nymtech · jstuczyn · Mar 12, 2025 · Jan 23, 2025 · Feb 14, 2025
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -370,7 +370,7 @@ prometheus = { version = "0.13.0" }
 # unfortunately until https://github.com/zkcrypto/bls12_381/issues/10 is resolved, we have to rely on the fork
 # as we need to be able to serialize Gt so that we could create the lookup table for baby-step-giant-step algorithm
 # plus to make our live easier we need serde support from https://github.com/zkcrypto/bls12_381/pull/125
-bls12_381 = { git = "https://github.com/jstuczyn/bls12_381", default-features = false, branch = "temp/experimental-serdect" }
+bls12_381 = { git = "https://github.com/jstuczyn/bls12_381", default-features = false, branch = "temp/experimental-serdect-updated" }
 group = { version = "0.13.0", default-features = false }
 ff = { version = "0.13.1", default-features = false }
 subtle = "2.5.0"

@@ -21,7 +21,7 @@ lazy_static = { workspace = true }
 rand = { workspace = true }
 rand_chacha = { workspace = true }
 rand_core = { workspace = true }
-sha2 = "0.9"
+sha2 = { workspace = true }
 serde = { workspace = true }
 serde_derive = { workspace = true }
 thiserror = { workspace = true }

@@ -54,12 +54,12 @@ pub(crate) fn hash_to_scalar<M: AsRef<[u8]>>(msg: M, domain: &[u8]) -> Scalar {
 pub(crate) fn hash_to_scalars<M: AsRef<[u8]>>(msg: M, domain: &[u8], n: usize) -> Vec<Scalar> {
     let mut output = vec![Scalar::zero(); n];
 
-    Scalar::hash_to_field::<ExpandMsgXmd<Sha256>>(msg.as_ref(), domain, &mut output);
+    Scalar::hash_to_field::<ExpandMsgXmd<Sha256>, _>([msg], domain, &mut output);
     output
 }
 
 pub(crate) fn hash_g2<M: AsRef<[u8]>>(msg: M, domain: &[u8]) -> G2Projective {
-    <G2Projective as HashToCurve<ExpandMsgXmd<Sha256>>>::hash_to_curve(msg, domain)
+    <G2Projective as HashToCurve<ExpandMsgXmd<Sha256>>>::hash_to_curve([msg], domain)
 }
 
 pub(crate) fn combine_scalar_chunks(chunks: &[Scalar]) -> Scalar {
@@ -112,3 +112,97 @@ pub(crate) fn deserialize_g2(b: &[u8]) -> Option<G2Projective> {
         G2Projective::from_bytes(&encoding).into()
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use bls12_381::G2Affine;
+
+    #[test]
+    fn test_hash_to_scalar() {
+        let msg1 = "foo";
+        let expected1 = Scalar::from_bytes(&[
+            253, 57, 224, 227, 175, 195, 226, 82, 46, 175, 33, 126, 171, 239, 255, 92, 108, 168, 6,
+            79, 90, 11, 235, 236, 221, 10, 85, 133, 42, 81, 95, 30,
+        ])
+        .unwrap();
+
+        let msg2 = "bar";
+        let expected2 = Scalar::from_bytes(&[
+            48, 83, 69, 52, 42, 18, 135, 244, 211, 190, 160, 196, 118, 154, 24, 126, 0, 125, 72,
+            201, 170, 225, 123, 201, 52, 120, 171, 132, 235, 182, 20, 26,
+        ])
+        .unwrap();
+
+        let msg3 = [
+            33, 135, 76, 234, 71, 35, 247, 216, 39, 242, 42, 88, 152, 29, 74, 135, 9, 29, 216, 123,
+            250, 87, 108, 29, 245, 126, 109, 102, 84, 71, 158, 224, 145, 243, 49, 121, 244, 27,
+            115, 121, 25, 66, 216, 67, 97, 101, 140, 160, 77, 239, 114, 215, 152, 48, 15, 231, 101,
+            60, 42, 92, 128, 131, 161, 43,
+        ];
+        let expected3 = Scalar::from_bytes(&[
+            128, 189, 8, 43, 186, 55, 52, 61, 171, 196, 159, 177, 162, 100, 27, 143, 85, 83, 218,
+            171, 91, 220, 155, 25, 7, 38, 2, 36, 4, 93, 136, 4,
+        ])
+        .unwrap();
+
+        assert_eq!(
+            hash_to_scalar(msg1, b"NYMECASH-V01-CS02-with-expander-SHA256"),
+            expected1
+        );
+        assert_eq!(
+            hash_to_scalar(msg2, b"NYMECASH-V01-CS02-with-expander-SHA256"),
+            expected2
+        );
+        assert_eq!(
+            hash_to_scalar(msg3, b"NYMECASH-V01-CS02-with-expander-SHA256"),
+            expected3
+        );
+    }
+
+    #[test]
+    fn test_hash_g2() {
+        let msg1 = "foo";
+        let expected1 = G2Affine::from_compressed(&[
+            175, 187, 62, 7, 29, 17, 42, 93, 28, 93, 234, 253, 101, 166, 158, 187, 153, 82, 93, 18,
+            11, 233, 36, 107, 51, 117, 30, 127, 32, 254, 210, 77, 133, 12, 253, 255, 84, 128, 36,
+            214, 234, 103, 50, 21, 26, 78, 112, 49, 20, 69, 19, 109, 7, 78, 33, 227, 196, 180, 168,
+            219, 73, 251, 192, 221, 41, 138, 160, 131, 191, 186, 156, 117, 179, 179, 191, 235, 171,
+            26, 219, 148, 170, 179, 11, 38, 137, 14, 95, 115, 171, 186, 163, 82, 158, 6, 239, 88,
+        ])
+        .unwrap()
+        .into();
+
+        let msg2 = "bar";
+        let expected2 = G2Affine::from_compressed(&[
+            183, 25, 90, 187, 34, 184, 30, 182, 215, 242, 158, 83, 116, 34, 210, 96, 188, 79, 83,
+            255, 100, 122, 90, 188, 196, 93, 164, 253, 20, 106, 205, 33, 48, 140, 60, 149, 66, 246,
+            121, 244, 146, 66, 170, 60, 113, 95, 102, 237, 25, 231, 8, 42, 121, 124, 180, 140, 34,
+            104, 173, 251, 89, 189, 28, 196, 49, 66, 101, 38, 68, 44, 40, 235, 21, 35, 204, 123,
+            218, 238, 216, 92, 134, 217, 212, 246, 176, 77, 187, 0, 245, 134, 132, 73, 31, 44, 137,
+            197,
+        ])
+        .unwrap()
+        .into();
+        let msg3 = [
+            33, 135, 76, 234, 71, 35, 247, 216, 39, 242, 42, 88, 152, 29, 74, 135, 9, 29, 216, 123,
+            250, 87, 108, 29, 245, 126, 109, 102, 84, 71, 158, 224, 145, 243, 49, 121, 244, 27,
+            115, 121, 25, 66, 216, 67, 97, 101, 140, 160, 77, 239, 114, 215, 152, 48, 15, 231, 101,
+            60, 42, 92, 128, 131, 161, 43,
+        ];
+        let expected3 = G2Affine::from_compressed(&[
+            151, 185, 8, 123, 223, 150, 192, 192, 115, 10, 3, 129, 49, 179, 31, 108, 0, 17, 46,
+            231, 184, 164, 247, 228, 22, 142, 87, 70, 120, 111, 154, 15, 245, 110, 32, 84, 53, 117,
+            239, 93, 89, 119, 32, 17, 39, 250, 198, 137, 6, 95, 137, 202, 54, 244, 238, 190, 11,
+            217, 237, 95, 72, 59, 140, 56, 3, 42, 61, 195, 192, 101, 46, 204, 207, 75, 70, 176,
+            207, 48, 24, 195, 248, 234, 178, 168, 54, 109, 19, 189, 51, 52, 120, 69, 248, 226, 102,
+            91,
+        ])
+        .unwrap()
+        .into();
+
+        assert_eq!(hash_g2(msg1, b"DUMMY_TEST_DOMAIN"), expected1);
+        assert_eq!(hash_g2(msg2, b"DUMMY_TEST_DOMAIN"), expected2);
+        assert_eq!(hash_g2(msg3, b"DUMMY_TEST_DOMAIN"), expected3);
+    }
+}
diff --git a/common/nym_offline_compact_ecash/Cargo.toml b/common/nym_offline_compact_ecash/Cargo.toml
@@ -15,10 +15,10 @@ bls12_381 = { workspace = true, features = ["alloc", "pairings", "experimental",
 bincode.workspace = true
 cfg-if.workspace = true
 itertools = { workspace = true }
-digest = "0.9"
+digest = { workspace = true }
 rand = { workspace = true }
 thiserror = { workspace = true }
-sha2 = "0.9"
+sha2 = { workspace = true }
 bs58 = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 rayon = { workspace = true, optional = true }

diff --git a/common/nym_offline_compact_ecash/src/utils.rs b/common/nym_offline_compact_ecash/src/utils.rs
@@ -113,17 +113,13 @@ const G1_HASH_DOMAIN: &[u8] = b"NYMECASH-V01-CS02-with-BLS12381G1_XMD:SHA-256_SS
 const SCALAR_HASH_DOMAIN: &[u8] = b"NYMECASH-V01-CS02-with-expander-SHA256";
 
 pub fn hash_g1<M: AsRef<[u8]>>(msg: M) -> G1Projective {
-    <G1Projective as HashToCurve<ExpandMsgXmd<sha2::Sha256>>>::hash_to_curve(msg, G1_HASH_DOMAIN)
+    <G1Projective as HashToCurve<ExpandMsgXmd<sha2::Sha256>>>::hash_to_curve([msg], G1_HASH_DOMAIN)
 }
 
 pub fn hash_to_scalar<M: AsRef<[u8]>>(msg: M) -> Scalar {
     let mut output = vec![Scalar::zero()];
 
-    Scalar::hash_to_field::<ExpandMsgXmd<sha2::Sha256>>(
-        msg.as_ref(),
-        SCALAR_HASH_DOMAIN,
-        &mut output,
-    );
+    Scalar::hash_to_field::<ExpandMsgXmd<sha2::Sha256>, _>([msg], SCALAR_HASH_DOMAIN, &mut output);
     output[0]
 }
 
@@ -401,4 +397,75 @@ mod tests {
         assert_eq!(hash_to_scalar(msg2), hash_to_scalar(msg2));
         assert_ne!(hash_to_scalar(msg1), hash_to_scalar(msg2));
     }
+
+    #[test]
+    fn test_hash_to_scalar() {
+        let msg1 = "foo";
+        let expected1 = Scalar::from_bytes(&[
+            253, 57, 224, 227, 175, 195, 226, 82, 46, 175, 33, 126, 171, 239, 255, 92, 108, 168, 6,
+            79, 90, 11, 235, 236, 221, 10, 85, 133, 42, 81, 95, 30,
+        ])
+        .unwrap();
+
+        let msg2 = "bar";
+        let expected2 = Scalar::from_bytes(&[
+            48, 83, 69, 52, 42, 18, 135, 244, 211, 190, 160, 196, 118, 154, 24, 126, 0, 125, 72,
+            201, 170, 225, 123, 201, 52, 120, 171, 132, 235, 182, 20, 26,
+        ])
+        .unwrap();
+
+        let msg3 = [
+            33, 135, 76, 234, 71, 35, 247, 216, 39, 242, 42, 88, 152, 29, 74, 135, 9, 29, 216, 123,
+            250, 87, 108, 29, 245, 126, 109, 102, 84, 71, 158, 224, 145, 243, 49, 121, 244, 27,
+            115, 121, 25, 66, 216, 67, 97, 101, 140, 160, 77, 239, 114, 215, 152, 48, 15, 231, 101,
+            60, 42, 92, 128, 131, 161, 43,
+        ];
+        let expected3 = Scalar::from_bytes(&[
+            128, 189, 8, 43, 186, 55, 52, 61, 171, 196, 159, 177, 162, 100, 27, 143, 85, 83, 218,
+            171, 91, 220, 155, 25, 7, 38, 2, 36, 4, 93, 136, 4,
+        ])
+        .unwrap();
+
+        assert_eq!(hash_to_scalar(msg1), expected1);
+        assert_eq!(hash_to_scalar(msg2), expected2);
+        assert_eq!(hash_to_scalar(msg3), expected3);
+    }
+
+    #[test]
+    fn test_hash_to_g1() {
+        let msg1 = "foo";
+        let expected1 = G1Affine::from_compressed(&[
+            161, 109, 186, 0, 192, 221, 83, 87, 71, 31, 120, 201, 185, 35, 62, 239, 46, 120, 117,
+            150, 191, 227, 128, 161, 78, 201, 207, 167, 86, 181, 229, 115, 2, 6, 178, 16, 251, 118,
+            219, 115, 184, 96, 2, 10, 31, 63, 150, 70,
+        ])
+        .unwrap()
+        .into();
+
+        let msg2 = "bar";
+        let expected2 = G1Affine::from_compressed(&[
+            135, 102, 204, 42, 221, 49, 209, 192, 250, 87, 59, 255, 197, 93, 37, 113, 38, 2, 154,
+            233, 68, 234, 206, 182, 121, 212, 166, 210, 74, 155, 190, 33, 203, 237, 176, 60, 249,
+            241, 53, 170, 18, 168, 49, 35, 1, 151, 205, 174,
+        ])
+        .unwrap()
+        .into();
+        let msg3 = [
+            33, 135, 76, 234, 71, 35, 247, 216, 39, 242, 42, 88, 152, 29, 74, 135, 9, 29, 216, 123,
+            250, 87, 108, 29, 245, 126, 109, 102, 84, 71, 158, 224, 145, 243, 49, 121, 244, 27,
+            115, 121, 25, 66, 216, 67, 97, 101, 140, 160, 77, 239, 114, 215, 152, 48, 15, 231, 101,
+            60, 42, 92, 128, 131, 161, 43,
+        ];
+        let expected3 = G1Affine::from_compressed(&[
+            184, 200, 211, 115, 47, 45, 39, 185, 105, 9, 222, 247, 132, 241, 121, 130, 238, 224,
+            155, 109, 105, 201, 137, 154, 132, 149, 214, 233, 136, 69, 77, 132, 174, 30, 46, 123,
+            20, 92, 219, 18, 45, 29, 208, 127, 158, 145, 130, 41,
+        ])
+        .unwrap()
+        .into();
+
+        assert_eq!(hash_g1(msg1), expected1);
+        assert_eq!(hash_g1(msg2), expected2);
+        assert_eq!(hash_g1(msg3), expected3);
+    }
 }