// Decrypts self into plaintext using the given plaintext view key. + pub fn decrypt_symmetric(&self, plaintext_view_key: Field) -> anyhow::Result<Plaintext> { + self.0 + .decrypt_symmetric(plaintext_view_key.into()) + .map(Into::into) + } + + /// Returns the ciphertext as a string. + fn __str__(&self) -> String { + self.0.to_string() + } + + fn __eq__(&self, other: &Self) -> bool { + self.0 == other.0 + } +} + +impl Deref for Ciphertext { + type Target = CiphertextNative; + + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +impl From<CiphertextNative> for Ciphertext { + fn from(value: CiphertextNative) -> Self { + Self(value) + } +} + +/// The Aleo plaintext type. +#[pyclass(frozen)] +#[derive(Clone)] +pub struct Plaintext(PlaintextNative); + +#[pymethods] +impl Plaintext { + /// Reads in the plaintext string. + #[staticmethod] + fn from_string(s: &str) -> anyhow::Result<Self> { + PlaintextNative::from_str(s).map(Self) + } + + #[staticmethod] + fn from_literal(literal: Literal) -> Self { + PlaintextNative::from(LiteralNative::from(literal)).into() + } + + #[staticmethod] + fn new_struct(kv: Vec<(Identifier, Plaintext)>) -> Self { + let kv: Vec<_> = kv.into_iter().map(|(k, v)| (k.into(), v.into())).collect(); + PlaintextNative::Struct(indexmap::IndexMap::from_iter(kv), OnceCell::new()).into() + } + + fn encrypt(&self, address: Address, randomizer: Scalar) -> anyhow::Result<Ciphertext> { + self.0.encrypt(&address, randomizer.into()).map(Into::into) + } + + fn encrypt_symmetric(&self, plaintext_view_key: Field) -> anyhow::Result<Ciphertext> { + self.0 + .encrypt_symmetric(plaintext_view_key.into()) + .map(Into::into) + } + + fn find_by_identifier(&self, identifier: Identifier) -> anyhow::Result<Plaintext> { + // FIXME use access instead of identifier + self.0 + .find(&[IdentifierNative::from(identifier)]) + .map(Into::into) + } + + fn find_by_index(&self, index: U32) -> anyhow::Result<Plaintext> { + // FIXME use access instead of index + self.0.find(&[U32Native::from(index)]).map(Into::into) + } + + fn is_literal(&self) -> bool { + matches!(self.0, PlaintextNative::Literal(..)) + } + + fn is_struct(&self) -> bool { + matches!(self.0, PlaintextNative::Struct(..)) + } + + fn is_array(&self) -> bool { + matches!(self.0, PlaintextNative::Array(..)) + } + + fn as_literal(&self) -> PyResult<Literal> { + match &self.0 { + PlaintextNative::Literal(literal, _) => Ok(literal.clone().into()), + _ => Err(PyTypeError::new_err("Plaintext is not a literal")), + } + } + + fn as_struct(&self) -> PyResult<HashMap<Identifier, Plaintext>> { + match &self.0 { + PlaintextNative::Struct(s, _) => { + let res: HashMap<Identifier, Plaintext> = s + .clone() + .into_iter() + .map(|(k, v)| (k.into(), v.into())) + .collect(); + Ok(res) + } + _ => Err(PyTypeError::new_err("Plaintext is not a literal")), + } + } + + /// Returns the plaintext as a string. + fn __str__(&self) -> String { + self.0.to_string() + } + + fn __eq__(&self, other: &Self) -> bool { + self.0 == other.0 + } +} + +impl Deref for Plaintext { + type Target = PlaintextNative; + + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +impl From<PlaintextNative> for Plaintext { + fn from(value: PlaintextNative) -> Self { + Self(value) + } +} + +impl From<Plaintext> for PlaintextNative { + fn from(value: Plaintext) -> Self { + value.0 + } +} diff --git a/sdk/src/account/view_key.rs b/sdk/src/account/view_key.rs index 8bede52..5c946ac 100644 --- a/sdk/src/account/view_key.rs +++ b/sdk/src/account/view_key.rs @@ -82,3 +82,9 @@ impl From<ViewKeyNative> for ViewKey { Self(value) } } + +impl From<ViewKey> for ViewKeyNative { + fn from(value: ViewKey) -> Self { + value.0 + } +} diff --git a/sdk/src/algebra/field.rs b/sdk/src/algebra/field.rs index e93bf32..7e931c8 100644 --- a/sdk/src/algebra/field.rs +++ b/sdk/src/algebra/field.rs @@ -16,7 +16,11 @@ use crate::types::FieldNative; -use pyo3::prelude::*; +use pyo3::{exceptions::PyZeroDivisionError, prelude::*}; +use rand::{ + distributions::{Standard}, + prelude::*, +}; use snarkvm::prelude::Zero; use std::{ @@ -39,6 +43,18 @@ impl Field { FieldNative::from_str(s).map(Self) } + /// Generates a new field using a cryptographically secure random number generator + #[staticmethod] + fn random() -> Self { + StdRng::from_entropy().sample::<FieldNative, _>(Standard).into() + } + + /// Initializes a new field as a domain separator. + #[staticmethod] + fn domain_separator(domain: &str) -> Self { + Self(FieldNative::new_domain_separator(domain)) + } + /// Initializes a new field from a `u128`. #[staticmethod] fn from_u128(value: u128) -> Self { @@ -56,6 +72,18 @@ impl Field { self.0.to_string() } + fn __mul__(&self, other: Self) -> Self { + Self(self.0 * other.0) + } + + fn __truediv__(&self, other: Self) -> PyResult<Self> { + if other.is_zero() { + Err(PyZeroDivisionError::new_err("division by zero")) + } else { + Ok(Self(self.0 / other.0)) + } + } + fn __eq__(&self, other: &Self) -> bool { self.0 == other.0 } diff --git a/sdk/src/lib.rs b/sdk/src/lib.rs index d708182..d97fc95 100644 --- a/sdk/src/lib.rs +++ b/sdk/src/lib.rs @@ -20,6 +20,7 @@ mod account; mod algebra; mod coinbase; mod credits; +mod network; mod programs; mod types; @@ -27,6 +28,7 @@ use account::*; use algebra::*; use coinbase::*; use credits::*; +use network::*; use programs::*; /// The Aleo Python SDK provides a set of libraries aimed at empowering @@ -39,6 +41,7 @@ fn register_module(_py: Python, m: &PyModule) -> PyResult<()> { m.add_class::<Address>()?; m.add_class::<Authorization>()?; m.add_class::<Boolean>()?; + m.add_class::<Ciphertext>()?; m.add_class::<CoinbasePuzzle>()?; m.add_class::<CoinbaseVerifyingKey>()?; m.add_class::<ComputeKey>()?; @@ -57,6 +60,8 @@ fn register_module(_py: Python, m: &PyModule) -> PyResult<()> { m.add_class::<Literal>()?; m.add_class::<Locator>()?; m.add_class::<MicroCredits>()?; + m.add_class::<Network>()?; + m.add_class::<Plaintext>()?; m.add_class::<PrivateKey>()?; m.add_class::<Process>()?; m.add_class::<Program>()?; diff --git a/sdk/src/network/mod.rs b/sdk/src/network/mod.rs new file mode 100644 index 0000000..9c7eceb --- /dev/null +++ b/sdk/src/network/mod.rs @@ -0,0 +1,36 @@ +// Copyright (C) 2019-2023 Aleo Systems Inc. +// This file is part of the Aleo SDK library. + +// The Aleo SDK library is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. + +// The Aleo SDK library is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. + +// You should have received a copy of the GNU General Public License +// along with the Aleo SDK library. If not, see <https://www.gnu.org/licenses/>. + +use crate::{types::CurrentNetwork, Field}; + +use pyo3::prelude::*; + +use snarkvm::prelude::Network as NetworkTrait; + +/// The type represents a call to an Aleo program. +#[pyclass(frozen)] +#[derive(Clone)] +pub struct Network(i32); + +#[pymethods] +impl Network { + /// Returns the Poseidon hash with an input rate of 2. + #[staticmethod] + fn hash_psd2(input: Vec<Field>) -> anyhow::Result<Field> { + let input: Vec<_> = input.into_iter().map(Into::into).collect(); + CurrentNetwork::hash_psd2(&input).map(Into::into) + } +} diff --git a/sdk/src/programs/identifier.rs b/sdk/src/programs/identifier.rs index 9de0b56..87e9ddc 100644 --- a/sdk/src/programs/identifier.rs +++ b/sdk/src/programs/identifier.rs @@ -27,7 +27,7 @@ use std::{ /// The Aleo identifier type. #[pyclass(frozen)] -#[derive(Clone)] +#[derive(Clone, Eq, Hash, PartialEq)] pub struct Identifier(IdentifierNative); #[pymethods] diff --git a/sdk/src/programs/literal.rs b/sdk/src/programs/literal.rs index 88683dd..d1462df 100644 --- a/sdk/src/programs/literal.rs +++ b/sdk/src/programs/literal.rs @@ -141,6 +141,12 @@ impl Literal { } } +impl From<LiteralNative> for Literal { + fn from(value: LiteralNative) -> Self { + Self(value) + } +} + impl From<Literal> for LiteralNative { fn from(value: Literal) -> Self { value.0