You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

39 lines
1005 B

  1. package verifier
  2. import (
  3. "fmt"
  4. "math/big"
  5. "github.com/ethereum/go-ethereum/crypto/bn256"
  6. "github.com/iden3/go-circom-prover-verifier/prover"
  7. "github.com/iden3/go-circom-prover-verifier/types"
  8. )
  9. // Vk is the Verification Key data structure
  10. type Vk struct {
  11. Alpha *bn256.G1
  12. Beta *bn256.G2
  13. Gamma *bn256.G2
  14. Delta *bn256.G2
  15. IC []*bn256.G1
  16. }
  17. func Verify(vk *types.Vk, proof *types.Proof, inputs []*big.Int) bool {
  18. if len(inputs)+1 != len(vk.IC) {
  19. fmt.Println("len(inputs)+1 != len(vk.IC)")
  20. return false
  21. }
  22. vkX := new(bn256.G1).ScalarBaseMult(big.NewInt(0))
  23. for i := 0; i < len(inputs); i++ {
  24. // check input inside field
  25. if inputs[0].Cmp(prover.R) != -1 {
  26. return false
  27. }
  28. vkX = new(bn256.G1).Add(vkX, new(bn256.G1).ScalarMult(vk.IC[i+1], inputs[i]))
  29. }
  30. vkX = new(bn256.G1).Add(vkX, vk.IC[0])
  31. g1 := []*bn256.G1{proof.A, vk.Alpha.Neg(vk.Alpha), vkX.Neg(vkX), proof.C.Neg(proof.C)}
  32. g2 := []*bn256.G2{proof.B, vk.Beta, vk.Gamma, vk.Delta}
  33. return bn256.PairingCheck(g1, g2)
  34. }