circomlib/circuits
2020-08-10 13:18:02 +03:00
..
sha256 sha256 with number of bits as a paramter 2019-09-05 16:41:58 +02:00
smt Update references to Poseidon hash in the project 2020-08-10 13:18:02 +03:00
aliascheck.circom makes S value in eddsa signatures be 251 bit, uses alias checks with enabled flag and adds eddsamimcsponge test 2019-11-23 21:36:06 +02:00
babyjub.circom adds comment about baby pbk public key extraction 2019-12-01 15:38:38 +02:00
binsub.circom Substractor 2018-12-16 11:27:29 +01:00
binsum.circom adds comments to binsum 2019-11-23 19:24:02 +02:00
bitify.circom escalarmulfix uses segments of 246 and adds comments on limits 2019-11-23 22:00:11 +02:00
comparators.circom Update web3 2019-07-08 14:08:04 +02:00
compconstant.circom Substractor 2018-12-16 11:27:29 +01:00
eddsa.circom makes S value in eddsa signatures be 251 bit, uses alias checks with enabled flag and adds eddsamimcsponge test 2019-11-23 21:36:06 +02:00
eddsamimc.circom makes S value in eddsa signatures be 251 bit, uses alias checks with enabled flag and adds eddsamimcsponge test 2019-11-23 21:36:06 +02:00
eddsamimcsponge.circom makes S value in eddsa signatures be 251 bit, uses alias checks with enabled flag and adds eddsamimcsponge test 2019-11-23 21:36:06 +02:00
eddsaposeidon.circom Update references to Poseidon hash in the project 2020-08-10 13:18:02 +03:00
escalarmul.circom Convert constant components to functions 2019-12-04 21:57:02 +01:00
escalarmulany.circom Support mutiply by point 0 in scalarmulany 2019-09-05 17:10:20 +02:00
escalarmulfix.circom escalarmulfix uses segments of 246 and adds comments on limits 2019-11-23 22:00:11 +02:00
escalarmulw4table.circom Convert constant components to functions 2019-12-04 21:57:02 +01:00
gates.circom Verification not working 2018-12-15 09:00:35 +01:00
mimc.circom Adapt the way to connect mimcs 2019-04-28 12:03:15 +01:00
mimcsponge.circom Convert constant components to functions 2019-12-04 21:57:02 +01:00
montgomery.circom escalarmulfix uses segments of 246 and adds comments on limits 2019-11-23 22:00:11 +02:00
multiplexer.circom fixed Multiplexer name and usage of old syntax 2019-02-23 20:16:06 -05:00
mux1.circom Update web3 2019-07-08 14:08:04 +02:00
mux2.circom Update web3 2019-07-08 14:08:04 +02:00
mux3.circom Substractor 2018-12-16 11:27:29 +01:00
mux4.circom Substractor 2018-12-16 11:27:29 +01:00
pedersen_old.circom Substractor 2018-12-16 11:27:29 +01:00
pedersen.circom escalarmulfix uses segments of 246 and adds comments on limits 2019-11-23 22:00:11 +02:00
pointbits.circom Substractor 2018-12-16 11:27:29 +01:00
poseidon_constants.circom Rewrite Poseidon hash implementation to be compatible with reference implementation 2020-08-10 13:13:45 +03:00
poseidon.circom Rewrite Poseidon hash implementation to be compatible with reference implementation 2020-08-10 13:13:45 +03:00
README.md Update references to Poseidon hash in the project 2020-08-10 13:18:02 +03:00
sign.circom Substractor 2018-12-16 11:27:29 +01:00
switcher.circom Substractor 2018-12-16 11:27:29 +01:00

CircomLib/Circuits

Description

  • This folder contains circuit templates for standard operations and many cryptographic primitives.
  • Below you can find specifications of each function. In the representation of elements, there are three tyes:
    • Binary
    • String
    • Field element (the field is specified in each case. We consider 2 possible fields: Fp and Fr, where p... and r... .)

Table of Contents

[TOC]

Jordi

Circuits

sha256

Folder containing the implementation of sha256 hash circuit.

smt

Folder containing the circuit implementation of Sparse Merkle Trees.

aliascheck

  • AliasCheck()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

babyjub

Arithmetic on Baby Jubjub elliptic curve in twisted Edwards form. (TODO: Expose here the characteristics of the curve?)

  • BabyAdd()

    • DESCRIPTION

      It adds two points on the Baby Jubjub curve. More specifically, given two points P1 = (x1, y1) and P2 = (x2, y2) it returns a point P3 = (xout, yout) such that

      (xout, yout) = (x1,y1) + (x2,y2) = ((x1y2+y1x2)/(1+dx1x2y1y2)),(y1y2-ax1x2)/(1-dx1x2y1y2))

    • SCHEMA

                                       var a     var d
                                         |         |
                                         |         |
                                   ______v_________v_______     
                  input x1 ---->  |                        |
                  input y1 ---->  |        BabyAdd()       | ----> output xout
                  input x2 ---->  |                        | ----> output yout
                  input y2 ---->  |________________________|     
      
    • INPUTS

      Input Representation Description
      x1 Bigint Field element of Fp First coordinate of a point (x1, y1) on E.
      y1 Bigint Field element of Fp Second coordinate of a point (x1, y1) on E.
      x2 Bigint Field element of Fp First coordinate of a point (x2, y2) on E.
      y2 Bigint Field element of Fp Second coordinate of a point (x2, y2) on E.

      Requirement: at least x1!=x2 or y1!=y2.

    • OUTPUT

      Input Representation Description
      xout Bigint Field element of Fp First coordinate of the addition point (xout, yout) = (x1, y1) + (x2, y2).
      yout Bigint Field element of Fp Second coordinate of the addition point (xout, yout) = (x1, y1) + (x2, y2).
    • BENCHMARKS (constraints)

    • EXAMPLE

  • BabyDbl()

    • DESCRIPTION : doubles a point (xout,yout) = 2*(x,y).
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • BabyCheck()

    • DESCRIPTION : checks if a given point is in the curve.
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • BabyPbk()

    • DESCRIPTION: : given a private key, it returns the associated public key.
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

binsub

  • BinSub(n)

    • DESCRIPTION: binary substraction.
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

binsum

  • nbits(a)

    • DESCRIPTION : binary sum.
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • BinSum(n, ops)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

bitify

  • Num2Bits()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Num2Bits_strict()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Bits2Num()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Bits2Num_strict()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Num2BitsNeg()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

comparators

  • IsZero()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • IsEqual()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • ForceEqualIfEnabled()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • LessThan()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • GreaterThan()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • GreaterEqThan()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

compconstant

  • CompConstant(ct)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

eddsa

Edwards Digital Signature Algorithm in Baby Jubjbub (link a eddsa)

  • EdDSAVerifier(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

eddsamimc

  • EdDSAMiMCVerifier()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

eddsamimcsponge

  • EdDSAMiMCSpongeVerifier()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

eddsaposeidon

  • EdDSAPoseidonVerifier()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

escalarmul

  • EscalarMulWindow(base, k)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • EscalarMul(n, base)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

escalarmulany

  • Multiplexor2()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • BitElementMulAny()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • SegmentMulAny(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • EscalarMulAny(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

escalarmulfix

  • WindowMulFix()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • SegmentMulFix(nWindows)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • EscalarMulFix(n, BASE)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

escalarmulw4table

  • pointAdd

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • EscalarMulW4Table

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

gates

  • XOR

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • AND

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • OR

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • NOT

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • NAND

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • NOR

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • MultiAND

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

mimc

Implementation of MiMC-7 hash in Fp being... (link to description of the hash)

  • MiMC7(nrounds)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • MultiMiMC7(nInputs, nRounds)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

mimcsponge

  • MiMCSponge(nInputs, nOutputs)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • MiMCFeistel(nrounds)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

montgomery

  • Edwards2Montgomery()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Montgomery2Edwards()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • MontgomeryAdd()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • MontgomeryDouble()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

multiplexer

  • log2(a)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • EscalarProduct(w)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Decoder(w)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Multiplexer(wIn, nIn)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

mux1

  • MultiMux1(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Mux1()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

mux2

  • MultiMux2(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Mux2()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

mux3

  • MultiMux3(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Mux3()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

mux4

  • MultiMux4(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Mux4()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

pedersen_old

Old version of the Pedersen hash (do not use any more?).

pedersen

  • Window4()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Segment(nWindows)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Pedersen(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

pointbits

  • sqrt(n)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Bits2Point()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Bits2Point_Strict()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Point2Bits

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Point2Bits_Strict

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

poseidon

Implementation of Poseidon hash function (LINK)

  • Sigma()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Ark(t, C, r)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Mix(t, M)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE
  • Poseidon(nInputs)

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

sign

  • Sign()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE

switcher

  • Switcher()

    • DESCRIPTION
    • SCHEMA
    • INPUT
    • OUTPUT
    • BENCHMARKS
    • EXAMPLE