You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

87 lines
2.6 KiB

5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
  1. use crate::Error;
  2. use algebra::PairingEngine;
  3. use groth16::{
  4. create_random_proof, generate_random_parameters, prepare_verifying_key, verify_proof,
  5. Parameters, PreparedVerifyingKey, Proof, VerifyingKey,
  6. };
  7. use r1cs_core::ConstraintSynthesizer;
  8. use rand::Rng;
  9. use algebra::ToConstraintField;
  10. use std::marker::PhantomData;
  11. use super::NIZK;
  12. #[cfg(feature = "r1cs")]
  13. pub mod constraints;
  14. /// Note: V should serialize its contents to `Vec<E::Fr>` in the same order as
  15. /// during the constraint generation.
  16. pub struct Groth16<
  17. E: PairingEngine,
  18. C: ConstraintSynthesizer<E::Fr>,
  19. V: ToConstraintField<E::Fr> + ?Sized,
  20. > {
  21. #[doc(hidden)]
  22. _engine: PhantomData<E>,
  23. #[doc(hidden)]
  24. _circuit: PhantomData<C>,
  25. #[doc(hidden)]
  26. _verifier_input: PhantomData<V>,
  27. }
  28. impl<E: PairingEngine, C: ConstraintSynthesizer<E::Fr>, V: ToConstraintField<E::Fr> + ?Sized> NIZK
  29. for Groth16<E, C, V>
  30. {
  31. type Circuit = C;
  32. type AssignedCircuit = C;
  33. type ProvingParameters = Parameters<E>;
  34. type VerificationParameters = VerifyingKey<E>;
  35. type PreparedVerificationParameters = PreparedVerifyingKey<E>;
  36. type VerifierInput = V;
  37. type Proof = Proof<E>;
  38. fn setup<R: Rng>(
  39. circuit: Self::Circuit,
  40. rng: &mut R,
  41. ) -> Result<
  42. (
  43. Self::ProvingParameters,
  44. Self::PreparedVerificationParameters,
  45. ),
  46. Error,
  47. > {
  48. let nizk_time = start_timer!(|| "{Groth 2016}::Setup");
  49. let pp = generate_random_parameters::<E, Self::Circuit, R>(circuit, rng)?;
  50. let vk = prepare_verifying_key(&pp.vk);
  51. end_timer!(nizk_time);
  52. Ok((pp, vk))
  53. }
  54. fn prove<R: Rng>(
  55. pp: &Self::ProvingParameters,
  56. input_and_witness: Self::AssignedCircuit,
  57. rng: &mut R,
  58. ) -> Result<Self::Proof, Error> {
  59. let proof_time = start_timer!(|| "{Groth 2016}::Prove");
  60. let result = create_random_proof::<E, _, _>(input_and_witness, pp, rng)?;
  61. end_timer!(proof_time);
  62. Ok(result)
  63. }
  64. fn verify(
  65. vk: &Self::PreparedVerificationParameters,
  66. input: &Self::VerifierInput,
  67. proof: &Self::Proof,
  68. ) -> Result<bool, Error> {
  69. let verify_time = start_timer!(|| "{Groth-Maller 2017}::Verify");
  70. let conversion_time = start_timer!(|| "Convert input to E::Fr");
  71. let input = input.to_field_elements()?;
  72. end_timer!(conversion_time);
  73. let verification = start_timer!(|| format!("Verify proof w/ input len: {}", input.len()));
  74. let result = verify_proof(&vk, proof, &input)?;
  75. end_timer!(verification);
  76. end_timer!(verify_time);
  77. Ok(result)
  78. }
  79. }