Browse Source

Optimize Lagrange calculation and recalculate H powers length

master
Jordi Baylina 6 years ago
parent
commit
6068572655
No known key found for this signature in database GPG Key ID: 7480C80C1BE43112
5 changed files with 68 additions and 9 deletions
  1. +1
    -1
      package.json
  2. +1
    -1
      src/prover.js
  3. +64
    -5
      src/setup.js
  4. +1
    -1
      vk_proof.json
  5. +1
    -1
      vk_verifier.json

+ 1
- 1
package.json

@ -1,6 +1,6 @@
{ {
"name": "zksnark", "name": "zksnark",
"version": "0.0.4",
"version": "0.0.5",
"description": "zkSnark implementation in javascript", "description": "zkSnark implementation in javascript",
"main": "index.js", "main": "index.js",
"scripts": { "scripts": {

+ 1
- 1
src/prover.js

@ -95,7 +95,7 @@ module.exports = function genProof(vk_proof, witness) {
const h = PolF.div(polFull, vk_proof.polZ ); const h = PolF.div(polFull, vk_proof.polZ );
console.log(h.length + "/" + vk_proof.hExps.length);
// console.log(h.length + "/" + vk_proof.hExps.length);
for (let i = 0; i < h.length; i++) { for (let i = 0; i < h.length; i++) {
proof.pi_h = G1.add( proof.pi_h, G1.mulScalar( vk_proof.hExps[i], h[i])); proof.pi_h = G1.add( proof.pi_h, G1.mulScalar( vk_proof.hExps[i], h[i]));

+ 64
- 5
src/setup.js

@ -54,6 +54,7 @@ module.exports = function setup(circuit) {
function calculatePolynomials(setup, circuit) { function calculatePolynomials(setup, circuit) {
// Calculate the points that must cross each polynomial // Calculate the points that must cross each polynomial
/*
setup.toxic.aExtra = []; setup.toxic.aExtra = [];
setup.toxic.bExtra = []; setup.toxic.bExtra = [];
setup.toxic.cExtra = []; setup.toxic.cExtra = [];
@ -74,8 +75,8 @@ function calculatePolynomials(setup, circuit) {
setup.toxic.bExtra[s] = F.random(); setup.toxic.bExtra[s] = F.random();
setup.toxic.cExtra[s] = F.random(); setup.toxic.cExtra[s] = F.random();
aPoints[s].push([[bigInt(circuit.nConstraints), F.one], [setup.toxic.aExtra[s], F.one]]); aPoints[s].push([[bigInt(circuit.nConstraints), F.one], [setup.toxic.aExtra[s], F.one]]);
bPoints[s].push([[bigInt(circuit.nConstraints), F.one], [setup.toxic.aExtra[s], F.one]]);
cPoints[s].push([[bigInt(circuit.nConstraints), F.one], [setup.toxic.aExtra[s], F.one]]);
bPoints[s].push([[bigInt(circuit.nConstraints), F.one], [setup.toxic.bExtra[s], F.one]]);
cPoints[s].push([[bigInt(circuit.nConstraints), F.one], [setup.toxic.cExtra[s], F.one]]);
} }
// Calculate the polynomials using Lagrange // Calculate the polynomials using Lagrange
@ -93,6 +94,64 @@ function calculatePolynomials(setup, circuit) {
setup.vk_proof.polsC.push( unrat(pC) ); setup.vk_proof.polsC.push( unrat(pC) );
} }
*/
setup.toxic.aExtra = [];
setup.toxic.bExtra = [];
setup.toxic.cExtra = [];
let allZerosPol = [bigInt(1)];
for (let c=0; c<=circuit.nConstraints; c++) {
allZerosPol = PolF.mul(allZerosPol, [F.neg(bigInt(c)), F.one]);
}
setup.vk_proof.polsA = [];
setup.vk_proof.polsB = [];
setup.vk_proof.polsC = [];
for (let s = 0; s<circuit.nVars; s++) {
setup.vk_proof.polsA.push([]);
setup.vk_proof.polsB.push([]);
setup.vk_proof.polsC.push([]);
}
for (let c=0; c<circuit.nConstraints; c++) {
const mpol = PolF.ruffini(allZerosPol, bigInt(c));
const normalizer = PolF.F.inverse(PolF.eval(mpol, bigInt(c)));
for (let s = 0; s<circuit.nVars; s++) {
const factorA = PolF.F.mul(normalizer, circuit.a(c, s));
const spolA = PolF.mulScalar(mpol, factorA);
setup.vk_proof.polsA[s] = PolF.add(setup.vk_proof.polsA[s], spolA);
const factorB = PolF.F.mul(normalizer, circuit.b(c, s));
const spolB = PolF.mulScalar(mpol, factorB);
setup.vk_proof.polsB[s] = PolF.add(setup.vk_proof.polsB[s], spolB);
const factorC = PolF.F.mul(normalizer, circuit.c(c, s));
const spolC = PolF.mulScalar(mpol, factorC);
setup.vk_proof.polsC[s] = PolF.add(setup.vk_proof.polsC[s], spolC);
}
}
const mpol = PolF.ruffini(allZerosPol, bigInt(circuit.nConstraints));
const normalizer = PolF.F.inverse(PolF.eval(mpol, bigInt(circuit.nConstraints)));
for (let s = 0; s<circuit.nVars; s++) {
setup.toxic.aExtra[s] = F.random();
const factorA = PolF.F.mul(normalizer, setup.toxic.aExtra[s]);
const spolA = PolF.mulScalar(mpol, factorA);
setup.vk_proof.polsA[s] = PolF.add(setup.vk_proof.polsA[s], spolA);
setup.toxic.bExtra[s] = F.random();
const factorB = PolF.F.mul(normalizer, setup.toxic.bExtra[s]);
const spolB = PolF.mulScalar(mpol, factorB);
setup.vk_proof.polsB[s] = PolF.add(setup.vk_proof.polsB[s], spolB);
setup.toxic.cExtra[s] = F.random();
const factorC = PolF.F.mul(normalizer, setup.toxic.cExtra[s]);
const spolC = PolF.mulScalar(mpol, factorC);
setup.vk_proof.polsC[s] = PolF.add(setup.vk_proof.polsC[s], spolC);
}
// Calculate Z polynomial // Calculate Z polynomial
// Z = 1 // Z = 1
@ -193,7 +252,7 @@ function calculateHexps(setup, circuit) {
maxC = Math.max(maxC, setup.vk_proof.polsC[s].length); maxC = Math.max(maxC, setup.vk_proof.polsC[s].length);
} }
let maxFull = Math.max(maxA * maxB - 1, maxC);
let maxFull = Math.max(maxA + maxB - 1, maxC);
const maxH = maxFull - setup.vk_proof.polZ.length + 1; const maxH = maxFull - setup.vk_proof.polZ.length + 1;
@ -205,7 +264,7 @@ function calculateHexps(setup, circuit) {
eT = F.mul(eT, setup.toxic.t); eT = F.mul(eT, setup.toxic.t);
} }
} }
/*
function unrat(p) { function unrat(p) {
const res = new Array(p.length); const res = new Array(p.length);
for (let i=0; i<p.length; i++) { for (let i=0; i<p.length; i++) {
@ -213,4 +272,4 @@ function unrat(p) {
} }
return res; return res;
} }
*/

+ 1
- 1
vk_proof.json
File diff suppressed because it is too large
View File


+ 1
- 1
vk_verifier.json

@ -1 +1 @@
{"nPublic":2,"A":[["7559813907775723910670319421928739634379937035892657657562479304265059086780","970960312695840147348504079795243376479803119482361867814374144094546957508","1"],["6973738609394859571398416156724493442033611890199277059249583291969417717849","3566359670559241499529101146674872093352640304889544678479415554439250149453","1"],["917696927483309689117074878224833164515430647966986490907621758137336830083","9785459660648352808157967203734173436836921183818082159560695948453336354107","1"]],"vk_a":[["14173322464222160748867825178553686053742177877199697197001753437846780322574","20929520998793141284734486851428954593918465263669466084818841775936957034700"],["12459132747044835077513637640609148094697658877114211454408567071334700110100","16497576268193395686080258584782429839073278395044680422229545733004220296143"],["1","0"]],"vk_b":["5054885722739272954661509195093773675818509566706746284511706586413060821448","9774934244703224067043544536075788704669138609703398536138463247802074148524","1"],"vk_c":[["21263505884594647802386794908896323519340619724437148822939927895407972021389","7354903322601286413990407706248837003750855485687253449610737919361487248296"],["14355381479112554907026745395820596069065373225865392322686666867582915335036","12762193123590326915235274102717931734657214301290947368796282990655826008450"],["1","0"]],"vk_gb_1":["8625647618648544361404193953333806597571991012817697513442939891453840508913","15330443152542054691454091701138661594215090976943419833484524346078268723484","1"],"vk_gb_2":[["12099899901013584654324512573082695366371599717431790594016098502204090222111","12535588892984112335163393703775266665605315636122229419358636994263960191261"],["15509629249244637815294561938176289971187499438084139112275639204023705550096","12197041279414775684771566991909284859152386473146541423102298811918761766203"],["1","0"]],"vk_g":[["13260250285752060017351578376881818620651573656520442907886598252210817074973","20954865159283819473112404503935266627608151337368912124833828220647750820493"],["4187445456319188311291966543590362043291114872169107461963560060304097806675","6444096450444458337845188957170338911350159715030565564473115266155745351252"],["1","0"]],"vk_z":[["10641310987945237968514444777640652268453932722894250096723040386697198963159","12428630308125323684574621578475712350731714696274595115927889300003835126922"],["11267801154937225428272884612886816176035757554631982377376923514790062493058","18302653587396410799110456472651661669828795411757501774008089457234683583568"],["1","0"]]}
{"nPublic":2,"A":[["8869480890407400540469055963359590507987597393199097673027091987650264364061","5571907540423363476841022818006679599665853137083440200184777102165277098817","1"],["6633468076564780863514337919192698659670454271838273855072390679308886530310","429493619176981385766703804751832373350001551268095165774411888948969491950","1"],["19426274234765689814302294909820181848270118587988082067156950064905560926931","1695477578673085121076028646361009269587800426136069029657833948839317064337","1"]],"vk_a":[["9558065993096722619194348013003368448455409149209998185448725231242350559037","13239868567274065766518626919165092515693823482301378347535196751087568534444"],["15755283830213584683068171246338843258532229236358958552014038612487929896062","3153284277012109552592951624813624632174752658107256746771368513013038228043"],["1","0"]],"vk_b":["17354262195547823174876699589198990688681878796536601531562937007514516671853","7162052175129872674271805560925971314168271233337491952757123238320537067879","1"],"vk_c":[["7693684659995323340441116715427481225095994411375752825539273279038259454951","10648716232561230073794574427969376323946394300393013505624550867362612174214"],["11734707860058618049534410500192734768105180910065417858398014404265709352271","21506229572548609231162936645658298292512149586246110033845868713358599629278"],["1","0"]],"vk_gb_1":["15199098438219395704649974705700501004072202950326097683120792370668183201506","13299363141613092755383156216642793279087604636332222643379319320134567293629","1"],"vk_gb_2":[["2495211911722558402361816493871854939721351321264743350228722750619762019851","11072264826888167640230080860242406855142747886036602311071889683947024413374"],["1870380426396851921468082138410047376113205220686247333524259418069006545584","5795709345107136167474523802037689880174609756763741663153027030192574284600"],["1","0"]],"vk_g":[["16502879486405452648347881982387306429485452949136993847302940683378115949680","21851496291674945989844013109262365122606457776299303431809616926117687307476"],["19775694068609122229399084459362866576707393855951866590081960512562438426082","4788247667758387200027229334961625040838388285858126172643675111850793702743"],["1","0"]],"vk_z":[["13149164608723998054087483988287670870065310147853196434398655904923682722297","13041349085808911888919639829378875740211950179957717170427958580861863453491"],["11051209221709485835318728113780202233394218312574766047108621841112894950486","6100918243225388259690002723108589237985714117354432529032595467352126024985"],["1","0"]]}

Loading…
Cancel
Save