waves_logo Docs
  • Ride Programming Language
    Ride Programming Language
  • Getting Started
    Getting Started
  • Syntax Basics
    • Directives
      Directives
    • Definition
      Definition
    • Expression
      Expression
    • Variable
      Variable
    • Function
      Function
    • Exception
      Exception
    • Comment
      Comment
    Syntax Basics
  • Script Types
    • dApp Script
      • Annotations
        Annotations
      • Callable Function
        Callable Function
      • Verifier Function
        Verifier Function
      dApp Script
    • Account Script
      Account Script
    • Asset Script
      Asset Script
    Script Types
  • Standard Library
    Standard Library
  • Data types
    • Any
      Any
    • BigInt
      BigInt
    • Boolean
      Boolean
    • ByteVector
      ByteVector
    • Int
      Int
    • String
      String
    • Unit
      Unit
    • List
      List
    • Tuple
      Tuple
    • Union
      Union
    Data types
  • Structures
    • Script Actions
      • BinaryEntry
        BinaryEntry
      • BooleanEntry
        BooleanEntry
      • Burn
        Burn
      • DeleteEntry
        DeleteEntry
      • IntegerEntry
        IntegerEntry
      • Issue
        Issue
      • Lease
        Lease
      • LeaseCancel
        LeaseCancel
      • Reissue
        Reissue
      • ScriptTransfer
        ScriptTransfer
      • SponsorFee
        SponsorFee
      • StringEntry
        StringEntry
      Script Actions
    • Common Structures
      • Address
        Address
      • Alias
        Alias
      • Asset
        Asset
      • AssetPair
        AssetPair
      • AttachedPayment
        AttachedPayment
      • BalanceDetails
        BalanceDetails
      • BlockInfo
        BlockInfo
      • Invocation
        Invocation
      • Order
        Order
      • Transfer
        Transfer
      Common Structures
    • Transaction Structures
      • BurnTransaction
        BurnTransaction
      • CreateAliasTransaction
        CreateAliasTransaction
      • DataTransaction
        DataTransaction
      • ExchangeTransaction
        ExchangeTransaction
      • GenesisTransaction
        GenesisTransaction
      • InvokeScriptTransaction
        InvokeScriptTransaction
      • IssueTransaction
        IssueTransaction
      • LeaseCancelTransaction
        LeaseCancelTransaction
      • LeaseTransaction
        LeaseTransaction
      • MassTransferTransaction
        MassTransferTransaction
      • ReissueTransaction
        ReissueTransaction
      • SetAssetScriptTransaction
        SetAssetScriptTransaction
      • SetScriptTransaction
        SetScriptTransaction
      • SponsorFeeTransaction
        SponsorFeeTransaction
      • TransferTransaction
        TransferTransaction
      • UpdateAssetInfoTransaction
        UpdateAssetInfoTransaction
      Transaction Structures
    Structures
  • Built-in Variables
    Built-in Variables
  • Built-in Functions
    • Account Data Storage Functions
      Account Data Storage Functions
    • Blockchain Functions
      Blockchain Functions
    • Byte Array Functions
      Byte Array Functions
    • Converting Functions
      Converting Functions
    • dApp-to-dApp Invocation Function
      dApp-to-dApp Invocation Function
    • Data Transaction Functions
      Data Transaction Functions
    • Decoding Functions
      Decoding Functions
    • Encoding Functions
      Encoding Functions
    • Exception Functions
      Exception Functions
    • Hashing Functions
      Hashing Functions
    • List Functions
      List Functions
    • Math Functions
      Math Functions
    • String Functions
      String Functions
    • Union Functions
      Union Functions
    • Verification Functions
      Verification Functions
    Built-in Functions
  • Operators
    Operators
  • match ... case: Pattern Matching
    match ... case: Pattern Matching
  • Iterations with FOLD<N>
    Iterations with FOLD<N>
  • dApp-to-dApp Invocation
    dApp-to-dApp Invocation
  • Limitations
    • Complexity
      Complexity
    • Data Weight
      Data Weight
    Limitations
  • Previous Versions
    • Version 5
      • Callable Function
        Callable Function
      • Data types
        • Any
          Any
        • BigInt
          BigInt
        • Boolean
          Boolean
        • ByteVector
          ByteVector
        • Int
          Int
        • String
          String
        • Unit
          Unit
        • List
          List
        • Tuple
          Tuple
        • Union
          Union
        Data types
      • Structures
        • Script Actions
          • BinaryEntry
            BinaryEntry
          • BooleanEntry
            BooleanEntry
          • Burn
            Burn
          • DeleteEntry
            DeleteEntry
          • IntegerEntry
            IntegerEntry
          • Issue
            Issue
          • Lease
            Lease
          • LeaseCancel
            LeaseCancel
          • Reissue
            Reissue
          • ScriptTransfer
            ScriptTransfer
          • SponsorFee
            SponsorFee
          • StringEntry
            StringEntry
          Script Actions
        • Common Structures
          • Address
            Address
          • Alias
            Alias
          • Asset
            Asset
          • AssetPair
            AssetPair
          • AttachedPayment
            AttachedPayment
          • BalanceDetails
            BalanceDetails
          • BlockInfo
            BlockInfo
          • Invocation
            Invocation
          • Order
            Order
          • Transfer
            Transfer
          Common Structures
        • Transaction Structures
          • BurnTransaction
            BurnTransaction
          • CreateAliasTransaction
            CreateAliasTransaction
          • DataTransaction
            DataTransaction
          • ExchangeTransaction
            ExchangeTransaction
          • GenesisTransaction
            GenesisTransaction
          • InvokeScriptTransaction
            InvokeScriptTransaction
          • IssueTransaction
            IssueTransaction
          • LeaseCancelTransaction
            LeaseCancelTransaction
          • LeaseTransaction
            LeaseTransaction
          • MassTransferTransaction
            MassTransferTransaction
          • ReissueTransaction
            ReissueTransaction
          • SetAssetScriptTransaction
            SetAssetScriptTransaction
          • SetScriptTransaction
            SetScriptTransaction
          • SponsorFeeTransaction
            SponsorFeeTransaction
          • TransferTransaction
            TransferTransaction
          • UpdateAssetInfoTransaction
            UpdateAssetInfoTransaction
          Transaction Structures
        Structures
      • Built-in Variables
        Built-in Variables
      • Built-in Functions
        • Account Data Storage Functions
          Account Data Storage Functions
        • Blockchain Functions
          Blockchain Functions
        • Byte Array Functions
          Byte Array Functions
        • Converting Functions
          Converting Functions
        • dApp-to-dApp Invocation Function
          dApp-to-dApp Invocation Function
        • Data Transaction Functions
          Data Transaction Functions
        • Decoding Functions
          Decoding Functions
        • Encoding Functions
          Encoding Functions
        • Exception Functions
          Exception Functions
        • Hashing Functions
          Hashing Functions
        • List Functions
          List Functions
        • Math Functions
          Math Functions
        • String Functions
          String Functions
        • Union Functions
          Union Functions
        • Verification Functions
          Verification Functions
        Built-in Functions
      • Operators
        Operators
      • Limitations
        • Data Weight
          Data Weight
        Limitations
      Version 5
    • Version 4 and 3
      • Callable Function
        Callable Function
      • Data types
        • Boolean
          Boolean
        • ByteVector
          ByteVector
        • Int
          Int
        • String
          String
        • Unit
          Unit
        • List
          List
        • Tuple
          Tuple
        • Union
          Union
        Data types
      • Structures
        • Script Actions
          • BinaryEntry (v4)
            BinaryEntry (v4)
          • BooleanEntry (v4)
            BooleanEntry (v4)
          • Burn (v4)
            Burn (v4)
          • DataEntry (v3)
            DataEntry (v3)
          • DeleteEntry (v4)
            DeleteEntry (v4)
          • IntegerEntry (v4)
            IntegerEntry (v4)
          • Issue (v4)
            Issue (v4)
          • Reissue (v4)
            Reissue (v4)
          • ScriptTransfer (v3 and v4)
            ScriptTransfer (v3 and v4)
          • SponsorFee (v4)
            SponsorFee (v4)
          • StringEntry (v4)
            StringEntry (v4)
          Script Actions
        • Script Results (v3)
          • ScriptResult
            ScriptResult
          • TransferSet
            TransferSet
          • WriteSet
            WriteSet
          Script Results (v3)
        • Common Structures
          • Address
            Address
          • Alias
            Alias
          • Asset
            Asset
          • AssetPair
            AssetPair
          • AttachedPayment
            AttachedPayment
          • BalanceDetails
            BalanceDetails
          • BlockInfo
            BlockInfo
          • Invocation
            Invocation
          • Order
            Order
          • Transfer
            Transfer
          Common Structures
        • Transaction Structures
          • BurnTransaction
            BurnTransaction
          • CreateAliasTransaction
            CreateAliasTransaction
          • DataTransaction
            DataTransaction
          • ExchangeTransaction
            ExchangeTransaction
          • GenesisTransaction
            GenesisTransaction
          • InvokeScriptTransaction
            InvokeScriptTransaction
          • IssueTransaction
            IssueTransaction
          • LeaseCancelTransaction
            LeaseCancelTransaction
          • LeaseTransaction
            LeaseTransaction
          • MassTransferTransaction
            MassTransferTransaction
          • ReissueTransaction
            ReissueTransaction
          • SetAssetScriptTransaction
            SetAssetScriptTransaction
          • SetScriptTransaction
            SetScriptTransaction
          • SponsorFeeTransaction
            SponsorFeeTransaction
          • TransferTransaction
            TransferTransaction
          • UpdateAssetInfoTransaction
            UpdateAssetInfoTransaction
          Transaction Structures
        Structures
      • Built-in Variables
        Built-in Variables
      • Built-in Functions
        • Account Data Storage Functions
          Account Data Storage Functions
        • Blockchain Functions
          Blockchain Functions
        • Byte Array Functions
          Byte Array Functions
        • Converting Functions
          Converting Functions
        • Data Transaction Functions
          Data Transaction Functions
        • Decoding Functions
          Decoding Functions
        • Encoding Functions
          Encoding Functions
        • Exception Functions
          Exception Functions
        • Hashing Functions
          Hashing Functions
        • List Functions
          List Functions
        • Math Functions
          Math Functions
        • String Functions
          String Functions
        • Union Functions
          Union Functions
        • Verification Functions
          Verification Functions
        Built-in Functions
      • Operators
        Operators
      • Limitations
        • Data Weight
          Data Weight
        Limitations
      Version 4 and 3
    Previous Versions
  • Import Libraries
    Import Libraries
  • Ride Components
    Ride Components
      • English
      • Русский
      On this page
        • bn256Groth16Verify
        • createMerkleRoot
        • ecrecover
        • groth16Verify
        • rsaVerify
        • sigVerify
      waves_logo Docs

          # Verification functions

          Name Description Complexity
          bn256Groth16Verify Range of functions.
          Check zk-SNARK by groth16 protocol on the bn254 curve
          800–1650
          createMerkleRoot Calculates the Merkle root hash for transactions of block 30
          ecrecover Recovers public key from the message hash and the ECDSA digital signature 70
          groth16Verify Range of functions.
          Check zk-SNARK by groth16 protocol on the bls12-381 curve
          1200–2700
          rsaVerify Range of functions.
          Check that the RSA digital signature is valid
          500–1000
          sigVerify Range of functions.
          Check that the Curve25519 digital signature is valid
          43–180

          # bn256Groth16Verify

          Range of functions. Check zk-SNARK by groth16 protocol on the bn254 curve. (Although the curve is called bn254 in the scientific literature, it is commonly referred to as bn256 in the code.)

          Name Max number of inputs Complexity
          bn256Groth16Verify(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 16 1650
          bn256Groth16Verify_1inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 1 800
          bn256Groth16Verify_2inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 2 850
          bn256Groth16Verify_3inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 3 950
          bn256Groth16Verify_4inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 4 1000
          bn256Groth16Verify_5inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 5 1050
          bn256Groth16Verify_6inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 6 1100
          bn256Groth16Verify_7inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 7 1150
          bn256Groth16Verify_8inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 8 1200
          bn256Groth16Verify_9inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 9 1250
          bn256Groth16Verify_10inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 10 1300
          bn256Groth16Verify_11inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 11 1350
          bn256Groth16Verify_12inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 12 1400
          bn256Groth16Verify_13inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 13 1450
          bn256Groth16Verify_14inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 14 1550
          bn256Groth16Verify_15inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 15 1600

          # Parameters

          Parameter Description
          vk: ByteVector Key for the check.
          Maximum size:
          • For bn256Groth16Verify_<N>inputs function — 256 + 32 × N bytes.
          • For bn256Groth16Verify function — 256 + 32 × 16 =768 bytes
          proof: ByteVector Zero-knowledge proof . Fixed size: 128 bytes
          inputs: ByteVector Zero-knowledge proof's public inputs array. For example, array of UTXO hashes in case of shielded transactions.
          Maximum size:
          • For bn256Groth16Verify_<N>inputs function – 32 × N bytes.
          • For bn256Groth16Verify function – 512 bytes

          # createMerkleRoot

          Calculates the Merkle root hash for transactions of block on the basis of the transaction hash and the sibling hashes of the Merkle tree. BLAKE2b-256 algorithm is used for hashing. To check for the transaction in the block, you need to compare the calculated hash with the transactionsRoot field in the block header. For more informtion see the Transactions Root Hash.

          createMerkleRoot(merkleProofs: List[ByteVector], valueBytes: ByteVector, index: Int): ByteVector
          

          # Parameters

          Parameter Description
          merkleProofs: List[ByteVector] Array of sibling hashes of the Merkle tree. Up to 16 items, 32 bytes each
          valueBytes: ByteVector Hash of transaction. Fixed size: 32 bytes. You can use blake2b256 function. The transaction must be hashed together with the signature
          index: Int Index of the transaction in the block

          # ecrecover

          Recovers public key from the message hash and the ECDSA digital signature based on the secp256k1 elliptic curve. Fails if the recovery failed.

          The public key is returned in uncompressed format (64 bytes).

          The function can be used to verify the digital signature of a message by comparing the recovered public key with the sender’s key.

          ecrecover(messageHash: ByteVector, signature: ByteVector): ByteVector
          

          # Parameters

          Parameter Description
          messageHash: ByteVector Keccak-256 hash of the message. Fixed size: 32 bytes
          signature: ByteVector ECDSA digital signature. Fixed size: 65 bytes

          # Example

          Verify the transaction of the Ethereum blockchain using the following data:

          • the transaction;
          • the signature that is generated by the ecsign functions (r, s, and v bytes concatenation);
          • sender public key.
          func check(t: ByteVector, signature: ByteVector, publicKey: ByteVector) = {
             ecrecover(keccak256(t), signature) == publicKey
          }
          

          # groth16Verify

          Range of functions. Check zk-SNARK by groth16 protocol.

          Name Max number of inputs Complexity
          groth16Verify(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 16 2700
          groth16Verify_1inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 1 1200
          groth16Verify_2inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 2 1300
          groth16Verify_3inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 3 1400
          groth16Verify_4inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 4 1500
          groth16Verify_5inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 5 1600
          groth16Verify_6inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 6 1700
          groth16Verify_7inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 7 1800
          groth16Verify_8inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 8 1900
          groth16Verify_9inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 9 2000
          groth16Verify_10inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 10 2100
          groth16Verify_11inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 11 2200
          groth16Verify_12inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 12 2300
          groth16Verify_13inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 13 2400
          groth16Verify_14inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 14 2500
          groth16Verify_15inputs(vk:ByteVector, proof:ByteVector, inputs:ByteVector): Boolean 15 2600

          # Parameters

          Parameter Description
          vk: ByteVector Key for the check.
          Maximum size:
          • For groth16Verify_<N>inputs function — 384 + 48 × N bytes.
          • For groth16Verify function — 384 + 48 × 16 =1152 bytes
          proof: ByteVector Zero-knowledge proof . Fixed size: 192 bytes
          inputs: ByteVector Zero-knowledge proof's public inputs array.
          Maximum size:
          • For groth16Verify_<N>inputs function – 32 × N bytes.
          • For groth16Verify function – 512 bytes

          # Example

          groth16Verify(vk, proof, inputs)
          

          # rsaVerify

          Range of functions. Check that the RSA digital signature is valid, i.e. it was created by the owner of the public key.

          Name Max message size Complexity
          rsaVerify(digest: digestAlgorithmType, message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean Max size of ByteVector 1000
          rsaVerify_16Kb(digest: digestAlgorithmType, message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 16 kB 500
          rsaVerify_32Kb(digest: digestAlgorithmType, message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 32 kB 550
          rsaVerify_64Kb(digest: digestAlgorithmType, message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 64 kB 625
          rsaVerify_128Kb(digest: digestAlgorithmType, message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 128 kB 750

          The recommended RSA key module length is at least 2048 bits.

          Data can be hashed before signing using one of the following algorithms:

          • MD5
          • SHA-1
          • SHA-224
          • SHA-256
          • SHA-384
          • SHA-512
          • SHA3-224
          • SHA3-256
          • SHA3-384
          • SHA3-512

          ⚠️ MD5 and SHA-1 are outdated algorithms for which collisions were found. They are for backward compatibility only. The app developer is responsible for selecting a secure hashing algorithm.

          # Parameters

          Parameter Description
          digest: digestAlgorithmType The hashing algorithm applied to the data before signing. Acceptable values:
          • NOALG — data is not hashed.
          • MD5
          • SHA1
          • SHA224
          • SHA256
          • SHA384
          • SHA512
          • SHA3224
          • SHA3256
          • SHA3384
          • SHA3512
          message: ByteVector Signed data.
          Maximum size:
          • For rsaVerify_<N>Kb functions – N kB.
          • For rsaVerify function — 150 kB.
          sig: ByteVector Digital signature. Fixed size: 25 bytes
          pub: ByteVector Binary public key. Fixed size: 294 bytes

          # sigVerify

          Range of functions. Check that the Curve25519 digital signature is valid, i.e. it was created by the owner of the public key.

          Name Max message size Complexity
          sigVerify(message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean Max size of ByteVector 180
          sigVerify_8Kb(message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 8 kB 43
          sigVerify_16Kb(message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 16 kB 50
          sigVerify_32Kb(message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 32 kB 64
          sigVerify_64Kb(message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 64 kB 93
          sigVerify_128Kb(message: ByteVector, sig: ByteVector, pub: ByteVector): Boolean 128 kB 150

          # Parameters

          Parameter Description
          message: ByteVector Signed data.
          Maximum size:
          • For rsaVerify_<N>Kb functions – N kB.
          • For rsaVerify function — 150 kB.
          sig: ByteVector Digital signature. Fixed size: 25 bytes
          pub: ByteVector Binary public key. Fixed size: 294 bytes
          Union Functions
          Operators
          Union Functions
          Operators