All tests working

5 years ago · e32460efe1
36 changed files with 333 additions and 93287 deletions
--- a/circuits/gates.circom
+++ b/circuits/gates.circom
@ -67,6 +67,7 @@ template NOR() {
 template MultiAND(n) {
    signal input in[n];
    signal output out;
    var i;
    if (n==1) {
        out <== in[0];
    } else if (n==2) {
@ -81,8 +82,8 @@ template MultiAND(n) {
        var n2 = n-n\2;
        ands[0] = MultiAND(n1);
        ands[1] = MultiAND(n2);
        for (var i=0; i<n1; i++) ands[0].in[i] <== in[i];
        for (var i=0; i<n2; i++) ands[1].in[i] <== in[n1+i];
        for (i=0; i<n1; i++) ands[0].in[i] <== in[i];
        for (i=0; i<n2; i++) ands[1].in[i] <== in[n1+i];
        and2.a <== ands[0].out;
        and2.b <== ands[1].out;
        out <== and2.out;
--- a/circuits/mimcsponge.circom
+++ b/circuits/mimcsponge.circom
@ -6,10 +6,12 @@ template MiMCSponge(nInputs, nRounds, nOutputs) {
  signal input k;
  signal output outs[nOutputs];
  var i;
  // S = R||C
  component S[nInputs + nOutputs - 1];
  for (var i = 0; i < nInputs; i++) {
  for (i = 0; i < nInputs; i++) {
    S[i] = MiMCFeistel(nRounds);
    S[i].k <== k;
    if (i == 0) {
@ -23,7 +25,7 @@ template MiMCSponge(nInputs, nRounds, nOutputs) {
  outs[0] <== S[nInputs - 1].xL_out;
  for (var i = 0; i < nOutputs - 1; i++) {
  for (i = 0; i < nOutputs - 1; i++) {
    S[nInputs + i] = MiMCFeistel(nRounds);
    S[nInputs + i].k <== k;
    S[nInputs + i].xL_in <== S[nInputs + i - 1].xL_out;
--- a/circuits/poseidon.circom
+++ b/circuits/poseidon.circom
@ -25,9 +25,12 @@ template Mix(t, M) {
    signal output out[t];
    var lc;
    for (var i=0; i<t; i++) {
    var i;
    var j;
    for (i=0; i<t; i++) {
        lc = 0;
        for (var j=0; j<t; j++) {
        for (j=0; j<t; j++) {
            lc = lc + M[i][j]*in[j];
        }
        out[i] <== lc;
@ -163,13 +166,15 @@ template Poseidon(nInputs, t, nRoundsF, nRoundsP) {
    component sigmaP[nRoundsP];
    component mix[nRoundsF + nRoundsP];
    var i;
    var j;
    var k;
    for (var i=0; i<(nRoundsF + nRoundsP); i++) {
    for (i=0; i<(nRoundsF + nRoundsP); i++) {
        ark[i] = Ark(t, C[i]);
        mix[i] = Mix(t, M);
        for (var j=0; j<t; j++) {
        for (j=0; j<t; j++) {
            if (i==0) {
                if (j<nInputs) {
                    ark[i].in[j] <== inputs[j];
@ -183,7 +188,7 @@ template Poseidon(nInputs, t, nRoundsF, nRoundsP) {
        if ((i<(nRoundsF/2)) || (i>= (nRoundsP + nRoundsF/2))) {
            k= i<nRoundsF/2 ? i : (i-nRoundsP);
            for (var j=0; j<t; j++) {
            for (j=0; j<t; j++) {
                sigmaF[k][j] = Sigma();
                sigmaF[k][j].in <== ark[i].out[j];
                mix[i].in[j] <== sigmaF[k][j].out;
@ -193,7 +198,7 @@ template Poseidon(nInputs, t, nRoundsF, nRoundsP) {
            sigmaP[k] = Sigma();
            sigmaP[k].in <== ark[i].out[0];
            mix[i].in[0] <== sigmaP[k].out;
            for (var j=1; j<t; j++) {
            for (j=1; j<t; j++) {
                mix[i].in[j] <== ark[i].out[j];
            }
        }
--- a/circuits/smt/smtlevins.circom
+++ b/circuits/smt/smtlevins.circom
@ -79,9 +79,11 @@ template SMTLevIns(nLevels) {
    signal output levIns[nLevels];
    signal done[nLevels-1];        // Indicates if the insLevel has aready been detected.
    var i;
    component isZero[nLevels];
    for (var i=0; i<nLevels; i++) {
    for (i=0; i<nLevels; i++) {
        isZero[i] = IsZero();
        isZero[i].in <== siblings[i];
    }
@ -91,7 +93,7 @@ template SMTLevIns(nLevels) {
    levIns[nLevels-1] <== (1-isZero[nLevels-2].out);
    done[nLevels-2] <== levIns[nLevels-1];
    for (var i=nLevels-2; i>0; i--) {
    for (i=nLevels-2; i>0; i--) {
        levIns[i] <== (1-done[i])*(1-isZero[i-1].out)
        done[i-1] <== levIns[i] + done[i];
    }
--- a/circuits/smt/smtprocessor.circom
+++ b/circuits/smt/smtprocessor.circom
@ -150,6 +150,8 @@ template SMTProcessor(nLevels) {
    signal enabled;
    var i;
    enabled <== fnc[0] + fnc[1] - fnc[0]*fnc[1]
    component hash1Old = SMTHash1();
@ -167,18 +169,18 @@ template SMTProcessor(nLevels) {
    n2bNew.in <== newKey;
    component smtLevIns = SMTLevIns(nLevels);
    for (var i=0; i<nLevels; i++) smtLevIns.siblings[i] <== siblings[i];
    for (i=0; i<nLevels; i++) smtLevIns.siblings[i] <== siblings[i];
    smtLevIns.enabled <== enabled;
    component xors[nLevels];
    for (var i=0; i<nLevels; i++) {
    for (i=0; i<nLevels; i++) {
        xors[i] = XOR();
        xors[i].a <== n2bOld.out[i];
        xors[i].b <== n2bNew.out[i];
    }
    component sm[nLevels];
    for (var i=0; i<nLevels; i++) {
    for (i=0; i<nLevels; i++) {
        sm[i] = SMTProcessorSM();
        if (i==0) {
            sm[i].prev_top <== enabled;
@ -204,7 +206,7 @@ template SMTProcessor(nLevels) {
    sm[nLevels-1].st_na + sm[nLevels-1].st_new1 + sm[nLevels-1].st_old0 +sm[nLevels-1].st_upd === 1;
    component levels[nLevels];
    for (var i=nLevels-1; i != -1; i--) {
    for (i=nLevels-1; i != -1; i--) {
        levels[i] = SMTProcessorLevel();
        levels[i].st_top <== sm[i].st_top;
--- a/circuits/smt/smtverifier.circom
+++ b/circuits/smt/smtverifier.circom
@ -48,6 +48,8 @@ template SMTVerifier(nLevels) {
    signal input value;
    signal input fnc;
    var i;
    component hash1Old = SMTHash1();
    hash1Old.key <== oldKey;
    hash1Old.value <== oldValue;
@ -63,11 +65,11 @@ template SMTVerifier(nLevels) {
    n2bNew.in <== key;
    component smtLevIns = SMTLevIns(nLevels);
    for (var i=0; i<nLevels; i++) smtLevIns.siblings[i] <== siblings[i];
    for (i=0; i<nLevels; i++) smtLevIns.siblings[i] <== siblings[i];
    smtLevIns.enabled <== enabled;
    component sm[nLevels];
    for (var i=0; i<nLevels; i++) {
    for (i=0; i<nLevels; i++) {
        sm[i] = SMTVerifierSM();
        if (i==0) {
            sm[i].prev_top <== enabled;
@ -89,7 +91,7 @@ template SMTVerifier(nLevels) {
    sm[nLevels-1].st_na + sm[nLevels-1].st_iold + sm[nLevels-1].st_inew + sm[nLevels-1].st_i0 === 1;
    component levels[nLevels];
    for (var i=nLevels-1; i != -1; i--) {
    for (i=nLevels-1; i != -1; i--) {
        levels[i] = SMTVerifierLevel();
        levels[i].st_top <== sm[i].st_top;
--- a/src/mimcsponge.js
+++ b/src/mimcsponge.js
@ -1,7 +1,7 @@
 const bn128 = require("snarkjs").bn128;
 const bigInt = require("snarkjs").bigInt;
 const bigInt = require("big-integer");
 const Web3Utils = require("web3-utils");
 const F = bn128.Fr;
 const ZqField = require("fflib").ZqField;
 const F = new ZqField(bigInt("21888242871839275222246405745257275088548364400416034343698204186575808495617"));
 const SEED = "mimcsponge";
 const NROUNDS = 220;
@ -10,7 +10,7 @@ exports.getIV = (seed) => {
    if (typeof seed === "undefined") seed = SEED;
    const c = Web3Utils.keccak256(seed+"_iv");
    const cn = bigInt(Web3Utils.toBN(c).toString());
    const iv = cn.mod(F.q);
    const iv = cn.mod(F.p);
    return iv;
 };
@ -22,7 +22,7 @@ exports.getConstants = (seed, nRounds) => {
    for (let i=1; i<nRounds; i++) {
        c = Web3Utils.keccak256(c);
        const n1 = Web3Utils.toBN(c).mod(Web3Utils.toBN(F.q.toString()));
        const n1 = Web3Utils.toBN(c).mod(Web3Utils.toBN(F.p.toString()));
        const c2 = Web3Utils.padLeft(Web3Utils.toHex(n1), 64);
        cts[i] = bigInt(Web3Utils.toBN(c2).toString());
    }
@ -42,21 +42,21 @@ exports.hash = (_xL_in, _xR_in, _k) =>{
        const t = (i==0) ? F.add(xL, k) : F.add(F.add(xL, k), c);
        const xR_tmp = bigInt(xR);
        if (i < (NROUNDS - 1)) {
          xR = xL;
          xL = F.add(xR_tmp, F.exp(t, 5));
            xR = xL;
            xL = F.add(xR_tmp, F.pow(t, 5));
        } else {
          xR = F.add(xR_tmp, F.exp(t, 5));
            xR = F.add(xR_tmp, F.pow(t, 5));
        }
    }
    return {
      xL: F.affine(xL),
      xR: F.affine(xR),
        xL: F.normalize(xL),
        xR: F.normalize(xR),
    };
 };
 exports.multiHash = (arr, key, numOutputs) => {
    if (typeof(numOutputs) === "undefined") {
      numOutputs = 1;
        numOutputs = 1;
    }
    if (typeof(key) === "undefined") {
        key = F.zero;
@ -66,21 +66,21 @@ exports.multiHash = (arr, key, numOutputs) => {
    let C = F.zero;
    for (let i=0; i<arr.length; i++) {
      R = F.add(R, bigInt(arr[i]));
      const S = exports.hash(R, C, key);
      R = S.xL;
      C = S.xR;
        R = F.add(R, bigInt(arr[i]));
        const S = exports.hash(R, C, key);
        R = S.xL;
        C = S.xR;
    }
    let outputs = [R];
    for (let i=1; i < numOutputs; i++) {
      const S = exports.hash(R, C, key);
      R = S.xL;
      C = S.xR;
      outputs.push(R);
        const S = exports.hash(R, C, key);
        R = S.xL;
        C = S.xR;
        outputs.push(R);
    }
    if (numOutputs == 1) {
      return F.affine(outputs[0]);
        return F.normalize(outputs[0]);
    } else {
      return outputs.map(x => F.affine(x));
        return outputs.map(x => F.normalize(x));
    }
 };
--- a/src/smt.js
+++ b/src/smt.js
@ -1,4 +1,4 @@
 const bigInt = require("snarkjs").bigInt;
 const bigInt = require("big-integer");
 const SMTMemDB = require("./smt_memdb");
 const {hash0, hash1} = require("./smt_hashes_poseidon");
@ -21,7 +21,7 @@ class SMT {
            } else {
                res.push(false);
            }
            k = k.shr(1);
            k = k.shiftRight(1);
        }
        while (res.length<256) res.push(false);
--- a/src/smt_hashes_mimc.js
+++ b/src/smt_hashes_mimc.js
@ -1,5 +1,5 @@
 const mimc7 = require("./mimc7");
 const bigInt = require("snarkjs").bigInt;
 const bigInt = require("big-integer");
 exports.hash0 = function (left, right) {
    return mimc7.multiHash(left, right);
--- a/src/smt_hashes_poseidon.js
+++ b/src/smt_hashes_poseidon.js
@ -1,5 +1,5 @@
 const Poseidon = require("./poseidon");
 const bigInt = require("snarkjs").bigInt;
 const bigInt = require("big-integer");
 const hash = Poseidon.createHash(6, 8, 57);
--- a/src/smt_memdb.js
+++ b/src/smt_memdb.js
@ -1,4 +1,4 @@
 const bigInt = require("snarkjs").bigInt;
 const bigInt = require("big-integer");
 class SMTMemDb {
    constructor() {
--- a/test/circuits/out.json
+++ b/test/circuits/out.json
--- a/test/circuits/pedersen2_test.cpp
+++ b/test/circuits/pedersen2_test.cpp
--- a/test/circuits/pedersen2_test.sym
+++ b/test/circuits/pedersen2_test.sym
--- a/test/circuits/pedersen_test
+++ b/test/circuits/pedersen_test
--- a/test/circuits/pedersen_test.cpp
+++ b/test/circuits/pedersen_test.cpp
--- a/test/circuits/pedersen_test.dSYM/Contents/Info.plist
+++ b/test/circuits/pedersen_test.dSYM/Contents/Info.plist
@ -1,20 +0,0 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
 	<dict>
 		<key>CFBundleDevelopmentRegion</key>
 		<string>English</string>
 		<key>CFBundleIdentifier</key>
 		<string>com.apple.xcode.dsym.pedersen_test</string>
 		<key>CFBundleInfoDictionaryVersion</key>
 		<string>6.0</string>
 		<key>CFBundlePackageType</key>
 		<string>dSYM</string>
 		<key>CFBundleSignature</key>
 		<string>????</string>
 		<key>CFBundleShortVersionString</key>
 		<string>1.0</string>
 		<key>CFBundleVersion</key>
 		<string>1</string>
 	</dict>
 </plist>
--- a/test/circuits/pedersen_test.dSYM/Contents/Resources/DWARF/pedersen_test
+++ b/test/circuits/pedersen_test.dSYM/Contents/Resources/DWARF/pedersen_test
--- a/test/circuits/pedersen_test.sym
+++ b/test/circuits/pedersen_test.sym
--- a/test/eddsamimc.js
+++ b/test/eddsamimc.js
@ -1,25 +1,20 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const tester = require("circom").tester;
 const bigInt = require("big-integer");
 const eddsa = require("../src/eddsa.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 describe("EdDSA MiMC test", function () {
    let circuit;
    this.timeout(100000);
    before( async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "eddsamimc_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains EdDSA MiMC: " + circuit.nConstraints);
        circuit = await tester(path.join(__dirname, "circuits", "eddsamimc_test.circom"));
    });
    it("Sign a single number", async () => {
@ -33,7 +28,7 @@ describe("EdDSA MiMC test", function () {
        assert(eddsa.verifyMiMC(msg, signature, pubKey));
        const w = circuit.calculateWitness({
        const w = await circuit.calculateWitness({
            enabled: 1,
            Ax: pubKey[0],
            Ay: pubKey[1],
@ -42,7 +37,8 @@ describe("EdDSA MiMC test", function () {
            S: signature.S,
            M: msg});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
    it("Detect Invalid signature", async () => {
@ -57,7 +53,7 @@ describe("EdDSA MiMC test", function () {
        assert(eddsa.verifyMiMC(msg, signature, pubKey));
        try {
            const w = circuit.calculateWitness({
            const w = await circuit.calculateWitness({
                enabled: 1,
                Ax: pubKey[0],
                Ay: pubKey[1],
@ -84,7 +80,7 @@ describe("EdDSA MiMC test", function () {
        assert(eddsa.verifyMiMC(msg, signature, pubKey));
        const w = circuit.calculateWitness({
        const w = await  circuit.calculateWitness({
            enabled: 0,
            Ax: pubKey[0],
            Ay: pubKey[1],
@ -93,6 +89,7 @@ describe("EdDSA MiMC test", function () {
            S: signature.S,
            M: msg});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
 });
--- a/test/eddsaposeidon.js
+++ b/test/eddsaposeidon.js
@ -1,25 +1,21 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const eddsa = require("../src/eddsa.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 describe("EdDSA Poseidon test", function () {
    let circuit;
    this.timeout(100000);
    before( async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "eddsaposeidon_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        circuit = await tester(path.join(__dirname, "circuits", "eddsaposeidon_test.circom"));
        console.log("NConstrains EdDSA Poseidon: " + circuit.nConstraints);
    });
    it("Sign a single number", async () => {
@ -33,7 +29,7 @@ describe("EdDSA Poseidon test", function () {
        assert(eddsa.verifyPoseidon(msg, signature, pubKey));
        const w = circuit.calculateWitness({
        const w = await circuit.calculateWitness({
            enabled: 1,
            Ax: pubKey[0],
            Ay: pubKey[1],
@ -42,7 +38,8 @@ describe("EdDSA Poseidon test", function () {
            S: signature.S,
            M: msg});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
    it("Detect Invalid signature", async () => {
@ -57,7 +54,7 @@ describe("EdDSA Poseidon test", function () {
        assert(eddsa.verifyPoseidon(msg, signature, pubKey));
        try {
            circuit.calculateWitness({
            await circuit.calculateWitness({
                enabled: 1,
                Ax: pubKey[0],
                Ay: pubKey[1],
@ -84,7 +81,7 @@ describe("EdDSA Poseidon test", function () {
        assert(eddsa.verifyPoseidon(msg, signature, pubKey));
        const w = circuit.calculateWitness({
        const w = await circuit.calculateWitness({
            enabled: 0,
            Ax: pubKey[0],
            Ay: pubKey[1],
@ -93,6 +90,7 @@ describe("EdDSA Poseidon test", function () {
            S: signature.S,
            M: msg});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
 });
--- a/test/escalarmul.js
+++ b/test/escalarmul.js
@ -1,172 +1,117 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const babyJub = require("../src/babyjub.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 const q=bigInt("21888242871839275222246405745257275088548364400416034343698204186575808495617");
 function addPoint(a,b) {
    const cta = bigInt("168700");
    const d = bigInt("168696");
    const res = [];
    res[0] = bigInt((a[0]*b[1] + b[0]*a[1]) *  bigInt(bigInt.one + d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q);
    res[1] = bigInt((a[1]*b[1] - cta*a[0]*b[0]) * bigInt(bigInt.one - d*a[0]*b[0]*a[1]*b[1]).inverse(q)).affine(q);
    return res;
 }
 function print(circuit, w, s) {
    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
 }
 describe("Exponentioation test", () => {
    it("Should generate the Exponentiation table in k=0", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmulw4table_test.circom"));
 describe("Exponentioation test", function () {
 //        console.log(JSON.stringify(cirDef, null, 1));
    this.timeout(100000);
 //        assert.equal(cirDef.nVars, 2);
    it("Should generate the Exponentiation table in k=0", async () => {
        const circuit = new snarkjs.Circuit(cirDef);
        const circuit = await tester(path.join(__dirname, "circuits", "escalarmulw4table_test.circom"));
        console.log("NConstrains: " + circuit.nConstraints);
        const w = await circuit.calculateWitness({in: 1});
        const w = circuit.calculateWitness({in: 1});
        // TODO
        // assert(circuit.checkWitness(w));
        assert(circuit.checkWitness(w));
        let g = [
            bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
            bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
        ];
        let g = [bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
                 bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]
        let dbl= [bigInt("0"), bigInt("1")];
        dbl= [bigInt("0"), snarkjs.bigInt("1")];
        const expectedOut = [];
        for (let i=0; i<16; i++) {
            const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)];
            const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)];
            // console.log(xout1.toString());
            // console.log(yout1.toString());
            // console.log(dbl[0]);
            // console.log(dbl[1]);
            assert(xout1.equals(dbl[0]));
            assert(yout1.equals(dbl[1]));
            dbl = addPoint([xout1, yout1],g);
            expectedOut.push(dbl);
            dbl = babyJub.addPoint(dbl,g);
        }
        await circuit.assertOut(w, {out: expectedOut});
    });
    it("Should generate the Exponentiation table in k=3", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmulw4table_test3.circom"));
 //        console.log(JSON.stringify(cirDef, null, 1));
 //        assert.equal(cirDef.nVars, 2);
        const circuit = await tester(path.join(__dirname, "circuits", "escalarmulw4table_test3.circom"));
        const circuit = new snarkjs.Circuit(cirDef);
        const w = await circuit.calculateWitness({in: 1});
        console.log("NConstrains: " + circuit.nConstraints);
        // TODO
        // assert(circuit.checkWitness(w));
        const w = circuit.calculateWitness({in: 1});
        assert(circuit.checkWitness(w));
        let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
                 snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]
        let g = [
            bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
            bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
        ];
        for (let i=0; i<12;i++) {
            g = addPoint(g,g);
            g = babyJub.addPoint(g,g);
        }
        dbl= [snarkjs.bigInt("0"), snarkjs.bigInt("1")];
        for (let i=0; i<16; i++) {
            const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)];
            const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)];
        let dbl= [bigInt("0"), bigInt("1")];
        const expectedOut = [];
            // console.log(xout1.toString());
            // console.log(yout1.toString());
            // console.log(dbl[0]);
            // console.log(dbl[1]);
            assert(xout1.equals(dbl[0]));
            assert(yout1.equals(dbl[1]));
        for (let i=0; i<16; i++) {
            expectedOut.push(dbl);
            dbl = addPoint([xout1, yout1],g);
            dbl = babyJub.addPoint(dbl,g);
        }
        await circuit.assertOut(w, {out: expectedOut});
    });
    it("Should exponentiate g^31", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom"), {reduceConstraints: true});
 //        console.log(JSON.stringify(cirDef, null, 1));
        const circuit = await tester(path.join(__dirname, "circuits", "escalarmul_test.circom"));
 //        assert.equal(cirDef.nVars, 2);
        const w = await circuit.calculateWitness({"in": 31});
        const circuit = new snarkjs.Circuit(cirDef);
        // TODO
        // assert(circuit.checkWitness(w));
        console.log("NConstrains: " + circuit.nConstraints);
        let g = [
            bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
            bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
        ];
        const w = circuit.calculateWitness({"in": 31});
        assert(circuit.checkWitness(w));
        let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
                 snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]
        let c = [0n, 1n];
        let c = [bigInt(0), bigInt(1)];
        for (let i=0; i<31;i++) {
            c = addPoint(c,g);
            c = babyJub.addPoint(c,g);
        }
        const xout = w[circuit.getSignalIdx(`main.out[0]`)];
        const yout = w[circuit.getSignalIdx(`main.out[1]`)];
        await circuit.assertOut(w, {out: c});
 /*
        console.log(xout.toString());
        console.log(yout.toString());
 */
        assert(xout.equals(c[0]));
        assert(yout.equals(c[1]));
        console.log("-------")
        const w2 = circuit.calculateWitness({"in": (1n<<252n)+1n});
        const xout2 = w2[circuit.getSignalIdx(`main.out[0]`)];
        const yout2 = w2[circuit.getSignalIdx(`main.out[1]`)];
        const w2 = await circuit.calculateWitness({"in": bigInt(1).shiftLeft(252).add(bigInt.one)});
        c = [g[0], g[1]];
        for (let i=0; i<252;i++) {
            c = addPoint(c,c);
            c = babyJub.addPoint(c,c);
        }
        c = addPoint(c,g);
        // console.log(xout2.toString());
        // console.log(yout2.toString());
        // console.log(c[0].toString());
        // console.log(c[1].toString());
        c = babyJub.addPoint(c,g);
        assert(xout2.equals(c[0]));
        assert(yout2.equals(c[1]));
        await circuit.assertOut(w2, {out: c});
    }).timeout(10000000);
    it("Number of constrains for 256 bits", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test_min.circom"));
        const circuit = new snarkjs.Circuit(cirDef);
        const circuit = await tester(path.join(__dirname, "circuits", "escalarmul_test_min.circom"));
        console.log("NConstrains: " + circuit.nConstraints);
    }).timeout(10000000);
 });
--- a/test/escalarmulany.js
+++ b/test/escalarmulany.js
@ -1,12 +1,7 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 function print(circuit, w, s) {
    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
@ -18,41 +13,35 @@ describe("Escalarmul test", function () {
    this.timeout(100000);
    let g = [
        snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
        snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
        bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
        bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
    ];
    before( async() => {
        const cirDefEMulAny = await compiler(path.join(__dirname, "circuits", "escalarmulany_test.circom"));
        circuitEMulAny = new snarkjs.Circuit(cirDefEMulAny);
        console.log("NConstrains Escalarmul any: " + circuitEMulAny.nConstraints);
        circuitEMulAny = await tester(path.join(__dirname, "circuits", "escalarmulany_test.circom"));
    });
    it("Should generate Same escalar mul", async () => {
        const w = circuitEMulAny.calculateWitness({"e": 1, "p": g});
        const w = await circuitEMulAny.calculateWitness({"e": 1, "p": g});
        assert(circuitEMulAny.checkWitness(w));
        // TODO
        // assert(circuitEMulAny.checkWitness(w));
        const xout = w[circuitEMulAny.getSignalIdx("main.out[0]")];
        const yout = w[circuitEMulAny.getSignalIdx("main.out[1]")];
        await circuitEMulAny.assertOut(w, {out: g});
        assert(xout.equals(g[0]));
        assert(yout.equals(g[1]));
    });
    it("If multiply by order should return 0", async () => {
        const r = bigInt("2736030358979909402780800718157159386076813972158567259200215660948447373041");
        const w = circuitEMulAny.calculateWitness({"e": r, "p": g});
        const w = await circuitEMulAny.calculateWitness({"e": r, "p": g});
        assert(circuitEMulAny.checkWitness(w));
        // TODO
        // assert(circuitEMulAny.checkWitness(w));
        const xout = w[circuitEMulAny.getSignalIdx("main.out[0]")];
        const yout = w[circuitEMulAny.getSignalIdx("main.out[1]")];
        await circuitEMulAny.assertOut(w, {out: [0,1]});
        assert(xout.equals(bigInt.zero));
        assert(yout.equals(bigInt.one));
    });
 });
--- a/test/escalarmulfix.js
+++ b/test/escalarmulfix.js
@ -1,14 +1,11 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const babyjub = require("../src/babyjub");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 function print(circuit, w, s) {
    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
 }
@ -19,35 +16,29 @@ describe("Escalarmul test", function () {
    this.timeout(100000);
    before( async() => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmulfix_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains Escalarmul fix: " + circuit.nConstraints);
        circuit = await tester(path.join(__dirname, "circuits", "escalarmulfix_test.circom"));
    });
    it("Should generate Same escalar mul", async () => {
        const w = circuit.calculateWitness({"e": 0});
        const w = await circuit.calculateWitness({"e": 0});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
        const xout = w[circuit.getSignalIdx("main.out[0]")];
        const yout = w[circuit.getSignalIdx("main.out[1]")];
        await circuit.assertOut(w, {out: [0,1]});
        assert(xout.equals(0));
        assert(yout.equals(1));
    });
    it("Should generate Same escalar mul", async () => {
        const w = circuit.calculateWitness({"e": 1});
        const w = await circuit.calculateWitness({"e": 1});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
        const xout = w[circuit.getSignalIdx("main.out[0]")];
        const yout = w[circuit.getSignalIdx("main.out[1]")];
        await circuit.assertOut(w, {out: babyjub.Base8});
        assert(xout.equals(babyjub.Base8[0]));
        assert(yout.equals(babyjub.Base8[1]));
    });
    it("Should generate scalar mul of a specific constant", async () => {
@ -58,17 +49,15 @@ describe("Escalarmul test", function () {
            bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
        ];
        const w = circuit.calculateWitness({"e": s});
        assert(circuit.checkWitness(w));
        const w = await circuit.calculateWitness({"e": s});
        const xout = w[circuit.getSignalIdx("main.out[0]")];
        const yout = w[circuit.getSignalIdx("main.out[1]")];
        // TODO
        // assert(circuit.checkWitness(w));
        const expectedRes = babyjub.mulPointEscalar(base8, s);
        assert(xout.equals(expectedRes[0]));
        assert(yout.equals(expectedRes[1]));
        await circuit.assertOut(w, {out: expectedRes});
    });
    it("Should generate scalar mul of the firsts 50 elements", async () => {
@ -81,31 +70,25 @@ describe("Escalarmul test", function () {
        for (let i=0; i<50; i++) {
            const s = bigInt(i);
            const w = circuit.calculateWitness({"e": s});
            assert(circuit.checkWitness(w));
            const w = await circuit.calculateWitness({"e": s});
            const xout = w[circuit.getSignalIdx("main.out[0]")];
            const yout = w[circuit.getSignalIdx("main.out[1]")];
            // TODO
            // assert(circuit.checkWitness(w));
            const expectedRes = babyjub.mulPointEscalar(base8, s);
            assert(xout.equals(expectedRes[0]));
            assert(yout.equals(expectedRes[1]));
            await circuit.assertOut(w, {out: expectedRes});
        }
    });
    it("If multiply by order should return 0", async () => {
        const w = circuit.calculateWitness({"e": babyjub.subOrder });
        assert(circuit.checkWitness(w));
        const w = await circuit.calculateWitness({"e": babyjub.subOrder });
        const xout = w[circuit.getSignalIdx("main.out[0]")];
        const yout = w[circuit.getSignalIdx("main.out[1]")];
        // TODO
        // assert(circuit.checkWitness(w));
        assert(xout.equals(bigInt.zero));
        assert(yout.equals(bigInt.one));
        await circuit.assertOut(w, {out: [0,1]});
    });
 });
--- a/test/mimccircuit.js
+++ b/test/mimccircuit.js
@ -1,35 +1,26 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const tester = require("circom").tester;
 const mimcjs = require("../src/mimc7.js");
 const assert = chai.assert;
 describe("MiMC Circuit test", function () {
    let circuit;
    this.timeout(100000);
    before( async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mimc_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("MiMC constraints: " + circuit.nConstraints);
        circuit = await tester(path.join(__dirname, "circuits", "mimc_test.circom"));
    });
    it("Should check constrain", async () => {
        const w = circuit.calculateWitness({x_in: 1, k: 2});
        const res = w[circuit.getSignalIdx("main.out")];
        const w = await circuit.calculateWitness({x_in: 1, k: 2});
        const res2 = mimcjs.hash(1,2,91);
        assert.equal(res.toString(), res2.toString());
        assert(circuit.checkWitness(w));
        await circuit.assertOut(w, {out: res2});
        // TODO
        // assert(circuit.checkWitness(w));
    });
 });
--- a/test/mimcspongecircuit.js
+++ b/test/mimcspongecircuit.js
@ -1,11 +1,8 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const tester = require("circom").tester;
 const mimcjs = require("../src/mimcsponge.js");
 const assert = chai.assert;
 describe("MiMC Sponge Circuit test", function () {
    let circuit;
@ -13,46 +10,30 @@ describe("MiMC Sponge Circuit test", function () {
    this.timeout(100000);
    it("Should check permutation", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mimc_sponge_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        circuit = await tester(path.join(__dirname, "circuits", "mimc_sponge_test.circom"));
        console.log("MiMC Feistel constraints: " + circuit.nConstraints);
        const w = circuit.calculateWitness({xL_in: 1, xR_in: 2, k: 3});
        const xLout = w[circuit.getSignalIdx("main.xL_out")];
        const xRout = w[circuit.getSignalIdx("main.xR_out")];
        const w = await circuit.calculateWitness({xL_in: 1, xR_in: 2, k: 3});
        const out2 = mimcjs.hash(1,2,3);
        assert.equal(xLout.toString(), out2.xL.toString());
        assert.equal(xRout.toString(), out2.xR.toString());
        await circuit.assertOut(w, {xL_out: out2.xL, xR_out: out2.xR});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
    it("Should check hash", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mimc_sponge_hash_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        circuit = await tester(path.join(__dirname, "circuits", "mimc_sponge_hash_test.circom"));
        console.log("MiMC Sponge constraints: " + circuit.nConstraints);
        const w = circuit.calculateWitness({ins: [1, 2], k: 0});
        const o1 = w[circuit.getSignalIdx("main.outs[0]")];
        const o2 = w[circuit.getSignalIdx("main.outs[1]")];
        const o3 = w[circuit.getSignalIdx("main.outs[2]")];
        const w = await circuit.calculateWitness({ins: [1, 2], k: 0});
        const out2 = mimcjs.multiHash([1,2], 0, 3);
        assert.equal(o1.toString(), out2[0].toString());
        assert.equal(o2.toString(), out2[1].toString());
        assert.equal(o3.toString(), out2[2].toString());
        assert(circuit.checkWitness(w));
        await circuit.assertOut(w, {outs: out2});
        // TODO
        // assert(circuit.checkWitness(w));
    });
 });
--- a/test/montgomery.js
+++ b/test/montgomery.js
@ -1,13 +1,11 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const babyJub = require("../src/babyjub.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 describe("Montgomery test", function () {
    let circuitE2M;
    let circuitM2E;
@ -15,43 +13,37 @@ describe("Montgomery test", function () {
    let circuitMDouble;
    let g = [
        snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
        snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")];
        bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
        bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")
    ];
    let mg, mg2, g2, g3, mg3;
    this.timeout(100000);
    before( async() => {
        const cirDefE2M = await compiler(path.join(__dirname, "circuits", "edwards2montgomery.circom"));
        circuitE2M = new snarkjs.Circuit(cirDefE2M);
        console.log("NConstrains Edwards -> Montgomery: " + circuitE2M.nConstraints);
        const cirDefM2E = await compiler(path.join(__dirname, "circuits", "montgomery2edwards.circom"));
        circuitM2E = new snarkjs.Circuit(cirDefM2E);
        console.log("NConstrains Montgomery -> Edwards: " + circuitM2E.nConstraints);
        const cirDefMAdd = await compiler(path.join(__dirname, "circuits", "montgomeryadd.circom"));
        circuitMAdd = new snarkjs.Circuit(cirDefMAdd);
        console.log("NConstrains Montgomery Add: " + circuitMAdd.nConstraints);
        const cirDefMDouble = await compiler(path.join(__dirname, "circuits", "montgomerydouble.circom"));
        circuitMDouble = new snarkjs.Circuit(cirDefMDouble);
        console.log("NConstrains Montgomery Double: " + circuitMDouble.nConstraints);
        circuitE2M = await tester(path.join(__dirname, "circuits", "edwards2montgomery.circom"));
        await circuitE2M.loadSymbols();
        circuitM2E = await tester(path.join(__dirname, "circuits", "montgomery2edwards.circom"));
        await circuitM2E.loadSymbols();
        circuitMAdd = await tester(path.join(__dirname, "circuits", "montgomeryadd.circom"));
        await circuitMAdd.loadSymbols();
        circuitMDouble = await tester(path.join(__dirname, "circuits", "montgomerydouble.circom"));
        await circuitMDouble.loadSymbols();
    });
    it("Convert Edwards to Montgomery and back again", async () => {
        let w, xout, yout;
        w = circuitE2M.calculateWitness({ in: g});
        w = await circuitE2M.calculateWitness({ in: g});
        xout = w[circuitE2M.getSignalIdx("main.out[0]")];
        yout = w[circuitE2M.getSignalIdx("main.out[1]")];
        xout = w[circuitE2M.symbols["main.out[0]"].idxWit];
        yout = w[circuitE2M.symbols["main.out[1]"].idxWit];
        mg = [xout, yout];
        w = circuitM2E.calculateWitness({ in: [xout, yout]});
        w = await circuitM2E.calculateWitness({ in: [xout, yout]});
        xout = w[circuitM2E.getSignalIdx("main.out[0]")];
        yout = w[circuitM2E.getSignalIdx("main.out[1]")];
        xout = w[circuitM2E.symbols["main.out[0]"].idxWit];
        yout = w[circuitM2E.symbols["main.out[1]"].idxWit];
        assert(xout.equals(g[0]));
        assert(yout.equals(g[1]));
@ -61,17 +53,17 @@ describe("Montgomery test", function () {
        g2 = babyJub.addPoint(g,g);
        w = circuitMDouble.calculateWitness({ in: mg});
        w = await circuitMDouble.calculateWitness({ in: mg});
        xout = w[circuitE2M.getSignalIdx("main.out[0]")];
        yout = w[circuitE2M.getSignalIdx("main.out[1]")];
        xout = w[circuitE2M.symbols["main.out[0]"].idxWit];
        yout = w[circuitE2M.symbols["main.out[1]"].idxWit];
        mg2 = [xout, yout];
        w = circuitM2E.calculateWitness({ in: mg2});
        w = await circuitM2E.calculateWitness({ in: mg2});
        xout = w[circuitM2E.getSignalIdx("main.out[0]")];
        yout = w[circuitM2E.getSignalIdx("main.out[1]")];
        xout = w[circuitM2E.symbols["main.out[0]"].idxWit];
        yout = w[circuitM2E.symbols["main.out[1]"].idxWit];
        assert(xout.equals(g2[0]));
        assert(yout.equals(g2[1]));
@ -81,17 +73,17 @@ describe("Montgomery test", function () {
        g3 = babyJub.addPoint(g,g2);
        w = circuitMAdd.calculateWitness({ in1: mg, in2: mg2});
        w = await circuitMAdd.calculateWitness({ in1: mg, in2: mg2});
        xout = w[circuitMAdd.getSignalIdx("main.out[0]")];
        yout = w[circuitMAdd.getSignalIdx("main.out[1]")];
        xout = w[circuitMAdd.symbols["main.out[0]"].idxWit];
        yout = w[circuitMAdd.symbols["main.out[1]"].idxWit];
        mg3 = [xout, yout];
        w = circuitM2E.calculateWitness({ in: mg3});
        w = await circuitM2E.calculateWitness({ in: mg3});
        xout = w[circuitM2E.getSignalIdx("main.out[0]")];
        yout = w[circuitM2E.getSignalIdx("main.out[1]")];
        xout = w[circuitM2E.symbols["main.out[0]"].idxWit];
        yout = w[circuitM2E.symbols["main.out[1]"].idxWit];
        assert(xout.equals(g3[0]));
        assert(yout.equals(g3[1]));
--- a/test/multiplexer.js
+++ b/test/multiplexer.js
@ -1,25 +1,13 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const assert = chai.assert;
 describe("Mux4 test", function() {
    this.timeout(100000);
 const bigInt = snarkjs.bigInt;
 describe("Mux4 test", () => {
    it("Should create a constant multiplexer 4", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mux4_1.circom"));
 //        console.log(JSON.stringify(cirDef, null, 1));
 //        assert.equal(cirDef.nVars, 2);
        const circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains Mux4: " + circuit.nConstraints);
        const circuit = await tester(path.join(__dirname, "circuits", "mux4_1.circom"));
        const ct16 = [
            bigInt("123"),
@ -41,24 +29,19 @@ describe("Mux4 test", () => {
        ];
        for (let i=0; i<16; i++) {
            const w = circuit.calculateWitness({ "selector": i });
            const w = await circuit.calculateWitness({ "selector": i });
            assert(circuit.checkWitness(w));
            // TODO
            // assert(circuit.checkWitness(w));
            assert(w[0].equals(bigInt(1)));
            await circuit.assertOut(w, {out: ct16[i]});
            // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());
            assert(w[circuit.getSignalIdx("main.out")].equals(ct16[i]));
        }
    });
    it("Should create a constant multiplexer 3", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mux3_1.circom"));
        const circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains Mux3: " + circuit.nConstraints);
        const circuit = await tester(path.join(__dirname, "circuits", "mux3_1.circom"));
        const ct8 = [
            bigInt("37"),
@ -72,23 +55,19 @@ describe("Mux4 test", () => {
        ];
        for (let i=0; i<8; i++) {
            const w = circuit.calculateWitness({ "selector": i });
            const w = await circuit.calculateWitness({ "selector": i });
            assert(w[0].equals(bigInt(1)));
            // TODO
            // assert(circuit.checkWitness(w));
            // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());
            assert(w[circuit.getSignalIdx("main.out")].equals(ct8[i]));
            await circuit.assertOut(w, {out: ct8[i]});
        }
    });
    it("Should create a constant multiplexer 2", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mux2_1.circom"));
        const circuit = await tester(path.join(__dirname, "circuits", "mux2_1.circom"));
        const circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains Mux2: " + circuit.nConstraints);
        const ct8 = [
        const ct4 = [
            bigInt("37"),
            bigInt("47"),
            bigInt("53"),
@ -96,38 +75,30 @@ describe("Mux4 test", () => {
        ];
        for (let i=0; i<4; i++) {
            const w = circuit.calculateWitness({ "selector": i });
            assert(circuit.checkWitness(w));
            const w = await circuit.calculateWitness({ "selector": i });
            assert(w[0].equals(bigInt(1)));
            // TODO
            // assert(circuit.checkWitness(w));
            // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());
            assert(w[circuit.getSignalIdx("main.out")].equals(ct8[i]));
            await circuit.assertOut(w, {out: ct4[i]});
        }
    });
    it("Should create a constant multiplexer 1", async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "mux1_1.circom"));
        const circuit = await tester(path.join(__dirname, "circuits", "mux1_1.circom"));
        const circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains Mux1: " + circuit.nConstraints);
        const ct8 = [
        const ct2 = [
            bigInt("37"),
            bigInt("47"),
        ];
        for (let i=0; i<2; i++) {
            const w = circuit.calculateWitness({ "selector": i });
            assert(circuit.checkWitness(w));
            const w = await circuit.calculateWitness({ "selector": i });
            assert(w[0].equals(bigInt(1)));
            // TODO
            // assert(circuit.checkWitness(w));
            // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());
            assert(w[circuit.getSignalIdx("main.out")].equals(ct8[i]));
            await circuit.assertOut(w, {out: ct2[i]});
        }
    });
 });
--- a/test/point2bits.js
+++ b/test/point2bits.js
@ -1,11 +1,5 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 const tester = require("circom").tester;
 const babyJub = require("../src/babyjub.js");
@ -14,20 +8,18 @@ describe("Point 2 bits test", function() {
    let circuit;
    this.timeout(100000);
    before( async() => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "pointbits_loopback.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains Point2Bits loopback: " + circuit.nConstraints);
        circuit = await tester(path.join(__dirname, "circuits", "pointbits_loopback.circom"));
    });
    it("Should do the both convertions for 8Base", async () => {
        const w = circuit.calculateWitness({ in: babyJub.Base8});
        const w = await circuit.calculateWitness({ in: babyJub.Base8});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
    it("Should do the both convertions for Zero point", async () => {
        const w = circuit.calculateWitness({ in: [0, 1]});
        const w = await circuit.calculateWitness({ in: [0, 1]});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
 });
--- a/test/poseidoncircuit.js
+++ b/test/poseidoncircuit.js
@ -1,8 +1,8 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 var blake2b = require('blake2b');
 var blake2b = require("blake2b");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const poseidon = require("../src/poseidon.js");
@ -11,9 +11,9 @@ const assert = chai.assert;
 describe("Blake2b version test", function() {
    it("Should give the expected output for blake2b version", async () => {
        var output = new Uint8Array(32);
        var input = Buffer.from('poseidon_constants');
        h = blake2b(output.length).update(input).digest('hex')
        assert.equal('e57ba154fb2c47811dc1a2369b27e25a44915b4e4ece4eb8ec74850cb78e01b1', h);
        var input = Buffer.from("poseidon_constants");
        const h = blake2b(output.length).update(input).digest("hex");
        assert.equal("e57ba154fb2c47811dc1a2369b27e25a44915b4e4ece4eb8ec74850cb78e01b1", h);
    });
 });
@ -23,38 +23,35 @@ describe("Poseidon Circuit test", function () {
    this.timeout(100000);
    before( async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "poseidon_test.circom"));
        circuit = await tester(path.join(__dirname, "circuits", "poseidon_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("Poseidon constraints: " + circuit.nConstraints);
    });
    it("Should check constrain of hash([1, 2])", async () => {
        const w = circuit.calculateWitness({inputs: [1, 2]});
        const res = w[circuit.getSignalIdx("main.out")];
        const w = await circuit.calculateWitness({inputs: [1, 2]});
        const hash = poseidon.createHash(6, 8, 57);
        const res2 = hash([1,2]);
        assert.equal('12242166908188651009877250812424843524687801523336557272219921456462821518061', res2.toString());
        assert.equal(res.toString(), res2.toString());
        assert(circuit.checkWitness(w));
        assert.equal("12242166908188651009877250812424843524687801523336557272219921456462821518061", res2.toString());
        await circuit.assertOut(w, {out : res2});
        // TODO
        // assert(circuit.checkWitness(w));
    });
    it("Should check constrain of hash([3, 4])", async () => {
        const w = circuit.calculateWitness({inputs: [3, 4]});
        const res = w[circuit.getSignalIdx("main.out")];
        const w = await circuit.calculateWitness({inputs: [3, 4]});
        const hash = poseidon.createHash(6, 8, 57);
        const res2 = hash([3, 4]);
        assert.equal('17185195740979599334254027721507328033796809509313949281114643312710535000993', res2.toString());
        assert.equal("17185195740979599334254027721507328033796809509313949281114643312710535000993", res2.toString());
        assert.equal(res.toString(), res2.toString());
        await circuit.assertOut(w, {out : res2});
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
 });
--- a/test/rawsmt3.circom
+++ b/test/rawsmt3.circom
@ -1,23 +0,0 @@
 include "../circuits/smt/smtverifier.circom";
 template SMT(nLevels) {
  signal input root;
  signal input mtp[nLevels];
  signal input hi;
  signal input hv;
  component smtClaimExists = SMTVerifier(nLevels);
  smtClaimExists.enabled <== 1;
  smtClaimExists.fnc <== 0;
  smtClaimExists.root <== root;
  for (var i=0; i<nLevels; i++) {
      smtClaimExists.siblings[i] <==  mtp[i];
  }
  smtClaimExists.oldKey <== 0;
  smtClaimExists.oldValue <== 0;
  smtClaimExists.isOld0 <== 0;
  smtClaimExists.key <== hi;
  smtClaimExists.value <== hv;
 }
 component main = SMT(4);
--- a/test/sign.js
+++ b/test/sign.js
@ -1,11 +1,6 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 function print(circuit, w, s) {
    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
@ -14,7 +9,7 @@ function print(circuit, w, s) {
 function getBits(v, n) {
    const res = [];
    for (let i=0; i<n; i++) {
        if (v.shr(i).isOdd()) {
        if (v.shiftRight(i).isOdd()) {
            res.push(bigInt.one);
        } else {
            res.push(bigInt.zero);
@ -25,64 +20,60 @@ function getBits(v, n) {
 const q = bigInt("21888242871839275222246405745257275088548364400416034343698204186575808495617");
 describe("Sign test", () => {
 describe("Sign test", function() {
    let circuit;
    before( async() => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "sign_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
    this.timeout(100000);
        console.log("NConstrains: " + circuit.nConstraints);
    before( async() => {
        circuit = await tester(path.join(__dirname, "circuits", "sign_test.circom"));
    });
    it("Sign of 0", async () => {
        const inp = getBits(bigInt.zero, 254);
        const w = circuit.calculateWitness({in: inp});
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(0)) );
        await circuit.assertOut(w, {sign: 0});
    });
    it("Sign of 3", async () => {
        const inp = getBits(bigInt(3), 254);
        const w = circuit.calculateWitness({in: inp});
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(0)) );
        await circuit.assertOut(w, {sign: 0});
    });
    it("Sign of q/2", async () => {
        const inp = getBits(q.shr(bigInt.one), 254);
        const w = circuit.calculateWitness({in: inp});
        const inp = getBits(q.shiftRight(bigInt.one), 254);
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(0)) );
        await circuit.assertOut(w, {sign: 0});
    });
    it("Sign of q/2+1", async () => {
        const inp = getBits(q.shr(bigInt.one).add(bigInt.one), 254);
        const w = circuit.calculateWitness({in: inp});
        const inp = getBits(q.shiftRight(bigInt.one).add(bigInt.one), 254);
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) );
        await circuit.assertOut(w, {sign: 1});
    });
    it("Sign of q-1", async () => {
        const inp = getBits(q.sub(bigInt.one), 254);
        const w = circuit.calculateWitness({in: inp});
        const inp = getBits(q.minus(bigInt.one), 254);
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) );
        await circuit.assertOut(w, {sign: 1});
    });
    it("Sign of q", async () => {
        const inp = getBits(q, 254);
        const w = circuit.calculateWitness({in: inp});
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) );
        await circuit.assertOut(w, {sign: 1});
    });
    it("Sign of all ones", async () => {
        const inp = getBits(bigInt(1).shl(254).sub(bigInt(1)), 254);
        const w = circuit.calculateWitness({in: inp});
        const inp = getBits(bigInt(1).shiftLeft(254).minus(bigInt(1)), 254);
        const w = await circuit.calculateWitness({in: inp});
        assert( w[circuit.getSignalIdx("main.sign")].equals(bigInt(1)) );
        await circuit.assertOut(w, {sign: 1});
    });
 });
--- a/test/smtjs.js
+++ b/test/smtjs.js
@ -1,12 +1,11 @@
 const chai = require("chai");
 const snarkjs = require("snarkjs");
 const bigInt = require("big-integer");
 const smt = require("../src/smt.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 function stringifyBigInts(o) {
    if ((typeof(o) == "bigint") || (o instanceof bigInt))  {
--- a/test/smtprocessor.js
+++ b/test/smtprocessor.js
@ -1,14 +1,12 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const smt = require("../src/smt.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 function print(circuit, w, s) {
    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
 }
@ -19,7 +17,7 @@ async function testInsert(tree, key, value, circuit, log ) {
    let siblings = res.siblings;
    while (siblings.length<10) siblings.push(bigInt(0));
    const w = circuit.calculateWitness({
    const w = await circuit.calculateWitness({
        fnc: [1,0],
        oldRoot: res.oldRoot,
        siblings: siblings,
@ -30,9 +28,11 @@ async function testInsert(tree, key, value, circuit, log ) {
        newValue: value
    }, log);
    const root1 = w[circuit.getSignalIdx("main.newRoot")];
    assert(circuit.checkWitness(w));
    assert(root1.equals(res.newRoot));
    // TODO
    // assert(circuit.checkWitness(w));
    await circuit.assertOut(w, {newRoot: res.newRoot});
 }
 async function testDelete(tree, key, circuit) {
@ -40,7 +40,7 @@ async function testDelete(tree, key, circuit) {
    let siblings = res.siblings;
    while (siblings.length<10) siblings.push(bigInt(0));
    const w = circuit.calculateWitness({
    const w = await circuit.calculateWitness({
        fnc: [1,1],
        oldRoot: res.oldRoot,
        siblings: siblings,
@ -51,10 +51,10 @@ async function testDelete(tree, key, circuit) {
        newValue: res.delValue
    });
    const root1 = w[circuit.getSignalIdx("main.newRoot")];
    // TODO
    // assert(circuit.checkWitness(w));
    assert(circuit.checkWitness(w));
    assert(root1.equals(res.newRoot));
    await circuit.assertOut(w, {newRoot: res.newRoot});
 }
 async function testUpdate(tree, key, newValue, circuit) {
@ -62,7 +62,7 @@ async function testUpdate(tree, key, newValue, circuit) {
    let siblings = res.siblings;
    while (siblings.length<10) siblings.push(bigInt(0));
    const w = circuit.calculateWitness({
    const w = await circuit.calculateWitness({
        fnc: [0,1],
        oldRoot: res.oldRoot,
        siblings: siblings,
@ -73,10 +73,10 @@ async function testUpdate(tree, key, newValue, circuit) {
        newValue: res.newValue
    });
    const root1 = w[circuit.getSignalIdx("main.newRoot")];
    // TODO
    // assert(circuit.checkWitness(w));
    assert(circuit.checkWitness(w));
    assert(root1.equals(res.newRoot));
    await circuit.assertOut(w, {newRoot: res.newRoot});
 }
@ -87,11 +87,8 @@ describe("SMT test", function () {
    this.timeout(10000000);
    before( async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "smtprocessor10_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains SMTProcessor: " + circuit.nConstraints);
        circuit = await tester(path.join(__dirname, "circuits", "smtprocessor10_test.circom"));
        await circuit.loadSymbols();
        tree = await smt.newMemEmptyTrie();
    });
@ -179,7 +176,7 @@ describe("SMT test", function () {
    it("Should match a NOp with random vals", async () => {
        let siblings = [];
        while (siblings.length<10) siblings.push(bigInt(88));
        const w = circuit.calculateWitness({
        const w = await circuit.calculateWitness({
            fnc: [0,0],
            oldRoot: 11,
            siblings: siblings,
@ -190,12 +187,13 @@ describe("SMT test", function () {
            newValue: 77
        });
        const root1 = w[circuit.getSignalIdx("main.oldRoot")];
        const root2 = w[circuit.getSignalIdx("main.newRoot")];
        const root1 = w[circuit.symbols["main.oldRoot"].idxWit];
        const root2 = w[circuit.symbols["main.newRoot"].idxWit];
        assert(circuit.checkWitness(w));
        assert(root1.equals(root2));
        // TODO
        // assert(circuit.checkWitness(w));
        assert(root1.equals(root2));
    });
    it("Should update an element", async () => {
        const tree1 = await smt.newMemEmptyTrie();
--- a/test/smtverifier.js
+++ b/test/smtverifier.js
@ -1,14 +1,12 @@
 const chai = require("chai");
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const bigInt = require("big-integer");
 const tester = require("circom").tester;
 const smt = require("../src/smt.js");
 const assert = chai.assert;
 const bigInt = snarkjs.bigInt;
 function print(circuit, w, s) {
    console.log(s + ": " + w[circuit.getSignalIdx(s)]);
 }
@ -21,7 +19,7 @@ async function testInclusion(tree, key, circuit) {
    let siblings = res.siblings;
    while (siblings.length<10) siblings.push(bigInt(0));
    const w = circuit.calculateWitness({
    const w = await circuit.calculateWitness({
        enabled: 1,
        fnc: 0,
        root: tree.root,
@ -33,7 +31,8 @@ async function testInclusion(tree, key, circuit) {
        value: res.foundValue
    });
    assert(circuit.checkWitness(w));
    // TODO
    // assert(circuit.checkWitness(w));
 }
 async function testExclusion(tree, key, circuit) {
@ -43,7 +42,7 @@ async function testExclusion(tree, key, circuit) {
    let siblings = res.siblings;
    while (siblings.length<10) siblings.push(bigInt(0));
    const w = circuit.calculateWitness({
    const w = await circuit.calculateWitness({
        enabled: 1,
        fnc: 1,
        root: tree.root,
@ -55,7 +54,8 @@ async function testExclusion(tree, key, circuit) {
        value: 0
    });
    assert(circuit.checkWitness(w));
    // TODO
    // assert(circuit.checkWitness(w));
 }
 describe("SMT test", function () {
@ -65,11 +65,7 @@ describe("SMT test", function () {
    this.timeout(100000);
    before( async () => {
        const cirDef = await compiler(path.join(__dirname, "circuits", "smtverifier10_test.circom"));
        circuit = new snarkjs.Circuit(cirDef);
        console.log("NConstrains SMTVerifier: " + circuit.nConstraints);
        circuit = await tester(path.join(__dirname, "circuits", "smtverifier10_test.circom"));
        tree = await smt.newMemEmptyTrie();
        await tree.insert(7,77);
@ -97,7 +93,7 @@ describe("SMT test", function () {
        let siblings = [];
        for (let i=0; i<10; i++) siblings.push(i);
        const w = circuit.calculateWitness({
        const w = await circuit.calculateWitness({
            enabled: 0,
            fnc: 0,
            root: 1,
@ -108,7 +104,9 @@ describe("SMT test", function () {
            key: 44,
            value: 0
        });
        assert(circuit.checkWitness(w));
        // TODO
        // assert(circuit.checkWitness(w));
    });
    it("Check inclussion Adria case", async () => {
--- a/test/smtverifier_adria.js
+++ b/test/smtverifier_adria.js
@ -1,98 +0,0 @@
 const path = require("path");
 const snarkjs = require("snarkjs");
 const compiler = require("circom");
 const fs = require("fs")
 const bigInt = snarkjs.bigInt;
 const smt = require("../src/smt.js");
 const circuitSource = `
 include "../circuits/smt/smtverifier.circom";
 template SMT(nLevels) {
  signal input root;
  signal input mtp[nLevels];
  signal input hi;
  signal input hv;
  component smtClaimExists = SMTVerifier(nLevels);
  smtClaimExists.enabled <== 1;
  smtClaimExists.fnc <== 0;
  smtClaimExists.root <== root;
  for (var i=0; i<nLevels; i++) {
      smtClaimExists.siblings[i] <==  mtp[i];
  }
  smtClaimExists.oldKey <== 0;
  smtClaimExists.oldValue <== 0;
  smtClaimExists.isOld0 <== 0;
  smtClaimExists.key <== hi;
  smtClaimExists.value <== hv;
 }
 component main = SMT(4);
 `;
 describe("smt3test", function () {
    this.timeout(200000);
    let circuitFileName;
    before( async () => {
        circuitFileName = path.join(__dirname, ".", "rawsmt3.circom");
        fs.writeFileSync(circuitFileName,circuitSource);
    });
    const levels = 4;
    async function testsmt3(e1, e2) {
        let tree = await smt.newMemEmptyTrie();
        // insert e1, e2
        await tree.insert(e1.hi, e1.hv);
        await tree.insert(e2.hi, e2.hv);
        // generate proof for e1
        const findInfo = await tree.find(e1.hi);
        const siblings = findInfo.siblings;
        while (siblings.length < levels) siblings.push(bigInt(0));
        const input = {
            root: tree.root,
            mtp: siblings,
            hi: e1.hi,
            hv: e1.hv,
        };
        const compiledCircuit = await compiler(
            circuitFileName,
            { reduceConstraints: false }
        );
        const circuit = new snarkjs.Circuit(compiledCircuit);
        const witness = circuit.calculateWitness(input);
        circuit.checkWitness(witness);
    }
    it("TestSmts", async () => {
        const e1 = {
            hi: bigInt("17124152697573569611556136390143205198134245887034837071647643529178599000839"),
            hv: bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"),
        };
        const e2ok = {
            hi: bigInt("16498254692537945203721083102154618658340563351558973077349594629411025251262"),
            hv: bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"),
        };
        const e2fail = {
            hi: bigInt("17195092312975762537892237130737365903429674363577646686847513978084990105579"),
            hv: bigInt("19650379996168153643111744440707177573540245771926102415571667548153444658179"),
        };
        console.log("test e1, e2ok");
        await testsmt3(e1, e2ok);
        console.log("test e1, e2fail");
        await testsmt3(e1, e2fail);
    });
 });