aztec-packages icon indicating copy to clipboard operation
aztec-packages copied to clipboard
verified publisher icon AztecProtocol

Send notes using Addresses instead of keys

Open nventuro opened this issue 1 year ago • 0 comments

We will now generate secret keys by combining the ephimeral secret key with the address, not the Ivpk. This means an address is sufficient to send notes to somone:

let esk: Field = unsafe { random() };
let Epk: Point = esk * G;
let S: Point = esk * address::to_point();

S is then used for encryption and Epk is broadcast along with the encrpyed cyphertext. The recipient does:

let S: Point = (h + ivsk) * Epk;

where h and ivsk have been defined in #8966.

Address validity

In AztecAddress::to_point() above, we'll go from a Field (the x coordinate) to a Point. However, not all x coordinates are in the curve in the first place. We can prove this by calculating a = x^3 - 17 and then proving sqrt(a) does not exist - @iAmMichaelConnor has a snippet that does this.

If the x coord is not on the curve, we can simply fail for now. https://github.com/AztecProtocol/aztec-packages/issues/8970 will handle this.

nventuro avatar Oct 02 '24 18:10 nventuro