arnaucube/snarkjs
1
0
Fork 0
mirror of https://github.com/arnaucube/snarkjs.git synced 2026-02-28 05:56:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Force 1 in the verifier

Browse Source
This commit is contained in:
Jordi Baylina
2018-08-09 18:59:39 +02:00
parent c0312e5d83
commit 6a02f83d41
4 changed files with 5 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
README
View File

@@ -1,107 +0,0 @@
# javascript implementation of zkSnark
This is a javascript implementation of zkSnarks.
This library allows to do the trusted setup, generate proofs and verify the proofs.
This library uses the compiled circuits generated by the jaz compiler.
## Install
```
npm install zkSnark
```
## Usage
### import
```
const zkSnark = require("zksnark");
```
### Load a circuit.
```
// "myCircuit.cir" is the output of the jaz compiler
const circuitDef = JSON.parse(fs.readFileSync("myCircuit.cir", "utf8"));
const circuit = new zkSnark.Circuit(circuitDef);
```
### Inspect the circuit.
```
// `signalId` can always be a number or an alias string
circuit.m; // number of constrains
circuit.n; // number of signals
circuit.p; // number of public signals (nPublicInputs + nOutputs)
// The array of signals is always sorted in this order:
// [ outputs, publicInputs, privedInputs, internalSignals, constants]
// returns a,b and c coeficients of the `signalId` on a given `constrain`
circuit.a(constrain, signalId)
circuit.b(constrain, signalId)
circuit.c(constrain, signalId)
circuit.nOutputs // number of public outputs
circuit.nPublicInputs // number of public inputs
circuit.nPrivateInputs // number of private inputs
circuit.nInputs // number of inputs ( nPublicInputs + nPrivateInputs)
circuit.outputIdx(i) // returns the index of the i'th output
circuit.inputIdx(i) // returns the index of the i'th input
circuit.inputPublicIdx(i) // returns the index of the i'th public input
circuit.inputPrivateIdx(i) // returns the index of the i'th private input
// returns signal Idx given a signalId
// if the idx >= n , it is a constant
// if the idx == -1, the signal does not exist
circuit.signalId2idx(signalId);
// returns an array aliases names for a given signalId
circuit.signalNames(signalId)
// input is a key value object where keys are the signal names
// of all the inputs (public and private)
// returns an array of values that represent the witness
circuit.generateWitness(input)
```
### Trusted setup
```
const setup = zkSnark.setup(circuit);
fs.writeFileSink("myCircuit.vk_proof", JSON.stringify(setup.vk_proof), "utf8");
fs.writeFileSink("myCircuit.vk_verifier", JSON.stringify(setup.vk_verifier), "utf8");
setup.toxic // Must be discarded.
```
### Generate proof
```
const circuitDef = JSON.parse(fs.readFileSync("myCircuit.cir", "utf8"));
const circuit = new zkSnark.Circuit(circuitDef);
const input = {
"main.pubIn1": "123",
"main.out1": "456"
}
const witness = circuit.generateWitness(input);
const vk_proof = JSON.parse(fs.readFileSync("myCircuit.vk_proof", "utf8"));
const {proof, publicSignals} = zkSnark.genProof(vk_proof, witness);
```
### Verifier
```
const vk_verifier = JSON.parse(fs.readFileSync("myCircuit.vk_verifier", "utf8"));
if (zkSnark.isValid(vk_verifier, proof, publicSignals)) {
console.log("The proof is valid");
} else {
console.log("The proof is not valid");
}
```

2
README.md
View File

@@ -39,7 +39,7 @@ const circuit = new zkSnark.Circuit(circuitDef);
circuit.nPublic; // number of public signals (nOutputs + nPublicInputs) circuit.nPublic; // number of public signals (nOutputs + nPublicInputs)
// The array of signals is always sorted in this order: // The array of signals is always sorted in this order:
// [ outputs, publicInputs, privedInputs, internalSignals, constants] // [ outputs, publicInputs, 1, privedInputs, internalSignals, constants]
// returns a,b and c coeficients of the `signalId` on a given `constrain` // returns a,b and c coeficients of the `signalId` on a given `constrain`
circuit.a(constrain, signalId) circuit.a(constrain, signalId)

3
src/prover.js
View File

@@ -25,7 +25,8 @@ module.exports = function genProof(vk_proof, witness) {
proof.pi_h = G1.zero(); proof.pi_h = G1.zero();
for (let s= vk_proof.nPublic; s< vk_proof.nSignals; s++) { // Skip public entries and the "1" signal that are forced by the verifier
for (let s= vk_proof.nPublic+1; s< vk_proof.nSignals; s++) {
// pi_a = pi_a + A[s] * witness[s]; // pi_a = pi_a + A[s] * witness[s];
proof.pi_a = G1.add( proof.pi_a, G1.mulEscalar( vk_proof.A[s], witness[s])); proof.pi_a = G1.add( proof.pi_a, G1.mulEscalar( vk_proof.A[s], witness[s]));

4
src/verifier.js
View File

@@ -10,12 +10,12 @@ const pairing = require("./pairing");
module.exports = function isValid(vk_verifier, proof, publicSignals) { module.exports = function isValid(vk_verifier, proof, publicSignals) {
let full_pi_a = proof.pi_a;
for (let s= 0; s< vk_verifier.nPublic; s++) { for (let s= 0; s< vk_verifier.nPublic; s++) {
full_pi_a = G1.add( full_pi_a, G1.mulEscalar( vk_verifier.A[s], publicSignals[s])); full_pi_a = G1.add( full_pi_a, G1.mulEscalar( vk_verifier.A[s], publicSignals[s]));
} }
let full_pi_a = G1.add(proof.pi_a, vk_verifier.A[vk_verifier.nPublic]);
if (! Gt.equal( if (! Gt.equal(
pairing( proof.pi_a , vk_verifier.vk_a ), pairing( proof.pi_a , vk_verifier.vk_a ),
pairing( proof.pi_ap , G2.g ))) pairing( proof.pi_ap , G2.g )))