[zk-sdk] Expose sigma proof types for wasm target

zk-sdk/src/encryption/grouped_elgamal.rs

@@ -14,6 +14,8 @@
 
 #[cfg(not(target_arch = "wasm32"))]
 use crate::encryption::{discrete_log::DiscreteLog, elgamal::ElGamalSecretKey};
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 use {
     crate::{
         encryption::{
@@ -216,6 +218,13 @@ impl<const N: usize> GroupedElGamalCiphertext<N> {
     }
 }
 
+#[cfg(target_arch = "wasm32")]
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
+pub struct GroupedElGamalCiphertext2Handles(pub(crate) GroupedElGamalCiphertext<2>);
+#[cfg(target_arch = "wasm32")]
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
+pub struct GroupedElGamalCiphertext3Handles(pub(crate) GroupedElGamalCiphertext<3>);
+
 #[cfg(test)]
 mod tests {
     use {super::*, crate::encryption::elgamal::ElGamalKeypair};

zk-sdk/src/encryption/pedersen.rs

@@ -65,6 +65,7 @@ impl Pedersen {
 /// Pedersen opening type.
 ///
 /// Instances of Pedersen openings are zeroized on drop.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Debug, Default, Serialize, Deserialize, Zeroize)]
 #[zeroize(drop)]
 pub struct PedersenOpening(Scalar);

zk-sdk/src/encryption/pod/grouped_elgamal.rs

@@ -2,6 +2,8 @@
 
 #[cfg(not(target_os = "solana"))]
 use crate::encryption::grouped_elgamal::GroupedElGamalCiphertext;
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 use {
     crate::{
         encryption::{
@@ -69,6 +71,7 @@ const GROUPED_ELGAMAL_CIPHERTEXT_3_HANDLES: usize =
     PEDERSEN_COMMITMENT_LEN + DECRYPT_HANDLE_LEN + DECRYPT_HANDLE_LEN + DECRYPT_HANDLE_LEN;
 
 /// The `GroupedElGamalCiphertext` type with two decryption handles as a `Pod`
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, bytemuck_derive::Pod, bytemuck_derive::Zeroable, PartialEq, Eq)]
 #[repr(transparent)]
 pub struct PodGroupedElGamalCiphertext2Handles(
@@ -123,6 +126,7 @@ impl TryFrom<PodGroupedElGamalCiphertext2Handles> for GroupedElGamalCiphertext<2
 impl_extract!(TYPE = PodGroupedElGamalCiphertext2Handles);
 
 /// The `GroupedElGamalCiphertext` type with three decryption handles as a `Pod`
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, bytemuck_derive::Pod, bytemuck_derive::Zeroable, PartialEq, Eq)]
 #[repr(transparent)]
 pub struct PodGroupedElGamalCiphertext3Handles(

zk-sdk/src/encryption/pod/pedersen.rs

@@ -1,5 +1,7 @@
 //! Plain Old Data type for the Pedersen commitment scheme.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{encryption::pedersen::PedersenCommitment, errors::ElGamalError},
@@ -19,6 +21,7 @@ use {
 const PEDERSEN_COMMITMENT_MAX_BASE64_LEN: usize = 44;
 
 /// The `PedersenCommitment` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, Default, Pod, Zeroable, PartialEq, Eq)]
 #[repr(transparent)]
 pub struct PodPedersenCommitment(pub(crate) [u8; PEDERSEN_COMMITMENT_LEN]);

zk-sdk/src/pod.rs

@@ -1,5 +1,8 @@
 use bytemuck_derive::{Pod, Zeroable};
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, Debug, Default, PartialEq, Eq, Pod, Zeroable)]
 #[repr(transparent)]
 pub struct PodU16([u8; 2]);
@@ -14,6 +17,7 @@ impl From<PodU16> for u16 {
     }
 }
 
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, Debug, Default, PartialEq, Eq, Pod, Zeroable)]
 #[repr(transparent)]
 pub struct PodU64([u8; 8]);

zk-sdk/src/sigma_proofs/batched_grouped_ciphertext_validity/handles_2.rs

@@ -13,6 +13,8 @@ use crate::encryption::{
     elgamal::{DecryptHandle, ElGamalPubkey},
     pedersen::{PedersenCommitment, PedersenOpening},
 };
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 use {
     crate::{
         sigma_proofs::{
@@ -34,6 +36,7 @@ use {
 /// first_handle_0, second_handle_0)` and `(commitment_1, first_handle_1,
 /// second_handle_1)`. The proof certifies the analogous decryptable properties for each one of
 /// these pairs of commitment and decryption handles.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct BatchedGroupedCiphertext2HandlesValidityProof(GroupedCiphertext2HandlesValidityProof);

zk-sdk/src/sigma_proofs/batched_grouped_ciphertext_validity/handles_3.rs

@@ -17,6 +17,8 @@ use crate::encryption::{
     elgamal::{DecryptHandle, ElGamalPubkey},
     pedersen::{PedersenCommitment, PedersenOpening},
 };
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 use {
     crate::{
         sigma_proofs::{
@@ -35,6 +37,7 @@ use {
 const BATCHED_GROUPED_CIPHERTEXT_3_HANDLES_VALIDITY_PROOF_LEN: usize = UNIT_LEN * 6;
 
 /// Batched grouped ciphertext validity proof with two handles.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct BatchedGroupedCiphertext3HandlesValidityProof(GroupedCiphertext3HandlesValidityProof);

zk-sdk/src/sigma_proofs/ciphertext_ciphertext_equality.rs

@@ -3,6 +3,8 @@
 //! The protocol guarantees computational soundness (by the hardness of discrete log) and perfect
 //! zero-knowledge in the random oracle model.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -36,6 +38,7 @@ const CIPHERTEXT_CIPHERTEXT_EQUALITY_PROOF_LEN: usize = UNIT_LEN * 7;
 /// The ciphertext-ciphertext equality proof.
 ///
 /// Contains all the elliptic curve and scalar components that make up the sigma protocol.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct CiphertextCiphertextEqualityProof {

zk-sdk/src/sigma_proofs/ciphertext_commitment_equality.rs

@@ -8,6 +8,8 @@
 //! The protocol guarantees computationally soundness (by the hardness of discrete log) and perfect
 //! zero-knowledge in the random oracle model.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -41,6 +43,7 @@ const CIPHERTEXT_COMMITMENT_EQUALITY_PROOF_LEN: usize = UNIT_LEN * 6;
 /// Equality proof.
 ///
 /// Contains all the elliptic curve and scalar components that make up the sigma protocol.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct CiphertextCommitmentEqualityProof {

zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_2.rs

@@ -8,6 +8,8 @@
 //! The protocol guarantees computational soundness (by the hardness of discrete log) and perfect
 //! zero-knowledge in the random oracle model.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -41,6 +43,7 @@ const GROUPED_CIPHERTEXT_2_HANDLES_VALIDITY_PROOF_LEN: usize = UNIT_LEN * 5;
 /// The grouped ciphertext validity proof for 2 handles.
 ///
 /// Contains all the elliptic curve and scalar components that make up the sigma protocol.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct GroupedCiphertext2HandlesValidityProof {

zk-sdk/src/sigma_proofs/grouped_ciphertext_validity/handles_3.rs

@@ -8,6 +8,8 @@
 //! The protocol guarantees computational soundness (by the hardness of discrete log) and perfect
 //! zero-knowledge in the random oracle model.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -41,6 +43,7 @@ const GROUPED_CIPHERTEXT_3_HANDLES_VALIDITY_PROOF_LEN: usize = UNIT_LEN * 6;
 /// The grouped ciphertext validity proof for 3 handles.
 ///
 /// Contains all the elliptic curve and scalar components that make up the sigma protocol.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct GroupedCiphertext3HandlesValidityProof {

zk-sdk/src/sigma_proofs/percentage_with_cap.rs

@@ -17,6 +17,8 @@
 //!
 //! [`ZK Token proof program`]: https://docs.solanalabs.com/runtime/zk-token-proof
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -52,6 +54,7 @@ const PERCENTAGE_WITH_CAP_PROOF_LEN: usize = UNIT_LEN * 8;
 /// then the `percentage_max_proof` is properly generated and `percentage_equality_proof` is
 /// simulated. If the encrypted amount is smaller than the maximum cap bound, the
 /// `percentage_equality_proof` is properly generated and `percentage_max_proof` is simulated.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone)]
 pub struct PercentageWithCapProof {
     /// Proof that the committed amount equals the maximum cap bound

zk-sdk/src/sigma_proofs/pod.rs

@@ -15,6 +15,8 @@ use crate::sigma_proofs::{
     pubkey_validity::PubkeyValidityProof,
     zero_ciphertext::ZeroCiphertextProof,
 };
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 use {
     crate::{
         pod::{impl_from_bytes, impl_from_str},
@@ -26,6 +28,7 @@ use {
 };
 
 /// The `CiphertextCommitmentEqualityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodCiphertextCommitmentEqualityProof(
@@ -68,6 +71,7 @@ impl_from_bytes!(
 );
 
 /// The `CiphertextCiphertextEqualityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodCiphertextCiphertextEqualityProof(
@@ -110,6 +114,7 @@ impl_from_bytes!(
 );
 
 /// The `GroupedCiphertext2HandlesValidityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodGroupedCiphertext2HandlesValidityProof(
@@ -122,8 +127,8 @@ impl From<GroupedCiphertext2HandlesValidityProof> for PodGroupedCiphertext2Handl
         Self(decoded_proof.to_bytes())
     }
 }
-#[cfg(not(target_os = "solana"))]
 
+#[cfg(not(target_os = "solana"))]
 impl TryFrom<PodGroupedCiphertext2HandlesValidityProof> for GroupedCiphertext2HandlesValidityProof {
     type Error = ValidityProofVerificationError;
 
@@ -152,6 +157,7 @@ impl_from_bytes!(
 );
 
 /// The `GroupedCiphertext3HandlesValidityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodGroupedCiphertext3HandlesValidityProof(
@@ -194,6 +200,7 @@ impl_from_bytes!(
 );
 
 /// The `BatchedGroupedCiphertext2HandlesValidityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodBatchedGroupedCiphertext2HandlesValidityProof(
@@ -242,6 +249,7 @@ impl_from_bytes!(
 );
 
 /// The `BatchedGroupedCiphertext3HandlesValidityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodBatchedGroupedCiphertext3HandlesValidityProof(
@@ -290,6 +298,7 @@ impl_from_bytes!(
 );
 
 /// The `ZeroCiphertextProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy)]
 #[repr(transparent)]
 pub struct PodZeroCiphertextProof(pub(crate) [u8; ZERO_CIPHERTEXT_PROOF_LEN]);
@@ -330,6 +339,7 @@ impl_from_bytes!(
 );
 
 /// The `PercentageWithCapProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, bytemuck_derive::Pod, bytemuck_derive::Zeroable)]
 #[repr(transparent)]
 pub struct PodPercentageWithCapProof(pub(crate) [u8; PERCENTAGE_WITH_CAP_PROOF_LEN]);
@@ -370,6 +380,7 @@ impl_from_bytes!(
 );
 
 /// The `PubkeyValidityProof` type as a `Pod`.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, bytemuck_derive::Pod, bytemuck_derive::Zeroable)]
 #[repr(transparent)]
 pub struct PodPubkeyValidityProof(pub(crate) [u8; PUBKEY_VALIDITY_PROOF_LEN]);

zk-sdk/src/sigma_proofs/pubkey_validity.rs

@@ -3,6 +3,8 @@
 //! The protocol guarantees computational soundness (by the hardness of discrete log) and perfect
 //! zero-knowledge in the random oracle model.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -35,6 +37,7 @@ const PUBKEY_VALIDITY_PROOF_LEN: usize = UNIT_LEN * 2;
 /// Public-key proof.
 ///
 /// Contains all the elliptic curve and scalar components that make up the sigma protocol.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct PubkeyValidityProof {

zk-sdk/src/sigma_proofs/zero_ciphertext.rs

@@ -3,6 +3,8 @@
 //! The protocol guarantees computationally soundness (by the hardness of discrete log) and perfect
 //! zero-knowledge in the random oracle model.
 
+#[cfg(target_arch = "wasm32")]
+use wasm_bindgen::prelude::*;
 #[cfg(not(target_os = "solana"))]
 use {
     crate::{
@@ -36,6 +38,7 @@ const ZERO_CIPHERTEXT_PROOF_LEN: usize = UNIT_LEN * 3;
 /// Zero-ciphertext proof.
 ///
 /// Contains all the elliptic curve and scalar components that make up the sigma protocol.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[allow(non_snake_case)]
 #[derive(Clone)]
 pub struct ZeroCiphertextProof {

zk-sdk/src/zk_elgamal_proof_program/proof_data/batched_grouped_ciphertext_validity/handles_2.rs

@@ -5,6 +5,10 @@
 //! grouped-ciphertext validity proof is shorter and more efficient than two individual
 //! grouped-ciphertext validity proofs.
 
+#[cfg(target_arch = "wasm32")]
+use {
+    crate::encryption::grouped_elgamal::GroupedElGamalCiphertext2Handles, wasm_bindgen::prelude::*,
+};
 use {
     crate::{
         encryption::pod::{
@@ -34,6 +38,7 @@ use {
 ///
 /// It includes the cryptographic proof as well as the context data information needed to verify
 /// the proof.
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, Pod, Zeroable)]
 #[repr(C)]
 pub struct BatchedGroupedCiphertext2HandlesValidityProofData {
@@ -42,6 +47,7 @@ pub struct BatchedGroupedCiphertext2HandlesValidityProofData {
     pub proof: PodBatchedGroupedCiphertext2HandlesValidityProof,
 }
 
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
 #[derive(Clone, Copy, Pod, Zeroable)]
 #[repr(C)]
 pub struct BatchedGroupedCiphertext2HandlesValidityProofContext {
@@ -160,6 +166,39 @@ impl BatchedGroupedCiphertext2HandlesValidityProofContext {
     }
 }
 
+#[cfg(target_arch = "wasm32")]
+#[cfg_attr(target_arch = "wasm32", wasm_bindgen)]
+impl BatchedGroupedCiphertext2HandlesValidityProofData {
+    #[cfg_attr(target_arch = "wasm32", wasm_bindgen(js_name = generateProofData))]
+    pub fn generate_proof_data(
+        first_pubkey: &ElGamalPubkey,
+        second_pubkey: &ElGamalPubkey,
+        grouped_ciphertext_lo: &GroupedElGamalCiphertext2Handles,
+        grouped_ciphertext_hi: &GroupedElGamalCiphertext2Handles,
+        amount_lo: u64,
+        amount_hi: u64,
+        opening_lo: &PedersenOpening,
+        opening_hi: &PedersenOpening,
+    ) -> Result<Self, JsValue> {
+        Self::new(
+            first_pubkey,
+            second_pubkey,
+            &grouped_ciphertext_lo.0,
+            &grouped_ciphertext_hi.0,
+            amount_lo,
+            amount_hi,
+            opening_lo,
+            opening_hi,
+        )
+        .map_err(|e| e.to_string().into())
+    }
+
+    #[cfg_attr(target_arch = "wasm32", wasm_bindgen(js_name = toBytes))]
+    pub fn to_bytes(&self) -> Box<[u8]> {
+        bytes_of(self).into()
+    }
+}
+
 #[cfg(test)]
 mod test {
     use {