@solarity/zkit 0.3.7-rc.2 → 0.3.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +9 -3
- package/dist/core/templates/verifier_groth16.sol.ejs +35 -47
- package/dist/core/templates/verifier_plonk.sol.ejs +1 -1
- package/dist/utils/index.d.ts +1 -12
- package/dist/utils/index.d.ts.map +1 -1
- package/dist/utils/index.js +1 -52
- package/dist/utils/index.js.map +1 -1
- package/dist/utils/protocol-utils.d.ts +13 -0
- package/dist/utils/protocol-utils.d.ts.map +1 -0
- package/dist/utils/protocol-utils.js +66 -0
- package/dist/utils/protocol-utils.js.map +1 -0
- package/package.json +5 -5
- package/src/core/templates/verifier_groth16.sol.ejs +35 -47
- package/src/core/templates/verifier_plonk.sol.ejs +1 -1
- package/src/utils/index.ts +1 -32
- package/src/utils/protocol-utils.ts +31 -0
package/README.md
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
[](https://www.npmjs.com/package/@solarity/zkit)
|
|
2
2
|
[](https://opensource.org/licenses/MIT)
|
|
3
|
+
[](https://github.com/dl-solarity/zkit/actions/workflows/tests.yml)
|
|
3
4
|
|
|
4
5
|
# ZKit - Circom Zero Knowledge Kit
|
|
5
6
|
|
|
@@ -9,6 +10,7 @@
|
|
|
9
10
|
- Leverage `groth16` and `plonk` proving systems.
|
|
10
11
|
- Render optimized Solidity | Vyper verifiers.
|
|
11
12
|
- Build and work with ZK witnesses.
|
|
13
|
+
- Substitute witness signals for advanced circuits testing.
|
|
12
14
|
|
|
13
15
|
## Installation
|
|
14
16
|
|
|
@@ -62,18 +64,22 @@ await circuit.createVerifier("sol");
|
|
|
62
64
|
await circuit.createVerifier("sol", "_suffix_");
|
|
63
65
|
```
|
|
64
66
|
|
|
65
|
-
- **`async calculateWitness(inputs) -> bigint[]`**
|
|
67
|
+
- **`async calculateWitness(inputs, witnessOverrides?) -> bigint[]`**
|
|
66
68
|
|
|
67
69
|
Calculates a witness in the `tmp` directory and returns its json representation.
|
|
70
|
+
An optional `witnessOverrides` parameter can be provided to replace specific signal values in the generated witness file.
|
|
68
71
|
|
|
69
72
|
```typescript
|
|
70
73
|
/// witness = [1n, 200n, 20n, 10n]
|
|
71
74
|
const witness = await circuit.calculateWitness({ a: 10, b: 20 });
|
|
75
|
+
|
|
76
|
+
/// witness = [1n, 200n, 35n, 10n]
|
|
77
|
+
const witness = await circuit.calculateWitness({ a: 10, b: 20 }, { "main.a": 35 });
|
|
72
78
|
```
|
|
73
79
|
|
|
74
|
-
- **`async generateProof(inputs) -> proof`**
|
|
80
|
+
- **`async generateProof(inputs, witnessOverrides?) -> proof`**
|
|
75
81
|
|
|
76
|
-
Generates a proof for the given inputs
|
|
82
|
+
Generates a proof for the given `inputs` and `witnessOverrides`.
|
|
77
83
|
|
|
78
84
|
```typescript
|
|
79
85
|
/// { proof: { pi_a, pi_b, pi_c, protocol, curve }, publicSignals: [6] }
|
|
@@ -48,9 +48,8 @@ contract <%=verifier_id%> {
|
|
|
48
48
|
<%=IC[i][1]%>;
|
|
49
49
|
<% } -%>
|
|
50
50
|
|
|
51
|
-
/// @dev memory pointer
|
|
52
|
-
|
|
53
|
-
uint16 public constant P_TOTAL_SIZE = 896;
|
|
51
|
+
/// @dev memory pointer size
|
|
52
|
+
uint256 public constant P_TOTAL_SIZE = 768;
|
|
54
53
|
|
|
55
54
|
function verifyProof(
|
|
56
55
|
uint256[2] memory pointA_,
|
|
@@ -63,30 +62,23 @@ contract <%=verifier_id%> {
|
|
|
63
62
|
res_ := lt(signal_, SCALAR_FIELD_SIZE)
|
|
64
63
|
}
|
|
65
64
|
|
|
66
|
-
function g1MulAdd(
|
|
67
|
-
|
|
65
|
+
function g1MulAdd(pointer_, x_, y_, s_) -> res_ {
|
|
66
|
+
mstore(add(pointer_, 64), x_)
|
|
67
|
+
mstore(add(pointer_, 96), y_)
|
|
68
|
+
mstore(add(pointer_, 128), s_)
|
|
68
69
|
|
|
69
|
-
|
|
70
|
-
mstore(add(pointer_, 32), y_)
|
|
71
|
-
mstore(add(pointer_, 64), s_)
|
|
72
|
-
|
|
73
|
-
res_ := staticcall(6000, 7, pointer_, 96, pointer_, 64) // ecMul
|
|
70
|
+
res_ := staticcall(6000, 7, add(pointer_, 64), 96, add(pointer_, 64), 64) // ecMul
|
|
74
71
|
res_ := and(res_, gt(returndatasize(), 0)) // check that multiplication succeeded
|
|
75
72
|
|
|
76
73
|
if iszero(res_) {
|
|
77
74
|
leave
|
|
78
75
|
}
|
|
79
76
|
|
|
80
|
-
|
|
81
|
-
mstore(add(pointer_, 96), mload(add(pR_, 32)))
|
|
82
|
-
|
|
83
|
-
res_ := staticcall(150, 6, pointer_, 128, pR_, 64) // ecAdd
|
|
77
|
+
res_ := staticcall(150, 6, pointer_, 128, pointer_, 64) // ecAdd
|
|
84
78
|
res_ := and(res_, gt(returndatasize(), 0)) // check that addition succeeded
|
|
85
79
|
}
|
|
86
80
|
|
|
87
81
|
function checkPairing(pA_, pB_, pC_, pubSignals_, pointer_) -> res_ {
|
|
88
|
-
let pPairing_ := add(pointer_, P_PUBLIC_SIGNALS_ACCUMULATOR_SIZE)
|
|
89
|
-
|
|
90
82
|
mstore(pointer_, IC0_X)
|
|
91
83
|
mstore(add(pointer_, 32), IC0_Y)
|
|
92
84
|
|
|
@@ -96,51 +88,47 @@ contract <%=verifier_id%> {
|
|
|
96
88
|
}
|
|
97
89
|
<% } -%>
|
|
98
90
|
|
|
91
|
+
/// @dev gamma2
|
|
92
|
+
mstore(add(pointer_, 64), GAMMA_X1)
|
|
93
|
+
mstore(add(pointer_, 96), GAMMA_X2)
|
|
94
|
+
mstore(add(pointer_, 128), GAMMA_Y1)
|
|
95
|
+
mstore(add(pointer_, 160), GAMMA_Y2)
|
|
96
|
+
|
|
99
97
|
/// @dev -A
|
|
100
|
-
mstore(
|
|
98
|
+
mstore(add(pointer_, 192), mload(pA_))
|
|
101
99
|
mstore(
|
|
102
|
-
add(
|
|
100
|
+
add(pointer_, 224),
|
|
103
101
|
mod(sub(BASE_FIELD_SIZE, mload(add(pA_, 32))), BASE_FIELD_SIZE)
|
|
104
102
|
)
|
|
105
103
|
|
|
106
104
|
/// @dev B
|
|
107
|
-
mstore(add(
|
|
108
|
-
mstore(add(
|
|
109
|
-
mstore(add(
|
|
110
|
-
mstore(add(
|
|
105
|
+
mstore(add(pointer_, 256), mload(mload(pB_)))
|
|
106
|
+
mstore(add(pointer_, 288), mload(add(mload(pB_), 32)))
|
|
107
|
+
mstore(add(pointer_, 320), mload(mload(add(pB_, 32))))
|
|
108
|
+
mstore(add(pointer_, 352), mload(add(mload(add(pB_, 32)), 32)))
|
|
111
109
|
|
|
112
110
|
/// @dev alpha1
|
|
113
|
-
mstore(add(
|
|
114
|
-
mstore(add(
|
|
111
|
+
mstore(add(pointer_, 384), ALPHA_X)
|
|
112
|
+
mstore(add(pointer_, 416), ALPHA_Y)
|
|
115
113
|
|
|
116
114
|
/// @dev beta2
|
|
117
|
-
mstore(add(
|
|
118
|
-
mstore(add(
|
|
119
|
-
mstore(add(
|
|
120
|
-
mstore(add(
|
|
121
|
-
|
|
122
|
-
/// @dev public signals
|
|
123
|
-
mstore(add(pPairing_, 384), mload(pointer_))
|
|
124
|
-
mstore(add(pPairing_, 416), mload(add(pointer_, 32)))
|
|
125
|
-
|
|
126
|
-
/// @dev gamma2
|
|
127
|
-
mstore(add(pPairing_, 448), GAMMA_X1)
|
|
128
|
-
mstore(add(pPairing_, 480), GAMMA_X2)
|
|
129
|
-
mstore(add(pPairing_, 512), GAMMA_Y1)
|
|
130
|
-
mstore(add(pPairing_, 544), GAMMA_Y2)
|
|
115
|
+
mstore(add(pointer_, 448), BETA_X1)
|
|
116
|
+
mstore(add(pointer_, 480), BETA_X2)
|
|
117
|
+
mstore(add(pointer_, 512), BETA_Y1)
|
|
118
|
+
mstore(add(pointer_, 544), BETA_Y2)
|
|
131
119
|
|
|
132
120
|
/// @dev C
|
|
133
|
-
mstore(add(
|
|
134
|
-
mstore(add(
|
|
121
|
+
mstore(add(pointer_, 576), mload(pC_))
|
|
122
|
+
mstore(add(pointer_, 608), mload(add(pC_, 32)))
|
|
135
123
|
|
|
136
124
|
/// @dev delta2
|
|
137
|
-
mstore(add(
|
|
138
|
-
mstore(add(
|
|
139
|
-
mstore(add(
|
|
140
|
-
mstore(add(
|
|
125
|
+
mstore(add(pointer_, 640), DELTA_X1)
|
|
126
|
+
mstore(add(pointer_, 672), DELTA_X2)
|
|
127
|
+
mstore(add(pointer_, 704), DELTA_Y1)
|
|
128
|
+
mstore(add(pointer_, 736), DELTA_Y2)
|
|
141
129
|
|
|
142
|
-
res_ := staticcall(181000, 8,
|
|
143
|
-
res_ := and(res_, mload(
|
|
130
|
+
res_ := staticcall(181000, 8, pointer_, 768, pointer_, 32) // ecPairing
|
|
131
|
+
res_ := and(res_, mload(pointer_)) // check that pairing succeeded
|
|
144
132
|
}
|
|
145
133
|
|
|
146
134
|
let pointer_ := mload(64) // free pointer
|
|
@@ -152,7 +140,7 @@ contract <%=verifier_id%> {
|
|
|
152
140
|
<% } -%>
|
|
153
141
|
|
|
154
142
|
/// @dev check pairings
|
|
155
|
-
if
|
|
143
|
+
if verified_ {
|
|
156
144
|
verified_ := checkPairing(pointA_, pointB_, pointC_, publicSignals_, pointer_)
|
|
157
145
|
}
|
|
158
146
|
}
|
|
@@ -761,7 +761,7 @@ contract <%=verifier_id%> {
|
|
|
761
761
|
verified_ := checkInput(proofArr_)
|
|
762
762
|
|
|
763
763
|
/// @dev check pairings
|
|
764
|
-
if
|
|
764
|
+
if verified_ {
|
|
765
765
|
calculateChallenges(pointer_, proofArr_, publicSignals_)
|
|
766
766
|
calculateLagrange(pointer_)
|
|
767
767
|
calculatePI(pointer_, publicSignals_)
|
package/dist/utils/index.d.ts
CHANGED
|
@@ -1,14 +1,3 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Terminates the BN128 curve instance used by SnarkJS.
|
|
3
|
-
*/
|
|
4
|
-
export declare function terminateCurve(): Promise<void>;
|
|
5
|
-
/**
|
|
6
|
-
* Returns the path to the temporary directory used by ZKit.
|
|
7
|
-
*
|
|
8
|
-
* Creates the directory if it does not exist.
|
|
9
|
-
*
|
|
10
|
-
* @returns {string} The path to the temporary `.zkit` directory inside the OS temp folder.
|
|
11
|
-
*/
|
|
12
|
-
export declare function getTmpDir(): string;
|
|
13
1
|
export * from "./witness-utils";
|
|
2
|
+
export * from "./protocol-utils";
|
|
14
3
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC;AAChC,cAAc,kBAAkB,CAAC"}
|
package/dist/utils/index.js
CHANGED
|
@@ -10,61 +10,10 @@ var __createBinding = (this && this.__createBinding) || (Object.create ? (functi
|
|
|
10
10
|
if (k2 === undefined) k2 = k;
|
|
11
11
|
o[k2] = m[k];
|
|
12
12
|
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
-
var ownKeys = function(o) {
|
|
20
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
-
var ar = [];
|
|
22
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
-
return ar;
|
|
24
|
-
};
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
35
13
|
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
36
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
37
15
|
};
|
|
38
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
39
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
40
|
-
};
|
|
41
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
-
exports.terminateCurve = terminateCurve;
|
|
43
|
-
exports.getTmpDir = getTmpDir;
|
|
44
|
-
const os_1 = __importDefault(require("os"));
|
|
45
|
-
const fs_1 = __importDefault(require("fs"));
|
|
46
|
-
const path_1 = __importDefault(require("path"));
|
|
47
|
-
const constants_1 = require("../constants");
|
|
48
|
-
const snarkjs = __importStar(require("snarkjs"));
|
|
49
|
-
/**
|
|
50
|
-
* Terminates the BN128 curve instance used by SnarkJS.
|
|
51
|
-
*/
|
|
52
|
-
async function terminateCurve() {
|
|
53
|
-
await (await snarkjs.curves.getCurveFromName(constants_1.BN128_CURVE_NAME)).terminate();
|
|
54
|
-
}
|
|
55
|
-
/**
|
|
56
|
-
* Returns the path to the temporary directory used by ZKit.
|
|
57
|
-
*
|
|
58
|
-
* Creates the directory if it does not exist.
|
|
59
|
-
*
|
|
60
|
-
* @returns {string} The path to the temporary `.zkit` directory inside the OS temp folder.
|
|
61
|
-
*/
|
|
62
|
-
function getTmpDir() {
|
|
63
|
-
const tmpDir = path_1.default.join(os_1.default.tmpdir(), ".zkit");
|
|
64
|
-
if (!fs_1.default.existsSync(tmpDir)) {
|
|
65
|
-
fs_1.default.mkdirSync(tmpDir, { recursive: true });
|
|
66
|
-
}
|
|
67
|
-
return tmpDir;
|
|
68
|
-
}
|
|
69
17
|
__exportStar(require("./witness-utils"), exports);
|
|
18
|
+
__exportStar(require("./protocol-utils"), exports);
|
|
70
19
|
//# sourceMappingURL=index.js.map
|
package/dist/utils/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,kDAAgC;AAChC,mDAAiC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Terminates the BN128 curve instance used by SnarkJS.
|
|
3
|
+
*/
|
|
4
|
+
export declare function terminateCurve(): Promise<void>;
|
|
5
|
+
/**
|
|
6
|
+
* Returns the path to the temporary directory used by ZKit.
|
|
7
|
+
*
|
|
8
|
+
* Creates the directory if it does not exist.
|
|
9
|
+
*
|
|
10
|
+
* @returns {string} The path to the temporary `.zkit` directory inside the OS temp folder.
|
|
11
|
+
*/
|
|
12
|
+
export declare function getTmpDir(): string;
|
|
13
|
+
//# sourceMappingURL=protocol-utils.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protocol-utils.d.ts","sourceRoot":"","sources":["../../src/utils/protocol-utils.ts"],"names":[],"mappings":"AAQA;;GAEG;AACH,wBAAsB,cAAc,kBAEnC;AAED;;;;;;GAMG;AACH,wBAAgB,SAAS,IAAI,MAAM,CAQlC"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
36
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
37
|
+
};
|
|
38
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
+
exports.terminateCurve = terminateCurve;
|
|
40
|
+
exports.getTmpDir = getTmpDir;
|
|
41
|
+
const os_1 = __importDefault(require("os"));
|
|
42
|
+
const fs_1 = __importDefault(require("fs"));
|
|
43
|
+
const path_1 = __importDefault(require("path"));
|
|
44
|
+
const snarkjs = __importStar(require("snarkjs"));
|
|
45
|
+
const constants_1 = require("../constants");
|
|
46
|
+
/**
|
|
47
|
+
* Terminates the BN128 curve instance used by SnarkJS.
|
|
48
|
+
*/
|
|
49
|
+
async function terminateCurve() {
|
|
50
|
+
await (await snarkjs.curves.getCurveFromName(constants_1.BN128_CURVE_NAME)).terminate();
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Returns the path to the temporary directory used by ZKit.
|
|
54
|
+
*
|
|
55
|
+
* Creates the directory if it does not exist.
|
|
56
|
+
*
|
|
57
|
+
* @returns {string} The path to the temporary `.zkit` directory inside the OS temp folder.
|
|
58
|
+
*/
|
|
59
|
+
function getTmpDir() {
|
|
60
|
+
const tmpDir = path_1.default.join(os_1.default.tmpdir(), ".zkit");
|
|
61
|
+
if (!fs_1.default.existsSync(tmpDir)) {
|
|
62
|
+
fs_1.default.mkdirSync(tmpDir, { recursive: true });
|
|
63
|
+
}
|
|
64
|
+
return tmpDir;
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=protocol-utils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"protocol-utils.js","sourceRoot":"","sources":["../../src/utils/protocol-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAWA,wCAEC;AASD,8BAQC;AA9BD,4CAAoB;AACpB,4CAAoB;AACpB,gDAAwB;AAExB,iDAAmC;AAEnC,4CAAgD;AAEhD;;GAEG;AACI,KAAK,UAAU,cAAc;IAClC,MAAM,CAAC,MAAO,OAAe,CAAC,MAAM,CAAC,gBAAgB,CAAC,4BAAgB,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;AACvF,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,SAAS;IACvB,MAAM,MAAM,GAAG,cAAI,CAAC,IAAI,CAAC,YAAE,CAAC,MAAM,EAAE,EAAE,OAAO,CAAC,CAAC;IAE/C,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,YAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@solarity/zkit",
|
|
3
|
-
"version": "0.3.
|
|
3
|
+
"version": "0.3.8",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"author": "Distributed Lab",
|
|
6
6
|
"readme": "README.md",
|
|
@@ -39,10 +39,12 @@
|
|
|
39
39
|
},
|
|
40
40
|
"dependencies": {
|
|
41
41
|
"ejs": "3.1.10",
|
|
42
|
-
"snarkjs": "0.7.5"
|
|
42
|
+
"snarkjs": "0.7.5",
|
|
43
|
+
"@iden3/binfileutils": "0.0.12",
|
|
44
|
+
"ffjavascript": "0.3.1",
|
|
45
|
+
"readline": "1.3.0"
|
|
43
46
|
},
|
|
44
47
|
"devDependencies": {
|
|
45
|
-
"@iden3/binfileutils": "^0.0.12",
|
|
46
48
|
"@nomicfoundation/hardhat-ethers": "3.0.5",
|
|
47
49
|
"@nomiclabs/hardhat-vyper": "^3.0.7",
|
|
48
50
|
"@solarity/solidity-lib": "3.0.0-rc.3",
|
|
@@ -54,13 +56,11 @@
|
|
|
54
56
|
"chai": "^4.4.1",
|
|
55
57
|
"chai-as-promised": "^7.1.1",
|
|
56
58
|
"ethers": "^6.11.1",
|
|
57
|
-
"ffjavascript": "^0.3.1",
|
|
58
59
|
"hardhat": "2.22.7",
|
|
59
60
|
"husky": "^9.0.11",
|
|
60
61
|
"mocha": "^10.3.0",
|
|
61
62
|
"nyc": "^15.1.0",
|
|
62
63
|
"prettier": "^3.2.5",
|
|
63
|
-
"readline": "^1.3.0",
|
|
64
64
|
"ts-node": "^10.9.2",
|
|
65
65
|
"typescript": "^5.4.5"
|
|
66
66
|
}
|
|
@@ -48,9 +48,8 @@ contract <%=verifier_id%> {
|
|
|
48
48
|
<%=IC[i][1]%>;
|
|
49
49
|
<% } -%>
|
|
50
50
|
|
|
51
|
-
/// @dev memory pointer
|
|
52
|
-
|
|
53
|
-
uint16 public constant P_TOTAL_SIZE = 896;
|
|
51
|
+
/// @dev memory pointer size
|
|
52
|
+
uint256 public constant P_TOTAL_SIZE = 768;
|
|
54
53
|
|
|
55
54
|
function verifyProof(
|
|
56
55
|
uint256[2] memory pointA_,
|
|
@@ -63,30 +62,23 @@ contract <%=verifier_id%> {
|
|
|
63
62
|
res_ := lt(signal_, SCALAR_FIELD_SIZE)
|
|
64
63
|
}
|
|
65
64
|
|
|
66
|
-
function g1MulAdd(
|
|
67
|
-
|
|
65
|
+
function g1MulAdd(pointer_, x_, y_, s_) -> res_ {
|
|
66
|
+
mstore(add(pointer_, 64), x_)
|
|
67
|
+
mstore(add(pointer_, 96), y_)
|
|
68
|
+
mstore(add(pointer_, 128), s_)
|
|
68
69
|
|
|
69
|
-
|
|
70
|
-
mstore(add(pointer_, 32), y_)
|
|
71
|
-
mstore(add(pointer_, 64), s_)
|
|
72
|
-
|
|
73
|
-
res_ := staticcall(6000, 7, pointer_, 96, pointer_, 64) // ecMul
|
|
70
|
+
res_ := staticcall(6000, 7, add(pointer_, 64), 96, add(pointer_, 64), 64) // ecMul
|
|
74
71
|
res_ := and(res_, gt(returndatasize(), 0)) // check that multiplication succeeded
|
|
75
72
|
|
|
76
73
|
if iszero(res_) {
|
|
77
74
|
leave
|
|
78
75
|
}
|
|
79
76
|
|
|
80
|
-
|
|
81
|
-
mstore(add(pointer_, 96), mload(add(pR_, 32)))
|
|
82
|
-
|
|
83
|
-
res_ := staticcall(150, 6, pointer_, 128, pR_, 64) // ecAdd
|
|
77
|
+
res_ := staticcall(150, 6, pointer_, 128, pointer_, 64) // ecAdd
|
|
84
78
|
res_ := and(res_, gt(returndatasize(), 0)) // check that addition succeeded
|
|
85
79
|
}
|
|
86
80
|
|
|
87
81
|
function checkPairing(pA_, pB_, pC_, pubSignals_, pointer_) -> res_ {
|
|
88
|
-
let pPairing_ := add(pointer_, P_PUBLIC_SIGNALS_ACCUMULATOR_SIZE)
|
|
89
|
-
|
|
90
82
|
mstore(pointer_, IC0_X)
|
|
91
83
|
mstore(add(pointer_, 32), IC0_Y)
|
|
92
84
|
|
|
@@ -96,51 +88,47 @@ contract <%=verifier_id%> {
|
|
|
96
88
|
}
|
|
97
89
|
<% } -%>
|
|
98
90
|
|
|
91
|
+
/// @dev gamma2
|
|
92
|
+
mstore(add(pointer_, 64), GAMMA_X1)
|
|
93
|
+
mstore(add(pointer_, 96), GAMMA_X2)
|
|
94
|
+
mstore(add(pointer_, 128), GAMMA_Y1)
|
|
95
|
+
mstore(add(pointer_, 160), GAMMA_Y2)
|
|
96
|
+
|
|
99
97
|
/// @dev -A
|
|
100
|
-
mstore(
|
|
98
|
+
mstore(add(pointer_, 192), mload(pA_))
|
|
101
99
|
mstore(
|
|
102
|
-
add(
|
|
100
|
+
add(pointer_, 224),
|
|
103
101
|
mod(sub(BASE_FIELD_SIZE, mload(add(pA_, 32))), BASE_FIELD_SIZE)
|
|
104
102
|
)
|
|
105
103
|
|
|
106
104
|
/// @dev B
|
|
107
|
-
mstore(add(
|
|
108
|
-
mstore(add(
|
|
109
|
-
mstore(add(
|
|
110
|
-
mstore(add(
|
|
105
|
+
mstore(add(pointer_, 256), mload(mload(pB_)))
|
|
106
|
+
mstore(add(pointer_, 288), mload(add(mload(pB_), 32)))
|
|
107
|
+
mstore(add(pointer_, 320), mload(mload(add(pB_, 32))))
|
|
108
|
+
mstore(add(pointer_, 352), mload(add(mload(add(pB_, 32)), 32)))
|
|
111
109
|
|
|
112
110
|
/// @dev alpha1
|
|
113
|
-
mstore(add(
|
|
114
|
-
mstore(add(
|
|
111
|
+
mstore(add(pointer_, 384), ALPHA_X)
|
|
112
|
+
mstore(add(pointer_, 416), ALPHA_Y)
|
|
115
113
|
|
|
116
114
|
/// @dev beta2
|
|
117
|
-
mstore(add(
|
|
118
|
-
mstore(add(
|
|
119
|
-
mstore(add(
|
|
120
|
-
mstore(add(
|
|
121
|
-
|
|
122
|
-
/// @dev public signals
|
|
123
|
-
mstore(add(pPairing_, 384), mload(pointer_))
|
|
124
|
-
mstore(add(pPairing_, 416), mload(add(pointer_, 32)))
|
|
125
|
-
|
|
126
|
-
/// @dev gamma2
|
|
127
|
-
mstore(add(pPairing_, 448), GAMMA_X1)
|
|
128
|
-
mstore(add(pPairing_, 480), GAMMA_X2)
|
|
129
|
-
mstore(add(pPairing_, 512), GAMMA_Y1)
|
|
130
|
-
mstore(add(pPairing_, 544), GAMMA_Y2)
|
|
115
|
+
mstore(add(pointer_, 448), BETA_X1)
|
|
116
|
+
mstore(add(pointer_, 480), BETA_X2)
|
|
117
|
+
mstore(add(pointer_, 512), BETA_Y1)
|
|
118
|
+
mstore(add(pointer_, 544), BETA_Y2)
|
|
131
119
|
|
|
132
120
|
/// @dev C
|
|
133
|
-
mstore(add(
|
|
134
|
-
mstore(add(
|
|
121
|
+
mstore(add(pointer_, 576), mload(pC_))
|
|
122
|
+
mstore(add(pointer_, 608), mload(add(pC_, 32)))
|
|
135
123
|
|
|
136
124
|
/// @dev delta2
|
|
137
|
-
mstore(add(
|
|
138
|
-
mstore(add(
|
|
139
|
-
mstore(add(
|
|
140
|
-
mstore(add(
|
|
125
|
+
mstore(add(pointer_, 640), DELTA_X1)
|
|
126
|
+
mstore(add(pointer_, 672), DELTA_X2)
|
|
127
|
+
mstore(add(pointer_, 704), DELTA_Y1)
|
|
128
|
+
mstore(add(pointer_, 736), DELTA_Y2)
|
|
141
129
|
|
|
142
|
-
res_ := staticcall(181000, 8,
|
|
143
|
-
res_ := and(res_, mload(
|
|
130
|
+
res_ := staticcall(181000, 8, pointer_, 768, pointer_, 32) // ecPairing
|
|
131
|
+
res_ := and(res_, mload(pointer_)) // check that pairing succeeded
|
|
144
132
|
}
|
|
145
133
|
|
|
146
134
|
let pointer_ := mload(64) // free pointer
|
|
@@ -152,7 +140,7 @@ contract <%=verifier_id%> {
|
|
|
152
140
|
<% } -%>
|
|
153
141
|
|
|
154
142
|
/// @dev check pairings
|
|
155
|
-
if
|
|
143
|
+
if verified_ {
|
|
156
144
|
verified_ := checkPairing(pointA_, pointB_, pointC_, publicSignals_, pointer_)
|
|
157
145
|
}
|
|
158
146
|
}
|
|
@@ -761,7 +761,7 @@ contract <%=verifier_id%> {
|
|
|
761
761
|
verified_ := checkInput(proofArr_)
|
|
762
762
|
|
|
763
763
|
/// @dev check pairings
|
|
764
|
-
if
|
|
764
|
+
if verified_ {
|
|
765
765
|
calculateChallenges(pointer_, proofArr_, publicSignals_)
|
|
766
766
|
calculateLagrange(pointer_)
|
|
767
767
|
calculatePI(pointer_, publicSignals_)
|
package/src/utils/index.ts
CHANGED
|
@@ -1,33 +1,2 @@
|
|
|
1
|
-
import os from "os";
|
|
2
|
-
import fs from "fs";
|
|
3
|
-
import path from "path";
|
|
4
|
-
|
|
5
|
-
import { BN128_CURVE_NAME } from "../constants";
|
|
6
|
-
|
|
7
|
-
import * as snarkjs from "snarkjs";
|
|
8
|
-
|
|
9
|
-
/**
|
|
10
|
-
* Terminates the BN128 curve instance used by SnarkJS.
|
|
11
|
-
*/
|
|
12
|
-
export async function terminateCurve() {
|
|
13
|
-
await (await (snarkjs as any).curves.getCurveFromName(BN128_CURVE_NAME)).terminate();
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
/**
|
|
17
|
-
* Returns the path to the temporary directory used by ZKit.
|
|
18
|
-
*
|
|
19
|
-
* Creates the directory if it does not exist.
|
|
20
|
-
*
|
|
21
|
-
* @returns {string} The path to the temporary `.zkit` directory inside the OS temp folder.
|
|
22
|
-
*/
|
|
23
|
-
export function getTmpDir(): string {
|
|
24
|
-
const tmpDir = path.join(os.tmpdir(), ".zkit");
|
|
25
|
-
|
|
26
|
-
if (!fs.existsSync(tmpDir)) {
|
|
27
|
-
fs.mkdirSync(tmpDir, { recursive: true });
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
return tmpDir;
|
|
31
|
-
}
|
|
32
|
-
|
|
33
1
|
export * from "./witness-utils";
|
|
2
|
+
export * from "./protocol-utils";
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import os from "os";
|
|
2
|
+
import fs from "fs";
|
|
3
|
+
import path from "path";
|
|
4
|
+
|
|
5
|
+
import * as snarkjs from "snarkjs";
|
|
6
|
+
|
|
7
|
+
import { BN128_CURVE_NAME } from "../constants";
|
|
8
|
+
|
|
9
|
+
/**
|
|
10
|
+
* Terminates the BN128 curve instance used by SnarkJS.
|
|
11
|
+
*/
|
|
12
|
+
export async function terminateCurve() {
|
|
13
|
+
await (await (snarkjs as any).curves.getCurveFromName(BN128_CURVE_NAME)).terminate();
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
/**
|
|
17
|
+
* Returns the path to the temporary directory used by ZKit.
|
|
18
|
+
*
|
|
19
|
+
* Creates the directory if it does not exist.
|
|
20
|
+
*
|
|
21
|
+
* @returns {string} The path to the temporary `.zkit` directory inside the OS temp folder.
|
|
22
|
+
*/
|
|
23
|
+
export function getTmpDir(): string {
|
|
24
|
+
const tmpDir = path.join(os.tmpdir(), ".zkit");
|
|
25
|
+
|
|
26
|
+
if (!fs.existsSync(tmpDir)) {
|
|
27
|
+
fs.mkdirSync(tmpDir, { recursive: true });
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
return tmpDir;
|
|
31
|
+
}
|