module std.crypto.auth
use vm.crypto.hash
use vm.io.io
use vm.core.assert
// Verify knowledge of a hash preimage.
// The prover supplies a single-field secret via divine input.
// Checks that hash(secret, 0..0) matches the expected digest.
// This is the standard Neptune lock script pattern for both
// Generation and Symmetric addresses.
pub fn verify_preimage(expected: Digest) {
let secret: Field = io.divine()
let computed: Digest = hash.tip5(secret, 0, 0, 0, 0, 0, 0, 0, 0, 0)
assert.digest(computed, expected)
}
// Verify a 5-element preimage (Digest-sized secret).
// The prover supplies 5 field elements via divine input.
// Hashes them and compares against the expected postimage.
pub fn verify_digest_preimage(expected: Digest) {
let s0: Field = io.divine()
let s1: Field = io.divine()
let s2: Field = io.divine()
let s3: Field = io.divine()
let s4: Field = io.divine()
let computed: Digest = hash.tip5(s0, s1, s2, s3, s4, 0, 0, 0, 0, 0)
assert.digest(computed, expected)
}
// Standard Neptune lock script: verify hash-lock and read kernel hash.
// This is the complete pattern used by both Generation and Symmetric addresses:
// 1. Divine the unlock key preimage (5 fields)
// 2. Hash it and compare against the expected lock postimage
// 3. Read the kernel MAST hash (binds proof to this transaction)
// Returns the kernel MAST hash for further use.
pub fn lock_and_read_kernel(lock_postimage: Digest) -> Digest {
verify_digest_preimage(lock_postimage)
let kernel_hash: Digest = io.read5()
kernel_hash
}
trident/std/crypto/auth.tri
ฯ 0.0%