Revert "Generate contract name by its name output"
This reverts commit 22a5b7bc46a0a1a69019af9feb99fe3cdbe1411b.
This commit is contained in:
parent
22a5b7bc46
commit
d2b3be19ef
17
cli.js
17
cli.js
@ -318,14 +318,12 @@ try {
|
|||||||
} else if (argv._[0].toUpperCase() == "GENERATEVERIFIER") {
|
} else if (argv._[0].toUpperCase() == "GENERATEVERIFIER") {
|
||||||
|
|
||||||
const verificationKey = unstringifyBigInts(JSON.parse(fs.readFileSync(verificationKeyName, "utf8")));
|
const verificationKey = unstringifyBigInts(JSON.parse(fs.readFileSync(verificationKeyName, "utf8")));
|
||||||
let contractName = path.parse(verifierName).name
|
|
||||||
contractName = contractName.charAt(0).toUpperCase() + contractName.slice(1)
|
|
||||||
|
|
||||||
let verifierCode;
|
let verifierCode;
|
||||||
if (verificationKey.protocol == "original") {
|
if (verificationKey.protocol == "original") {
|
||||||
verifierCode = generateVerifier_original(contractName,verificationKey);
|
verifierCode = generateVerifier_original(verificationKey);
|
||||||
} else if (verificationKey.protocol == "groth") {
|
} else if (verificationKey.protocol == "groth") {
|
||||||
verifierCode = generateVerifier_groth(contractName,verificationKey);
|
verifierCode = generateVerifier_groth(verificationKey);
|
||||||
} else {
|
} else {
|
||||||
throw new Error("InvalidProof");
|
throw new Error("InvalidProof");
|
||||||
}
|
}
|
||||||
@ -376,11 +374,9 @@ try {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
function generateVerifier_original(contractName, verificationKey) {
|
function generateVerifier_original(verificationKey) {
|
||||||
let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_original.sol"), "utf-8");
|
let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_original.sol"), "utf-8");
|
||||||
|
|
||||||
template = template.replace("<%contractName%>", contractName);
|
|
||||||
|
|
||||||
const vka_str = `[${verificationKey.vk_a[0][1].toString()},`+
|
const vka_str = `[${verificationKey.vk_a[0][1].toString()},`+
|
||||||
`${verificationKey.vk_a[0][0].toString()}], `+
|
`${verificationKey.vk_a[0][0].toString()}], `+
|
||||||
`[${verificationKey.vk_a[1][1].toString()},` +
|
`[${verificationKey.vk_a[1][1].toString()},` +
|
||||||
@ -426,7 +422,7 @@ function generateVerifier_original(contractName, verificationKey) {
|
|||||||
let vi = "";
|
let vi = "";
|
||||||
for (let i=0; i<verificationKey.IC.length; i++) {
|
for (let i=0; i<verificationKey.IC.length; i++) {
|
||||||
if (vi != "") vi = vi + " ";
|
if (vi != "") vi = vi + " ";
|
||||||
vi = vi + `vk.IC[${i}] = G1Point(${verificationKey.IC[i][0].toString()},`+
|
vi = vi + `vk.IC[${i}] = Pairing.G1Point(${verificationKey.IC[i][0].toString()},`+
|
||||||
`${verificationKey.IC[i][1].toString()});\n`;
|
`${verificationKey.IC[i][1].toString()});\n`;
|
||||||
}
|
}
|
||||||
template = template.replace("<%vk_ic_pts%>", vi);
|
template = template.replace("<%vk_ic_pts%>", vi);
|
||||||
@ -435,10 +431,9 @@ function generateVerifier_original(contractName, verificationKey) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
function generateVerifier_groth(contractName,verificationKey) {
|
function generateVerifier_groth(verificationKey) {
|
||||||
let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_groth.sol"), "utf-8");
|
let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_groth.sol"), "utf-8");
|
||||||
|
|
||||||
template = template.replace("<%contractName%>", contractName);
|
|
||||||
|
|
||||||
const vkalfa1_str = `${verificationKey.vk_alfa_1[0].toString()},`+
|
const vkalfa1_str = `${verificationKey.vk_alfa_1[0].toString()},`+
|
||||||
`${verificationKey.vk_alfa_1[1].toString()}`;
|
`${verificationKey.vk_alfa_1[1].toString()}`;
|
||||||
@ -469,7 +464,7 @@ function generateVerifier_groth(contractName,verificationKey) {
|
|||||||
let vi = "";
|
let vi = "";
|
||||||
for (let i=0; i<verificationKey.IC.length; i++) {
|
for (let i=0; i<verificationKey.IC.length; i++) {
|
||||||
if (vi != "") vi = vi + " ";
|
if (vi != "") vi = vi + " ";
|
||||||
vi = vi + `vk.IC[${i}] = G1Point(${verificationKey.IC[i][0].toString()},`+
|
vi = vi + `vk.IC[${i}] = Pairing.G1Point(${verificationKey.IC[i][0].toString()},`+
|
||||||
`${verificationKey.IC[i][1].toString()});\n`;
|
`${verificationKey.IC[i][1].toString()});\n`;
|
||||||
}
|
}
|
||||||
template = template.replace("<%vk_ic_pts%>", vi);
|
template = template.replace("<%vk_ic_pts%>", vi);
|
||||||
|
@ -10,8 +10,7 @@
|
|||||||
// added requiere error messages
|
// added requiere error messages
|
||||||
//
|
//
|
||||||
pragma solidity ^0.5.0;
|
pragma solidity ^0.5.0;
|
||||||
contract <%contractName%> {
|
library Pairing {
|
||||||
|
|
||||||
struct G1Point {
|
struct G1Point {
|
||||||
uint X;
|
uint X;
|
||||||
uint Y;
|
uint Y;
|
||||||
@ -34,6 +33,16 @@ contract <%contractName%> {
|
|||||||
[4082367875863433681332203403145435568316851327593401208105741076214120093531,
|
[4082367875863433681332203403145435568316851327593401208105741076214120093531,
|
||||||
8495653923123431417604973247489272438418190587263600148770280649306958101930]
|
8495653923123431417604973247489272438418190587263600148770280649306958101930]
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/*
|
||||||
|
// Changed by Jordi point
|
||||||
|
return G2Point(
|
||||||
|
[10857046999023057135944570762232829481370756359578518086990519993285655852781,
|
||||||
|
11559732032986387107991004021392285783925812861821192530917403151452391805634],
|
||||||
|
[8495653923123431417604973247489272438418190587263600148770280649306958101930,
|
||||||
|
4082367875863433681332203403145435568316851327593401208105741076214120093531]
|
||||||
|
);
|
||||||
|
*/
|
||||||
}
|
}
|
||||||
/// @return the negation of p, i.e. p.addition(p.negate()) should be zero.
|
/// @return the negation of p, i.e. p.addition(p.negate()) should be zero.
|
||||||
function negate(G1Point memory p) internal pure returns (G1Point memory) {
|
function negate(G1Point memory p) internal pure returns (G1Point memory) {
|
||||||
@ -149,37 +158,39 @@ contract <%contractName%> {
|
|||||||
p2[3] = d2;
|
p2[3] = d2;
|
||||||
return pairing(p1, p2);
|
return pairing(p1, p2);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
contract Verifier {
|
||||||
|
using Pairing for *;
|
||||||
struct VerifyingKey {
|
struct VerifyingKey {
|
||||||
G1Point alfa1;
|
Pairing.G1Point alfa1;
|
||||||
G2Point beta2;
|
Pairing.G2Point beta2;
|
||||||
G2Point gamma2;
|
Pairing.G2Point gamma2;
|
||||||
G2Point delta2;
|
Pairing.G2Point delta2;
|
||||||
G1Point[] IC;
|
Pairing.G1Point[] IC;
|
||||||
}
|
}
|
||||||
struct Proof {
|
struct Proof {
|
||||||
G1Point A;
|
Pairing.G1Point A;
|
||||||
G2Point B;
|
Pairing.G2Point B;
|
||||||
G1Point C;
|
Pairing.G1Point C;
|
||||||
}
|
}
|
||||||
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
|
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
|
||||||
vk.alfa1 = G1Point(<%vk_alfa1%>);
|
vk.alfa1 = Pairing.G1Point(<%vk_alfa1%>);
|
||||||
vk.beta2 = G2Point(<%vk_beta2%>);
|
vk.beta2 = Pairing.G2Point(<%vk_beta2%>);
|
||||||
vk.gamma2 = G2Point(<%vk_gamma2%>);
|
vk.gamma2 = Pairing.G2Point(<%vk_gamma2%>);
|
||||||
vk.delta2 = G2Point(<%vk_delta2%>);
|
vk.delta2 = Pairing.G2Point(<%vk_delta2%>);
|
||||||
vk.IC = new G1Point[](<%vk_ic_length%>);
|
vk.IC = new Pairing.G1Point[](<%vk_ic_length%>);
|
||||||
<%vk_ic_pts%>
|
<%vk_ic_pts%>
|
||||||
}
|
}
|
||||||
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
|
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
|
||||||
VerifyingKey memory vk = verifyingKey();
|
VerifyingKey memory vk = verifyingKey();
|
||||||
require(input.length + 1 == vk.IC.length,"verifier-bad-input");
|
require(input.length + 1 == vk.IC.length,"verifier-bad-input");
|
||||||
// Compute the linear combination vk_x
|
// Compute the linear combination vk_x
|
||||||
G1Point memory vk_x = G1Point(0, 0);
|
Pairing.G1Point memory vk_x = Pairing.G1Point(0, 0);
|
||||||
for (uint i = 0; i < input.length; i++)
|
for (uint i = 0; i < input.length; i++)
|
||||||
vk_x = addition(vk_x, scalar_mul(vk.IC[i + 1], input[i]));
|
vk_x = Pairing.addition(vk_x, Pairing.scalar_mul(vk.IC[i + 1], input[i]));
|
||||||
vk_x = addition(vk_x, vk.IC[0]);
|
vk_x = Pairing.addition(vk_x, vk.IC[0]);
|
||||||
if (!pairingProd4(
|
if (!Pairing.pairingProd4(
|
||||||
negate(proof.A), proof.B,
|
Pairing.negate(proof.A), proof.B,
|
||||||
vk.alfa1, vk.beta2,
|
vk.alfa1, vk.beta2,
|
||||||
vk_x, vk.gamma2,
|
vk_x, vk.gamma2,
|
||||||
proof.C, vk.delta2
|
proof.C, vk.delta2
|
||||||
@ -193,9 +204,9 @@ contract <%contractName%> {
|
|||||||
uint[<%vk_input_length%>] memory input
|
uint[<%vk_input_length%>] memory input
|
||||||
) public view returns (bool r) {
|
) public view returns (bool r) {
|
||||||
Proof memory proof;
|
Proof memory proof;
|
||||||
proof.A = G1Point(a[0], a[1]);
|
proof.A = Pairing.G1Point(a[0], a[1]);
|
||||||
proof.B = G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
|
proof.B = Pairing.G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
|
||||||
proof.C = G1Point(c[0], c[1]);
|
proof.C = Pairing.G1Point(c[0], c[1]);
|
||||||
uint[] memory inputValues = new uint[](input.length);
|
uint[] memory inputValues = new uint[](input.length);
|
||||||
for(uint i = 0; i < input.length; i++){
|
for(uint i = 0; i < input.length; i++){
|
||||||
inputValues[i] = input[i];
|
inputValues[i] = input[i];
|
||||||
|
@ -10,8 +10,7 @@
|
|||||||
// added requiere error messages
|
// added requiere error messages
|
||||||
//
|
//
|
||||||
pragma solidity ^0.5.0;
|
pragma solidity ^0.5.0;
|
||||||
contract <%contractName%> {
|
library Pairing {
|
||||||
|
|
||||||
struct G1Point {
|
struct G1Point {
|
||||||
uint X;
|
uint X;
|
||||||
uint Y;
|
uint Y;
|
||||||
@ -149,58 +148,60 @@ contract <%contractName%> {
|
|||||||
p2[3] = d2;
|
p2[3] = d2;
|
||||||
return pairing(p1, p2);
|
return pairing(p1, p2);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
contract Verifier {
|
||||||
|
using Pairing for *;
|
||||||
struct VerifyingKey {
|
struct VerifyingKey {
|
||||||
G2Point A;
|
Pairing.G2Point A;
|
||||||
G1Point B;
|
Pairing.G1Point B;
|
||||||
G2Point C;
|
Pairing.G2Point C;
|
||||||
G2Point gamma;
|
Pairing.G2Point gamma;
|
||||||
G1Point gammaBeta1;
|
Pairing.G1Point gammaBeta1;
|
||||||
G2Point gammaBeta2;
|
Pairing.G2Point gammaBeta2;
|
||||||
G2Point Z;
|
Pairing.G2Point Z;
|
||||||
G1Point[] IC;
|
Pairing.G1Point[] IC;
|
||||||
}
|
}
|
||||||
struct Proof {
|
struct Proof {
|
||||||
G1Point A;
|
Pairing.G1Point A;
|
||||||
G1Point A_p;
|
Pairing.G1Point A_p;
|
||||||
G2Point B;
|
Pairing.G2Point B;
|
||||||
G1Point B_p;
|
Pairing.G1Point B_p;
|
||||||
G1Point C;
|
Pairing.G1Point C;
|
||||||
G1Point C_p;
|
Pairing.G1Point C_p;
|
||||||
G1Point K;
|
Pairing.G1Point K;
|
||||||
G1Point H;
|
Pairing.G1Point H;
|
||||||
}
|
}
|
||||||
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
|
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
|
||||||
vk.A = G2Point(<%vk_a%>);
|
vk.A = Pairing.G2Point(<%vk_a%>);
|
||||||
vk.B = G1Point(<%vk_b%>);
|
vk.B = Pairing.G1Point(<%vk_b%>);
|
||||||
vk.C = G2Point(<%vk_c%>);
|
vk.C = Pairing.G2Point(<%vk_c%>);
|
||||||
vk.gamma = G2Point(<%vk_g%>);
|
vk.gamma = Pairing.G2Point(<%vk_g%>);
|
||||||
vk.gammaBeta1 = G1Point(<%vk_gb1%>);
|
vk.gammaBeta1 = Pairing.G1Point(<%vk_gb1%>);
|
||||||
vk.gammaBeta2 = G2Point(<%vk_gb2%>);
|
vk.gammaBeta2 = Pairing.G2Point(<%vk_gb2%>);
|
||||||
vk.Z = G2Point(<%vk_z%>);
|
vk.Z = Pairing.G2Point(<%vk_z%>);
|
||||||
vk.IC = new G1Point[](<%vk_ic_length%>);
|
vk.IC = new Pairing.G1Point[](<%vk_ic_length%>);
|
||||||
<%vk_ic_pts%>
|
<%vk_ic_pts%>
|
||||||
}
|
}
|
||||||
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
|
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
|
||||||
VerifyingKey memory vk = verifyingKey();
|
VerifyingKey memory vk = verifyingKey();
|
||||||
require(input.length + 1 == vk.IC.length,"verifier-bad-input");
|
require(input.length + 1 == vk.IC.length,"verifier-bad-input");
|
||||||
// Compute the linear combination vk_x
|
// Compute the linear combination vk_x
|
||||||
G1Point memory vk_x = G1Point(0, 0);
|
Pairing.G1Point memory vk_x = Pairing.G1Point(0, 0);
|
||||||
for (uint i = 0; i < input.length; i++)
|
for (uint i = 0; i < input.length; i++)
|
||||||
vk_x = addition(vk_x, scalar_mul(vk.IC[i + 1], input[i]));
|
vk_x = Pairing.addition(vk_x, Pairing.scalar_mul(vk.IC[i + 1], input[i]));
|
||||||
vk_x = addition(vk_x, vk.IC[0]);
|
vk_x = Pairing.addition(vk_x, vk.IC[0]);
|
||||||
if (!pairingProd2(proof.A, vk.A, negate(proof.A_p), P2())) return 1;
|
if (!Pairing.pairingProd2(proof.A, vk.A, Pairing.negate(proof.A_p), Pairing.P2())) return 1;
|
||||||
if (!pairingProd2(vk.B, proof.B, negate(proof.B_p), P2())) return 2;
|
if (!Pairing.pairingProd2(vk.B, proof.B, Pairing.negate(proof.B_p), Pairing.P2())) return 2;
|
||||||
if (!pairingProd2(proof.C, vk.C, negate(proof.C_p), P2())) return 3;
|
if (!Pairing.pairingProd2(proof.C, vk.C, Pairing.negate(proof.C_p), Pairing.P2())) return 3;
|
||||||
if (!pairingProd3(
|
if (!Pairing.pairingProd3(
|
||||||
proof.K, vk.gamma,
|
proof.K, vk.gamma,
|
||||||
negate(addition(vk_x, addition(proof.A, proof.C))), vk.gammaBeta2,
|
Pairing.negate(Pairing.addition(vk_x, Pairing.addition(proof.A, proof.C))), vk.gammaBeta2,
|
||||||
negate(vk.gammaBeta1), proof.B
|
Pairing.negate(vk.gammaBeta1), proof.B
|
||||||
)) return 4;
|
)) return 4;
|
||||||
if (!pairingProd3(
|
if (!Pairing.pairingProd3(
|
||||||
addition(vk_x, proof.A), proof.B,
|
Pairing.addition(vk_x, proof.A), proof.B,
|
||||||
negate(proof.H), vk.Z,
|
Pairing.negate(proof.H), vk.Z,
|
||||||
negate(proof.C), P2()
|
Pairing.negate(proof.C), Pairing.P2()
|
||||||
)) return 5;
|
)) return 5;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -216,14 +217,14 @@ contract <%contractName%> {
|
|||||||
uint[<%vk_input_length%>] memory input
|
uint[<%vk_input_length%>] memory input
|
||||||
) view public returns (bool r) {
|
) view public returns (bool r) {
|
||||||
Proof memory proof;
|
Proof memory proof;
|
||||||
proof.A = G1Point(a[0], a[1]);
|
proof.A = Pairing.G1Point(a[0], a[1]);
|
||||||
proof.A_p = G1Point(a_p[0], a_p[1]);
|
proof.A_p = Pairing.G1Point(a_p[0], a_p[1]);
|
||||||
proof.B = G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
|
proof.B = Pairing.G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
|
||||||
proof.B_p = G1Point(b_p[0], b_p[1]);
|
proof.B_p = Pairing.G1Point(b_p[0], b_p[1]);
|
||||||
proof.C = G1Point(c[0], c[1]);
|
proof.C = Pairing.G1Point(c[0], c[1]);
|
||||||
proof.C_p = G1Point(c_p[0], c_p[1]);
|
proof.C_p = Pairing.G1Point(c_p[0], c_p[1]);
|
||||||
proof.H = G1Point(h[0], h[1]);
|
proof.H = Pairing.G1Point(h[0], h[1]);
|
||||||
proof.K = G1Point(k[0], k[1]);
|
proof.K = Pairing.G1Point(k[0], k[1]);
|
||||||
uint[] memory inputValues = new uint[](input.length);
|
uint[] memory inputValues = new uint[](input.length);
|
||||||
for(uint i = 0; i < input.length; i++){
|
for(uint i = 0; i < input.length; i++){
|
||||||
inputValues[i] = input[i];
|
inputValues[i] = input[i];
|
||||||
|
Loading…
Reference in New Issue
Block a user