@izi-noir/sdk 0.1.13 → 0.1.15

package/dist/index.cjs

@@ -142,10 +142,13 @@ var init_R1csBuilder = __esm({
       // w_0 = 1 is reserved
       publicIndices = [];
       privateIndices = [];
+      auxWitnessComputations = [];
       // BN254 scalar field modulus - 1 (for representing -1)
       // Fr modulus = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001
       // -1 mod Fr = Fr - 1
       NEG_ONE = "0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000000";
+      // Number of bits for range checks (64 bits handles values up to ~18 quintillion)
+      COMPARISON_BITS = 64;
       /**
        * Build R1CS definition from the parsed circuit
        */
@@ -158,7 +161,8 @@ var init_R1csBuilder = __esm({
           num_witnesses: this.nextWitnessIdx,
           public_inputs: this.publicIndices,
           private_inputs: this.privateIndices,
-          constraints: this.constraints
+          constraints: this.constraints,
+          auxWitnessComputations: this.auxWitnessComputations.length > 0 ? this.auxWitnessComputations : void 0
         };
       }
       /**
@@ -255,13 +259,18 @@ var init_R1csBuilder = __esm({
             throw new Error(
               `Arithmetic operator ${operator} must be part of an equality assertion. Use: assert(a ${operator} b == c)`
             );
-          case "<":
+          case ">=":
+            this.processGreaterThanOrEqual(left, right);
+            break;
           case ">":
+            this.processGreaterThan(left, right);
+            break;
           case "<=":
-          case ">=":
-            throw new Error(
-              `Comparison operators (${operator}) require range proofs which are not yet supported. Use the Barretenberg backend for comparison operations.`
-            );
+            this.processGreaterThanOrEqual(right, left);
+            break;
+          case "<":
+            this.processGreaterThan(right, left);
+            break;
           case "&":
           case "|":
             throw new Error(
@@ -368,6 +377,105 @@ var init_R1csBuilder = __esm({
           // = c
         });
       }
+      /**
+       * Process greater than or equal: assert(a >= b)
+       * Uses bit decomposition to prove that a - b is non-negative.
+       *
+       * The approach:
+       * 1. Create diff = a - b
+       * 2. Decompose diff into COMPARISON_BITS bits
+       * 3. For each bit: bit_i * (1 - bit_i) = 0 (ensures 0 or 1)
+       * 4. Sum of bits * powers of 2 = diff
+       *
+       * If decomposition succeeds, diff is in [0, 2^COMPARISON_BITS - 1], so a >= b
+       */
+      processGreaterThanOrEqual(left, right) {
+        const leftIdx = this.getOrCreateWitness(left);
+        const rightIdx = this.getOrCreateWitness(right);
+        const diffIdx = this.nextWitnessIdx++;
+        this.auxWitnessComputations.push({
+          type: "subtract",
+          targetIdx: diffIdx,
+          leftIdx,
+          rightIdx
+        });
+        this.constraints.push({
+          a: [
+            ["0x1", leftIdx],
+            [this.NEG_ONE, rightIdx]
+          ],
+          b: [["0x1", 0]],
+          // * 1
+          c: [["0x1", diffIdx]]
+        });
+        this.addBitDecompositionConstraints(diffIdx);
+      }
+      /**
+       * Process greater than: assert(a > b)
+       * Equivalent to assert(a - b - 1 >= 0), or assert(a >= b + 1)
+       */
+      processGreaterThan(left, right) {
+        const leftIdx = this.getOrCreateWitness(left);
+        const rightIdx = this.getOrCreateWitness(right);
+        const diffIdx = this.nextWitnessIdx++;
+        this.auxWitnessComputations.push({
+          type: "subtract",
+          targetIdx: diffIdx,
+          leftIdx,
+          rightIdx,
+          offset: -1
+          // For > operator: diff = left - right - 1
+        });
+        this.constraints.push({
+          a: [
+            ["0x1", leftIdx],
+            [this.NEG_ONE, rightIdx],
+            [this.NEG_ONE, 0]
+            // -1 (using w_0 = 1)
+          ],
+          b: [["0x1", 0]],
+          // * 1
+          c: [["0x1", diffIdx]]
+        });
+        this.addBitDecompositionConstraints(diffIdx);
+      }
+      /**
+       * Add bit decomposition constraints for a value.
+       * Creates COMPARISON_BITS witnesses for the bits and constrains:
+       * 1. Each bit is 0 or 1: bit * (1 - bit) = 0
+       * 2. Sum of bits * 2^i = value
+       */
+      addBitDecompositionConstraints(valueIdx) {
+        const bitIndices = [];
+        for (let i = 0; i < this.COMPARISON_BITS; i++) {
+          const bitIdx = this.nextWitnessIdx++;
+          bitIndices.push(bitIdx);
+          this.constraints.push({
+            a: [["0x1", bitIdx]],
+            b: [["0x1", bitIdx]],
+            c: [["0x1", bitIdx]]
+          });
+        }
+        this.auxWitnessComputations.push({
+          type: "bit_decompose",
+          targetIdx: bitIndices[0],
+          // First bit index (for reference)
+          sourceIdx: valueIdx,
+          bitIndices,
+          numBits: this.COMPARISON_BITS
+        });
+        const sumTerms = [];
+        for (let i = 0; i < this.COMPARISON_BITS; i++) {
+          const coeff = (1n << BigInt(i)).toString(16);
+          sumTerms.push([`0x${coeff}`, bitIndices[i]]);
+        }
+        this.constraints.push({
+          a: sumTerms,
+          b: [["0x1", 0]],
+          // * 1
+          c: [["0x1", valueIdx]]
+        });
+      }
       /**
        * Process a variable declaration: let x = expr
        * Creates a new witness for x and adds constraint if needed
@@ -789,6 +897,15 @@ authors = [""]
           const strVal = String(value);
           witnessMap[r1csIndex.toString()] = strVal;
         }
+        const r1cs = JSON.parse(circuit.r1csJson);
+        if (r1cs.auxWitnessComputations && r1cs.auxWitnessComputations.length > 0) {
+          console.log("=== AUXILIARY WITNESS COMPUTATION ===");
+          console.log("Input witnesses:", JSON.stringify(witnessMap, null, 2));
+          console.log("Computations:", JSON.stringify(r1cs.auxWitnessComputations, null, 2));
+          this.computeAuxiliaryWitnesses(witnessMap, r1cs.auxWitnessComputations);
+          console.log("After aux computation:", JSON.stringify(witnessMap, null, 2));
+          console.log("=====================================");
+        }
         const witnessJson = JSON.stringify(witnessMap);
         let provingKey = circuit.provingKey;
         if (!provingKey) {
@@ -841,6 +958,63 @@ authors = [""]
           publicInputs.length
         );
       }
+      /**
+       * Compute auxiliary witnesses based on computation instructions from R1csBuilder.
+       * This handles witnesses that noir_js cannot compute (e.g., bit decomposition for >= operator).
+       */
+      computeAuxiliaryWitnesses(witnessMap, computations) {
+        const FR_MODULUS = BigInt("0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001");
+        const getWitnessValue = (idx) => {
+          if (idx === 0) return 1n;
+          const val = witnessMap[idx.toString()];
+          if (val === void 0) {
+            throw new Error(`Witness w_${idx} not found`);
+          }
+          if (val.startsWith("0x")) {
+            return BigInt(val);
+          }
+          return BigInt(val);
+        };
+        const setWitnessValue = (idx, val) => {
+          const normalized = (val % FR_MODULUS + FR_MODULUS) % FR_MODULUS;
+          witnessMap[idx.toString()] = "0x" + normalized.toString(16);
+        };
+        for (const comp of computations) {
+          switch (comp.type) {
+            case "subtract": {
+              const left = getWitnessValue(comp.leftIdx);
+              const right = getWitnessValue(comp.rightIdx);
+              const offset = BigInt(comp.offset ?? 0);
+              const result = left - right + offset;
+              setWitnessValue(comp.targetIdx, result);
+              break;
+            }
+            case "bit_decompose": {
+              const source = getWitnessValue(comp.sourceIdx);
+              const bitIndices = comp.bitIndices;
+              const numBits = comp.numBits;
+              if (source < 0n) {
+                throw new Error(
+                  `Bit decomposition failed: value ${source} is negative. This means the comparison constraint is not satisfied.`
+                );
+              }
+              const maxVal = (1n << BigInt(numBits)) - 1n;
+              if (source > maxVal) {
+                throw new Error(
+                  `Bit decomposition failed: value ${source} exceeds ${numBits} bits (max: ${maxVal}). Consider using a larger bit width or smaller values.`
+                );
+              }
+              for (let i = 0; i < numBits; i++) {
+                const bit = source >> BigInt(i) & 1n;
+                setWitnessValue(bitIndices[i], bit);
+              }
+              break;
+            }
+            default:
+              throw new Error(`Unknown auxiliary witness computation type: ${comp.type}`);
+          }
+        }
+      }
       /**
        * Get the verifying key in gnark format for on-chain deployment
        */

package/dist/index.d.cts

@@ -2,7 +2,7 @@ import { I as IChainFormatter } from './wasmInit-Wyynuk6r.cjs';
 export { C as ChainProofDataFor, D as DeployResult, a as IziNoir, S as SolanaDeployData, V as VerifyOnChainResult, W as WalletAdapter, i as initNoirWasm, b as isWasmInitialized, m as markWasmInitialized } from './wasmInit-Wyynuk6r.cjs';
 import { P as ProofData, S as SolanaProofData, a as CircuitFunction, I as InputValue, b as ProofResult } from './types-CxkI04bP.cjs';
 export { C as CompileResult, c as ProofTimings, d as ProverOptions, e as VerifierOptions, V as VerifyingKeyData } from './types-CxkI04bP.cjs';
-import { c as CircuitMetadata, S as SolanaChainMetadata, g as ParsedCircuit, I as IProvingSystem } from './IProvingSystem-SfzgcbqH.cjs';
+import { g as ParsedCircuit, c as CircuitMetadata, S as SolanaChainMetadata, I as IProvingSystem } from './IProvingSystem-SfzgcbqH.cjs';
 export { A as AssertStatement, B as BinaryExpr, o as BinaryOperator, e as Chain, b as ChainId, h as ChainMetadata, d as ChainMetadataFor, l as CircuitParam, C as CircuitPaths, f as CompileOptions, E as EthereumChainMetadata, m as Expr, i as ICompiler, j as IProver, k as IVerifier, n as IdentifierExpr, a as IziNoirConfig, L as LiteralExpr, M as MemberExpr, q as NETWORK_CONFIG, N as Network, t as NetworkConfig, P as Provider, p as Statement, s as getExplorerAccountUrl, r as getExplorerTxUrl } from './IProvingSystem-SfzgcbqH.cjs';
 import { ArkworksWasm, ArkworksWasmConfig } from './providers/arkworks.cjs';
 export { ArkworksCompiledCircuit, ArkworksProofResult, ArkworksSetupResult, ArkworksWasmModule, isArkworksCircuit } from './providers/arkworks.cjs';
@@ -11,60 +11,6 @@ export { CompiledCircuit, InputMap } from '@noir-lang/types';
 export { Barretenberg } from './providers/barretenberg.cjs';
 export { IZI_NOIR_PROGRAM_ID, buildInitVkFromBytesData, buildVerifyProofData, calculateVkAccountRent, calculateVkAccountSize, parseProof, parsePublicInputs, parseVerifyingKey } from './providers/solana.cjs';
 
-/**
- * Formatter for Solana-compatible proof data.
- *
- * Converts generic ProofData into SolanaProofData format with:
- * - Verifying key in gnark format (compatible with gnark-verifier-solana)
- * - Proof bytes (256 bytes Groth16)
- * - Public inputs as 32-byte arrays
- * - VK account size and rent estimates
- *
- * @example
- * ```typescript
- * const formatter = new SolanaFormatter(arkworksProvider);
- * const solanaProof = await formatter.formatProof(proofData, circuit, metadata);
- * ```
- */
-declare class SolanaFormatter implements IChainFormatter<'solana'> {
-    private arkworksProvider;
-    readonly chainId: "solana";
-    constructor(arkworksProvider: ArkworksWasm);
-    /**
-     * Format a generic proof for Solana on-chain verification.
-     *
-     * @param proofData - Generic proof data from Arkworks
-     * @param circuit - The compiled circuit (must be Arkworks circuit)
-     * @param metadata - Circuit metadata with public input count
-     * @returns SolanaProofData ready for on-chain verification
-     */
-    formatProof(proofData: ProofData, circuit: CompiledCircuit, metadata: CircuitMetadata): Promise<SolanaProofData>;
-    /**
-     * Get Solana-specific metadata for a circuit.
-     *
-     * @param publicInputCount - Number of public inputs in the circuit
-     * @returns Solana metadata with account size and rent estimates
-     */
-    getChainMetadata(publicInputCount: number): SolanaChainMetadata;
-    /**
-     * Calculate the size of a VK account for a given number of public inputs.
-     * Matches the Rust `vk_account_size` function in the Solana program.
-     */
-    private calculateVkAccountSize;
-    /**
-     * Calculate the minimum rent for a VK account.
-     */
-    private calculateVkAccountRent;
-    /**
-     * Convert Uint8Array to base64 string.
-     */
-    private uint8ArrayToBase64;
-    /**
-     * Convert hex string to Uint8Array.
-     */
-    private hexToBytes;
-}
-
 /**
  * R1csBuilder - Generates R1CS constraints from ParsedCircuit
  *
@@ -88,6 +34,28 @@ interface R1csConstraint {
     b: [string, number][];
     c: [string, number][];
 }
+/**
+ * Auxiliary witness computation instruction
+ * Tells the prover how to compute auxiliary witnesses from input witnesses
+ */
+interface AuxWitnessComputation {
+    /** Type of computation */
+    type: 'subtract' | 'bit_decompose';
+    /** Witness index to compute */
+    targetIdx: number;
+    /** For 'subtract': left operand witness index */
+    leftIdx?: number;
+    /** For 'subtract': right operand witness index */
+    rightIdx?: number;
+    /** For 'subtract': additional constant offset to subtract (e.g., -1 for > operator) */
+    offset?: number;
+    /** For 'bit_decompose': source value witness index */
+    sourceIdx?: number;
+    /** For 'bit_decompose': array of bit witness indices (LSB first) */
+    bitIndices?: number[];
+    /** For 'bit_decompose': number of bits */
+    numBits?: number;
+}
 /**
  * Complete R1CS definition for arkworks-groth16-wasm
  */
@@ -96,6 +64,8 @@ interface R1csDefinition {
     public_inputs: number[];
     private_inputs: number[];
     constraints: R1csConstraint[];
+    /** Instructions for computing auxiliary witnesses */
+    auxWitnessComputations?: AuxWitnessComputation[];
 }
 /**
  * Builds R1CS constraints from a ParsedCircuit
@@ -107,7 +77,9 @@ declare class R1csBuilder {
     private nextWitnessIdx;
     private publicIndices;
     private privateIndices;
+    private auxWitnessComputations;
     private readonly NEG_ONE;
+    private readonly COMPARISON_BITS;
     constructor(parsedCircuit: ParsedCircuit);
     /**
      * Build R1CS definition from the parsed circuit
@@ -156,6 +128,31 @@ declare class R1csBuilder {
      * R1CS: (a - b) * 1 = c
      */
     private processSubtractionEquality;
+    /**
+     * Process greater than or equal: assert(a >= b)
+     * Uses bit decomposition to prove that a - b is non-negative.
+     *
+     * The approach:
+     * 1. Create diff = a - b
+     * 2. Decompose diff into COMPARISON_BITS bits
+     * 3. For each bit: bit_i * (1 - bit_i) = 0 (ensures 0 or 1)
+     * 4. Sum of bits * powers of 2 = diff
+     *
+     * If decomposition succeeds, diff is in [0, 2^COMPARISON_BITS - 1], so a >= b
+     */
+    private processGreaterThanOrEqual;
+    /**
+     * Process greater than: assert(a > b)
+     * Equivalent to assert(a - b - 1 >= 0), or assert(a >= b + 1)
+     */
+    private processGreaterThan;
+    /**
+     * Add bit decomposition constraints for a value.
+     * Creates COMPARISON_BITS witnesses for the bits and constrains:
+     * 1. Each bit is 0 or 1: bit * (1 - bit) = 0
+     * 2. Sum of bits * 2^i = value
+     */
+    private addBitDecompositionConstraints;
     /**
      * Process a variable declaration: let x = expr
      * Creates a new witness for x and adds constraint if needed
@@ -176,6 +173,60 @@ declare class R1csBuilder {
     private getOrCreateWitness;
 }
 
+/**
+ * Formatter for Solana-compatible proof data.
+ *
+ * Converts generic ProofData into SolanaProofData format with:
+ * - Verifying key in gnark format (compatible with gnark-verifier-solana)
+ * - Proof bytes (256 bytes Groth16)
+ * - Public inputs as 32-byte arrays
+ * - VK account size and rent estimates
+ *
+ * @example
+ * ```typescript
+ * const formatter = new SolanaFormatter(arkworksProvider);
+ * const solanaProof = await formatter.formatProof(proofData, circuit, metadata);
+ * ```
+ */
+declare class SolanaFormatter implements IChainFormatter<'solana'> {
+    private arkworksProvider;
+    readonly chainId: "solana";
+    constructor(arkworksProvider: ArkworksWasm);
+    /**
+     * Format a generic proof for Solana on-chain verification.
+     *
+     * @param proofData - Generic proof data from Arkworks
+     * @param circuit - The compiled circuit (must be Arkworks circuit)
+     * @param metadata - Circuit metadata with public input count
+     * @returns SolanaProofData ready for on-chain verification
+     */
+    formatProof(proofData: ProofData, circuit: CompiledCircuit, metadata: CircuitMetadata): Promise<SolanaProofData>;
+    /**
+     * Get Solana-specific metadata for a circuit.
+     *
+     * @param publicInputCount - Number of public inputs in the circuit
+     * @returns Solana metadata with account size and rent estimates
+     */
+    getChainMetadata(publicInputCount: number): SolanaChainMetadata;
+    /**
+     * Calculate the size of a VK account for a given number of public inputs.
+     * Matches the Rust `vk_account_size` function in the Solana program.
+     */
+    private calculateVkAccountSize;
+    /**
+     * Calculate the minimum rent for a VK account.
+     */
+    private calculateVkAccountRent;
+    /**
+     * Convert Uint8Array to base64 string.
+     */
+    private uint8ArrayToBase64;
+    /**
+     * Convert hex string to Uint8Array.
+     */
+    private hexToBytes;
+}
+
 interface IParser {
     parse(fn: CircuitFunction, publicInputs: InputValue[], privateInputs: InputValue[]): ParsedCircuit;
 }

package/dist/index.d.ts

@@ -2,7 +2,7 @@ import { I as IChainFormatter } from './wasmInit-D3RyRKIC.js';
 export { C as ChainProofDataFor, D as DeployResult, a as IziNoir, S as SolanaDeployData, V as VerifyOnChainResult, W as WalletAdapter, i as initNoirWasm, b as isWasmInitialized, m as markWasmInitialized } from './wasmInit-D3RyRKIC.js';
 import { P as ProofData, S as SolanaProofData, a as CircuitFunction, I as InputValue, b as ProofResult } from './types-CxkI04bP.js';
 export { C as CompileResult, c as ProofTimings, d as ProverOptions, e as VerifierOptions, V as VerifyingKeyData } from './types-CxkI04bP.js';
-import { c as CircuitMetadata, S as SolanaChainMetadata, g as ParsedCircuit, I as IProvingSystem } from './IProvingSystem-BKgFRl27.js';
+import { g as ParsedCircuit, c as CircuitMetadata, S as SolanaChainMetadata, I as IProvingSystem } from './IProvingSystem-BKgFRl27.js';
 export { A as AssertStatement, B as BinaryExpr, o as BinaryOperator, e as Chain, b as ChainId, h as ChainMetadata, d as ChainMetadataFor, l as CircuitParam, C as CircuitPaths, f as CompileOptions, E as EthereumChainMetadata, m as Expr, i as ICompiler, j as IProver, k as IVerifier, n as IdentifierExpr, a as IziNoirConfig, L as LiteralExpr, M as MemberExpr, q as NETWORK_CONFIG, N as Network, t as NetworkConfig, P as Provider, p as Statement, s as getExplorerAccountUrl, r as getExplorerTxUrl } from './IProvingSystem-BKgFRl27.js';
 import { ArkworksWasm, ArkworksWasmConfig } from './providers/arkworks.js';
 export { ArkworksCompiledCircuit, ArkworksProofResult, ArkworksSetupResult, ArkworksWasmModule, isArkworksCircuit } from './providers/arkworks.js';
@@ -11,60 +11,6 @@ export { CompiledCircuit, InputMap } from '@noir-lang/types';
 export { Barretenberg } from './providers/barretenberg.js';
 export { IZI_NOIR_PROGRAM_ID, buildInitVkFromBytesData, buildVerifyProofData, calculateVkAccountRent, calculateVkAccountSize, parseProof, parsePublicInputs, parseVerifyingKey } from './providers/solana.js';
 
-/**
- * Formatter for Solana-compatible proof data.
- *
- * Converts generic ProofData into SolanaProofData format with:
- * - Verifying key in gnark format (compatible with gnark-verifier-solana)
- * - Proof bytes (256 bytes Groth16)
- * - Public inputs as 32-byte arrays
- * - VK account size and rent estimates
- *
- * @example
- * ```typescript
- * const formatter = new SolanaFormatter(arkworksProvider);
- * const solanaProof = await formatter.formatProof(proofData, circuit, metadata);
- * ```
- */
-declare class SolanaFormatter implements IChainFormatter<'solana'> {
-    private arkworksProvider;
-    readonly chainId: "solana";
-    constructor(arkworksProvider: ArkworksWasm);
-    /**
-     * Format a generic proof for Solana on-chain verification.
-     *
-     * @param proofData - Generic proof data from Arkworks
-     * @param circuit - The compiled circuit (must be Arkworks circuit)
-     * @param metadata - Circuit metadata with public input count
-     * @returns SolanaProofData ready for on-chain verification
-     */
-    formatProof(proofData: ProofData, circuit: CompiledCircuit, metadata: CircuitMetadata): Promise<SolanaProofData>;
-    /**
-     * Get Solana-specific metadata for a circuit.
-     *
-     * @param publicInputCount - Number of public inputs in the circuit
-     * @returns Solana metadata with account size and rent estimates
-     */
-    getChainMetadata(publicInputCount: number): SolanaChainMetadata;
-    /**
-     * Calculate the size of a VK account for a given number of public inputs.
-     * Matches the Rust `vk_account_size` function in the Solana program.
-     */
-    private calculateVkAccountSize;
-    /**
-     * Calculate the minimum rent for a VK account.
-     */
-    private calculateVkAccountRent;
-    /**
-     * Convert Uint8Array to base64 string.
-     */
-    private uint8ArrayToBase64;
-    /**
-     * Convert hex string to Uint8Array.
-     */
-    private hexToBytes;
-}
-
 /**
  * R1csBuilder - Generates R1CS constraints from ParsedCircuit
  *
@@ -88,6 +34,28 @@ interface R1csConstraint {
     b: [string, number][];
     c: [string, number][];
 }
+/**
+ * Auxiliary witness computation instruction
+ * Tells the prover how to compute auxiliary witnesses from input witnesses
+ */
+interface AuxWitnessComputation {
+    /** Type of computation */
+    type: 'subtract' | 'bit_decompose';
+    /** Witness index to compute */
+    targetIdx: number;
+    /** For 'subtract': left operand witness index */
+    leftIdx?: number;
+    /** For 'subtract': right operand witness index */
+    rightIdx?: number;
+    /** For 'subtract': additional constant offset to subtract (e.g., -1 for > operator) */
+    offset?: number;
+    /** For 'bit_decompose': source value witness index */
+    sourceIdx?: number;
+    /** For 'bit_decompose': array of bit witness indices (LSB first) */
+    bitIndices?: number[];
+    /** For 'bit_decompose': number of bits */
+    numBits?: number;
+}
 /**
  * Complete R1CS definition for arkworks-groth16-wasm
  */
@@ -96,6 +64,8 @@ interface R1csDefinition {
     public_inputs: number[];
     private_inputs: number[];
     constraints: R1csConstraint[];
+    /** Instructions for computing auxiliary witnesses */
+    auxWitnessComputations?: AuxWitnessComputation[];
 }
 /**
  * Builds R1CS constraints from a ParsedCircuit
@@ -107,7 +77,9 @@ declare class R1csBuilder {
     private nextWitnessIdx;
     private publicIndices;
     private privateIndices;
+    private auxWitnessComputations;
     private readonly NEG_ONE;
+    private readonly COMPARISON_BITS;
     constructor(parsedCircuit: ParsedCircuit);
     /**
      * Build R1CS definition from the parsed circuit
@@ -156,6 +128,31 @@ declare class R1csBuilder {
      * R1CS: (a - b) * 1 = c
      */
     private processSubtractionEquality;
+    /**
+     * Process greater than or equal: assert(a >= b)
+     * Uses bit decomposition to prove that a - b is non-negative.
+     *
+     * The approach:
+     * 1. Create diff = a - b
+     * 2. Decompose diff into COMPARISON_BITS bits
+     * 3. For each bit: bit_i * (1 - bit_i) = 0 (ensures 0 or 1)
+     * 4. Sum of bits * powers of 2 = diff
+     *
+     * If decomposition succeeds, diff is in [0, 2^COMPARISON_BITS - 1], so a >= b
+     */
+    private processGreaterThanOrEqual;
+    /**
+     * Process greater than: assert(a > b)
+     * Equivalent to assert(a - b - 1 >= 0), or assert(a >= b + 1)
+     */
+    private processGreaterThan;
+    /**
+     * Add bit decomposition constraints for a value.
+     * Creates COMPARISON_BITS witnesses for the bits and constrains:
+     * 1. Each bit is 0 or 1: bit * (1 - bit) = 0
+     * 2. Sum of bits * 2^i = value
+     */
+    private addBitDecompositionConstraints;
     /**
      * Process a variable declaration: let x = expr
      * Creates a new witness for x and adds constraint if needed
@@ -176,6 +173,60 @@ declare class R1csBuilder {
     private getOrCreateWitness;
 }
 
+/**
+ * Formatter for Solana-compatible proof data.
+ *
+ * Converts generic ProofData into SolanaProofData format with:
+ * - Verifying key in gnark format (compatible with gnark-verifier-solana)
+ * - Proof bytes (256 bytes Groth16)
+ * - Public inputs as 32-byte arrays
+ * - VK account size and rent estimates
+ *
+ * @example
+ * ```typescript
+ * const formatter = new SolanaFormatter(arkworksProvider);
+ * const solanaProof = await formatter.formatProof(proofData, circuit, metadata);
+ * ```
+ */
+declare class SolanaFormatter implements IChainFormatter<'solana'> {
+    private arkworksProvider;
+    readonly chainId: "solana";
+    constructor(arkworksProvider: ArkworksWasm);
+    /**
+     * Format a generic proof for Solana on-chain verification.
+     *
+     * @param proofData - Generic proof data from Arkworks
+     * @param circuit - The compiled circuit (must be Arkworks circuit)
+     * @param metadata - Circuit metadata with public input count
+     * @returns SolanaProofData ready for on-chain verification
+     */
+    formatProof(proofData: ProofData, circuit: CompiledCircuit, metadata: CircuitMetadata): Promise<SolanaProofData>;
+    /**
+     * Get Solana-specific metadata for a circuit.
+     *
+     * @param publicInputCount - Number of public inputs in the circuit
+     * @returns Solana metadata with account size and rent estimates
+     */
+    getChainMetadata(publicInputCount: number): SolanaChainMetadata;
+    /**
+     * Calculate the size of a VK account for a given number of public inputs.
+     * Matches the Rust `vk_account_size` function in the Solana program.
+     */
+    private calculateVkAccountSize;
+    /**
+     * Calculate the minimum rent for a VK account.
+     */
+    private calculateVkAccountRent;
+    /**
+     * Convert Uint8Array to base64 string.
+     */
+    private uint8ArrayToBase64;
+    /**
+     * Convert hex string to Uint8Array.
+     */
+    private hexToBytes;
+}
+
 interface IParser {
     parse(fn: CircuitFunction, publicInputs: InputValue[], privateInputs: InputValue[]): ParsedCircuit;
 }