Merge pull request #1064 from ProvableHQ/rr-bulk-record-decryption

Add bulk record ownership and decryption methods

Author: Roee-87

docs/api_reference/sdk-src_wasm.md

@@ -2926,6 +2926,18 @@ __*return*__ | [Group](sdk-src_wasm.md) | *The record nonce.*
 
 ---
 
+### `clone() ► RecordCiphertext`
+
+![modifier: public](images/badges/modifier-public.svg)
+
+Clone the RecordCiphertext WASM object.
+
+Parameters | Type | Description
+--- | --- | ---
+__*return*__ | [RecordCiphertext](sdk-src_wasm.md) | *A clone of the RecordCiphertext WASM object.*
+
+---
+
 # Class `RecordPlaintext`
 
 Plaintext representation of an Aleo record
@@ -3160,6 +3172,18 @@ __*return*__ | [Group](sdk-src_wasm.md) | *record view key*
 
 ---
 
+### `clone() ► RecordPlaintext`
+
+![modifier: public](images/badges/modifier-public.svg)
+
+Clone the RecordPlaintext WASM object.
+
+Parameters | Type | Description
+--- | --- | ---
+__*return*__ | [RecordPlaintext](sdk-src_wasm.md) | *A clone of the RecordPlaintext WASM object.*
+
+---
+
 # Class `Scalar`
 
 Scalar field element.

sdk/tests/data/records.ts

@@ -0,0 +1,26 @@
+// Ciphertext records
+const RECORD_CIPHERTEXT_STRING = "record1qyqsqpe2szk2wwwq56akkwx586hkndl3r8vzdwve32lm7elvphh37rsyqyxx66trwfhkxun9v35hguerqqpqzqrtjzeu6vah9x2me2exkgege824sd8x2379scspmrmtvczs0d93qttl7y92ga0k0rsexu409hu3vlehe3yxjhmey3frh2z5pxm5cmxsv4un97q";
+const RECORD_CIPHERTEXT_STRING_COPY = "record1qyqsqpe2szk2wwwq56akkwx586hkndl3r8vzdwve32lm7elvphh37rsyqyxx66trwfhkxun9v35hguerqqpqzqrtjzeu6vah9x2me2exkgege824sd8x2379scspmrmtvczs0d93qttl7y92ga0k0rsexu409hu3vlehe3yxjhmey3frh2z5pxm5cmxsv4un97q";
+const RECORD_CIPHERTEXT_STRING_NOT_OWNED = "RECORD1QVQSQ5H8YT5682E73ZT7PYNJGPL29MWTSETRVS9VHCKFHJRNX9RX94CFQYXX66TRWFHKXUN9V35HGUERQQPQZQZ6KMY7S5HPKKF02L6R46QM8RQCW9X0K4RQ6GT234AMJ2UG3LMTQT5NY4UG8SXJY3U8D05K4Q3E9F54VX67ZMD3G6JYQQ7KXRWS0R0SWM6P833";
+const RECORD_CIPHERTEXT_STRING_NOT_OWNED2 = "RECORD1QVQSP37HJE4CEU8EFZE8XMAHE5TDTXCZ0K534WQPKVN6C9R629X3C4Q8QYRXZMT0W4H8GGCQQGQSPVUJYCN0K7HYFHENXA40HXTFSX68092WMVJ4E3XSEXR2DY0FMCCXT0DS42W5MAASZFJV930QVQRKATQJ900AKU4K777UMH2K54ZHLUGQC2AFJD";
+
+// Plaintext record
+const RECORD_PLAINTEXT_STRING = `{
+    owner: aleo1j7qxyunfldj2lp8hsvy7mw5k8zaqgjfyr72x2gh3x4ewgae8v5gscf5jh3.private,
+      microcredits: 1500000000000000u64.private,
+      _nonce: 3077450429259593211617823051143573281856129402760267155982965992208217472983group.public
+    }`;
+
+// View key and record view key
+const VIEW_KEY_STRING = "AViewKey1ccEt8A2Ryva5rxnKcAbn7wgTaTsb79tzkKHFpeKsm9NX";
+const RECORD_VIEW_KEY_STRING = "4445718830394614891114647247073357094867447866913203502139893824059966201724field";
+
+export {
+    RECORD_CIPHERTEXT_STRING,
+    RECORD_CIPHERTEXT_STRING_COPY,
+    RECORD_CIPHERTEXT_STRING_NOT_OWNED,
+    RECORD_CIPHERTEXT_STRING_NOT_OWNED2,
+    RECORD_PLAINTEXT_STRING,
+    RECORD_VIEW_KEY_STRING,
+    VIEW_KEY_STRING,
+  };

sdk/tests/wasm.test.ts

@@ -11,6 +11,15 @@ import {
     recordPlaintextString,
     beaconPrivateKeyString
 } from "./data/account-data.js";
+import {
+    RECORD_CIPHERTEXT_STRING,
+    RECORD_CIPHERTEXT_STRING_COPY,
+    RECORD_CIPHERTEXT_STRING_NOT_OWNED,
+    RECORD_CIPHERTEXT_STRING_NOT_OWNED2,
+    RECORD_PLAINTEXT_STRING,
+    RECORD_VIEW_KEY_STRING,
+    VIEW_KEY_STRING,
+} from "./data/records.js";
 
 
 describe('WASM Objects', () => {
@@ -440,20 +449,16 @@ describe('WASM Objects', () => {
     }
 });
 
-
     describe('EncryptionToolkit', () => {
-        const recordCiphertextString = "record1qyqsqpe2szk2wwwq56akkwx586hkndl3r8vzdwve32lm7elvphh37rsyqyxx66trwfhkxun9v35hguerqqpqzqrtjzeu6vah9x2me2exkgege824sd8x2379scspmrmtvczs0d93qttl7y92ga0k0rsexu409hu3vlehe3yxjhmey3frh2z5pxm5cmxsv4un97q";
-        const recordCiphertext = RecordCiphertext.fromString(recordCiphertextString);
-        const recordPlaintextString = `{
-owner: aleo1j7qxyunfldj2lp8hsvy7mw5k8zaqgjfyr72x2gh3x4ewgae8v5gscf5jh3.private,
-  microcredits: 1500000000000000u64.private,
-  _nonce: 3077450429259593211617823051143573281856129402760267155982965992208217472983group.public
-}`;
-        const recordPlaintext = RecordPlaintext.fromString(recordPlaintextString);
-        const viewKeyString = "AViewKey1ccEt8A2Ryva5rxnKcAbn7wgTaTsb79tzkKHFpeKsm9NX";
-        const viewKey = ViewKey.from_string(viewKeyString);
-        const recordViewKeyString = "4445718830394614891114647247073357094867447866913203502139893824059966201724field";
-        const recordViewKey = Field.fromString(recordViewKeyString);
+        const recordCiphertext = RecordCiphertext.fromString(RECORD_CIPHERTEXT_STRING);
+        const recordCiphertextNotOwned = RecordCiphertext.fromString(RECORD_CIPHERTEXT_STRING_NOT_OWNED);
+        const recordCiphertextNotOwned2 = RecordCiphertext.fromString(RECORD_CIPHERTEXT_STRING_NOT_OWNED2);
+        const recordCiphertextArray = [recordCiphertext, recordCiphertextNotOwned, recordCiphertextNotOwned2];
+        const recordCiphertextArrayCopy = recordCiphertextArray.map(record => record.clone());
+        const recordPlaintext = RecordPlaintext.fromString(RECORD_PLAINTEXT_STRING);
+        const recordPlaintextCopy = recordPlaintext.clone();
+        const viewKey = ViewKey.from_string(VIEW_KEY_STRING);
+        const recordViewKey = Field.fromString(RECORD_VIEW_KEY_STRING);
 
         it('can generate a record view key from a view key and a record ciphertext', () => {
             const generatedRecordViewKey = EncryptionToolkit.generateRecordViewKey(viewKey, recordCiphertext);
@@ -469,5 +474,15 @@ owner: aleo1j7qxyunfldj2lp8hsvy7mw5k8zaqgjfyr72x2gh3x4ewgae8v5gscf5jh3.private,
             const invalidRecordViewKey = Field.fromString("4445718830394614891114647247073357114867447866913203502139893824059966201724field");
             expect(() => EncryptionToolkit.decryptRecordWithRVk(invalidRecordViewKey, recordCiphertext)).to.throw();
         });
+        it('can check if a record ciphertext from an array of record ciphertexts is owned by a view key', () => {
+            const ownedRecords = EncryptionToolkit.checkOwnedRecords(viewKey, recordCiphertextArray);
+            // Ensure the record ciphertext is owned by the view key
+            expect(ownedRecords[0].toString()).equal(RECORD_CIPHERTEXT_STRING_COPY.toString());
+        });
+        it('can decrypt a record ciphertext from an array of record ciphertexts', () => {
+            const decryptedRecords = EncryptionToolkit.decryptOwnedRecords(viewKey, recordCiphertextArrayCopy);
+            // Ensure the decrypted record is the same as the plaintext
+            expect(decryptedRecords[0].toString()).equal(recordPlaintextCopy.toString());
+        });
     });
 });

wasm/package.json

@@ -2,6 +2,7 @@
   "name": "@provablehq/wasm",
   "version": "0.9.4",
   "type": "module",
+  
   "description": "SnarkVM WASM binaries with javascript bindings",
   "collaborators": [
     "The Provable Team"

wasm/src/record/record_ciphertext.rs

@@ -156,6 +156,14 @@ impl RecordCiphertext {
     pub fn nonce(&self) -> Group {
         Group::from(self.0.nonce())
     }
+
+    /// Clone the RecordCiphertext WASM object.
+    ///
+    /// @returns {RecordCiphertext} A clone of the RecordCiphertext WASM object.
+    #[allow(clippy::should_implement_trait)]
+    pub fn clone(&self) -> RecordCiphertext {
+        RecordCiphertext(self.0.clone())
+    }
 }
 
 impl Deref for RecordCiphertext {
@@ -235,6 +243,13 @@ mod tests {
         assert!(RecordCiphertext::from_string(invalid_bech32).is_err());
     }
 
+    #[wasm_bindgen_test]
+    fn test_clone() {
+        let record = RecordCiphertext::from_string(OWNER_CIPHERTEXT).unwrap();
+        let cloned_record = record.clone();
+        assert_eq!(record.to_string(), cloned_record.to_string());
+    }
+
     #[wasm_bindgen_test]
     fn test_decrypt_and_tag_computation() {
         let record = RecordCiphertext::from_string(OWNER_CIPHERTEXT).unwrap();

wasm/src/record/record_plaintext.rs

@@ -265,6 +265,14 @@ impl RecordPlaintext {
     pub fn record_view_key(&self, view_key: &ViewKey) -> Field {
         Group::from_string(&self.nonce()).unwrap().scalar_multiply(&view_key.to_scalar()).to_x_coordinate()
     }
+
+    /// Clone the RecordPlaintext WASM object.
+    ///
+    /// @returns {RecordPlaintext} A clone of the RecordPlaintext WASM object.
+    #[allow(clippy::should_implement_trait)]
+    pub fn clone(&self) -> RecordPlaintext {
+        RecordPlaintext(self.0.clone())
+    }
 }
 
 impl Deref for RecordPlaintext {
@@ -341,6 +349,13 @@ mod tests {
         assert_eq!(record.to_string(), CREDITS_RECORD);
     }
 
+    #[wasm_bindgen_test]
+    fn test_clone() {
+        let record = RecordPlaintext::from_string(CREDITS_RECORD).unwrap();
+        let cloned_record = record.clone();
+        assert_eq!(record.to_string(), cloned_record.to_string());
+    }
+
     #[wasm_bindgen_test]
     fn test_get_record_member() {
         // Get the record members.

wasm/src/utilities/encrypt.rs

@@ -31,6 +31,7 @@ use crate::{
         U8Native,
     },
 };
+use rayon::iter::{IntoParallelIterator, IntoParallelRefIterator, ParallelIterator};
 use snarkvm_console::prelude::{FromFields, Itertools, Network, Visibility};
 
 use indexmap::IndexMap;
@@ -210,6 +211,48 @@ impl EncryptionToolkit {
     pub fn decrypt_transition_with_vk(transition: &Transition, transition_vk: &Field) -> Result<Transition, String> {
         transition.decrypt_transition(transition_vk)
     }
+
+    /// Decrypts a set of record ciphertexts in parallel and stores successful decryptions.
+    ///
+    /// @param {ViewKey} view_key The view key of the owner of the records.
+    /// @param {Vec<RecordCiphertext>} records The record ciphertexts to decrypt.
+    ///
+    /// @returns {vec<RecordPlaintext>} The decrypted record plaintexts.
+    #[wasm_bindgen(js_name = "decryptOwnedRecords")]
+    pub fn decrypt_owned_records(
+        view_key: &ViewKey,
+        records: Vec<RecordCiphertext>,
+    ) -> Result<Vec<RecordPlaintext>, String> {
+        // Use Rayon to parallelize the decryption process and store successful decryptions.
+        let decrypted_records: Vec<RecordPlaintext> = records
+            .par_iter()
+            .filter_map(|record| {
+                let record_vk = Self::generate_record_view_key(view_key, record).ok()?;
+                let decrypted_record = Self::decrypt_record_symmetric_unchecked(&record_vk, record).ok()?;
+                Some(decrypted_record)
+            })
+            .collect();
+
+        Ok(decrypted_records)
+    }
+
+    /// Checks if a record ciphertext is owned by the given view key.
+    ///
+    /// @param {ViewKey} view_key View key of the owner of the records.
+    /// @param {Vec<RecordCiphertext>} records The record ciphertexts for which to check ownership.
+    ///
+    /// @returns {Vec<RecordCiphertext>} The record ciphertexts that are owned by the view key.
+    #[wasm_bindgen(js_name = "checkOwnedRecords")]
+    pub fn check_owned_records(
+        view_key: &ViewKey,
+        records: Vec<RecordCiphertext>,
+    ) -> Result<Vec<RecordCiphertext>, String> {
+        // Use Rayon to parallelize the ownership check.
+        let owned_records: Vec<RecordCiphertext> =
+            records.into_par_iter().filter(|record| record.is_owner(view_key)).collect();
+
+        Ok(owned_records)
+    }
 }
 
 #[cfg(test)]
@@ -221,6 +264,8 @@ mod tests {
 
     const NON_OWNER_VIEW_KEY: &str = "AViewKey1e2WyreaH5H4RBcioLL2GnxvHk5Ud46EtwycnhTdXLmXp";
     const OWNER_CIPHERTEXT: &str = "record1qyqsqpe2szk2wwwq56akkwx586hkndl3r8vzdwve32lm7elvphh37rsyqyxx66trwfhkxun9v35hguerqqpqzqrtjzeu6vah9x2me2exkgege824sd8x2379scspmrmtvczs0d93qttl7y92ga0k0rsexu409hu3vlehe3yxjhmey3frh2z5pxm5cmxsv4un97q";
+    const NON_OWNED_CIPHERTEXT_1: &str = "RECORD1QVQSQ5H8YT5682E73ZT7PYNJGPL29MWTSETRVS9VHCKFHJRNX9RX94CFQYXX66TRWFHKXUN9V35HGUERQQPQZQZ6KMY7S5HPKKF02L6R46QM8RQCW9X0K4RQ6GT234AMJ2UG3LMTQT5NY4UG8SXJY3U8D05K4Q3E9F54VX67ZMD3G6JYQQ7KXRWS0R0SWM6P833";
+    const NON_OWNED_CIPHERTEXT_2: &str = "RECORD1QVQSP37HJE4CEU8EFZE8XMAHE5TDTXCZ0K534WQPKVN6C9R629X3C4Q8QYRXZMT0W4H8GGCQQGQSPVUJYCN0K7HYFHENXA40HXTFSX68092WMVJ4E3XSEXR2DY0FMCCXT0DS42W5MAASZFJV930QVQRKATQJ900AKU4K777UMH2K54ZHLUGQC2AFJD";
     const OWNER_PLAINTEXT: &str = r"{
   owner: aleo1j7qxyunfldj2lp8hsvy7mw5k8zaqgjfyr72x2gh3x4ewgae8v5gscf5jh3.private,
   microcredits: 1500000000000000u64.private,
@@ -284,4 +329,41 @@ mod tests {
         let result = EncryptionToolkit::decrypt_record_symmetric_unchecked(&record_vk, &owner_ciphertext);
         assert!(result.is_err(), "Decryption should fail with a non-owner's view key");
     }
+
+    #[wasm_bindgen_test]
+    fn test_bulk_record_decryption() {
+        let owned_ciphertext = RecordCiphertext::from_str(OWNER_CIPHERTEXT).unwrap();
+        //Need to add these two non-owned ciphertexts for testing
+        let nonowned_ciphertext_1 = RecordCiphertext::from_str(NON_OWNED_CIPHERTEXT_1).unwrap();
+        let nonowned_ciphertext_2 = RecordCiphertext::from_str(NON_OWNED_CIPHERTEXT_2).unwrap();
+
+        let records: Vec<RecordCiphertext> = vec![owned_ciphertext, nonowned_ciphertext_1, nonowned_ciphertext_2];
+        let owner_view_key = ViewKey::from_str(OWNER_VIEW_KEY).unwrap();
+
+        // Decrypt the owned records
+        let decrypted_records = EncryptionToolkit::decrypt_owned_records(&owner_view_key, records).unwrap();
+        // Verify that only the owned record was decrypted
+        assert_eq!(decrypted_records.len(), 1, "Only one record should be decrypted");
+        assert_eq!(
+            decrypted_records[0].to_string(),
+            OWNER_PLAINTEXT,
+            "Decrypted record should match the owner's plaintext"
+        );
+    }
+
+    #[wasm_bindgen_test]
+    fn test_check_owned_records() {
+        let owned_ciphertext = RecordCiphertext::from_str(OWNER_CIPHERTEXT).unwrap();
+        // Need to add these two non-owned ciphertexts for testing
+        let nonowned_ciphertext_1 = RecordCiphertext::from_str(NON_OWNED_CIPHERTEXT_1).unwrap();
+        let nonowned_ciphertext_2 = RecordCiphertext::from_str(NON_OWNED_CIPHERTEXT_2).unwrap();
+        let records: Vec<RecordCiphertext> = vec![owned_ciphertext, nonowned_ciphertext_1, nonowned_ciphertext_2];
+        let owner_view_key = ViewKey::from_str(OWNER_VIEW_KEY).unwrap();
+
+        // Check owned records
+        let owned_records = EncryptionToolkit::check_owned_records(&owner_view_key, records).unwrap();
+        // Verify that only the owned record is returned
+        assert_eq!(owned_records.len(), 1, "Only one owned record should be returned");
+        assert_eq!(owned_records[0].to_string(), OWNER_CIPHERTEXT, "Owned record should match the owner's ciphertext");
+    }
 }