From a1d4d1dca7c5744084df96108091688e0869ace9 Mon Sep 17 00:00:00 2001 From: Jordi Baylina Date: Wed, 4 Dec 2019 21:57:02 +0100 Subject: [PATCH 1/2] Convert constant components to functions --- circuits/escalarmul.circom | 8 ++-- circuits/escalarmulw4table.circom | 14 ++++--- circuits/mimcsponge.circom | 2 +- package.json | 2 +- test/aliascheck.js | 4 +- test/babyjub.js | 4 +- test/binsum.js | 2 +- test/circuits/escalarmul_min_test.circom | 2 +- test/circuits/escalarmul_test.circom | 2 +- test/circuits/escalarmul_test_min.circom | 2 +- test/circuits/escalarmulw4table_test.circom | 6 +-- test/circuits/escalarmulw4table_test3.circom | 6 +-- test/eddsamimc.js | 2 +- test/eddsaposeidon.js | 2 +- test/escalarmul.js | 42 +++++++++++--------- test/multiplexer.js | 6 +++ 16 files changed, 59 insertions(+), 47 deletions(-) diff --git a/circuits/escalarmul.circom b/circuits/escalarmul.circom index 34b0ff2..b3cc806 100644 --- a/circuits/escalarmul.circom +++ b/circuits/escalarmul.circom @@ -1,4 +1,4 @@ -/* + /* Copyright 2018 0KIMS association. This file is part of circom (Zero Knowledge Circuit Compiler). @@ -71,7 +71,7 @@ template EscalarMulWindow(base, k) { signal input sel[4]; signal output out[2]; - component table; + var table; component mux; component adder; @@ -86,8 +86,8 @@ template EscalarMulWindow(base, k) { } for (i=0; i<16; i++) { - table.out[i][0] ==> mux.c[0][i]; - table.out[i][1] ==> mux.c[1][i]; + mux.c[0][i] <== table[i][0]; + mux.c[1][i] <== table[i][1]; } in[0] ==> adder.x1; diff --git a/circuits/escalarmulw4table.circom b/circuits/escalarmulw4table.circom index 727197a..d056e66 100644 --- a/circuits/escalarmulw4table.circom +++ b/circuits/escalarmulw4table.circom @@ -27,8 +27,8 @@ function pointAdd(x1,y1,x2,y2) { return res; } -template EscalarMulW4Table(base, k) { - signal output out[16][2]; +function EscalarMulW4Table(base, k) { + var out[16][2]; var i; var p[2]; @@ -39,11 +39,13 @@ template EscalarMulW4Table(base, k) { dbl = pointAdd(dbl[0], dbl[1], dbl[0], dbl[1]); } - out[0][0] <== 0; - out[0][1] <== 1; + out[0][0] = 0; + out[0][1] = 1; for (i=1; i<16; i++) { p = pointAdd(out[i-1][0], out[i-1][1], dbl[0], dbl[1]); - out[i][0] <== p[0]; - out[i][1] <== p[1]; + out[i][0] = p[0]; + out[i][1] = p[1]; } + + return out; } diff --git a/circuits/mimcsponge.circom b/circuits/mimcsponge.circom index bffe002..701f2c3 100644 --- a/circuits/mimcsponge.circom +++ b/circuits/mimcsponge.circom @@ -279,7 +279,7 @@ template MiMCFeistel(nrounds) { t4[i] <== t2[i]*t2[i]; if (i { circuit.calculateWitness({in: inp}); assert(false); } catch(err) { - assert.equal(err.message, "Constraint doesn't match: 1 != 0"); + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); } }); @@ -67,7 +67,7 @@ describe("Aliascheck test", () => { circuit.calculateWitness({in: inp}); assert(false); } catch(err) { - assert.equal(err.message, "Constraint doesn't match: 1 != 0"); + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); } }); diff --git a/test/babyjub.js b/test/babyjub.js index f47db49..c650cfa 100644 --- a/test/babyjub.js +++ b/test/babyjub.js @@ -100,11 +100,11 @@ describe("Baby Jub test", function () { circuitTest.calculateWitness({x: 1, y: 0}); assert(false, "Should be a valid point"); } catch(err) { - assert.equal(err.message, "Constraint doesn't match: 168700 != 1"); + assert(/Constraint\sdoesn't\smatch(.*)168700\s!=\s1/.test(err.message) ); } }); - it("Should extract the public key from the private one", async () => { + it("Should extract the public key from the private one", async () => { const rawpvk = Buffer.from("0001020304050607080900010203040506070809000102030405060708090021", "hex"); const pvk = eddsa.pruneBuffer(createBlakeHash("blake512").update(rawpvk).digest().slice(0,32)); diff --git a/test/binsum.js b/test/binsum.js index effcfaf..099ad38 100644 --- a/test/binsum.js +++ b/test/binsum.js @@ -23,7 +23,7 @@ describe("Sum test", () => { it("Should create a sum circuit", async () => { const cirDef = await compiler(path.join(__dirname, "circuits", "sum_test.circom")); - assert.equal(cirDef.nVars, 101); + assert.equal(cirDef.nVars, 97); // 32 (in1) + 32(in2) + 32(out) + 1 (carry) const circuit = new snarkjs.Circuit(cirDef); diff --git a/test/circuits/escalarmul_min_test.circom b/test/circuits/escalarmul_min_test.circom index b497348..6973701 100644 --- a/test/circuits/escalarmul_min_test.circom +++ b/test/circuits/escalarmul_min_test.circom @@ -8,7 +8,7 @@ template Main() { var i; var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, - 16950150798460657717958625567821834550301663161624707787222815936182638968203] + 16950150798460657717958625567821834550301663161624707787222815936182638968203]; component escalarMul = EscalarMul(256, base); diff --git a/test/circuits/escalarmul_test.circom b/test/circuits/escalarmul_test.circom index 62c1db1..c15535d 100644 --- a/test/circuits/escalarmul_test.circom +++ b/test/circuits/escalarmul_test.circom @@ -7,7 +7,7 @@ template Main() { signal output out[2]; var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, - 16950150798460657717958625567821834550301663161624707787222815936182638968203] + 16950150798460657717958625567821834550301663161624707787222815936182638968203]; component n2b = Num2Bits(253); diff --git a/test/circuits/escalarmul_test_min.circom b/test/circuits/escalarmul_test_min.circom index b497348..6973701 100644 --- a/test/circuits/escalarmul_test_min.circom +++ b/test/circuits/escalarmul_test_min.circom @@ -8,7 +8,7 @@ template Main() { var i; var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, - 16950150798460657717958625567821834550301663161624707787222815936182638968203] + 16950150798460657717958625567821834550301663161624707787222815936182638968203]; component escalarMul = EscalarMul(256, base); diff --git a/test/circuits/escalarmulw4table_test.circom b/test/circuits/escalarmulw4table_test.circom index 59508f3..852628d 100644 --- a/test/circuits/escalarmulw4table_test.circom +++ b/test/circuits/escalarmulw4table_test.circom @@ -7,10 +7,10 @@ template Main() { var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, 16950150798460657717958625567821834550301663161624707787222815936182638968203]; - component escalarMul = EscalarMulW4Table(base, 0); + var escalarMul = EscalarMulW4Table(base, 0); for (var i=0; i<16; i++) { - out[i][0] <== escalarMul.out[i][0]*in; - out[i][1] <== escalarMul.out[i][1]*in; + out[i][0] <== escalarMul[i][0]*in; + out[i][1] <== escalarMul[i][1]*in; } } diff --git a/test/circuits/escalarmulw4table_test3.circom b/test/circuits/escalarmulw4table_test3.circom index bcfb4ba..52933fa 100644 --- a/test/circuits/escalarmulw4table_test3.circom +++ b/test/circuits/escalarmulw4table_test3.circom @@ -7,10 +7,10 @@ template Main() { var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, 16950150798460657717958625567821834550301663161624707787222815936182638968203]; - component escalarMul = EscalarMulW4Table(base, 3); + var escalarMul = EscalarMulW4Table(base, 3); for (var i=0; i<16; i++) { - out[i][0] <== escalarMul.out[i][0]*in; - out[i][1] <== escalarMul.out[i][1]*in; + out[i][0] <== escalarMul[i][0]*in; + out[i][1] <== escalarMul[i][1]*in; } } diff --git a/test/eddsamimc.js b/test/eddsamimc.js index 76f0a4f..e7f3f8e 100644 --- a/test/eddsamimc.js +++ b/test/eddsamimc.js @@ -67,7 +67,7 @@ describe("EdDSA MiMC test", function () { M: msg}); assert(false); } catch(err) { - assert.equal(err.message, "Constraint doesn't match: 1 != 0"); + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); } }); diff --git a/test/eddsaposeidon.js b/test/eddsaposeidon.js index 8b0e82a..5ed5b97 100644 --- a/test/eddsaposeidon.js +++ b/test/eddsaposeidon.js @@ -67,7 +67,7 @@ describe("EdDSA Poseidon test", function () { M: msg}); assert(false); } catch(err) { - assert.equal(err.message, "Constraint doesn't match: 1 != 0"); + assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) ); } }); diff --git a/test/escalarmul.js b/test/escalarmul.js index bc9e13b..f183550 100644 --- a/test/escalarmul.js +++ b/test/escalarmul.js @@ -38,6 +38,8 @@ describe("Exponentioation test", () => { const w = circuit.calculateWitness({in: 1}); + assert(circuit.checkWitness(w)); + let g = [bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] @@ -46,12 +48,12 @@ describe("Exponentioation test", () => { for (let i=0; i<16; i++) { const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)]; const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)]; -/* - console.log(xout1.toString()); - console.log(yout1.toString()); - console.log(dbl[0]); - console.log(dbl[1]); -*/ + + // console.log(xout1.toString()); + // console.log(yout1.toString()); + // console.log(dbl[0]); + // console.log(dbl[1]); + assert(xout1.equals(dbl[0])); assert(yout1.equals(dbl[1])); @@ -74,6 +76,8 @@ describe("Exponentioation test", () => { const w = circuit.calculateWitness({in: 1}); + assert(circuit.checkWitness(w)); + let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] @@ -87,12 +91,12 @@ describe("Exponentioation test", () => { const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)]; const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)]; -/* - console.log(xout1.toString()); - console.log(yout1.toString()); - console.log(dbl[0]); - console.log(dbl[1]); -*/ + + // console.log(xout1.toString()); + // console.log(yout1.toString()); + // console.log(dbl[0]); + // console.log(dbl[1]); + assert(xout1.equals(dbl[0])); assert(yout1.equals(dbl[1])); @@ -102,7 +106,7 @@ describe("Exponentioation test", () => { }); it("Should exponentiate g^31", async () => { - const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom")); + const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom"), {reduceConstraints: true}); // console.log(JSON.stringify(cirDef, null, 1)); @@ -146,12 +150,12 @@ describe("Exponentioation test", () => { c = addPoint(c,c); } c = addPoint(c,g); -/* - console.log(xout2.toString()); - console.log(yout2.toString()); - console.log(c[0].toString()); - console.log(c[1].toString()); -*/ + + // console.log(xout2.toString()); + // console.log(yout2.toString()); + // console.log(c[0].toString()); + // console.log(c[1].toString()); + assert(xout2.equals(c[0])); assert(yout2.equals(c[1])); diff --git a/test/multiplexer.js b/test/multiplexer.js index 62af0bb..ee62566 100644 --- a/test/multiplexer.js +++ b/test/multiplexer.js @@ -43,6 +43,8 @@ describe("Mux4 test", () => { for (let i=0; i<16; i++) { const w = circuit.calculateWitness({ "selector": i }); + assert(circuit.checkWitness(w)); + assert(w[0].equals(bigInt(1))); // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString()); @@ -96,6 +98,8 @@ describe("Mux4 test", () => { for (let i=0; i<4; i++) { const w = circuit.calculateWitness({ "selector": i }); + assert(circuit.checkWitness(w)); + assert(w[0].equals(bigInt(1))); // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString()); @@ -118,6 +122,8 @@ describe("Mux4 test", () => { for (let i=0; i<2; i++) { const w = circuit.calculateWitness({ "selector": i }); + assert(circuit.checkWitness(w)); + assert(w[0].equals(bigInt(1))); // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString()); From 3c2b566e6830b4b40ab945bb004480d3be34151f Mon Sep 17 00:00:00 2001 From: Jordi Baylina Date: Wed, 4 Dec 2019 21:57:32 +0100 Subject: [PATCH 2/2] 0.0.20 --- package-lock.json | 2 +- package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index ee38f2e..c05577b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "circomlib", - "version": "0.0.19", + "version": "0.0.20", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index c70341a..992fed2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "circomlib", - "version": "0.0.19", + "version": "0.0.20", "description": "Basic circuits library for Circom", "main": "index.js", "directories": {