You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

601 lines
13 KiB

  1. package parsers
  2. import (
  3. "bufio"
  4. "bytes"
  5. "encoding/hex"
  6. "encoding/json"
  7. "fmt"
  8. "io"
  9. "math/big"
  10. "os"
  11. "strconv"
  12. "strings"
  13. bn256 "github.com/ethereum/go-ethereum/crypto/bn256/cloudflare"
  14. "github.com/iden3/go-circom-prover-verifier/types"
  15. )
  16. // PkString is the equivalent to the Pk struct in string representation, containing the ProvingKey
  17. type PkString struct {
  18. A [][]string `json:"A"`
  19. B2 [][][]string `json:"B2"`
  20. B1 [][]string `json:"B1"`
  21. C [][]string `json:"C"`
  22. NVars int `json:"nVars"`
  23. NPublic int `json:"nPublic"`
  24. VkAlpha1 []string `json:"vk_alfa_1"`
  25. VkDelta1 []string `json:"vk_delta_1"`
  26. VkBeta1 []string `json:"vk_beta_1"`
  27. VkBeta2 [][]string `json:"vk_beta_2"`
  28. VkDelta2 [][]string `json:"vk_delta_2"`
  29. HExps [][]string `json:"hExps"`
  30. DomainSize int `json:"domainSize"`
  31. PolsA []map[string]string `json:"polsA"`
  32. PolsB []map[string]string `json:"polsB"`
  33. PolsC []map[string]string `json:"polsC"`
  34. }
  35. // WitnessString contains the Witness in string representation
  36. type WitnessString []string
  37. // ProofString is the equivalent to the Proof struct in string representation
  38. type ProofString struct {
  39. A []string `json:"pi_a"`
  40. B [][]string `json:"pi_b"`
  41. C []string `json:"pi_c"`
  42. Protocol string `json:"protocol"`
  43. }
  44. // VkString is the Verification Key data structure in string format (from json)
  45. type VkString struct {
  46. Alpha []string `json:"vk_alfa_1"`
  47. Beta [][]string `json:"vk_beta_2"`
  48. Gamma [][]string `json:"vk_gamma_2"`
  49. Delta [][]string `json:"vk_delta_2"`
  50. IC [][]string `json:"IC"`
  51. }
  52. // ParseWitness parses the json []byte data into the Witness struct
  53. func ParseWitness(wJson []byte) (types.Witness, error) {
  54. var ws WitnessString
  55. err := json.Unmarshal(wJson, &ws)
  56. if err != nil {
  57. return nil, err
  58. }
  59. var w types.Witness
  60. for i := 0; i < len(ws); i++ {
  61. bi, err := stringToBigInt(ws[i])
  62. if err != nil {
  63. return nil, err
  64. }
  65. w = append(w, bi)
  66. }
  67. return w, nil
  68. }
  69. // ParsePk parses the json []byte data into the Pk struct
  70. func ParsePk(pkJson []byte) (*types.Pk, error) {
  71. var pkStr PkString
  72. err := json.Unmarshal(pkJson, &pkStr)
  73. if err != nil {
  74. return nil, err
  75. }
  76. pk, err := pkStringToPk(pkStr)
  77. return pk, err
  78. }
  79. func pkStringToPk(ps PkString) (*types.Pk, error) {
  80. var p types.Pk
  81. var err error
  82. p.A, err = arrayStringToG1(ps.A)
  83. if err != nil {
  84. return nil, err
  85. }
  86. p.B2, err = arrayStringToG2(ps.B2)
  87. if err != nil {
  88. return nil, err
  89. }
  90. p.B1, err = arrayStringToG1(ps.B1)
  91. if err != nil {
  92. return nil, err
  93. }
  94. p.C, err = arrayStringToG1(ps.C)
  95. if err != nil {
  96. return nil, err
  97. }
  98. p.NVars = ps.NVars
  99. p.NPublic = ps.NPublic
  100. p.VkAlpha1, err = stringToG1(ps.VkAlpha1)
  101. if err != nil {
  102. return nil, err
  103. }
  104. p.VkDelta1, err = stringToG1(ps.VkDelta1)
  105. if err != nil {
  106. return nil, err
  107. }
  108. p.VkBeta1, err = stringToG1(ps.VkBeta1)
  109. if err != nil {
  110. return nil, err
  111. }
  112. p.VkBeta2, err = stringToG2(ps.VkBeta2)
  113. if err != nil {
  114. return nil, err
  115. }
  116. p.VkDelta2, err = stringToG2(ps.VkDelta2)
  117. if err != nil {
  118. return nil, err
  119. }
  120. p.HExps, err = arrayStringToG1(ps.HExps)
  121. if err != nil {
  122. return nil, err
  123. }
  124. p.DomainSize = ps.DomainSize
  125. p.PolsA, err = polsStringToBigInt(ps.PolsA)
  126. if err != nil {
  127. return nil, err
  128. }
  129. p.PolsB, err = polsStringToBigInt(ps.PolsB)
  130. if err != nil {
  131. return nil, err
  132. }
  133. p.PolsC, err = polsStringToBigInt(ps.PolsC)
  134. if err != nil {
  135. return nil, err
  136. }
  137. return &p, nil
  138. }
  139. func proofStringToProof(pr ProofString) (*types.Proof, error) {
  140. var p types.Proof
  141. var err error
  142. p.A, err = stringToG1(pr.A)
  143. if err != nil {
  144. return nil, err
  145. }
  146. p.B, err = stringToG2(pr.B)
  147. if err != nil {
  148. return nil, err
  149. }
  150. p.C, err = stringToG1(pr.C)
  151. if err != nil {
  152. return nil, err
  153. }
  154. return &p, nil
  155. }
  156. // ParseProof takes a json []byte and outputs the *Proof struct
  157. func ParseProof(pj []byte) (*types.Proof, error) {
  158. var pr ProofString
  159. err := json.Unmarshal(pj, &pr)
  160. if err != nil {
  161. return nil, err
  162. }
  163. p, err := proofStringToProof(pr)
  164. return p, err
  165. }
  166. // ParsePublicSignals takes a json []byte and outputs the []*big.Int struct
  167. func ParsePublicSignals(pj []byte) ([]*big.Int, error) {
  168. var pr []string
  169. err := json.Unmarshal(pj, &pr)
  170. if err != nil {
  171. return nil, err
  172. }
  173. var public []*big.Int
  174. for _, s := range pr {
  175. sb, err := stringToBigInt(s)
  176. if err != nil {
  177. return nil, err
  178. }
  179. public = append(public, sb)
  180. }
  181. return public, nil
  182. }
  183. // ParseVk takes a json []byte and outputs the *Vk struct
  184. func ParseVk(vj []byte) (*types.Vk, error) {
  185. var vr VkString
  186. err := json.Unmarshal(vj, &vr)
  187. if err != nil {
  188. return nil, err
  189. }
  190. v, err := vkStringToVk(vr)
  191. return v, err
  192. }
  193. func vkStringToVk(vr VkString) (*types.Vk, error) {
  194. var v types.Vk
  195. var err error
  196. v.Alpha, err = stringToG1(vr.Alpha)
  197. if err != nil {
  198. return nil, err
  199. }
  200. v.Beta, err = stringToG2(vr.Beta)
  201. if err != nil {
  202. return nil, err
  203. }
  204. v.Gamma, err = stringToG2(vr.Gamma)
  205. if err != nil {
  206. return nil, err
  207. }
  208. v.Delta, err = stringToG2(vr.Delta)
  209. if err != nil {
  210. return nil, err
  211. }
  212. for i := 0; i < len(vr.IC); i++ {
  213. p, err := stringToG1(vr.IC[i])
  214. if err != nil {
  215. return nil, err
  216. }
  217. v.IC = append(v.IC, p)
  218. }
  219. return &v, nil
  220. }
  221. // polsStringToBigInt is for taking string polynomials and converting it to *big.Int polynomials
  222. func polsStringToBigInt(s []map[string]string) ([]map[int]*big.Int, error) {
  223. var o []map[int]*big.Int
  224. for i := 0; i < len(s); i++ {
  225. // var oi map[int]*big.Int
  226. oi := make(map[int]*big.Int)
  227. for j, v := range s[i] {
  228. si, err := stringToBigInt(v)
  229. if err != nil {
  230. return o, err
  231. }
  232. // oi = append(oi, si)
  233. jInt, err := strconv.Atoi(j)
  234. if err != nil {
  235. return o, err
  236. }
  237. oi[jInt] = si
  238. }
  239. o = append(o, oi)
  240. }
  241. return o, nil
  242. }
  243. // ArrayBigIntToString converts an []*big.Int into []string, used to output the Public Signals
  244. func ArrayBigIntToString(bi []*big.Int) []string {
  245. var s []string
  246. for i := 0; i < len(bi); i++ {
  247. s = append(s, bi[i].String())
  248. }
  249. return s
  250. }
  251. func arrayStringToBigInt(s []string) ([]*big.Int, error) {
  252. var o []*big.Int
  253. for i := 0; i < len(s); i++ {
  254. si, err := stringToBigInt(s[i])
  255. if err != nil {
  256. return o, nil
  257. }
  258. o = append(o, si)
  259. }
  260. return o, nil
  261. }
  262. func stringToBigInt(s string) (*big.Int, error) {
  263. base := 10
  264. if bytes.HasPrefix([]byte(s), []byte("0x")) {
  265. base = 16
  266. s = strings.TrimPrefix(s, "0x")
  267. }
  268. n, ok := new(big.Int).SetString(s, base)
  269. if !ok {
  270. return nil, fmt.Errorf("Can not parse string to *big.Int: %s", s)
  271. }
  272. return n, nil
  273. }
  274. func addZPadding(b []byte) []byte {
  275. var z [32]byte
  276. var r []byte
  277. r = append(r, z[len(b):]...) // add padding on the left
  278. r = append(r, b...)
  279. return r[:32]
  280. }
  281. func stringToBytes(s string) ([]byte, error) {
  282. if s == "1" {
  283. s = "0"
  284. }
  285. bi, ok := new(big.Int).SetString(s, 10)
  286. if !ok {
  287. return nil, fmt.Errorf("error parsing bigint stringToBytes")
  288. }
  289. b := bi.Bytes()
  290. if len(b) != 32 {
  291. b = addZPadding(b)
  292. }
  293. return b, nil
  294. }
  295. func arrayStringToG1(h [][]string) ([]*bn256.G1, error) {
  296. var o []*bn256.G1
  297. for i := 0; i < len(h); i++ {
  298. hi, err := stringToG1(h[i])
  299. if err != nil {
  300. return o, err
  301. }
  302. o = append(o, hi)
  303. }
  304. return o, nil
  305. }
  306. func arrayStringToG2(h [][][]string) ([]*bn256.G2, error) {
  307. var o []*bn256.G2
  308. for i := 0; i < len(h); i++ {
  309. hi, err := stringToG2(h[i])
  310. if err != nil {
  311. return o, err
  312. }
  313. o = append(o, hi)
  314. }
  315. return o, nil
  316. }
  317. func stringToG1(h []string) (*bn256.G1, error) {
  318. if len(h) <= 2 {
  319. return nil, fmt.Errorf("not enought data for stringToG1")
  320. }
  321. h = h[:2]
  322. hexa := false
  323. if len(h[0]) > 1 {
  324. if "0x" == h[0][:2] {
  325. hexa = true
  326. }
  327. }
  328. in := ""
  329. var b []byte
  330. var err error
  331. if hexa {
  332. for i := range h {
  333. in += strings.TrimPrefix(h[i], "0x")
  334. }
  335. b, err = hex.DecodeString(in)
  336. if err != nil {
  337. return nil, err
  338. }
  339. } else {
  340. // TODO TMP
  341. // TODO use stringToBytes()
  342. if h[0] == "1" {
  343. h[0] = "0"
  344. }
  345. if h[1] == "1" {
  346. h[1] = "0"
  347. }
  348. bi0, ok := new(big.Int).SetString(h[0], 10)
  349. if !ok {
  350. return nil, fmt.Errorf("error parsing stringToG1")
  351. }
  352. bi1, ok := new(big.Int).SetString(h[1], 10)
  353. if !ok {
  354. return nil, fmt.Errorf("error parsing stringToG1")
  355. }
  356. b0 := bi0.Bytes()
  357. b1 := bi1.Bytes()
  358. if len(b0) != 32 {
  359. b0 = addZPadding(b0)
  360. }
  361. if len(b1) != 32 {
  362. b1 = addZPadding(b1)
  363. }
  364. b = append(b, b0...)
  365. b = append(b, b1...)
  366. }
  367. p := new(bn256.G1)
  368. _, err = p.Unmarshal(b)
  369. return p, err
  370. }
  371. func stringToG2(h [][]string) (*bn256.G2, error) {
  372. if len(h) <= 2 {
  373. return nil, fmt.Errorf("not enought data for stringToG2")
  374. }
  375. h = h[:2]
  376. hexa := false
  377. if len(h[0][0]) > 1 {
  378. if "0x" == h[0][0][:2] {
  379. hexa = true
  380. }
  381. }
  382. in := ""
  383. var b []byte
  384. var err error
  385. if hexa {
  386. for i := 0; i < len(h); i++ {
  387. for j := 0; j < len(h[i]); j++ {
  388. in += strings.TrimPrefix(h[i][j], "0x")
  389. }
  390. }
  391. b, err = hex.DecodeString(in)
  392. if err != nil {
  393. return nil, err
  394. }
  395. } else {
  396. // TODO TMP
  397. bH, err := stringToBytes(h[0][1])
  398. if err != nil {
  399. return nil, err
  400. }
  401. b = append(b, bH...)
  402. bH, err = stringToBytes(h[0][0])
  403. if err != nil {
  404. return nil, err
  405. }
  406. b = append(b, bH...)
  407. bH, err = stringToBytes(h[1][1])
  408. if err != nil {
  409. return nil, err
  410. }
  411. b = append(b, bH...)
  412. bH, err = stringToBytes(h[1][0])
  413. if err != nil {
  414. return nil, err
  415. }
  416. b = append(b, bH...)
  417. }
  418. p := new(bn256.G2)
  419. _, err = p.Unmarshal(b)
  420. return p, err
  421. }
  422. // ProofStringToSmartContractFormat converts the ProofString to a ProofString in the SmartContract format in a ProofString structure
  423. func ProofStringToSmartContractFormat(s ProofString) ProofString {
  424. var rs ProofString
  425. rs.A = make([]string, 2)
  426. rs.B = make([][]string, 2)
  427. rs.B[0] = make([]string, 2)
  428. rs.B[1] = make([]string, 2)
  429. rs.C = make([]string, 2)
  430. rs.A[0] = s.A[0]
  431. rs.A[1] = s.A[1]
  432. rs.B[0][0] = s.B[0][1]
  433. rs.B[0][1] = s.B[0][0]
  434. rs.B[1][0] = s.B[1][1]
  435. rs.B[1][1] = s.B[1][0]
  436. rs.C[0] = s.C[0]
  437. rs.C[1] = s.C[1]
  438. rs.Protocol = s.Protocol
  439. return rs
  440. }
  441. // ProofToSmartContractFormat converts the *types.Proof to a ProofString in the SmartContract format in a ProofString structure
  442. func ProofToSmartContractFormat(p *types.Proof) ProofString {
  443. s := ProofToString(p)
  444. return ProofStringToSmartContractFormat(s)
  445. }
  446. // ProofToString converts the Proof to ProofString
  447. func ProofToString(p *types.Proof) ProofString {
  448. var ps ProofString
  449. ps.A = make([]string, 3)
  450. ps.B = make([][]string, 3)
  451. ps.B[0] = make([]string, 2)
  452. ps.B[1] = make([]string, 2)
  453. ps.B[2] = make([]string, 2)
  454. ps.C = make([]string, 3)
  455. a := p.A.Marshal()
  456. ps.A[0] = new(big.Int).SetBytes(a[:32]).String()
  457. ps.A[1] = new(big.Int).SetBytes(a[32:64]).String()
  458. ps.A[2] = "1"
  459. b := p.B.Marshal()
  460. ps.B[0][1] = new(big.Int).SetBytes(b[:32]).String()
  461. ps.B[0][0] = new(big.Int).SetBytes(b[32:64]).String()
  462. ps.B[1][1] = new(big.Int).SetBytes(b[64:96]).String()
  463. ps.B[1][0] = new(big.Int).SetBytes(b[96:128]).String()
  464. ps.B[2][0] = "1"
  465. ps.B[2][1] = "0"
  466. c := p.C.Marshal()
  467. ps.C[0] = new(big.Int).SetBytes(c[:32]).String()
  468. ps.C[1] = new(big.Int).SetBytes(c[32:64]).String()
  469. ps.C[2] = "1"
  470. ps.Protocol = "groth"
  471. return ps
  472. }
  473. // ProofToJson outputs the Proof i Json format
  474. func ProofToJson(p *types.Proof) ([]byte, error) {
  475. ps := ProofToString(p)
  476. return json.Marshal(ps)
  477. }
  478. // ProofToHex converts the Proof to ProofString with hexadecimal strings
  479. func ProofToHex(p *types.Proof) ProofString {
  480. var ps ProofString
  481. ps.A = make([]string, 3)
  482. ps.B = make([][]string, 3)
  483. ps.B[0] = make([]string, 2)
  484. ps.B[1] = make([]string, 2)
  485. ps.B[2] = make([]string, 2)
  486. ps.C = make([]string, 3)
  487. a := p.A.Marshal()
  488. ps.A[0] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(a[:32]).Bytes())
  489. ps.A[1] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(a[32:64]).Bytes())
  490. ps.A[2] = "1"
  491. b := p.B.Marshal()
  492. ps.B[0][1] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(b[:32]).Bytes())
  493. ps.B[0][0] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(b[32:64]).Bytes())
  494. ps.B[1][1] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(b[64:96]).Bytes())
  495. ps.B[1][0] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(b[96:128]).Bytes())
  496. ps.B[2][0] = "1"
  497. ps.B[2][1] = "0"
  498. c := p.C.Marshal()
  499. ps.C[0] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(c[:32]).Bytes())
  500. ps.C[1] = "0x" + hex.EncodeToString(new(big.Int).SetBytes(c[32:64]).Bytes())
  501. ps.C[2] = "1"
  502. ps.Protocol = "groth"
  503. return ps
  504. }
  505. // ProofToJsonHex outputs the Proof i Json format with hexadecimal strings
  506. func ProofToJsonHex(p *types.Proof) ([]byte, error) {
  507. ps := ProofToHex(p)
  508. return json.Marshal(ps)
  509. }
  510. // ParseWitnessBin parses binary file representation of the Witness into the Witness struct
  511. func ParseWitnessBin(f *os.File) (types.Witness, error) {
  512. var w types.Witness
  513. r := bufio.NewReader(f)
  514. for {
  515. b := make([]byte, 32)
  516. n, err := r.Read(b)
  517. if err == io.EOF {
  518. return w, nil
  519. } else if err != nil {
  520. return nil, err
  521. }
  522. if n != 32 {
  523. return nil, fmt.Errorf("error on value format, expected 32 bytes, got %v", n)
  524. }
  525. w = append(w, new(big.Int).SetBytes(swapEndianness(b[0:32])))
  526. }
  527. }
  528. // swapEndianness swaps the order of the bytes in the slice.
  529. func swapEndianness(b []byte) []byte {
  530. o := make([]byte, len(b))
  531. for i := range b {
  532. o[len(b)-1-i] = b[i]
  533. }
  534. return o
  535. }