add unified WASM

Author: alinush

confidential-assets/README.md

@@ -1,4 +1,82 @@
-# Test
+# Confidential Assets SDK
+
+## WASM Dependencies
+
+This package uses a unified WebAssembly module for cryptographic operations:
+- **Discrete log solver**: TBSGS-k32 algorithm for decryption (~512 KiB table)
+- **Range proofs**: Bulletproofs for range proof generation/verification
+
+### How WASM Loading Works
+
+The WASM binary is **not bundled** with the SDK. Instead, it is loaded dynamically at runtime when needed. This is intentional:
+
+**Why not bundle the WASM?**
+- The `.wasm` binary is large (~774 KiB for the unified module)
+- Bundling would bloat every app using the SDK, even if they never use confidential assets
+- WASM binaries don't tree-shake - you'd pay the full size cost even if the feature is unused
+
+**What the npm dependency provides:**
+- TypeScript type definitions
+- JavaScript glue code (thin wrappers that call into WASM)
+- These are small and get bundled normally with the SDK
+
+**What gets loaded at runtime:**
+- The actual `.wasm` binary file
+- Loaded via `fetch()` + `WebAssembly.instantiate()` only when `initializeWasm()`, `initializeSolver()`, or range proof functions are called
+- **Single initialization**: Both discrete log and range proof functionality share the same WASM module, so it only needs to be loaded once
+
+**Environment-specific loading:**
+
+In **browser environments**, WASM is fetched from unpkg.com CDN.
+
+In **Node.js environments** (e.g., running tests), the code automatically detects Node.js and loads WASM from local `node_modules`. This avoids network requests and ensures tests work offline.
+
+### WASM Initialization
+
+The SDK provides unified WASM initialization:
+
+```typescript
+import { initializeWasm, isWasmInitialized } from "@aptos-labs/confidential-assets";
+
+// Initialize once - shared between discrete log and range proofs
+await initializeWasm();
+
+// Check if initialized
+if (isWasmInitialized()) {
+  // Both discrete log and range proof functions are ready
+}
+```
+
+For convenience, the SDK auto-initializes when you call any function that needs WASM. Manual initialization is only needed if you want to control when the WASM download happens.
+
+### Setting Up Local WASM for Development
+
+If you want to use locally-built WASM bindings (e.g., for development or testing changes):
+
+1. Clone and build the WASM bindings:
+   ```bash
+   cd ~/repos
+   git clone https://github.com/aptos-labs/confidential-asset-wasm-bindings
+   cd confidential-asset-wasm-bindings
+   ./scripts/build-all.sh
+   ```
+
+2. Update `package.json` to use the local path:
+   ```json
+   "@aptos-labs/confidential-asset-wasm-bindings": "file:../../confidential-asset-wasm-bindings/aptos-confidential-asset-wasm-bindings"
+   ```
+
+3. Install dependencies:
+   ```bash
+   # Use --force if you've made some local changes to the DL algorithm; otherwise the version remains the same and this does nothing
+   pnpm install
+   ```
+
+Now tests will use your locally-built WASM.
+
+---
+
+# Testing
 
 To test against a modified `aptos-core` repo:
 
@@ -20,8 +98,14 @@ pnpm test
 
 ## Useful tests to know about
 
-### Decryption times
+### Discrete log / decryption benchmarks
 
+```bash
+pnpm jest tests/units/discrete-log.test.ts
 ```
-pnpm jest tests/units/kangaroo-decryption.test.ts
+
+### Range proof tests
+
+```bash
+pnpm jest tests/units/confidentialProofs.test.ts
 ```

confidential-assets/package.json

@@ -43,7 +43,7 @@
     "publish-zeta": "pnpm build && npm publish --tag zeta"
   },
   "dependencies": {
-    "@aptos-labs/confidential-asset-wasm-bindings": "^0.0.2",
+    "@aptos-labs/confidential-asset-wasm-bindings": "^0.0.3",
     "@aptos-labs/ts-sdk": "^5.0.0",
     "@noble/curves": "^1.6.0",
     "@noble/hashes": "^1.5.0"

confidential-assets/pnpm-lock.yaml

@@ -195,25 +195,3 @@ export class BsgsSolver {
     this.initPromise = undefined;
   }
 }
-
-/**
- * Creates a decryption function using BSGS that can be passed to
- * TwistedElGamal.setDecryptionFn().
- *
- * @param bitWidths - Bit widths to support (e.g., [16, 32])
- * @returns A decryption function compatible with TwistedElGamal
- */
-export async function createBsgsDecryptionFn(
-  bitWidths: number[],
-): Promise<(point: Uint8Array) => Promise<bigint>> {
-  const solver = new BsgsSolver();
-  await solver.initialize(bitWidths);
-
-  return async (point: Uint8Array): Promise<bigint> => {
-    // Check for zero point
-    const isZero = point.every((b) => b === 0);
-    if (isZero) return 0n;
-
-    return solver.solve(point);
-  };
-}

confidential-assets/src/crypto/bsgs.ts

@@ -2,6 +2,7 @@ export * from "./twistedEd25519";
 export * from "./twistedElGamal";
 export * from "./bsgs";
 export * from "./rangeProof";
+export { initializeWasm, isWasmInitialized, ensureWasmInitialized } from "./wasmLoader";
 export * from "./chunkedAmount";
 export * from "./encryptedAmount";
 export * from "./confidentialKeyRotation";

confidential-assets/src/crypto/index.ts

@@ -1,15 +1,23 @@
 // Copyright © Aptos Foundation
 // SPDX-License-Identifier: Apache-2.0
 
-import initWasm, {
-  range_proof as rangeProof,
-  verify_proof as verifyProof,
-  batch_range_proof as batchRangeProof,
-  batch_verify_proof as batchVerifyProof,
-} from "@aptos-labs/confidential-asset-wasm-bindings/range-proofs";
-
-const RANGE_PROOF_WASM_URL =
-  "https://unpkg.com/@aptos-labs/confidential-asset-wasm-bindings@0.0.2/range-proofs/aptos_rp_wasm_bg.wasm";
+import {
+  ensureWasmInitialized,
+  initializeWasm,
+  rangeProofWasm,
+  verifyProofWasm,
+  batchRangeProofWasm,
+  batchVerifyProofWasm,
+} from "./wasmLoader";
+
+/**
+ * Initialize range proof WASM module.
+ * @param wasmSource - Optional WASM source: URL string, or Buffer/ArrayBuffer for Node.js
+ * @deprecated Use initializeWasm() from wasmLoader instead for unified initialization
+ */
+export async function initializeRangeProofWasm(wasmSource?: string | BufferSource) {
+  await initializeWasm(wasmSource);
+}
 
 export interface RangeProofInputs {
   v: bigint;
@@ -54,9 +62,9 @@ export class RangeProofExecutor {
    * @param opts.bits Bits size of value to create the range proof
    */
   static async generateRangeZKP(opts: RangeProofInputs): Promise<{ proof: Uint8Array; commitment: Uint8Array }> {
-    await initWasm({ module_or_path: RANGE_PROOF_WASM_URL });
+    await ensureWasmInitialized();
 
-    const proof = rangeProof(opts.v, opts.r, opts.valBase, opts.randBase, opts.bits ?? 32);
+    const proof = rangeProofWasm(opts.v, opts.r, opts.valBase, opts.randBase, opts.bits ?? 32);
 
     return {
       proof: proof.proof(),
@@ -74,9 +82,9 @@ export class RangeProofExecutor {
    * @param opts.bits Bits size of the value for range proof
    */
   static async verifyRangeZKP(opts: VerifyRangeProofInputs): Promise<boolean> {
-    await initWasm({ module_or_path: RANGE_PROOF_WASM_URL });
+    await ensureWasmInitialized();
 
-    return verifyProof(opts.proof, opts.commitment, opts.valBase, opts.randBase, opts.bits ?? 32);
+    return verifyProofWasm(opts.proof, opts.commitment, opts.valBase, opts.randBase, opts.bits ?? 32);
   }
 
   /**
@@ -91,9 +99,15 @@ export class RangeProofExecutor {
   static async genBatchRangeZKP(
     opts: BatchRangeProofInputs,
   ): Promise<{ proof: Uint8Array; commitments: Uint8Array[] }> {
-    await initWasm({ module_or_path: RANGE_PROOF_WASM_URL });
+    await ensureWasmInitialized();
 
-    const proof = batchRangeProof(new BigUint64Array(opts.v), opts.rs, opts.val_base, opts.rand_base, opts.num_bits);
+    const proof = batchRangeProofWasm(
+      new BigUint64Array(opts.v),
+      opts.rs,
+      opts.val_base,
+      opts.rand_base,
+      opts.num_bits,
+    );
 
     return {
       proof: proof.proof(),
@@ -111,8 +125,8 @@ export class RangeProofExecutor {
    * @param opts.num_bits Bits size of values to create the range proof
    */
   static async verifyBatchRangeZKP(opts: BatchVerifyRangeProofInputs): Promise<boolean> {
-    await initWasm({ module_or_path: RANGE_PROOF_WASM_URL });
+    await ensureWasmInitialized();
 
-    return batchVerifyProof(opts.proof, opts.comm, opts.val_base, opts.rand_base, opts.num_bits);
+    return batchVerifyProofWasm(opts.proof, opts.comm, opts.val_base, opts.rand_base, opts.num_bits);
   }
 }