@solarity/zkit 0.1.0

package/src/core/templates/verifier_groth16.sol.ejs

@@ -0,0 +1,164 @@
+// SPDX-License-Identifier: MIT
+pragma solidity >=0.7.0 <0.9.0;
+
+contract <%=verifier_id%> {
+    /// @dev Base field size
+    uint256 public constant BASE_FIELD_SIZE =
+        21888242871839275222246405745257275088696311157297823662689037894645226208583;
+
+    /// @dev Verification Key data
+    uint256 public constant ALPHA_X =
+        <%=vk_alpha_1[0]%>;
+    uint256 public constant ALPHA_Y =
+        <%=vk_alpha_1[1]%>;
+    uint256 public constant BETA_X1 =
+        <%=vk_beta_2[0][1]%>;
+    uint256 public constant BETA_X2 =
+        <%=vk_beta_2[0][0]%>;
+    uint256 public constant BETA_Y1 =
+        <%=vk_beta_2[1][1]%>;
+    uint256 public constant BETA_Y2 =
+        <%=vk_beta_2[1][0]%>;
+    uint256 public constant GAMMA_X1 =
+        <%=vk_gamma_2[0][1]%>;
+    uint256 public constant GAMMA_X2 =
+        <%=vk_gamma_2[0][0]%>;
+    uint256 public constant GAMMA_Y1 =
+        <%=vk_gamma_2[1][1]%>;
+    uint256 public constant GAMMA_Y2 =
+        <%=vk_gamma_2[1][0]%>;
+    uint256 public constant DELTA_X1 =
+        <%=vk_delta_2[0][1]%>;
+    uint256 public constant DELTA_X2 =
+        <%=vk_delta_2[0][0]%>;
+    uint256 public constant DELTA_Y1 =
+        <%=vk_delta_2[1][1]%>;
+    uint256 public constant DELTA_Y2 =
+        <%=vk_delta_2[1][0] -%>;
+
+    <% for (let i=0; i<IC.length; i++) { %>uint256 public constant IC<%=i%>_X =
+        <%=IC[i][0]%>;
+    uint256 public constant IC<%=i%>_Y =
+        <%=IC[i][1]%>;
+    <% } -%>
+
+    /// @dev Memory data
+    uint16 public constant P_VK = 0;
+    uint16 public constant P_PAIRING = 128;
+    uint16 public constant P_LAST_MEM = 896;
+
+    function verifyProof(
+        uint256[2] calldata pA_,
+        uint256[2][2] calldata pB_,
+        uint256[2] calldata pC_,
+        uint256[<%=IC.length-1%>] calldata pubSignals_
+    ) public view returns (bool) {
+        assembly {
+            function checkField(v) {
+                if iszero(lt(v, BASE_FIELD_SIZE)) {
+                    mstore(0, 0)
+                    return(0, 0x20)
+                }
+            }
+
+            /// @dev G1 function to multiply a G1 value(x,y) to value in an address
+            function g1MulAccC(pR, x, y, s) {
+                let success
+                let mIn := mload(0x40)
+
+                mstore(mIn, x)
+                mstore(add(mIn, 32), y)
+                mstore(add(mIn, 64), s)
+
+                success := staticcall(sub(gas(), 2000), 7, mIn, 96, mIn, 64)
+
+                if iszero(success) {
+                    mstore(0, 0)
+                    return(0, 0x20)
+                }
+
+                mstore(add(mIn, 64), mload(pR))
+                mstore(add(mIn, 96), mload(add(pR, 32)))
+
+                success := staticcall(sub(gas(), 2000), 6, mIn, 128, pR, 64)
+
+                if iszero(success) {
+                    mstore(0, 0)
+                    return(0, 0x20)
+                }
+            }
+
+            function checkPairing(pA, pB, pC, pubSignals, pMem) -> isOk {
+                let pPairing_ := add(pMem, P_PAIRING)
+                let pVk_ := add(pMem, P_VK)
+
+                mstore(pVk_, IC0_X)
+                mstore(add(pVk_, 32), IC0_Y)
+
+                /// @dev Compute the linear combination vk_x
+                <% for (let i = 1; i <= nPublic; i++) { %>g1MulAccC(pVk_, IC<%=i%>_X, IC<%=i%>_Y, calldataload(add(pubSignals, <%=(i-1)*32%>)))
+                <% } -%>
+
+                /// @dev -A
+                mstore(pPairing_, calldataload(pA))
+                mstore(
+                    add(pPairing_, 32),
+                    mod(sub(BASE_FIELD_SIZE, calldataload(add(pA, 32))), BASE_FIELD_SIZE)
+                )
+
+                /// @dev B
+                mstore(add(pPairing_, 64), calldataload(pB))
+                mstore(add(pPairing_, 96), calldataload(add(pB, 32)))
+                mstore(add(pPairing_, 128), calldataload(add(pB, 64)))
+                mstore(add(pPairing_, 160), calldataload(add(pB, 96)))
+
+                /// @dev alpha1
+                mstore(add(pPairing_, 192), ALPHA_X)
+                mstore(add(pPairing_, 224), ALPHA_Y)
+
+                /// @dev beta2
+                mstore(add(pPairing_, 256), BETA_X1)
+                mstore(add(pPairing_, 288), BETA_X2)
+                mstore(add(pPairing_, 320), BETA_Y1)
+                mstore(add(pPairing_, 352), BETA_Y2)
+
+                /// @dev vk_x
+                mstore(add(pPairing_, 384), mload(add(pMem, P_VK)))
+                mstore(add(pPairing_, 416), mload(add(pMem, add(P_VK, 32))))
+
+                /// @dev gamma2
+                mstore(add(pPairing_, 448), GAMMA_X1)
+                mstore(add(pPairing_, 480), GAMMA_X2)
+                mstore(add(pPairing_, 512), GAMMA_Y1)
+                mstore(add(pPairing_, 544), GAMMA_Y2)
+
+                /// @dev C
+                mstore(add(pPairing_, 576), calldataload(pC))
+                mstore(add(pPairing_, 608), calldataload(add(pC, 32)))
+
+                /// @dev delta2
+                mstore(add(pPairing_, 640), DELTA_X1)
+                mstore(add(pPairing_, 672), DELTA_X2)
+                mstore(add(pPairing_, 704), DELTA_Y1)
+                mstore(add(pPairing_, 736), DELTA_Y2)
+
+                let success_ := staticcall(sub(gas(), 2000), 8, pPairing_, 768, pPairing_, 0x20)
+
+                isOk := and(success_, mload(pPairing_))
+            }
+
+            let pMem_ := mload(0x40)
+            mstore(0x40, add(pMem_, P_LAST_MEM))
+
+            /// @dev Validate that all evaluations ∈ F
+            <% for (let i = 0; i < IC.length; i++) { %>checkField(calldataload(add(pubSignals_, <%=i*32%>)))
+            <% } -%>
+
+            /// @dev Validate all evaluations
+            let isValid := checkPairing(pA_, pB_, pC_, pubSignals_, pMem_)
+
+            mstore(0, isValid)
+            return(0, 0x20)
+        }
+    }
+}

package/src/index.ts

@@ -0,0 +1,7 @@
+export * from "./core/CircomZKit";
+export * from "./core/CircuitZKit";
+export * from "./core/ManagerZKit";
+
+export { NumericString, PublicSignals, Groth16Proof, Calldata, ProofStruct, Inputs, CircuitInfo } from "./types/types";
+
+export { CompileOptions, ManagerZKitConfig, defaultCompileOptions, defaultManagerOptions } from "./config/config";

package/src/types/types.ts

@@ -0,0 +1,43 @@
+export type NumericString = `${number}` | string;
+
+export type PublicSignals = NumericString[];
+
+export type Groth16Proof = {
+  pi_a: [NumericString, NumericString];
+  pi_b: [[NumericString, NumericString], [NumericString, NumericString]];
+  pi_c: [NumericString, NumericString];
+  protocol: string;
+  curve: string;
+};
+
+export type Calldata = [
+  [NumericString, NumericString],
+  [[NumericString, NumericString], [NumericString, NumericString]],
+  [NumericString, NumericString],
+  [NumericString],
+];
+
+export type ProofStruct = {
+  proof: Groth16Proof;
+  publicSignals: PublicSignals;
+};
+
+export type NumberLike = number | bigint | string;
+export type ArrayLike = NumberLike[] | ArrayLike[];
+export type InputLike = NumberLike | ArrayLike;
+
+export type Inputs = Record<string, InputLike>;
+
+export type CircuitInfo = {
+  path: string;
+  id: string | null;
+};
+
+export type FileType = "r1cs" | "zkey" | "vkey" | "sym" | "json" | "wasm" | "sol";
+export type DirType = "circuit" | "artifact" | "verifier";
+export type TemplateType = "groth16";
+
+export type PtauInfo = {
+  file: string;
+  url: string | null;
+};

package/src/utils/utils.ts

@@ -0,0 +1,60 @@
+import fs from "fs";
+import path from "path";
+import https from "https";
+
+/**
+ * Reads a directory recursively and calls the callback for each file.
+ *
+ * @dev After Node.js 20.0.0 the `recursive` option is available.
+ *
+ * @param {string} dir - The directory to read.
+ * @param {(dir: string, file: string) => void} callback - The callback function.
+ */
+export function readDirRecursively(dir: string, callback: (dir: string, file: string) => void): void {
+  if (!fs.existsSync(dir)) {
+    return;
+  }
+
+  const entries = fs.readdirSync(dir, { withFileTypes: true });
+
+  for (const entry of entries) {
+    const entryPath = path.join(dir, entry.name);
+
+    if (entry.isDirectory()) {
+      readDirRecursively(entryPath, callback);
+    }
+
+    if (entry.isFile()) {
+      callback(dir, entryPath);
+    }
+  }
+}
+
+/**
+ * Downloads a file from the specified URL.
+ *
+ * @param {string} file - The path to save the file to.
+ * @param {string} url - The URL to download the file from.
+ * @returns {Promise<boolean>} Whether the file was downloaded successfully.
+ */
+export async function downloadFile(file: string, url: string): Promise<boolean> {
+  const fileStream = fs.createWriteStream(file);
+
+  return new Promise((resolve, reject) => {
+    const request = https.get(url, (response) => {
+      response.pipe(fileStream);
+    });
+
+    fileStream.on("finish", () => resolve(true));
+
+    request.on("error", (err) => {
+      fs.unlink(file, () => reject(err));
+    });
+
+    fileStream.on("error", (err) => {
+      fs.unlink(file, () => reject(err));
+    });
+
+    request.end();
+  });
+}