arnaucube
/
slides
mirror of https://github.com/arnaucube/slides.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
2.7 MiB
Tree: df47c73acd
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'df47c73acd'
${ noResults }
slides/src/zksnarks-from-scratch-a-tec.../demo/main.go

109 lines
2.7 KiB
Raw Normal View History

first commit, add slides: zksnarks, shamirsecretsharing, rsa
4 years ago
  1. package main
  3. import (
  4. "encoding/json"
  5. "fmt"
  6. "math/big"
  7. "strings"
  8. "time"
  10. "github.com/arnaucube/go-snark"
  11. "github.com/arnaucube/go-snark/circuitcompiler"
  12. )
  14. func main() {
  15. // circuit function
  16. // y = x^5 + 2*x + 6
  17. code := `
  18. func exp5(private a):
  19. b = a * a
  20. c = a * b
  21. d = a * c
  22. e = a * d
  23. return e
  25. func main(private s0, public s1):
  26. s2 = exp5(s0)
  27. s3 = s0 * 2
  28. s4 = s3 + s2
  29. s5 = s4 + 6
  30. equals(s1, s5)
  31. out = 1 * 1
  32. `
  33. fmt.Print("\ncode of the circuit:")
  34. fmt.Println(code)
  36. // parse the code
  37. parser := circuitcompiler.NewParser(strings.NewReader(code))
  38. circuit, err := parser.Parse()
  39. if err != nil {
  40. panic(err)
  41. }
  42. fmt.Println("\ncircuit data:", circuit)
  43. circuitJson, _ := json.Marshal(circuit)
  44. fmt.Println("circuit:", string(circuitJson))
  46. b8 := big.NewInt(int64(8))
  47. privateInputs := []*big.Int{b8}
  48. b32790 := big.NewInt(int64(32790))
  49. publicSignals := []*big.Int{b32790}
  51. // wittness
  52. w, err := circuit.CalculateWitness(privateInputs, publicSignals)
  53. if err != nil {
  54. panic(err)
  55. }
  57. // code to R1CS
  58. fmt.Println("\ngenerating R1CS from code")
  59. a, b, c := circuit.GenerateR1CS()
  60. fmt.Println("\nR1CS:")
  61. fmt.Println("a:", a)
  62. fmt.Println("b:", b)
  63. fmt.Println("c:", c)
  65. // R1CS to QAP
  66. // TODO zxQAP is not used and is an old impl, TODO remove
  67. alphas, betas, gammas, _ := snark.Utils.PF.R1CSToQAP(a, b, c)
  68. fmt.Println("qap")
  69. fmt.Println(alphas)
  70. fmt.Println(betas)
  71. fmt.Println(gammas)
  73. _, _, _, px := snark.Utils.PF.CombinePolynomials(w, alphas, betas, gammas)
  75. // calculate trusted setup
  76. setup, err := snark.GenerateTrustedSetup(len(w), *circuit, alphas, betas, gammas)
  77. if err != nil {
  78. panic(err)
  79. }
  80. fmt.Println("\nt:", setup.Toxic.T)
  82. // zx and setup.Pk.Z should be the same (currently not, the correct one is the calculation used inside GenerateTrustedSetup function), the calculation is repeated. TODO avoid repeating calculation
  84. proof, err := snark.GenerateProofs(*circuit, setup.Pk, w, px)
  85. if err != nil {
  86. panic(err)
  87. }
  89. fmt.Println("\n proofs:")
  90. fmt.Println(proof)
  92. // fmt.Println("public signals:", proof.PublicSignals)
  93. fmt.Println("\nsignals:", circuit.Signals)
  94. fmt.Println("witness:", w)
  95. b32790Verif := big.NewInt(int64(32790))
  96. publicSignalsVerif := []*big.Int{b32790Verif}
  97. before := time.Now()
  98. if !snark.VerifyProof(setup.Vk, proof, publicSignalsVerif, true) {
  99. fmt.Println("Verification not passed")
  100. }
  101. fmt.Println("verify proof time elapsed:", time.Since(before))
  103. // check that with another public input the verification returns false
  104. bOtherWrongPublic := big.NewInt(int64(34))
  105. wrongPublicSignalsVerif := []*big.Int{bOtherWrongPublic}
  106. if snark.VerifyProof(setup.Vk, proof, wrongPublicSignalsVerif, true) {
  107. fmt.Println("Verification should not have passed")
  108. }
  109. }