├── .gitignore ├── .gitmodules ├── .travis.yml ├── AUTHORS ├── CMakeLists.txt ├── Dockerfile ├── LICENSE ├── README.md ├── Transition-to-CMake.md ├── depends └── CMakeLists.txt ├── doxygen.conf ├── libsnark ├── CMakeLists.txt ├── common │ ├── data_structures │ │ ├── accumulation_vector.hpp │ │ ├── accumulation_vector.tcc │ │ ├── integer_permutation.cpp │ │ ├── integer_permutation.hpp │ │ ├── merkle_tree.hpp │ │ ├── merkle_tree.tcc │ │ ├── set_commitment.cpp │ │ ├── set_commitment.hpp │ │ ├── set_commitment.tcc │ │ ├── sparse_vector.hpp │ │ └── sparse_vector.tcc │ ├── default_types │ │ ├── bacs_ppzksnark_pp.hpp │ │ ├── r1cs_gg_ppzksnark_pp.hpp │ │ ├── r1cs_ppzkadsnark_pp.cpp │ │ ├── r1cs_ppzkadsnark_pp.hpp │ │ ├── r1cs_ppzkpcd_pp.cpp │ │ ├── r1cs_ppzkpcd_pp.hpp │ │ ├── r1cs_ppzksnark_pp.hpp │ │ ├── r1cs_se_ppzksnark_pp.hpp │ │ ├── ram_ppzksnark_pp.hpp │ │ ├── ram_zksnark_pp.hpp │ │ ├── tbcs_ppzksnark_pp.hpp │ │ ├── tinyram_ppzksnark_pp.cpp │ │ ├── tinyram_ppzksnark_pp.hpp │ │ ├── tinyram_zksnark_pp.cpp │ │ ├── tinyram_zksnark_pp.hpp │ │ └── uscs_ppzksnark_pp.hpp │ ├── libsnark_serialization.hpp │ └── routing_algorithms │ │ ├── as_waksman_routing_algorithm.cpp │ │ ├── as_waksman_routing_algorithm.hpp │ │ ├── benes_routing_algorithm.cpp │ │ ├── benes_routing_algorithm.hpp │ │ ├── profiling │ │ └── profile_routing_algorithms.cpp │ │ └── tests │ │ ├── test_routing_algorithms.cpp │ │ └── test_routing_algorithms.py ├── gadgetlib1 │ ├── constraint_profiling.cpp │ ├── constraint_profiling.hpp │ ├── examples │ │ ├── simple_example.hpp │ │ └── simple_example.tcc │ ├── gadget.hpp │ ├── gadget.tcc │ ├── gadgets │ │ ├── basic_gadgets.hpp │ │ ├── basic_gadgets.tcc │ │ ├── cpu_checkers │ │ │ ├── fooram │ │ │ │ ├── components │ │ │ │ │ ├── bar_gadget.hpp │ │ │ │ │ ├── bar_gadget.tcc │ │ │ │ │ ├── fooram_protoboard.hpp │ │ │ │ │ └── fooram_protoboard.tcc │ │ │ │ ├── examples │ │ │ │ │ └── test_fooram.cpp │ │ │ │ ├── fooram_cpu_checker.hpp │ │ │ │ └── fooram_cpu_checker.tcc │ │ │ └── tinyram │ │ │ │ ├── components │ │ │ │ ├── alu_arithmetic.hpp │ │ │ │ ├── alu_arithmetic.tcc │ │ │ │ ├── alu_control_flow.hpp │ │ │ │ ├── alu_control_flow.tcc │ │ │ │ ├── alu_gadget.hpp │ │ │ │ ├── alu_gadget.tcc │ │ │ │ ├── argument_decoder_gadget.hpp │ │ │ │ ├── argument_decoder_gadget.tcc │ │ │ │ ├── consistency_enforcer_gadget.hpp │ │ │ │ ├── consistency_enforcer_gadget.tcc │ │ │ │ ├── memory_masking_gadget.hpp │ │ │ │ ├── memory_masking_gadget.tcc │ │ │ │ ├── tinyram_protoboard.hpp │ │ │ │ ├── tinyram_protoboard.tcc │ │ │ │ └── word_variable_gadget.hpp │ │ │ │ ├── tinyram_cpu_checker.hpp │ │ │ │ └── tinyram_cpu_checker.tcc │ │ ├── curves │ │ │ ├── weierstrass_g1_gadget.hpp │ │ │ ├── weierstrass_g1_gadget.tcc │ │ │ ├── weierstrass_g2_gadget.hpp │ │ │ └── weierstrass_g2_gadget.tcc │ │ ├── delegated_ra_memory │ │ │ ├── memory_load_gadget.hpp │ │ │ └── memory_load_store_gadget.hpp │ │ ├── fields │ │ │ ├── exponentiation_gadget.hpp │ │ │ ├── exponentiation_gadget.tcc │ │ │ ├── fp2_gadgets.hpp │ │ │ ├── fp2_gadgets.tcc │ │ │ ├── fp3_gadgets.hpp │ │ │ ├── fp3_gadgets.tcc │ │ │ ├── fp4_gadgets.hpp │ │ │ ├── fp4_gadgets.tcc │ │ │ ├── fp6_gadgets.hpp │ │ │ └── fp6_gadgets.tcc │ │ ├── gadget_from_r1cs.hpp │ │ ├── gadget_from_r1cs.tcc │ │ ├── hashes │ │ │ ├── crh_gadget.hpp │ │ │ ├── digest_selector_gadget.hpp │ │ │ ├── digest_selector_gadget.tcc │ │ │ ├── hash_io.hpp │ │ │ ├── hash_io.tcc │ │ │ ├── knapsack │ │ │ │ ├── knapsack_gadget.hpp │ │ │ │ ├── knapsack_gadget.tcc │ │ │ │ └── tests │ │ │ │ │ ├── generate_knapsack_tests.py │ │ │ │ │ └── test_knapsack_gadget.cpp │ │ │ └── sha256 │ │ │ │ ├── sha256_aux.hpp │ │ │ │ ├── sha256_aux.tcc │ │ │ │ ├── sha256_components.hpp │ │ │ │ ├── sha256_components.tcc │ │ │ │ ├── sha256_gadget.hpp │ │ │ │ ├── sha256_gadget.tcc │ │ │ │ └── tests │ │ │ │ ├── generate_sha256_gadget_tests.py │ │ │ │ ├── pypy_sha256.py │ │ │ │ └── test_sha256_gadget.cpp │ │ ├── merkle_tree │ │ │ ├── merkle_authentication_path_variable.hpp │ │ │ ├── merkle_authentication_path_variable.tcc │ │ │ ├── merkle_tree_check_read_gadget.hpp │ │ │ ├── merkle_tree_check_read_gadget.tcc │ │ │ ├── merkle_tree_check_update_gadget.hpp │ │ │ ├── merkle_tree_check_update_gadget.tcc │ │ │ └── tests │ │ │ │ └── test_merkle_tree_gadgets.cpp │ │ ├── pairing │ │ │ ├── mnt_pairing_params.hpp │ │ │ ├── pairing_checks.hpp │ │ │ ├── pairing_checks.tcc │ │ │ ├── pairing_params.hpp │ │ │ ├── weierstrass_final_exponentiation.hpp │ │ │ ├── weierstrass_final_exponentiation.tcc │ │ │ ├── weierstrass_miller_loop.hpp │ │ │ ├── weierstrass_miller_loop.tcc │ │ │ ├── weierstrass_precomputation.hpp │ │ │ └── weierstrass_precomputation.tcc │ │ ├── routing │ │ │ ├── as_waksman_routing_gadget.hpp │ │ │ ├── as_waksman_routing_gadget.tcc │ │ │ ├── benes_routing_gadget.hpp │ │ │ ├── benes_routing_gadget.tcc │ │ │ └── profiling │ │ │ │ └── profile_routing_gadgets.cpp │ │ ├── set_commitment │ │ │ ├── set_commitment_gadget.hpp │ │ │ ├── set_commitment_gadget.tcc │ │ │ ├── set_membership_proof_variable.hpp │ │ │ ├── set_membership_proof_variable.tcc │ │ │ └── tests │ │ │ │ └── test_set_commitment_gadget.cpp │ │ └── verifiers │ │ │ ├── r1cs_ppzksnark_verifier_gadget.hpp │ │ │ ├── r1cs_ppzksnark_verifier_gadget.tcc │ │ │ └── tests │ │ │ └── test_r1cs_ppzksnark_verifier_gadget.cpp │ ├── pb_variable.hpp │ ├── pb_variable.tcc │ ├── protoboard.hpp │ ├── protoboard.tcc │ └── tests │ │ └── gadgetlib1_test.cpp ├── gadgetlib2 │ ├── adapters.cpp │ ├── adapters.hpp │ ├── constraint.cpp │ ├── constraint.hpp │ ├── examples │ │ ├── simple_example.cpp │ │ ├── simple_example.hpp │ │ └── tutorial.cpp │ ├── gadget.cpp │ ├── gadget.hpp │ ├── gadgetMacros.hpp │ ├── infrastructure.cpp │ ├── infrastructure.hpp │ ├── integration.cpp │ ├── integration.hpp │ ├── pp.cpp │ ├── pp.hpp │ ├── protoboard.cpp │ ├── protoboard.hpp │ ├── tests │ │ ├── adapters_UTEST.cpp │ │ ├── constraint_UTEST.cpp │ │ ├── gadget_UTEST.cpp │ │ ├── gadgetlib2_test.cpp │ │ ├── integration_UTEST.cpp │ │ ├── protoboard_UTEST.cpp │ │ └── variable_UTEST.cpp │ ├── variable.cpp │ ├── variable.hpp │ └── variable_operators.hpp ├── knowledge_commitment │ ├── kc_multiexp.hpp │ ├── kc_multiexp.tcc │ ├── knowledge_commitment.hpp │ └── knowledge_commitment.tcc ├── reductions │ ├── bacs_to_r1cs │ │ ├── bacs_to_r1cs.hpp │ │ └── bacs_to_r1cs.tcc │ ├── r1cs_to_qap │ │ ├── r1cs_to_qap.hpp │ │ └── r1cs_to_qap.tcc │ ├── r1cs_to_sap │ │ ├── r1cs_to_sap.hpp │ │ └── r1cs_to_sap.tcc │ ├── ram_to_r1cs │ │ ├── examples │ │ │ └── demo_arithmetization.cpp │ │ ├── gadgets │ │ │ ├── memory_checker_gadget.hpp │ │ │ ├── memory_checker_gadget.tcc │ │ │ ├── ram_universal_gadget.hpp │ │ │ ├── ram_universal_gadget.tcc │ │ │ ├── trace_lines.hpp │ │ │ └── trace_lines.tcc │ │ ├── ram_to_r1cs.hpp │ │ └── ram_to_r1cs.tcc │ ├── tbcs_to_uscs │ │ ├── get_tbcs_reduction.py │ │ ├── tbcs_reduction.txt │ │ ├── tbcs_to_uscs.hpp │ │ └── tbcs_to_uscs.tcc │ └── uscs_to_ssp │ │ ├── uscs_to_ssp.hpp │ │ └── uscs_to_ssp.tcc ├── relations │ ├── arithmetic_programs │ │ ├── qap │ │ │ ├── qap.hpp │ │ │ ├── qap.tcc │ │ │ └── tests │ │ │ │ └── test_qap.cpp │ │ ├── sap │ │ │ ├── sap.hpp │ │ │ ├── sap.tcc │ │ │ └── tests │ │ │ │ └── test_sap.cpp │ │ └── ssp │ │ │ ├── ssp.hpp │ │ │ ├── ssp.tcc │ │ │ └── tests │ │ │ └── test_ssp.cpp │ ├── circuit_satisfaction_problems │ │ ├── bacs │ │ │ ├── bacs.hpp │ │ │ ├── bacs.tcc │ │ │ └── examples │ │ │ │ ├── bacs_examples.hpp │ │ │ │ └── bacs_examples.tcc │ │ └── tbcs │ │ │ ├── examples │ │ │ ├── tbcs_examples.cpp │ │ │ └── tbcs_examples.hpp │ │ │ ├── tbcs.cpp │ │ │ └── tbcs.hpp │ ├── constraint_satisfaction_problems │ │ ├── r1cs │ │ │ ├── examples │ │ │ │ ├── r1cs_examples.hpp │ │ │ │ └── r1cs_examples.tcc │ │ │ ├── r1cs.hpp │ │ │ └── r1cs.tcc │ │ └── uscs │ │ │ ├── examples │ │ │ ├── uscs_examples.hpp │ │ │ └── uscs_examples.tcc │ │ │ ├── uscs.hpp │ │ │ └── uscs.tcc │ ├── ram_computations │ │ ├── memory │ │ │ ├── delegated_ra_memory.hpp │ │ │ ├── delegated_ra_memory.tcc │ │ │ ├── examples │ │ │ │ ├── memory_contents_examples.cpp │ │ │ │ └── memory_contents_examples.hpp │ │ │ ├── memory_interface.hpp │ │ │ ├── memory_store_trace.cpp │ │ │ ├── memory_store_trace.hpp │ │ │ ├── ra_memory.cpp │ │ │ └── ra_memory.hpp │ │ └── rams │ │ │ ├── examples │ │ │ ├── ram_examples.hpp │ │ │ └── ram_examples.tcc │ │ │ ├── fooram │ │ │ ├── fooram_aux.cpp │ │ │ ├── fooram_aux.hpp │ │ │ └── fooram_params.hpp │ │ │ ├── ram_params.hpp │ │ │ └── tinyram │ │ │ ├── tinyram_aux.cpp │ │ │ ├── tinyram_aux.hpp │ │ │ └── tinyram_params.hpp │ ├── variable.hpp │ └── variable.tcc └── zk_proof_systems │ ├── pcd │ └── r1cs_pcd │ │ ├── compliance_predicate │ │ ├── compliance_predicate.hpp │ │ ├── compliance_predicate.tcc │ │ ├── cp_handler.hpp │ │ ├── cp_handler.tcc │ │ └── examples │ │ │ ├── tally_cp.hpp │ │ │ └── tally_cp.tcc │ │ ├── ppzkpcd_compliance_predicate.hpp │ │ ├── r1cs_mp_ppzkpcd │ │ ├── examples │ │ │ ├── run_r1cs_mp_ppzkpcd.hpp │ │ │ └── run_r1cs_mp_ppzkpcd.tcc │ │ ├── mp_pcd_circuits.hpp │ │ ├── mp_pcd_circuits.tcc │ │ ├── profiling │ │ │ └── profile_r1cs_mp_ppzkpcd.cpp │ │ ├── r1cs_mp_ppzkpcd.hpp │ │ ├── r1cs_mp_ppzkpcd.tcc │ │ ├── r1cs_mp_ppzkpcd_params.hpp │ │ └── tests │ │ │ └── test_r1cs_mp_ppzkpcd.cpp │ │ ├── r1cs_pcd_params.hpp │ │ ├── r1cs_pcd_params.tcc │ │ └── r1cs_sp_ppzkpcd │ │ ├── examples │ │ ├── run_r1cs_sp_ppzkpcd.hpp │ │ └── run_r1cs_sp_ppzkpcd.tcc │ │ ├── profiling │ │ └── profile_r1cs_sp_ppzkpcd.cpp │ │ ├── r1cs_sp_ppzkpcd.hpp │ │ ├── r1cs_sp_ppzkpcd.tcc │ │ ├── r1cs_sp_ppzkpcd_params.hpp │ │ ├── sp_pcd_circuits.hpp │ │ ├── sp_pcd_circuits.tcc │ │ └── tests │ │ └── test_r1cs_sp_ppzkpcd.cpp │ ├── ppzkadsnark │ └── r1cs_ppzkadsnark │ │ ├── examples │ │ ├── demo_r1cs_ppzkadsnark.cpp │ │ ├── prf │ │ │ ├── aes_ctr_prf.hpp │ │ │ └── aes_ctr_prf.tcc │ │ ├── run_r1cs_ppzkadsnark.hpp │ │ ├── run_r1cs_ppzkadsnark.tcc │ │ └── signature │ │ │ ├── ed25519_signature.hpp │ │ │ └── ed25519_signature.tcc │ │ ├── r1cs_ppzkadsnark.hpp │ │ ├── r1cs_ppzkadsnark.tcc │ │ ├── r1cs_ppzkadsnark_params.hpp │ │ ├── r1cs_ppzkadsnark_prf.hpp │ │ └── r1cs_ppzkadsnark_signature.hpp │ ├── ppzksnark │ ├── README.md │ ├── bacs_ppzksnark │ │ ├── bacs_ppzksnark.hpp │ │ ├── bacs_ppzksnark.tcc │ │ ├── bacs_ppzksnark_params.hpp │ │ ├── examples │ │ │ ├── run_bacs_ppzksnark.hpp │ │ │ └── run_bacs_ppzksnark.tcc │ │ ├── profiling │ │ │ └── profile_bacs_ppzksnark.cpp │ │ └── tests │ │ │ └── test_bacs_ppzksnark.cpp │ ├── r1cs_gg_ppzksnark │ │ ├── examples │ │ │ ├── run_r1cs_gg_ppzksnark.hpp │ │ │ └── run_r1cs_gg_ppzksnark.tcc │ │ ├── profiling │ │ │ └── profile_r1cs_gg_ppzksnark.cpp │ │ ├── r1cs_gg_ppzksnark.hpp │ │ ├── r1cs_gg_ppzksnark.tcc │ │ ├── r1cs_gg_ppzksnark_params.hpp │ │ └── tests │ │ │ └── test_r1cs_gg_ppzksnark.cpp │ ├── r1cs_ppzksnark │ │ ├── examples │ │ │ ├── run_r1cs_ppzksnark.hpp │ │ │ └── run_r1cs_ppzksnark.tcc │ │ ├── profiling │ │ │ └── profile_r1cs_ppzksnark.cpp │ │ ├── r1cs_ppzksnark.hpp │ │ ├── r1cs_ppzksnark.tcc │ │ ├── r1cs_ppzksnark_params.hpp │ │ └── tests │ │ │ └── test_r1cs_ppzksnark.cpp │ ├── r1cs_se_ppzksnark │ │ ├── examples │ │ │ ├── run_r1cs_se_ppzksnark.hpp │ │ │ └── run_r1cs_se_ppzksnark.tcc │ │ ├── profiling │ │ │ └── profile_r1cs_se_ppzksnark.cpp │ │ ├── r1cs_se_ppzksnark.hpp │ │ ├── r1cs_se_ppzksnark.tcc │ │ ├── r1cs_se_ppzksnark_params.hpp │ │ └── tests │ │ │ └── test_r1cs_se_ppzksnark.cpp │ ├── ram_ppzksnark │ │ ├── examples │ │ │ ├── demo_ram_ppzksnark.cpp │ │ │ ├── demo_ram_ppzksnark_generator.cpp │ │ │ ├── demo_ram_ppzksnark_prover.cpp │ │ │ ├── demo_ram_ppzksnark_verifier.cpp │ │ │ ├── run_ram_ppzksnark.hpp │ │ │ └── run_ram_ppzksnark.tcc │ │ ├── profiling │ │ │ └── profile_ram_ppzksnark.cpp │ │ ├── ram_ppzksnark.hpp │ │ ├── ram_ppzksnark.tcc │ │ ├── ram_ppzksnark_params.hpp │ │ └── tests │ │ │ └── test_ram_ppzksnark.cpp │ ├── tbcs_ppzksnark │ │ ├── examples │ │ │ ├── run_tbcs_ppzksnark.hpp │ │ │ └── run_tbcs_ppzksnark.tcc │ │ ├── profiling │ │ │ └── profile_tbcs_ppzksnark.cpp │ │ ├── tbcs_ppzksnark.hpp │ │ ├── tbcs_ppzksnark.tcc │ │ ├── tbcs_ppzksnark_params.hpp │ │ └── tests │ │ │ └── test_tbcs_ppzksnark.cpp │ └── uscs_ppzksnark │ │ ├── examples │ │ ├── run_uscs_ppzksnark.hpp │ │ └── run_uscs_ppzksnark.tcc │ │ ├── profiling │ │ └── profile_uscs_ppzksnark.cpp │ │ ├── tests │ │ └── test_uscs_ppzksnark.cpp │ │ ├── uscs_ppzksnark.hpp │ │ ├── uscs_ppzksnark.tcc │ │ └── uscs_ppzksnark_params.hpp │ └── zksnark │ └── ram_zksnark │ ├── examples │ ├── run_ram_zksnark.hpp │ └── run_ram_zksnark.tcc │ ├── profiling │ └── profile_ram_zksnark.cpp │ ├── ram_compliance_predicate.hpp │ ├── ram_compliance_predicate.tcc │ ├── ram_zksnark.hpp │ ├── ram_zksnark.tcc │ ├── ram_zksnark_params.hpp │ └── tests │ └── test_ram_zksnark.cpp └── tinyram_examples ├── .gitignore ├── README.md ├── answer0 ├── answer0-auxiliary_input.txt ├── answer0-computation_bounds.txt ├── answer0-primary_input.txt └── answer0.s ├── answer1 ├── answer1-auxiliary_input.txt ├── answer1-computation_bounds.txt ├── answer1-primary_input.txt └── answer1.s ├── knapsack-indirect ├── knapsack-indirect-auxiliary_input.txt ├── knapsack-indirect-computation_bounds.txt ├── knapsack-indirect-primary_input.txt └── knapsack-indirect.s ├── knapsack ├── knapsack-auxiliary_input.txt ├── knapsack-computation_bounds.txt ├── knapsack-primary_input.txt └── knapsack.s ├── process_assembly ├── run_demo_arithmetization ├── run_demo_ram_ppzksnark └── run_ram_ppzksnark_gpv /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "depends/gtest"] 2 | path = depends/gtest 3 | url = https://github.com/google/googletest.git 4 | [submodule "depends/ate-pairing"] 5 | path = depends/ate-pairing 6 | url = https://github.com/herumi/ate-pairing.git 7 | [submodule "depends/xbyak"] 8 | path = depends/xbyak 9 | url = https://github.com/herumi/xbyak.git 10 | [submodule "depends/libsnark-supercop"] 11 | path = depends/libsnark-supercop 12 | url = https://github.com/mbbarbosa/libsnark-supercop.git 13 | [submodule "depends/libff"] 14 | path = depends/libff 15 | url = https://github.com/scipr-lab/libff.git 16 | [submodule "depends/libfqfft"] 17 | path = depends/libfqfft 18 | url = https://github.com/scipr-lab/libfqfft.git 19 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: cpp 2 | sudo: required 3 | dist: trusty 4 | compiler: 5 | - gcc 6 | os: 7 | - linux 8 | 9 | addons: 10 | apt: 11 | sources: 12 | - ubuntu-toolchain-r-test 13 | packages: 14 | - gcc-5 15 | - g++-5 16 | 17 | before_install: 18 | - sudo apt-get install build-essential cmake git libboost-all-dev cmake libgmp3-dev libssl-dev libprocps3-dev pkg-config gnuplot-x11 python-markdown 19 | 20 | before_script: 21 | - git submodule init && git submodule update 22 | - mkdir build 23 | - cd build 24 | - cmake .. 25 | 26 | script: 27 | - make 28 | # TODO (howardwu): Resolve runtime on targets: 29 | # gadgetlib1_fooram_test, zk_proof_systems_r1cs_mp_ppzkpcd_test, zk_proof_systems_r1cs_sp_ppzkpcd_test, zk_proof_systems_ram_zksnark_test 30 | - make check 31 | 32 | notifications: 33 | email: false 34 | -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | SCIPR Lab: 2 | Eli Ben-Sasson 3 | Alessandro Chiesa 4 | Daniel Genkin 5 | Shaul Kfir 6 | Eran Tromer 7 | Madars Virza 8 | Howard Wu 9 | 10 | External contributors: 11 | Michael Backes 12 | Manuel Barbosa 13 | Alexander Chernyakhovsky (Google Inc.) 14 | Dario Fiore 15 | Jens Groth 16 | Joshua A. Kroll 17 | Shigeo MITSUNARI 18 | Aleksejs Popovs 19 | Raphael Reischuk 20 | Tadanori TERUYA 21 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:16.04 2 | 3 | WORKDIR /root 4 | 5 | RUN apt-get update && \ 6 | apt-get install -y \ 7 | wget unzip curl \ 8 | build-essential cmake git libgmp3-dev libprocps4-dev python-markdown libboost-all-dev libssl-dev pkg-config 9 | 10 | RUN git clone https://github.com/scipr-lab/libsnark/ \ 11 | && cd libsnark \ 12 | && git submodule init && git submodule update \ 13 | && mkdir build && cd build && cmake .. \ 14 | && make \ 15 | && DESTDIR=/usr/local make install \ 16 | NO_PROCPS=1 NO_GTEST=1 NO_DOCS=1 CURVE=ALT_BN128 FEATUREFLAGS="-DBINARY_OUTPUT=1 -DMONTGOMERY_OUTPUT=1 -DNO_PT_COMPRESSION=1" 17 | 18 | ENV LD_LIBRARY_PATH $LD_LIBRARY_PATH:/usr/local/lib 19 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The libsnark library is developed by SCIPR Lab (http://scipr-lab.org) 2 | and contributors. 3 | 4 | Copyright (c) 2012-2014 SCIPR Lab and contributors (see AUTHORS file). 5 | 6 | All files, with the exceptions below, are released under the MIT License: 7 | 8 | Permission is hereby granted, free of charge, to any person obtaining a copy 9 | of this software and associated documentation files (the "Software"), to deal 10 | in the Software without restriction, including without limitation the rights 11 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 12 | copies of the Software, and to permit persons to whom the Software is 13 | furnished to do so, subject to the following conditions: 14 | 15 | The above copyright notice and this permission notice shall be included in 16 | all copies or substantial portions of the Software. 17 | 18 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 19 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 20 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 21 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 22 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 23 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 24 | THE SOFTWARE. 25 | -------------------------------------------------------------------------------- /depends/CMakeLists.txt: -------------------------------------------------------------------------------- 1 | add_subdirectory(gtest EXCLUDE_FROM_ALL) 2 | 3 | if(${CURVE} STREQUAL "BN128") 4 | include_directories(ate-pairing/include) 5 | include_directories(xbyak) 6 | add_library( 7 | zm 8 | STATIC 9 | 10 | ate-pairing/src/zm.cpp 11 | ate-pairing/src/zm2.cpp 12 | ) 13 | endif() 14 | 15 | if("${WITH_SUPERCOP}") 16 | include_directories(libsnark-supercop/include) 17 | 18 | enable_language(ASM) 19 | 20 | file(GLOB_RECURSE SUPERCOP_SRCS libsnark-supercop/*.c libsnark-supercop/*.s) 21 | 22 | add_library( 23 | snark_supercop 24 | STATIC 25 | 26 | ${SUPERCOP_SRCS} 27 | ) 28 | 29 | target_link_libraries( 30 | snark_supercop 31 | 32 | ${CRYPTO_LIBRARIES} 33 | ) 34 | endif() 35 | 36 | if(NOT "${USE_LINKED_LIBRARIES}") 37 | OPTION(IS_LIBFF_PARENT OFF) 38 | add_subdirectory(libff) 39 | 40 | OPTION(IS_LIBFQFFT_PARENT OFF) 41 | add_subdirectory(libfqfft) 42 | endif() -------------------------------------------------------------------------------- /libsnark/common/data_structures/integer_permutation.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a permutation of the integers in {min_element,...,max_element}. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef INTEGER_PERMUTATION_HPP_ 13 | #define INTEGER_PERMUTATION_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | class integer_permutation { 21 | private: 22 | std::vector contents; /* offset by min_element */ 23 | 24 | public: 25 | size_t min_element; 26 | size_t max_element; 27 | 28 | integer_permutation(const size_t size = 0); 29 | integer_permutation(const size_t min_element, const size_t max_element); 30 | 31 | integer_permutation& operator=(const integer_permutation &other) = default; 32 | 33 | size_t size() const; 34 | bool operator==(const integer_permutation &other) const; 35 | 36 | void set(const size_t position, const size_t value); 37 | size_t get(const size_t position) const; 38 | 39 | bool is_valid() const; 40 | integer_permutation inverse() const; 41 | integer_permutation slice(const size_t slice_min_element, const size_t slice_max_element) const; 42 | 43 | /* Similarly to std::next_permutation this transforms the current 44 | integer permutation into the next lexicographically ordered 45 | permutation; returns false if the last permutation was reached and 46 | this is now the identity permutation on [min_element .. max_element] */ 47 | bool next_permutation(); 48 | 49 | void random_shuffle(); 50 | }; 51 | 52 | } // libsnark 53 | 54 | #endif // INTEGER_PERMUTATION_HPP_ 55 | -------------------------------------------------------------------------------- /libsnark/common/data_structures/merkle_tree.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a Merkle tree. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MERKLE_TREE_HPP_ 13 | #define MERKLE_TREE_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | /** 23 | * A Merkle tree is maintained as two maps: 24 | * - a map from addresses to values, and 25 | * - a map from addresses to hashes. 26 | * 27 | * The second map maintains the intermediate hashes of a Merkle tree 28 | * built atop the values currently stored in the tree (the 29 | * implementation admits a very efficient support for sparse 30 | * trees). Besides offering methods to load and store values, the 31 | * class offers methods to retrieve the root of the Merkle tree and to 32 | * obtain the authentication paths for (the value at) a given address. 33 | */ 34 | 35 | typedef libff::bit_vector merkle_authentication_node; 36 | typedef std::vector merkle_authentication_path; 37 | 38 | template 39 | class merkle_tree { 40 | private: 41 | 42 | typedef typename HashT::hash_value_type hash_value_type; 43 | typedef typename HashT::merkle_authentication_path_type merkle_authentication_path_type; 44 | 45 | public: 46 | 47 | std::vector hash_defaults; 48 | std::map values; 49 | std::map hashes; 50 | 51 | size_t depth; 52 | size_t value_size; 53 | size_t digest_size; 54 | 55 | merkle_tree(const size_t depth, const size_t value_size); 56 | merkle_tree(const size_t depth, const size_t value_size, const std::vector &contents_as_vector); 57 | merkle_tree(const size_t depth, const size_t value_size, const std::map &contents); 58 | 59 | libff::bit_vector get_value(const size_t address) const; 60 | void set_value(const size_t address, const libff::bit_vector &value); 61 | 62 | hash_value_type get_root() const; 63 | merkle_authentication_path_type get_path(const size_t address) const; 64 | 65 | void dump() const; 66 | }; 67 | 68 | } // libsnark 69 | 70 | #include 71 | 72 | #endif // MERKLE_TREE_HPP_ 73 | -------------------------------------------------------------------------------- /libsnark/common/data_structures/set_commitment.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include 9 | 10 | #include 11 | 12 | namespace libsnark { 13 | 14 | bool set_membership_proof::operator==(const set_membership_proof &other) const 15 | { 16 | return (this->address == other.address && 17 | this->merkle_path == other.merkle_path); 18 | } 19 | 20 | size_t set_membership_proof::size_in_bits() const 21 | { 22 | if (merkle_path.empty()) 23 | { 24 | return (8 * sizeof(address)); 25 | } 26 | else 27 | { 28 | return (8 * sizeof(address) + merkle_path[0].size() * merkle_path.size()); 29 | } 30 | } 31 | 32 | std::ostream& operator<<(std::ostream &out, const set_membership_proof &proof) 33 | { 34 | out << proof.address << "\n"; 35 | out << proof.merkle_path.size() << "\n"; 36 | for (size_t i = 0; i < proof.merkle_path.size(); ++i) 37 | { 38 | libff::output_bool_vector(out, proof.merkle_path[i]); 39 | } 40 | 41 | return out; 42 | } 43 | 44 | std::istream& operator>>(std::istream &in, set_membership_proof &proof) 45 | { 46 | in >> proof.address; 47 | libff::consume_newline(in); 48 | size_t tree_depth; 49 | in >> tree_depth; 50 | libff::consume_newline(in); 51 | proof.merkle_path.resize(tree_depth); 52 | 53 | for (size_t i = 0; i < tree_depth; ++i) 54 | { 55 | libff::input_bool_vector(in, proof.merkle_path[i]); 56 | } 57 | 58 | return in; 59 | } 60 | 61 | } // libsnark 62 | -------------------------------------------------------------------------------- /libsnark/common/data_structures/set_commitment.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a Merkle tree based set commitment scheme. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef SET_COMMITMENT_HPP_ 13 | #define SET_COMMITMENT_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | #include // TODO: the current structure is suboptimal 19 | 20 | namespace libsnark { 21 | 22 | typedef libff::bit_vector set_commitment; 23 | 24 | struct set_membership_proof { 25 | size_t address; 26 | merkle_authentication_path merkle_path; 27 | 28 | bool operator==(const set_membership_proof &other) const; 29 | size_t size_in_bits() const; 30 | friend std::ostream& operator<<(std::ostream &out, const set_membership_proof &other); 31 | friend std::istream& operator>>(std::istream &in, set_membership_proof &other); 32 | }; 33 | 34 | template 35 | class set_commitment_accumulator { 36 | private: 37 | std::shared_ptr > tree; 38 | std::map hash_to_pos; 39 | public: 40 | 41 | size_t depth; 42 | size_t digest_size; 43 | size_t value_size; 44 | 45 | set_commitment_accumulator(const size_t max_entries, const size_t value_size=0); 46 | 47 | void add(const libff::bit_vector &value); 48 | bool is_in_set(const libff::bit_vector &value) const; 49 | set_commitment get_commitment() const; 50 | 51 | set_membership_proof get_membership_proof(const libff::bit_vector &value) const; 52 | }; 53 | 54 | } // libsnark 55 | 56 | /* note that set_commitment has both .cpp, for implementation of 57 | non-templatized code (methods of set_membership_proof) and .tcc 58 | (implementation of set_commitment_accumulator */ 59 | #include 60 | 61 | #endif // SET_COMMITMENT_HPP_ 62 | -------------------------------------------------------------------------------- /libsnark/common/data_structures/set_commitment.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of a Merkle tree based set commitment scheme. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef SET_COMMITMENT_TCC_ 13 | #define SET_COMMITMENT_TCC_ 14 | 15 | namespace libsnark { 16 | 17 | template 18 | set_commitment_accumulator::set_commitment_accumulator(const size_t max_entries, const size_t value_size) : 19 | value_size(value_size) 20 | { 21 | depth = libff::log2(max_entries); 22 | digest_size = HashT::get_digest_len(); 23 | 24 | tree.reset(new merkle_tree(depth, digest_size)); 25 | } 26 | 27 | template 28 | void set_commitment_accumulator::add(const libff::bit_vector &value) 29 | { 30 | assert(value_size == 0 || value.size() == value_size); 31 | const libff::bit_vector hash = HashT::get_hash(value); 32 | if (hash_to_pos.find(hash) == hash_to_pos.end()) 33 | { 34 | const size_t pos = hash_to_pos.size(); 35 | tree->set_value(pos, hash); 36 | hash_to_pos[hash] = pos; 37 | } 38 | } 39 | 40 | template 41 | bool set_commitment_accumulator::is_in_set(const libff::bit_vector &value) const 42 | { 43 | assert(value_size == 0 || value.size() == value_size); 44 | const libff::bit_vector hash = HashT::get_hash(value); 45 | return (hash_to_pos.find(hash) != hash_to_pos.end()); 46 | } 47 | 48 | template 49 | set_commitment set_commitment_accumulator::get_commitment() const 50 | { 51 | return tree->get_root(); 52 | } 53 | 54 | template 55 | set_membership_proof set_commitment_accumulator::get_membership_proof(const libff::bit_vector &value) const 56 | { 57 | const libff::bit_vector hash = HashT::get_hash(value); 58 | auto it = hash_to_pos.find(hash); 59 | assert(it != hash_to_pos.end()); 60 | 61 | set_membership_proof proof; 62 | proof.address = it->second; 63 | proof.merkle_path = tree->get_path(it->second); 64 | 65 | return proof; 66 | } 67 | 68 | } // libsnark 69 | 70 | #endif // SET_COMMITMENT_TCC_ 71 | -------------------------------------------------------------------------------- /libsnark/common/default_types/bacs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | 2 | /** @file 3 | ***************************************************************************** 4 | 5 | This file defines default_bacs_ppzksnark_pp based on the elliptic curve 6 | choice selected in ec_pp.hpp. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef BACS_PPZKSNARK_PP_HPP_ 15 | #define BACS_PPZKSNARK_PP_HPP_ 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | typedef libff::default_ec_pp default_bacs_ppzksnark_pp; 21 | } // libsnark 22 | 23 | #endif // BACS_PPZKSNARK_PP_HPP_ 24 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_gg_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_gg_ppzksnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_GG_PPZKSNARK_PP_HPP_ 14 | #define R1CS_GG_PPZKSNARK_PP_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | typedef libff::default_ec_pp default_r1cs_gg_ppzksnark_pp; 20 | } // libsnark 21 | 22 | #endif // R1CS_GG_PPZKSNARK_PP_HPP_ 23 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_ppzkadsnark_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default ADSNARK params. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include 13 | 14 | namespace libsnark { 15 | 16 | void default_r1cs_ppzkadsnark_pp::init_public_params() 17 | { 18 | snark_pp::init_public_params(); 19 | } 20 | 21 | } // libsnark 22 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_ppzkadsnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_ppzkadsnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_PPZKADSNARK_PP_HPP_ 14 | #define R1CS_PPZKADSNARK_PP_HPP_ 15 | 16 | #include 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | class default_r1cs_ppzkadsnark_pp { 23 | public: 24 | typedef default_r1cs_ppzksnark_pp snark_pp; 25 | typedef ed25519_skT skT; 26 | typedef ed25519_vkT vkT; 27 | typedef ed25519_sigT sigT; 28 | typedef aesPrfKeyT prfKeyT; 29 | 30 | static void init_public_params(); 31 | }; 32 | 33 | }; // libsnark 34 | 35 | #endif // R1CS_PPZKADSNARK_PP_HPP_ 36 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_ppzkpcd_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default PCD cycle. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include 13 | 14 | namespace libsnark { 15 | 16 | void default_r1cs_ppzkpcd_pp::init_public_params() 17 | { 18 | curve_A_pp::init_public_params(); 19 | curve_B_pp::init_public_params(); 20 | } 21 | 22 | } // libsnark 23 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_ppzkpcd_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default PCD cycle. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_PPZKPCD_PP_HPP_ 13 | #define R1CS_PPZKPCD_PP_HPP_ 14 | 15 | /*********************** Define default PCD cycle ***************************/ 16 | 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | class default_r1cs_ppzkpcd_pp { 23 | public: 24 | typedef libff::mnt4_pp curve_A_pp; 25 | typedef libff::mnt6_pp curve_B_pp; 26 | 27 | typedef libff::Fr scalar_field_A; 28 | typedef libff::Fr scalar_field_B; 29 | 30 | static void init_public_params(); 31 | }; 32 | 33 | } // libsnark 34 | 35 | #endif // R1CS_PPZKPCD_PP_HPP_ 36 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_ppzksnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_PPZKSNARK_PP_HPP_ 14 | #define R1CS_PPZKSNARK_PP_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | typedef libff::default_ec_pp default_r1cs_ppzksnark_pp; 20 | } // libsnark 21 | 22 | #endif // R1CS_PPZKSNARK_PP_HPP_ 23 | -------------------------------------------------------------------------------- /libsnark/common/default_types/r1cs_se_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines default_r1cs_se_ppzksnark_pp based on the elliptic curve 5 | choice selected in ec_pp.hpp. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef R1CS_SE_PPZKSNARK_PP_HPP_ 14 | #define R1CS_SE_PPZKSNARK_PP_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | typedef libff::default_ec_pp default_r1cs_se_ppzksnark_pp; 20 | } // libsnark 21 | 22 | #endif // R1CS_SE_PPZKSNARK_PP_HPP_ 23 | -------------------------------------------------------------------------------- /libsnark/common/default_types/ram_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default architecture and curve choices for RAM 5 | ppzk-SNARK. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RAM_PPZKSNARK_PP_HPP_ 14 | #define RAM_PPZKSNARK_PP_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | typedef default_tinyram_ppzksnark_pp default_ram_ppzksnark_pp; 21 | 22 | } // libsnark 23 | 24 | #endif // RAM_PPZKSNARK_PP_HPP_ 25 | -------------------------------------------------------------------------------- /libsnark/common/default_types/ram_zksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default architecture and curve choices for RAM 5 | zk-SNARK. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RAM_ZKSNARK_PP_HPP_ 14 | #define RAM_ZKSNARK_PP_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | typedef default_tinyram_zksnark_pp default_ram_zksnark_pp; 21 | 22 | } // libsnark 23 | 24 | #endif // RAM_ZKSNARK_PP_HPP_ 25 | -------------------------------------------------------------------------------- /libsnark/common/default_types/tbcs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | 2 | /** @file 3 | ***************************************************************************** 4 | 5 | This file defines default_tbcs_ppzksnark_pp based on the elliptic curve 6 | choice selected in ec_pp.hpp. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef TBCS_PPZKSNARK_PP_HPP_ 15 | #define TBCS_PPZKSNARK_PP_HPP_ 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | typedef libff::default_ec_pp default_tbcs_ppzksnark_pp; 21 | } // libsnark 22 | 23 | #endif // TBCS_PPZKSNARK_PP_HPP_ 24 | -------------------------------------------------------------------------------- /libsnark/common/default_types/tinyram_ppzksnark_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file provides the initialization methods for the default TinyRAM ppzk-SNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include 13 | 14 | namespace libsnark { 15 | 16 | void default_tinyram_ppzksnark_pp::init_public_params() 17 | { 18 | snark_pp::init_public_params(); 19 | } 20 | 21 | } // libsnark 22 | -------------------------------------------------------------------------------- /libsnark/common/default_types/tinyram_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default architecture and curve choices for RAM 5 | ppzk-SNARK. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef TINYRAM_PPZKSNARK_PP_HPP_ 14 | #define TINYRAM_PPZKSNARK_PP_HPP_ 15 | 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | class default_tinyram_ppzksnark_pp { 22 | public: 23 | typedef default_r1cs_ppzksnark_pp snark_pp; 24 | typedef libff::Fr FieldT; 25 | typedef ram_tinyram machine_pp; 26 | 27 | static void init_public_params(); 28 | }; 29 | 30 | } // libsnark 31 | 32 | #endif // TINYRAM_PPZKSNARK_PP_HPP_ 33 | -------------------------------------------------------------------------------- /libsnark/common/default_types/tinyram_zksnark_pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | This file provides the initialization methods for the default TinyRAM zk-SNARK. 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | 12 | namespace libsnark { 13 | 14 | void default_tinyram_zksnark_pp::init_public_params() 15 | { 16 | PCD_pp::init_public_params(); 17 | } 18 | 19 | } // libsnark -------------------------------------------------------------------------------- /libsnark/common/default_types/tinyram_zksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | This file defines the default choices of TinyRAM zk-SNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TINYRAM_PPZKSNARK_PP_HPP_ 13 | #define TINYRAM_PPZKSNARK_PP_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | class default_tinyram_zksnark_pp { 21 | public: 22 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 23 | typedef typename PCD_pp::scalar_field_A FieldT; 24 | typedef ram_tinyram machine_pp; 25 | 26 | static void init_public_params(); 27 | }; 28 | 29 | } // libsnark 30 | 31 | #endif // TINYRAM_PPZKSNARK_PP_HPP_ 32 | -------------------------------------------------------------------------------- /libsnark/common/default_types/uscs_ppzksnark_pp.hpp: -------------------------------------------------------------------------------- 1 | 2 | /** @file 3 | ***************************************************************************** 4 | 5 | This file defines default_uscs_ppzksnark_pp based on the elliptic curve 6 | choice selected in ec_pp.hpp. 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef USCS_PPZKSNARK_PP_HPP_ 15 | #define USCS_PPZKSNARK_PP_HPP_ 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | typedef libff::default_ec_pp default_uscs_ppzksnark_pp; 21 | } // libsnark 22 | 23 | #endif // USCS_PPZKSNARK_PP_HPP_ 24 | -------------------------------------------------------------------------------- /libsnark/common/libsnark_serialization.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Temporary import serialization operators from libff in libsnark namespace; 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef LIBSNARK_SERIALIZATION_HPP_ 13 | #define LIBSNARK_SERIALIZATION_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | using libff::consume_newline; 19 | using libff::consume_OUTPUT_NEWLINE; 20 | using libff::consume_OUTPUT_SEPARATOR; 21 | 22 | using libff::output_bool; 23 | using libff::input_bool; 24 | 25 | using libff::input_bool_vector; 26 | using libff::output_bool_vector; 27 | using libff::operator<<; 28 | using libff::operator>>; 29 | } 30 | 31 | #endif // LIBSNARK_SERIALIZATION_HPP_ 32 | -------------------------------------------------------------------------------- /libsnark/common/routing_algorithms/profiling/profile_routing_algorithms.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Functions to profile the algorithms that route on Benes and AS-Waksman networks. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include 13 | 14 | #include 15 | 16 | #include 17 | #include 18 | 19 | using namespace libsnark; 20 | 21 | void profile_benes_algorithm(const size_t n) 22 | { 23 | printf("* Size: %zu\n", n); 24 | 25 | assert(n == 1ul< 13 | 14 | #include 15 | 16 | #include 17 | #include 18 | 19 | using namespace libsnark; 20 | 21 | /** 22 | * Test Benes network routing for all permutations on 2^libff::log2(N) elements. 23 | */ 24 | void test_benes(const size_t N) 25 | { 26 | integer_permutation permutation(1ul << libff::log2(N)); 27 | 28 | do { 29 | const benes_routing routing = get_benes_routing(permutation); 30 | assert(valid_benes_routing(permutation, routing)); 31 | } while (permutation.next_permutation()); 32 | } 33 | 34 | /** 35 | * Test AS-Waksman network routing for all permutations on N elements. 36 | */ 37 | void test_as_waksman(const size_t N) 38 | { 39 | integer_permutation permutation(N); 40 | 41 | do { 42 | const as_waksman_routing routing = get_as_waksman_routing(permutation); 43 | assert(valid_as_waksman_routing(permutation, routing)); 44 | } while (permutation.next_permutation()); 45 | } 46 | 47 | int main(void) 48 | { 49 | libff::start_profiling(); 50 | 51 | libff::enter_block("Test routing algorithms"); 52 | 53 | libff::enter_block("Test Benes network routing algorithm"); 54 | size_t bn_size = 8; 55 | libff::print_indent(); printf("* for all permutations on %zu elements\n", bn_size); 56 | test_benes(bn_size); 57 | libff::leave_block("Test Benes network routing algorithm"); 58 | 59 | 60 | libff::enter_block("Test AS-Waksman network routing algorithm"); 61 | size_t asw_max_size = 9; 62 | for (size_t i = 2; i <= asw_max_size; ++i) 63 | { 64 | libff::print_indent(); printf("* for all permutations on %zu elements\n", i); 65 | test_as_waksman(i); 66 | } 67 | libff::leave_block("Test AS-Waksman network routing algorithm"); 68 | 69 | libff::leave_block("Test routing algorithms"); 70 | } 71 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/constraint_profiling.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for profiling constraints. 5 | 6 | See constraint_profiling.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | size_t constraint_profiling_indent = 0; 21 | std::vector constraint_profiling_table; 22 | 23 | size_t PRINT_CONSTRAINT_PROFILING() 24 | { 25 | size_t accounted = 0; 26 | libff::print_indent(); 27 | printf("Constraint profiling:\n"); 28 | for (constraint_profiling_entry &ent : constraint_profiling_table) 29 | { 30 | if (ent.indent == 0) 31 | { 32 | accounted += ent.count; 33 | } 34 | 35 | libff::print_indent(); 36 | for (size_t i = 0; i < ent.indent; ++i) 37 | { 38 | printf(" "); 39 | } 40 | printf("* Number of constraints in [%s]: %zu\n", ent.annotation.c_str(), ent.count); 41 | } 42 | 43 | constraint_profiling_table.clear(); 44 | constraint_profiling_indent = 0; 45 | 46 | return accounted; 47 | } 48 | 49 | } 50 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/constraint_profiling.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for profiling constraints. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef CONSTRAINT_PROFILING_HPP_ 13 | #define CONSTRAINT_PROFILING_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | extern size_t constraint_profiling_indent; 23 | 24 | struct constraint_profiling_entry { 25 | size_t indent; 26 | std::string annotation; 27 | size_t count; 28 | }; 29 | 30 | extern std::vector constraint_profiling_table; 31 | 32 | #define PROFILE_CONSTRAINTS(pb, annotation) \ 33 | for (size_t _num_constraints_before = pb.num_constraints(), _iter = (++constraint_profiling_indent, 0), _cp_pos = constraint_profiling_table.size(); \ 34 | _iter == 0; \ 35 | constraint_profiling_table.insert(constraint_profiling_table.begin() + _cp_pos, constraint_profiling_entry{--constraint_profiling_indent, annotation, pb.num_constraints() - _num_constraints_before}), \ 36 | _iter = 1) 37 | 38 | size_t PRINT_CONSTRAINT_PROFILING(); // returns # of top level constraints 39 | 40 | } // libsnark 41 | 42 | #endif // CONSTRAINT_PROFILING_HPP_ 43 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/examples/simple_example.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SIMPLE_EXAMPLE_HPP_ 9 | #define SIMPLE_EXAMPLE_HPP_ 10 | 11 | #include 12 | 13 | namespace libsnark { 14 | 15 | template 16 | r1cs_example gen_r1cs_example_from_protoboard(const size_t num_constraints, 17 | const size_t num_inputs); 18 | 19 | } // libsnark 20 | 21 | #include 22 | 23 | #endif // SIMPLE_EXAMPLE_HPP_ 24 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/examples/simple_example.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SIMPLE_EXAMPLE_TCC_ 9 | #define SIMPLE_EXAMPLE_TCC_ 10 | 11 | #include 12 | 13 | namespace libsnark { 14 | 15 | /* NOTE: all examples here actually generate one constraint less to account for soundness constraint in QAP */ 16 | 17 | template 18 | r1cs_example gen_r1cs_example_from_protoboard(const size_t num_constraints) 19 | { 20 | const size_t new_num_constraints = num_constraints - 1; 21 | 22 | /* construct dummy example: inner products of two vectors */ 23 | protoboard pb; 24 | pb_variable_array A; 25 | pb_variable_array B; 26 | pb_variable res; 27 | 28 | // the variables on the protoboard are (ONE (constant 1 term), res, A[0], ..., A[num_constraints-1], B[0], ..., B[num_constraints-1]) 29 | res.allocate(pb, "res"); 30 | A.allocate(pb, new_num_constraints, "A"); 31 | B.allocate(pb, new_num_constraints, "B"); 32 | 33 | inner_product_gadget compute_inner_product(pb, A, B, res, "compute_inner_product"); 34 | compute_inner_product.generate_r1cs_constraints(); 35 | 36 | /* fill in random example */ 37 | for (size_t i = 0; i < new_num_constraints; ++i) 38 | { 39 | pb.val(A[i]) = FieldT::random_element(); 40 | pb.val(B[i]) = FieldT::random_element(); 41 | } 42 | 43 | compute_inner_product.generate_r1cs_witness(); 44 | return r1cs_example(pb.get_constraint_system(), pb.primary_input(), pb.auxiliary_input()); 45 | } 46 | 47 | } // libsnark 48 | #endif // R1CS_EXAMPLES_TCC_ 49 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef GADGET_HPP_ 9 | #define GADGET_HPP_ 10 | 11 | #include 12 | 13 | namespace libsnark { 14 | 15 | template 16 | class gadget { 17 | protected: 18 | protoboard &pb; 19 | const std::string annotation_prefix; 20 | public: 21 | gadget(protoboard &pb, const std::string &annotation_prefix=""); 22 | }; 23 | 24 | } // libsnark 25 | #include 26 | 27 | #endif // GADGET_HPP_ 28 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadget.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef GADGET_TCC_ 9 | #define GADGET_TCC_ 10 | 11 | namespace libsnark { 12 | 13 | template 14 | gadget::gadget(protoboard &pb, const std::string &annotation_prefix) : 15 | pb(pb), annotation_prefix(annotation_prefix) 16 | { 17 | #ifdef DEBUG 18 | assert(annotation_prefix != ""); 19 | #endif 20 | } 21 | 22 | } // libsnark 23 | #endif // GADGET_TCC_ 24 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/fooram/components/bar_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for an auxiliarry gadget for the FOORAM CPU. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef BAR_GADGET_HPP_ 13 | #define BAR_GADGET_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * The bar gadget checks linear combination 22 | * Z = aX + bY (mod 2^w) 23 | * for a, b - const, X, Y - vectors of w bits, 24 | * where w is implicitly inferred, Z - a packed variable. 25 | * 26 | * This gadget is used four times in fooram: 27 | * - PC' = PC + 1 28 | * - load_addr = 2 * x + PC' 29 | * - store_addr = x + PC 30 | */ 31 | template 32 | class bar_gadget : public gadget { 33 | public: 34 | pb_linear_combination_array X; 35 | FieldT a; 36 | pb_linear_combination_array Y; 37 | FieldT b; 38 | pb_linear_combination Z_packed; 39 | pb_variable_array Z_bits; 40 | 41 | pb_variable result; 42 | pb_variable_array overflow; 43 | pb_variable_array unpacked_result; 44 | 45 | std::shared_ptr > unpack_result; 46 | std::shared_ptr > pack_Z; 47 | 48 | size_t width; 49 | bar_gadget(protoboard &pb, 50 | const pb_linear_combination_array &X, 51 | const FieldT &a, 52 | const pb_linear_combination_array &Y, 53 | const FieldT &b, 54 | const pb_linear_combination &Z_packed, 55 | const std::string &annotation_prefix); 56 | void generate_r1cs_constraints(); 57 | void generate_r1cs_witness(); 58 | }; 59 | 60 | } // libsnark 61 | 62 | #include 63 | 64 | #endif // BAR_GADGET_HPP_ 65 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/fooram/components/fooram_protoboard.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a protoboard for the FOORAM CPU. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef FOORAM_PROTOBOARD_HPP_ 13 | #define FOORAM_PROTOBOARD_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | template 21 | class fooram_protoboard : public protoboard { 22 | public: 23 | const fooram_architecture_params ap; 24 | 25 | fooram_protoboard(const fooram_architecture_params &ap); 26 | }; 27 | 28 | template 29 | class fooram_gadget : public gadget { 30 | protected: 31 | fooram_protoboard &pb; 32 | public: 33 | fooram_gadget(fooram_protoboard &pb, const std::string &annotation_prefix=""); 34 | }; 35 | 36 | } // libsnark 37 | 38 | #include 39 | 40 | #endif // FOORAM_PROTOBOARD_HPP_ 41 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/fooram/components/fooram_protoboard.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a protoboard for the FOORAM CPU. 5 | 6 | See fooram_protoboard.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef FOORAM_PROTOBOARD_TCC_ 15 | #define FOORAM_PROTOBOARD_TCC_ 16 | 17 | namespace libsnark { 18 | 19 | template 20 | fooram_protoboard::fooram_protoboard(const fooram_architecture_params &ap) : 21 | protoboard(), ap(ap) 22 | { 23 | } 24 | 25 | template 26 | fooram_gadget::fooram_gadget(fooram_protoboard &pb, const std::string &annotation_prefix) : 27 | gadget(pb, annotation_prefix), pb(pb) 28 | { 29 | } 30 | 31 | } // libsnark 32 | 33 | #endif // FOORAM_PROTOBOARD_HPP_ 34 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/tinyram/components/alu_gadget.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for the TinyRAM ALU gadget. 5 | 6 | See alu.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef ALU_GADGET_TCC_ 15 | #define ALU_GADGET_TCC_ 16 | 17 | namespace libsnark { 18 | 19 | template 20 | void ALU_gadget::generate_r1cs_constraints() 21 | { 22 | for (size_t i = 0; i < 1ul<pb.ap.opcode_width(); ++i) 23 | { 24 | if (components[i]) 25 | { 26 | components[i]->generate_r1cs_constraints(); 27 | } 28 | } 29 | } 30 | 31 | template 32 | void ALU_gadget::generate_r1cs_witness() 33 | { 34 | for (size_t i = 0; i < 1ul<pb.ap.opcode_width(); ++i) 35 | { 36 | if (components[i]) 37 | { 38 | components[i]->generate_r1cs_witness(); 39 | } 40 | } 41 | } 42 | 43 | } // libsnark 44 | 45 | #endif // ALU_GADGET_TCC_ 46 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/tinyram/components/tinyram_protoboard.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a protoboard for TinyRAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TINYRAM_PROTOBOARD_HPP_ 13 | #define TINYRAM_PROTOBOARD_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | template 23 | class tinyram_protoboard : public protoboard { 24 | public: 25 | const tinyram_architecture_params ap; 26 | 27 | tinyram_protoboard(const tinyram_architecture_params &ap); 28 | }; 29 | 30 | template 31 | class tinyram_gadget : public gadget { 32 | protected: 33 | tinyram_protoboard &pb; 34 | public: 35 | tinyram_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix=""); 36 | }; 37 | 38 | // standard gadgets provide two methods: generate_r1cs_constraints and generate_r1cs_witness 39 | template 40 | class tinyram_standard_gadget : public tinyram_gadget { 41 | public: 42 | tinyram_standard_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix=""); 43 | 44 | virtual void generate_r1cs_constraints() = 0; 45 | virtual void generate_r1cs_witness() = 0; 46 | }; 47 | 48 | } // libsnark 49 | 50 | #include 51 | 52 | #endif // TINYRAM_PROTOBOARD_HPP_ 53 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/tinyram/components/tinyram_protoboard.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a protoboard for TinyRAM. 5 | 6 | See tinyram_protoboard.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #ifndef TINYRAM_PROTOBOARD_TCC_ 15 | #define TINYRAM_PROTOBOARD_TCC_ 16 | 17 | namespace libsnark { 18 | 19 | template 20 | tinyram_protoboard::tinyram_protoboard(const tinyram_architecture_params &ap) : 21 | ap(ap) 22 | { 23 | } 24 | 25 | template 26 | tinyram_gadget::tinyram_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix) : 27 | gadget(pb, annotation_prefix), pb(pb) 28 | { 29 | } 30 | 31 | template 32 | tinyram_standard_gadget::tinyram_standard_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix) : 33 | tinyram_gadget(pb, annotation_prefix) 34 | { 35 | } 36 | 37 | } // libsnark 38 | 39 | #endif // TINYRAM_PROTOBOARD_TCC_ 40 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/cpu_checkers/tinyram/components/word_variable_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for (single and double) word gadgets. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef WORD_VARIABLE_GADGET_HPP_ 13 | #define WORD_VARIABLE_GADGET_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Holds both binary and field representaton of a word. 21 | */ 22 | template 23 | class word_variable_gadget : public dual_variable_gadget { 24 | public: 25 | word_variable_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix="") : 26 | dual_variable_gadget(pb, pb.ap.w, annotation_prefix) {} 27 | word_variable_gadget(tinyram_protoboard &pb, const pb_variable_array &bits, const std::string &annotation_prefix="") : 28 | dual_variable_gadget(pb, bits, annotation_prefix) {} 29 | word_variable_gadget(tinyram_protoboard &pb, const pb_variable &packed, const std::string &annotation_prefix="") : 30 | dual_variable_gadget(pb, packed, pb.ap.w, annotation_prefix) {} 31 | }; 32 | 33 | /** 34 | * Holds both binary and field representaton of a double word. 35 | */ 36 | template 37 | class doubleword_variable_gadget : public dual_variable_gadget { 38 | public: 39 | doubleword_variable_gadget(tinyram_protoboard &pb, const std::string &annotation_prefix="") : 40 | dual_variable_gadget(pb, 2*pb.ap.w, annotation_prefix) {} 41 | doubleword_variable_gadget(tinyram_protoboard &pb, const pb_variable_array &bits, const std::string &annotation_prefix="") : 42 | dual_variable_gadget(pb, bits, annotation_prefix) {} 43 | doubleword_variable_gadget(tinyram_protoboard &pb, const pb_variable &packed, const std::string &annotation_prefix="") : 44 | dual_variable_gadget(pb, packed, 2*pb.ap.w, annotation_prefix) {} 45 | }; 46 | 47 | } // libsnark 48 | 49 | #endif // WORD_VARIABLE_GADGET_HPP_ 50 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/delegated_ra_memory/memory_load_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the memory load gadget. 5 | The gadget can be used to verify a memory load from a "delegated memory". 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef MEMORY_LOAD_GADGET_HPP_ 14 | #define MEMORY_LOAD_GADGET_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | template 21 | using memory_load_gadget = merkle_tree_check_read_gadget; 22 | 23 | } // libsnark 24 | 25 | #endif // MEMORY_LOAD_GADGET_HPP_ 26 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/delegated_ra_memory/memory_load_store_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the memory load&store gadget. 5 | 6 | The gadget can be used to verify a memory load, followed by a store to the 7 | same address, from a "delegated memory". 8 | 9 | ***************************************************************************** 10 | * @author This file is part of libsnark, developed by SCIPR Lab 11 | * and contributors (see AUTHORS). 12 | * @copyright MIT license (see LICENSE file) 13 | *****************************************************************************/ 14 | 15 | #ifndef MEMORY_LOAD_STORE_GADGET_HPP_ 16 | #define MEMORY_LOAD_STORE_GADGET_HPP_ 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | template 23 | using memory_load_store_gadget = merkle_tree_check_update_gadget; 24 | 25 | } // libsnark 26 | 27 | #endif // MEMORY_LOAD_STORE_GADGET_HPP_ 28 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/fields/exponentiation_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for the exponentiation gadget. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef EXPONENTIATION_GADGET_HPP_ 13 | #define EXPONENTIATION_GADGET_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | #include 19 | #include 20 | 21 | #include 22 | 23 | namespace libsnark { 24 | 25 | /** 26 | * The exponentiation gadget verifies field exponentiation in the field F_{p^k}. 27 | * 28 | * Note that the power is a constant (i.e., hardcoded into the gadget). 29 | */ 30 | template class Fpk_variableT, template class Fpk_mul_gadgetT, template class Fpk_sqr_gadgetT, mp_size_t m> 31 | class exponentiation_gadget : gadget { 32 | public: 33 | typedef typename FpkT::my_Fp FieldT; 34 | std::vector NAF; 35 | 36 | std::vector > > intermediate; 37 | std::vector > > addition_steps; 38 | std::vector > > subtraction_steps; 39 | std::vector > > doubling_steps; 40 | 41 | Fpk_variableT elt; 42 | libff::bigint power; 43 | Fpk_variableT result; 44 | 45 | size_t intermed_count; 46 | size_t add_count; 47 | size_t sub_count; 48 | size_t dbl_count; 49 | 50 | exponentiation_gadget(protoboard &pb, 51 | const Fpk_variableT &elt, 52 | const libff::bigint &power, 53 | const Fpk_variableT &result, 54 | const std::string &annotation_prefix); 55 | void generate_r1cs_constraints(); 56 | void generate_r1cs_witness(); 57 | }; 58 | 59 | template class Fpk_variableT, template class Fpk_mul_gadgetT, template class Fpk_sqr_gadgetT, mp_size_t m> 60 | void test_exponentiation_gadget(const libff::bigint &power, const std::string &annotation); 61 | 62 | } // libsnark 63 | 64 | #include 65 | 66 | #endif // EXPONENTIATION_GADGET_HPP_ 67 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/gadget_from_r1cs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a gadget that can be created from an R1CS constraint system. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef GADGET_FROM_R1CS_HPP_ 13 | #define GADGET_FROM_R1CS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class gadget_from_r1cs : public gadget { 23 | 24 | private: 25 | const std::vector > vars; 26 | const r1cs_constraint_system cs; 27 | std::map cs_to_vars; 28 | 29 | public: 30 | 31 | gadget_from_r1cs(protoboard &pb, 32 | const std::vector > &vars, 33 | const r1cs_constraint_system &cs, 34 | const std::string &annotation_prefix); 35 | 36 | void generate_r1cs_constraints(); 37 | void generate_r1cs_witness(const r1cs_primary_input &primary_input, 38 | const r1cs_auxiliary_input &auxiliary_input); 39 | }; 40 | 41 | } // libsnark 42 | 43 | #include 44 | 45 | #endif // GADGET_FROM_R1CS_HPP_ 46 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/hashes/crh_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef CRH_GADGET_HPP_ 8 | #define CRH_GADGET_HPP_ 9 | 10 | #include 11 | 12 | namespace libsnark { 13 | 14 | // for now all CRH gadgets are knapsack CRH's; can be easily extended 15 | // later to more expressive selector types. 16 | template 17 | using CRH_with_field_out_gadget = knapsack_CRH_with_field_out_gadget; 18 | 19 | template 20 | using CRH_with_bit_out_gadget = knapsack_CRH_with_bit_out_gadget; 21 | 22 | } // libsnark 23 | 24 | #endif // CRH_GADGET_HPP_ 25 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/hashes/digest_selector_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef DIGEST_SELECTOR_GADGET_HPP_ 8 | #define DIGEST_SELECTOR_GADGET_HPP_ 9 | 10 | #include 11 | 12 | #include 13 | #include 14 | 15 | namespace libsnark { 16 | 17 | template 18 | class digest_selector_gadget : public gadget { 19 | public: 20 | size_t digest_size; 21 | digest_variable input; 22 | pb_linear_combination is_right; 23 | digest_variable left; 24 | digest_variable right; 25 | 26 | digest_selector_gadget(protoboard &pb, 27 | const size_t digest_size, 28 | const digest_variable &input, 29 | const pb_linear_combination &is_right, 30 | const digest_variable &left, 31 | const digest_variable &right, 32 | const std::string &annotation_prefix); 33 | 34 | void generate_r1cs_constraints(); 35 | void generate_r1cs_witness(); 36 | }; 37 | 38 | } // libsnark 39 | 40 | #include 41 | 42 | #endif // DIGEST_SELECTOR_GADGET_HPP_ 43 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/hashes/digest_selector_gadget.tcc: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef DIGEST_SELECTOR_GADGET_TCC_ 8 | #define DIGEST_SELECTOR_GADGET_TCC_ 9 | 10 | namespace libsnark { 11 | 12 | template 13 | digest_selector_gadget::digest_selector_gadget(protoboard &pb, 14 | const size_t digest_size, 15 | const digest_variable &input, 16 | const pb_linear_combination &is_right, 17 | const digest_variable &left, 18 | const digest_variable &right, 19 | const std::string &annotation_prefix) : 20 | gadget(pb, annotation_prefix), digest_size(digest_size), input(input), is_right(is_right), left(left), right(right) 21 | { 22 | } 23 | 24 | template 25 | void digest_selector_gadget::generate_r1cs_constraints() 26 | { 27 | for (size_t i = 0; i < digest_size; ++i) 28 | { 29 | /* 30 | input = is_right * right + (1-is_right) * left 31 | input - left = is_right(right - left) 32 | */ 33 | this->pb.add_r1cs_constraint(r1cs_constraint(is_right, right.bits[i] - left.bits[i], input.bits[i] - left.bits[i]), 34 | FMT(this->annotation_prefix, " propagate_%zu", i)); 35 | } 36 | } 37 | 38 | template 39 | void digest_selector_gadget::generate_r1cs_witness() 40 | { 41 | is_right.evaluate(this->pb); 42 | 43 | assert(this->pb.lc_val(is_right) == FieldT::one() || this->pb.lc_val(is_right) == FieldT::zero()); 44 | if (this->pb.lc_val(is_right) == FieldT::one()) 45 | { 46 | for (size_t i = 0; i < digest_size; ++i) 47 | { 48 | this->pb.val(right.bits[i]) = this->pb.val(input.bits[i]); 49 | } 50 | } 51 | else 52 | { 53 | for (size_t i = 0; i < digest_size; ++i) 54 | { 55 | this->pb.val(left.bits[i]) = this->pb.val(input.bits[i]); 56 | } 57 | } 58 | } 59 | 60 | } // libsnark 61 | 62 | #endif // DIGEST_SELECTOR_GADGET_TCC_ 63 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/hashes/hash_io.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef HASH_IO_HPP_ 8 | #define HASH_IO_HPP_ 9 | #include 10 | #include 11 | 12 | #include 13 | 14 | namespace libsnark { 15 | 16 | template 17 | class digest_variable : public gadget { 18 | public: 19 | size_t digest_size; 20 | pb_variable_array bits; 21 | 22 | digest_variable(protoboard &pb, 23 | const size_t digest_size, 24 | const std::string &annotation_prefix); 25 | 26 | digest_variable(protoboard &pb, 27 | const size_t digest_size, 28 | const pb_variable_array &partial_bits, 29 | const pb_variable &padding, 30 | const std::string &annotation_prefix); 31 | 32 | void generate_r1cs_constraints(); 33 | void generate_r1cs_witness(const libff::bit_vector& contents); 34 | libff::bit_vector get_digest() const; 35 | }; 36 | 37 | template 38 | class block_variable : public gadget { 39 | public: 40 | size_t block_size; 41 | pb_variable_array bits; 42 | 43 | block_variable(protoboard &pb, 44 | const size_t block_size, 45 | const std::string &annotation_prefix); 46 | 47 | block_variable(protoboard &pb, 48 | const std::vector > &parts, 49 | const std::string &annotation_prefix); 50 | 51 | block_variable(protoboard &pb, 52 | const digest_variable &left, 53 | const digest_variable &right, 54 | const std::string &annotation_prefix); 55 | 56 | void generate_r1cs_constraints(); 57 | void generate_r1cs_witness(const libff::bit_vector& contents); 58 | libff::bit_vector get_block() const; 59 | }; 60 | 61 | } // libsnark 62 | #include 63 | 64 | #endif // HASH_IO_HPP_ 65 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/hashes/sha256/tests/generate_sha256_gadget_tests.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | ## 3 | # @author This file is part of libsnark, developed by SCIPR Lab 4 | # and contributors (see AUTHORS). 5 | # @copyright MIT license (see LICENSE file) 6 | 7 | import random 8 | import pypy_sha256 # PyPy's implementation of SHA256 compression function; see copyright and authorship notice within. 9 | 10 | BLOCK_LEN = 512 11 | BLOCK_BYTES = BLOCK_LEN // 8 12 | HASH_LEN = 256 13 | HASH_BYTES = HASH_LEN // 8 14 | 15 | def gen_random_bytes(n): 16 | return [random.randint(0, 255) for i in xrange(n)] 17 | 18 | def words_to_bytes(arr): 19 | return sum(([x >> 24, (x >> 16) & 0xff, (x >> 8) & 0xff, x & 0xff] for x in arr), []) 20 | 21 | def bytes_to_words(arr): 22 | l = len(arr) 23 | assert l % 4 == 0 24 | return [(arr[i*4 + 3] << 24) + (arr[i*4+2] << 16) + (arr[i*4+1] << 8) + arr[i*4] for i in xrange(l//4)] 25 | 26 | def cpp_val(s, log_radix=32): 27 | if log_radix == 8: 28 | hexfmt = '0x%02x' 29 | elif log_radix == 32: 30 | hexfmt = '0x%08x' 31 | s = bytes_to_words(s) 32 | else: 33 | raise 34 | return 'libff::int_list_to_bits({%s}, %d)' % (', '.join(hexfmt % x for x in s), log_radix) 35 | 36 | def H_bytes(x): 37 | assert len(x) == BLOCK_BYTES 38 | state = pypy_sha256.sha_init() 39 | state['data'] = words_to_bytes(bytes_to_words(x)) 40 | pypy_sha256.sha_transform(state) 41 | return words_to_bytes(bytes_to_words(words_to_bytes(state['digest']))) 42 | 43 | def generate_sha256_gadget_tests(): 44 | left = gen_random_bytes(HASH_BYTES) 45 | right = gen_random_bytes(HASH_BYTES) 46 | hash = H_bytes(left + right) 47 | 48 | print "const libff::bit_vector left_bv = %s;" % cpp_val(left) 49 | print "const libff::bit_vector right_bv = %s;" % cpp_val(right) 50 | print "const libff::bit_vector hash_bv = %s;" % cpp_val(hash) 51 | 52 | if __name__ == '__main__': 53 | random.seed(0) # for reproducibility 54 | generate_sha256_gadget_tests() 55 | 56 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include 9 | #include 10 | #include 11 | 12 | #include 13 | 14 | using namespace libsnark; 15 | 16 | template 17 | void test_two_to_one() 18 | { 19 | protoboard pb; 20 | 21 | digest_variable left(pb, SHA256_digest_size, "left"); 22 | digest_variable right(pb, SHA256_digest_size, "right"); 23 | digest_variable output(pb, SHA256_digest_size, "output"); 24 | 25 | sha256_two_to_one_hash_gadget f(pb, left, right, output, "f"); 26 | f.generate_r1cs_constraints(); 27 | printf("Number of constraints for sha256_two_to_one_hash_gadget: %zu\n", pb.num_constraints()); 28 | 29 | const libff::bit_vector left_bv = libff::int_list_to_bits({0x426bc2d8, 0x4dc86782, 0x81e8957a, 0x409ec148, 0xe6cffbe8, 0xafe6ba4f, 0x9c6f1978, 0xdd7af7e9}, 32); 30 | const libff::bit_vector right_bv = libff::int_list_to_bits({0x038cce42, 0xabd366b8, 0x3ede7e00, 0x9130de53, 0x72cdf73d, 0xee825114, 0x8cb48d1b, 0x9af68ad0}, 32); 31 | const libff::bit_vector hash_bv = libff::int_list_to_bits({0xeffd0b7f, 0x1ccba116, 0x2ee816f7, 0x31c62b48, 0x59305141, 0x990e5c0a, 0xce40d33d, 0x0b1167d1}, 32); 32 | 33 | left.generate_r1cs_witness(left_bv); 34 | right.generate_r1cs_witness(right_bv); 35 | 36 | f.generate_r1cs_witness(); 37 | output.generate_r1cs_witness(hash_bv); 38 | 39 | assert(pb.is_satisfied()); 40 | } 41 | 42 | int main(void) 43 | { 44 | libff::start_profiling(); 45 | libff::default_ec_pp::init_public_params(); 46 | test_two_to_one >(); 47 | } 48 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/merkle_tree/merkle_authentication_path_variable.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef MERKLE_AUTHENTICATION_PATH_VARIABLE_HPP_ 9 | #define MERKLE_AUTHENTICATION_PATH_VARIABLE_HPP_ 10 | 11 | #include 12 | #include 13 | #include 14 | 15 | namespace libsnark { 16 | 17 | template 18 | class merkle_authentication_path_variable : public gadget { 19 | public: 20 | 21 | const size_t tree_depth; 22 | std::vector > left_digests; 23 | std::vector > right_digests; 24 | 25 | merkle_authentication_path_variable(protoboard &pb, 26 | const size_t tree_depth, 27 | const std::string &annotation_prefix); 28 | 29 | void generate_r1cs_constraints(); 30 | void generate_r1cs_witness(const size_t address, const merkle_authentication_path &path); 31 | merkle_authentication_path get_authentication_path(const size_t address) const; 32 | }; 33 | 34 | } // libsnark 35 | 36 | #include 37 | 38 | #endif // MERKLE_AUTHENTICATION_PATH_VARIABLE_HPP 39 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/merkle_tree/tests/test_merkle_tree_gadgets.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifdef CURVE_BN128 9 | #include 10 | #endif 11 | #include 12 | #include 13 | #include 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | using namespace libsnark; 20 | 21 | template 22 | void test_all_merkle_tree_gadgets() 23 | { 24 | typedef libff::Fr FieldT; 25 | test_merkle_tree_check_read_gadget >(); 26 | test_merkle_tree_check_read_gadget >(); 27 | 28 | test_merkle_tree_check_update_gadget >(); 29 | test_merkle_tree_check_update_gadget >(); 30 | } 31 | 32 | int main(void) 33 | { 34 | libff::start_profiling(); 35 | 36 | #ifdef CURVE_BN128 // BN128 has fancy dependencies so it may be disabled 37 | libff::bn128_pp::init_public_params(); 38 | test_all_merkle_tree_gadgets(); 39 | #endif 40 | 41 | libff::edwards_pp::init_public_params(); 42 | test_all_merkle_tree_gadgets(); 43 | 44 | libff::mnt4_pp::init_public_params(); 45 | test_all_merkle_tree_gadgets(); 46 | 47 | libff::mnt6_pp::init_public_params(); 48 | test_all_merkle_tree_gadgets(); 49 | } 50 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/set_commitment/set_commitment_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef SET_COMMITMENT_GADGET_HPP_ 8 | #define SET_COMMITMENT_GADGET_HPP_ 9 | 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | namespace libsnark { 17 | 18 | template 19 | using set_commitment_variable = digest_variable; 20 | 21 | template 22 | class set_commitment_gadget : public gadget { 23 | private: 24 | std::shared_ptr > element_block; 25 | std::shared_ptr > element_digest; 26 | std::shared_ptr hash_element; 27 | std::shared_ptr > check_membership; 28 | 29 | public: 30 | size_t tree_depth; 31 | pb_variable_array element_bits; 32 | set_commitment_variable root_digest; 33 | set_membership_proof_variable proof; 34 | pb_linear_combination check_successful; 35 | 36 | set_commitment_gadget(protoboard &pb, 37 | const size_t max_entries, 38 | const pb_variable_array &element_bits, 39 | const set_commitment_variable &root_digest, 40 | const set_membership_proof_variable &proof, 41 | const pb_linear_combination &check_successful, 42 | const std::string &annotation_prefix); 43 | 44 | void generate_r1cs_constraints(); 45 | void generate_r1cs_witness(); 46 | 47 | static size_t root_size_in_bits(); 48 | }; 49 | 50 | template 51 | void test_set_commitment_gadget(); 52 | 53 | } // libsnark 54 | 55 | #include 56 | 57 | #endif // SET_COMMITMENT_GADGET_HPP_ 58 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/set_commitment/set_membership_proof_variable.hpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SET_MEMBERSHIP_PROOF_VARIABLE_HPP_ 9 | #define SET_MEMBERSHIP_PROOF_VARIABLE_HPP_ 10 | 11 | #include 12 | #include 13 | #include 14 | #include 15 | 16 | namespace libsnark { 17 | 18 | template 19 | class set_membership_proof_variable : public gadget { 20 | public: 21 | pb_variable_array address_bits; 22 | std::shared_ptr > merkle_path; 23 | 24 | const size_t max_entries; 25 | const size_t tree_depth; 26 | 27 | set_membership_proof_variable(protoboard &pb, 28 | const size_t max_entries, 29 | const std::string &annotation_prefix); 30 | 31 | void generate_r1cs_constraints(); 32 | void generate_r1cs_witness(const set_membership_proof &proof); 33 | 34 | set_membership_proof get_membership_proof() const; 35 | 36 | static r1cs_variable_assignment as_r1cs_variable_assignment(const set_membership_proof &proof); 37 | }; 38 | 39 | } // libsnark 40 | 41 | #include 42 | 43 | #endif // SET_MEMBERSHIP_PROOF_VARIABLE_HPP 44 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/gadgets/set_commitment/tests/test_set_commitment_gadget.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifdef CURVE_BN128 9 | #include 10 | #endif 11 | #include 12 | #include 13 | #include 14 | 15 | #include 16 | #include 17 | 18 | using namespace libsnark; 19 | 20 | template 21 | void test_all_set_commitment_gadgets() 22 | { 23 | typedef libff::Fr FieldT; 24 | test_set_commitment_gadget >(); 25 | test_set_commitment_gadget >(); 26 | } 27 | 28 | int main(void) 29 | { 30 | libff::start_profiling(); 31 | 32 | #ifdef CURVE_BN128 // BN128 has fancy dependencies so it may be disabled 33 | libff::bn128_pp::init_public_params(); 34 | test_all_set_commitment_gadgets(); 35 | #endif 36 | 37 | libff::edwards_pp::init_public_params(); 38 | test_all_set_commitment_gadgets(); 39 | 40 | libff::mnt4_pp::init_public_params(); 41 | test_all_set_commitment_gadgets(); 42 | 43 | libff::mnt6_pp::init_public_params(); 44 | test_all_set_commitment_gadgets(); 45 | } 46 | -------------------------------------------------------------------------------- /libsnark/gadgetlib1/tests/gadgetlib1_test.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Unit tests for gadgetlib1 - main() for running all tests 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | 12 | #include 13 | #include 14 | 15 | namespace { 16 | 17 | TEST(gadgetLib1,Integration) { 18 | typedef libff::Fr FieldT; 19 | // Create an example constraint system and translate to libsnark format 20 | libff::default_ec_pp::init_public_params(); 21 | const auto example = libsnark::gen_r1cs_example_from_protoboard(100); 22 | const bool test_serialization = false; 23 | // Run ppzksnark. Jump into function for breakdown 24 | const bool bit = libsnark::run_r1cs_ppzksnark(example, test_serialization); 25 | EXPECT_TRUE(bit); 26 | }; 27 | 28 | } 29 | 30 | int main(int argc, char **argv) { 31 | ::testing::InitGoogleTest(&argc, argv); 32 | return RUN_ALL_TESTS(); 33 | } 34 | -------------------------------------------------------------------------------- /libsnark/gadgetlib2/examples/simple_example.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef SIMPLE_EXAMPLE_HPP_ 9 | #define SIMPLE_EXAMPLE_HPP_ 10 | 11 | #include 12 | 13 | #include 14 | 15 | namespace libsnark { 16 | 17 | r1cs_example > gen_r1cs_example_from_gadgetlib2_protoboard(const size_t size); 18 | 19 | } // libsnark 20 | 21 | #endif // SIMPLE_EXAMPLE_HPP_ 22 | -------------------------------------------------------------------------------- /libsnark/gadgetlib2/integration.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #ifndef INTEGRATION_HPP_ 9 | #define INTEGRATION_HPP_ 10 | 11 | #include 12 | 13 | #include 14 | #include 15 | 16 | namespace libsnark { 17 | 18 | r1cs_constraint_system > get_constraint_system_from_gadgetlib2(const gadgetlib2::Protoboard &pb); 19 | r1cs_variable_assignment > get_variable_assignment_from_gadgetlib2(const gadgetlib2::Protoboard &pb); 20 | 21 | } // libsnark 22 | 23 | #endif // INTEGRATION_HPP_ 24 | -------------------------------------------------------------------------------- /libsnark/gadgetlib2/pp.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Implementation of PublicParams for Fp field arithmetic 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | #include 12 | 13 | #include 14 | 15 | namespace gadgetlib2 { 16 | 17 | PublicParams::PublicParams(const std::size_t log_p) : log_p(log_p) {} 18 | 19 | Fp PublicParams::getFp(long x) const { 20 | return Fp(x); 21 | } 22 | 23 | PublicParams::~PublicParams() {} 24 | 25 | PublicParams initPublicParamsFromDefaultPp() { 26 | libff::default_ec_pp::init_public_params(); 27 | const std::size_t log_p = libff::Fr::size_in_bits(); 28 | return PublicParams(log_p); 29 | } 30 | 31 | } // namespace gadgetlib2 32 | -------------------------------------------------------------------------------- /libsnark/gadgetlib2/pp.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Declaration of PublicParams for Fp field arithmetic 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #ifndef LIBSNARK_GADGETLIB2_INCLUDE_GADGETLIB2_PP_HPP_ 11 | #define LIBSNARK_GADGETLIB2_INCLUDE_GADGETLIB2_PP_HPP_ 12 | 13 | #include 14 | #include 15 | 16 | #include 17 | 18 | namespace gadgetlib2 { 19 | 20 | /*************************************************************************************************/ 21 | /*************************************************************************************************/ 22 | /******************* ******************/ 23 | /******************* R1P World ******************/ 24 | /******************* ******************/ 25 | /*************************************************************************************************/ 26 | /*************************************************************************************************/ 27 | 28 | /* curve-specific public parameters */ 29 | typedef libff::Fr Fp; 30 | 31 | typedef std::vector FpVector; 32 | 33 | class PublicParams { 34 | public: 35 | size_t log_p; 36 | PublicParams(const std::size_t log_p); 37 | Fp getFp(long x) const; // to_support changes later 38 | ~PublicParams(); 39 | }; 40 | 41 | PublicParams initPublicParamsFromDefaultPp(); 42 | 43 | } // namespace gadgetlib2 44 | #endif // LIBSNARK_GADGETLIB2_INCLUDE_GADGETLIB2_PP_HPP_ 45 | -------------------------------------------------------------------------------- /libsnark/gadgetlib2/tests/constraint_UTEST.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Unit tests for gadgetlib2 - test rank 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | 12 | #include "depends/gtest/googletest/include/gtest/gtest.h" 13 | 14 | #include 15 | #include 16 | 17 | using ::std::set; 18 | using namespace gadgetlib2; 19 | 20 | namespace { 21 | 22 | TEST(gadgetLib2, Rank1Constraint) { 23 | initPublicParamsFromDefaultPp(); 24 | VariableArray x(10,"x"); 25 | VariableAssignment assignment; 26 | for(int i = 0; i < 10; ++i) { 27 | assignment[x[i]] = Fp(i); 28 | } 29 | LinearCombination a = x[0] + x[1] + 2; // = 0+1+2=3 30 | LinearCombination b = 2*x[2] - 3*x[3] + 4; // = 2*2-3*3+4=-1 31 | LinearCombination c = x[5]; // = 5 32 | Rank1Constraint c1(a,b,c,"c1"); 33 | EXPECT_EQ(c1.a().eval(assignment), a.eval(assignment)); 34 | EXPECT_EQ(c1.b().eval(assignment), b.eval(assignment)); 35 | EXPECT_EQ(c1.c().eval(assignment), c.eval(assignment)); 36 | EXPECT_FALSE(c1.isSatisfied(assignment)); 37 | EXPECT_FALSE(c1.isSatisfied(assignment, PrintOptions::NO_DBG_PRINT)); 38 | assignment[x[5]] = -3; 39 | EXPECT_TRUE(c1.isSatisfied(assignment)); 40 | EXPECT_TRUE(c1.isSatisfied(assignment, PrintOptions::NO_DBG_PRINT)); 41 | const Variable::set varSet = c1.getUsedVariables(); 42 | EXPECT_EQ(varSet.size(), 5u); 43 | EXPECT_TRUE(varSet.find(x[0]) != varSet.end()); 44 | EXPECT_TRUE(varSet.find(x[1]) != varSet.end()); 45 | EXPECT_TRUE(varSet.find(x[2]) != varSet.end()); 46 | EXPECT_TRUE(varSet.find(x[3]) != varSet.end()); 47 | EXPECT_TRUE(varSet.find(x[4]) == varSet.end()); 48 | EXPECT_TRUE(varSet.find(x[5]) != varSet.end()); 49 | } 50 | 51 | 52 | } // namespace 53 | -------------------------------------------------------------------------------- /libsnark/gadgetlib2/tests/gadgetlib2_test.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Unit tests for gadgetlib2 - main() for running all tests 4 | ***************************************************************************** 5 | * @author This file is part of libsnark, developed by SCIPR Lab 6 | * and contributors (see AUTHORS). 7 | * @copyright MIT license (see LICENSE file) 8 | *****************************************************************************/ 9 | 10 | #include 11 | 12 | int main(int argc, char **argv) { 13 | ::testing::InitGoogleTest(&argc, argv); 14 | return RUN_ALL_TESTS(); 15 | } -------------------------------------------------------------------------------- /libsnark/gadgetlib2/tests/integration_UTEST.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | 8 | #include 9 | #include 10 | 11 | #include "depends/gtest/googletest/include/gtest/gtest.h" 12 | 13 | #include 14 | #include 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include 20 | 21 | using namespace gadgetlib2; 22 | 23 | namespace { 24 | 25 | TEST(gadgetLib2,Integration) { 26 | using namespace libsnark; 27 | 28 | initPublicParamsFromDefaultPp(); 29 | const r1cs_example > example = gen_r1cs_example_from_gadgetlib2_protoboard(100); 30 | const bool test_serialization = false; 31 | 32 | const bool bit = run_r1cs_ppzksnark(example, test_serialization); 33 | EXPECT_TRUE(bit); 34 | }; 35 | 36 | } 37 | -------------------------------------------------------------------------------- /libsnark/reductions/bacs_to_r1cs/bacs_to_r1cs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a BACS-to-R1CS reduction, that is, constructing 5 | a R1CS ("Rank-1 Constraint System") from a BACS ("Bilinear Arithmetic Circuit Satisfiability"). 6 | 7 | The reduction is straightforward: each bilinear gate gives rises to a 8 | corresponding R1CS constraint that enforces correct computation of the gate; 9 | also, each output gives rise to a corresponding R1CS constraint that enforces 10 | that the output is zero. 11 | 12 | ***************************************************************************** 13 | * @author This file is part of libsnark, developed by SCIPR Lab 14 | * and contributors (see AUTHORS). 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #ifndef BACS_TO_R1CS_HPP_ 19 | #define BACS_TO_R1CS_HPP_ 20 | 21 | #include 22 | #include 23 | 24 | namespace libsnark { 25 | 26 | /** 27 | * Instance map for the BACS-to-R1CS reduction. 28 | */ 29 | template 30 | r1cs_constraint_system bacs_to_r1cs_instance_map(const bacs_circuit &circuit); 31 | 32 | /** 33 | * Witness map for the BACS-to-R1CS reduction. 34 | */ 35 | template 36 | r1cs_variable_assignment bacs_to_r1cs_witness_map(const bacs_circuit &circuit, 37 | const bacs_primary_input &primary_input, 38 | const bacs_auxiliary_input &auxiliary_input); 39 | 40 | } // libsnark 41 | 42 | #include 43 | 44 | #endif // BACS_TO_R1CS_HPP_ 45 | -------------------------------------------------------------------------------- /libsnark/reductions/ram_to_r1cs/gadgets/memory_checker_gadget.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for memory_checker_gadget, a gadget that verifies the 5 | consistency of two accesses to memory that are adjacent in a "memory sort". 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef MEMORY_CHECKER_GADGET_HPP_ 14 | #define MEMORY_CHECKER_GADGET_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | template 21 | class memory_checker_gadget : public ram_gadget_base { 22 | private: 23 | 24 | typedef ram_base_field FieldT; 25 | 26 | pb_variable timestamps_leq; 27 | pb_variable timestamps_less; 28 | std::shared_ptr > compare_timestamps; 29 | 30 | pb_variable addresses_eq; 31 | pb_variable addresses_leq; 32 | pb_variable addresses_less; 33 | std::shared_ptr > compare_addresses; 34 | 35 | pb_variable loose_contents_after1_equals_contents_before2; 36 | pb_variable loose_contents_before2_equals_zero; 37 | pb_variable loose_timestamp2_is_zero; 38 | 39 | public: 40 | 41 | memory_line_variable_gadget line1; 42 | memory_line_variable_gadget line2; 43 | 44 | memory_checker_gadget(ram_protoboard &pb, 45 | const size_t timestamp_size, 46 | const memory_line_variable_gadget &line1, 47 | const memory_line_variable_gadget &line2, 48 | const std::string& annotation_prefix=""); 49 | 50 | void generate_r1cs_constraints(); 51 | void generate_r1cs_witness(); 52 | }; 53 | 54 | } // libsnark 55 | 56 | #include 57 | 58 | #endif // MEMORY_CHECKER_GADGET_HPP_ 59 | -------------------------------------------------------------------------------- /libsnark/reductions/ram_to_r1cs/ram_to_r1cs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a RAM-to-R1CS reduction, that is, constructing 5 | a R1CS ("Rank-1 Constraint System") from a RAM ("Random-Access Machine"). 6 | 7 | The implementation is a thin layer around a "RAM universal gadget", which is 8 | where most of the work is done. See gadgets/ram_universal_gadget.hpp for details. 9 | 10 | ***************************************************************************** 11 | * @author This file is part of libsnark, developed by SCIPR Lab 12 | * and contributors (see AUTHORS). 13 | * @copyright MIT license (see LICENSE file) 14 | *****************************************************************************/ 15 | 16 | #ifndef RAM_TO_R1CS_HPP_ 17 | #define RAM_TO_R1CS_HPP_ 18 | 19 | #include 20 | 21 | namespace libsnark { 22 | 23 | template 24 | class ram_to_r1cs { 25 | public: 26 | 27 | typedef ram_base_field FieldT; 28 | 29 | size_t boot_trace_size_bound; 30 | 31 | ram_protoboard main_protoboard; 32 | pb_variable_array r1cs_input; 33 | std::shared_ptr > universal_gadget; 34 | 35 | ram_to_r1cs(const ram_architecture_params &ap, 36 | const size_t boot_trace_size_bound, 37 | const size_t time_bound); 38 | void instance_map(); 39 | r1cs_constraint_system get_constraint_system() const; 40 | r1cs_auxiliary_input auxiliary_input_map(const ram_boot_trace &boot_trace, 41 | const ram_input_tape &auxiliary_input); 42 | 43 | /* both methods assume that auxiliary_input_map has been called */ 44 | void print_execution_trace() const; 45 | void print_memory_trace() const; 46 | 47 | static std::vector > pack_primary_input_address_and_value(const ram_architecture_params &ap, 48 | const address_and_value &av); 49 | 50 | static r1cs_primary_input > primary_input_map(const ram_architecture_params &ap, 51 | const size_t boot_trace_size_bound, 52 | const ram_boot_trace& boot_trace); 53 | }; 54 | 55 | } // libsnark 56 | 57 | #include 58 | 59 | #endif // RAM_TO_R1CS_HPP_ 60 | -------------------------------------------------------------------------------- /libsnark/reductions/tbcs_to_uscs/get_tbcs_reduction.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | ## 3 | # @author This file is part of libsnark, developed by SCIPR Lab 4 | # and contributors (see AUTHORS). 5 | # @copyright MIT license (see LICENSE file) 6 | 7 | from __future__ import division 8 | import itertools 9 | 10 | def valid_formula(truth_table, x_coeff, y_coeff, z_coeff, offset): 11 | for x in [0,1]: 12 | for y in [0,1]: 13 | z = truth_table[2*x + y] 14 | # we require that z can be set to the correct value, but can *not* be set to the incorrect one 15 | if ((x*x_coeff + y*y_coeff + z*z_coeff + offset not in [-1, 1]) 16 | or 17 | (x*x_coeff + y*y_coeff + (1-z)*z_coeff + offset in [-1, 1])): 18 | return False 19 | return True 20 | 21 | def all_valid_formulas(truth_table, x_coeff_range, y_coeff_range, z_coeff_range, offset_range): 22 | for x_coeff, y_coeff, z_coeff, offset in itertools.product(x_coeff_range, y_coeff_range, z_coeff_range, offset_range): 23 | if valid_formula(truth_table, x_coeff, y_coeff, z_coeff, offset): 24 | yield x_coeff, y_coeff, z_coeff, offset 25 | 26 | if __name__ == '__main__': 27 | x_coeff_range, y_coeff_range, z_coeff_range, offset_range = range(-2, 3), range(-2, 3), range(1, 5), range(-5, 6) 28 | print "Possible coefficients for x: %s, for y: %s, for z: %s, for offset: %s" % (x_coeff_range, y_coeff_range, z_coeff_range, offset_range) 29 | for truth_table in itertools.product([0, 1], repeat=4): 30 | print "Truth table (00, 01, 10, 11):", truth_table 31 | for x_coeff, y_coeff, z_coeff, offset in all_valid_formulas(truth_table, x_coeff_range, y_coeff_range, z_coeff_range, offset_range): 32 | print " %s * x + %s * y + %s * z + %s \in {-1, 1}" % (x_coeff, y_coeff, z_coeff, offset) 33 | -------------------------------------------------------------------------------- /libsnark/reductions/tbcs_to_uscs/tbcs_reduction.txt: -------------------------------------------------------------------------------- 1 | Possible coefficients for x: [-2, -1, 0, 1, 2], for y: [-2, -1, 0, 1, 2], for z: [1, 2, 3, 4], for offset: [-5, -4, -3, -2, -1, 0, 1, 2, 3, 4, 5] 2 | Truth table (00, 01, 10, 11): (0, 0, 0, 0) 3 | 0 * x + 0 * y + 1 * z + 1 \in {-1, 1} 4 | Truth table (00, 01, 10, 11): (0, 0, 0, 1) 5 | -2 * x + -2 * y + 4 * z + 1 \in {-1, 1} 6 | Truth table (00, 01, 10, 11): (0, 0, 1, 0) 7 | -2 * x + 2 * y + 4 * z + -1 \in {-1, 1} 8 | Truth table (00, 01, 10, 11): (0, 0, 1, 1) 9 | -1 * x + 0 * y + 1 * z + 1 \in {-1, 1} 10 | Truth table (00, 01, 10, 11): (0, 1, 0, 0) 11 | 2 * x + -2 * y + 4 * z + -1 \in {-1, 1} 12 | Truth table (00, 01, 10, 11): (0, 1, 0, 1) 13 | 0 * x + 1 * y + 1 * z + -1 \in {-1, 1} 14 | Truth table (00, 01, 10, 11): (0, 1, 1, 0) 15 | 1 * x + 1 * y + 1 * z + -1 \in {-1, 1} 16 | Truth table (00, 01, 10, 11): (0, 1, 1, 1) 17 | -2 * x + -2 * y + 4 * z + -1 \in {-1, 1} 18 | Truth table (00, 01, 10, 11): (1, 0, 0, 0) 19 | 2 * x + 2 * y + 4 * z + -3 \in {-1, 1} 20 | Truth table (00, 01, 10, 11): (1, 0, 0, 1) 21 | 1 * x + 1 * y + 1 * z + -2 \in {-1, 1} 22 | Truth table (00, 01, 10, 11): (1, 0, 1, 0) 23 | 0 * x + -1 * y + 1 * z + 0 \in {-1, 1} 24 | Truth table (00, 01, 10, 11): (1, 0, 1, 1) 25 | -2 * x + 2 * y + 4 * z + -3 \in {-1, 1} 26 | Truth table (00, 01, 10, 11): (1, 1, 0, 0) 27 | -1 * x + 0 * y + 1 * z + 0 \in {-1, 1} 28 | Truth table (00, 01, 10, 11): (1, 1, 0, 1) 29 | 2 * x + -2 * y + 4 * z + -3 \in {-1, 1} 30 | Truth table (00, 01, 10, 11): (1, 1, 1, 0) 31 | 2 * x + 2 * y + 4 * z + -5 \in {-1, 1} 32 | Truth table (00, 01, 10, 11): (1, 1, 1, 1) 33 | 0 * x + 0 * y + 1 * z + 0 \in {-1, 1} 34 | -------------------------------------------------------------------------------- /libsnark/reductions/tbcs_to_uscs/tbcs_to_uscs.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a TBCS-to-USCS reduction, that is, constructing 5 | a USCS ("Unitary-Square Constraint System") from a TBCS ("Two-input Boolean Circuit Satisfiability"). 6 | 7 | The reduction is straightforward: each non-output wire is mapped to a 8 | corresponding USCS constraint that enforces the wire to carry a boolean value; 9 | each 2-input boolean gate is mapped to a corresponding USCS constraint that 10 | enforces correct computation of the gate; each output wire is mapped to a 11 | corresponding USCS constraint that enforces that the output is zero. 12 | 13 | The mapping of a gate to a USCS constraint is due to \[GOS12]. 14 | 15 | References: 16 | 17 | \[GOS12]: 18 | "New techniques for noninteractive zero-knowledge", 19 | Jens Groth, Rafail Ostrovsky, Amit Sahai 20 | JACM 2012, 21 | 22 | 23 | ***************************************************************************** 24 | * @author This file is part of libsnark, developed by SCIPR Lab 25 | * and contributors (see AUTHORS). 26 | * @copyright MIT license (see LICENSE file) 27 | *****************************************************************************/ 28 | 29 | #ifndef TBCS_TO_USCS_HPP_ 30 | #define TBCS_TO_USCS_HPP_ 31 | 32 | #include 33 | #include 34 | 35 | namespace libsnark { 36 | 37 | /** 38 | * Instance map for the TBCS-to-USCS reduction. 39 | */ 40 | template 41 | uscs_constraint_system tbcs_to_uscs_instance_map(const tbcs_circuit &circuit); 42 | 43 | /** 44 | * Witness map for the TBCS-to-USCS reduction. 45 | */ 46 | template 47 | uscs_variable_assignment tbcs_to_uscs_witness_map(const tbcs_circuit &circuit, 48 | const tbcs_primary_input &primary_input, 49 | const tbcs_auxiliary_input &auxiliary_input); 50 | 51 | } // libsnark 52 | 53 | #include 54 | 55 | #endif // TBCS_TO_USCS_HPP_ 56 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/delegated_ra_memory.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a delegated random-access memory. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef DELEGATED_RA_MEMORY_HPP_ 13 | #define DELEGATED_RA_MEMORY_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | #include 20 | #include 21 | 22 | namespace libsnark { 23 | 24 | template 25 | class delegated_ra_memory : public memory_interface { 26 | private: 27 | libff::bit_vector int_to_tree_elem(const size_t i) const; 28 | size_t int_from_tree_elem(const libff::bit_vector &v) const; 29 | 30 | std::unique_ptr > contents; 31 | 32 | public: 33 | delegated_ra_memory(const size_t num_addresses, const size_t value_size); 34 | delegated_ra_memory(const size_t num_addresses, const size_t value_size, const std::vector &contents_as_vector); 35 | delegated_ra_memory(const size_t num_addresses, const size_t value_size, const memory_contents &contents_as_map); 36 | 37 | size_t get_value(const size_t address) const; 38 | void set_value(const size_t address, const size_t value); 39 | 40 | typename HashT::hash_value_type get_root() const; 41 | typename HashT::merkle_authentication_path_type get_path(const size_t address) const; 42 | 43 | void dump() const; 44 | }; 45 | 46 | } // libsnark 47 | 48 | #include 49 | 50 | #endif // DELEGATED_RA_MEMORY_HPP_ 51 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/examples/memory_contents_examples.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for functions to sample examples of memory contents. 5 | 6 | See memory_contents_examples.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include 15 | #include 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | memory_contents block_memory_contents(const size_t num_addresses, 23 | const size_t value_size, 24 | const size_t block1_size, 25 | const size_t block2_size) 26 | { 27 | const size_t max_unit = 1ul< unfilled; 50 | for (size_t i = 0; i < num_addresses; ++i) 51 | { 52 | unfilled.insert(i); 53 | } 54 | 55 | memory_contents result; 56 | for (size_t i = 0; i < num_filled; ++i) 57 | { 58 | auto it = unfilled.begin(); 59 | std::advance(it, std::rand() % unfilled.size()); 60 | result[*it] = std::rand() % max_unit; 61 | unfilled.erase(it); 62 | } 63 | 64 | return result; 65 | } 66 | 67 | } // libsnark 68 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/examples/memory_contents_examples.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for functions to sample examples of memory contents. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MEMORY_CONTENTS_EXAMPLES_HPP_ 13 | #define MEMORY_CONTENTS_EXAMPLES_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Sample memory contents consisting of two blocks of random values; 21 | * the first block is located at the beginning of memory, while 22 | * the second block is located half-way through memory. 23 | */ 24 | memory_contents block_memory_contents(const size_t num_addresses, 25 | const size_t value_size, 26 | const size_t block1_size, 27 | const size_t block2_size); 28 | 29 | /** 30 | * Sample memory contents having a given number of non-zero entries; 31 | * each non-zero entry is a random value at a random address (approximately). 32 | */ 33 | memory_contents random_memory_contents(const size_t num_addresses, 34 | const size_t value_size, 35 | const size_t num_filled); 36 | 37 | } // libsnark 38 | 39 | #endif // MEMORY_CONTENTS_EXAMPLES_HPP_ 40 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/memory_interface.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a memory interface. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MEMORY_INTERFACE_HPP_ 13 | #define MEMORY_INTERFACE_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * A function from addresses to values that represents a memory's contents. 23 | */ 24 | typedef std::map memory_contents; 25 | 26 | /** 27 | * A memory interface is a virtual class for specifying and maintaining a memory. 28 | * 29 | * A memory is parameterized by two quantities: 30 | * - num_addresses (which specifies the number of addresses); and 31 | * - value_size (which specifies the number of bits stored at each address). 32 | * 33 | * The methods get_val and set_val can be used to load and store values. 34 | */ 35 | class memory_interface { 36 | public: 37 | 38 | size_t num_addresses; 39 | size_t value_size; 40 | 41 | memory_interface(const size_t num_addresses, const size_t value_size) : 42 | num_addresses(num_addresses), 43 | value_size(value_size) 44 | {} 45 | memory_interface(const size_t num_addresses, const size_t value_size, const std::vector &contents_as_vector); 46 | memory_interface(const size_t num_addresses, const size_t value_size, const memory_contents &contents); 47 | 48 | virtual size_t get_value(const size_t address) const = 0; 49 | virtual void set_value(const size_t address, const size_t value) = 0; 50 | }; 51 | 52 | } // libsnark 53 | 54 | #endif // MEMORY_INTERFACE_HPP_ 55 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/memory_store_trace.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a memory store trace. 5 | 6 | See memory_store_trace.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include 15 | 16 | namespace libsnark { 17 | 18 | memory_store_trace::memory_store_trace() 19 | { 20 | } 21 | 22 | address_and_value memory_store_trace::get_trace_entry(const size_t timestamp) const 23 | { 24 | auto it = entries.find(timestamp); 25 | return (it != entries.end() ? it->second : std::make_pair(0, 0)); 26 | } 27 | 28 | std::map memory_store_trace::get_all_trace_entries() const 29 | { 30 | return entries; 31 | } 32 | 33 | void memory_store_trace::set_trace_entry(const size_t timestamp, const address_and_value &av) 34 | { 35 | entries[timestamp] = av; 36 | } 37 | 38 | memory_contents memory_store_trace::as_memory_contents() const 39 | { 40 | memory_contents result; 41 | 42 | for (auto &ts_and_addrval : entries) 43 | { 44 | result[ts_and_addrval.second.first] = ts_and_addrval.second.second; 45 | } 46 | 47 | return result; 48 | } 49 | 50 | } // libsnark 51 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/memory_store_trace.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a memory store trace. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef MEMORY_STORE_TRACE_HPP_ 13 | #define MEMORY_STORE_TRACE_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * A pair consisting of an address and a value. 21 | * It represents a memory store. 22 | */ 23 | typedef std::pair address_and_value; 24 | 25 | /** 26 | * A list in which each component consists of a timestamp and a memory store. 27 | */ 28 | class memory_store_trace { 29 | private: 30 | std::map entries; 31 | 32 | public: 33 | memory_store_trace(); 34 | address_and_value get_trace_entry(const size_t timestamp) const; 35 | std::map get_all_trace_entries() const; 36 | void set_trace_entry(const size_t timestamp, const address_and_value &av); 37 | 38 | memory_contents as_memory_contents() const; 39 | }; 40 | 41 | } // libsnark 42 | 43 | #endif // MEMORY_STORE_TRACE_HPP_ 44 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/ra_memory.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Implementation of interfaces for a random-access memory. 5 | 6 | See ra_memory.hpp . 7 | 8 | ***************************************************************************** 9 | * @author This file is part of libsnark, developed by SCIPR Lab 10 | * and contributors (see AUTHORS). 11 | * @copyright MIT license (see LICENSE file) 12 | *****************************************************************************/ 13 | 14 | #include 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | ra_memory::ra_memory(const size_t num_addresses, const size_t value_size) : 21 | memory_interface(num_addresses, value_size) 22 | { 23 | } 24 | 25 | ra_memory::ra_memory(const size_t num_addresses, 26 | const size_t value_size, 27 | const std::vector &contents_as_vector) : 28 | memory_interface(num_addresses, value_size) 29 | { 30 | /* copy std::vector into std::map */ 31 | for (size_t i = 0; i < contents_as_vector.size(); ++i) 32 | { 33 | contents[i] = contents_as_vector[i]; 34 | } 35 | } 36 | 37 | 38 | ra_memory::ra_memory(const size_t num_addresses, 39 | const size_t value_size, 40 | const memory_contents &contents) : 41 | memory_interface(num_addresses, value_size), contents(contents) 42 | { 43 | } 44 | 45 | size_t ra_memory::get_value(const size_t address) const 46 | { 47 | assert(address < num_addresses); 48 | auto it = contents.find(address); 49 | return (it == contents.end() ? 0 : it->second); 50 | } 51 | 52 | void ra_memory::set_value(const size_t address, const size_t value) 53 | { 54 | contents[address] = value; 55 | } 56 | 57 | } // libsnark 58 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/memory/ra_memory.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a random-access memory. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef RA_MEMORY_HPP_ 13 | #define RA_MEMORY_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * A random-access memory maintains the memory's contents via a map (from addresses to values). 21 | */ 22 | class ra_memory : public memory_interface { 23 | public: 24 | 25 | memory_contents contents; 26 | 27 | ra_memory(const size_t num_addresses, const size_t value_size); 28 | ra_memory(const size_t num_addresses, const size_t value_size, const std::vector &contents_as_vector); 29 | ra_memory(const size_t num_addresses, const size_t value_size, const memory_contents &contents); 30 | 31 | size_t get_value(const size_t address) const; 32 | void set_value(const size_t address, const size_t value); 33 | 34 | }; 35 | 36 | } // libsnark 37 | 38 | #endif // RA_MEMORY_HPP_ 39 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/rams/examples/ram_examples.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of interfaces for a RAM example, as well as functions to sample 5 | RAM examples with prescribed parameters (according to some distribution). 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RAM_EXAMPLES_HPP_ 14 | #define RAM_EXAMPLES_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | template 21 | struct ram_example { 22 | ram_architecture_params ap; 23 | size_t boot_trace_size_bound; 24 | size_t time_bound; 25 | ram_boot_trace boot_trace; 26 | ram_input_tape auxiliary_input; 27 | }; 28 | 29 | /** 30 | * For now: only specialized to TinyRAM 31 | */ 32 | template 33 | ram_example gen_ram_example_simple(const ram_architecture_params &ap, const size_t boot_trace_size_bound, const size_t time_bound, const bool satisfiable=true); 34 | 35 | /** 36 | * For now: only specialized to TinyRAM 37 | */ 38 | template 39 | ram_example gen_ram_example_complex(const ram_architecture_params &ap, const size_t boot_trace_size_bound, const size_t time_bound, const bool satisfiable=true); 40 | 41 | } // libsnark 42 | 43 | #include 44 | 45 | #endif // RAM_EXAMPLES_HPP_ 46 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/rams/fooram/fooram_aux.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of auxiliary functions for FOORAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef FOORAM_AUX_HPP_ 13 | #define FOORAM_AUX_HPP_ 14 | 15 | #include 16 | #include 17 | 18 | #include 19 | 20 | #include 21 | #include 22 | 23 | namespace libsnark { 24 | 25 | typedef std::vector fooram_program; 26 | typedef std::vector fooram_input_tape; 27 | typedef typename std::vector::const_iterator fooram_input_tape_iterator; 28 | 29 | class fooram_architecture_params { 30 | public: 31 | size_t w; 32 | fooram_architecture_params(const size_t w=16); 33 | 34 | size_t num_addresses() const; 35 | size_t address_size() const; 36 | size_t value_size() const; 37 | size_t cpu_state_size() const; 38 | size_t initial_pc_addr() const; 39 | 40 | memory_contents initial_memory_contents(const fooram_program &program, 41 | const fooram_input_tape &primary_input) const; 42 | 43 | libff::bit_vector initial_cpu_state(const fooram_input_tape &primary_input) const; 44 | fooram_input_tape primary_input_from_boot_trace(const memory_store_trace &boot_trace) const; 45 | 46 | void print() const; 47 | bool operator==(const fooram_architecture_params &other) const; 48 | 49 | friend std::ostream& operator<<(std::ostream &out, const fooram_architecture_params &ap); 50 | friend std::istream& operator>>(std::istream &in, fooram_architecture_params &ap); 51 | }; 52 | 53 | } // libsnark 54 | 55 | #endif // FOORAM_AUX_HPP_ 56 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/rams/fooram/fooram_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public parameters for FOORAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef FOORAM_PARAMS_HPP_ 13 | #define FOORAM_PARAMS_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class ram_fooram { 23 | public: 24 | typedef FieldT base_field_type; 25 | typedef fooram_protoboard protoboard_type; 26 | typedef fooram_gadget gadget_base_type; 27 | typedef fooram_cpu_checker cpu_checker_type; 28 | typedef fooram_architecture_params architecture_params_type; 29 | 30 | static size_t timestamp_length; 31 | }; 32 | 33 | template 34 | size_t ram_fooram::timestamp_length = 300; 35 | 36 | } // libsnark 37 | 38 | #endif // FOORAM_PARAMS_HPP_ 39 | -------------------------------------------------------------------------------- /libsnark/relations/ram_computations/rams/tinyram/tinyram_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public parameters for TinyRAM. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TINYRAM_PARAMS_HPP_ 13 | #define TINYRAM_PARAMS_HPP_ 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | template 22 | class ram_tinyram { 23 | public: 24 | static size_t timestamp_length; 25 | 26 | typedef FieldT base_field_type; 27 | typedef tinyram_protoboard protoboard_type; 28 | typedef tinyram_gadget gadget_base_type; 29 | typedef tinyram_cpu_checker cpu_checker_type; 30 | typedef tinyram_architecture_params architecture_params_type; 31 | }; 32 | 33 | template 34 | size_t ram_tinyram::timestamp_length = 300; 35 | 36 | } // libsnark 37 | 38 | #endif // TINYRAM_PARAMS_HPP_ 39 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/ppzkpcd_compliance_predicate.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Template aliasing for prettifying R1CS PCD interfaces. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef PPZKPCD_COMPLIANCE_PREDICATE_HPP_ 13 | #define PPZKPCD_COMPLIANCE_PREDICATE_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /* template aliasing for R1CS (multi-predicate) ppzkPCD: */ 22 | 23 | template 24 | using r1cs_mp_ppzkpcd_compliance_predicate = r1cs_pcd_compliance_predicate >; 25 | 26 | template 27 | using r1cs_mp_ppzkpcd_message = r1cs_pcd_message >; 28 | 29 | template 30 | using r1cs_mp_ppzkpcd_local_data = r1cs_pcd_local_data >; 31 | 32 | template 33 | using r1cs_mp_ppzkpcd_variable_assignment = r1cs_variable_assignment >; 34 | 35 | } 36 | 37 | #endif // PPZKPCD_COMPLIANCE_PREDICATE_HPP_ 38 | 39 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/examples/run_r1cs_mp_ppzkpcd.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS multi-predicate ppzkPCD 5 | for a compliance predicate example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_MP_PPZKPCD_HPP_ 14 | #define RUN_R1CS_MP_PPZKPCD_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the multi-predicate ppzkPCD (generator, prover, and verifier) for the 22 | * "tally compliance predicate", of a given wordsize, arity, and depth. 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | * 27 | * Optionally, also test the case of compliance predicates with different types. 28 | */ 29 | template 30 | bool run_r1cs_mp_ppzkpcd_tally_example(const size_t wordsize, 31 | const size_t max_arity, 32 | const size_t depth, 33 | const bool test_serialization, 34 | const bool test_multi_type, 35 | const bool test_same_type_optimization); 36 | 37 | } // libsnark 38 | 39 | #include 40 | 41 | #endif // RUN_R1CS_MP_PPZKPCD_HPP_ 42 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/profiling/profile_r1cs_mp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | 11 | using namespace libsnark; 12 | 13 | template 14 | void profile_tally(const size_t arity, const size_t max_layer) 15 | { 16 | const size_t wordsize = 32; 17 | const bool test_serialization = true; 18 | const bool test_multi_type = true; 19 | const bool test_same_type_optimization = false; 20 | const bool bit = run_r1cs_mp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization, test_multi_type, test_same_type_optimization); 21 | assert(bit); 22 | } 23 | 24 | int main(void) 25 | { 26 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 27 | 28 | libff::start_profiling(); 29 | PCD_pp::init_public_params(); 30 | 31 | const size_t arity = 2; 32 | const size_t max_layer = 2; 33 | 34 | profile_tally(arity, max_layer); 35 | } 36 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/r1cs_mp_ppzkpcd_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Parameters for *multi-predicate* ppzkPCD for R1CS. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_MP_PPZKPCD_PARAMS_HPP_ 13 | #define R1CS_MP_PPZKPCD_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | template 23 | using r1cs_mp_ppzkpcd_compliance_predicate = r1cs_pcd_compliance_predicate >; 24 | 25 | template 26 | using r1cs_mp_ppzkpcd_message = r1cs_pcd_message >; 27 | 28 | template 29 | using r1cs_mp_ppzkpcd_local_data = r1cs_pcd_local_data >; 30 | 31 | template 32 | using r1cs_mp_ppzkpcd_primary_input = r1cs_pcd_compliance_predicate_primary_input >; 33 | 34 | template 35 | using r1cs_mp_ppzkpcd_auxiliary_input = r1cs_pcd_compliance_predicate_auxiliary_input >; 36 | 37 | } // libsnark 38 | 39 | #endif // R1CS_MP_PPZKPCD_PARAMS_HPP_ 40 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_mp_ppzkpcd/tests/test_r1cs_mp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | 10 | using namespace libsnark; 11 | 12 | template 13 | void test_tally(const size_t arity, const size_t max_layer, const bool test_multi_type, const bool test_same_type_optimization) 14 | 15 | { 16 | const size_t wordsize = 32; 17 | const bool test_serialization = true; 18 | const bool bit = run_r1cs_mp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization, test_multi_type, test_same_type_optimization); 19 | assert(bit); 20 | } 21 | 22 | int main(void) 23 | { 24 | libff::start_profiling(); 25 | default_r1cs_ppzkpcd_pp::init_public_params(); 26 | 27 | const size_t max_arity = 2; 28 | const size_t max_layer = 2; 29 | 30 | test_tally(max_arity, max_layer, false, false); 31 | test_tally(max_arity, max_layer, false, true); 32 | test_tally(max_arity, max_layer, true, false); 33 | test_tally(max_arity, max_layer, true, true); 34 | } 35 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef R1CS_PCD_PARAMS_HPP_ 8 | #define R1CS_PCD_PARAMS_HPP_ 9 | 10 | #include 11 | #include 12 | 13 | #include 14 | 15 | namespace libsnark { 16 | 17 | template 18 | class r1cs_pcd_compliance_predicate_primary_input { 19 | public: 20 | std::shared_ptr > outgoing_message; 21 | 22 | r1cs_pcd_compliance_predicate_primary_input(const std::shared_ptr > &outgoing_message) : outgoing_message(outgoing_message) {} 23 | r1cs_primary_input as_r1cs_primary_input() const; 24 | }; 25 | 26 | template 27 | class r1cs_pcd_compliance_predicate_auxiliary_input { 28 | public: 29 | std::vector > > incoming_messages; 30 | std::shared_ptr > local_data; 31 | r1cs_pcd_witness witness; 32 | 33 | r1cs_pcd_compliance_predicate_auxiliary_input(const std::vector > > &incoming_messages, 34 | const std::shared_ptr > &local_data, 35 | const r1cs_pcd_witness &witness) : 36 | incoming_messages(incoming_messages), local_data(local_data), witness(witness) {} 37 | 38 | r1cs_auxiliary_input as_r1cs_auxiliary_input(const std::vector &incoming_message_payload_lengths) const; 39 | }; 40 | 41 | } // libsnark 42 | 43 | #include 44 | 45 | #endif // R1CS_PCD_PARAMS_HPP_ 46 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_pcd_params.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #ifndef R1CS_PCD_PARAMS_TCC_ 8 | #define R1CS_PCD_PARAMS_TCC_ 9 | 10 | namespace libsnark { 11 | 12 | template 13 | r1cs_primary_input r1cs_pcd_compliance_predicate_primary_input::as_r1cs_primary_input() const 14 | { 15 | return outgoing_message->as_r1cs_variable_assignment(); 16 | } 17 | 18 | template 19 | r1cs_auxiliary_input r1cs_pcd_compliance_predicate_auxiliary_input::as_r1cs_auxiliary_input(const std::vector &incoming_message_payload_lengths) const 20 | { 21 | const size_t arity = incoming_messages.size(); 22 | 23 | r1cs_auxiliary_input result; 24 | result.emplace_back(FieldT(arity)); 25 | 26 | const size_t max_arity = incoming_message_payload_lengths.size(); 27 | assert(arity <= max_arity); 28 | 29 | for (size_t i = 0; i < arity; ++i) 30 | { 31 | const r1cs_variable_assignment msg_as_r1cs_va = incoming_messages[i]->as_r1cs_variable_assignment(); 32 | assert(msg_as_r1cs_va.size() == (1 + incoming_message_payload_lengths[i])); 33 | result.insert(result.end(), msg_as_r1cs_va.begin(), msg_as_r1cs_va.end()); 34 | } 35 | 36 | /* pad with dummy messages of appropriate size */ 37 | for (size_t i = arity; i < max_arity; ++i) 38 | { 39 | result.resize(result.size() + (1 + incoming_message_payload_lengths[i]), FieldT::zero()); 40 | } 41 | 42 | const r1cs_variable_assignment local_data_as_r1cs_va = local_data->as_r1cs_variable_assignment(); 43 | result.insert(result.end(), local_data_as_r1cs_va.begin(), local_data_as_r1cs_va.end()); 44 | result.insert(result.end(), witness.begin(), witness.end()); 45 | 46 | return result; 47 | } 48 | 49 | } // libsnark 50 | 51 | #endif // R1CS_PCD_PARAMS_TCC_ 52 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/examples/run_r1cs_sp_ppzkpcd.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS single-predicate ppzkPCD 5 | for a compliance predicate example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_SP_PPZKPCD_HPP_ 14 | #define RUN_R1CS_SP_PPZKPCD_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the single-predicate ppzkPCD (generator, prover, and verifier) for the 22 | * "tally compliance predicate", of a given wordsize, arity, and depth. 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_r1cs_sp_ppzkpcd_tally_example(const size_t wordsize, 29 | const size_t arity, 30 | const size_t depth, 31 | const bool test_serialization); 32 | 33 | } // libsnark 34 | 35 | #include 36 | 37 | #endif // RUN_R1CS_SP_PPZKPCD_HPP_ 38 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/profiling/profile_r1cs_sp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | 11 | using namespace libsnark; 12 | 13 | template 14 | void profile_tally(const size_t arity, const size_t max_layer) 15 | { 16 | const size_t wordsize = 32; 17 | const bool test_serialization = true; 18 | const bool bit = run_r1cs_sp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization); 19 | assert(bit); 20 | } 21 | 22 | int main(void) 23 | { 24 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 25 | 26 | libff::start_profiling(); 27 | PCD_pp::init_public_params(); 28 | 29 | const size_t arity = 2; 30 | const size_t max_layer = 2; 31 | 32 | profile_tally(arity, max_layer); 33 | } 34 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/r1cs_sp_ppzkpcd_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Parameters for *single-predicate* ppzkPCD for R1CS. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_SP_PPZKPCD_PARAMS_HPP_ 13 | #define R1CS_SP_PPZKPCD_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | template 23 | using r1cs_sp_ppzkpcd_compliance_predicate = r1cs_pcd_compliance_predicate >; 24 | 25 | template 26 | using r1cs_sp_ppzkpcd_message = r1cs_pcd_message >; 27 | 28 | template 29 | using r1cs_sp_ppzkpcd_local_data = r1cs_pcd_local_data >; 30 | 31 | template 32 | using r1cs_sp_ppzkpcd_primary_input = r1cs_pcd_compliance_predicate_primary_input >; 33 | 34 | template 35 | using r1cs_sp_ppzkpcd_auxiliary_input = r1cs_pcd_compliance_predicate_auxiliary_input >; 36 | 37 | } // libsnark 38 | 39 | #endif // R1CS_SP_PPZKPCD_PARAMS_HPP_ 40 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/pcd/r1cs_pcd/r1cs_sp_ppzkpcd/tests/test_r1cs_sp_ppzkpcd.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | 10 | using namespace libsnark; 11 | 12 | template 13 | void test_tally(const size_t arity, const size_t max_layer) 14 | { 15 | const size_t wordsize = 32; 16 | const bool test_serialization = true; 17 | const bool bit = run_r1cs_sp_ppzkpcd_tally_example(wordsize, arity, max_layer, test_serialization); 18 | assert(bit); 19 | } 20 | 21 | int main(void) 22 | { 23 | typedef default_r1cs_ppzkpcd_pp PCD_pp; 24 | 25 | libff::start_profiling(); 26 | PCD_pp::init_public_params(); 27 | 28 | const size_t arity = 2; 29 | const size_t max_layer = 2; 30 | 31 | test_tally(arity, max_layer); 32 | } 33 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/demo_r1cs_ppzkadsnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include 14 | 15 | #include 16 | #include 17 | 18 | using namespace libsnark; 19 | 20 | int main(int argc, const char * argv[]) 21 | { 22 | default_r1cs_ppzkadsnark_pp::init_public_params(); 23 | libff::start_profiling(); 24 | 25 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 26 | { 27 | libff::print_compilation_info(); 28 | return 0; 29 | } 30 | 31 | if (argc != 3 && argc != 4) 32 | { 33 | printf("usage: %s num_constraints input_size [Fr|bytes]\n", argv[0]); 34 | return 1; 35 | } 36 | const int num_constraints = atoi(argv[1]); 37 | int input_size = atoi(argv[2]); 38 | if (argc == 4) 39 | { 40 | assert(strcmp(argv[3], "Fr") == 0 || strcmp(argv[3], "bytes") == 0); 41 | if (strcmp(argv[3], "bytes") == 0) 42 | { 43 | input_size = libff::div_ceil(8 * input_size, libff::Fr>::num_bits - 1); 44 | } 45 | } 46 | 47 | libff::enter_block("Generate R1CS example"); 48 | r1cs_example>> example = 49 | generate_r1cs_example_with_field_input>> 50 | (num_constraints, input_size); 51 | libff::leave_block("Generate R1CS example"); 52 | 53 | libff::print_header("(enter) Profile R1CS ppzkADSNARK"); 54 | const bool test_serialization = true; 55 | run_r1cs_ppzkadsnark(example, test_serialization); 56 | libff::print_header("(leave) Profile R1CS ppzkADSNARK"); 57 | } 58 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/prf/aes_ctr_prf.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | AES-Based PRF for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef AESCTRPRF_HPP_ 13 | #define AESCTRPRF_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | class aesPrfKeyT { 20 | public: 21 | unsigned char key_bytes[32]; 22 | }; 23 | 24 | } // libsnark 25 | 26 | #endif // AESCTRPRF_HPP_ 27 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/prf/aes_ctr_prf.tcc: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | AES-Based PRF for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #include "gmp.h" 13 | #include "depends/libsnark-supercop/include/crypto_core_aes128encrypt.h" 14 | #include "depends/libsnark-supercop/include/randombytes.h" 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | template <> 21 | aesPrfKeyT prfGen() { 22 | aesPrfKeyT key; 23 | randombytes(key.key_bytes,32); 24 | return key; 25 | } 26 | 27 | template<> 28 | libff::Fr> prfCompute( 29 | const aesPrfKeyT &key, const labelT &label) { 30 | unsigned char seed_bytes[16]; 31 | mpz_t aux,Fr_mod; 32 | unsigned char random_bytes[16*3]; 33 | size_t exp_len; 34 | 35 | mpz_init (aux); 36 | mpz_init (Fr_mod); 37 | 38 | // compute random seed using AES as PRF 39 | crypto_core_aes128encrypt_openssl(seed_bytes,label.label_bytes,key.key_bytes,NULL); 40 | 41 | // use first 128 bits of output to seed AES-CTR 42 | // PRG to expand to 3*128 bits 43 | crypto_core_aes128encrypt_openssl(random_bytes,seed_bytes,key.key_bytes+16,NULL); 44 | 45 | mpz_import(aux, 16, 0, 1, 0, 0, seed_bytes); 46 | mpz_add_ui(aux,aux,1); 47 | mpz_export(seed_bytes, &exp_len, 0, 1, 0, 0, aux); 48 | while (exp_len < 16) 49 | seed_bytes[exp_len++] = 0; 50 | 51 | crypto_core_aes128encrypt_openssl(random_bytes+16,seed_bytes,key.key_bytes+16,NULL); 52 | 53 | mpz_add_ui(aux,aux,1); 54 | mpz_export(seed_bytes, &exp_len, 0, 1, 0, 0, aux); 55 | while (exp_len < 16) 56 | seed_bytes[exp_len++] = 0; 57 | 58 | crypto_core_aes128encrypt_openssl(random_bytes+32,seed_bytes,key.key_bytes+16,NULL); 59 | 60 | // see output as integer and reduce modulo r 61 | mpz_import(aux, 16*3, 0, 1, 0, 0, random_bytes); 62 | libff::Fr>::mod.to_mpz(Fr_mod); 63 | mpz_mod(aux,aux,Fr_mod); 64 | 65 | return libff::Fr>( 66 | libff::bigint>::num_limbs>(aux)); 67 | } 68 | 69 | } // libsnark 70 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/run_r1cs_ppzkadsnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS ppzkADSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_PPZKADSNARK_HPP_ 14 | #define RUN_R1CS_PPZKADSNARK_HPP_ 15 | 16 | #include 17 | 18 | #include 19 | #include 20 | 21 | namespace libsnark { 22 | 23 | /** 24 | * Runs the ppzkADSNARK (generator, prover, and verifier) for a given 25 | * R1CS example (specified by a constraint system, input, and witness). 26 | * 27 | * Optionally, also test the serialization routines for keys and proofs. 28 | * (This takes additional time.) 29 | */ 30 | template 31 | bool run_r1cs_ppzkadsnark(const r1cs_example> > &example, 32 | const bool test_serialization); 33 | 34 | } // libsnark 35 | 36 | #include 37 | 38 | #endif // RUN_R1CS_PPZKADSNARK_HPP_ 39 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/examples/signature/ed25519_signature.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Fast batch verification signature for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | /** @file 13 | ***************************************************************************** 14 | * @author This file was deed to libsnark by Manuel Barbosa. 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #ifndef ED25519SIG_HPP_ 19 | #define ED25519SIG_HPP_ 20 | 21 | #include 22 | 23 | namespace libsnark { 24 | 25 | class ed25519_sigT { 26 | public: 27 | unsigned char sig_bytes[64]; 28 | }; 29 | 30 | class ed25519_vkT { 31 | public: 32 | unsigned char vk_bytes[32]; 33 | }; 34 | 35 | class ed25519_skT { 36 | public: 37 | unsigned char sk_bytes[64]; 38 | }; 39 | 40 | } // libsnark 41 | 42 | #endif // ED25519SIG_HPP_ 43 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS ppzkADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_PPZKADSNARK_PARAMS_HPP_ 13 | #define R1CS_PPZKADSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | class labelT { 22 | public: 23 | unsigned char label_bytes[16]; 24 | labelT() {}; 25 | }; 26 | 27 | /** 28 | * Below are various template aliases (used for convenience). 29 | */ 30 | 31 | template 32 | using snark_pp = typename r1cs_ppzkadsnark_ppT::snark_pp; 33 | 34 | template 35 | using r1cs_ppzkadsnark_constraint_system = r1cs_constraint_system>>; 36 | 37 | template 38 | using r1cs_ppzkadsnark_primary_input = r1cs_primary_input> >; 39 | 40 | template 41 | using r1cs_ppzkadsnark_auxiliary_input = r1cs_auxiliary_input> >; 42 | 43 | template 44 | using r1cs_ppzkadsnark_skT = typename r1cs_ppzkadsnark_ppT::skT; 45 | 46 | template 47 | using r1cs_ppzkadsnark_vkT = typename r1cs_ppzkadsnark_ppT::vkT; 48 | 49 | template 50 | using r1cs_ppzkadsnark_sigT = typename r1cs_ppzkadsnark_ppT::sigT; 51 | 52 | template 53 | using r1cs_ppzkadsnark_prfKeyT = typename r1cs_ppzkadsnark_ppT::prfKeyT; 54 | 55 | 56 | } // libsnark 57 | 58 | #endif // R1CS_PPZKADSNARK_PARAMS_HPP_ 59 | 60 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_prf.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Generic PRF interface for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef PRF_HPP_ 13 | #define PRF_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | template 20 | r1cs_ppzkadsnark_prfKeyT prfGen(); 21 | 22 | template 23 | libff::Fr> prfCompute(const r1cs_ppzkadsnark_prfKeyT &key, const labelT &label); 24 | 25 | } // libsnark 26 | 27 | #endif // PRF_HPP_ 28 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzkadsnark/r1cs_ppzkadsnark/r1cs_ppzkadsnark_signature.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Generic signature interface for ADSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | /** @file 13 | ***************************************************************************** 14 | * @author This file was deed to libsnark by Manuel Barbosa. 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #ifndef SIGNATURE_HPP_ 19 | #define SIGNATURE_HPP_ 20 | 21 | #include 22 | 23 | namespace libsnark { 24 | 25 | template 26 | class kpT { 27 | public: 28 | r1cs_ppzkadsnark_skT sk; 29 | r1cs_ppzkadsnark_vkT vk; 30 | }; 31 | 32 | template 33 | kpT sigGen(void); 34 | 35 | template 36 | r1cs_ppzkadsnark_sigT sigSign(const r1cs_ppzkadsnark_skT &sk, const labelT &label, const libff::G2> &Lambda); 37 | 38 | template 39 | bool sigVerif(const r1cs_ppzkadsnark_vkT &vk, const labelT &label, const libff::G2> &Lambda, const r1cs_ppzkadsnark_sigT &sig); 40 | 41 | template 42 | bool sigBatchVerif(const r1cs_ppzkadsnark_vkT &vk, const std::vector &labels, const std::vector>> &Lambdas, const std::vector> &sigs); 43 | 44 | } // libsnark 45 | 46 | #endif // SIGNATURE_HPP_ 47 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/bacs_ppzksnark/bacs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the BACS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef BACS_PPZKSNARK_PARAMS_HPP_ 13 | #define BACS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Below are various template aliases (used for convenience). 23 | */ 24 | 25 | template 26 | using bacs_ppzksnark_circuit = bacs_circuit >; 27 | 28 | template 29 | using bacs_ppzksnark_primary_input = bacs_primary_input >; 30 | 31 | template 32 | using bacs_ppzksnark_auxiliary_input = bacs_auxiliary_input >; 33 | 34 | } // libsnark 35 | 36 | #endif // BACS_PPZKSNARK_PARAMS_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/bacs_ppzksnark/examples/run_bacs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the BACS ppzkSNARK for 5 | a given BACS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_BACS_PPZKSNARK_HPP_ 14 | #define RUN_BACS_PPZKSNARK_HPP_ 15 | 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | /** 23 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 24 | * BACS example (specified by a circuit, primary input, and auxiliary input). 25 | * 26 | * Optionally, also test the serialization routines for keys and proofs. 27 | * (This takes additional time.) 28 | */ 29 | template 30 | bool run_bacs_ppzksnark(const bacs_example > &example, 31 | const bool test_serialization); 32 | 33 | } // libsnark 34 | 35 | #include 36 | 37 | #endif // RUN_BACS_PPZKSNARK_HPP_ 38 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/bacs_ppzksnark/profiling/profile_bacs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Profiling program that exercises the ppzkSNARK (first generator, then prover, 4 | then verifier) on a synthetic BACS instance. 5 | 6 | The command 7 | 8 | $ libsnark/zk_proof_systems/bacs_ppzksnark/profiling/profile_bacs_ppzksnark 1000 10 9 | 10 | exercises the ppzkSNARK (first generator, then prover, then verifier) on an BACS instance with 1000 gates and an input consisting of 10 Field elements 11 | 12 | (If you get the error `zmInit ERR:can't protect`, see the discussion [above](#elliptic-curve-choices).) 13 | 14 | ***************************************************************************** 15 | * @author This file is part of libsnark, developed by SCIPR Lab 16 | * and contributors (see AUTHORS). 17 | * @copyright MIT license (see LICENSE file) 18 | *****************************************************************************/ 19 | 20 | #include 21 | 22 | #include 23 | 24 | #include 25 | #include 26 | #include 27 | 28 | using namespace libsnark; 29 | 30 | int main(int argc, const char * argv[]) 31 | { 32 | default_bacs_ppzksnark_pp::init_public_params(); 33 | libff::start_profiling(); 34 | 35 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 36 | { 37 | libff::print_compilation_info(); 38 | return 0; 39 | } 40 | 41 | if (argc != 3) 42 | { 43 | printf("usage: %s num_gates primary_input_size\n", argv[0]); 44 | return 1; 45 | } 46 | const int num_gates = atoi(argv[1]); 47 | int primary_input_size = atoi(argv[2]); 48 | 49 | const size_t auxiliary_input_size = 0; 50 | const size_t num_outputs = num_gates / 2; 51 | 52 | libff::enter_block("Generate BACS example"); 53 | bacs_example > example = generate_bacs_example >(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 54 | libff::leave_block("Generate BACS example"); 55 | 56 | libff::print_header("(enter) Profile BACS ppzkSNARK"); 57 | const bool test_serialization = true; 58 | run_bacs_ppzksnark(example, test_serialization); 59 | libff::print_header("(leave) Profile BACS ppzkSNARK"); 60 | } 61 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/bacs_ppzksnark/tests/test_bacs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic BACS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include 15 | 16 | #include 17 | #include 18 | #include 19 | 20 | using namespace libsnark; 21 | 22 | #ifndef NDEBUG 23 | template 24 | void test_bacs_ppzksnark(const size_t primary_input_size, 25 | const size_t auxiliary_input_size, 26 | const size_t num_gates, 27 | const size_t num_outputs) 28 | { 29 | libff::print_header("(enter) Test BACS ppzkSNARK"); 30 | 31 | const bool test_serialization = true; 32 | const bacs_example > example = generate_bacs_example >(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 33 | #ifdef DEBUG 34 | example.circuit.print(); 35 | #endif 36 | const bool bit = run_bacs_ppzksnark(example, test_serialization); 37 | assert(bit); 38 | 39 | libff::print_header("(leave) Test BACS ppzkSNARK"); 40 | } 41 | 42 | int main() 43 | { 44 | default_bacs_ppzksnark_pp::init_public_params(); 45 | libff::start_profiling(); 46 | 47 | test_bacs_ppzksnark(10, 10, 20, 5); 48 | } 49 | #else // NDEBUG 50 | int main() 51 | { 52 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 53 | } 54 | #endif // NDEBUG 55 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/examples/run_r1cs_gg_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS GG-ppzkSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_GG_PPZKSNARK_HPP_ 14 | #define RUN_R1CS_GG_PPZKSNARK_HPP_ 15 | 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | /** 23 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 24 | * R1CS example (specified by a constraint system, input, and witness). 25 | * 26 | * Optionally, also test the serialization routines for keys and proofs. 27 | * (This takes additional time.) 28 | */ 29 | template 30 | bool run_r1cs_gg_ppzksnark(const r1cs_example > &example, 31 | const bool test_serialization); 32 | 33 | } // libsnark 34 | 35 | #include 36 | 37 | #endif // RUN_R1CS_GG_PPZKSNARK_HPP_ 38 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/r1cs_gg_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS GG-ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_GG_PPZKSNARK_PARAMS_HPP_ 13 | #define R1CS_GG_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Below are various template aliases (used for convenience). 23 | */ 24 | 25 | template 26 | using r1cs_gg_ppzksnark_constraint_system = r1cs_constraint_system >; 27 | 28 | template 29 | using r1cs_gg_ppzksnark_primary_input = r1cs_primary_input >; 30 | 31 | template 32 | using r1cs_gg_ppzksnark_auxiliary_input = r1cs_auxiliary_input >; 33 | 34 | } // libsnark 35 | 36 | #endif // R1CS_GG_PPZKSNARK_PARAMS_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_gg_ppzksnark/tests/test_r1cs_gg_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic R1CS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include 15 | #include 16 | 17 | #include 18 | #include 19 | #include 20 | 21 | using namespace libsnark; 22 | 23 | #ifndef NDEBUG 24 | template 25 | void test_r1cs_gg_ppzksnark(size_t num_constraints, 26 | size_t input_size) 27 | { 28 | libff::print_header("(enter) Test R1CS GG-ppzkSNARK"); 29 | 30 | const bool test_serialization = true; 31 | r1cs_example > example = generate_r1cs_example_with_binary_input >(num_constraints, input_size); 32 | const bool bit = run_r1cs_gg_ppzksnark(example, test_serialization); 33 | assert(bit); 34 | 35 | libff::print_header("(leave) Test R1CS GG-ppzkSNARK"); 36 | } 37 | 38 | int main() 39 | { 40 | default_r1cs_gg_ppzksnark_pp::init_public_params(); 41 | libff::start_profiling(); 42 | 43 | test_r1cs_gg_ppzksnark(1000, 100); 44 | } 45 | #else // NDEBUG 46 | int main() 47 | { 48 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 49 | } 50 | #endif // NDEBUG 51 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/examples/run_r1cs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS ppzkSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_PPZKSNARK_HPP_ 14 | #define RUN_R1CS_PPZKSNARK_HPP_ 15 | 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | /** 23 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 24 | * R1CS example (specified by a constraint system, input, and witness). 25 | * 26 | * Optionally, also test the serialization routines for keys and proofs. 27 | * (This takes additional time.) 28 | */ 29 | template 30 | bool run_r1cs_ppzksnark(const r1cs_example > &example, 31 | const bool test_serialization); 32 | 33 | } // libsnark 34 | 35 | #include 36 | 37 | #endif // RUN_R1CS_PPZKSNARK_HPP_ 38 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_PPZKSNARK_PARAMS_HPP_ 13 | #define R1CS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Below are various template aliases (used for convenience). 23 | */ 24 | 25 | template 26 | using r1cs_ppzksnark_constraint_system = r1cs_constraint_system >; 27 | 28 | template 29 | using r1cs_ppzksnark_primary_input = r1cs_primary_input >; 30 | 31 | template 32 | using r1cs_ppzksnark_auxiliary_input = r1cs_auxiliary_input >; 33 | 34 | } // libsnark 35 | 36 | #endif // R1CS_PPZKSNARK_PARAMS_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_ppzksnark/tests/test_r1cs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic R1CS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include 15 | #include 16 | 17 | #include 18 | #include 19 | #include 20 | 21 | using namespace libsnark; 22 | 23 | #ifndef NDEBUG 24 | template 25 | void test_r1cs_ppzksnark(size_t num_constraints, 26 | size_t input_size) 27 | { 28 | libff::print_header("(enter) Test R1CS ppzkSNARK"); 29 | 30 | const bool test_serialization = true; 31 | r1cs_example > example = generate_r1cs_example_with_binary_input >(num_constraints, input_size); 32 | const bool bit = run_r1cs_ppzksnark(example, test_serialization); 33 | assert(bit); 34 | 35 | libff::print_header("(leave) Test R1CS ppzkSNARK"); 36 | } 37 | 38 | int main() 39 | { 40 | default_r1cs_ppzksnark_pp::init_public_params(); 41 | libff::start_profiling(); 42 | 43 | test_r1cs_ppzksnark(1000, 100); 44 | } 45 | #else // NDEBUG 46 | int main() 47 | { 48 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 49 | } 50 | #endif // NDEBUG 51 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_se_ppzksnark/examples/run_r1cs_se_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the R1CS SEppzkSNARK for 5 | a given R1CS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_R1CS_SE_PPZKSNARK_HPP_ 14 | #define RUN_R1CS_SE_PPZKSNARK_HPP_ 15 | 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | /** 23 | * Runs the SEppzkSNARK (generator, prover, and verifier) for a given 24 | * R1CS example (specified by a constraint system, input, and witness). 25 | * 26 | * Optionally, also test the serialization routines for keys and proofs. 27 | * (This takes additional time.) 28 | */ 29 | template 30 | bool run_r1cs_se_ppzksnark(const r1cs_example > &example, 31 | const bool test_serialization); 32 | 33 | } // libsnark 34 | 35 | #include 36 | 37 | #endif // RUN_R1CS_SE_PPZKSNARK_HPP_ 38 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_se_ppzksnark/r1cs_se_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the R1CS SEppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef R1CS_SE_PPZKSNARK_PARAMS_HPP_ 13 | #define R1CS_SE_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Below are various template aliases (used for convenience). 23 | */ 24 | 25 | template 26 | using r1cs_se_ppzksnark_constraint_system = r1cs_constraint_system >; 27 | 28 | template 29 | using r1cs_se_ppzksnark_primary_input = r1cs_primary_input >; 30 | 31 | template 32 | using r1cs_se_ppzksnark_auxiliary_input = r1cs_auxiliary_input >; 33 | 34 | } // libsnark 35 | 36 | #endif // R1CS_SE_PPZKSNARK_PARAMS_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/r1cs_se_ppzksnark/tests/test_r1cs_se_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the SEppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic R1CS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include 15 | #include 16 | 17 | #include 18 | #include 19 | #include 20 | 21 | using namespace libsnark; 22 | 23 | #ifndef NDEBUG 24 | 25 | template 26 | void test_r1cs_se_ppzksnark(size_t num_constraints, 27 | size_t input_size) 28 | { 29 | libff::print_header("(enter) Test R1CS SEppzkSNARK"); 30 | 31 | const bool test_serialization = true; 32 | r1cs_example > example = generate_r1cs_example_with_binary_input >(num_constraints, input_size); 33 | const bool bit = run_r1cs_se_ppzksnark(example, test_serialization); 34 | assert(bit); 35 | 36 | libff::print_header("(leave) Test R1CS SEppzkSNARK"); 37 | } 38 | 39 | int main() 40 | { 41 | default_r1cs_se_ppzksnark_pp::init_public_params(); 42 | libff::start_profiling(); 43 | 44 | test_r1cs_se_ppzksnark(1000, 100); 45 | } 46 | 47 | #else // NDEBUG 48 | int main() 49 | { 50 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 51 | } 52 | #endif // NDEBUG 53 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/ram_ppzksnark/examples/run_ram_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the RAM ppzkSNARK for 5 | a given RAM example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_RAM_PPZKSNARK_HPP_ 14 | #define RUN_RAM_PPZKSNARK_HPP_ 15 | 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 23 | * RAM example (specified by an architecture, boot trace, auxiliary input, and time bound). 24 | * 25 | * Optionally, also test the serialization routines for keys and proofs. 26 | * (This takes additional time.) 27 | */ 28 | template 29 | bool run_ram_ppzksnark(const ram_example > &example, 30 | const bool test_serialization); 31 | 32 | } // libsnark 33 | 34 | #include 35 | 36 | #endif // RUN_RAM_PPZKSNARK_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/ram_ppzksnark/profiling/profile_ram_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | 14 | #include 15 | 16 | #include 17 | #include 18 | #include 19 | #include 20 | 21 | using namespace libsnark; 22 | 23 | int main(int argc, const char * argv[]) 24 | { 25 | ram_ppzksnark_snark_pp::init_public_params(); 26 | libff::start_profiling(); 27 | 28 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 29 | { 30 | libff::print_compilation_info(); 31 | return 0; 32 | } 33 | 34 | if (argc != 6) 35 | { 36 | printf("usage: %s word_size reg_count program_size input_size time_bound\n", argv[0]); 37 | return 1; 38 | } 39 | 40 | const size_t w = atoi(argv[1]), 41 | k = atoi(argv[2]), 42 | program_size = atoi(argv[3]), 43 | input_size = atoi(argv[4]), 44 | time_bound = atoi(argv[5]); 45 | 46 | typedef ram_ppzksnark_machine_pp machine_ppT; 47 | 48 | const ram_ppzksnark_architecture_params ap(w, k); 49 | 50 | libff::enter_block("Generate RAM example"); 51 | const size_t boot_trace_size_bound = program_size + input_size; 52 | const bool satisfiable = true; 53 | ram_example example = gen_ram_example_complex(ap, boot_trace_size_bound, time_bound, satisfiable); 54 | libff::leave_block("Generate RAM example"); 55 | 56 | libff::print_header("(enter) Profile RAM ppzkSNARK"); 57 | const bool test_serialization = true; 58 | run_ram_ppzksnark(example, test_serialization); 59 | libff::print_header("(leave) Profile RAM ppzkSNARK"); 60 | } 61 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/ram_ppzksnark/tests/test_ram_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | 13 | #include 14 | 15 | #include 16 | #include 17 | #include 18 | 19 | using namespace libsnark; 20 | 21 | #ifndef NDEBUG 22 | 23 | template 24 | void test_ram_ppzksnark(const size_t w, 25 | const size_t k, 26 | const size_t program_size, 27 | const size_t input_size, 28 | const size_t time_bound) 29 | { 30 | libff::print_header("(enter) Test RAM ppzkSNARK"); 31 | 32 | typedef ram_ppzksnark_machine_pp machine_ppT; 33 | const size_t boot_trace_size_bound = program_size + input_size; 34 | const bool satisfiable = true; 35 | 36 | const ram_ppzksnark_architecture_params ap(w, k); 37 | const ram_example example = gen_ram_example_complex(ap, boot_trace_size_bound, time_bound, satisfiable); 38 | 39 | const bool test_serialization = true; 40 | const bool bit = run_ram_ppzksnark(example, test_serialization); 41 | assert(bit); 42 | 43 | libff::print_header("(leave) Test RAM ppzkSNARK"); 44 | } 45 | 46 | int main() 47 | { 48 | ram_ppzksnark_snark_pp::init_public_params(); 49 | libff::start_profiling(); 50 | 51 | const size_t program_size = 100; 52 | const size_t input_size = 2; 53 | const size_t time_bound = 20; 54 | 55 | // 16-bit TinyRAM with 16 registers 56 | test_ram_ppzksnark(16, 16, program_size, input_size, time_bound); 57 | 58 | // 32-bit TinyRAM with 16 registers 59 | test_ram_ppzksnark(32, 16, program_size, input_size, time_bound); 60 | } 61 | 62 | #else // NDEBUG 63 | 64 | int main() 65 | { 66 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 67 | } 68 | #endif // NDEBUG 69 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/tbcs_ppzksnark/examples/run_tbcs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the TBCS ppzkSNARK for 5 | a given TBCS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_TBCS_PPZKSNARK_HPP_ 14 | #define RUN_TBCS_PPZKSNARK_HPP_ 15 | 16 | #include 17 | 18 | namespace libsnark { 19 | 20 | /** 21 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 22 | * TBCS example (specified by a circuit, primary input, and auxiliary input). 23 | * 24 | * Optionally, also test the serialization routines for keys and proofs. 25 | * (This takes additional time.) 26 | */ 27 | template 28 | bool run_tbcs_ppzksnark(const tbcs_example &example, 29 | const bool test_serialization); 30 | 31 | } // libsnark 32 | 33 | #include 34 | 35 | #endif // RUN_TBCS_PPZKSNARK_HPP_ 36 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/tbcs_ppzksnark/profiling/profile_tbcs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Profiling program that exercises the ppzkSNARK (first generator, then prover, 4 | then verifier) on a synthetic TBCS instance. 5 | 6 | The command 7 | 8 | $ libsnark/tbcs_ppzksnark/examples/profile_tbcs_ppzksnark 1000 10 9 | 10 | exercises the ppzkSNARK (first generator, then prover, then verifier) on an TBCS instance with 1000 gates and an input consisting of 10 bits. 11 | 12 | ***************************************************************************** 13 | * @author This file is part of libsnark, developed by SCIPR Lab 14 | * and contributors (see AUTHORS). 15 | * @copyright MIT license (see LICENSE file) 16 | *****************************************************************************/ 17 | 18 | #include 19 | 20 | #include 21 | #include 22 | 23 | #include 24 | #include 25 | #include 26 | 27 | using namespace libsnark; 28 | 29 | int main(int argc, const char * argv[]) 30 | { 31 | default_tbcs_ppzksnark_pp::init_public_params(); 32 | libff::start_profiling(); 33 | 34 | if (argc == 2 && strcmp(argv[1], "-v") == 0) 35 | { 36 | libff::print_compilation_info(); 37 | return 0; 38 | } 39 | 40 | if (argc != 3) 41 | { 42 | printf("usage: %s num_gates primary_input_size\n", argv[0]); 43 | return 1; 44 | } 45 | const int num_gates = atoi(argv[1]); 46 | int primary_input_size = atoi(argv[2]); 47 | 48 | const size_t auxiliary_input_size = 0; 49 | const size_t num_outputs = num_gates / 2; 50 | 51 | libff::enter_block("Generate TBCS example"); 52 | tbcs_example example = generate_tbcs_example(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 53 | libff::leave_block("Generate TBCS example"); 54 | 55 | libff::print_header("(enter) Profile TBCS ppzkSNARK"); 56 | const bool test_serialization = true; 57 | run_tbcs_ppzksnark(example, test_serialization); 58 | libff::print_header("(leave) Profile TBCS ppzkSNARK"); 59 | } 60 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/tbcs_ppzksnark/tbcs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the TBCS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef TBCS_PPZKSNARK_PARAMS_HPP_ 13 | #define TBCS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | namespace libsnark { 18 | 19 | /** 20 | * Below are various typedefs aliases (used for uniformity with other proof systems). 21 | */ 22 | 23 | typedef tbcs_circuit tbcs_ppzksnark_circuit; 24 | 25 | typedef tbcs_primary_input tbcs_ppzksnark_primary_input; 26 | 27 | typedef tbcs_auxiliary_input tbcs_ppzksnark_auxiliary_input; 28 | 29 | } // libsnark 30 | 31 | #endif // TBCS_PPZKSNARK_PARAMS_HPP_ 32 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/tbcs_ppzksnark/tests/test_tbcs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic TBCS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include 15 | 16 | #include 17 | #include 18 | #include 19 | 20 | using namespace libsnark; 21 | 22 | #ifndef NDEBUG 23 | template 24 | void test_tbcs_ppzksnark(const size_t primary_input_size, 25 | const size_t auxiliary_input_size, 26 | const size_t num_gates, 27 | const size_t num_outputs) 28 | { 29 | libff::print_header("(enter) Test TBCS ppzkSNARK"); 30 | 31 | const bool test_serialization = true; 32 | const tbcs_example example = generate_tbcs_example(primary_input_size, auxiliary_input_size, num_gates, num_outputs); 33 | #ifdef DEBUG 34 | example.circuit.print(); 35 | #endif 36 | const bool bit = run_tbcs_ppzksnark(example, test_serialization); 37 | assert(bit); 38 | 39 | libff::print_header("(leave) Test TBCS ppzkSNARK"); 40 | } 41 | 42 | int main() 43 | { 44 | default_tbcs_ppzksnark_pp::init_public_params(); 45 | libff::start_profiling(); 46 | 47 | test_tbcs_ppzksnark(10, 10, 20, 5); 48 | } 49 | #else // NDEBUG 50 | int main() 51 | { 52 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 53 | } 54 | #endif // NDEBUG 55 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/uscs_ppzksnark/examples/run_uscs_ppzksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the USCS ppzkSNARK for 5 | a given USCS example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_USCS_PPZKSNARK_HPP_ 14 | #define RUN_USCS_PPZKSNARK_HPP_ 15 | 16 | #include 17 | 18 | #include 19 | 20 | namespace libsnark { 21 | 22 | /** 23 | * Runs the ppzkSNARK (generator, prover, and verifier) for a given 24 | * USCS example (specified by a constraint system, input, and witness). 25 | * 26 | * Optionally, also test the serialization routines for keys and proofs. 27 | * (This takes additional time.) 28 | */ 29 | template 30 | bool run_uscs_ppzksnark(const uscs_example > &example, 31 | const bool test_serialization); 32 | 33 | } // libsnark 34 | 35 | #include 36 | 37 | #endif // RUN_USCS_PPZKSNARK_HPP_ 38 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/uscs_ppzksnark/tests/test_uscs_ppzksnark.cpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | Test program that exercises the ppzkSNARK (first generator, then 4 | prover, then verifier) on a synthetic USCS instance. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | #include 12 | #include 13 | 14 | #include 15 | #include 16 | 17 | #include 18 | #include 19 | #include 20 | 21 | using namespace libsnark; 22 | 23 | #ifndef NDEBUG 24 | template 25 | void test_uscs_ppzksnark(size_t num_constraints, 26 | size_t input_size) 27 | { 28 | libff::print_header("(enter) Test USCS ppzkSNARK"); 29 | 30 | const bool test_serialization = true; 31 | uscs_example > example = generate_uscs_example_with_binary_input >(num_constraints, input_size); 32 | const bool bit = run_uscs_ppzksnark(example, test_serialization); 33 | assert(bit); 34 | 35 | libff::print_header("(leave) Test USCS ppzkSNARK"); 36 | } 37 | 38 | int main() 39 | { 40 | default_uscs_ppzksnark_pp::init_public_params(); 41 | libff::start_profiling(); 42 | 43 | test_uscs_ppzksnark(1000, 100); 44 | } 45 | #else // NDEBUG 46 | int main() 47 | { 48 | printf("All tests here depend on assert() which is disabled by -DNDEBUG. Please recompile and run again.\n"); 49 | } 50 | #endif // NDEBUG 51 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/ppzksnark/uscs_ppzksnark/uscs_ppzksnark_params.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of public-parameter selector for the USCS ppzkSNARK. 5 | 6 | ***************************************************************************** 7 | * @author This file is part of libsnark, developed by SCIPR Lab 8 | * and contributors (see AUTHORS). 9 | * @copyright MIT license (see LICENSE file) 10 | *****************************************************************************/ 11 | 12 | #ifndef USCS_PPZKSNARK_PARAMS_HPP_ 13 | #define USCS_PPZKSNARK_PARAMS_HPP_ 14 | 15 | #include 16 | 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Below are various template aliases (used for convenience). 23 | */ 24 | 25 | template 26 | using uscs_ppzksnark_constraint_system = uscs_constraint_system >; 27 | 28 | template 29 | using uscs_ppzksnark_primary_input = uscs_primary_input >; 30 | 31 | template 32 | using uscs_ppzksnark_auxiliary_input = uscs_auxiliary_input >; 33 | 34 | } // libsnark 35 | 36 | #endif // USCS_PPZKSNARK_PARAMS_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/zksnark/ram_zksnark/examples/run_ram_zksnark.hpp: -------------------------------------------------------------------------------- 1 | /** @file 2 | ***************************************************************************** 3 | 4 | Declaration of functionality that runs the RAM zkSNARK for 5 | a given RAM example. 6 | 7 | ***************************************************************************** 8 | * @author This file is part of libsnark, developed by SCIPR Lab 9 | * and contributors (see AUTHORS). 10 | * @copyright MIT license (see LICENSE file) 11 | *****************************************************************************/ 12 | 13 | #ifndef RUN_RAM_ZKSNARK_HPP_ 14 | #define RUN_RAM_ZKSNARK_HPP_ 15 | 16 | #include 17 | #include 18 | 19 | namespace libsnark { 20 | 21 | /** 22 | * Runs the zkSNARK (generator, prover, and verifier) for a given 23 | * RAM example (specified by an architecture, boot trace, auxiliary input, and time bound). 24 | * 25 | * Optionally, also test the serialization routines for keys and proofs. 26 | * (This takes additional time.) 27 | */ 28 | template 29 | bool run_ram_zksnark(const ram_example > &example, 30 | const bool test_serialization); 31 | 32 | } // libsnark 33 | 34 | #include 35 | 36 | #endif // RUN_RAM_ZKSNARK_HPP_ 37 | -------------------------------------------------------------------------------- /libsnark/zk_proof_systems/zksnark/ram_zksnark/tests/test_ram_zksnark.cpp: -------------------------------------------------------------------------------- 1 | /** 2 | ***************************************************************************** 3 | * @author This file is part of libsnark, developed by SCIPR Lab 4 | * and contributors (see AUTHORS). 5 | * @copyright MIT license (see LICENSE file) 6 | *****************************************************************************/ 7 | #include 8 | 9 | #include 10 | #include 11 | #include 12 | #include 13 | 14 | using namespace libsnark; 15 | 16 | template 17 | void test_ram_zksnark(const size_t w, 18 | const size_t k, 19 | const size_t boot_trace_size_bound, 20 | const size_t time_bound) 21 | { 22 | typedef ram_zksnark_machine_pp ramT; 23 | const ram_architecture_params ap(w, k); 24 | const ram_example example = gen_ram_example_complex(ap, boot_trace_size_bound, time_bound, true); 25 | const bool test_serialization = true; 26 | const bool ans = run_ram_zksnark(example, test_serialization); 27 | assert(ans); 28 | } 29 | 30 | int main(void) 31 | { 32 | libff::start_profiling(); 33 | ram_zksnark_PCD_pp::init_public_params(); 34 | 35 | const size_t w = 32; 36 | const size_t k = 16; 37 | 38 | const size_t boot_trace_size_bound = 20; 39 | const size_t time_bound = 10; 40 | 41 | test_ram_zksnark(w, k, boot_trace_size_bound, time_bound); 42 | } 43 | -------------------------------------------------------------------------------- /tinyram_examples/.gitignore: -------------------------------------------------------------------------------- 1 | *-architecture_params.txt 2 | *-processed_assembly.txt 3 | -------------------------------------------------------------------------------- /tinyram_examples/answer0/answer0-auxiliary_input.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scipr-lab/libsnark/6c705e3135f585c222813654caedc86520fda1f6/tinyram_examples/answer0/answer0-auxiliary_input.txt -------------------------------------------------------------------------------- /tinyram_examples/answer0/answer0-computation_bounds.txt: -------------------------------------------------------------------------------- 1 | 10 2 32 2 | -------------------------------------------------------------------------------- /tinyram_examples/answer0/answer0-primary_input.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scipr-lab/libsnark/6c705e3135f585c222813654caedc86520fda1f6/tinyram_examples/answer0/answer0-primary_input.txt -------------------------------------------------------------------------------- /tinyram_examples/answer0/answer0.s: -------------------------------------------------------------------------------- 1 | ; TinyRAM V=2.000 M=vn W=16 K=16 2 | store.w 0, r0 3 | mov r0, 32768 4 | read r1, 0 5 | cjmp 28 6 | add r0, r0, 2 7 | store.w r0, r1 8 | jmp 12 9 | store.w 32768, r0 10 | answer 0 11 | -------------------------------------------------------------------------------- /tinyram_examples/answer1/answer1-auxiliary_input.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scipr-lab/libsnark/6c705e3135f585c222813654caedc86520fda1f6/tinyram_examples/answer1/answer1-auxiliary_input.txt -------------------------------------------------------------------------------- /tinyram_examples/answer1/answer1-computation_bounds.txt: -------------------------------------------------------------------------------- 1 | 10 0 16 2 | -------------------------------------------------------------------------------- /tinyram_examples/answer1/answer1-primary_input.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scipr-lab/libsnark/6c705e3135f585c222813654caedc86520fda1f6/tinyram_examples/answer1/answer1-primary_input.txt -------------------------------------------------------------------------------- /tinyram_examples/answer1/answer1.s: -------------------------------------------------------------------------------- 1 | ; TinyRAM V=2.000 M=vn W=16 K=16 2 | store.w 0, r0 3 | mov r0, 32768 4 | read r1, 0 5 | cjmp 28 6 | add r0, r0, 2 7 | store.w r0, r1 8 | jmp 12 9 | store.w 32768, r0 10 | answer 1 11 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack-indirect/knapsack-indirect-auxiliary_input.txt: -------------------------------------------------------------------------------- 1 | 2 4 2 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack-indirect/knapsack-indirect-computation_bounds.txt: -------------------------------------------------------------------------------- 1 | 25 10 32 2 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack-indirect/knapsack-indirect-primary_input.txt: -------------------------------------------------------------------------------- 1 | 10 2 3 5 7 2 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack-indirect/knapsack-indirect.s: -------------------------------------------------------------------------------- 1 | ; TinyRAM V=2.000 M=vn W=16 K=16 2 | ;;; knapsack with indirect addressing 3 | ;;; primary input: TARGET a_1 a_2 ... a_{k} 4 | ;;; auxiliary input: idx_1 idx_2 ... idx_l in sorted order 5 | ;;; answer = TARGET - (a_{idx_1} + ... + a_{idx_l}) 6 | ;;; 7 | ;;; register usage: 8 | ;;; r0 -- last memory location used (set by prelude, unchanged by us) 9 | ;;; r1 -- last idx_i read 10 | ;;; r2 -- current idx_i read 11 | ;;; r3 -- address for a_{idx_i} 12 | ;;; r4 -- value of a_{idx_i} 13 | ;;; r5 -- running sum 14 | ;;; r6 -- target value, target value - running sum 15 | store.w 0, r0 ; 0: 16 | mov r0, 32768 ; 4: 17 | read r1, 0 ; 8: 18 | cjmp 28 ; 12: 19 | add r0, r0, 2 ; 16: 20 | store.w r0, r1 ; 20: 21 | jmp 8 ; 24: 22 | store.w 32768, r0 ; 28: end of prelude 23 | _loop: read r2, 1 ; 32: read idx_i 24 | cjmp _done ; 36: if tape ended go and perform the final comparison 25 | cmpae r1, r2 ; 40: if r1 >= r2 the auxiliary input is incorrect and we answer 1 26 | cjmp _fail ; 44: 27 | mov r1, r2 ; 48: set r1 := r2 for the next loop iteration 28 | mull r3, r2, 2 ; 52: compute r3 = 32770 + idx_i * 2 29 | cjmp _fail ; 56: (fail if overflow) 30 | add r3, r3, 32770 ; 60: 31 | cjmp _fail ; 64: (fail if overflow) 32 | load.w r4, r3 ; 68: load [a_{idx_i}]. note that this could be past end but those values are 0 and thus don't affect knapsack 33 | add r5, r5, r4 ; 72: update the running sum 34 | jmp _loop ; 76: perform the next iteration 35 | _done: load.w r6, 32770 ; 80: r6 = [32770] = target 36 | sub r6, r6, r5 ; 84: now r6 = target - running sum 37 | answer r6 ; 88: accepts (i.e. "answer 0") only if if target=running sum 38 | _fail: answer 1 ; 92: failure case for double reads 39 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack/knapsack-auxiliary_input.txt: -------------------------------------------------------------------------------- 1 | 1 0 1 0 2 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack/knapsack-computation_bounds.txt: -------------------------------------------------------------------------------- 1 | 25 10 64 2 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack/knapsack-primary_input.txt: -------------------------------------------------------------------------------- 1 | 10 2 3 5 7 2 | -------------------------------------------------------------------------------- /tinyram_examples/knapsack/knapsack.s: -------------------------------------------------------------------------------- 1 | ; TinyRAM V=2.000 M=vn W=16 K=16 2 | ;;; knapsack 3 | ;;; primary input: TARGET a_1 a_2 ... a_k 4 | ;;; auxiliary input: b_k b_{k-1} ... b_1 5 | ;;; answer = TARGET - (a_1 * b_1 + ... + a_k * b_k) (or answer 1 if b_i's are not all 0/1) 6 | store.w 0, r0 ; 0: 7 | mov r0, 32768 ; 4: 8 | read r1, 0 ; 8: 9 | cjmp 28 ; 12: 10 | add r0, r0, 14 ; 16: 11 | store.w r0, r1 ; 20: 12 | jmp 8 ; 24: 13 | store.w 32768, r0 ; 28: end of prelude 14 | _loop: cmpe r0, 32770 ; 32: 15 | cjmp _bail ; 36: bail out if end of input 16 | load.w r1, r0 ; 40: read [r0] into r1 17 | sub r0, r0, 2 ; 44: r0 -= 2 18 | read r2, 1 ; 48: read auxiliary input in r2 (note that pairs are processed in reverse order) 19 | cmpa r2, 1 ; 52: abort if r2 > 1 20 | cjmp _fail ; 56: 21 | mull r3, r1, r2 ; 60: r3 = [r0] * aux 22 | add r4, r4, r3 ; 64: r4 += [r0] * aux 23 | jmp _loop ; 68: another iteration 24 | _bail: load.w r5, r0 ; 72: r5 = [r0] = [32770] 25 | sub r4, r4, r5 ; 76: check if cumulative sum is [32770] 26 | answer r4 ; 80: 27 | _fail: answer 1 ; 84: 28 | -------------------------------------------------------------------------------- /tinyram_examples/run_demo_arithmetization: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | [ -z $1 ] && echo "Usage: $0 " && exit 1 3 | set -x -e 4 | ./process_assembly $1/$1.s $1/$1-processed_assembly.txt $1/$1-architecture_params.txt 5 | ../build/libsnark/demo_arithmetization \ 6 | --architecture_params=$1/$1-architecture_params.txt \ 7 | --assembly=$1/$1.s \ 8 | --processed_assembly=$1/$1-processed_assembly.txt \ 9 | --computation_bounds=$1/$1-computation_bounds.txt \ 10 | --primary_input=$1/$1-primary_input.txt \ 11 | --auxiliary_input=$1/$1-auxiliary_input.txt 12 | -------------------------------------------------------------------------------- /tinyram_examples/run_demo_ram_ppzksnark: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | [ -z $1 ] && echo "Usage: $0 " && exit 1 3 | set -x -e 4 | ./process_assembly $1/$1.s $1/$1-processed_assembly.txt $1/$1-architecture_params.txt 5 | ../build/libsnark/demo_ram_ppzksnark \ 6 | --architecture_params=$1/$1-architecture_params.txt \ 7 | --assembly=$1/$1.s \ 8 | --processed_assembly=$1/$1-processed_assembly.txt \ 9 | --computation_bounds=$1/$1-computation_bounds.txt \ 10 | --primary_input=$1/$1-primary_input.txt \ 11 | --auxiliary_input=$1/$1-auxiliary_input.txt 12 | -------------------------------------------------------------------------------- /tinyram_examples/run_ram_ppzksnark_gpv: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | [ -z $1 ] && echo "Usage: $0 " && exit 1 3 | set -x -e 4 | EXNAME=$1 5 | BASE=$EXNAME/$EXNAME 6 | 7 | ./process_assembly $BASE.s $BASE-processed_assembly.txt $BASE-architecture_params.txt 8 | ../build/libsnark/demo_ram_ppzksnark_generator \ 9 | --architecture_params=$BASE-architecture_params.txt \ 10 | --computation_bounds=$BASE-computation_bounds.txt \ 11 | --proving_key=$BASE-proving_key.txt \ 12 | --verification_key=$BASE-verification_key.txt 13 | ../build/libsnark/demo_ram_ppzksnark_prover \ 14 | --processed_assembly=$BASE-processed_assembly.txt \ 15 | --proving_key=$BASE-proving_key.txt \ 16 | --primary_input=$BASE-primary_input.txt \ 17 | --auxiliary_input=$BASE-auxiliary_input.txt \ 18 | --proof=$BASE-proof.txt 19 | ../build/libsnark/demo_ram_ppzksnark_verifier \ 20 | --processed_assembly=$BASE-processed_assembly.txt \ 21 | --verification_key=$BASE-verification_key.txt \ 22 | --proof=$BASE-proof.txt \ 23 | --primary_input=$BASE-primary_input.txt \ 24 | --verification_result=$BASE-verification_result.txt 25 | --------------------------------------------------------------------------------