├── .gitignore ├── AUTHORS ├── LICENSE ├── Makefile ├── README.md ├── doxygen.conf ├── prepare-depends.sh └── src ├── algebra ├── curves │ ├── alt_bn128 │ │ ├── alt_bn128_g1.cpp │ │ ├── alt_bn128_g1.hpp │ │ ├── alt_bn128_g2.cpp │ │ ├── alt_bn128_g2.hpp │ │ ├── alt_bn128_init.cpp │ │ ├── alt_bn128_init.hpp │ │ ├── alt_bn128_pairing.cpp │ │ ├── alt_bn128_pairing.hpp │ │ ├── alt_bn128_pp.cpp │ │ └── alt_bn128_pp.hpp │ ├── bn128 │ │ ├── bn128_g1.cpp │ │ ├── bn128_g1.hpp │ │ ├── bn128_g2.cpp │ │ ├── bn128_g2.hpp │ │ ├── bn128_gt.cpp │ │ ├── bn128_gt.hpp │ │ ├── bn128_init.cpp │ │ ├── bn128_init.hpp │ │ ├── bn128_pairing.cpp │ │ ├── bn128_pairing.hpp │ │ ├── bn128_pp.cpp │ │ ├── bn128_pp.hpp │ │ ├── bn_utils.hpp │ │ └── bn_utils.tcc │ ├── curve_utils.hpp │ ├── curve_utils.tcc │ ├── edwards │ │ ├── edwards_g1.cpp │ │ ├── edwards_g1.hpp │ │ ├── edwards_g2.cpp │ │ ├── edwards_g2.hpp │ │ ├── edwards_init.cpp │ │ ├── edwards_init.hpp │ │ ├── edwards_pairing.cpp │ │ ├── edwards_pairing.hpp │ │ ├── edwards_pp.cpp │ │ └── edwards_pp.hpp │ ├── mnt │ │ ├── mnt4 │ │ │ ├── mnt4_g1.cpp │ │ │ ├── mnt4_g1.hpp │ │ │ ├── mnt4_g2.cpp │ │ │ ├── mnt4_g2.hpp │ │ │ ├── mnt4_init.cpp │ │ │ ├── mnt4_init.hpp │ │ │ ├── mnt4_pairing.cpp │ │ │ ├── mnt4_pairing.hpp │ │ │ ├── mnt4_pp.cpp │ │ │ └── mnt4_pp.hpp │ │ ├── mnt46_common.cpp │ │ ├── mnt46_common.hpp │ │ └── mnt6 │ │ │ ├── mnt6_g1.cpp │ │ │ ├── mnt6_g1.hpp │ │ │ ├── mnt6_g2.cpp │ │ │ ├── mnt6_g2.hpp │ │ │ ├── mnt6_init.cpp │ │ │ ├── mnt6_init.hpp │ │ │ ├── mnt6_pairing.cpp │ │ │ ├── mnt6_pairing.hpp │ │ │ ├── mnt6_pp.cpp │ │ │ └── mnt6_pp.hpp │ ├── public_params.hpp │ └── tests │ │ ├── test_bilinearity.cpp │ │ └── test_groups.cpp ├── evaluation_domain │ ├── domains │ │ ├── basic_radix2_domain.hpp │ │ ├── basic_radix2_domain.tcc │ │ ├── basic_radix2_domain_aux.hpp │ │ ├── basic_radix2_domain_aux.tcc │ │ ├── extended_radix2_domain.hpp │ │ ├── extended_radix2_domain.tcc │ │ ├── step_radix2_domain.hpp │ │ └── step_radix2_domain.tcc │ ├── evaluation_domain.hpp │ └── evaluation_domain.tcc ├── exponentiation │ ├── exponentiation.hpp │ └── exponentiation.tcc ├── fields │ ├── bigint.hpp │ ├── bigint.tcc │ ├── field_utils.hpp │ ├── field_utils.tcc │ ├── fp.hpp │ ├── fp.tcc │ ├── fp12_2over3over2.hpp │ ├── fp12_2over3over2.tcc │ ├── fp2.hpp │ ├── fp2.tcc │ ├── fp3.hpp │ ├── fp3.tcc │ ├── fp4.hpp │ ├── fp4.tcc │ ├── fp6_2over3.hpp │ ├── fp6_2over3.tcc │ ├── fp6_3over2.hpp │ ├── fp6_3over2.tcc │ ├── fp_aux.tcc │ └── tests │ │ └── test_fields.cpp ├── knowledge_commitment │ ├── knowledge_commitment.hpp │ └── knowledge_commitment.tcc └── scalar_multiplication │ ├── kc_multiexp.hpp │ ├── kc_multiexp.tcc │ ├── multiexp.hpp │ ├── multiexp.tcc │ ├── wnaf.hpp │ └── wnaf.tcc ├── common ├── data_structures │ ├── accumulation_vector.hpp │ ├── accumulation_vector.tcc │ ├── integer_permutation.cpp │ ├── integer_permutation.hpp │ ├── merkle_tree.hpp │ ├── merkle_tree.tcc │ ├── set_commitment.cpp │ ├── set_commitment.hpp │ ├── set_commitment.tcc │ ├── sparse_vector.hpp │ └── sparse_vector.tcc ├── default_types │ ├── bacs_ppzksnark_pp.hpp │ ├── ec_pp.hpp │ ├── r1cs_gg_ppzksnark_pp.hpp │ ├── r1cs_ppzkadsnark_pp.cpp │ ├── r1cs_ppzkadsnark_pp.hpp │ ├── r1cs_ppzkpcd_pp.cpp │ ├── r1cs_ppzkpcd_pp.hpp │ ├── r1cs_ppzksnark_pp.hpp │ ├── ram_ppzksnark_pp.hpp │ ├── ram_zksnark_pp.hpp │ ├── tbcs_ppzksnark_pp.hpp │ ├── tinyram_ppzksnark_pp.cpp │ ├── tinyram_ppzksnark_pp.hpp │ ├── tinyram_zksnark_pp.cpp │ ├── tinyram_zksnark_pp.hpp │ └── uscs_ppzksnark_pp.hpp ├── profiling.cpp ├── profiling.hpp ├── rng.hpp ├── rng.tcc ├── routing_algorithms │ ├── as_waksman_routing_algorithm.cpp │ ├── as_waksman_routing_algorithm.hpp │ ├── benes_routing_algorithm.cpp │ ├── benes_routing_algorithm.hpp │ ├── profiling │ │ └── profile_routing_algorithms.cpp │ └── tests │ │ ├── test_routing_algorithms.cpp │ │ └── test_routing_algorithms.py ├── serialization.hpp ├── serialization.tcc ├── template_utils.hpp ├── utils.cpp ├── utils.hpp └── utils.tcc ├── gadgetlib1 ├── constraint_profiling.cpp ├── constraint_profiling.hpp ├── examples │ ├── simple_example.hpp │ └── simple_example.tcc ├── gadget.hpp ├── gadget.tcc ├── gadgets │ ├── basic_gadgets.hpp │ ├── basic_gadgets.tcc │ ├── cpu_checkers │ │ ├── fooram │ │ │ ├── components │ │ │ │ ├── bar_gadget.hpp │ │ │ │ ├── bar_gadget.tcc │ │ │ │ ├── fooram_protoboard.hpp │ │ │ │ └── fooram_protoboard.tcc │ │ │ ├── examples │ │ │ │ └── test_fooram.cpp │ │ │ ├── fooram_cpu_checker.hpp │ │ │ └── fooram_cpu_checker.tcc │ │ └── tinyram │ │ │ ├── components │ │ │ ├── alu_arithmetic.hpp │ │ │ ├── alu_arithmetic.tcc │ │ │ ├── alu_control_flow.hpp │ │ │ ├── alu_control_flow.tcc │ │ │ ├── alu_gadget.hpp │ │ │ ├── alu_gadget.tcc │ │ │ ├── argument_decoder_gadget.hpp │ │ │ ├── argument_decoder_gadget.tcc │ │ │ ├── consistency_enforcer_gadget.hpp │ │ │ ├── consistency_enforcer_gadget.tcc │ │ │ ├── instruction_packing_gadget.hpp │ │ │ ├── instruction_packing_gadget.tcc │ │ │ ├── memory_masking_gadget.hpp │ │ │ ├── memory_masking_gadget.tcc │ │ │ ├── tinyram_protoboard.hpp │ │ │ ├── tinyram_protoboard.tcc │ │ │ └── word_variable_gadget.hpp │ │ │ ├── tinyram_cpu_checker.hpp │ │ │ └── tinyram_cpu_checker.tcc │ ├── curves │ │ ├── weierstrass_g1_gadget.hpp │ │ ├── weierstrass_g1_gadget.tcc │ │ ├── weierstrass_g2_gadget.hpp │ │ └── weierstrass_g2_gadget.tcc │ ├── delegated_ra_memory │ │ ├── memory_load_gadget.hpp │ │ └── memory_load_store_gadget.hpp │ ├── fields │ │ ├── exponentiation_gadget.hpp │ │ ├── exponentiation_gadget.tcc │ │ ├── fp2_gadgets.hpp │ │ ├── fp2_gadgets.tcc │ │ ├── fp3_gadgets.hpp │ │ ├── fp3_gadgets.tcc │ │ ├── fp4_gadgets.hpp │ │ ├── fp4_gadgets.tcc │ │ ├── fp6_gadgets.hpp │ │ └── fp6_gadgets.tcc │ ├── gadget_from_r1cs.hpp │ ├── gadget_from_r1cs.tcc │ ├── hashes │ │ ├── crh_gadget.hpp │ │ ├── digest_selector_gadget.hpp │ │ ├── digest_selector_gadget.tcc │ │ ├── hash_io.hpp │ │ ├── hash_io.tcc │ │ ├── knapsack │ │ │ ├── knapsack_gadget.hpp │ │ │ ├── knapsack_gadget.tcc │ │ │ └── tests │ │ │ │ ├── generate_knapsack_tests.py │ │ │ │ └── test_knapsack_gadget.cpp │ │ └── sha256 │ │ │ ├── sha256_aux.hpp │ │ │ ├── sha256_aux.tcc │ │ │ ├── sha256_components.hpp │ │ │ ├── sha256_components.tcc │ │ │ ├── sha256_gadget.hpp │ │ │ ├── sha256_gadget.tcc │ │ │ └── tests │ │ │ ├── generate_sha256_gadget_tests.py │ │ │ ├── pypy_sha256.py │ │ │ └── test_sha256_gadget.cpp │ ├── merkle_tree │ │ ├── merkle_authentication_path_variable.hpp │ │ ├── merkle_authentication_path_variable.tcc │ │ ├── merkle_tree_check_read_gadget.hpp │ │ ├── merkle_tree_check_read_gadget.tcc │ │ ├── merkle_tree_check_update_gadget.hpp │ │ ├── merkle_tree_check_update_gadget.tcc │ │ └── tests │ │ │ └── test_merkle_tree_gadgets.cpp │ ├── pairing │ │ ├── mnt_pairing_params.hpp │ │ ├── pairing_checks.hpp │ │ ├── pairing_checks.tcc │ │ ├── pairing_params.hpp │ │ ├── weierstrass_final_exponentiation.hpp │ │ ├── weierstrass_final_exponentiation.tcc │ │ ├── weierstrass_miller_loop.hpp │ │ ├── weierstrass_miller_loop.tcc │ │ ├── weierstrass_precomputation.hpp │ │ └── weierstrass_precomputation.tcc │ ├── routing │ │ ├── as_waksman_routing_gadget.hpp │ │ ├── as_waksman_routing_gadget.tcc │ │ ├── benes_routing_gadget.hpp │ │ ├── benes_routing_gadget.tcc │ │ └── profiling │ │ │ └── profile_routing_gadgets.cpp │ ├── set_commitment │ │ ├── set_commitment_gadget.hpp │ │ ├── set_commitment_gadget.tcc │ │ ├── set_membership_proof_variable.hpp │ │ ├── set_membership_proof_variable.tcc │ │ └── tests │ │ │ └── test_set_commitment_gadget.cpp │ └── verifiers │ │ ├── r1cs_ppzksnark_verifier_gadget.hpp │ │ ├── r1cs_ppzksnark_verifier_gadget.tcc │ │ └── tests │ │ └── test_r1cs_ppzksnark_verifier_gadget.cpp ├── pb_variable.hpp ├── pb_variable.tcc ├── protoboard.hpp └── protoboard.tcc ├── gadgetlib2 ├── adapters.cpp ├── adapters.hpp ├── constraint.cpp ├── constraint.hpp ├── examples │ ├── simple_example.cpp │ ├── simple_example.hpp │ └── tutorial.cpp ├── gadget.cpp ├── gadget.hpp ├── gadgetMacros.hpp ├── infrastructure.cpp ├── infrastructure.hpp ├── integration.cpp ├── integration.hpp ├── pp.cpp ├── pp.hpp ├── protoboard.cpp ├── protoboard.hpp ├── tests │ ├── adapters_UTEST.cpp │ ├── constraint_UTEST.cpp │ ├── gadget_UTEST.cpp │ ├── gadgetlib2_test.cpp │ ├── integration_UTEST.cpp │ ├── protoboard_UTEST.cpp │ └── variable_UTEST.cpp ├── variable.cpp ├── variable.hpp └── variable_operators.hpp ├── reductions ├── bacs_to_r1cs │ ├── bacs_to_r1cs.hpp │ └── bacs_to_r1cs.tcc ├── r1cs_to_qap │ ├── r1cs_to_qap.hpp │ └── r1cs_to_qap.tcc ├── ram_to_r1cs │ ├── examples │ │ └── demo_arithmetization.cpp │ ├── gadgets │ │ ├── memory_checker_gadget.hpp │ │ ├── memory_checker_gadget.tcc │ │ ├── ram_universal_gadget.hpp │ │ ├── ram_universal_gadget.tcc │ │ ├── trace_lines.hpp │ │ └── trace_lines.tcc │ ├── ram_to_r1cs.hpp │ └── ram_to_r1cs.tcc ├── tbcs_to_uscs │ ├── get_tbcs_reduction.py │ ├── tbcs_reduction.txt │ ├── tbcs_to_uscs.hpp │ └── tbcs_to_uscs.tcc └── uscs_to_ssp │ ├── uscs_to_ssp.hpp │ └── uscs_to_ssp.tcc ├── relations ├── arithmetic_programs │ ├── qap │ │ ├── qap.hpp │ │ ├── qap.tcc │ │ └── tests │ │ │ └── test_qap.cpp │ └── ssp │ │ ├── ssp.hpp │ │ ├── ssp.tcc │ │ └── tests │ │ └── test_ssp.cpp ├── circuit_satisfaction_problems │ ├── bacs │ │ ├── bacs.hpp │ │ ├── bacs.tcc │ │ └── examples │ │ │ ├── bacs_examples.hpp │ │ │ └── bacs_examples.tcc │ └── tbcs │ │ ├── examples │ │ ├── tbcs_examples.cpp │ │ └── tbcs_examples.hpp │ │ ├── tbcs.cpp │ │ └── tbcs.hpp ├── constraint_satisfaction_problems │ ├── r1cs │ │ ├── examples │ │ │ ├── r1cs_examples.hpp │ │ │ └── r1cs_examples.tcc │ │ ├── r1cs.hpp │ │ └── r1cs.tcc │ └── uscs │ │ ├── examples │ │ ├── uscs_examples.hpp │ │ └── uscs_examples.tcc │ │ ├── uscs.hpp │ │ └── uscs.tcc ├── ram_computations │ ├── memory │ │ ├── delegated_ra_memory.hpp │ │ ├── delegated_ra_memory.tcc │ │ ├── examples │ │ │ ├── memory_contents_examples.cpp │ │ │ └── memory_contents_examples.hpp │ │ ├── memory_interface.hpp │ │ ├── memory_store_trace.cpp │ │ ├── memory_store_trace.hpp │ │ ├── ra_memory.cpp │ │ └── ra_memory.hpp │ └── rams │ │ ├── examples │ │ ├── ram_examples.hpp │ │ └── ram_examples.tcc │ │ ├── fooram │ │ ├── fooram_aux.cpp │ │ ├── fooram_aux.hpp │ │ └── fooram_params.hpp │ │ ├── ram_params.hpp │ │ └── tinyram │ │ ├── tinyram_aux.cpp │ │ ├── tinyram_aux.hpp │ │ └── tinyram_params.hpp ├── variable.hpp └── variable.tcc └── zk_proof_systems ├── pcd └── r1cs_pcd │ ├── compliance_predicate │ ├── compliance_predicate.hpp │ ├── compliance_predicate.tcc │ ├── cp_handler.hpp │ ├── cp_handler.tcc │ └── examples │ │ ├── tally_cp.hpp │ │ └── tally_cp.tcc │ ├── ppzkpcd_compliance_predicate.hpp │ ├── r1cs_mp_ppzkpcd │ ├── examples │ │ ├── run_r1cs_mp_ppzkpcd.hpp │ │ └── run_r1cs_mp_ppzkpcd.tcc │ ├── mp_pcd_circuits.hpp │ ├── mp_pcd_circuits.tcc │ ├── profiling │ │ └── profile_r1cs_mp_ppzkpcd.cpp │ ├── r1cs_mp_ppzkpcd.hpp │ ├── r1cs_mp_ppzkpcd.tcc │ ├── r1cs_mp_ppzkpcd_params.hpp │ └── tests │ │ └── test_r1cs_mp_ppzkpcd.cpp │ ├── r1cs_pcd_params.hpp │ ├── r1cs_pcd_params.tcc │ └── r1cs_sp_ppzkpcd │ ├── examples │ ├── run_r1cs_sp_ppzkpcd.hpp │ └── run_r1cs_sp_ppzkpcd.tcc │ ├── profiling │ └── profile_r1cs_sp_ppzkpcd.cpp │ ├── r1cs_sp_ppzkpcd.hpp │ ├── r1cs_sp_ppzkpcd.tcc │ ├── r1cs_sp_ppzkpcd_params.hpp │ ├── sp_pcd_circuits.hpp │ ├── sp_pcd_circuits.tcc │ └── tests │ └── test_r1cs_sp_ppzkpcd.cpp ├── ppzkadsnark └── r1cs_ppzkadsnark │ ├── examples │ ├── demo_r1cs_ppzkadsnark.cpp │ ├── prf │ │ ├── aes_ctr_prf.hpp │ │ └── aes_ctr_prf.tcc │ ├── run_r1cs_ppzkadsnark.hpp │ ├── run_r1cs_ppzkadsnark.tcc │ └── signature │ │ ├── ed25519_signature.hpp │ │ └── ed25519_signature.tcc │ ├── r1cs_ppzkadsnark.hpp │ ├── r1cs_ppzkadsnark.tcc │ ├── r1cs_ppzkadsnark_params.hpp │ ├── r1cs_ppzkadsnark_prf.hpp │ └── r1cs_ppzkadsnark_signature.hpp ├── ppzksnark ├── bacs_ppzksnark │ ├── bacs_ppzksnark.hpp │ ├── bacs_ppzksnark.tcc │ ├── bacs_ppzksnark_params.hpp │ ├── examples │ │ ├── run_bacs_ppzksnark.hpp │ │ └── run_bacs_ppzksnark.tcc │ ├── profiling │ │ └── profile_bacs_ppzksnark.cpp │ └── tests │ │ └── test_bacs_ppzksnark.cpp ├── r1cs_gg_ppzksnark │ ├── examples │ │ ├── run_r1cs_gg_ppzksnark.hpp │ │ └── run_r1cs_gg_ppzksnark.tcc │ ├── profiling │ │ └── profile_r1cs_gg_ppzksnark.cpp │ ├── r1cs_gg_ppzksnark.hpp │ ├── r1cs_gg_ppzksnark.tcc │ ├── r1cs_gg_ppzksnark_params.hpp │ └── tests │ │ └── test_r1cs_gg_ppzksnark.cpp ├── r1cs_ppzksnark │ ├── examples │ │ ├── run_r1cs_ppzksnark.hpp │ │ └── run_r1cs_ppzksnark.tcc │ ├── profiling │ │ └── profile_r1cs_ppzksnark.cpp │ ├── r1cs_ppzksnark.hpp │ ├── r1cs_ppzksnark.tcc │ ├── r1cs_ppzksnark_params.hpp │ └── tests │ │ └── test_r1cs_ppzksnark.cpp ├── ram_ppzksnark │ ├── examples │ │ ├── demo_ram_ppzksnark.cpp │ │ ├── demo_ram_ppzksnark_generator.cpp │ │ ├── demo_ram_ppzksnark_prover.cpp │ │ ├── demo_ram_ppzksnark_verifier.cpp │ │ ├── run_ram_ppzksnark.hpp │ │ └── run_ram_ppzksnark.tcc │ ├── profiling │ │ └── profile_ram_ppzksnark.cpp │ ├── ram_ppzksnark.hpp │ ├── ram_ppzksnark.tcc │ ├── ram_ppzksnark_params.hpp │ └── tests │ │ └── test_ram_ppzksnark.cpp ├── tbcs_ppzksnark │ ├── examples │ │ ├── run_tbcs_ppzksnark.hpp │ │ └── run_tbcs_ppzksnark.tcc │ ├── profiling │ │ └── profile_tbcs_ppzksnark.cpp │ ├── tbcs_ppzksnark.hpp │ ├── tbcs_ppzksnark.tcc │ ├── tbcs_ppzksnark_params.hpp │ └── tests │ │ └── test_tbcs_ppzksnark.cpp └── uscs_ppzksnark │ ├── examples │ ├── run_uscs_ppzksnark.hpp │ └── run_uscs_ppzksnark.tcc │ ├── profiling │ └── profile_uscs_ppzksnark.cpp │ ├── tests │ └── test_uscs_ppzksnark.cpp │ ├── uscs_ppzksnark.hpp │ ├── uscs_ppzksnark.tcc │ └── uscs_ppzksnark_params.hpp └── zksnark └── ram_zksnark ├── examples ├── run_ram_zksnark.hpp └── run_ram_zksnark.tcc ├── profiling └── profile_ram_zksnark.cpp ├── ram_compliance_predicate.hpp ├── ram_compliance_predicate.tcc ├── ram_zksnark.hpp ├── ram_zksnark.tcc ├── ram_zksnark_params.hpp └── tests └── test_ram_zksnark.cpp /AUTHORS: -------------------------------------------------------------------------------- 1 | SCIPR Lab: 2 | Eli Ben-Sasson 3 | Alessandro Chiesa 4 | Daniel Genkin 5 | Shaul Kfir 6 | Eran Tromer 7 | Madars Virza 8 | 9 | External contributors: 10 | Michael Backes 11 | Manuel Barbosa 12 | Dario Fiore 13 | Jens Groth 14 | Joshua A. Kroll 15 | Shigeo MITSUNARI 16 | Raphael Reischuk 17 | Tadanori TERUYA 18 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The libsnark library is developed by SCIPR Lab (http://scipr-lab.org) 2 | and contributors. 3 | 4 | Copyright (c) 2012-2014 SCIPR Lab and contributors (see AUTHORS file). 5 | 6 | All files, with the exceptions below, are released under the MIT License: 7 | 8 | Permission is hereby granted, free of charge, to any person obtaining a copy 9 | of this software and associated documentation files (the "Software"), to deal 10 | in the Software without restriction, including without limitation the rights 11 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 | copies of the Software, and to permit persons to whom the Software is 13 | furnished to do so, subject to the following conditions: 14 | 15 | The above copyright notice and this permission notice shall be included in 16 | all copies or substantial portions of the Software. 17 | 18 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 21 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 | THE SOFTWARE. 25 | -------------------------------------------------------------------------------- /prepare-depends.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # This script fetches, builds and locally installs external dependencies. 3 | 4 | set -x -e 5 | 6 | DEPSRC=./depsrc 7 | DEPINST=./depinst 8 | 9 | # rm -fr $DEPINST 10 | mkdir -p $DEPINST 11 | mkdir -p $DEPSRC 12 | 13 | # ate-pairing library, and its dependency, xbyak (needed for BN128 curve) 14 | cd $DEPSRC 15 | [ ! -d xbyak ] && git clone git://github.com/herumi/xbyak.git 16 | [ ! -d ate-pairing ] && git clone git://github.com/herumi/ate-pairing.git 17 | cd ate-pairing 18 | make -j SUPPORT_SNARK=1 19 | cd ../.. 20 | cp -rv $DEPSRC/ate-pairing/include $DEPINST/ 21 | cp -rv $DEPSRC/ate-pairing/lib $DEPINST/ 22 | 23 | # SUPERCOP library (optimized crypto implementations, used by ADSNARK) 24 | cd $DEPSRC 25 | [ ! -d libsnark-supercop ] && git clone git://github.com/mbbarbosa/libsnark-supercop.git 26 | cd libsnark-supercop 27 | sh "do" 28 | cd ../.. 29 | mkdir -p $DEPINST/include/supercop 30 | cp -v $DEPSRC/libsnark-supercop/include/* $DEPINST/include/supercop 31 | cp -rv $DEPSRC/libsnark-supercop/lib $DEPINST/ 32 | -------------------------------------------------------------------------------- /src/algebra/curves/alt_bn128/alt_bn128_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" 9 | 10 | namespace libsnark { 11 | 12 | void alt_bn128_pp::init_public_params() 13 | { 14 | init_alt_bn128_params(); 15 | } 16 | 17 | alt_bn128_GT alt_bn128_pp::final_exponentiation(const alt_bn128_Fq12 &elt) 18 | { 19 | return alt_bn128_final_exponentiation(elt); 20 | } 21 | 22 | alt_bn128_G1_precomp alt_bn128_pp::precompute_G1(const alt_bn128_G1 &P) 23 | { 24 | return alt_bn128_precompute_G1(P); 25 | } 26 | 27 | alt_bn128_G2_precomp alt_bn128_pp::precompute_G2(const alt_bn128_G2 &Q) 28 | { 29 | return alt_bn128_precompute_G2(Q); 30 | } 31 | 32 | alt_bn128_Fq12 alt_bn128_pp::miller_loop(const alt_bn128_G1_precomp &prec_P, 33 | const alt_bn128_G2_precomp &prec_Q) 34 | { 35 | return alt_bn128_miller_loop(prec_P, prec_Q); 36 | } 37 | 38 | alt_bn128_Fq12 alt_bn128_pp::double_miller_loop(const alt_bn128_G1_precomp &prec_P1, 39 | const alt_bn128_G2_precomp &prec_Q1, 40 | const alt_bn128_G1_precomp &prec_P2, 41 | const alt_bn128_G2_precomp &prec_Q2) 42 | { 43 | return alt_bn128_double_miller_loop(prec_P1, prec_Q1, prec_P2, prec_Q2); 44 | } 45 | 46 | alt_bn128_Fq12 alt_bn128_pp::pairing(const alt_bn128_G1 &P, 47 | const alt_bn128_G2 &Q) 48 | { 49 | return alt_bn128_pairing(P, Q); 50 | } 51 | 52 | alt_bn128_Fq12 alt_bn128_pp::reduced_pairing(const alt_bn128_G1 &P, 53 | const alt_bn128_G2 &Q) 54 | { 55 | return alt_bn128_reduced_pairing(P, Q); 56 | } 57 | 58 | } // libsnark 59 | -------------------------------------------------------------------------------- /src/algebra/curves/alt_bn128/alt_bn128_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef ALT_BN128_PP_HPP_ 9 | #define ALT_BN128_PP_HPP_ 10 | #include "algebra/curves/public_params.hpp" 11 | #include "algebra/curves/alt_bn128/alt_bn128_init.hpp" 12 | #include "algebra/curves/alt_bn128/alt_bn128_g1.hpp" 13 | #include "algebra/curves/alt_bn128/alt_bn128_g2.hpp" 14 | #include "algebra/curves/alt_bn128/alt_bn128_pairing.hpp" 15 | 16 | namespace libsnark { 17 | 18 | class alt_bn128_pp { 19 | public: 20 | typedef alt_bn128_Fr Fp_type; 21 | typedef alt_bn128_G1 G1_type; 22 | typedef alt_bn128_G2 G2_type; 23 | typedef alt_bn128_G1_precomp G1_precomp_type; 24 | typedef alt_bn128_G2_precomp G2_precomp_type; 25 | typedef alt_bn128_Fq Fq_type; 26 | typedef alt_bn128_Fq2 Fqe_type; 27 | typedef alt_bn128_Fq12 Fqk_type; 28 | typedef alt_bn128_GT GT_type; 29 | 30 | static const bool has_affine_pairing = false; 31 | 32 | static void init_public_params(); 33 | static alt_bn128_GT final_exponentiation(const alt_bn128_Fq12 &elt); 34 | static alt_bn128_G1_precomp precompute_G1(const alt_bn128_G1 &P); 35 | static alt_bn128_G2_precomp precompute_G2(const alt_bn128_G2 &Q); 36 | static alt_bn128_Fq12 miller_loop(const alt_bn128_G1_precomp &prec_P, 37 | const alt_bn128_G2_precomp &prec_Q); 38 | static alt_bn128_Fq12 double_miller_loop(const alt_bn128_G1_precomp &prec_P1, 39 | const alt_bn128_G2_precomp &prec_Q1, 40 | const alt_bn128_G1_precomp &prec_P2, 41 | const alt_bn128_G2_precomp &prec_Q2); 42 | static alt_bn128_Fq12 pairing(const alt_bn128_G1 &P, 43 | const alt_bn128_G2 &Q); 44 | static alt_bn128_Fq12 reduced_pairing(const alt_bn128_G1 &P, 45 | const alt_bn128_G2 &Q); 46 | }; 47 | 48 | } // libsnark 49 | 50 | #endif // ALT_BN128_PP_HPP_ 51 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn128_gt.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include "algebra/curves/bn128/bn128_gt.hpp" 9 | 10 | namespace libsnark { 11 | 12 | bn128_GT bn128_GT::GT_one; 13 | bn128_GT::bn128_GT() 14 | { 15 | this->elem.clear(); 16 | } 17 | 18 | bool bn128_GT::operator==(const bn128_GT &other) const 19 | { 20 | return (this->elem == other.elem); 21 | } 22 | 23 | bool bn128_GT::operator!=(const bn128_GT& other) const 24 | { 25 | return !(operator==(other)); 26 | } 27 | 28 | bn128_GT bn128_GT::operator*(const bn128_GT &other) const 29 | { 30 | bn128_GT result; 31 | bn::Fp12::mul(result.elem, this->elem, other.elem); 32 | return result; 33 | } 34 | 35 | bn128_GT bn128_GT::unitary_inverse() const 36 | { 37 | bn128_GT result(*this); 38 | bn::Fp6::neg(result.elem.b_, result.elem.b_); 39 | return result; 40 | } 41 | 42 | bn128_GT bn128_GT::one() 43 | { 44 | return GT_one; 45 | } 46 | 47 | std::ostream& operator<<(std::ostream &out, const bn128_GT &g) 48 | { 49 | #ifndef BINARY_OUTPUT 50 | out << g.elem.a_ << OUTPUT_SEPARATOR << g.elem.b_; 51 | #else 52 | out.write((char*) &g.elem.a_, sizeof(g.elem.a_)); 53 | out.write((char*) &g.elem.b_, sizeof(g.elem.b_)); 54 | #endif 55 | return out; 56 | } 57 | 58 | std::istream& operator>>(std::istream &in, bn128_GT &g) 59 | { 60 | #ifndef BINARY_OUTPUT 61 | in >> g.elem.a_; 62 | consume_OUTPUT_SEPARATOR(in); 63 | in >> g.elem.b_; 64 | #else 65 | in.read((char*) &g.elem.a_, sizeof(g.elem.a_)); 66 | in.read((char*) &g.elem.b_, sizeof(g.elem.b_)); 67 | #endif 68 | return in; 69 | } 70 | } // libsnark 71 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn128_gt.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef BN128_GT_HPP_ 9 | #define BN128_GT_HPP_ 10 | #include "algebra/fields/fp.hpp" 11 | #include "algebra/fields/field_utils.hpp" 12 | #include 13 | #include "bn.h" 14 | 15 | namespace libsnark { 16 | 17 | class bn128_GT; 18 | std::ostream& operator<<(std::ostream &, const bn128_GT&); 19 | std::istream& operator>>(std::istream &, bn128_GT&); 20 | 21 | class bn128_GT { 22 | public: 23 | static bn128_GT GT_one; 24 | bn::Fp12 elem; 25 | 26 | bn128_GT(); 27 | bool operator==(const bn128_GT &other) const; 28 | bool operator!=(const bn128_GT &other) const; 29 | 30 | bn128_GT operator*(const bn128_GT &other) const; 31 | bn128_GT unitary_inverse() const; 32 | 33 | static bn128_GT one(); 34 | 35 | void print() { std::cout << this->elem << "\n"; }; 36 | 37 | friend std::ostream& operator<<(std::ostream &out, const bn128_GT &g); 38 | friend std::istream& operator>>(std::istream &in, bn128_GT &g); 39 | }; 40 | 41 | template 42 | bn128_GT operator^(const bn128_GT &rhs, const bigint &lhs) 43 | { 44 | return power(rhs, lhs); 45 | } 46 | 47 | 48 | template& modulus_p> 49 | bn128_GT operator^(const bn128_GT &rhs, const Fp_model &lhs) 50 | { 51 | return power(rhs, lhs.as_bigint()); 52 | } 53 | 54 | } // libsnark 55 | #endif // BN128_GT_HPP_ 56 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn128_init.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef BN128_INIT_HPP_ 9 | #define BN128_INIT_HPP_ 10 | #include "algebra/curves/public_params.hpp" 11 | #include "algebra/fields/fp.hpp" 12 | #include "bn.h" // If you're missing this file, run libsnark's ./prepare-depends.sh 13 | 14 | namespace libsnark { 15 | 16 | const mp_size_t bn128_r_bitcount = 254; 17 | const mp_size_t bn128_q_bitcount = 254; 18 | 19 | const mp_size_t bn128_r_limbs = (bn128_r_bitcount+GMP_NUMB_BITS-1)/GMP_NUMB_BITS; 20 | const mp_size_t bn128_q_limbs = (bn128_q_bitcount+GMP_NUMB_BITS-1)/GMP_NUMB_BITS; 21 | 22 | extern bigint bn128_modulus_r; 23 | extern bigint bn128_modulus_q; 24 | 25 | extern bn::Fp bn128_coeff_b; 26 | extern size_t bn128_Fq_s; 27 | extern bn::Fp bn128_Fq_nqr_to_t; 28 | extern mie::Vuint bn128_Fq_t_minus_1_over_2; 29 | 30 | extern bn::Fp2 bn128_twist_coeff_b; 31 | extern size_t bn128_Fq2_s; 32 | extern bn::Fp2 bn128_Fq2_nqr_to_t; 33 | extern mie::Vuint bn128_Fq2_t_minus_1_over_2; 34 | 35 | typedef Fp_model bn128_Fr; 36 | typedef Fp_model bn128_Fq; 37 | 38 | void init_bn128_params(); 39 | 40 | class bn128_G1; 41 | class bn128_G2; 42 | class bn128_GT; 43 | typedef bn128_GT bn128_Fq12; 44 | 45 | } // libsnark 46 | #endif // BN128_INIT_HPP_ 47 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn128_pairing.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ******************************************************************************** 3 | Declares functions for computing Ate pairings over the bn128 curves, split into a 4 | offline and online stages. 5 | ******************************************************************************** 6 | * @author This file is part of libsnark, developed by SCIPR Lab 7 | * and contributors (see AUTHORS). 8 | * @copyright MIT license (see LICENSE file) 9 | *******************************************************************************/ 10 | 11 | #ifndef BN128_PAIRING_HPP_ 12 | #define BN128_PAIRING_HPP_ 13 | #include "algebra/curves/bn128/bn128_g1.hpp" 14 | #include "algebra/curves/bn128/bn128_g2.hpp" 15 | #include "algebra/curves/bn128/bn128_gt.hpp" 16 | #include "bn.h" 17 | 18 | namespace libsnark { 19 | 20 | struct bn128_ate_G1_precomp { 21 | bn::Fp P[3]; 22 | 23 | bool operator==(const bn128_ate_G1_precomp &other) const; 24 | friend std::ostream& operator<<(std::ostream &out, const bn128_ate_G1_precomp &prec_P); 25 | friend std::istream& operator>>(std::istream &in, bn128_ate_G1_precomp &prec_P); 26 | }; 27 | 28 | typedef bn::Fp6 bn128_ate_ell_coeffs; 29 | 30 | struct bn128_ate_G2_precomp { 31 | bn::Fp2 Q[3]; 32 | std::vector coeffs; 33 | 34 | bool operator==(const bn128_ate_G2_precomp &other) const; 35 | friend std::ostream& operator<<(std::ostream &out, const bn128_ate_G2_precomp &prec_Q); 36 | friend std::istream& operator>>(std::istream &in, bn128_ate_G2_precomp &prec_Q); 37 | }; 38 | 39 | bn128_ate_G1_precomp bn128_ate_precompute_G1(const bn128_G1& P); 40 | bn128_ate_G2_precomp bn128_ate_precompute_G2(const bn128_G2& Q); 41 | 42 | bn128_Fq12 bn128_double_ate_miller_loop(const bn128_ate_G1_precomp &prec_P1, 43 | const bn128_ate_G2_precomp &prec_Q1, 44 | const bn128_ate_G1_precomp &prec_P2, 45 | const bn128_ate_G2_precomp &prec_Q2); 46 | bn128_Fq12 bn128_ate_miller_loop(const bn128_ate_G1_precomp &prec_P, 47 | const bn128_ate_G2_precomp &prec_Q); 48 | 49 | bn128_GT bn128_final_exponentiation(const bn128_Fq12 &elt); 50 | 51 | } // libsnark 52 | #endif // BN128_PAIRING_HPP_ 53 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn128_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef BN128_PP_HPP_ 9 | #define BN128_PP_HPP_ 10 | #include "algebra/curves/public_params.hpp" 11 | #include "algebra/curves/bn128/bn128_init.hpp" 12 | #include "algebra/curves/bn128/bn128_g1.hpp" 13 | #include "algebra/curves/bn128/bn128_g2.hpp" 14 | #include "algebra/curves/bn128/bn128_gt.hpp" 15 | #include "algebra/curves/bn128/bn128_pairing.hpp" 16 | 17 | namespace libsnark { 18 | 19 | class bn128_pp { 20 | public: 21 | typedef bn128_Fr Fp_type; 22 | typedef bn128_G1 G1_type; 23 | typedef bn128_G2 G2_type; 24 | typedef bn128_ate_G1_precomp G1_precomp_type; 25 | typedef bn128_ate_G2_precomp G2_precomp_type; 26 | typedef bn128_Fq Fq_type; 27 | typedef bn128_Fq12 Fqk_type; 28 | typedef bn128_GT GT_type; 29 | 30 | static const bool has_affine_pairing = false; 31 | 32 | static void init_public_params(); 33 | static bn128_GT final_exponentiation(const bn128_Fq12 &elt); 34 | static bn128_ate_G1_precomp precompute_G1(const bn128_G1 &P); 35 | static bn128_ate_G2_precomp precompute_G2(const bn128_G2 &Q); 36 | static bn128_Fq12 miller_loop(const bn128_ate_G1_precomp &prec_P, 37 | const bn128_ate_G2_precomp &prec_Q); 38 | static bn128_Fq12 double_miller_loop(const bn128_ate_G1_precomp &prec_P1, 39 | const bn128_ate_G2_precomp &prec_Q1, 40 | const bn128_ate_G1_precomp &prec_P2, 41 | const bn128_ate_G2_precomp &prec_Q2); 42 | 43 | /* the following are used in test files */ 44 | static bn128_GT pairing(const bn128_G1 &P, 45 | const bn128_G2 &Q); 46 | static bn128_GT reduced_pairing(const bn128_G1 &P, 47 | const bn128_G2 &Q); 48 | }; 49 | 50 | } // libsnark 51 | #endif // BN128_PP_HPP_ 52 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn_utils.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef BN_UTILS_HPP_ 9 | #define BN_UTILS_HPP_ 10 | #include 11 | #include "bn.h" 12 | 13 | namespace libsnark { 14 | 15 | template 16 | void bn_batch_invert(std::vector &vec); 17 | 18 | } // libsnark 19 | 20 | #include "algebra/curves/bn128/bn_utils.tcc" 21 | 22 | #endif // BN_UTILS_HPP_ 23 | -------------------------------------------------------------------------------- /src/algebra/curves/bn128/bn_utils.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef BN_UTILS_TCC_ 9 | #define BN_UTILS_TCC_ 10 | 11 | namespace libsnark { 12 | 13 | template 14 | void bn_batch_invert(std::vector &vec) 15 | { 16 | std::vector prod; 17 | prod.reserve(vec.size()); 18 | 19 | FieldT acc = 1; 20 | 21 | for (auto el : vec) 22 | { 23 | assert(!el.isZero()); 24 | prod.emplace_back(acc); 25 | FieldT::mul(acc, acc, el); 26 | } 27 | 28 | FieldT acc_inverse = acc; 29 | acc_inverse.inverse(); 30 | 31 | for (long i = vec.size()-1; i >= 0; --i) 32 | { 33 | const FieldT old_el = vec[i]; 34 | FieldT::mul(vec[i], acc_inverse, prod[i]); 35 | FieldT::mul(acc_inverse, acc_inverse, old_el); 36 | } 37 | } 38 | 39 | } // libsnark 40 | #endif // FIELD_UTILS_TCC_ 41 | -------------------------------------------------------------------------------- /src/algebra/curves/curve_utils.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef CURVE_UTILS_HPP_ 9 | #define CURVE_UTILS_HPP_ 10 | #include 11 | 12 | #include "algebra/fields/bigint.hpp" 13 | 14 | namespace libsnark { 15 | 16 | template 17 | GroupT scalar_mul(const GroupT &base, const bigint &scalar); 18 | 19 | } // libsnark 20 | #include "algebra/curves/curve_utils.tcc" 21 | 22 | #endif // CURVE_UTILS_HPP_ 23 | -------------------------------------------------------------------------------- /src/algebra/curves/curve_utils.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef CURVE_UTILS_TCC_ 9 | #define CURVE_UTILS_TCC_ 10 | 11 | namespace libsnark { 12 | 13 | template 14 | GroupT scalar_mul(const GroupT &base, const bigint &scalar) 15 | { 16 | GroupT result = GroupT::zero(); 17 | 18 | bool found_one = false; 19 | for (long i = scalar.max_bits() - 1; i >= 0; --i) 20 | { 21 | if (found_one) 22 | { 23 | result = result.dbl(); 24 | } 25 | 26 | if (scalar.test_bit(i)) 27 | { 28 | found_one = true; 29 | result = result + base; 30 | } 31 | } 32 | 33 | return result; 34 | } 35 | 36 | } // libsnark 37 | #endif // CURVE_UTILS_TCC_ 38 | -------------------------------------------------------------------------------- /src/algebra/curves/edwards/edwards_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include "algebra/curves/edwards/edwards_pp.hpp" 9 | 10 | namespace libsnark { 11 | 12 | void edwards_pp::init_public_params() 13 | { 14 | init_edwards_params(); 15 | } 16 | 17 | edwards_GT edwards_pp::final_exponentiation(const edwards_Fq6 &elt) 18 | { 19 | return edwards_final_exponentiation(elt); 20 | } 21 | 22 | edwards_G1_precomp edwards_pp::precompute_G1(const edwards_G1 &P) 23 | { 24 | return edwards_precompute_G1(P); 25 | } 26 | 27 | edwards_G2_precomp edwards_pp::precompute_G2(const edwards_G2 &Q) 28 | { 29 | return edwards_precompute_G2(Q); 30 | } 31 | 32 | edwards_Fq6 edwards_pp::miller_loop(const edwards_G1_precomp &prec_P, 33 | const edwards_G2_precomp &prec_Q) 34 | { 35 | return edwards_miller_loop(prec_P, prec_Q); 36 | } 37 | 38 | edwards_Fq6 edwards_pp::double_miller_loop(const edwards_G1_precomp &prec_P1, 39 | const edwards_G2_precomp &prec_Q1, 40 | const edwards_G1_precomp &prec_P2, 41 | const edwards_G2_precomp &prec_Q2) 42 | { 43 | return edwards_double_miller_loop(prec_P1, prec_Q1, prec_P2, prec_Q2); 44 | } 45 | 46 | edwards_Fq6 edwards_pp::pairing(const edwards_G1 &P, 47 | const edwards_G2 &Q) 48 | { 49 | return edwards_pairing(P, Q); 50 | } 51 | 52 | edwards_Fq6 edwards_pp::reduced_pairing(const edwards_G1 &P, 53 | const edwards_G2 &Q) 54 | { 55 | return edwards_reduced_pairing(P, Q); 56 | } 57 | 58 | } // libsnark 59 | -------------------------------------------------------------------------------- /src/algebra/curves/edwards/edwards_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef EDWARDS_PP_HPP_ 9 | #define EDWARDS_PP_HPP_ 10 | #include "algebra/curves/public_params.hpp" 11 | #include "algebra/curves/edwards/edwards_init.hpp" 12 | #include "algebra/curves/edwards/edwards_g1.hpp" 13 | #include "algebra/curves/edwards/edwards_g2.hpp" 14 | #include "algebra/curves/edwards/edwards_pairing.hpp" 15 | 16 | namespace libsnark { 17 | 18 | class edwards_pp { 19 | public: 20 | typedef edwards_Fr Fp_type; 21 | typedef edwards_G1 G1_type; 22 | typedef edwards_G2 G2_type; 23 | typedef edwards_G1_precomp G1_precomp_type; 24 | typedef edwards_G2_precomp G2_precomp_type; 25 | typedef edwards_Fq Fq_type; 26 | typedef edwards_Fq3 Fqe_type; 27 | typedef edwards_Fq6 Fqk_type; 28 | typedef edwards_GT GT_type; 29 | 30 | static const bool has_affine_pairing = false; 31 | 32 | static void init_public_params(); 33 | static edwards_GT final_exponentiation(const edwards_Fq6 &elt); 34 | static edwards_G1_precomp precompute_G1(const edwards_G1 &P); 35 | static edwards_G2_precomp precompute_G2(const edwards_G2 &Q); 36 | static edwards_Fq6 miller_loop(const edwards_G1_precomp &prec_P, 37 | const edwards_G2_precomp &prec_Q); 38 | static edwards_Fq6 double_miller_loop(const edwards_G1_precomp &prec_P1, 39 | const edwards_G2_precomp &prec_Q1, 40 | const edwards_G1_precomp &prec_P2, 41 | const edwards_G2_precomp &prec_Q2); 42 | /* the following are used in test files */ 43 | static edwards_Fq6 pairing(const edwards_G1 &P, 44 | const edwards_G2 &Q); 45 | static edwards_Fq6 reduced_pairing(const edwards_G1 &P, 46 | const edwards_G2 &Q); 47 | }; 48 | 49 | } // libsnark 50 | #endif // EDWARDS_PP_HPP_ 51 | -------------------------------------------------------------------------------- /src/algebra/curves/mnt/mnt46_common.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of functionality that is shared among MNT curves. 5 | 6 | See mnt46_common.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include "algebra/curves/mnt/mnt46_common.hpp" 15 | 16 | namespace libsnark { 17 | 18 | bigint mnt46_modulus_A; 19 | bigint mnt46_modulus_B; 20 | 21 | } // libsnark 22 | -------------------------------------------------------------------------------- /src/algebra/curves/mnt/mnt46_common.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that is shared among MNT curves. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MNT46_COMMON_HPP_ 13 | #define MNT46_COMMON_HPP_ 14 | 15 | #include "algebra/fields/bigint.hpp" 16 | 17 | namespace libsnark { 18 | 19 | const mp_size_t mnt46_A_bitcount = 298; 20 | const mp_size_t mnt46_B_bitcount = 298; 21 | 22 | const mp_size_t mnt46_A_limbs = (mnt46_A_bitcount+GMP_NUMB_BITS-1)/GMP_NUMB_BITS; 23 | const mp_size_t mnt46_B_limbs = (mnt46_B_bitcount+GMP_NUMB_BITS-1)/GMP_NUMB_BITS; 24 | 25 | extern bigint mnt46_modulus_A; 26 | extern bigint mnt46_modulus_B; 27 | 28 | } // libsnark 29 | 30 | #endif 31 | -------------------------------------------------------------------------------- /src/algebra/evaluation_domain/domains/basic_radix2_domain.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the "basic radix-2" evaluation domain. 5 | 6 | Roughly, the domain has size m = 2^k and consists of the m-th roots of unity. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef BASIC_RADIX2_DOMAIN_HPP_ 15 | #define BASIC_RADIX2_DOMAIN_HPP_ 16 | 17 | #include "algebra/evaluation_domain/evaluation_domain.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class basic_radix2_domain : public evaluation_domain { 23 | public: 24 | 25 | FieldT omega; 26 | 27 | basic_radix2_domain(const size_t m); 28 | 29 | void FFT(std::vector &a); 30 | void iFFT(std::vector &a); 31 | void cosetFFT(std::vector &a, const FieldT &g); 32 | void icosetFFT(std::vector &a, const FieldT &g); 33 | std::vector lagrange_coeffs(const FieldT &t); 34 | FieldT get_element(const size_t idx); 35 | FieldT compute_Z(const FieldT &t); 36 | void add_poly_Z(const FieldT &coeff, std::vector &H); 37 | void divide_by_Z_on_coset(std::vector &P); 38 | 39 | }; 40 | 41 | } // libsnark 42 | 43 | #include "algebra/evaluation_domain/domains/basic_radix2_domain.tcc" 44 | 45 | #endif // BASIC_RADIX2_DOMAIN_HPP_ 46 | -------------------------------------------------------------------------------- /src/algebra/evaluation_domain/domains/basic_radix2_domain_aux.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for auxiliary functions for the "basic radix-2" evaluation domain. 5 | 6 | These functions compute the radix-2 FFT (in single- or multi-thread mode) and, 7 | also compute Lagrange coefficients. 8 | 9 | ***************************************************************************** 10 | * @author This file is part of libsnark, developed by SCIPR Lab 11 | * and contributors (see AUTHORS). 12 | * @copyright MIT license (see LICENSE file) 13 | *****************************************************************************/ 14 | 15 | #ifndef BASIC_RADIX2_DOMAIN_AUX_HPP_ 16 | #define BASIC_RADIX2_DOMAIN_AUX_HPP_ 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Compute the radix-2 FFT of the vector a over the set S={omega^{0},...,omega^{m-1}}. 22 | */ 23 | template 24 | void _basic_radix2_FFT(std::vector &a, const FieldT &omega); 25 | 26 | /** 27 | * A multi-thread version of _basic_radix2_FFT. 28 | */ 29 | template 30 | void _parallel_basic_radix2_FFT(std::vector &a, const FieldT &omega); 31 | 32 | /** 33 | * Translate the vector a to a coset defined by g. 34 | */ 35 | template 36 | void _multiply_by_coset(std::vector &a, const FieldT &g); 37 | 38 | /** 39 | * Compute the m Lagrange coefficients, relative to the set S={omega^{0},...,omega^{m-1}}, at the field element t. 40 | */ 41 | template 42 | std::vector _basic_radix2_lagrange_coeffs(const size_t m, const FieldT &t); 43 | 44 | } // libsnark 45 | 46 | #include "algebra/evaluation_domain/domains/basic_radix2_domain_aux.tcc" 47 | 48 | #endif // BASIC_RADIX2_DOMAIN_AUX_HPP_ 49 | -------------------------------------------------------------------------------- /src/algebra/evaluation_domain/domains/extended_radix2_domain.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the "extended radix-2" evaluation domain. 5 | 6 | Roughly, the domain has size m = 2^{k+1} and consists of 7 | "the m-th roots of unity" union "a coset of these roots". 8 | 9 | ***************************************************************************** 10 | * @author This file is part of libsnark, developed by SCIPR Lab 11 | * and contributors (see AUTHORS). 12 | * @copyright MIT license (see LICENSE file) 13 | *****************************************************************************/ 14 | 15 | #ifndef EXTENDED_RADIX2_DOMAIN_HPP_ 16 | #define EXTENDED_RADIX2_DOMAIN_HPP_ 17 | 18 | #include "algebra/evaluation_domain/evaluation_domain.hpp" 19 | 20 | namespace libsnark { 21 | 22 | template 23 | class extended_radix2_domain : public evaluation_domain { 24 | public: 25 | 26 | size_t small_m; 27 | FieldT omega; 28 | FieldT shift; 29 | 30 | extended_radix2_domain(const size_t m); 31 | 32 | void FFT(std::vector &a); 33 | void iFFT(std::vector &a); 34 | void cosetFFT(std::vector &a, const FieldT &g); 35 | void icosetFFT(std::vector &a, const FieldT &g); 36 | std::vector lagrange_coeffs(const FieldT &t); 37 | FieldT get_element(const size_t idx); 38 | FieldT compute_Z(const FieldT &t); 39 | void add_poly_Z(const FieldT &coeff, std::vector &H); 40 | void divide_by_Z_on_coset(std::vector &P); 41 | 42 | }; 43 | 44 | } // libsnark 45 | 46 | #include "algebra/evaluation_domain/domains/extended_radix2_domain.tcc" 47 | 48 | #endif // EXTENDED_RADIX2_DOMAIN_HPP_ 49 | -------------------------------------------------------------------------------- /src/algebra/evaluation_domain/domains/step_radix2_domain.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the "step radix-2" evaluation domain. 5 | 6 | Roughly, the domain has size m = 2^k + 2^r and consists of 7 | "the 2^k-th roots of unity" union "a coset of 2^r-th roots of unity". 8 | 9 | ***************************************************************************** 10 | * @author This file is part of libsnark, developed by SCIPR Lab 11 | * and contributors (see AUTHORS). 12 | * @copyright MIT license (see LICENSE file) 13 | *****************************************************************************/ 14 | 15 | #ifndef STEP_RADIX2_DOMAIN_HPP_ 16 | #define STEP_RADIX2_DOMAIN_HPP_ 17 | 18 | #include "algebra/evaluation_domain/evaluation_domain.hpp" 19 | 20 | namespace libsnark { 21 | 22 | template 23 | class step_radix2_domain : public evaluation_domain { 24 | public: 25 | 26 | size_t big_m; 27 | size_t small_m; 28 | FieldT omega; 29 | FieldT big_omega; 30 | FieldT small_omega; 31 | 32 | step_radix2_domain(const size_t m); 33 | 34 | void FFT(std::vector &a); 35 | void iFFT(std::vector &a); 36 | void cosetFFT(std::vector &a, const FieldT &g); 37 | void icosetFFT(std::vector &a, const FieldT &g); 38 | std::vector lagrange_coeffs(const FieldT &t); 39 | FieldT get_element(const size_t idx); 40 | FieldT compute_Z(const FieldT &t); 41 | void add_poly_Z(const FieldT &coeff, std::vector &H); 42 | void divide_by_Z_on_coset(std::vector &P); 43 | 44 | }; 45 | 46 | } // libsnark 47 | 48 | #include "algebra/evaluation_domain/domains/step_radix2_domain.tcc" 49 | 50 | #endif // STEP_RADIX2_DOMAIN_HPP_ 51 | -------------------------------------------------------------------------------- /src/algebra/exponentiation/exponentiation.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for (square-and-multiply) exponentiation. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef EXPONENTIATION_HPP_ 13 | #define EXPONENTIATION_HPP_ 14 | 15 | #include 16 | 17 | #include "algebra/fields/bigint.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | FieldT power(const FieldT &base, const bigint &exponent); 23 | 24 | template 25 | FieldT power(const FieldT &base, const unsigned long exponent); 26 | 27 | } // libsnark 28 | 29 | #include "algebra/exponentiation/exponentiation.tcc" 30 | 31 | #endif // EXPONENTIATION_HPP_ 32 | -------------------------------------------------------------------------------- /src/algebra/exponentiation/exponentiation.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for (square-and-multiply) exponentiation. 5 | 6 | See exponentiation.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef EXPONENTIATION_TCC_ 15 | #define EXPONENTIATION_TCC_ 16 | 17 | #include "common/utils.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | FieldT power(const FieldT &base, const bigint &exponent) 23 | { 24 | FieldT result = FieldT::one(); 25 | 26 | bool found_one = false; 27 | 28 | for (long i = exponent.max_bits() - 1; i >= 0; --i) 29 | { 30 | if (found_one) 31 | { 32 | result = result * result; 33 | } 34 | 35 | if (exponent.test_bit(i)) 36 | { 37 | found_one = true; 38 | result = result * base; 39 | } 40 | } 41 | 42 | return result; 43 | } 44 | 45 | template 46 | FieldT power(const FieldT &base, const unsigned long exponent) 47 | { 48 | return power(base, bigint<1>(exponent)); 49 | } 50 | 51 | } // libsnark 52 | 53 | #endif // EXPONENTIATION_TCC_ 54 | -------------------------------------------------------------------------------- /src/algebra/fields/field_utils.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef FIELD_UTILS_HPP_ 9 | #define FIELD_UTILS_HPP_ 10 | #include 11 | 12 | #include "common/utils.hpp" 13 | #include "algebra/fields/bigint.hpp" 14 | 15 | namespace libsnark { 16 | 17 | // returns root of unity of order n (for n a power of 2), if one exists 18 | template 19 | FieldT get_root_of_unity(const size_t n); 20 | 21 | template 22 | std::vector pack_int_vector_into_field_element_vector(const std::vector &v, const size_t w); 23 | 24 | template 25 | std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v, const size_t chunk_bits); 26 | 27 | template 28 | std::vector pack_bit_vector_into_field_element_vector(const bit_vector &v); 29 | 30 | template 31 | std::vector convert_bit_vector_to_field_element_vector(const bit_vector &v); 32 | 33 | template 34 | bit_vector convert_field_element_vector_to_bit_vector(const std::vector &v); 35 | 36 | template 37 | bit_vector convert_field_element_to_bit_vector(const FieldT &el); 38 | 39 | template 40 | bit_vector convert_field_element_to_bit_vector(const FieldT &el, const size_t bitcount); 41 | 42 | template 43 | FieldT convert_bit_vector_to_field_element(const bit_vector &v); 44 | 45 | template 46 | void batch_invert(std::vector &vec); 47 | 48 | } // libsnark 49 | #include "algebra/fields/field_utils.tcc" 50 | 51 | #endif // FIELD_UTILS_HPP_ 52 | -------------------------------------------------------------------------------- /src/algebra/scalar_multiplication/wnaf.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for wNAF ("width-w Non-Adjacent Form") exponentiation routines. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef WNAF_HPP_ 13 | #define WNAF_HPP_ 14 | 15 | namespace libsnark { 16 | 17 | /** 18 | * Find the wNAF representation of the given scalar relative to the given window size. 19 | */ 20 | template 21 | std::vector find_wnaf(const size_t window_size, const bigint &scalar); 22 | 23 | /** 24 | * In additive notation, use wNAF exponentiation (with the given window size) to compute scalar * base. 25 | */ 26 | template 27 | T fixed_window_wnaf_exp(const size_t window_size, const T &base, const bigint &scalar); 28 | 29 | /** 30 | * In additive notation, use wNAF exponentiation (with the window size determined by T) to compute scalar * base. 31 | */ 32 | template 33 | T opt_window_wnaf_exp(const T &base, const bigint &scalar, const size_t scalar_bits); 34 | 35 | } // libsnark 36 | 37 | #include "algebra/scalar_multiplication/wnaf.tcc" 38 | 39 | #endif // WNAF_HPP_ 40 | -------------------------------------------------------------------------------- /src/common/data_structures/integer_permutation.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a permutation of the integers in {min_element,...,max_element}. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef INTEGER_PERMUTATION_HPP_ 13 | #define INTEGER_PERMUTATION_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | class integer_permutation { 21 | private: 22 | std::vector contents; /* offset by min_element */ 23 | 24 | public: 25 | size_t min_element; 26 | size_t max_element; 27 | 28 | integer_permutation(const size_t size = 0); 29 | integer_permutation(const size_t min_element, const size_t max_element); 30 | 31 | integer_permutation& operator=(const integer_permutation &other) = default; 32 | 33 | size_t size() const; 34 | bool operator==(const integer_permutation &other) const; 35 | 36 | void set(const size_t position, const size_t value); 37 | size_t get(const size_t position) const; 38 | 39 | bool is_valid() const; 40 | integer_permutation inverse() const; 41 | integer_permutation slice(const size_t slice_min_element, const size_t slice_max_element) const; 42 | 43 | /* Similarly to std::next_permutation this transforms the current 44 | integer permutation into the next lexicographically oredered 45 | permutation; returns false if the last permutation was reached and 46 | this is now the identity permutation on [min_element .. max_element] */ 47 | bool next_permutation(); 48 | 49 | void random_shuffle(); 50 | }; 51 | 52 | } // libsnark 53 | 54 | #endif // INTEGER_PERMUTATION_HPP_ 55 | -------------------------------------------------------------------------------- /src/common/data_structures/set_commitment.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include "common/data_structures/set_commitment.hpp" 9 | #include "common/serialization.hpp" 10 | 11 | namespace libsnark { 12 | 13 | bool set_membership_proof::operator==(const set_membership_proof &other) const 14 | { 15 | return (this->address == other.address && 16 | this->merkle_path == other.merkle_path); 17 | } 18 | 19 | size_t set_membership_proof::size_in_bits() const 20 | { 21 | if (merkle_path.empty()) 22 | { 23 | return (8 * sizeof(address)); 24 | } 25 | else 26 | { 27 | return (8 * sizeof(address) + merkle_path[0].size() * merkle_path.size()); 28 | } 29 | } 30 | 31 | std::ostream& operator<<(std::ostream &out, const set_membership_proof &proof) 32 | { 33 | out << proof.address << "\n"; 34 | out << proof.merkle_path.size() << "\n"; 35 | for (size_t i = 0; i < proof.merkle_path.size(); ++i) 36 | { 37 | output_bool_vector(out, proof.merkle_path[i]); 38 | } 39 | 40 | return out; 41 | } 42 | 43 | std::istream& operator>>(std::istream &in, set_membership_proof &proof) 44 | { 45 | in >> proof.address; 46 | consume_newline(in); 47 | size_t tree_depth; 48 | in >> tree_depth; 49 | consume_newline(in); 50 | proof.merkle_path.resize(tree_depth); 51 | 52 | for (size_t i = 0; i < tree_depth; ++i) 53 | { 54 | input_bool_vector(in, proof.merkle_path[i]); 55 | } 56 | 57 | return in; 58 | } 59 | 60 | } // libsnark 61 | -------------------------------------------------------------------------------- /src/common/data_structures/set_commitment.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a Merkle tree based set commitment scheme. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef SET_COMMITMENT_HPP_ 13 | #define SET_COMMITMENT_HPP_ 14 | 15 | #include "common/utils.hpp" 16 | #include "common/data_structures/merkle_tree.hpp" 17 | #include "gadgetlib1/gadgets/hashes/hash_io.hpp" // TODO: the current structure is suboptimal 18 | 19 | namespace libsnark { 20 | 21 | typedef bit_vector set_commitment; 22 | 23 | struct set_membership_proof { 24 | size_t address; 25 | merkle_authentication_path merkle_path; 26 | 27 | bool operator==(const set_membership_proof &other) const; 28 | size_t size_in_bits() const; 29 | friend std::ostream& operator<<(std::ostream &out, const set_membership_proof &other); 30 | friend std::istream& operator>>(std::istream &in, set_membership_proof &other); 31 | }; 32 | 33 | template 34 | class set_commitment_accumulator { 35 | private: 36 | std::shared_ptr > tree; 37 | std::map hash_to_pos; 38 | public: 39 | 40 | size_t depth; 41 | size_t digest_size; 42 | size_t value_size; 43 | 44 | set_commitment_accumulator(const size_t max_entries, const size_t value_size=0); 45 | 46 | void add(const bit_vector &value); 47 | bool is_in_set(const bit_vector &value) const; 48 | set_commitment get_commitment() const; 49 | 50 | set_membership_proof get_membership_proof(const bit_vector &value) const; 51 | }; 52 | 53 | } // libsnark 54 | 55 | /* note that set_commitment has both .cpp, for implementation of 56 | non-templatized code (methods of set_membership_proof) and .tcc 57 | (implementation of set_commitment_accumulator */ 58 | #include "common/data_structures/set_commitment.tcc" 59 | 60 | #endif // SET_COMMITMENT_HPP_ 61 | -------------------------------------------------------------------------------- /src/common/data_structures/set_commitment.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of a Merkle tree based set commitment scheme. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef SET_COMMITMENT_TCC_ 13 | #define SET_COMMITMENT_TCC_ 14 | 15 | namespace libsnark { 16 | 17 | template 18 | set_commitment_accumulator::set_commitment_accumulator(const size_t max_entries, const size_t value_size) : 19 | value_size(value_size) 20 | { 21 | depth = log2(max_entries); 22 | digest_size = HashT::get_digest_len(); 23 | 24 | tree.reset(new merkle_tree(depth, digest_size)); 25 | } 26 | 27 | template 28 | void set_commitment_accumulator::add(const bit_vector &value) 29 | { 30 | assert(value_size == 0 || value.size() == value_size); 31 | const bit_vector hash = HashT::get_hash(value); 32 | if (hash_to_pos.find(hash) == hash_to_pos.end()) 33 | { 34 | const size_t pos = hash_to_pos.size(); 35 | tree->set_value(pos, hash); 36 | hash_to_pos[hash] = pos; 37 | } 38 | } 39 | 40 | template 41 | bool set_commitment_accumulator::is_in_set(const bit_vector &value) const 42 | { 43 | assert(value_size == 0 || value.size() == value_size); 44 | const bit_vector hash = HashT::get_hash(value); 45 | return (hash_to_pos.find(hash) != hash_to_pos.end()); 46 | } 47 | 48 | template 49 | set_commitment set_commitment_accumulator::get_commitment() const 50 | { 51 | return tree->get_root(); 52 | } 53 | 54 | template 55 | set_membership_proof set_commitment_accumulator::get_membership_proof(const bit_vector &value) const 56 | { 57 | const bit_vector hash = HashT::get_hash(value); 58 | auto it = hash_to_pos.find(hash); 59 | assert(it != hash_to_pos.end()); 60 | 61 | set_membership_proof proof; 62 | proof.address = it->second; 63 | proof.merkle_path = tree->get_path(it->second); 64 | 65 | return proof; 66 | } 67 | 68 | } // libsnark 69 | 70 | #endif // SET_COMMITMENT_TCC_ 71 | -------------------------------------------------------------------------------- /src/common/default_types/bacs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | 2 | /** @file 3 | ***************************************************************************** 4 | 5 | This file defines default_bacs_ppzksnark_pp based on the elliptic curve 6 | choice selected in ec_pp.hpp. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef BACS_PPZKSNARK_PP_HPP_ 15 | #define BACS_PPZKSNARK_PP_HPP_ 16 | 17 | #include "common/default_types/ec_pp.hpp" 18 | 19 | namespace libsnark { 20 | typedef default_ec_pp default_bacs_ppzksnark_pp; 21 | } // libsnark 22 | 23 | #endif // BACS_PPZKSNARK_PP_HPP_ 24 | -------------------------------------------------------------------------------- /src/common/default_types/ec_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_ec_pp based on the CURVE=... make flag, which selects 5 | which elliptic curve is used to implement group arithmetic and pairings. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef EC_PP_HPP_ 14 | #define EC_PP_HPP_ 15 | 16 | /************************ Pick the elliptic curve ****************************/ 17 | 18 | #ifdef CURVE_ALT_BN128 19 | #include "algebra/curves/alt_bn128/alt_bn128_pp.hpp" 20 | namespace libsnark { 21 | typedef alt_bn128_pp default_ec_pp; 22 | } // libsnark 23 | #endif 24 | 25 | #ifdef CURVE_BN128 26 | #include "algebra/curves/bn128/bn128_pp.hpp" 27 | namespace libsnark { 28 | typedef bn128_pp default_ec_pp; 29 | } // libsnark 30 | #endif 31 | 32 | #ifdef CURVE_EDWARDS 33 | #include "algebra/curves/edwards/edwards_pp.hpp" 34 | namespace libsnark { 35 | typedef edwards_pp default_ec_pp; 36 | } // libsnark 37 | #endif 38 | 39 | #ifdef CURVE_MNT4 40 | #include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" 41 | namespace libsnark { 42 | typedef mnt4_pp default_ec_pp; 43 | } // libsnark 44 | #endif 45 | 46 | #ifdef CURVE_MNT6 47 | #include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" 48 | namespace libsnark { 49 | typedef mnt6_pp default_ec_pp; 50 | } // libsnark 51 | #endif 52 | 53 | #endif // EC_PP_HPP_ 54 | -------------------------------------------------------------------------------- /src/common/default_types/r1cs_gg_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_gg_ppzksnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_GG_PPZKSNARK_PP_HPP_ 14 | #define R1CS_GG_PPZKSNARK_PP_HPP_ 15 | 16 | #include "common/default_types/ec_pp.hpp" 17 | 18 | namespace libsnark { 19 | typedef default_ec_pp default_r1cs_gg_ppzksnark_pp; 20 | } // libsnark 21 | 22 | #endif // R1CS_GG_PPZKSNARK_PP_HPP_ 23 | -------------------------------------------------------------------------------- /src/common/default_types/r1cs_ppzkadsnark_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default ADSNARK params. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include "common/default_types/r1cs_ppzkadsnark_pp.hpp" 13 | 14 | namespace libsnark { 15 | 16 | void default_r1cs_ppzkadsnark_pp::init_public_params() 17 | { 18 | snark_pp::init_public_params(); 19 | } 20 | 21 | } // libsnark 22 | -------------------------------------------------------------------------------- /src/common/default_types/r1cs_ppzkadsnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_ppzkadsnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_PPZKADSNARK_PP_HPP_ 14 | #define R1CS_PPZKADSNARK_PP_HPP_ 15 | 16 | #include "common/default_types/r1cs_ppzksnark_pp.hpp" 17 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/prf/aes_ctr_prf.hpp" 18 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/signature/ed25519_signature.hpp" 19 | 20 | namespace libsnark { 21 | 22 | class default_r1cs_ppzkadsnark_pp { 23 | public: 24 | typedef default_r1cs_ppzksnark_pp snark_pp; 25 | typedef ed25519_skT skT; 26 | typedef ed25519_vkT vkT; 27 | typedef ed25519_sigT sigT; 28 | typedef aesPrfKeyT prfKeyT; 29 | 30 | static void init_public_params(); 31 | }; 32 | 33 | }; // libsnark 34 | 35 | #endif // R1CS_PPZKADSNARK_PP_HPP_ 36 | -------------------------------------------------------------------------------- /src/common/default_types/r1cs_ppzkpcd_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default PCD cycle. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include "common/default_types/r1cs_ppzkpcd_pp.hpp" 13 | 14 | namespace libsnark { 15 | 16 | void default_r1cs_ppzkpcd_pp::init_public_params() 17 | { 18 | curve_A_pp::init_public_params(); 19 | curve_B_pp::init_public_params(); 20 | } 21 | 22 | } // libsnark 23 | -------------------------------------------------------------------------------- /src/common/default_types/r1cs_ppzkpcd_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default PCD cycle. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_PPZKPCD_PP_HPP_ 13 | #define R1CS_PPZKPCD_PP_HPP_ 14 | 15 | /*********************** Define default PCD cycle ***************************/ 16 | 17 | #include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" 18 | #include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" 19 | 20 | namespace libsnark { 21 | 22 | class default_r1cs_ppzkpcd_pp { 23 | public: 24 | typedef mnt4_pp curve_A_pp; 25 | typedef mnt6_pp curve_B_pp; 26 | 27 | typedef Fr scalar_field_A; 28 | typedef Fr scalar_field_B; 29 | 30 | static void init_public_params(); 31 | }; 32 | 33 | } // libsnark 34 | 35 | #endif // R1CS_PPZKPCD_PP_HPP_ 36 | -------------------------------------------------------------------------------- /src/common/default_types/r1cs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_ppzksnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_PPZKSNARK_PP_HPP_ 14 | #define R1CS_PPZKSNARK_PP_HPP_ 15 | 16 | #include "common/default_types/ec_pp.hpp" 17 | 18 | namespace libsnark { 19 | typedef default_ec_pp default_r1cs_ppzksnark_pp; 20 | } // libsnark 21 | 22 | #endif // R1CS_PPZKSNARK_PP_HPP_ 23 | -------------------------------------------------------------------------------- /src/common/default_types/ram_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default architecture and curve choices for RAM 5 | ppzk-SNARK. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RAM_PPZKSNARK_PP_HPP_ 14 | #define RAM_PPZKSNARK_PP_HPP_ 15 | 16 | #include "common/default_types/tinyram_ppzksnark_pp.hpp" 17 | 18 | namespace libsnark { 19 | 20 | typedef default_tinyram_ppzksnark_pp default_ram_ppzksnark_pp; 21 | 22 | } // libsnark 23 | 24 | #endif // RAM_PPZKSNARK_PP_HPP_ 25 | -------------------------------------------------------------------------------- /src/common/default_types/ram_zksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default architecture and curve choices for RAM 5 | zk-SNARK. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RAM_ZKSNARK_PP_HPP_ 14 | #define RAM_ZKSNARK_PP_HPP_ 15 | 16 | #include "common/default_types/tinyram_zksnark_pp.hpp" 17 | 18 | namespace libsnark { 19 | 20 | typedef default_tinyram_zksnark_pp default_ram_zksnark_pp; 21 | 22 | } // libsnark 23 | 24 | #endif // RAM_ZKSNARK_PP_HPP_ 25 | -------------------------------------------------------------------------------- /src/common/default_types/tbcs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | 2 | /** @file 3 | ***************************************************************************** 4 | 5 | This file defines default_tbcs_ppzksnark_pp based on the elliptic curve 6 | choice selected in ec_pp.hpp. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef TBCS_PPZKSNARK_PP_HPP_ 15 | #define TBCS_PPZKSNARK_PP_HPP_ 16 | 17 | #include "common/default_types/ec_pp.hpp" 18 | 19 | namespace libsnark { 20 | typedef default_ec_pp default_tbcs_ppzksnark_pp; 21 | } // libsnark 22 | 23 | #endif // TBCS_PPZKSNARK_PP_HPP_ 24 | -------------------------------------------------------------------------------- /src/common/default_types/tinyram_ppzksnark_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default TinyRAM ppzk-SNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include "common/default_types/tinyram_ppzksnark_pp.hpp" 13 | 14 | namespace libsnark { 15 | 16 | void default_tinyram_ppzksnark_pp::init_public_params() 17 | { 18 | snark_pp::init_public_params(); 19 | } 20 | 21 | } // libsnark 22 | -------------------------------------------------------------------------------- /src/common/default_types/tinyram_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default architecture and curve choices for RAM 5 | ppzk-SNARK. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef TINYRAM_PPZKSNARK_PP_HPP_ 14 | #define TINYRAM_PPZKSNARK_PP_HPP_ 15 | 16 | #include "common/default_types/r1cs_ppzksnark_pp.hpp" 17 | #include "relations/ram_computations/rams/tinyram/tinyram_params.hpp" 18 | 19 | namespace libsnark { 20 | 21 | class default_tinyram_ppzksnark_pp { 22 | public: 23 | typedef default_r1cs_ppzksnark_pp snark_pp; 24 | typedef Fr FieldT; 25 | typedef ram_tinyram machine_pp; 26 | 27 | static void init_public_params(); 28 | }; 29 | 30 | } // libsnark 31 | 32 | #endif // TINYRAM_PPZKSNARK_PP_HPP_ 33 | -------------------------------------------------------------------------------- /src/common/default_types/tinyram_zksnark_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default TinyRAM zk-SNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include "common/default_types/tinyram_zksnark_pp.hpp" 13 | 14 | namespace libsnark { 15 | 16 | void default_tinyram_zksnark_pp::init_public_params() 17 | { 18 | PCD_pp::init_public_params(); 19 | } 20 | 21 | } // libsnark 22 | -------------------------------------------------------------------------------- /src/common/default_types/tinyram_zksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default choices of TinyRAM zk-SNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TINYRAM_PPZKSNARK_PP_HPP_ 13 | #define TINYRAM_PPZKSNARK_PP_HPP_ 14 | 15 | #include "common/default_types/r1cs_ppzkpcd_pp.hpp" 16 | #include "relations/ram_computations/rams/tinyram/tinyram_params.hpp" 17 | 18 | namespace libsnark { 19 | 20 | class default_tinyram_zksnark_pp { 21 | public: 22 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 23 | typedef typename PCD_pp::scalar_field_A FieldT; 24 | typedef ram_tinyram machine_pp; 25 | 26 | static void init_public_params(); 27 | }; 28 | 29 | } // libsnark 30 | 31 | #endif // TINYRAM_PPZKSNARK_PP_HPP_ 32 | -------------------------------------------------------------------------------- /src/common/default_types/uscs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | 2 | /** @file 3 | ***************************************************************************** 4 | 5 | This file defines default_uscs_ppzksnark_pp based on the elliptic curve 6 | choice selected in ec_pp.hpp. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef USCS_PPZKSNARK_PP_HPP_ 15 | #define USCS_PPZKSNARK_PP_HPP_ 16 | 17 | #include "common/default_types/ec_pp.hpp" 18 | 19 | namespace libsnark { 20 | typedef default_ec_pp default_uscs_ppzksnark_pp; 21 | } // libsnark 22 | 23 | #endif // USCS_PPZKSNARK_PP_HPP_ 24 | -------------------------------------------------------------------------------- /src/common/profiling.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functions for profiling code blocks. 5 | 6 | Reports time, operation counts, memory usage, and others. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef PROFILING_HPP_ 15 | #define PROFILING_HPP_ 16 | 17 | #include 18 | #include 19 | #include 20 | #include 21 | 22 | namespace libsnark { 23 | 24 | void start_profiling(); 25 | long long get_nsec_time(); 26 | void print_time(const char* msg); 27 | void print_header(const char* msg); 28 | 29 | void print_indent(); 30 | 31 | extern bool inhibit_profiling_info; 32 | extern bool inhibit_profiling_counters; 33 | extern std::map invocation_counts; 34 | extern std::map last_times; 35 | extern std::map cumulative_times; 36 | 37 | void clear_profiling_counters(); 38 | 39 | void print_cumulative_time_entry(const std::string &key, const long long factor=1); 40 | void print_cumulative_times(const long long factor=1); 41 | void print_cumulative_op_counts(const bool only_fq=false); 42 | 43 | void enter_block(const std::string &msg, const bool indent=true); 44 | void leave_block(const std::string &msg, const bool indent=true); 45 | 46 | void print_mem(const std::string &s = ""); 47 | void print_compilation_info(); 48 | 49 | } // libsnark 50 | 51 | #endif // PROFILING_HPP_ 52 | -------------------------------------------------------------------------------- /src/common/rng.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functions for generating randomness. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef RNG_HPP_ 13 | #define RNG_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | template 20 | FieldT SHA512_rng(const uint64_t idx); 21 | 22 | } // libsnark 23 | 24 | #include "common/rng.tcc" 25 | 26 | #endif // RNG_HPP_ 27 | -------------------------------------------------------------------------------- /src/common/rng.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of functions for generating randomness. 5 | 6 | See rng.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef RNG_TCC_ 15 | #define RNG_TCC_ 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | template 22 | FieldT SHA512_rng(const uint64_t idx) 23 | { 24 | assert(GMP_NUMB_BITS == 64); // current Python code cannot handle larger values, so testing here for some assumptions. 25 | assert(is_little_endian()); 26 | 27 | assert(FieldT::size_in_bits() <= SHA512_DIGEST_LENGTH * 8); 28 | 29 | bigint rval; 30 | uint64_t iter = 0; 31 | do 32 | { 33 | mp_limb_t hash[((SHA512_DIGEST_LENGTH*8) + GMP_NUMB_BITS - 1)/GMP_NUMB_BITS]; 34 | 35 | SHA512_CTX sha512; 36 | SHA512_Init(&sha512); 37 | SHA512_Update(&sha512, &idx, sizeof(idx)); 38 | SHA512_Update(&sha512, &iter, sizeof(iter)); 39 | SHA512_Final((unsigned char*)hash, &sha512); 40 | 41 | for (mp_size_t i = 0; i < FieldT::num_limbs; ++i) 42 | { 43 | rval.data[i] = hash[i]; 44 | } 45 | 46 | /* clear all bits higher than MSB of modulus */ 47 | size_t bitno = GMP_NUMB_BITS * FieldT::num_limbs; 48 | while (FieldT::mod.test_bit(bitno) == false) 49 | { 50 | const std::size_t part = bitno/GMP_NUMB_BITS; 51 | const std::size_t bit = bitno - (GMP_NUMB_BITS*part); 52 | 53 | rval.data[part] &= ~(1ul<= modulus -- repeat (rejection sampling) */ 62 | while (mpn_cmp(rval.data, FieldT::mod.data, FieldT::num_limbs) >= 0); 63 | 64 | return FieldT(rval); 65 | } 66 | 67 | } // libsnark 68 | 69 | #endif // RNG_TCC_ 70 | -------------------------------------------------------------------------------- /src/common/routing_algorithms/profiling/profile_routing_algorithms.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Functions to profile the algorithms that route on Benes and AS-Waksman networks. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include 13 | 14 | #include "common/profiling.hpp" 15 | #include "common/routing_algorithms/as_waksman_routing_algorithm.hpp" 16 | #include "common/routing_algorithms/benes_routing_algorithm.hpp" 17 | 18 | using namespace libsnark; 19 | 20 | void profile_benes_algorithm(const size_t n) 21 | { 22 | printf("* Size: %zu\n", n); 23 | 24 | assert(n == 1ul< 13 | 14 | #include "common/profiling.hpp" 15 | #include "common/routing_algorithms/benes_routing_algorithm.hpp" 16 | #include "common/routing_algorithms/as_waksman_routing_algorithm.hpp" 17 | 18 | using namespace libsnark; 19 | 20 | /** 21 | * Test Benes network routing for all permutations on 2^log2(N) elements. 22 | */ 23 | void test_benes(const size_t N) 24 | { 25 | integer_permutation permutation(1ul << log2(N)); 26 | 27 | do { 28 | const benes_routing routing = get_benes_routing(permutation); 29 | assert(valid_benes_routing(permutation, routing)); 30 | } while (permutation.next_permutation()); 31 | } 32 | 33 | /** 34 | * Test AS-Waksman network routing for all permutations on N elements. 35 | */ 36 | void test_as_waksman(const size_t N) 37 | { 38 | integer_permutation permutation(N); 39 | 40 | do { 41 | const as_waksman_routing routing = get_as_waksman_routing(permutation); 42 | assert(valid_as_waksman_routing(permutation, routing)); 43 | } while (permutation.next_permutation()); 44 | } 45 | 46 | int main(void) 47 | { 48 | start_profiling(); 49 | 50 | enter_block("Test routing algorithms"); 51 | 52 | enter_block("Test Benes network routing algorithm"); 53 | size_t bn_size = 8; 54 | print_indent(); printf("* for all permutations on %zu elements\n", bn_size); 55 | test_benes(bn_size); 56 | leave_block("Test Benes network routing algorithm"); 57 | 58 | 59 | enter_block("Test AS-Waksman network routing algorithm"); 60 | size_t asw_max_size = 9; 61 | for (size_t i = 2; i <= asw_max_size; ++i) 62 | { 63 | print_indent(); printf("* for all permutations on %zu elements\n", i); 64 | test_as_waksman(i); 65 | } 66 | leave_block("Test AS-Waksman network routing algorithm"); 67 | 68 | leave_block("Test routing algorithms"); 69 | } 70 | -------------------------------------------------------------------------------- /src/common/template_utils.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functions for supporting the use of templates. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TEMPLATE_UTILS_HPP_ 13 | #define TEMPLATE_UTILS_HPP_ 14 | 15 | namespace libsnark { 16 | 17 | /* A commonly used SFINAE helper type */ 18 | template 19 | struct void_type 20 | { 21 | typedef void type; 22 | }; 23 | 24 | } // libsnark 25 | 26 | #endif // TEMPLATE_UTILS_HPP_ 27 | -------------------------------------------------------------------------------- /src/common/utils.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Declaration of misc math and serialization utility functions 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #ifndef UTILS_HPP_ 11 | #define UTILS_HPP_ 12 | 13 | #include 14 | #include 15 | #include 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | typedef std::vector bit_vector; 22 | 23 | /// returns ceil(log2(n)), so 1ul< &l, const size_t wordsize); 33 | long long div_ceil(long long x, long long y); 34 | 35 | bool is_little_endian(); 36 | 37 | std::string FORMAT(const std::string &prefix, const char* format, ...); 38 | 39 | /* A variadic template to suppress unused argument warnings */ 40 | template 41 | void UNUSED(Types&&...) {} 42 | 43 | #ifdef DEBUG 44 | #define FMT FORMAT 45 | #else 46 | #define FMT(...) (UNUSED(__VA_ARGS__), "") 47 | #endif 48 | 49 | void serialize_bit_vector(std::ostream &out, const bit_vector &v); 50 | void deserialize_bit_vector(std::istream &in, bit_vector &v); 51 | 52 | template 53 | size_t size_in_bits(const std::vector &v); 54 | 55 | #define ARRAY_SIZE(arr) (sizeof(arr)/sizeof(arr[0])) 56 | 57 | } // libsnark 58 | 59 | #include "common/utils.tcc" /* note that utils has a templatized part (utils.tcc) and non-templatized part (utils.cpp) */ 60 | #endif // UTILS_HPP_ 61 | -------------------------------------------------------------------------------- /src/common/utils.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Implementation of templatized utility functions 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #ifndef UTILS_TCC_ 11 | #define UTILS_TCC_ 12 | 13 | namespace libsnark { 14 | 15 | template 16 | size_t size_in_bits(const std::vector &v) 17 | { 18 | return v.size() * T::size_in_bits(); 19 | } 20 | 21 | } // libsnark 22 | 23 | #endif // UTILS_TCC_ 24 | -------------------------------------------------------------------------------- /src/gadgetlib1/constraint_profiling.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for profiling constraints. 5 | 6 | See constraint_profiling.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include "gadgetlib1/constraint_profiling.hpp" 15 | #include "common/profiling.hpp" 16 | 17 | namespace libsnark { 18 | 19 | size_t constraint_profiling_indent = 0; 20 | std::vector constraint_profiling_table; 21 | 22 | size_t PRINT_CONSTRAINT_PROFILING() 23 | { 24 | size_t accounted = 0; 25 | print_indent(); 26 | printf("Constraint profiling:\n"); 27 | for (constraint_profiling_entry &ent : constraint_profiling_table) 28 | { 29 | if (ent.indent == 0) 30 | { 31 | accounted += ent.count; 32 | } 33 | 34 | print_indent(); 35 | for (size_t i = 0; i < ent.indent; ++i) 36 | { 37 | printf(" "); 38 | } 39 | printf("* Number of constraints in [%s]: %zu\n", ent.annotation.c_str(), ent.count); 40 | } 41 | 42 | constraint_profiling_table.clear(); 43 | constraint_profiling_indent = 0; 44 | 45 | return accounted; 46 | } 47 | 48 | } 49 | -------------------------------------------------------------------------------- /src/gadgetlib1/constraint_profiling.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for profiling constraints. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef CONSTRAINT_PROFILING_HPP_ 13 | #define CONSTRAINT_PROFILING_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | extern size_t constraint_profiling_indent; 23 | 24 | struct constraint_profiling_entry { 25 | size_t indent; 26 | std::string annotation; 27 | size_t count; 28 | }; 29 | 30 | extern std::vector constraint_profiling_table; 31 | 32 | #define PROFILE_CONSTRAINTS(pb, annotation) \ 33 | for (size_t _num_constraints_before = pb.num_constraints(), _iter = (++constraint_profiling_indent, 0), _cp_pos = constraint_profiling_table.size(); \ 34 | _iter == 0; \ 35 | constraint_profiling_table.insert(constraint_profiling_table.begin() + _cp_pos, constraint_profiling_entry{--constraint_profiling_indent, annotation, pb.num_constraints() - _num_constraints_before}), \ 36 | _iter = 1) 37 | 38 | size_t PRINT_CONSTRAINT_PROFILING(); // returns # of top level constraints 39 | 40 | } // libsnark 41 | 42 | #endif // CONSTRAINT_PROFILING_HPP_ 43 | -------------------------------------------------------------------------------- /src/gadgetlib1/examples/simple_example.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SIMPLE_EXAMPLE_HPP_ 9 | #define SIMPLE_EXAMPLE_HPP_ 10 | 11 | #include "examples/r1cs_examples.hpp" 12 | 13 | namespace libsnark { 14 | 15 | template 16 | r1cs_example gen_r1cs_example_from_protoboard(const size_t num_constraints, 17 | const size_t num_inputs); 18 | 19 | } // libsnark 20 | 21 | #include "gadgetlib1/examples/simple_example.tcc" 22 | 23 | #endif // SIMPLE_EXAMPLE_HPP_ 24 | -------------------------------------------------------------------------------- /src/gadgetlib1/examples/simple_example.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SIMPLE_EXAMPLE_TCC_ 9 | #define SIMPLE_EXAMPLE_TCC_ 10 | 11 | #include 12 | #include "gadgetlib1/gadgets/basic_gadgets.hpp" 13 | 14 | namespace libsnark { 15 | 16 | /* NOTE: all examples here actually generate one constraint less to account for soundness constraint in QAP */ 17 | 18 | template 19 | r1cs_example gen_r1cs_example_from_protoboard(const size_t num_constraints, 20 | const size_t num_inputs) 21 | { 22 | const size_t new_num_constraints = num_constraints - 1; 23 | 24 | /* construct dummy example: inner products of two vectors */ 25 | protoboard pb; 26 | pb_variable_array A; 27 | pb_variable_array B; 28 | pb_variable res; 29 | 30 | // the variables on the protoboard are (ONE (constant 1 term), res, A[0], ..., A[num_constraints-1], B[0], ..., B[num_constraints-1]) 31 | res.allocate(pb, "res"); 32 | A.allocate(pb, new_num_constraints, "A"); 33 | B.allocate(pb, new_num_constraints, "B"); 34 | 35 | inner_product_gadget compute_inner_product(pb, A, B, res, "compute_inner_product"); 36 | compute_inner_product.generate_r1cs_constraints(); 37 | 38 | /* fill in random example */ 39 | for (size_t i = 0; i < new_num_constraints; ++i) 40 | { 41 | pb.val(A[i]) = FieldT::random_element(); 42 | pb.val(B[i]) = FieldT::random_element(); 43 | } 44 | 45 | compute_inner_product.generate_r1cs_witness(); 46 | 47 | pb.constraint_system.num_inputs = num_inputs; 48 | const r1cs_variable_assignment va = pb.values; 49 | const r1cs_variable_assignment input(va.begin(), va.begin() + num_inputs); 50 | return r1cs_example(pb.constraint_system, input, va, num_inputs); 51 | } 52 | 53 | } // libsnark 54 | #endif // R1CS_EXAMPLES_TCC_ 55 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef GADGET_HPP_ 9 | #define GADGET_HPP_ 10 | 11 | #include "gadgetlib1/protoboard.hpp" 12 | 13 | namespace libsnark { 14 | 15 | template 16 | class gadget { 17 | protected: 18 | protoboard &pb; 19 | const std::string annotation_prefix; 20 | public: 21 | gadget(protoboard &pb, const std::string &annotation_prefix=""); 22 | }; 23 | 24 | } // libsnark 25 | #include "gadgetlib1/gadget.tcc" 26 | 27 | #endif // GADGET_HPP_ 28 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadget.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef GADGET_TCC_ 9 | #define GADGET_TCC_ 10 | 11 | namespace libsnark { 12 | 13 | template 14 | gadget::gadget(protoboard &pb, const std::string &annotation_prefix) : 15 | pb(pb), annotation_prefix(annotation_prefix) 16 | { 17 | #ifdef DEBUG 18 | assert(annotation_prefix != ""); 19 | #endif 20 | } 21 | 22 | } // libsnark 23 | #endif // GADGET_TCC_ 24 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/cpu_checkers/fooram/components/bar_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for an auxiliarry gadget for the FOORAM CPU. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef BAR_GADGET_HPP_ 13 | #define BAR_GADGET_HPP_ 14 | 15 | #include "gadgetlib1/gadget.hpp" 16 | #include "gadgetlib1/gadgets/basic_gadgets.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * The bar gadget checks linear combination 22 | * Z = aX + bY (mod 2^w) 23 | * for a, b - const, X, Y - vectors of w bits, 24 | * where w is implicitly inferred, Z - a packed variable. 25 | * 26 | * This gadget is used four times in fooram: 27 | * - PC' = PC + 1 28 | * - load_addr = 2 * x + PC' 29 | * - store_addr = x + PC 30 | */ 31 | template 32 | class bar_gadget : public gadget { 33 | public: 34 | pb_linear_combination_array X; 35 | FieldT a; 36 | pb_linear_combination_array Y; 37 | FieldT b; 38 | pb_linear_combination Z_packed; 39 | pb_variable_array Z_bits; 40 | 41 | pb_variable result; 42 | pb_variable_array overflow; 43 | pb_variable_array unpacked_result; 44 | 45 | std::shared_ptr > unpack_result; 46 | std::shared_ptr > pack_Z; 47 | 48 | size_t width; 49 | bar_gadget(protoboard &pb, 50 | const pb_linear_combination_array &X, 51 | const FieldT &a, 52 | const pb_linear_combination_array &Y, 53 | const FieldT &b, 54 | const pb_linear_combination &Z_packed, 55 | const std::string &annotation_prefix); 56 | void generate_r1cs_constraints(); 57 | void generate_r1cs_witness(); 58 | }; 59 | 60 | } // libsnark 61 | 62 | #include "gadgetlib1/gadgets/cpu_checkers/fooram/components/bar_gadget.tcc" 63 | 64 | #endif // BAR_GADGET_HPP_ 65 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/cpu_checkers/fooram/components/fooram_protoboard.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a protoboard for the FOORAM CPU. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef FOORAM_PROTOBOARD_HPP_ 13 | #define FOORAM_PROTOBOARD_HPP_ 14 | 15 | #include "gadgetlib1/gadget.hpp" 16 | #include "relations/ram_computations/rams/fooram/fooram_aux.hpp" 17 | 18 | namespace libsnark { 19 | 20 | template 21 | class fooram_protoboard : public protoboard { 22 | public: 23 | const fooram_architecture_params ap; 24 | 25 | fooram_protoboard(const fooram_architecture_params &ap); 26 | }; 27 | 28 | template 29 | class fooram_gadget : public gadget { 30 | protected: 31 | fooram_protoboard &pb; 32 | public: 33 | fooram_gadget(fooram_protoboard &pb, const std::string &annotation_prefix=""); 34 | }; 35 | 36 | } // libsnark 37 | 38 | #include "gadgetlib1/gadgets/cpu_checkers/fooram/components/fooram_protoboard.tcc" 39 | 40 | #endif // FOORAM_PROTOBOARD_HPP_ 41 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/cpu_checkers/fooram/components/fooram_protoboard.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a protoboard for the FOORAM CPU. 5 | 6 | See fooram_protoboard.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef FOORAM_PROTOBOARD_TCC_ 15 | #define FOORAM_PROTOBOARD_TCC_ 16 | 17 | namespace libsnark { 18 | 19 | template 20 | fooram_protoboard::fooram_protoboard(const fooram_architecture_params &ap) : 21 | protoboard(), ap(ap) 22 | { 23 | } 24 | 25 | template 26 | fooram_gadget::fooram_gadget(fooram_protoboard &pb, const std::string &annotation_prefix) : 27 | gadget(pb, annotation_prefix), pb(pb) 28 | { 29 | } 30 | 31 | } // libsnark 32 | 33 | #endif // FOORAM_PROTOBOARD_HPP_ 34 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/cpu_checkers/tinyram/components/alu_gadget.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for the TinyRAM ALU gadget. 5 | 6 | See alu.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef ALU_GADGET_TCC_ 15 | #define ALU_GADGET_TCC_ 16 | 17 | namespace libsnark { 18 | 19 | template 20 | void ALU_gadget::generate_r1cs_constraints() 21 | { 22 | for (size_t i = 0; i < 1ul<pb.ap.opcode_width(); ++i) 23 | { 24 | if (components[i]) 25 | { 26 | components[i]->generate_r1cs_constraints(); 27 | } 28 | } 29 | } 30 | 31 | template 32 | void ALU_gadget::generate_r1cs_witness() 33 | { 34 | for (size_t i = 0; i < 1ul<pb.ap.opcode_width(); ++i) 35 | { 36 | if (components[i]) 37 | { 38 | components[i]->generate_r1cs_witness(); 39 | } 40 | } 41 | } 42 | 43 | } // libsnark 44 | 45 | #endif // ALU_GADGET_TCC_ 46 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/cpu_checkers/tinyram/components/tinyram_protoboard.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a protoboard for TinyRAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TINYRAM_PROTOBOARD_HPP_ 13 | #define TINYRAM_PROTOBOARD_HPP_ 14 | 15 | #include "relations/ram_computations/rams/ram_params.hpp" 16 | #include "relations/ram_computations/rams/tinyram/tinyram_aux.hpp" 17 | #include "gadgetlib1/protoboard.hpp" 18 | #include "gadgetlib1/gadgets/basic_gadgets.hpp" 19 | 20 | namespace libsnark { 21 | 22 | template 23 | class tinyram_protoboard : public protoboard { 24 | public: 25 | const tinyram_architecture_params ap; 26 | 27 | tinyram_protoboard(const tinyram_architecture_params &ap); 28 | }; 29 | 30 | template 31 | class tinyram_gadget : public gadget { 32 | protected: 33 | tinyram_protoboard &pb; 34 | public: 35 | tinyram_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix=""); 36 | }; 37 | 38 | // standard gadgets provide two methods: generate_r1cs_constraints and generate_r1cs_witness 39 | template 40 | class tinyram_standard_gadget : public tinyram_gadget { 41 | public: 42 | tinyram_standard_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix=""); 43 | 44 | virtual void generate_r1cs_constraints() = 0; 45 | virtual void generate_r1cs_witness() = 0; 46 | }; 47 | 48 | } // libsnark 49 | 50 | #include "gadgetlib1/gadgets/cpu_checkers/tinyram/components/tinyram_protoboard.tcc" 51 | 52 | #endif // TINYRAM_PROTOBOARD_HPP_ 53 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/cpu_checkers/tinyram/components/tinyram_protoboard.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a protoboard for TinyRAM. 5 | 6 | See tinyram_protoboard.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef TINYRAM_PROTOBOARD_TCC_ 15 | #define TINYRAM_PROTOBOARD_TCC_ 16 | 17 | namespace libsnark { 18 | 19 | template 20 | tinyram_protoboard::tinyram_protoboard(const tinyram_architecture_params &ap) : 21 | ap(ap) 22 | { 23 | } 24 | 25 | template 26 | tinyram_gadget::tinyram_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix) : 27 | gadget(pb, annotation_prefix), pb(pb) 28 | { 29 | } 30 | 31 | template 32 | tinyram_standard_gadget::tinyram_standard_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix) : 33 | tinyram_gadget(pb, annotation_prefix) 34 | { 35 | } 36 | 37 | } // libsnark 38 | 39 | #endif // TINYRAM_PROTOBOARD_TCC_ 40 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/delegated_ra_memory/memory_load_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the memory load gadget. 5 | The gadget can be used to verify a memory load from a "delegated memory". 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef MEMORY_LOAD_GADGET_HPP_ 14 | #define MEMORY_LOAD_GADGET_HPP_ 15 | 16 | #include "gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.hpp" 17 | 18 | namespace libsnark { 19 | 20 | template 21 | using memory_load_gadget = merkle_tree_check_read_gadget; 22 | 23 | } // libsnark 24 | 25 | #endif // MEMORY_LOAD_GADGET_HPP_ 26 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/delegated_ra_memory/memory_load_store_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the memory load&store gadget. 5 | 6 | The gadget can be used to verify a memory load, followed by a store to the 7 | same address, from a "delegated memory". 8 | 9 | ***************************************************************************** 10 | * @author This file is part of libsnark, developed by SCIPR Lab 11 | * and contributors (see AUTHORS). 12 | * @copyright MIT license (see LICENSE file) 13 | *****************************************************************************/ 14 | 15 | #ifndef MEMORY_LOAD_STORE_GADGET_HPP_ 16 | #define MEMORY_LOAD_STORE_GADGET_HPP_ 17 | 18 | #include "gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp" 19 | 20 | namespace libsnark { 21 | 22 | template 23 | using memory_load_store_gadget = merkle_tree_check_update_gadget; 24 | 25 | } // libsnark 26 | 27 | #endif // MEMORY_LOAD_STORE_GADGET_HPP_ 28 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/gadget_from_r1cs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a gadget that can be created from an R1CS constraint system. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef GADGET_FROM_R1CS_HPP_ 13 | #define GADGET_FROM_R1CS_HPP_ 14 | 15 | #include 16 | 17 | #include "gadgetlib1/gadget.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class gadget_from_r1cs : public gadget { 23 | 24 | private: 25 | const std::vector > vars; 26 | const r1cs_constraint_system cs; 27 | std::map cs_to_vars; 28 | 29 | public: 30 | 31 | gadget_from_r1cs(protoboard &pb, 32 | const std::vector > &vars, 33 | const r1cs_constraint_system &cs, 34 | const std::string &annotation_prefix); 35 | 36 | void generate_r1cs_constraints(); 37 | void generate_r1cs_witness(const r1cs_primary_input &primary_input, 38 | const r1cs_auxiliary_input &auxiliary_input); 39 | }; 40 | 41 | } // libsnark 42 | 43 | #include "gadgetlib1/gadgets/gadget_from_r1cs.tcc" 44 | 45 | #endif // GADGET_FROM_R1CS_HPP_ 46 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/hashes/crh_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef CRH_GADGET_HPP_ 8 | #define CRH_GADGET_HPP_ 9 | 10 | #include "gadgetlib1/gadgets/hashes/knapsack/knapsack_gadget.hpp" 11 | 12 | namespace libsnark { 13 | 14 | // for now all CRH gadgets are knapsack CRH's; can be easily extended 15 | // later to more expressive selector types. 16 | template 17 | using CRH_with_field_out_gadget = knapsack_CRH_with_field_out_gadget; 18 | 19 | template 20 | using CRH_with_bit_out_gadget = knapsack_CRH_with_bit_out_gadget; 21 | 22 | } // libsnark 23 | 24 | #endif // CRH_GADGET_HPP_ 25 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/hashes/digest_selector_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef DIGEST_SELECTOR_GADGET_HPP_ 8 | #define DIGEST_SELECTOR_GADGET_HPP_ 9 | 10 | #include 11 | 12 | #include "gadgetlib1/gadgets/basic_gadgets.hpp" 13 | #include "gadgetlib1/gadgets/hashes/hash_io.hpp" 14 | 15 | namespace libsnark { 16 | 17 | template 18 | class digest_selector_gadget : public gadget { 19 | public: 20 | size_t digest_size; 21 | digest_variable input; 22 | pb_linear_combination is_right; 23 | digest_variable left; 24 | digest_variable right; 25 | 26 | digest_selector_gadget(protoboard &pb, 27 | const size_t digest_size, 28 | const digest_variable &input, 29 | const pb_linear_combination &is_right, 30 | const digest_variable &left, 31 | const digest_variable &right, 32 | const std::string &annotation_prefix); 33 | 34 | void generate_r1cs_constraints(); 35 | void generate_r1cs_witness(); 36 | }; 37 | 38 | } // libsnark 39 | 40 | #include "gadgetlib1/gadgets/hashes/digest_selector_gadget.tcc" 41 | 42 | #endif // DIGEST_SELECTOR_GADGET_HPP_ 43 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/hashes/hash_io.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef HASH_IO_HPP_ 8 | #define HASH_IO_HPP_ 9 | #include 10 | #include 11 | #include "gadgetlib1/gadgets/basic_gadgets.hpp" 12 | 13 | namespace libsnark { 14 | 15 | template 16 | class digest_variable : public gadget { 17 | public: 18 | size_t digest_size; 19 | pb_variable_array bits; 20 | 21 | digest_variable(protoboard &pb, 22 | const size_t digest_size, 23 | const std::string &annotation_prefix); 24 | 25 | digest_variable(protoboard &pb, 26 | const size_t digest_size, 27 | const pb_variable_array &partial_bits, 28 | const pb_variable &padding, 29 | const std::string &annotation_prefix); 30 | 31 | void generate_r1cs_constraints(); 32 | void generate_r1cs_witness(const bit_vector& contents); 33 | bit_vector get_digest() const; 34 | }; 35 | 36 | template 37 | class block_variable : public gadget { 38 | public: 39 | size_t block_size; 40 | pb_variable_array bits; 41 | 42 | block_variable(protoboard &pb, 43 | const size_t block_size, 44 | const std::string &annotation_prefix); 45 | 46 | block_variable(protoboard &pb, 47 | const std::vector > &parts, 48 | const std::string &annotation_prefix); 49 | 50 | block_variable(protoboard &pb, 51 | const digest_variable &left, 52 | const digest_variable &right, 53 | const std::string &annotation_prefix); 54 | 55 | void generate_r1cs_constraints(); 56 | void generate_r1cs_witness(const bit_vector& contents); 57 | bit_vector get_block() const; 58 | }; 59 | 60 | } // libsnark 61 | #include "gadgetlib1/gadgets/hashes/hash_io.tcc" 62 | 63 | #endif // HASH_IO_HPP_ 64 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/hashes/sha256/tests/generate_sha256_gadget_tests.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | ## 3 | # @author This file is part of libsnark, developed by SCIPR Lab 4 | # and contributors (see AUTHORS). 5 | # @copyright MIT license (see LICENSE file) 6 | 7 | import random 8 | import pypy_sha256 # PyPy's implementation of SHA256 compression function; see copyright and authorship notice within. 9 | 10 | BLOCK_LEN = 512 11 | BLOCK_BYTES = BLOCK_LEN // 8 12 | HASH_LEN = 256 13 | HASH_BYTES = HASH_LEN // 8 14 | 15 | def gen_random_bytes(n): 16 | return [random.randint(0, 255) for i in xrange(n)] 17 | 18 | def words_to_bytes(arr): 19 | return sum(([x >> 24, (x >> 16) & 0xff, (x >> 8) & 0xff, x & 0xff] for x in arr), []) 20 | 21 | def bytes_to_words(arr): 22 | l = len(arr) 23 | assert l % 4 == 0 24 | return [(arr[i*4 + 3] << 24) + (arr[i*4+2] << 16) + (arr[i*4+1] << 8) + arr[i*4] for i in xrange(l//4)] 25 | 26 | def cpp_val(s, log_radix=32): 27 | if log_radix == 8: 28 | hexfmt = '0x%02x' 29 | elif log_radix == 32: 30 | hexfmt = '0x%08x' 31 | s = bytes_to_words(s) 32 | else: 33 | raise 34 | return 'int_list_to_bits({%s}, %d)' % (', '.join(hexfmt % x for x in s), log_radix) 35 | 36 | def H_bytes(x): 37 | assert len(x) == BLOCK_BYTES 38 | state = pypy_sha256.sha_init() 39 | state['data'] = words_to_bytes(bytes_to_words(x)) 40 | pypy_sha256.sha_transform(state) 41 | return words_to_bytes(bytes_to_words(words_to_bytes(state['digest']))) 42 | 43 | def generate_sha256_gadget_tests(): 44 | left = gen_random_bytes(HASH_BYTES) 45 | right = gen_random_bytes(HASH_BYTES) 46 | hash = H_bytes(left + right) 47 | 48 | print "const bit_vector left_bv = %s;" % cpp_val(left) 49 | print "const bit_vector right_bv = %s;" % cpp_val(right) 50 | print "const bit_vector hash_bv = %s;" % cpp_val(hash) 51 | 52 | if __name__ == '__main__': 53 | random.seed(0) # for reproducibility 54 | generate_sha256_gadget_tests() 55 | 56 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include "common/default_types/ec_pp.hpp" 9 | #include "common/utils.hpp" 10 | #include "common/profiling.hpp" 11 | #include "gadgetlib1/gadgets/hashes/sha256/sha256_gadget.hpp" 12 | 13 | using namespace libsnark; 14 | 15 | template 16 | void test_two_to_one() 17 | { 18 | protoboard pb; 19 | 20 | digest_variable left(pb, SHA256_digest_size, "left"); 21 | digest_variable right(pb, SHA256_digest_size, "right"); 22 | digest_variable output(pb, SHA256_digest_size, "output"); 23 | 24 | sha256_two_to_one_hash_gadget f(pb, left, right, output, "f"); 25 | f.generate_r1cs_constraints(); 26 | printf("Number of constraints for sha256_two_to_one_hash_gadget: %zu\n", pb.num_constraints()); 27 | 28 | const bit_vector left_bv = int_list_to_bits({0x426bc2d8, 0x4dc86782, 0x81e8957a, 0x409ec148, 0xe6cffbe8, 0xafe6ba4f, 0x9c6f1978, 0xdd7af7e9}, 32); 29 | const bit_vector right_bv = int_list_to_bits({0x038cce42, 0xabd366b8, 0x3ede7e00, 0x9130de53, 0x72cdf73d, 0xee825114, 0x8cb48d1b, 0x9af68ad0}, 32); 30 | const bit_vector hash_bv = int_list_to_bits({0xeffd0b7f, 0x1ccba116, 0x2ee816f7, 0x31c62b48, 0x59305141, 0x990e5c0a, 0xce40d33d, 0x0b1167d1}, 32); 31 | 32 | left.generate_r1cs_witness(left_bv); 33 | right.generate_r1cs_witness(right_bv); 34 | 35 | f.generate_r1cs_witness(); 36 | output.generate_r1cs_witness(hash_bv); 37 | 38 | assert(pb.is_satisfied()); 39 | } 40 | 41 | int main(void) 42 | { 43 | start_profiling(); 44 | default_ec_pp::init_public_params(); 45 | test_two_to_one >(); 46 | } 47 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef MERKLE_AUTHENTICATION_PATH_VARIABLE_HPP_ 9 | #define MERKLE_AUTHENTICATION_PATH_VARIABLE_HPP_ 10 | 11 | #include "common/data_structures/merkle_tree.hpp" 12 | #include "gadgetlib1/gadget.hpp" 13 | #include "gadgetlib1/gadgets/hashes/hash_io.hpp" 14 | 15 | namespace libsnark { 16 | 17 | template 18 | class merkle_authentication_path_variable : public gadget { 19 | public: 20 | 21 | const size_t tree_depth; 22 | std::vector > left_digests; 23 | std::vector > right_digests; 24 | 25 | merkle_authentication_path_variable(protoboard &pb, 26 | const size_t tree_depth, 27 | const std::string &annotation_prefix); 28 | 29 | void generate_r1cs_constraints(); 30 | void generate_r1cs_witness(const size_t address, const merkle_authentication_path &path); 31 | merkle_authentication_path get_authentication_path(const size_t address) const; 32 | }; 33 | 34 | } // libsnark 35 | 36 | #include "gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.tcc" 37 | 38 | #endif // MERKLE_AUTHENTICATION_PATH_VARIABLE_HPP 39 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifdef CURVE_BN128 9 | #include "algebra/curves/bn128/bn128_pp.hpp" 10 | #endif 11 | #include "algebra/curves/edwards/edwards_pp.hpp" 12 | #include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" 13 | #include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" 14 | #include "gadgetlib1/gadgets/merkle_tree/merkle_tree_check_read_gadget.hpp" 15 | #include "gadgetlib1/gadgets/merkle_tree/merkle_tree_check_update_gadget.hpp" 16 | #include "gadgetlib1/gadgets/hashes/sha256/sha256_gadget.hpp" 17 | 18 | using namespace libsnark; 19 | 20 | template 21 | void test_all_merkle_tree_gadgets() 22 | { 23 | typedef Fr FieldT; 24 | test_merkle_tree_check_read_gadget >(); 25 | test_merkle_tree_check_read_gadget >(); 26 | 27 | test_merkle_tree_check_update_gadget >(); 28 | test_merkle_tree_check_update_gadget >(); 29 | } 30 | 31 | int main(void) 32 | { 33 | start_profiling(); 34 | 35 | #ifdef CURVE_BN128 // BN128 has fancy dependencies so it may be disabled 36 | bn128_pp::init_public_params(); 37 | test_all_merkle_tree_gadgets(); 38 | #endif 39 | 40 | edwards_pp::init_public_params(); 41 | test_all_merkle_tree_gadgets(); 42 | 43 | mnt4_pp::init_public_params(); 44 | test_all_merkle_tree_gadgets(); 45 | 46 | mnt6_pp::init_public_params(); 47 | test_all_merkle_tree_gadgets(); 48 | } 49 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/set_commitment/set_membership_proof_variable.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SET_MEMBERSHIP_PROOF_VARIABLE_HPP_ 9 | #define SET_MEMBERSHIP_PROOF_VARIABLE_HPP_ 10 | 11 | #include "common/data_structures/set_commitment.hpp" 12 | #include "gadgetlib1/gadget.hpp" 13 | #include "gadgetlib1/gadgets/hashes/hash_io.hpp" 14 | #include "gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.hpp" 15 | 16 | namespace libsnark { 17 | 18 | template 19 | class set_membership_proof_variable : public gadget { 20 | public: 21 | pb_variable_array address_bits; 22 | std::shared_ptr > merkle_path; 23 | 24 | const size_t max_entries; 25 | const size_t tree_depth; 26 | 27 | set_membership_proof_variable(protoboard &pb, 28 | const size_t max_entries, 29 | const std::string &annotation_prefix); 30 | 31 | void generate_r1cs_constraints(); 32 | void generate_r1cs_witness(const set_membership_proof &proof); 33 | 34 | set_membership_proof get_membership_proof() const; 35 | 36 | static r1cs_variable_assignment as_r1cs_variable_assignment(const set_membership_proof &proof); 37 | }; 38 | 39 | } // libsnark 40 | 41 | #include "gadgetlib1/gadgets/set_commitment/set_membership_proof_variable.tcc" 42 | 43 | #endif // SET_MEMBERSHIP_PROOF_VARIABLE_HPP 44 | -------------------------------------------------------------------------------- /src/gadgetlib1/gadgets/set_commitment/tests/test_set_commitment_gadget.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifdef CURVE_BN128 9 | #include "algebra/curves/bn128/bn128_pp.hpp" 10 | #endif 11 | #include "algebra/curves/edwards/edwards_pp.hpp" 12 | #include "algebra/curves/mnt/mnt4/mnt4_pp.hpp" 13 | #include "algebra/curves/mnt/mnt6/mnt6_pp.hpp" 14 | #include "gadgetlib1/gadgets/set_commitment/set_commitment_gadget.hpp" 15 | #include "gadgetlib1/gadgets/hashes/sha256/sha256_gadget.hpp" 16 | 17 | using namespace libsnark; 18 | 19 | template 20 | void test_all_set_commitment_gadgets() 21 | { 22 | typedef Fr FieldT; 23 | test_set_commitment_gadget >(); 24 | test_set_commitment_gadget >(); 25 | } 26 | 27 | int main(void) 28 | { 29 | start_profiling(); 30 | 31 | #ifdef CURVE_BN128 // BN128 has fancy dependencies so it may be disabled 32 | bn128_pp::init_public_params(); 33 | test_all_set_commitment_gadgets(); 34 | #endif 35 | 36 | edwards_pp::init_public_params(); 37 | test_all_set_commitment_gadgets(); 38 | 39 | mnt4_pp::init_public_params(); 40 | test_all_set_commitment_gadgets(); 41 | 42 | mnt6_pp::init_public_params(); 43 | test_all_set_commitment_gadgets(); 44 | } 45 | -------------------------------------------------------------------------------- /src/gadgetlib2/examples/simple_example.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SIMPLE_EXAMPLE_HPP_ 9 | #define SIMPLE_EXAMPLE_HPP_ 10 | 11 | #include "common/default_types/ec_pp.hpp" 12 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 13 | 14 | namespace libsnark { 15 | 16 | r1cs_example > gen_r1cs_example_from_gadgetlib2_protoboard(const size_t size); 17 | 18 | } // libsnark 19 | 20 | #endif // SIMPLE_EXAMPLE_HPP_ 21 | -------------------------------------------------------------------------------- /src/gadgetlib2/integration.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef INTEGRATION_HPP_ 9 | #define INTEGRATION_HPP_ 10 | 11 | #include "common/default_types/ec_pp.hpp" 12 | #include "relations/constraint_satisfaction_problems/r1cs/r1cs.hpp" 13 | #include "gadgetlib2/protoboard.hpp" 14 | 15 | namespace libsnark { 16 | 17 | r1cs_constraint_system > get_constraint_system_from_gadgetlib2(const gadgetlib2::Protoboard &pb); 18 | r1cs_variable_assignment > get_variable_assignment_from_gadgetlib2(const gadgetlib2::Protoboard &pb); 19 | 20 | } // libsnark 21 | 22 | #endif // INTEGRATION_HPP_ 23 | -------------------------------------------------------------------------------- /src/gadgetlib2/pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Implementation of PublicParams for Fp field arithmetic 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | #include 12 | #include "pp.hpp" 13 | 14 | namespace gadgetlib2 { 15 | 16 | PublicParams::PublicParams(const std::size_t log_p) : log_p(log_p) {} 17 | 18 | Fp PublicParams::getFp(long x) const { 19 | return Fp(x); 20 | } 21 | 22 | PublicParams::~PublicParams() {} 23 | 24 | PublicParams initPublicParamsFromDefaultPp() { 25 | libsnark::default_ec_pp::init_public_params(); 26 | const std::size_t log_p = libsnark::Fr::size_in_bits(); 27 | return PublicParams(log_p); 28 | } 29 | 30 | } // namespace gadgetlib2 31 | -------------------------------------------------------------------------------- /src/gadgetlib2/pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Declaration of PublicParams for Fp field arithmetic 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #ifndef LIBSNARK_GADGETLIB2_INCLUDE_GADGETLIB2_PP_HPP_ 11 | #define LIBSNARK_GADGETLIB2_INCLUDE_GADGETLIB2_PP_HPP_ 12 | 13 | #include "common/default_types/ec_pp.hpp" 14 | 15 | #include 16 | #include 17 | 18 | namespace gadgetlib2 { 19 | 20 | /*************************************************************************************************/ 21 | /*************************************************************************************************/ 22 | /******************* ******************/ 23 | /******************* R1P World ******************/ 24 | /******************* ******************/ 25 | /*************************************************************************************************/ 26 | /*************************************************************************************************/ 27 | 28 | /* curve-specific public parameters */ 29 | typedef libsnark::Fr Fp; 30 | 31 | typedef std::vector FpVector; 32 | 33 | class PublicParams { 34 | public: 35 | size_t log_p; 36 | PublicParams(const std::size_t log_p); 37 | Fp getFp(long x) const; // to_support changes later 38 | ~PublicParams(); 39 | }; 40 | 41 | PublicParams initPublicParamsFromDefaultPp(); 42 | 43 | } // namespace gadgetlib2 44 | #endif // LIBSNARK_GADGETLIB2_INCLUDE_GADGETLIB2_PP_HPP_ 45 | -------------------------------------------------------------------------------- /src/gadgetlib2/tests/constraint_UTEST.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Unit tests for gadgetlib2 - test rank 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | using ::std::set; 16 | using namespace gadgetlib2; 17 | 18 | namespace { 19 | 20 | TEST(gadgetLib2, Rank1Constraint) { 21 | initPublicParamsFromDefaultPp(); 22 | VariableArray x(10,"x"); 23 | VariableAssignment assignment; 24 | for(int i = 0; i < 10; ++i) { 25 | assignment[x[i]] = Fp(i); 26 | } 27 | LinearCombination a = x[0] + x[1] + 2; // = 0+1+2=3 28 | LinearCombination b = 2*x[2] - 3*x[3] + 4; // = 2*2-3*3+4=-1 29 | LinearCombination c = x[5]; // = 5 30 | Rank1Constraint c1(a,b,c,"c1"); 31 | EXPECT_EQ(c1.a().eval(assignment), a.eval(assignment)); 32 | EXPECT_EQ(c1.b().eval(assignment), b.eval(assignment)); 33 | EXPECT_EQ(c1.c().eval(assignment), c.eval(assignment)); 34 | EXPECT_FALSE(c1.isSatisfied(assignment)); 35 | EXPECT_FALSE(c1.isSatisfied(assignment, PrintOptions::NO_DBG_PRINT)); 36 | assignment[x[5]] = -3; 37 | EXPECT_TRUE(c1.isSatisfied(assignment)); 38 | EXPECT_TRUE(c1.isSatisfied(assignment, PrintOptions::NO_DBG_PRINT)); 39 | const Variable::set varSet = c1.getUsedVariables(); 40 | EXPECT_EQ(varSet.size(), 5u); 41 | EXPECT_TRUE(varSet.find(x[0]) != varSet.end()); 42 | EXPECT_TRUE(varSet.find(x[1]) != varSet.end()); 43 | EXPECT_TRUE(varSet.find(x[2]) != varSet.end()); 44 | EXPECT_TRUE(varSet.find(x[3]) != varSet.end()); 45 | EXPECT_TRUE(varSet.find(x[4]) == varSet.end()); 46 | EXPECT_TRUE(varSet.find(x[5]) != varSet.end()); 47 | } 48 | 49 | 50 | } // namespace 51 | -------------------------------------------------------------------------------- /src/gadgetlib2/tests/gadgetlib2_test.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Unit tests for gadgetlib2 - main() for running all tests 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | 12 | int main(int argc, char **argv) { 13 | ::testing::InitGoogleTest(&argc, argv); 14 | return RUN_ALL_TESTS(); 15 | } -------------------------------------------------------------------------------- /src/gadgetlib2/tests/integration_UTEST.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #include "common/default_types/r1cs_ppzksnark_pp.hpp" 16 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 17 | #include "gadgetlib2/examples/simple_example.hpp" 18 | #include "zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.hpp" 19 | 20 | using namespace gadgetlib2; 21 | 22 | namespace { 23 | 24 | TEST(gadgetLib2,Integration) { 25 | using namespace libsnark; 26 | 27 | initPublicParamsFromDefaultPp(); 28 | const r1cs_example > example = gen_r1cs_example_from_gadgetlib2_protoboard(100); 29 | const bool test_serialization = false; 30 | 31 | const bool bit = run_r1cs_ppzksnark(example, test_serialization); 32 | EXPECT_TRUE(bit); 33 | }; 34 | 35 | } 36 | -------------------------------------------------------------------------------- /src/reductions/bacs_to_r1cs/bacs_to_r1cs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a BACS-to-R1CS reduction, that is, constructing 5 | a R1CS ("Rank-1 Constraint System") from a BACS ("Bilinear Arithmetic Circuit Satisfiability"). 6 | 7 | The reduction is straightforward: each bilinear gate gives rises to a 8 | corresponding R1CS constraint that enforces correct computation of the gate; 9 | also, each output gives rise to a corresponding R1CS constraint that enforces 10 | that the output is zero. 11 | 12 | ***************************************************************************** 13 | * @author This file is part of libsnark, developed by SCIPR Lab 14 | * and contributors (see AUTHORS). 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #ifndef BACS_TO_R1CS_HPP_ 19 | #define BACS_TO_R1CS_HPP_ 20 | 21 | #include "relations/circuit_satisfaction_problems/bacs/bacs.hpp" 22 | #include "relations/constraint_satisfaction_problems/r1cs/r1cs.hpp" 23 | 24 | namespace libsnark { 25 | 26 | /** 27 | * Instance map for the BACS-to-R1CS reduction. 28 | */ 29 | template 30 | r1cs_constraint_system bacs_to_r1cs_instance_map(const bacs_circuit &circuit); 31 | 32 | /** 33 | * Witness map for the BACS-to-R1CS reduction. 34 | */ 35 | template 36 | r1cs_variable_assignment bacs_to_r1cs_witness_map(const bacs_circuit &circuit, 37 | const bacs_primary_input &primary_input, 38 | const bacs_auxiliary_input &auxiliary_input); 39 | 40 | } // libsnark 41 | 42 | #include "reductions/bacs_to_r1cs/bacs_to_r1cs.tcc" 43 | 44 | #endif // BACS_TO_R1CS_HPP_ 45 | -------------------------------------------------------------------------------- /src/reductions/ram_to_r1cs/gadgets/memory_checker_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for memory_checker_gadget, a gadget that verifies the 5 | consistency of two accesses to memory that are adjacent in a "memory sort". 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef MEMORY_CHECKER_GADGET_HPP_ 14 | #define MEMORY_CHECKER_GADGET_HPP_ 15 | 16 | #include "reductions/ram_to_r1cs/gadgets/trace_lines.hpp" 17 | 18 | namespace libsnark { 19 | 20 | template 21 | class memory_checker_gadget : public ram_gadget_base { 22 | private: 23 | 24 | typedef ram_base_field FieldT; 25 | 26 | pb_variable timestamps_leq; 27 | pb_variable timestamps_less; 28 | std::shared_ptr > compare_timestamps; 29 | 30 | pb_variable addresses_eq; 31 | pb_variable addresses_leq; 32 | pb_variable addresses_less; 33 | std::shared_ptr > compare_addresses; 34 | 35 | pb_variable loose_contents_after1_equals_contents_before2; 36 | pb_variable loose_contents_before2_equals_zero; 37 | pb_variable loose_timestamp2_is_zero; 38 | 39 | public: 40 | 41 | memory_line_variable_gadget line1; 42 | memory_line_variable_gadget line2; 43 | 44 | memory_checker_gadget(ram_protoboard &pb, 45 | const size_t timestamp_size, 46 | const memory_line_variable_gadget &line1, 47 | const memory_line_variable_gadget &line2, 48 | const std::string& annotation_prefix=""); 49 | 50 | void generate_r1cs_constraints(); 51 | void generate_r1cs_witness(); 52 | }; 53 | 54 | } // libsnark 55 | 56 | #include "reductions/ram_to_r1cs/gadgets/memory_checker_gadget.tcc" 57 | 58 | #endif // MEMORY_CHECKER_GADGET_HPP_ 59 | -------------------------------------------------------------------------------- /src/reductions/tbcs_to_uscs/get_tbcs_reduction.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | ## 3 | # @author This file is part of libsnark, developed by SCIPR Lab 4 | # and contributors (see AUTHORS). 5 | # @copyright MIT license (see LICENSE file) 6 | 7 | from __future__ import division 8 | import itertools 9 | 10 | def valid_formula(truth_table, x_coeff, y_coeff, z_coeff, offset): 11 | for x in [0,1]: 12 | for y in [0,1]: 13 | z = truth_table[2*x + y] 14 | # we require that z can be set to the correct value, but can *not* be set to the incorrect one 15 | if ((x*x_coeff + y*y_coeff + z*z_coeff + offset not in [-1, 1]) 16 | or 17 | (x*x_coeff + y*y_coeff + (1-z)*z_coeff + offset in [-1, 1])): 18 | return False 19 | return True 20 | 21 | def all_valid_formulas(truth_table, x_coeff_range, y_coeff_range, z_coeff_range, offset_range): 22 | for x_coeff, y_coeff, z_coeff, offset in itertools.product(x_coeff_range, y_coeff_range, z_coeff_range, offset_range): 23 | if valid_formula(truth_table, x_coeff, y_coeff, z_coeff, offset): 24 | yield x_coeff, y_coeff, z_coeff, offset 25 | 26 | if __name__ == '__main__': 27 | x_coeff_range, y_coeff_range, z_coeff_range, offset_range = range(-2, 3), range(-2, 3), range(1, 5), range(-5, 6) 28 | print "Possible coefficients for x: %s, for y: %s, for z: %s, for offset: %s" % (x_coeff_range, y_coeff_range, z_coeff_range, offset_range) 29 | for truth_table in itertools.product([0, 1], repeat=4): 30 | print "Truth table (00, 01, 10, 11):", truth_table 31 | for x_coeff, y_coeff, z_coeff, offset in all_valid_formulas(truth_table, x_coeff_range, y_coeff_range, z_coeff_range, offset_range): 32 | print " %s * x + %s * y + %s * z + %s \in {-1, 1}" % (x_coeff, y_coeff, z_coeff, offset) 33 | -------------------------------------------------------------------------------- /src/reductions/tbcs_to_uscs/tbcs_reduction.txt: -------------------------------------------------------------------------------- 1 | Possible coefficients for x: [-2, -1, 0, 1, 2], for y: [-2, -1, 0, 1, 2], for z: [1, 2, 3, 4], for offset: [-5, -4, -3, -2, -1, 0, 1, 2, 3, 4, 5] 2 | Truth table (00, 01, 10, 11): (0, 0, 0, 0) 3 | 0 * x + 0 * y + 1 * z + 1 \in {-1, 1} 4 | Truth table (00, 01, 10, 11): (0, 0, 0, 1) 5 | -2 * x + -2 * y + 4 * z + 1 \in {-1, 1} 6 | Truth table (00, 01, 10, 11): (0, 0, 1, 0) 7 | -2 * x + 2 * y + 4 * z + -1 \in {-1, 1} 8 | Truth table (00, 01, 10, 11): (0, 0, 1, 1) 9 | -1 * x + 0 * y + 1 * z + 1 \in {-1, 1} 10 | Truth table (00, 01, 10, 11): (0, 1, 0, 0) 11 | 2 * x + -2 * y + 4 * z + -1 \in {-1, 1} 12 | Truth table (00, 01, 10, 11): (0, 1, 0, 1) 13 | 0 * x + 1 * y + 1 * z + -1 \in {-1, 1} 14 | Truth table (00, 01, 10, 11): (0, 1, 1, 0) 15 | 1 * x + 1 * y + 1 * z + -1 \in {-1, 1} 16 | Truth table (00, 01, 10, 11): (0, 1, 1, 1) 17 | -2 * x + -2 * y + 4 * z + -1 \in {-1, 1} 18 | Truth table (00, 01, 10, 11): (1, 0, 0, 0) 19 | 2 * x + 2 * y + 4 * z + -3 \in {-1, 1} 20 | Truth table (00, 01, 10, 11): (1, 0, 0, 1) 21 | 1 * x + 1 * y + 1 * z + -2 \in {-1, 1} 22 | Truth table (00, 01, 10, 11): (1, 0, 1, 0) 23 | 0 * x + -1 * y + 1 * z + 0 \in {-1, 1} 24 | Truth table (00, 01, 10, 11): (1, 0, 1, 1) 25 | -2 * x + 2 * y + 4 * z + -3 \in {-1, 1} 26 | Truth table (00, 01, 10, 11): (1, 1, 0, 0) 27 | -1 * x + 0 * y + 1 * z + 0 \in {-1, 1} 28 | Truth table (00, 01, 10, 11): (1, 1, 0, 1) 29 | 2 * x + -2 * y + 4 * z + -3 \in {-1, 1} 30 | Truth table (00, 01, 10, 11): (1, 1, 1, 0) 31 | 2 * x + 2 * y + 4 * z + -5 \in {-1, 1} 32 | Truth table (00, 01, 10, 11): (1, 1, 1, 1) 33 | 0 * x + 0 * y + 1 * z + 0 \in {-1, 1} 34 | -------------------------------------------------------------------------------- /src/reductions/tbcs_to_uscs/tbcs_to_uscs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a TBCS-to-USCS reduction, that is, constructing 5 | a USCS ("Unitary-Square Constraint System") from a TBCS ("Two-input Boolean Circuit Satisfiability"). 6 | 7 | The reduction is straightforward: each non-output wire is mapped to a 8 | corresponding USCS constraint that enforces the wire to carry a boolean value; 9 | each 2-input boolean gate is mapped to a corresponding USCS constraint that 10 | enforces correct computation of the gate; each output wire is mapped to a 11 | corresponding USCS constraint that enforces that the output is zero. 12 | 13 | The mapping of a gate to a USCS constraint is due to \[GOS12]. 14 | 15 | References: 16 | 17 | \[GOS12]: 18 | "New techniques for noninteractive zero-knowledge", 19 | Jens Groth, Rafail Ostrovsky, Amit Sahai 20 | JACM 2012, 21 | 22 | 23 | ***************************************************************************** 24 | * @author This file is part of libsnark, developed by SCIPR Lab 25 | * and contributors (see AUTHORS). 26 | * @copyright MIT license (see LICENSE file) 27 | *****************************************************************************/ 28 | 29 | #ifndef TBCS_TO_USCS_HPP_ 30 | #define TBCS_TO_USCS_HPP_ 31 | 32 | #include "relations/constraint_satisfaction_problems/uscs/uscs.hpp" 33 | #include "relations/circuit_satisfaction_problems/tbcs/tbcs.hpp" 34 | 35 | namespace libsnark { 36 | 37 | /** 38 | * Instance map for the TBCS-to-USCS reduction. 39 | */ 40 | template 41 | uscs_constraint_system tbcs_to_uscs_instance_map(const tbcs_circuit &circuit); 42 | 43 | /** 44 | * Witness map for the TBCS-to-USCS reduction. 45 | */ 46 | template 47 | uscs_variable_assignment tbcs_to_uscs_witness_map(const tbcs_circuit &circuit, 48 | const tbcs_primary_input &primary_input, 49 | const tbcs_auxiliary_input &auxiliary_input); 50 | 51 | } // libsnark 52 | 53 | #include "reductions/tbcs_to_uscs/tbcs_to_uscs.tcc" 54 | 55 | #endif // TBCS_TO_USCS_HPP_ 56 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/delegated_ra_memory.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a delegated random-access memory. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef DELEGATED_RA_MEMORY_HPP_ 13 | #define DELEGATED_RA_MEMORY_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | #include "common/data_structures/merkle_tree.hpp" 20 | #include "relations/ram_computations/memory/memory_interface.hpp" 21 | 22 | namespace libsnark { 23 | 24 | template 25 | class delegated_ra_memory : public memory_interface { 26 | private: 27 | bit_vector int_to_tree_elem(const size_t i) const; 28 | size_t int_from_tree_elem(const bit_vector &v) const; 29 | 30 | std::unique_ptr > contents; 31 | 32 | public: 33 | delegated_ra_memory(const size_t num_addresses, const size_t value_size); 34 | delegated_ra_memory(const size_t num_addresses, const size_t value_size, const std::vector &contents_as_vector); 35 | delegated_ra_memory(const size_t num_addresses, const size_t value_size, const memory_contents &contents_as_map); 36 | 37 | size_t get_value(const size_t address) const; 38 | void set_value(const size_t address, const size_t value); 39 | 40 | typename HashT::hash_value_type get_root() const; 41 | typename HashT::merkle_authentication_path_type get_path(const size_t address) const; 42 | 43 | void dump() const; 44 | }; 45 | 46 | } // libsnark 47 | 48 | #include "relations/ram_computations/memory/delegated_ra_memory.tcc" 49 | 50 | #endif // DELEGATED_RA_MEMORY_HPP_ 51 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/examples/memory_contents_examples.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for functions to sample examples of memory contents. 5 | 6 | See memory_contents_examples.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include "relations/ram_computations/memory/examples/memory_contents_examples.hpp" 15 | 16 | #include 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | memory_contents block_memory_contents(const size_t num_addresses, 23 | const size_t value_size, 24 | const size_t block1_size, 25 | const size_t block2_size) 26 | { 27 | const size_t max_unit = 1ul< unfilled; 50 | for (size_t i = 0; i < num_addresses; ++i) 51 | { 52 | unfilled.insert(i); 53 | } 54 | 55 | memory_contents result; 56 | for (size_t i = 0; i < num_filled; ++i) 57 | { 58 | auto it = unfilled.begin(); 59 | std::advance(it, std::rand() % unfilled.size()); 60 | result[*it] = std::rand() % max_unit; 61 | unfilled.erase(it); 62 | } 63 | 64 | return result; 65 | } 66 | 67 | } // libsnark 68 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/examples/memory_contents_examples.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for functions to sample examples of memory contents. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MEMORY_CONTENTS_EXAMPLES_HPP_ 13 | #define MEMORY_CONTENTS_EXAMPLES_HPP_ 14 | 15 | #include "relations/ram_computations/memory/memory_interface.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Sample memory contents consisting of two blocks of random values; 21 | * the first block is located at the beginning of memory, while 22 | * the second block is located half-way through memory. 23 | */ 24 | memory_contents block_memory_contents(const size_t num_addresses, 25 | const size_t value_size, 26 | const size_t block1_size, 27 | const size_t block2_size); 28 | 29 | /** 30 | * Sample memory contents having a given number of non-zero entries; 31 | * each non-zero entry is a random value at a random address (approximately). 32 | */ 33 | memory_contents random_memory_contents(const size_t num_addresses, 34 | const size_t value_size, 35 | const size_t num_filled); 36 | 37 | } // libsnark 38 | 39 | #endif // MEMORY_CONTENTS_EXAMPLES_HPP_ 40 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/memory_interface.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a memory interface. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MEMORY_INTERFACE_HPP_ 13 | #define MEMORY_INTERFACE_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * A function from addresses to values that represents a memory's contents. 23 | */ 24 | typedef std::map memory_contents; 25 | 26 | /** 27 | * A memory interface is a virtual class for specifying and maintining a memory. 28 | * 29 | * A memory is parameterized by two quantities: 30 | * - num_addresses (which specifies the number of addresses); and 31 | * - value_size (which specifies the number of bits stored at each address). 32 | * 33 | * The methods get_val and set_val can be used to load and store values. 34 | */ 35 | class memory_interface { 36 | public: 37 | 38 | size_t num_addresses; 39 | size_t value_size; 40 | 41 | memory_interface(const size_t num_addresses, const size_t value_size) : 42 | num_addresses(num_addresses), 43 | value_size(value_size) 44 | {} 45 | memory_interface(const size_t num_addresses, const size_t value_size, const std::vector &contents_as_vector); 46 | memory_interface(const size_t num_addresses, const size_t value_size, const memory_contents &contents); 47 | 48 | virtual size_t get_value(const size_t address) const = 0; 49 | virtual void set_value(const size_t address, const size_t value) = 0; 50 | }; 51 | 52 | } // libsnark 53 | 54 | #endif // MEMORY_INTERFACE_HPP_ 55 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/memory_store_trace.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a memory store trace. 5 | 6 | See memory_store_trace.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include "relations/ram_computations/memory/memory_store_trace.hpp" 15 | 16 | namespace libsnark { 17 | 18 | memory_store_trace::memory_store_trace() 19 | { 20 | } 21 | 22 | address_and_value memory_store_trace::get_trace_entry(const size_t timestamp) const 23 | { 24 | auto it = entries.find(timestamp); 25 | return (it != entries.end() ? it->second : std::make_pair(0, 0)); 26 | } 27 | 28 | std::map memory_store_trace::get_all_trace_entries() const 29 | { 30 | return entries; 31 | } 32 | 33 | void memory_store_trace::set_trace_entry(const size_t timestamp, const address_and_value &av) 34 | { 35 | entries[timestamp] = av; 36 | } 37 | 38 | memory_contents memory_store_trace::as_memory_contents() const 39 | { 40 | memory_contents result; 41 | 42 | for (auto &ts_and_addrval : entries) 43 | { 44 | result[ts_and_addrval.second.first] = ts_and_addrval.second.second; 45 | } 46 | 47 | return result; 48 | } 49 | 50 | } // libsnark 51 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/memory_store_trace.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a memory store trace. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MEMORY_STORE_TRACE_HPP_ 13 | #define MEMORY_STORE_TRACE_HPP_ 14 | 15 | #include "relations/ram_computations/memory/memory_interface.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * A pair consisting of an address and a value. 21 | * It represents a memory store. 22 | */ 23 | typedef std::pair address_and_value; 24 | 25 | /** 26 | * A list in which each component consists of a timestamp and a memory store. 27 | */ 28 | class memory_store_trace { 29 | private: 30 | std::map entries; 31 | 32 | public: 33 | memory_store_trace(); 34 | address_and_value get_trace_entry(const size_t timestamp) const; 35 | std::map get_all_trace_entries() const; 36 | void set_trace_entry(const size_t timestamp, const address_and_value &av); 37 | 38 | memory_contents as_memory_contents() const; 39 | }; 40 | 41 | } // libsnark 42 | 43 | #endif // MEMORY_STORE_TRACE_HPP_ 44 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/ra_memory.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a random-access memory. 5 | 6 | See ra_memory.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include 15 | 16 | #include "relations/ram_computations/memory/ra_memory.hpp" 17 | 18 | namespace libsnark { 19 | 20 | ra_memory::ra_memory(const size_t num_addresses, const size_t value_size) : 21 | memory_interface(num_addresses, value_size) 22 | { 23 | } 24 | 25 | ra_memory::ra_memory(const size_t num_addresses, 26 | const size_t value_size, 27 | const std::vector &contents_as_vector) : 28 | memory_interface(num_addresses, value_size) 29 | { 30 | /* copy std::vector into std::map */ 31 | for (size_t i = 0; i < contents_as_vector.size(); ++i) 32 | { 33 | contents[i] = contents_as_vector[i]; 34 | } 35 | } 36 | 37 | 38 | ra_memory::ra_memory(const size_t num_addresses, 39 | const size_t value_size, 40 | const memory_contents &contents) : 41 | memory_interface(num_addresses, value_size), contents(contents) 42 | { 43 | } 44 | 45 | size_t ra_memory::get_value(const size_t address) const 46 | { 47 | assert(address < num_addresses); 48 | auto it = contents.find(address); 49 | return (it == contents.end() ? 0 : it->second); 50 | } 51 | 52 | void ra_memory::set_value(const size_t address, const size_t value) 53 | { 54 | contents[address] = value; 55 | } 56 | 57 | } // libsnark 58 | -------------------------------------------------------------------------------- /src/relations/ram_computations/memory/ra_memory.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a random-access memory. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef RA_MEMORY_HPP_ 13 | #define RA_MEMORY_HPP_ 14 | 15 | #include "relations/ram_computations/memory/memory_interface.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * A random-access memory maintains the memory's contents via a map (from addresses to values). 21 | */ 22 | class ra_memory : public memory_interface { 23 | public: 24 | 25 | memory_contents contents; 26 | 27 | ra_memory(const size_t num_addresses, const size_t value_size); 28 | ra_memory(const size_t num_addresses, const size_t value_size, const std::vector &contents_as_vector); 29 | ra_memory(const size_t num_addresses, const size_t value_size, const memory_contents &contents); 30 | 31 | size_t get_value(const size_t address) const; 32 | void set_value(const size_t address, const size_t value); 33 | 34 | }; 35 | 36 | } // libsnark 37 | 38 | #endif // RA_MEMORY_HPP_ 39 | -------------------------------------------------------------------------------- /src/relations/ram_computations/rams/examples/ram_examples.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a RAM example, as well as functions to sample 5 | RAM examples with prescribed parameters (according to some distribution). 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RAM_EXAMPLES_HPP_ 14 | #define RAM_EXAMPLES_HPP_ 15 | 16 | #include "relations/ram_computations/rams/ram_params.hpp" 17 | 18 | namespace libsnark { 19 | 20 | template 21 | struct ram_example { 22 | ram_architecture_params ap; 23 | size_t boot_trace_size_bound; 24 | size_t time_bound; 25 | ram_boot_trace boot_trace; 26 | ram_input_tape auxiliary_input; 27 | }; 28 | 29 | /** 30 | * For now: only specialized to TinyRAM 31 | */ 32 | template 33 | ram_example gen_ram_example_simple(const ram_architecture_params &ap, const size_t boot_trace_size_bound, const size_t time_bound, const bool satisfiable=true); 34 | 35 | /** 36 | * For now: only specialized to TinyRAM 37 | */ 38 | template 39 | ram_example gen_ram_example_complex(const ram_architecture_params &ap, const size_t boot_trace_size_bound, const size_t time_bound, const bool satisfiable=true); 40 | 41 | } // libsnark 42 | 43 | #include "relations/ram_computations/rams/examples/ram_examples.tcc" 44 | 45 | #endif // RAM_EXAMPLES_HPP_ 46 | -------------------------------------------------------------------------------- /src/relations/ram_computations/rams/fooram/fooram_aux.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of auxiliary functions for FOORAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef FOORAM_AUX_HPP_ 13 | #define FOORAM_AUX_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | #include "common/utils.hpp" 19 | #include "relations/ram_computations/memory/memory_interface.hpp" 20 | 21 | namespace libsnark { 22 | 23 | typedef std::vector fooram_program; 24 | typedef std::vector fooram_input_tape; 25 | typedef typename std::vector::const_iterator fooram_input_tape_iterator; 26 | 27 | class fooram_architecture_params { 28 | public: 29 | size_t w; 30 | fooram_architecture_params(const size_t w=16); 31 | 32 | size_t num_addresses() const; 33 | size_t address_size() const; 34 | size_t value_size() const; 35 | size_t cpu_state_size() const; 36 | size_t initial_pc_addr() const; 37 | 38 | memory_contents initial_memory_contents(const fooram_program &program, 39 | const fooram_input_tape &primary_input) const; 40 | 41 | bit_vector initial_cpu_state() const; 42 | void print() const; 43 | bool operator==(const fooram_architecture_params &other) const; 44 | 45 | friend std::ostream& operator<<(std::ostream &out, const fooram_architecture_params &ap); 46 | friend std::istream& operator>>(std::istream &in, fooram_architecture_params &ap); 47 | }; 48 | 49 | } // libsnark 50 | 51 | #endif // FOORAM_AUX_HPP_ 52 | -------------------------------------------------------------------------------- /src/relations/ram_computations/rams/fooram/fooram_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public parameters for FOORAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef FOORAM_PARAMS_HPP_ 13 | #define FOORAM_PARAMS_HPP_ 14 | 15 | #include "gadgetlib1/gadgets/cpu_checkers/fooram/fooram_cpu_checker.hpp" 16 | #include "relations/ram_computations/rams/fooram/fooram_aux.hpp" 17 | #include "relations/ram_computations/rams/ram_params.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class ram_fooram { 23 | public: 24 | typedef FieldT base_field_type; 25 | typedef fooram_protoboard protoboard_type; 26 | typedef fooram_gadget gadget_base_type; 27 | typedef fooram_cpu_checker cpu_checker_type; 28 | typedef fooram_architecture_params architecture_params_type; 29 | 30 | static size_t timestamp_length; 31 | }; 32 | 33 | template 34 | size_t ram_fooram::timestamp_length = 300; 35 | 36 | } // libsnark 37 | 38 | #endif // FOORAM_PARAMS_HPP_ 39 | -------------------------------------------------------------------------------- /src/relations/ram_computations/rams/tinyram/tinyram_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public parameters for TinyRAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TINYRAM_PARAMS_HPP_ 13 | #define TINYRAM_PARAMS_HPP_ 14 | 15 | #include "relations/ram_computations/rams/ram_params.hpp" 16 | #include "relations/ram_computations/rams/tinyram/tinyram_aux.hpp" 17 | #include "gadgetlib1/gadgets/cpu_checkers/tinyram/tinyram_cpu_checker.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class ram_tinyram { 23 | public: 24 | static size_t timestamp_length; 25 | 26 | typedef FieldT base_field_type; 27 | typedef tinyram_protoboard protoboard_type; 28 | typedef tinyram_gadget gadget_base_type; 29 | typedef tinyram_cpu_checker cpu_checker_type; 30 | typedef tinyram_architecture_params architecture_params_type; 31 | }; 32 | 33 | template 34 | size_t ram_tinyram::timestamp_length = 300; 35 | 36 | } // libsnark 37 | 38 | #endif // TINYRAM_PARAMS_HPP_ 39 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/ppzkpcd_compliance_predicate.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Template aliasing for prettifying R1CS PCD interfaces. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef PPZKPCD_COMPLIANCE_PREDICATE_HPP_ 13 | #define PPZKPCD_COMPLIANCE_PREDICATE_HPP_ 14 | 15 | #include "algebra/curves/public_params.hpp" 16 | #include "zk_proof_systems/pcd/r1cs_pcd/compliance_predicate/compliance_predicate.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /* template aliasing for R1CS (multi-predicate) ppzkPCD: */ 21 | 22 | template 23 | using r1cs_mp_ppzkpcd_compliance_predicate = r1cs_pcd_compliance_predicate >; 24 | 25 | template 26 | using r1cs_mp_ppzkpcd_message = r1cs_pcd_message >; 27 | 28 | template 29 | using r1cs_mp_ppzkpcd_local_data = r1cs_pcd_local_data >; 30 | 31 | template 32 | using r1cs_mp_ppzkpcd_variable_assignment = r1cs_variable_assignment >; 33 | 34 | } 35 | 36 | #endif // PPZKPCD_COMPLIANCE_PREDICATE_HPP_ 37 | 38 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/examples/run_r1cs_mp_ppzkpcd.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS multi-predicate ppzkPCD 5 | for a compliance predicate example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_MP_PPZKPCD_HPP_ 14 | #define RUN_R1CS_MP_PPZKPCD_HPP_ 15 | 16 | namespace libsnark { 17 | 18 | /** 19 | * Runs the multi-predicate ppzkPCD (generator, prover, and verifier) for the 20 | * "tally compliance predicate", of a given wordsize, arity, and depth. 21 | * 22 | * Optionally, also test the serialization routines for keys and proofs. 23 | * (This takes additional time.) 24 | * 25 | * Optionally, also test the case of compliance predicates with different types. 26 | */ 27 | template 28 | bool run_r1cs_mp_ppzkpcd_tally_example(const size_t wordsize, 29 | const size_t max_arity, 30 | const size_t depth, 31 | const bool test_serialization, 32 | const bool test_multi_type, 33 | const bool test_same_type_optimization); 34 | 35 | } // libsnark 36 | 37 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/examples/run_r1cs_mp_ppzkpcd.tcc" 38 | 39 | #endif // RUN_R1CS_MP_PPZKPCD_HPP_ 40 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/profiling/profile_r1cs_mp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include "common/default_types/r1cs_ppzkpcd_pp.hpp" 8 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/r1cs_mp_ppzkpcd.hpp" 9 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/examples/run_r1cs_mp_ppzkpcd.hpp" 10 | 11 | using namespace libsnark; 12 | 13 | template 14 | void profile_tally(const size_t arity, const size_t max_layer) 15 | { 16 | const size_t wordsize = 32; 17 | const bool test_serialization = true; 18 | const bool test_multi_type = true; 19 | const bool test_same_type_optimization = false; 20 | const bool bit = run_r1cs_mp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization, test_multi_type, test_same_type_optimization); 21 | assert(bit); 22 | } 23 | 24 | int main(void) 25 | { 26 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 27 | 28 | start_profiling(); 29 | PCD_pp::init_public_params(); 30 | 31 | const size_t arity = 2; 32 | const size_t max_layer = 2; 33 | 34 | profile_tally(arity, max_layer); 35 | } 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/r1cs_mp_ppzkpcd_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Parameters for *multi-predicate* ppzkPCD for R1CS. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_MP_PPZKPCD_PARAMS_HPP_ 13 | #define R1CS_MP_PPZKPCD_PARAMS_HPP_ 14 | 15 | #include "algebra/curves/public_params.hpp" 16 | #include "zk_proof_systems/pcd/r1cs_pcd/compliance_predicate/compliance_predicate.hpp" 17 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | using r1cs_mp_ppzkpcd_compliance_predicate = r1cs_pcd_compliance_predicate >; 23 | 24 | template 25 | using r1cs_mp_ppzkpcd_message = r1cs_pcd_message >; 26 | 27 | template 28 | using r1cs_mp_ppzkpcd_local_data = r1cs_pcd_local_data >; 29 | 30 | template 31 | using r1cs_mp_ppzkpcd_primary_input = r1cs_pcd_compliance_predicate_primary_input >; 32 | 33 | template 34 | using r1cs_mp_ppzkpcd_auxiliary_input = r1cs_pcd_compliance_predicate_auxiliary_input >; 35 | 36 | } // libsnark 37 | 38 | #endif // R1CS_MP_PPZKPCD_PARAMS_HPP_ 39 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/tests/test_r1cs_mp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include "common/default_types/r1cs_ppzkpcd_pp.hpp" 8 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/examples/run_r1cs_mp_ppzkpcd.hpp" 9 | 10 | using namespace libsnark; 11 | 12 | template 13 | void test_tally(const size_t arity, const size_t max_layer, const bool test_multi_type, const bool test_same_type_optimization) 14 | 15 | { 16 | const size_t wordsize = 32; 17 | const bool test_serialization = true; 18 | const bool bit = run_r1cs_mp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization, test_multi_type, test_same_type_optimization); 19 | assert(bit); 20 | } 21 | 22 | int main(void) 23 | { 24 | start_profiling(); 25 | default_r1cs_ppzkpcd_pp::init_public_params(); 26 | 27 | const size_t max_arity = 2; 28 | const size_t max_layer = 2; 29 | 30 | test_tally(max_arity, max_layer, false, false); 31 | test_tally(max_arity, max_layer, false, true); 32 | test_tally(max_arity, max_layer, true, false); 33 | test_tally(max_arity, max_layer, true, true); 34 | } 35 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef R1CS_PCD_PARAMS_HPP_ 8 | #define R1CS_PCD_PARAMS_HPP_ 9 | 10 | #include 11 | #include "zk_proof_systems/pcd/r1cs_pcd/compliance_predicate/compliance_predicate.hpp" 12 | 13 | namespace libsnark { 14 | 15 | template 16 | class r1cs_pcd_compliance_predicate_primary_input { 17 | public: 18 | std::shared_ptr > outgoing_message; 19 | 20 | r1cs_pcd_compliance_predicate_primary_input(const std::shared_ptr > &outgoing_message) : outgoing_message(outgoing_message) {} 21 | r1cs_primary_input as_r1cs_primary_input() const; 22 | }; 23 | 24 | template 25 | class r1cs_pcd_compliance_predicate_auxiliary_input { 26 | public: 27 | std::vector > > incoming_messages; 28 | std::shared_ptr > local_data; 29 | r1cs_pcd_witness witness; 30 | 31 | r1cs_pcd_compliance_predicate_auxiliary_input(const std::vector > > &incoming_messages, 32 | const std::shared_ptr > &local_data, 33 | const r1cs_pcd_witness &witness) : 34 | incoming_messages(incoming_messages), local_data(local_data), witness(witness) {} 35 | 36 | r1cs_auxiliary_input as_r1cs_auxiliary_input(const std::vector &incoming_message_payload_lengths) const; 37 | }; 38 | 39 | } // libsnark 40 | 41 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.tcc" 42 | 43 | #endif // R1CS_PCD_PARAMS_HPP_ 44 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef R1CS_PCD_PARAMS_TCC_ 8 | #define R1CS_PCD_PARAMS_TCC_ 9 | 10 | namespace libsnark { 11 | 12 | template 13 | r1cs_primary_input r1cs_pcd_compliance_predicate_primary_input::as_r1cs_primary_input() const 14 | { 15 | return outgoing_message->as_r1cs_variable_assignment(); 16 | } 17 | 18 | template 19 | r1cs_auxiliary_input r1cs_pcd_compliance_predicate_auxiliary_input::as_r1cs_auxiliary_input(const std::vector &incoming_message_payload_lengths) const 20 | { 21 | const size_t arity = incoming_messages.size(); 22 | 23 | r1cs_auxiliary_input result; 24 | result.emplace_back(FieldT(arity)); 25 | 26 | const size_t max_arity = incoming_message_payload_lengths.size(); 27 | assert(arity <= max_arity); 28 | 29 | for (size_t i = 0; i < arity; ++i) 30 | { 31 | const r1cs_variable_assignment msg_as_r1cs_va = incoming_messages[i]->as_r1cs_variable_assignment(); 32 | assert(msg_as_r1cs_va.size() == (1 + incoming_message_payload_lengths[i])); 33 | result.insert(result.end(), msg_as_r1cs_va.begin(), msg_as_r1cs_va.end()); 34 | } 35 | 36 | /* pad with dummy messages of appropriate size */ 37 | for (size_t i = arity; i < max_arity; ++i) 38 | { 39 | result.resize(result.size() + (1 + incoming_message_payload_lengths[i]), FieldT::zero()); 40 | } 41 | 42 | const r1cs_variable_assignment local_data_as_r1cs_va = local_data->as_r1cs_variable_assignment(); 43 | result.insert(result.end(), local_data_as_r1cs_va.begin(), local_data_as_r1cs_va.end()); 44 | result.insert(result.end(), witness.begin(), witness.end()); 45 | 46 | return result; 47 | } 48 | 49 | } // libsnark 50 | 51 | #endif // R1CS_PCD_PARAMS_TCC_ 52 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/examples/run_r1cs_sp_ppzkpcd.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS single-predicate ppzkPCD 5 | for a compliance predicate example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_SP_PPZKPCD_HPP_ 14 | #define RUN_R1CS_SP_PPZKPCD_HPP_ 15 | 16 | namespace libsnark { 17 | 18 | /** 19 | * Runs the single-predicate ppzkPCD (generator, prover, and verifier) for the 20 | * "tally compliance predicate", of a given wordsize, arity, and depth. 21 | * 22 | * Optionally, also test the serialization routines for keys and proofs. 23 | * (This takes additional time.) 24 | */ 25 | template 26 | bool run_r1cs_sp_ppzkpcd_tally_example(const size_t wordsize, 27 | const size_t arity, 28 | const size_t depth, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/examples/run_r1cs_sp_ppzkpcd.tcc" 34 | 35 | #endif // RUN_R1CS_SP_PPZKPCD_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/profiling/profile_r1cs_sp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include "common/default_types/r1cs_ppzkpcd_pp.hpp" 8 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/r1cs_sp_ppzkpcd.hpp" 9 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/examples/run_r1cs_sp_ppzkpcd.hpp" 10 | 11 | using namespace libsnark; 12 | 13 | template 14 | void profile_tally(const size_t arity, const size_t max_layer) 15 | { 16 | const size_t wordsize = 32; 17 | const bool test_serialization = true; 18 | const bool bit = run_r1cs_sp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization); 19 | assert(bit); 20 | } 21 | 22 | int main(void) 23 | { 24 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 25 | 26 | start_profiling(); 27 | PCD_pp::init_public_params(); 28 | 29 | const size_t arity = 2; 30 | const size_t max_layer = 2; 31 | 32 | profile_tally(arity, max_layer); 33 | } 34 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/r1cs_sp_ppzkpcd_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Parameters for *single-predicate* ppzkPCD for R1CS. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_SP_PPZKPCD_PARAMS_HPP_ 13 | #define R1CS_SP_PPZKPCD_PARAMS_HPP_ 14 | 15 | #include "algebra/curves/public_params.hpp" 16 | #include "zk_proof_systems/pcd/r1cs_pcd/compliance_predicate/compliance_predicate.hpp" 17 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.hpp" 18 | 19 | namespace libsnark { 20 | 21 | template 22 | using r1cs_sp_ppzkpcd_compliance_predicate = r1cs_pcd_compliance_predicate >; 23 | 24 | template 25 | using r1cs_sp_ppzkpcd_message = r1cs_pcd_message >; 26 | 27 | template 28 | using r1cs_sp_ppzkpcd_local_data = r1cs_pcd_local_data >; 29 | 30 | template 31 | using r1cs_sp_ppzkpcd_primary_input = r1cs_pcd_compliance_predicate_primary_input >; 32 | 33 | template 34 | using r1cs_sp_ppzkpcd_auxiliary_input = r1cs_pcd_compliance_predicate_auxiliary_input >; 35 | 36 | } // libsnark 37 | 38 | #endif // R1CS_SP_PPZKPCD_PARAMS_HPP_ 39 | -------------------------------------------------------------------------------- /src/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/tests/test_r1cs_sp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include "common/default_types/r1cs_ppzkpcd_pp.hpp" 8 | #include "zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/examples/run_r1cs_sp_ppzkpcd.hpp" 9 | 10 | using namespace libsnark; 11 | 12 | template 13 | void test_tally(const size_t arity, const size_t max_layer) 14 | { 15 | const size_t wordsize = 32; 16 | const bool test_serialization = true; 17 | const bool bit = run_r1cs_sp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization); 18 | assert(bit); 19 | } 20 | 21 | int main(void) 22 | { 23 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 24 | 25 | start_profiling(); 26 | PCD_pp::init_public_params(); 27 | 28 | const size_t arity = 2; 29 | const size_t max_layer = 2; 30 | 31 | test_tally(arity, max_layer); 32 | } 33 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/demo_r1cs_ppzkadsnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include "common/default_types/r1cs_ppzkadsnark_pp.hpp" 14 | #include "common/profiling.hpp" 15 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/run_r1cs_ppzkadsnark.hpp" 16 | 17 | using namespace libsnark; 18 | 19 | int main(int argc, const char * argv[]) 20 | { 21 | default_r1cs_ppzkadsnark_pp::init_public_params(); 22 | start_profiling(); 23 | 24 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 25 | { 26 | print_compilation_info(); 27 | return 0; 28 | } 29 | 30 | if (argc != 3 && argc != 4) 31 | { 32 | printf("usage: %s num_constraints input_size [Fr|bytes]\n", argv[0]); 33 | return 1; 34 | } 35 | const int num_constraints = atoi(argv[1]); 36 | int input_size = atoi(argv[2]); 37 | if (argc == 4) 38 | { 39 | assert(strcmp(argv[3], "Fr") == 0 || strcmp(argv[3], "bytes") == 0); 40 | if (strcmp(argv[3], "bytes") == 0) 41 | { 42 | input_size = div_ceil(8 * input_size, Fr>::num_bits - 1); 43 | } 44 | } 45 | 46 | enter_block("Generate R1CS example"); 47 | r1cs_example>> example = 48 | generate_r1cs_example_with_field_input>> 49 | (num_constraints, input_size); 50 | leave_block("Generate R1CS example"); 51 | 52 | print_header("(enter) Profile R1CS ppzkADSNARK"); 53 | const bool test_serialization = true; 54 | run_r1cs_ppzkadsnark(example, test_serialization); 55 | print_header("(leave) Profile R1CS ppzkADSNARK"); 56 | } 57 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/prf/aes_ctr_prf.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | AES-Based PRF for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef AESCTRPRF_HPP_ 13 | #define AESCTRPRF_HPP_ 14 | 15 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_prf.hpp" 16 | 17 | namespace libsnark { 18 | 19 | class aesPrfKeyT { 20 | public: 21 | unsigned char key_bytes[32]; 22 | }; 23 | 24 | } // libsnark 25 | 26 | #endif // AESCTRPRF_HPP_ 27 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/run_r1cs_ppzkadsnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS ppzkADSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_PPZKADSNARK_HPP_ 14 | #define RUN_R1CS_PPZKADSNARK_HPP_ 15 | 16 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkADSNARK (generator, prover, and verifier) for a given 22 | * R1CS example (specified by a constraint system, input, and witness). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_r1cs_ppzkadsnark(const r1cs_example> > &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/run_r1cs_ppzkadsnark.tcc" 34 | 35 | #endif // RUN_R1CS_PPZKADSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/signature/ed25519_signature.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Fast batch verification signature for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | /** @file 13 | ***************************************************************************** 14 | * @author This file was deed to libsnark by Manuel Barbosa. 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #ifndef ED25519SIG_HPP_ 19 | #define ED25519SIG_HPP_ 20 | 21 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_signature.hpp" 22 | 23 | namespace libsnark { 24 | 25 | class ed25519_sigT { 26 | public: 27 | unsigned char sig_bytes[64]; 28 | }; 29 | 30 | class ed25519_vkT { 31 | public: 32 | unsigned char vk_bytes[32]; 33 | }; 34 | 35 | class ed25519_skT { 36 | public: 37 | unsigned char sk_bytes[64]; 38 | }; 39 | 40 | } // libsnark 41 | 42 | #endif // ED25519SIG_HPP_ 43 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS ppzkADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_PPZKADSNARK_PARAMS_HPP_ 13 | #define R1CS_PPZKADSNARK_PARAMS_HPP_ 14 | 15 | #include "relations/constraint_satisfaction_problems/r1cs/r1cs.hpp" 16 | 17 | namespace libsnark { 18 | 19 | class labelT { 20 | public: 21 | unsigned char label_bytes[16]; 22 | labelT() {}; 23 | }; 24 | 25 | /** 26 | * Below are various template aliases (used for convenience). 27 | */ 28 | 29 | template 30 | using snark_pp = typename r1cs_ppzkadsnark_ppT::snark_pp; 31 | 32 | template 33 | using r1cs_ppzkadsnark_constraint_system = r1cs_constraint_system>>; 34 | 35 | template 36 | using r1cs_ppzkadsnark_primary_input = r1cs_primary_input> >; 37 | 38 | template 39 | using r1cs_ppzkadsnark_auxiliary_input = r1cs_auxiliary_input> >; 40 | 41 | template 42 | using r1cs_ppzkadsnark_skT = typename r1cs_ppzkadsnark_ppT::skT; 43 | 44 | template 45 | using r1cs_ppzkadsnark_vkT = typename r1cs_ppzkadsnark_ppT::vkT; 46 | 47 | template 48 | using r1cs_ppzkadsnark_sigT = typename r1cs_ppzkadsnark_ppT::sigT; 49 | 50 | template 51 | using r1cs_ppzkadsnark_prfKeyT = typename r1cs_ppzkadsnark_ppT::prfKeyT; 52 | 53 | 54 | } // libsnark 55 | 56 | #endif // R1CS_PPZKADSNARK_PARAMS_HPP_ 57 | 58 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_prf.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Generic PRF interface for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef PRF_HPP_ 13 | #define PRF_HPP_ 14 | 15 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_params.hpp" 16 | 17 | namespace libsnark { 18 | 19 | template 20 | r1cs_ppzkadsnark_prfKeyT prfGen(); 21 | 22 | template 23 | Fr> prfCompute(const r1cs_ppzkadsnark_prfKeyT &key, const labelT &label); 24 | 25 | } // libsnark 26 | 27 | #endif // PRF_HPP_ 28 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_signature.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Generic signature interface for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | /** @file 13 | ***************************************************************************** 14 | * @author This file was deed to libsnark by Manuel Barbosa. 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #ifndef SIGNATURE_HPP_ 19 | #define SIGNATURE_HPP_ 20 | 21 | #include "zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_params.hpp" 22 | 23 | namespace libsnark { 24 | 25 | template 26 | class kpT { 27 | public: 28 | r1cs_ppzkadsnark_skT sk; 29 | r1cs_ppzkadsnark_vkT vk; 30 | }; 31 | 32 | template 33 | kpT sigGen(void); 34 | 35 | template 36 | r1cs_ppzkadsnark_sigT sigSign(const r1cs_ppzkadsnark_skT &sk, const labelT &label, const G2> &Lambda); 37 | 38 | template 39 | bool sigVerif(const r1cs_ppzkadsnark_vkT &vk, const labelT &label, const G2> &Lambda, const r1cs_ppzkadsnark_sigT &sig); 40 | 41 | template 42 | bool sigBatchVerif(const r1cs_ppzkadsnark_vkT &vk, const std::vector &labels, const std::vector>> &Lambdas, const std::vector> &sigs); 43 | 44 | } // libsnark 45 | 46 | #endif // SIGNATURE_HPP_ 47 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/bacs_ppzksnark/bacs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the BACS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef BACS_PPZKSNARK_PARAMS_HPP_ 13 | #define BACS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include "relations/circuit_satisfaction_problems/bacs/bacs.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Below are various template aliases (used for convenience). 21 | */ 22 | 23 | template 24 | using bacs_ppzksnark_circuit = bacs_circuit >; 25 | 26 | template 27 | using bacs_ppzksnark_primary_input = bacs_primary_input >; 28 | 29 | template 30 | using bacs_ppzksnark_auxiliary_input = bacs_auxiliary_input >; 31 | 32 | } // libsnark 33 | 34 | #endif // BACS_PPZKSNARK_PARAMS_HPP_ 35 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/bacs_ppzksnark/examples/run_bacs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the BACS ppzkSNARK for 5 | a given BACS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_BACS_PPZKSNARK_HPP_ 14 | #define RUN_BACS_PPZKSNARK_HPP_ 15 | 16 | #include "relations/circuit_satisfaction_problems/bacs/examples/bacs_examples.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 22 | * BACS example (specified by a circuit, primary input, and auxiliary input). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_bacs_ppzksnark(const bacs_example > &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/ppzksnark/bacs_ppzksnark/examples/run_bacs_ppzksnark.tcc" 34 | 35 | #endif // RUN_BACS_PPZKSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/bacs_ppzksnark/tests/test_bacs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic BACS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include "common/default_types/bacs_ppzksnark_pp.hpp" 15 | #include "common/profiling.hpp" 16 | #include "relations/circuit_satisfaction_problems/bacs/examples/bacs_examples.hpp" 17 | #include "zk_proof_systems/ppzksnark/bacs_ppzksnark/examples/run_bacs_ppzksnark.hpp" 18 | 19 | using namespace libsnark; 20 | 21 | template 22 | void test_bacs_ppzksnark(const size_t primary_input_size, 23 | const size_t auxiliary_input_size, 24 | const size_t num_gates, 25 | const size_t num_outputs) 26 | { 27 | print_header("(enter) Test BACS ppzkSNARK"); 28 | 29 | const bool test_serialization = true; 30 | const bacs_example > example = generate_bacs_example >(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 31 | #ifdef DEBUG 32 | example.circuit.print(); 33 | #endif 34 | const bool bit = run_bacs_ppzksnark(example, test_serialization); 35 | assert(bit); 36 | 37 | print_header("(leave) Test BACS ppzkSNARK"); 38 | } 39 | 40 | int main() 41 | { 42 | default_bacs_ppzksnark_pp::init_public_params(); 43 | start_profiling(); 44 | 45 | test_bacs_ppzksnark(10, 10, 20, 5); 46 | } 47 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/examples/run_r1cs_gg_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS GG-ppzkSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_GG_PPZKSNARK_HPP_ 14 | #define RUN_R1CS_GG_PPZKSNARK_HPP_ 15 | 16 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 22 | * R1CS example (specified by a constraint system, input, and witness). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_r1cs_gg_ppzksnark(const r1cs_example > &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/examples/run_r1cs_gg_ppzksnark.tcc" 34 | 35 | #endif // RUN_R1CS_GG_PPZKSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/r1cs_gg_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS GG-ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_GG_PPZKSNARK_PARAMS_HPP_ 13 | #define R1CS_GG_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include "relations/constraint_satisfaction_problems/r1cs/r1cs.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Below are various template aliases (used for convenience). 21 | */ 22 | 23 | template 24 | using r1cs_gg_ppzksnark_constraint_system = r1cs_constraint_system >; 25 | 26 | template 27 | using r1cs_gg_ppzksnark_primary_input = r1cs_primary_input >; 28 | 29 | template 30 | using r1cs_gg_ppzksnark_auxiliary_input = r1cs_auxiliary_input >; 31 | 32 | } // libsnark 33 | 34 | #endif // R1CS_GG_PPZKSNARK_PARAMS_HPP_ 35 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/tests/test_r1cs_gg_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic R1CS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include "common/default_types/r1cs_gg_ppzksnark_pp.hpp" 15 | #include "common/profiling.hpp" 16 | #include "common/utils.hpp" 17 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 18 | #include "zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/examples/run_r1cs_gg_ppzksnark.hpp" 19 | 20 | using namespace libsnark; 21 | 22 | template 23 | void test_r1cs_gg_ppzksnark(size_t num_constraints, 24 | size_t input_size) 25 | { 26 | print_header("(enter) Test R1CS GG-ppzkSNARK"); 27 | 28 | const bool test_serialization = true; 29 | r1cs_example > example = generate_r1cs_example_with_binary_input >(num_constraints, input_size); 30 | const bool bit = run_r1cs_gg_ppzksnark(example, test_serialization); 31 | assert(bit); 32 | 33 | print_header("(leave) Test R1CS GG-ppzkSNARK"); 34 | } 35 | 36 | int main() 37 | { 38 | default_r1cs_gg_ppzksnark_pp::init_public_params(); 39 | start_profiling(); 40 | 41 | test_r1cs_gg_ppzksnark(1000, 100); 42 | } 43 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS ppzkSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_PPZKSNARK_HPP_ 14 | #define RUN_R1CS_PPZKSNARK_HPP_ 15 | 16 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 22 | * R1CS example (specified by a constraint system, input, and witness). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_r1cs_ppzksnark(const r1cs_example > &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.tcc" 34 | 35 | #endif // RUN_R1CS_PPZKSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_PPZKSNARK_PARAMS_HPP_ 13 | #define R1CS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include "relations/constraint_satisfaction_problems/r1cs/r1cs.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Below are various template aliases (used for convenience). 21 | */ 22 | 23 | template 24 | using r1cs_ppzksnark_constraint_system = r1cs_constraint_system >; 25 | 26 | template 27 | using r1cs_ppzksnark_primary_input = r1cs_primary_input >; 28 | 29 | template 30 | using r1cs_ppzksnark_auxiliary_input = r1cs_auxiliary_input >; 31 | 32 | } // libsnark 33 | 34 | #endif // R1CS_PPZKSNARK_PARAMS_HPP_ 35 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic R1CS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include "common/default_types/r1cs_ppzksnark_pp.hpp" 15 | #include "common/profiling.hpp" 16 | #include "common/utils.hpp" 17 | #include "relations/constraint_satisfaction_problems/r1cs/examples/r1cs_examples.hpp" 18 | #include "zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.hpp" 19 | 20 | using namespace libsnark; 21 | 22 | template 23 | void test_r1cs_ppzksnark(size_t num_constraints, 24 | size_t input_size) 25 | { 26 | print_header("(enter) Test R1CS ppzkSNARK"); 27 | 28 | const bool test_serialization = true; 29 | r1cs_example > example = generate_r1cs_example_with_binary_input >(num_constraints, input_size); 30 | const bool bit = run_r1cs_ppzksnark(example, test_serialization); 31 | assert(bit); 32 | 33 | print_header("(leave) Test R1CS ppzkSNARK"); 34 | } 35 | 36 | int main() 37 | { 38 | default_r1cs_ppzksnark_pp::init_public_params(); 39 | start_profiling(); 40 | 41 | test_r1cs_ppzksnark(1000, 100); 42 | } 43 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/ram_ppzksnark/examples/run_ram_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the RAM ppzkSNARK for 5 | a given RAM example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_RAM_PPZKSNARK_HPP_ 14 | #define RUN_RAM_PPZKSNARK_HPP_ 15 | 16 | #include "relations/ram_computations/rams/examples/ram_examples.hpp" 17 | #include "zk_proof_systems/ppzksnark/ram_ppzksnark/ram_ppzksnark_params.hpp" 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 23 | * RAM example (specified by an architecture, boot trace, auxiliary input, and time bound). 24 | * 25 | * Optionally, also test the serialization routines for keys and proofs. 26 | * (This takes additional time.) 27 | */ 28 | template 29 | bool run_ram_ppzksnark(const ram_example > &example, 30 | const bool test_serialization); 31 | 32 | } // libsnark 33 | 34 | #include "zk_proof_systems/ppzksnark/ram_ppzksnark/examples/run_ram_ppzksnark.tcc" 35 | 36 | #endif // RUN_RAM_PPZKSNARK_HPP_ 37 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/ram_ppzksnark/profiling/profile_ram_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | 14 | #include "common/default_types/ram_ppzksnark_pp.hpp" 15 | #include "common/profiling.hpp" 16 | #include "relations/ram_computations/rams/examples/ram_examples.hpp" 17 | #include "zk_proof_systems/ppzksnark/ram_ppzksnark/examples/run_ram_ppzksnark.hpp" 18 | #include "relations/ram_computations/rams/tinyram/tinyram_params.hpp" 19 | 20 | using namespace libsnark; 21 | 22 | int main(int argc, const char * argv[]) 23 | { 24 | ram_ppzksnark_snark_pp::init_public_params(); 25 | start_profiling(); 26 | 27 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 28 | { 29 | print_compilation_info(); 30 | return 0; 31 | } 32 | 33 | if (argc != 6) 34 | { 35 | printf("usage: %s word_size reg_count program_size input_size time_bound\n", argv[0]); 36 | return 1; 37 | } 38 | 39 | const size_t w = atoi(argv[1]), 40 | k = atoi(argv[2]), 41 | program_size = atoi(argv[3]), 42 | input_size = atoi(argv[4]), 43 | time_bound = atoi(argv[5]); 44 | 45 | typedef ram_ppzksnark_machine_pp machine_ppT; 46 | 47 | const ram_ppzksnark_architecture_params ap(w, k); 48 | 49 | enter_block("Generate RAM example"); 50 | const size_t boot_trace_size_bound = program_size + input_size; 51 | const bool satisfiable = true; 52 | ram_example example = gen_ram_example_complex(ap, boot_trace_size_bound, time_bound, satisfiable); 53 | enter_block("Generate RAM example"); 54 | 55 | print_header("(enter) Profile RAM ppzkSNARK"); 56 | const bool test_serialization = true; 57 | run_ram_ppzksnark(example, test_serialization); 58 | print_header("(leave) Profile RAM ppzkSNARK"); 59 | } 60 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/ram_ppzksnark/tests/test_ram_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include "common/default_types/ram_ppzksnark_pp.hpp" 14 | #include "common/profiling.hpp" 15 | #include "relations/ram_computations/rams/examples/ram_examples.hpp" 16 | #include "zk_proof_systems/ppzksnark/ram_ppzksnark/examples/run_ram_ppzksnark.hpp" 17 | 18 | using namespace libsnark; 19 | 20 | template 21 | void test_ram_ppzksnark(const size_t w, 22 | const size_t k, 23 | const size_t program_size, 24 | const size_t input_size, 25 | const size_t time_bound) 26 | { 27 | print_header("(enter) Test RAM ppzkSNARK"); 28 | 29 | typedef ram_ppzksnark_machine_pp machine_ppT; 30 | const size_t boot_trace_size_bound = program_size + input_size; 31 | const bool satisfiable = true; 32 | 33 | const ram_ppzksnark_architecture_params ap(w, k); 34 | const ram_example example = gen_ram_example_complex(ap, boot_trace_size_bound, time_bound, satisfiable); 35 | 36 | const bool test_serialization = true; 37 | const bool bit = run_ram_ppzksnark(example, test_serialization); 38 | assert(bit); 39 | 40 | print_header("(leave) Test RAM ppzkSNARK"); 41 | } 42 | 43 | int main() 44 | { 45 | ram_ppzksnark_snark_pp::init_public_params(); 46 | start_profiling(); 47 | 48 | const size_t program_size = 100; 49 | const size_t input_size = 2; 50 | const size_t time_bound = 20; 51 | 52 | // 16-bit TinyRAM with 16 registers 53 | test_ram_ppzksnark(16, 16, program_size, input_size, time_bound); 54 | 55 | // 32-bit TinyRAM with 16 registers 56 | test_ram_ppzksnark(32, 16, program_size, input_size, time_bound); 57 | } 58 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/tbcs_ppzksnark/examples/run_tbcs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the TBCS ppzkSNARK for 5 | a given TBCS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_TBCS_PPZKSNARK_HPP_ 14 | #define RUN_TBCS_PPZKSNARK_HPP_ 15 | 16 | #include "relations/circuit_satisfaction_problems/tbcs/examples/tbcs_examples.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 22 | * TBCS example (specified by a circuit, primary input, and auxiliary input). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_tbcs_ppzksnark(const tbcs_example &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/ppzksnark/tbcs_ppzksnark/examples/run_tbcs_ppzksnark.tcc" 34 | 35 | #endif // RUN_TBCS_PPZKSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/tbcs_ppzksnark/profiling/profile_tbcs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Profiling program that exercises the ppzkSNARK (first generator, then prover, 4 | then verifier) on a synthetic TBCS instance. 5 | 6 | The command 7 | 8 | $ src/tbcs_ppzksnark/examples/profile_tbcs_ppzksnark 1000 10 9 | 10 | exercises the ppzkSNARK (first generator, then prover, then verifier) on an TBCS instance with 1000 gates and an input consisting of 10 bits. 11 | 12 | ***************************************************************************** 13 | * @author This file is part of libsnark, developed by SCIPR Lab 14 | * and contributors (see AUTHORS). 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #include 19 | 20 | #include "common/default_types/tbcs_ppzksnark_pp.hpp" 21 | #include "common/profiling.hpp" 22 | #include "common/utils.hpp" 23 | #include "relations/circuit_satisfaction_problems/tbcs/examples/tbcs_examples.hpp" 24 | #include "zk_proof_systems/ppzksnark/tbcs_ppzksnark/examples/run_tbcs_ppzksnark.hpp" 25 | 26 | using namespace libsnark; 27 | 28 | int main(int argc, const char * argv[]) 29 | { 30 | default_tbcs_ppzksnark_pp::init_public_params(); 31 | start_profiling(); 32 | 33 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 34 | { 35 | print_compilation_info(); 36 | return 0; 37 | } 38 | 39 | if (argc != 3) 40 | { 41 | printf("usage: %s num_gates primary_input_size\n", argv[0]); 42 | return 1; 43 | } 44 | const int num_gates = atoi(argv[1]); 45 | int primary_input_size = atoi(argv[2]); 46 | 47 | const size_t auxiliary_input_size = 0; 48 | const size_t num_outputs = num_gates / 2; 49 | 50 | enter_block("Generate TBCS example"); 51 | tbcs_example example = generate_tbcs_example(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 52 | leave_block("Generate TBCS example"); 53 | 54 | print_header("(enter) Profile TBCS ppzkSNARK"); 55 | const bool test_serialization = true; 56 | run_tbcs_ppzksnark(example, test_serialization); 57 | print_header("(leave) Profile TBCS ppzkSNARK"); 58 | } 59 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/tbcs_ppzksnark/tbcs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the TBCS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TBCS_PPZKSNARK_PARAMS_HPP_ 13 | #define TBCS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include "relations/circuit_satisfaction_problems/tbcs/tbcs.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Below are various typedefs aliases (used for uniformity with other proof systems). 21 | */ 22 | 23 | typedef tbcs_circuit tbcs_ppzksnark_circuit; 24 | 25 | typedef tbcs_primary_input tbcs_ppzksnark_primary_input; 26 | 27 | typedef tbcs_auxiliary_input tbcs_ppzksnark_auxiliary_input; 28 | 29 | } // libsnark 30 | 31 | #endif // TBCS_PPZKSNARK_PARAMS_HPP_ 32 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/tbcs_ppzksnark/tests/test_tbcs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic TBCS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include "common/default_types/tbcs_ppzksnark_pp.hpp" 15 | #include "common/profiling.hpp" 16 | #include "relations/circuit_satisfaction_problems/tbcs/examples/tbcs_examples.hpp" 17 | #include "zk_proof_systems/ppzksnark/tbcs_ppzksnark/examples/run_tbcs_ppzksnark.hpp" 18 | 19 | using namespace libsnark; 20 | 21 | template 22 | void test_tbcs_ppzksnark(const size_t primary_input_size, 23 | const size_t auxiliary_input_size, 24 | const size_t num_gates, 25 | const size_t num_outputs) 26 | { 27 | print_header("(enter) Test TBCS ppzkSNARK"); 28 | 29 | const bool test_serialization = true; 30 | const tbcs_example example = generate_tbcs_example(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 31 | #ifdef DEBUG 32 | example.circuit.print(); 33 | #endif 34 | const bool bit = run_tbcs_ppzksnark(example, test_serialization); 35 | assert(bit); 36 | 37 | print_header("(leave) Test TBCS ppzkSNARK"); 38 | } 39 | 40 | int main() 41 | { 42 | default_tbcs_ppzksnark_pp::init_public_params(); 43 | start_profiling(); 44 | 45 | test_tbcs_ppzksnark(10, 10, 20, 5); 46 | } 47 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/uscs_ppzksnark/examples/run_uscs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the USCS ppzkSNARK for 5 | a given USCS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_USCS_PPZKSNARK_HPP_ 14 | #define RUN_USCS_PPZKSNARK_HPP_ 15 | 16 | #include "relations/constraint_satisfaction_problems/uscs/examples/uscs_examples.hpp" 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 22 | * USCS example (specified by a constraint system, input, and witness). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_uscs_ppzksnark(const uscs_example > &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include "zk_proof_systems/ppzksnark/uscs_ppzksnark/examples/run_uscs_ppzksnark.tcc" 34 | 35 | #endif // RUN_USCS_PPZKSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/uscs_ppzksnark/tests/test_uscs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic USCS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include "common/default_types/uscs_ppzksnark_pp.hpp" 15 | #include "common/profiling.hpp" 16 | #include "common/utils.hpp" 17 | #include "relations/constraint_satisfaction_problems/uscs/examples/uscs_examples.hpp" 18 | #include "zk_proof_systems/ppzksnark/uscs_ppzksnark/examples/run_uscs_ppzksnark.hpp" 19 | 20 | using namespace libsnark; 21 | 22 | template 23 | void test_uscs_ppzksnark(size_t num_constraints, 24 | size_t input_size) 25 | { 26 | print_header("(enter) Test USCS ppzkSNARK"); 27 | 28 | const bool test_serialization = true; 29 | uscs_example > example = generate_uscs_example_with_binary_input >(num_constraints, input_size); 30 | const bool bit = run_uscs_ppzksnark(example, test_serialization); 31 | assert(bit); 32 | 33 | print_header("(leave) Test USCS ppzkSNARK"); 34 | } 35 | 36 | int main() 37 | { 38 | default_uscs_ppzksnark_pp::init_public_params(); 39 | start_profiling(); 40 | 41 | test_uscs_ppzksnark(1000, 100); 42 | } 43 | -------------------------------------------------------------------------------- /src/zk_proof_systems/ppzksnark/uscs_ppzksnark/uscs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the USCS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef USCS_PPZKSNARK_PARAMS_HPP_ 13 | #define USCS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include "relations/constraint_satisfaction_problems/uscs/uscs.hpp" 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Below are various template aliases (used for convenience). 21 | */ 22 | 23 | template 24 | using uscs_ppzksnark_constraint_system = uscs_constraint_system >; 25 | 26 | template 27 | using uscs_ppzksnark_primary_input = uscs_primary_input >; 28 | 29 | template 30 | using uscs_ppzksnark_auxiliary_input = uscs_auxiliary_input >; 31 | 32 | } // libsnark 33 | 34 | #endif // USCS_PPZKSNARK_PARAMS_HPP_ 35 | -------------------------------------------------------------------------------- /src/zk_proof_systems/zksnark/ram_zksnark/examples/run_ram_zksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the RAM zkSNARK for 5 | a given RAM example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_RAM_ZKSNARK_HPP_ 14 | #define RUN_RAM_ZKSNARK_HPP_ 15 | 16 | #include "relations/ram_computations/rams/examples/ram_examples.hpp" 17 | #include "zk_proof_systems/zksnark/ram_zksnark/ram_zksnark_params.hpp" 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Runs the zkSNARK (generator, prover, and verifier) for a given 23 | * RAM example (specified by an architecture, boot trace, auxiliary input, and time bound). 24 | * 25 | * Optionally, also test the serialization routines for keys and proofs. 26 | * (This takes additional time.) 27 | */ 28 | template 29 | bool run_ram_zksnark(const ram_example > &example, 30 | const bool test_serialization); 31 | 32 | } // libsnark 33 | 34 | #include "zk_proof_systems/zksnark/ram_zksnark/examples/run_ram_zksnark.tcc" 35 | 36 | #endif // RUN_RAM_ZKSNARK_HPP_ 37 | -------------------------------------------------------------------------------- /src/zk_proof_systems/zksnark/ram_zksnark/tests/test_ram_zksnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include "common/default_types/ram_zksnark_pp.hpp" 9 | #include "relations/ram_computations/rams/tinyram/tinyram_params.hpp" 10 | #include "zk_proof_systems/zksnark/ram_zksnark/examples/run_ram_zksnark.hpp" 11 | #include "relations/ram_computations/rams/examples/ram_examples.hpp" 12 | 13 | using namespace libsnark; 14 | 15 | template 16 | void test_ram_zksnark(const size_t w, 17 | const size_t k, 18 | const size_t boot_trace_size_bound, 19 | const size_t time_bound) 20 | { 21 | typedef ram_zksnark_machine_pp ramT; 22 | const ram_architecture_params ap(w, k); 23 | const ram_example example = gen_ram_example_complex(ap, boot_trace_size_bound, time_bound, true); 24 | const bool test_serialization = true; 25 | const bool ans = run_ram_zksnark(example, test_serialization); 26 | assert(ans); 27 | } 28 | 29 | int main(void) 30 | { 31 | start_profiling(); 32 | ram_zksnark_PCD_pp::init_public_params(); 33 | 34 | const size_t w = 32; 35 | const size_t k = 16; 36 | 37 | const size_t boot_trace_size_bound = 20; 38 | const size_t time_bound = 10; 39 | 40 | test_ram_zksnark(w, k, boot_trace_size_bound, time_bound); 41 | } 42 | --------------------------------------------------------------------------------