arnaucube/circomlib
1
0
Fork 0
mirror of https://github.com/arnaucube/circomlib.git synced 2026-02-06 18:56:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

First Version SMT

Browse Source
This commit is contained in:
Jordi Baylina
2018-12-11 17:25:21 +01:00
parent 2d43178c8d
commit 38fc4b7396
15 changed files with 495 additions and 122321 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
circuits/bitify.circom
View File

@@ -18,6 +18,7 @@
*/
include "comparators.circom";
include "aliascheck.circom";
template Num2Bits(n) {
@@ -32,7 +33,20 @@ template Num2Bits(n) {
}
lc1 === in;
}
template Num2Bits_strict() {
signal input in;
signal output out[254];
component aliasCheck = AliasCheck();
component n2b = Num2Bits(254);
in ==> n2b.in;
for (var i=0; i<254; i++) {
n2b.out[i] ==> out[i];
n2b.out[i] ==> aliasCheck.in[i];
}
}
template Bits2Num(n) {
@@ -47,6 +61,21 @@ template Bits2Num(n) {
lc1 ==> out;
}
template Bits2Num_strict() {
signal input in[n];
signal output out;
component aliasCheck = AliasCheck();
component b2n = Bits2Num(254);
for (var i=0; i<254; i++) {
in[i] ==> b2n.in[i];
in[i] ==> aliasCheck.in[i];
}
b2n.out ==> out;
}
template Num2BitsNeg(n) {
signal input in;
signal output out[n];

48
circuits/smt/smthash.circom Normal file
View File

@@ -0,0 +1,48 @@
include "../mimc.circom";
/*
Hash1 = H(1 | key | value)
*/
template SMTHash1() {
signal input key;
signal input value;
signal output out;
component h1 = MiMC7(91); // Constant
h1.x_in <== 0;
h1.k <== 1;
component h2 = MiMC7(91);
h2.x_in <== h1.out;
h2.k <== key;
component h3 = MiMC7(91);
h3.x_in <== h2.out;
h3.k <== value;
out <== h3.out;
}
/*
This component is used to create the 2 nodes.
Hash2 = H(Hl | Hr)
*/
template SMTHash2() {
signal input L;
signal input R;
signal output out;
component h1 = MiMC7(91);
h1.x_in <== 0;
h1.k <== L;
component h2 = MiMC7(91);
h2.x_in <== h1.out;
h2.k <== R;
out <== h2.out;
}

77
circuits/smt/smtinsert.circom
View File

@@ -96,65 +96,72 @@ Insert to a used leaf.
***************************************************************************************************/
include "../node_modules/circom/circuits/gates.circom";
include "../node_modules/circom/circuits/bitify.circom";
include "../gates.circom";
include "../bitify.circom";
include "../comparators.circom";
include "../switcher.circom";
include "smtlevins.circom";
include "smtinsertlevel.circom";
include "smtinsertsm.circom";
include "smthash.circom";
template SMTInsert(nLevels) {
signal input oldRoot;
signal input newRoot;
signal input siblings[nLevels];
signal input oldHKey;
signal input oldHValue;
signal input newHKey;
signal input newHValue;
signal input oldKey;
signal input oldValue;
signal input isOld0;
signal input newKey;
signal input newValue;
component hash1Old = SMTHash1();
hash1Old.l <== oldHKey;
hash1Old.r <== oldHValue;
hash1Old.key <== oldKey;
hash1Old.value <== oldValue;
component hash1New = SMTHash1();
hash1New.l <== newHKey;
hash1New.r <== newHValue;
hash1New.key <== newKey;
hash1New.value <== newValue;
component n2bOld = Num2BinStrinct();
component n2bNew = Num2BinStrinct();
component n2bOld = Num2Bits_strict();
component n2bNew = Num2Bits_strict();
component dmtLevIns = SMTLevIns(nLevels);
for (var i=0; i<nLevels; i++) dmtLevIns.siblings[i] <== siblings[i];
n2bOld.in <== oldKey;
n2bNew.in <== newKey;
component smtLevIns = SMTLevIns(nLevels);
for (var i=0; i<nLevels; i++) smtLevIns.siblings[i] <== siblings[i];
component xors[nLevels];
for (var i=0; i<nLevels; i++) {
xors[i] = XOR();
xors[i].a <== n2bOld.out[i];
xors[i].a <== n2bNew.out[i];
xors[i].b <== n2bNew.out[i];
}
component isOld0 = IsZero();
isOld0.in <== oldHValue;
component sm[nLevels];
for (var i=0; i<sm; i++) {
for (var i=0; i<nLevels; i++) {
sm[i] = SMTInsertSM();
if (i==0) {
sm[i].prevst_top <== 1;
sm[i].prevst_old1 <== 0;
sm[i].prevst_old0 <== 0;
sm[i].prevst_bot <== 0;
sm[i].prevst_new1 <== 0;
sm[i].prevst_na <== 0;
sm[i].prev_top <== 1;
sm[i].prev_old1 <== 0;
sm[i].prev_old0 <== 0;
sm[i].prev_bot <== 0;
sm[i].prev_new1 <== 0;
sm[i].prev_na <== 0;
} else {
sm[i].prevst_top <== sm[i-1].st_top;
sm[i].prevst_old1 <== sm[i-1].st_old1;
sm[i].prevst_old0 <== sm[i-1].st_old0;
sm[i].prevst_bot <== sm[i-1].st_bot;
sm[i].prevst_new1 <== sm[i-1].st_new1;
sm[i].prevst_na <== sm[i-1].st_na;
sm[i].prev_top <== sm[i-1].st_top;
sm[i].prev_old1 <== sm[i-1].st_old1;
sm[i].prev_old0 <== sm[i-1].st_old0;
sm[i].prev_bot <== sm[i-1].st_bot;
sm[i].prev_new1 <== sm[i-1].st_new1;
sm[i].prev_na <== sm[i-1].st_na;
}
sm[i].is0 <== isOld0.out;
sm[i].is0 <== isOld0;
sm[i].xor <== xors[i].out;
sm[i].levIns <== dmtLevIns.out[i];
sm[i].levIns <== smtLevIns.levIns[i];
}
sm[nLevels-1].prevst_na === 1;
sm[nLevels-1].st_na === 1;
component levels[nLevels];
for (var i=nLevels-1; i != -1; i--) {
@@ -171,7 +178,7 @@ template SMTInsert(nLevels) {
levels[i].old1leaf <== hash1Old.out;
levels[i].new1leaf <== hash1New.out;
levels[i].new1lrbit <== n2bNew.out[i];
levels[i].newlrbit <== n2bNew.out[i];
if (i==nLevels-1) {
levels[i].oldChild <== 0;
levels[i].newChild <== 0;

18
circuits/smt/smtinsertlevel.circom
View File

@@ -49,27 +49,27 @@ template SMTInsertLevel() {
// Old side
oldSwitcher.inL <== oldChild;
oldSwitcher.inR <== sibling;
oldSwitcher.L <== oldChild;
oldSwitcher.R <== sibling;
oldSwitcher.sel <== newlrbit;
oldProofHash.L <== oldSwitcher.outL;
oldProofHash.R <== oldSwitcher.outR;
aux[0] <== old1 * st_old1;
aux[0] <== old1leaf * st_old1;
oldRoot <== aux[0] + oldProofHash.out * st_top;
// New side
aux[1] <== newChild * ( st_top + st_old1 + st_but);
oldSwitcher.inL <== aux[1] + new1leaf*st_new1;
aux[1] <== newChild * ( st_top + st_old1 + st_bot);
newSwitcher.L <== aux[1] + new1leaf*st_new1;
aux[2] <== sibling*st_top;
oldSwitcher.inR <== aux[2] + old1leaf*st_new1;
newSwitcher.R <== aux[2] + old1leaf*st_new1;
newProofHash.sel <== newlrbit;
newProofHash.L <== newProofHash.outL;
newProofHash.R <== newProofHash.outR;
newSwitcher.sel <== newlrbit;
newProofHash.L <== newSwitcher.outL;
newProofHash.R <== newSwitcher.outR;
aux[3] <== newProofHash.out * (st_top + st_old1 + st_bot + st_new1);
newRoot <== aux[3] + new1leaf * st_old0;

81
circuits/smt/smtinsertsm.circom
View File

@@ -23,29 +23,37 @@ old and the new trees with just one element.
na: Not appliable. After inserting it, we go to the na level.
Fnction
fnc[0] fnc[1]
0 0 NOP
0 1 UPDATE
1 0 INSERT
1 1 DELETE
###########
levIns==curLevel # #
xor=0 is0=1 ┌────────────▶# old0 #────────┐
┌─────┐ │ ## ## │
│ │ │ ######### │ any
│ ▼ │ │
│ ########### │ │ ###########
│ # # ────────────┘ └────────▶# #
levIns=1 # #
levIns=0 is0=1 ┌────────────▶# old0 #────────┐ any
┌─────┐ │ ## ## │ ┌──────┐
│ │ │ ######### │ any │ │
│ ▼ │ │ ▼ │
│ ########### │ │ ###########
│ # # ────────────┘ └────────▶# #
└──# top # # na #
## ## ────┐ ┌──▶## ##
######### │ │ #########
│ │
│ ########### ########### │ any
levIns==curLevel │ # # xor=1 # # │
levIns=1 │ # # xor=1 # # │
is0=0 └───▶# old1 #─────────────▶# new1 #──┘
## ## ## ##
#########──┐ #########
┌─────┘
any ###########│ xor=1
# #
└─▶# btn #
######### #########
└───┐ ┌─────┘
xor=0 │ ###########│ xor=1
# #
# btn #
## ##
#########◀───────┐
│ │
@@ -55,4 +63,47 @@ na: Not appliable. After inserting it, we go to the na level.
***************************************************************************************************/
state
template SMTInsertSM() {
signal input xor;
signal input is0;
signal input levIns;
signal input fnc[0];
signal input fnc[1];
signal input prev_top;
signal input prev_old0;
signal input prev_old1;
signal input prev_bot;
signal input prev_new1;
signal input prev_na;
signal input prev_upd;
signal output st_top;
signal output st_old0;
signal output st_old1;
signal output st_bot;
signal output st_new1;
signal output st_na;
signal output st_upd;
signal aux1;
signal aux2;
aux1 <== prev_top * levIns;
aux2 <== aux1*is0;
st_top <== prev_top - aux1 // prev_top * (1-levIns) =
// = prev_top - aux1;
st_old0 <== aux2 * fnc[0]; // (prev_top * levIns * is0)*fnc[0] = aux2
st_old1 <== (aux1 - aux2)*fnc[0]; // (prev_top * levIns * (1-is0))*fnc[0] =
// = (aux1 * (1-is0))*fnc[0] =
// = (aux1 - aux2) * fnc[0]
st_new1 <== (prev_old1 + prev_bot)*xor // prev_old1*xor + prev_bot*xor =
// = (prev_old1 + prev_bot)*xor;
st_bot <== -st_new1 + prev_old1 + prev_bot // prev_old1*(1-xor) + prev_bot*(1-xor) =
// = - prev_old1*xor -prev_bot*xor + prev_old1 + prev_bot =
// = -st_new1 + prev_old1 + prev_bot
st_na <== prev_new1 + prev_old0 + prev_na + st_upd;
st_upd <== aux1*(1-fnc[0]); // prev_top*levIns*(1-fnc[0]) =
// = aux1 * (1-fnc[0])
}

2
circuits/smt/smtlevins.circom
View File

@@ -55,7 +55,7 @@ a parent with a sibling != 0.
*/
template SMTLevIns(nLevels) {
signal input siblins[nLevels];
signal input siblings[nLevels];
signal output levIns[nLevels];
signal done[nLevels-1]; // Indicates if the insLevel has aready been detecetd.

21
circuits/switcher.circom Normal file
View File

@@ -0,0 +1,21 @@
/*
Assume sel is binary.
If sel == 0 then outL = L and outR=R
If sel == 1 then outL = R and outR=L
*/
template Switcher() {
signal input sel;
signal input L;
signal input R;
signal output outL;
signal output outR;
signal aux;
aux <== (R-L)*sel; // We create aux in order to have only one multiplication
outL <== aux + L;
outR <== -aux + R;
}