update cryptoOps

Author: mrtnetwork

lib/crypto/crypto/cdsa/crypto_ops/const/const.dart

@@ -10060,4 +10060,15 @@ class CryptoOpsConst {
     326686,
     11406482
   ]); /* sqrt(-1) */
+
+  static const List<String> geBiPointBytes = [
+    "5866666666666666666666666666666666666666666666666666666666666666",
+    "d4b4f5784868c3020403246717ec169ff79e26608ea126a1ab69ee77d1b16712",
+    "edc876d6831fd2105d0b4389ca2e283166469289146e2ce06faefe98b22548df",
+    "b862409fb5c4c4123df2abf7462b88f041ad36dd6864ce872fd5472be363c5b1",
+    "c0f1225584444ec730446e231390781ffdd2f256e9fcbeb2f40dddc2c2233d7f",
+    "1337036ac32d8f30d4589c3c1c595812ce0fff40e37c6f5a97ab213f318290ad",
+    "801f40eaaee1ef8723279a28b2cf4037b889dad222604678748b53ed0db0db92",
+    "df5c2eadc44c6d94a19a9aa118afe5ac3193d26401f76251f522ff042dfbcb92"
+  ];
 }

lib/crypto/crypto/cdsa/crypto_ops/operations/ops.dart

@@ -54,6 +54,8 @@
 //   OF THE POSSIBILITY OF SUCH DAMAGE.
 import 'package:blockchain_utils/crypto/crypto/cdsa/crypto_ops/const/const.dart';
 import 'package:blockchain_utils/crypto/crypto/cdsa/crypto_ops/models/models.dart';
+import 'package:blockchain_utils/crypto/crypto/cdsa/point/edwards.dart';
+import 'package:blockchain_utils/crypto/crypto/cdsa/utils/ed25519.dart';
 import 'package:blockchain_utils/crypto/crypto/exception/exception.dart';
 import 'package:blockchain_utils/helper/extensions/extensions.dart';
 import 'package:blockchain_utils/utils/binary/utils.dart';
@@ -5048,6 +5050,268 @@ class CryptoOps {
       geP1P1ToP2(r, t);
     }
   }
+
+  /// these method is not related to cryptoOps
+  static List<EDPoint> geDsmPrecompVartimeFast(EDPoint point) {
+    final List<EDPoint> oddMultiples = [];
+    final twoP = point.doublePoint();
+    var current = point;
+
+    for (int i = 0; i < 8; i++) {
+      oddMultiples.add(current);
+      current = current + twoP; // Next odd multiple
+    }
+
+    return oddMultiples;
+  }
+
+  static EDPoint geDoubleScalarMultPrecompVartimeFast(
+      List<int> a, List<EDPoint> aI, List<int> b, List<EDPoint> bI) {
+    final aslide = List<int>.filled(256, 0);
+    final bslide = List<int>.filled(256, 0);
+    CryptoOps.slide(aslide, a);
+    CryptoOps.slide(bslide, b);
+
+    EDPoint? r;
+
+    for (int i = 255; i >= 0; i--) {
+      final aVal = aslide[i];
+      final bVal = bslide[i];
+
+      if (r == null) {
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final ai = aI[idx];
+          r = aVal > 0 ? ai : -ai;
+        }
+
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final bi = bI[idx];
+          r = (r == null) ? (bVal > 0 ? bi : -bi) : (r + (bVal > 0 ? bi : -bi));
+        }
+
+        if (r == null) continue; // still no op
+      } else {
+        r = r * BigInt.two;
+
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final ai = aI[idx];
+          r += aVal > 0 ? ai : -ai;
+        }
+
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final bi = bI[idx];
+          r += bVal > 0 ? bi : -bi;
+        }
+      }
+    }
+
+    if (r == null) {
+      throw Exception(
+          "Both scalars are zero; result undefined without identity support.");
+    }
+
+    return r;
+  }
+
+  static EDPoint geTripleScalarMultBaseVartimeFast(
+      {required List<int> a,
+      required List<int> b,
+      required List<EDPoint> bI,
+      required List<int> c,
+      required List<EDPoint> cI}) {
+    final aslide = List<int>.filled(256, 0);
+    final bslide = List<int>.filled(256, 0);
+    final cslide = List<int>.filled(256, 0);
+    CryptoOps.slide(aslide, a);
+    CryptoOps.slide(bslide, b);
+    CryptoOps.slide(cslide, c);
+
+    EDPoint? r;
+    // Logg.error("calll ?!");
+    for (int i = 255; i >= 0; i--) {
+      final aVal = aslide[i];
+      final bVal = bslide[i];
+      final cVal = cslide[i];
+
+      if (r == null) {
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final ai = Ed25519Utils.asPoint(
+              BytesUtils.fromHexString(CryptoOpsConst.geBiPointBytes[idx]));
+          r = aVal > 0 ? ai : -ai;
+        }
+
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final bi = bI[idx];
+          r = (r == null) ? (bVal > 0 ? bi : -bi) : (r + (bVal > 0 ? bi : -bi));
+        }
+
+        if (cVal != 0) {
+          final idx = (cVal.abs() - 1) ~/ 2;
+          final ci = cI[idx];
+          r = (r == null) ? (cVal > 0 ? ci : -ci) : (r + (cVal > 0 ? ci : -ci));
+        }
+
+        if (r == null) continue;
+      } else {
+        r = r * BigInt.two;
+
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final ai = Ed25519Utils.asPoint(
+              BytesUtils.fromHexString(CryptoOpsConst.geBiPointBytes[idx]));
+          r += aVal > 0 ? ai : -ai;
+        }
+
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final bi = bI[idx];
+          r += bVal > 0 ? bi : -bi;
+        }
+
+        if (cVal != 0) {
+          final idx = (cVal.abs() - 1) ~/ 2;
+          final ci = cI[idx];
+          r += cVal > 0 ? ci : -ci;
+        }
+      }
+    }
+
+    if (r == null) {
+      throw Exception(
+          "All scalars are zero; result undefined without identity support.");
+    }
+
+    return r;
+  }
+
+  static EDPoint geDoubleScalarMultBaseVartimeFast(
+      {required List<int> a, required EDPoint gA, required List<int> b}) {
+    final aslide = List<int>.filled(256, 0);
+    final bslide = List<int>.filled(256, 0);
+    CryptoOps.slide(aslide, a);
+    CryptoOps.slide(bslide, b);
+    final aI = geDsmPrecompVartimeFast(gA);
+    final Map<int, String> res = {};
+    EDPoint? r;
+    // Logg.error("calll ?!");
+    for (int i = 255; i >= 0; i--) {
+      final aVal = aslide[i];
+      final bVal = bslide[i];
+
+      if (r == null) {
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final bi = aI[idx];
+          r = aVal > 0 ? bi : -bi;
+        }
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final ai = Ed25519Utils.asPoint(
+              BytesUtils.fromHexString(CryptoOpsConst.geBiPointBytes[idx]));
+          r = (r == null) ? (bVal > 0 ? ai : -ai) : (r + (bVal > 0 ? ai : -ai));
+        }
+
+        // if (r == null) continue;
+      } else {
+        r = r * BigInt.two;
+
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final bi = aI[idx];
+          r += aVal > 0 ? bi : -bi;
+        }
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final ai = Ed25519Utils.asPoint(
+              BytesUtils.fromHexString(CryptoOpsConst.geBiPointBytes[idx]));
+          r += bVal > 0 ? ai : -ai;
+        }
+        res.addAll({i: r.toHex()});
+      }
+    }
+
+    if (r == null) {
+      throw Exception(
+          "All scalars are zero; result undefined without identity support.");
+    }
+
+    return r;
+  }
+
+  static EDPoint geTripleScalarMultPrecompVartimeFast(
+      List<int> a,
+      List<EDPoint> aI,
+      List<int> b,
+      List<EDPoint> bI,
+      List<int> c,
+      List<EDPoint> cI) {
+    final aslide = List<int>.filled(256, 0);
+    final bslide = List<int>.filled(256, 0);
+    final cslide = List<int>.filled(256, 0);
+
+    CryptoOps.slide(aslide, a);
+    CryptoOps.slide(bslide, b);
+    CryptoOps.slide(cslide, c);
+
+    EDPoint? r;
+
+    for (int i = 255; i >= 0; i--) {
+      final aVal = aslide[i];
+      final bVal = bslide[i];
+      final cVal = cslide[i];
+
+      if (r == null) {
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final ai = aI[idx];
+          r = aVal > 0 ? ai : -ai;
+        }
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final bi = bI[idx];
+          r = (r == null) ? (bVal > 0 ? bi : -bi) : (r + (bVal > 0 ? bi : -bi));
+        }
+        if (cVal != 0) {
+          final idx = (cVal.abs() - 1) ~/ 2;
+          final ci = cI[idx];
+          r = (r == null) ? (cVal > 0 ? ci : -ci) : (r + (cVal > 0 ? ci : -ci));
+        }
+
+        if (r == null) continue; // still no op
+      } else {
+        r = r * BigInt.two;
+
+        if (aVal != 0) {
+          final idx = (aVal.abs() - 1) ~/ 2;
+          final ai = aI[idx];
+          r += aVal > 0 ? ai : -ai;
+        }
+        if (bVal != 0) {
+          final idx = (bVal.abs() - 1) ~/ 2;
+          final bi = bI[idx];
+          r += bVal > 0 ? bi : -bi;
+        }
+        if (cVal != 0) {
+          final idx = (cVal.abs() - 1) ~/ 2;
+          final ci = cI[idx];
+          r += cVal > 0 ? ci : -ci;
+        }
+      }
+    }
+
+    if (r == null) {
+      throw CryptoException(
+          "All scalars are zero; result undefined without identity support.");
+    }
+
+    return r;
+  }
 }
 
 extension _BytesHelper on List<int> {

lib/crypto/crypto/cdsa/secp256k1/constants/constants.dart

@@ -146,15 +146,6 @@ class Secp256k1Const {
           ]),
           modulusInv: BigInt.parse("3815112494326173377"));
 
-  static Secp256k1ModinvInfo get secp256k1FieldModinfo => Secp256k1ModinvInfo(
-      modulus: Secp256k1ModinvSigned.constants([
-        BigInt.from(0x414036CD8BFD25BB),
-        BigInt.from(0x03A64AF6DCEBAE00),
-        BigInt.from(0xFFFFFEFFFFFEFFFF),
-        BigInt.from(0xFFFFFFFFFFFFFFFF),
-        BigInt.from(0xFFFFFFFFFFFFFFFF),
-      ]),
-      modulusInv: BigInt.from(0xD838091DD2253531));
   static Secp256k1ModinvSigned get modeInvOne =>
       Secp256k1ModinvSigned.constants([
         BigInt.one,

lib/crypto/crypto/cdsa/utils/ed25519.dart

@@ -174,4 +174,67 @@ class Ed25519Utils {
     CryptoOps.geToBytes(res, p2);
     return res;
   }
+
+  static List<int> scMulFast(List<int> scalar, List<int> scalar2) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final b = BigintUtils.fromBytes(scalar2, byteOrder: Endian.little);
+    final r = (b * a) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static List<int> scMulFastBigInt(List<int> scalar, BigInt scalar2) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final r = (scalar2 * a) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static List<int> scSubFast(List<int> scalar, List<int> scalar2) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final b = BigintUtils.fromBytes(scalar2, byteOrder: Endian.little);
+    final r = (a - b) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static List<int> scSubFastBig(List<int> scalar, BigInt scalar2) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final r = (a - scalar2) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static List<int> scAddFast(List<int> scalar, List<int> scalar2) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final b = BigintUtils.fromBytes(scalar2, byteOrder: Endian.little);
+    final r = (a + b) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static List<int> scAddFastBig(List<int> scalar, BigInt scalar2) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final r = (a + scalar2) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static BigInt scalarAsBig(List<int> scalar) {
+    return BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+  }
+
+  static List<int> scMulAddFast(
+      List<int> scalar, List<int> scalar2, List<int> scalar3) {
+    final a = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    final b = BigintUtils.fromBytes(scalar2, byteOrder: Endian.little);
+    final c = BigintUtils.fromBytes(scalar3, byteOrder: Endian.little);
+    final r = ((b * a) + c) % Curves.generatorED25519.order!;
+    return BigintUtils.toBytes(r, length: 32, order: Endian.little);
+  }
+
+  static bool scCheckFast(List<int> scalar) {
+    assert(scalar.length == 32, 'invalid scalar size');
+    final order = Curves.generatorED25519.order!;
+    final scalarInt = BigintUtils.fromBytes(scalar, byteOrder: Endian.little);
+    if (scalarInt >= order) {
+      return false;
+    }
+
+    return true;
+  }
 }

lib/signer/substrate/substrate.dart

@@ -22,6 +22,10 @@ class SubstrateSigner {
     return _signer.sign(digest.asBytes);
   }
 
+  List<int> signConst(List<int> digest) {
+    return _signer.signConst(digest.asBytes);
+  }
+
   List<int> vrfSign(List<int> message, {List<int>? context, List<int>? extra}) {
     return _signer.vrfSign(message.asBytes,
         extra: extra?.asBytes, context: context?.asBytes);