tornado-packages/circomlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'iden3/master' into feat/audit_fixes

Browse Source
This commit is contained in:
Kobi Gurkan 2019-12-11 18:33:31 +02:00
commit 3478226049
16 changed files with 61 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
circuits/escalarmul.circom
View File

@ -1,4 +1,4 @@
/* /*
Copyright 2018 0KIMS association. Copyright 2018 0KIMS association.
This file is part of circom (Zero Knowledge Circuit Compiler). This file is part of circom (Zero Knowledge Circuit Compiler).
@ -71,7 +71,7 @@ template EscalarMulWindow(base, k) {
signal input sel[4]; signal input sel[4];
signal output out[2]; signal output out[2];
component table; var table;
component mux; component mux;
component adder; component adder;
@ -86,8 +86,8 @@ template EscalarMulWindow(base, k) {
} }
for (i=0; i<16; i++) { for (i=0; i<16; i++) {
table.out[i][0] ==> mux.c[0][i]; mux.c[0][i] <== table[i][0];
table.out[i][1] ==> mux.c[1][i]; mux.c[1][i] <== table[i][1];
} }
in[0] ==> adder.x1; in[0] ==> adder.x1;

14
circuits/escalarmulw4table.circom
View File

@ -27,8 +27,8 @@ function pointAdd(x1,y1,x2,y2) {
return res; return res;
} }
template EscalarMulW4Table(base, k) { function EscalarMulW4Table(base, k) {
signal output out[16][2]; var out[16][2];
var i; var i;
var p[2]; var p[2];
@ -39,11 +39,13 @@ template EscalarMulW4Table(base, k) {
dbl = pointAdd(dbl[0], dbl[1], dbl[0], dbl[1]); dbl = pointAdd(dbl[0], dbl[1], dbl[0], dbl[1]);
} }
out[0][0] <== 0; out[0][0] = 0;
out[0][1] <== 1; out[0][1] = 1;
for (i=1; i<16; i++) { for (i=1; i<16; i++) {
p = pointAdd(out[i-1][0], out[i-1][1], dbl[0], dbl[1]); p = pointAdd(out[i-1][0], out[i-1][1], dbl[0], dbl[1]);
out[i][0] <== p[0]; out[i][0] = p[0];
out[i][1] <== p[1]; out[i][1] = p[1];
} }
return out;
} }

2
package-lock.json generated
View File

@ -1,6 +1,6 @@
{ {
"name": "circomlib", "name": "circomlib",
"version": "0.0.19", "version": "0.0.20",
"lockfileVersion": 1, "lockfileVersion": 1,
"requires": true, "requires": true,
"dependencies": { "dependencies": {

4
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "circomlib", "name": "circomlib",
"version": "0.0.19", "version": "0.0.20",
"description": "Basic circuits library for Circom", "description": "Basic circuits library for Circom",
"main": "index.js", "main": "index.js",
"directories": { "directories": {
@ -31,7 +31,7 @@
"web3": "^1.0.0-beta.55" "web3": "^1.0.0-beta.55"
}, },
"devDependencies": { "devDependencies": {
"circom": "0.0.34", "circom": "0.0.35",
"eslint-plugin-mocha": "^5.2.0", "eslint-plugin-mocha": "^5.2.0",
"ganache-cli": "^6.4.4", "ganache-cli": "^6.4.4",
"mocha": "^5.2.0" "mocha": "^5.2.0"

4
test/aliascheck.js
View File

@ -56,7 +56,7 @@ describe("Aliascheck test", () => {
circuit.calculateWitness({in: inp}); circuit.calculateWitness({in: inp});
assert(false); assert(false);
} catch(err) { } catch(err) {
assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) );
assert(err.message.indexOf("1 != 0") >= 0); assert(err.message.indexOf("1 != 0") >= 0);
} }
}); });
@ -68,7 +68,7 @@ describe("Aliascheck test", () => {
circuit.calculateWitness({in: inp}); circuit.calculateWitness({in: inp});
assert(false); assert(false);
} catch(err) { } catch(err) {
assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) );
assert(err.message.indexOf("1 != 0") >= 0); assert(err.message.indexOf("1 != 0") >= 0);
} }
}); });

5
test/babyjub.js
View File

@ -100,12 +100,12 @@ describe("Baby Jub test", function () {
circuitTest.calculateWitness({x: 1, y: 0}); circuitTest.calculateWitness({x: 1, y: 0});
assert(false, "Should be a valid point"); assert(false, "Should be a valid point");
} catch(err) { } catch(err) {
assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(/Constraint\sdoesn't\smatch(.*)168700\s!=\s1/.test(err.message) );
assert(err.message.indexOf("168700 != 1") >= 0); assert(err.message.indexOf("168700 != 1") >= 0);
} }
}); });
it("Should extract the public key from the private one", async () => { it("Should extract the public key from the private one", async () => {
const rawpvk = Buffer.from("0001020304050607080900010203040506070809000102030405060708090021", "hex"); const rawpvk = Buffer.from("0001020304050607080900010203040506070809000102030405060708090021", "hex");
const pvk = eddsa.pruneBuffer(createBlakeHash("blake512").update(rawpvk).digest().slice(0,32)); const pvk = eddsa.pruneBuffer(createBlakeHash("blake512").update(rawpvk).digest().slice(0,32));
@ -122,4 +122,5 @@ describe("Baby Jub test", function () {
const w = circuitPbk.calculateWitness(input); const w = circuitPbk.calculateWitness(input);
assert(circuitPbk.checkWitness(w)); assert(circuitPbk.checkWitness(w));
}); });
}); });

2
test/binsum.js
View File

@ -23,7 +23,7 @@ describe("Sum test", () => {
it("Should create a sum circuit", async () => { it("Should create a sum circuit", async () => {
const cirDef = await compiler(path.join(__dirname, "circuits", "sum_test.circom")); const cirDef = await compiler(path.join(__dirname, "circuits", "sum_test.circom"));
assert.equal(cirDef.nVars, 101); assert.equal(cirDef.nVars, 97); // 32 (in1) + 32(in2) + 32(out) + 1 (carry)
const circuit = new snarkjs.Circuit(cirDef); const circuit = new snarkjs.Circuit(cirDef);

2
test/circuits/escalarmul_min_test.circom
View File

@ -8,7 +8,7 @@ template Main() {
var i; var i;
var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553,
16950150798460657717958625567821834550301663161624707787222815936182638968203] 16950150798460657717958625567821834550301663161624707787222815936182638968203];
component escalarMul = EscalarMul(256, base); component escalarMul = EscalarMul(256, base);

2
test/circuits/escalarmul_test.circom
View File

@ -7,7 +7,7 @@ template Main() {
signal output out[2]; signal output out[2];
var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553,
16950150798460657717958625567821834550301663161624707787222815936182638968203] 16950150798460657717958625567821834550301663161624707787222815936182638968203];
component n2b = Num2Bits(253); component n2b = Num2Bits(253);

2
test/circuits/escalarmul_test_min.circom
View File

@ -8,7 +8,7 @@ template Main() {
var i; var i;
var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553,
16950150798460657717958625567821834550301663161624707787222815936182638968203] 16950150798460657717958625567821834550301663161624707787222815936182638968203];
component escalarMul = EscalarMul(256, base); component escalarMul = EscalarMul(256, base);

6
test/circuits/escalarmulw4table_test.circom
View File

@ -7,10 +7,10 @@ template Main() {
var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553,
16950150798460657717958625567821834550301663161624707787222815936182638968203]; 16950150798460657717958625567821834550301663161624707787222815936182638968203];
component escalarMul = EscalarMulW4Table(base, 0); var escalarMul = EscalarMulW4Table(base, 0);
for (var i=0; i<16; i++) { for (var i=0; i<16; i++) {
out[i][0] <== escalarMul.out[i][0]*in; out[i][0] <== escalarMul[i][0]*in;
out[i][1] <== escalarMul.out[i][1]*in; out[i][1] <== escalarMul[i][1]*in;
} }
} }

6
test/circuits/escalarmulw4table_test3.circom
View File

@ -7,10 +7,10 @@ template Main() {
var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553, var base = [5299619240641551281634865583518297030282874472190772894086521144482721001553,
16950150798460657717958625567821834550301663161624707787222815936182638968203]; 16950150798460657717958625567821834550301663161624707787222815936182638968203];
component escalarMul = EscalarMulW4Table(base, 3); var escalarMul = EscalarMulW4Table(base, 3);
for (var i=0; i<16; i++) { for (var i=0; i<16; i++) {
out[i][0] <== escalarMul.out[i][0]*in; out[i][0] <== escalarMul[i][0]*in;
out[i][1] <== escalarMul.out[i][1]*in; out[i][1] <== escalarMul[i][1]*in;
} }
} }

3
test/eddsamimc.js
View File

@ -67,8 +67,7 @@ describe("EdDSA MiMC test", function () {
M: msg}); M: msg});
assert(false); assert(false);
} catch(err) { } catch(err) {
assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) );
assert(err.message.indexOf("1 != 0") >= 0);
} }
}); });

3
test/eddsaposeidon.js
View File

@ -67,8 +67,7 @@ describe("EdDSA Poseidon test", function () {
M: msg}); M: msg});
assert(false); assert(false);
} catch(err) { } catch(err) {
assert(err.message.indexOf("Constraint doesn't match") >= 0); assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) );
assert(err.message.indexOf("1 != 0") >= 0);
} }
}); });

42
test/escalarmul.js
View File

@ -38,6 +38,8 @@ describe("Exponentioation test", () => {
const w = circuit.calculateWitness({in: 1}); const w = circuit.calculateWitness({in: 1});
assert(circuit.checkWitness(w));
let g = [bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), let g = [bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]
@ -46,12 +48,12 @@ describe("Exponentioation test", () => {
for (let i=0; i<16; i++) { for (let i=0; i<16; i++) {
const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)]; const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)];
const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)]; const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)];
/*
console.log(xout1.toString()); // console.log(xout1.toString());
console.log(yout1.toString()); // console.log(yout1.toString());
console.log(dbl[0]); // console.log(dbl[0]);
console.log(dbl[1]); // console.log(dbl[1]);
*/
assert(xout1.equals(dbl[0])); assert(xout1.equals(dbl[0]));
assert(yout1.equals(dbl[1])); assert(yout1.equals(dbl[1]));
@ -74,6 +76,8 @@ describe("Exponentioation test", () => {
const w = circuit.calculateWitness({in: 1}); const w = circuit.calculateWitness({in: 1});
assert(circuit.checkWitness(w));
let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"), let g = [snarkjs.bigInt("5299619240641551281634865583518297030282874472190772894086521144482721001553"),
snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")] snarkjs.bigInt("16950150798460657717958625567821834550301663161624707787222815936182638968203")]
@ -87,12 +91,12 @@ describe("Exponentioation test", () => {
const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)]; const xout1 = w[circuit.getSignalIdx(`main.out[${i}][0]`)];
const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)]; const yout1 = w[circuit.getSignalIdx(`main.out[${i}][1]`)];
/*
console.log(xout1.toString()); // console.log(xout1.toString());
console.log(yout1.toString()); // console.log(yout1.toString());
console.log(dbl[0]); // console.log(dbl[0]);
console.log(dbl[1]); // console.log(dbl[1]);
*/
assert(xout1.equals(dbl[0])); assert(xout1.equals(dbl[0]));
assert(yout1.equals(dbl[1])); assert(yout1.equals(dbl[1]));
@ -102,7 +106,7 @@ describe("Exponentioation test", () => {
}); });
it("Should exponentiate g^31", async () => { it("Should exponentiate g^31", async () => {
const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom")); const cirDef = await compiler(path.join(__dirname, "circuits", "escalarmul_test.circom"), {reduceConstraints: true});
// console.log(JSON.stringify(cirDef, null, 1)); // console.log(JSON.stringify(cirDef, null, 1));
@ -146,12 +150,12 @@ describe("Exponentioation test", () => {
c = addPoint(c,c); c = addPoint(c,c);
} }
c = addPoint(c,g); c = addPoint(c,g);
/*
console.log(xout2.toString()); // console.log(xout2.toString());
console.log(yout2.toString()); // console.log(yout2.toString());
console.log(c[0].toString()); // console.log(c[0].toString());
console.log(c[1].toString()); // console.log(c[1].toString());
*/
assert(xout2.equals(c[0])); assert(xout2.equals(c[0]));
assert(yout2.equals(c[1])); assert(yout2.equals(c[1]));

6
test/multiplexer.js
View File

@ -43,6 +43,8 @@ describe("Mux4 test", () => {
for (let i=0; i<16; i++) { for (let i=0; i<16; i++) {
const w = circuit.calculateWitness({ "selector": i }); const w = circuit.calculateWitness({ "selector": i });
assert(circuit.checkWitness(w));
assert(w[0].equals(bigInt(1))); assert(w[0].equals(bigInt(1)));
// console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString()); // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());
@ -96,6 +98,8 @@ describe("Mux4 test", () => {
for (let i=0; i<4; i++) { for (let i=0; i<4; i++) {
const w = circuit.calculateWitness({ "selector": i }); const w = circuit.calculateWitness({ "selector": i });
assert(circuit.checkWitness(w));
assert(w[0].equals(bigInt(1))); assert(w[0].equals(bigInt(1)));
// console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString()); // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());
@ -118,6 +122,8 @@ describe("Mux4 test", () => {
for (let i=0; i<2; i++) { for (let i=0; i<2; i++) {
const w = circuit.calculateWitness({ "selector": i }); const w = circuit.calculateWitness({ "selector": i });
assert(circuit.checkWitness(w));
assert(w[0].equals(bigInt(1))); assert(w[0].equals(bigInt(1)));
// console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString()); // console.log(i + " -> " + w[circuit.getSignalIdx("main.out")].toString());