Merge branch 'master' of github.com:iden3/circomlib

2026-02-06 18:56:43 +01:00 · 2019-06-04 17:36:54 +02:00
parent c4490b2ce9 d91afa804a
commit 154a9bcbae
8 changed files with 183 additions and 48 deletions
--- a/circuits/README.md
+++ b/circuits/README.md
@@ -0,0 +1,14 @@
+* compconstant - Returns 1 if `in` (expanded to binary array) > `ct`
+* aliascheck - check if `in` (expanded to binary array) oveflowed its 254 bits (<= -1)
+* babyjub - twisted Edwards curve 168700.x^2 + y^2 = 1 + 168696.x^2.y^2
+  * BabyAdd - (`xout`,`yout`) = (`x1`,`y1`) + (`x2`,`y2`)
+  * BabyDbl - (`xout`,`yout`) = 2*(`x`,`y`)
+  * BabyCheck - check that (`x`,`y`) is on the curve
+* binsub - binary subtraction
+* gates - logical gates
+* mimc - SNARK-friendly hash Minimal Multiplicative Complexity.
+  * https://eprint.iacr.org/2016/492.pdf
+  * zcash/zcash#2233
+* smt - Sparse Merkle Tree
+  * https://ethresear.ch/t/optimizing-sparse-merkle-trees/3751
+* montgomery https://en.wikipedia.org/wiki/Montgomery_curve
--- a/circuits/babyjub.circom
+++ b/circuits/babyjub.circom
@@ -17,6 +17,9 @@
    along with circom. If not, see <https://www.gnu.org/licenses/>.
 */

+include "bitify.circom";
+include "escalarmulfix.circom";
+
 template BabyAdd() {
    signal input x1;
    signal input y1;
@@ -77,3 +80,27 @@ template BabyCheck() {

    a*x2 + y2 === 1 + d*x2*y2;
 }
+
+// Extracts the public key from private key
+template BabyPbk() {
+    signal private input  in;
+    signal         output Ax;
+    signal         output Ay;
+
+    var BASE8 = [
+        17777552123799933955779906779655732241715742912184938656739573121738514868268,
+        2626589144620713026669568689430873010625803728049924121243784502389097019475
+    ];
+
+    component pvkBits = Num2Bits(253);
+    pvkBits.in <== in;
+
+    component mulFix = EscalarMulFix(253, BASE8);
+
+    var i;
+    for (i=0; i<253; i++) {
+        mulFix.e[i] <== pvkBits.out[i];
+    }
+    Ax  <== mulFix.out[0];
+    Ay  <== mulFix.out[1];
+}
--- a/circuits/multiplexer.circom
+++ b/circuits/multiplexer.circom
@@ -90,12 +90,17 @@ template Decoder(w) {
 }


-template Multiplexor(wIn, nIn) {
+template Multiplexer(wIn, nIn) {
    signal input inp[nIn][wIn];
    signal input sel;
    signal output out[wIn];
-    component Decoder(nIn) dec;
-    component EscalarProduct(nIn) ep[wIn];
+    component dec = Decoder(nIn);
+    component ep[wIn];
+
+    for (var k=0; k<wIn; k++) {
+        ep[k] = EscalarProduct(nIn);
+    }
+
    sel ==> dec.inp;
    for (var j=0; j<wIn; j++) {
        for (var k=0; k<nIn; k++) {
@@ -106,7 +111,3 @@ template Multiplexor(wIn, nIn) {
    }
    dec.success === 1;
 }
-
-component Multiplexor(8,3) main;
-
-