|
|
||
|---|---|---|
| .. | ||
| sha256 | ||
| smt | ||
| aliascheck.circom | ||
| babyjub.circom | ||
| binsub.circom | ||
| binsum.circom | ||
| bitify.circom | ||
| comparators.circom | ||
| compconstant.circom | ||
| eddsa.circom | ||
| eddsamimc.circom | ||
| eddsamimcsponge.circom | ||
| eddsaposeidon.circom | ||
| escalarmul.circom | ||
| escalarmulany.circom | ||
| escalarmulfix.circom | ||
| escalarmulw4table.circom | ||
| gates.circom | ||
| mimc.circom | ||
| mimcsponge.circom | ||
| montgomery.circom | ||
| multiplexer.circom | ||
| mux1.circom | ||
| mux2.circom | ||
| mux3.circom | ||
| mux4.circom | ||
| pedersen_old.circom | ||
| pedersen.circom | ||
| pointbits.circom | ||
| poseidon.circom | ||
| README.md | ||
| sign.circom | ||
| switcher.circom | ||
CircomLib/Circuits
Description
- This folder contains circuit templates for standard operations and many cryptographic primitives.
- Below you can find specifications of each function. In the representation of elements, there are three tyes:
- Binary
- String
- Field element (the field is specified in each case. We consider 2 possible fields: Fp and Fr, where p... and r... .)
Table of Contents
[TOC]
Jordi
- compconstant - Returns 1 if
in(expanded to binary array) >ct - aliascheck - check if
in(expanded to binary array) oveflowed its 254 bits (<= -1) - babyjub - twisted Edwards curve 168700.x^2 + y^2 = 1 + 168696.x^2.y^2
- BabyAdd - (
xout,yout) = (x1,y1) + (x2,y2) - BabyDbl - (
xout,yout) = 2*(x,y) - BabyCheck - check that (
x,y) is on the curve
- BabyAdd - (
- binsub - binary subtraction
- gates - logical gates
- mimc - SNARK-friendly hash Minimal Multiplicative Complexity.
- smt - Sparse Merkle Tree
- montgomery https://en.wikipedia.org/wiki/Montgomery_curve
Circuits
sha256
Folder containing the implementation of sha256 hash circuit.
smt
Folder containing the circuit implementation of Sparse Merkle Trees.
aliascheck
-
AliasCheck()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
babyjub
Arithmetic on Baby Jubjub elliptic curve in twisted Edwards form. (TODO: Expose here the characteristics of the curve?)
-
BabyAdd()-
DESCRIPTION
It adds two points on the Baby Jubjub curve. More specifically, given two points P1 = (
x1,y1) and P2 = (x2,y2) it returns a point P3 = (xout,yout) such that(
xout,yout) = (x1,y1) + (x2,y2) = ((x1y2+y1x2)/(1+dx1x2y1y2)),(y1y2-ax1x2)/(1-dx1x2y1y2)) -
SCHEMA
var a var d | | | | ______v_________v_______ input x1 ----> | | input y1 ----> | BabyAdd() | ----> output xout input x2 ----> | | ----> output yout input y2 ----> |________________________| -
INPUTS
Input Representation Description x1Bigint Field element of Fp First coordinate of a point (x1, y1) on E. y1Bigint Field element of Fp Second coordinate of a point (x1, y1) on E. x2Bigint Field element of Fp First coordinate of a point (x2, y2) on E. y2Bigint Field element of Fp Second coordinate of a point (x2, y2) on E. Requirement: at least
x1!=x2ory1!=y2. -
OUTPUT
Input Representation Description xoutBigint Field element of Fp First coordinate of the addition point (xout, yout) = (x1, y1) + (x2, y2). youtBigint Field element of Fp Second coordinate of the addition point (xout, yout) = (x1, y1) + (x2, y2). -
BENCHMARKS (constraints)
-
EXAMPLE
-
-
BabyDbl()- DESCRIPTION : doubles a point (
xout,yout) = 2*(x,y). - SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
- DESCRIPTION : doubles a point (
-
BabyCheck()- DESCRIPTION : checks if a given point is in the curve.
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
BabyPbk()- DESCRIPTION: : given a private key, it returns the associated public key.
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
binsub
-
BinSub(n)- DESCRIPTION: binary substraction.
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
binsum
-
nbits(a)- DESCRIPTION : binary sum.
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
BinSum(n, ops)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
bitify
-
Num2Bits()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Num2Bits_strict()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Bits2Num()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Bits2Num_strict()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Num2BitsNeg()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
comparators
-
IsZero()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
IsEqual()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
ForceEqualIfEnabled()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
LessThan()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
GreaterThan()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
GreaterEqThan()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
compconstant
-
CompConstant(ct)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
eddsa
Edwards Digital Signature Algorithm in Baby Jubjbub (link a eddsa)
-
EdDSAVerifier(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
eddsamimc
-
EdDSAMiMCVerifier()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
eddsamimcsponge
-
EdDSAMiMCSpongeVerifier()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
eddsaposeidon
-
EdDSAPoseidonVerifier()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
escalarmul
-
EscalarMulWindow(base, k)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
EscalarMul(n, base)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
escalarmulany
-
Multiplexor2()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
BitElementMulAny()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
SegmentMulAny(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
EscalarMulAny(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
escalarmulfix
-
WindowMulFix()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
SegmentMulFix(nWindows)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
EscalarMulFix(n, BASE)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
escalarmulw4table
-
pointAdd- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
EscalarMulW4Table- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
gates
-
XOR- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
AND- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
OR- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
NOT- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
NAND- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
NOR- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
MultiAND- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
mimc
Implementation of MiMC-7 hash in Fp being... (link to description of the hash)
-
MiMC7(nrounds)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
MultiMiMC7(nInputs, nRounds)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
mimcsponge
-
MiMCSponge(nInputs, nRounds, nOutputs)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
MiMCFeistel(nrounds)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
montgomery
-
Edwards2Montgomery()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Montgomery2Edwards()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
MontgomeryAdd()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
MontgomeryDouble()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
multiplexer
-
log2(a)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
EscalarProduct(w)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Decoder(w)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Multiplexer(wIn, nIn)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
mux1
-
MultiMux1(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Mux1()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
mux2
-
MultiMux2(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Mux2()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
mux3
-
MultiMux3(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Mux3()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
mux4
-
MultiMux4(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Mux4()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
pedersen_old
Old version of the Pedersen hash (do not use any more?).
pedersen
-
Window4()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Segment(nWindows)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Pedersen(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
pointbits
-
sqrt(n)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Bits2Point()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Bits2Point_Strict()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Point2Bits- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Point2Bits_Strict- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
poseidon
Implementation of Poseidon hash function (LINK)
-
Sigma()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Ark(t, C)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Mix(t, M)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
-
Poseidon(nInputs, t, nRoundsF, nRoundsP)- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
sign
-
Sign()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE
switcher
-
Switcher()- DESCRIPTION
- SCHEMA
- INPUT
- OUTPUT
- BENCHMARKS
- EXAMPLE