Question about eddsa + poseidon #25
Description
Hello!
My circuit calculates the poseidon hash of 3 values and checks its signature. It looks like this:
include "../node_modules/circomlib/circuits/eddsa.circom";
include "../node_modules/circomlib/circuits/poseidon.circom";
include "../node_modules/circomlib/circuits/bitify.circom";
template VerifyTransferRequest() {
signal input targetAddress;
signal input nftID;
signal input transactionID;
signal input A[256];
signal input R8[256];
signal input S[256];
component eddsa = EdDSAVerifier(254);
component poseidon = Poseidon(3);
component bitify = Num2Bits_strict();
poseidon.inputs[0] <== targetAddress;
poseidon.inputs[1] <== nftID;
poseidon.inputs[2] <== transactionID;
bitify.in <== poseidon.out;
for (var i=0; i<254; i++) {
eddsa.msg[i] <== bitify.out[i];
}
for (var i=0; i<256; i++) {
eddsa.A[i] <== A[i];
}
for (var i=0; i<256; i++) {
eddsa.R8[i] <== R8[i];
}
for (var i=0; i<256; i++) {
eddsa.S[i] <== S[i];
}
}
This is the code that generates the signature and checks it with the circuit:
const buffer2hex = (buff) => {
return ethers.BigNumber.from(buff).toHexString()
}
const transactionID = randomBytes(32);
const transactionHash = poseidon([buffer2hex(targetAddress), nftID, buffer2hex(transactionID)])
const signature = eddsa.signPedersen(prvKey, transactionHash);
const pPubKey = babyJub.packPoint(pubKey);
const pSignature = eddsa.packSignature(signature);
const r8Bits = buffer2bits(pSignature.slice(0, 32));
const sBits = buffer2bits(pSignature.slice(32, 64));
const aBits = buffer2bits(pPubKey);
const w = await circuit.calculateWitness({
targetAddress: buffer2hex(targetAddress),
nftID: nftID,
transactionID: buffer2hex(transactionID),
A: aBits, R8: r8Bits, S: sBits
}, true);The problem is that the signature check always fails, but I do exactly the same things with circomlibjs. Generate the poseidon hash, and sign it. Should I somehow convert the transactionHash? Or what should I do in the JS part to get the right eddsa signature?
Thx