- `Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture`, Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza https://eprint.iacr.org/2013/879.pdf
Implementation of the zkSNARK [Pinocchio protocol](https://eprint.iacr.org/2013/279.pdf) from scratch in Go to understand the concepts. Do not use in production.
Fork UNDER CONSTRUCTION! Will ask for merge soon
This fork aims to extend its functionalities s.t. one can prove set-membership in zero knowledge.
Current implementation status:
- [x] Finite Fields (1, 2, 6, 12) operations
- [x] G1 and G2 curve operations
- [x] BN128 Pairing (to be replaced with less unsecure curve)
- [x] circuit code compiler
- [ ] code to flat code (improve circuit compiler) (in progress)
- [x] flat code compiler
- [x] circuit to R1CS with gate reduction optimisation
- [x] polynomial operations
- [x] R1CS to QAP
- [x] generate trusted setup
- [x] generate proofs
- [x] verify proofs with BN128 pairing
- [x] extended circuit code compiler
- [x] move witness calculation outside the setup phase
Having the `compiledcircuit.json`, now we can generate the `TrustedSetup`:
```
> ./go-snark-cli trustedsetup
```
This will create the file `trustedsetup.json` with the TrustedSetup data, and also a `toxic.json` file, with the parameters to delete from the `Trusted Setup`.
#### Generate Proofs
Assumming that we have the `compiledcircuit.json`, `trustedsetup.json`, `privateInputs.json` and the `publicInputs.json` we can now generate the `Proofs` with the following command:
```
> ./go-snark-cli genproofs
```
This will store the file `proofs.json`, that contains all the SNARK proofs.
#### Verify Proofs
Having the `proofs.json`, `compiledcircuit.json`, `trustedsetup.json``publicInputs.json` files, we can now verify the `Pairings` of the proofs, in order to verify the proofs.
```
> ./go-snark-cli verify
```
This will return a `true` if the proofs are verified, or a `false` if the proofs are not verified.
- [x] fixed hard bugs
### Library usage
Warning: not finished.
Example:
Working example of gate-reduction and code parsing:
Thanks to [@jbaylina](https://github.com/jbaylina), [@bellesmarta](https://github.com/bellesmarta), [@adriamb](https://github.com/adriamb) for their explanations that helped to understand this a little bit. Also thanks to [@vbuterin](https://github.com/vbuterin) for all the published articles explaining the zkSNARKs.
Note that we only need 11 multiplication Gates instead of 16