snarkjs/README.md

# snarkjs: JavaScript implementation of zkSNARKs.

This is a JavaScript implementation of zkSNARK schemes. It allows the original 8points protocol
and the Groth Protocol (3 point only and 3 pairings)

This library allows to do the trusted setup, generate proofs and verify the proofs.

This library uses the compiled circuits generated by the jaz compiler.

### Tutorial.

A good starting point [is this tutorial](https://github.com/iden3/circom/blob/master/TUTORIAL.md)

Also this [video](https://www.youtube.com/watch?v=-9TJa1hVsKA) is a good starting point.

## Install.

```sh
npm install snarkjs
```

## Usage from command line.


```sh
snarkjs --help
```

Will show all the info in how to use the cli.

## Usage from javascript


### Import.

```js
const zkSnark = require("snarkjs");
```

### Load a circuit.

```js
// "myCircuit.cir" is the output of the jaz compiler

const circuitDef = JSON.parse(fs.readFileSync("myCircuit.cir", "utf8"));
const circuit = new zkSnark.Circuit(circuitDef);
```

### Inspect the circuit.

```js
    // `signalId` can always be a number or an alias string

    circuit.nConstraints; // number of constraints
    circuit.nSignals; // number of signals
    circuit.nPublic; // number of public signals (nOutputs + nPublicInputs)

    // The array of signals is always sorted in this order:
    // [ 1, outputs, publicInputs, privateInputs, internalSignals, constants]

    // returns a,b and c coeficients of the `signalId` on a given `constraint`
    circuit.a(constraint, signalId)
    circuit.b(constraint, signalId)
    circuit.c(constraint, signalId)

    circuit.nOutputs           // number of public outputs
    circuit.pubInputs          // number of public inputs
    circuit.nPrvInputs         // number of private inputs
    circuit.nInputs            // number of inputs ( nPublicInputs + nPrivateInputs)
    circuit.nVars              // number of variables ( not including constants (one is a variable) )
    circuit.nSignals           // number of signals ( including constants )

    circuit.outputIdx(i)       // returns the index of the i'th output
    circuit.inputIdx(i)        // returns the index of the i'th input
    circuit.pubInputIdx(i)     // returns the index of the i'th public input
    circuit.prvInputIdx(i)     // returns the index of the i'th private input
    circuit.varIdx(i)          // returns the index of the i'th variable
    circuit.constantIdx(i)     // returns the index of the i'th constant
    circuit.signalIdx(i)       // returns the index of the i'th signal

    // returns signal Idx given a signalId
    // if the idx >= n , it is a constant
    // if the idx == -1, the signal does not exist
    circuit.getSignalIdx(name);

    // returns an array aliases names of the i'th signal
    circuit.signalNames(i)

    // input is a key value object where keys are the signal names
    //   of all the inputs (public and private)
    // returns an array of values representing the witness
    circuit.calculateWitness(input)
```

### Trusted setup.

```js
const setup = zkSnark.setup(circuit);
fs.writeFileSync("myCircuit.vk_proof", JSON.stringify(setup.vk_proof), "utf8");
fs.writeFileSync("myCircuit.vk_verifier", JSON.stringify(setup.vk_verifier), "utf8");
setup.toxic  // Must be discarded.
```

### Generate proof.

```js
const circuitDef = JSON.parse(fs.readFileSync("myCircuit.cir", "utf8"));
const circuit = new zkSnark.Circuit(circuitDef);
const input = {
    "main.pubIn1": "123",
    "main.out1": "456"
}
const witness = circuit.calculateWitness(input);
const vk_proof = JSON.parse(fs.readFileSync("myCircuit.vk_proof", "utf8"));

const {proof, publicSignals} = zkSnark.genProof(vk_proof, witness);
```

### Verifier.

```js
const vk_verifier = JSON.parse(fs.readFileSync("myCircuit.vk_verifier", "utf8"));

if (zkSnark.isValid(vk_verifier, proof, publicSignals)) {
    console.log("The proof is valid");
} else {
    console.log("The proof is not valid");
}
```

## License

snarkjs is part of the iden3 project copyright 2018 0KIMS association and published with GPL-3 license. Please check the COPYING file for more details.
License fix and remove gig test 2018-10-21 19:41:44 +02:00			`# snarkjs: JavaScript implementation of zkSNARKs.`
Skeleton 2018-08-09 08:16:34 +02:00
Groth protocol imlemented 2018-11-10 14:43:37 +01:00			`This is a JavaScript implementation of zkSNARK schemes. It allows the original 8points protocol`
			`and the Groth Protocol (3 point only and 3 pairings)`
Skeleton 2018-08-09 08:16:34 +02:00
Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`This library allows to do the trusted setup, generate proofs and verify the proofs.`
Skeleton 2018-08-09 08:16:34 +02:00
			`This library uses the compiled circuits generated by the jaz compiler.`

Link video and tutorial 2019-04-12 14:20:43 +02:00			`### Tutorial.`

			`A good starting point [is this tutorial](https://github.com/iden3/circom/blob/master/TUTORIAL.md)`

			`Also this [video](https://www.youtube.com/watch?v=-9TJa1hVsKA) is a good starting point.`

Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`## Install.`
Skeleton 2018-08-09 08:16:34 +02:00
Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```sh
License fix and remove gig test 2018-10-21 19:41:44 +02:00			`npm install snarkjs`
Skeleton 2018-08-09 08:16:34 +02:00			```

License fix and remove gig test 2018-10-21 19:41:44 +02:00			`## Usage from command line.`


			```sh
			`snarkjs --help`
			```

			`Will show all the info in how to use the cli.`

Spelling correction 2018-12-29 08:26:45 +01:00			`## Usage from javascript`
License fix and remove gig test 2018-10-21 19:41:44 +02:00
Skeleton 2018-08-09 08:16:34 +02:00
Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`### Import.`
Skeleton 2018-08-09 08:16:34 +02:00
Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```js
License fix and remove gig test 2018-10-21 19:41:44 +02:00			`const zkSnark = require("snarkjs");`
Skeleton 2018-08-09 08:16:34 +02:00			```

			`### Load a circuit.`

Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```js
Skeleton 2018-08-09 08:16:34 +02:00			`// "myCircuit.cir" is the output of the jaz compiler`

			`const circuitDef = JSON.parse(fs.readFileSync("myCircuit.cir", "utf8"));`
			`const circuit = new zkSnark.Circuit(circuitDef);`
			```

			`### Inspect the circuit.`

Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```js
Skeleton 2018-08-09 08:16:34 +02:00			// `signalId` can always be a number or an alias string

Spelling fixed 2018-09-09 14:04:22 +02:00			`circuit.nConstraints; // number of constraints`
snarks part done 2018-08-09 15:31:16 +02:00			`circuit.nSignals; // number of signals`
			`circuit.nPublic; // number of public signals (nOutputs + nPublicInputs)`
Skeleton 2018-08-09 08:16:34 +02:00
			`// The array of signals is always sorted in this order:`
Spelling fixed 2018-09-09 14:04:22 +02:00			`// [ 1, outputs, publicInputs, privateInputs, internalSignals, constants]`
Skeleton 2018-08-09 08:16:34 +02:00
Spelling fixed 2018-09-09 14:04:22 +02:00			// returns a,b and c coeficients of the `signalId` on a given `constraint`
			`circuit.a(constraint, signalId)`
			`circuit.b(constraint, signalId)`
			`circuit.c(constraint, signalId)`
Skeleton 2018-08-09 08:16:34 +02:00
			`circuit.nOutputs // number of public outputs`
zkSnarks working 2018-08-25 00:16:12 +02:00			`circuit.pubInputs // number of public inputs`
			`circuit.nPrvInputs // number of private inputs`
Skeleton 2018-08-09 08:16:34 +02:00			`circuit.nInputs // number of inputs ( nPublicInputs + nPrivateInputs)`
zkSnarks working 2018-08-25 00:16:12 +02:00			`circuit.nVars // number of variables ( not including constants (one is a variable) )`
			`circuit.nSignals // number of signals ( including constants )`
Skeleton 2018-08-09 08:16:34 +02:00
			`circuit.outputIdx(i) // returns the index of the i'th output`
			`circuit.inputIdx(i) // returns the index of the i'th input`
zkSnarks working 2018-08-25 00:16:12 +02:00			`circuit.pubInputIdx(i) // returns the index of the i'th public input`
			`circuit.prvInputIdx(i) // returns the index of the i'th private input`
			`circuit.varIdx(i) // returns the index of the i'th variable`
			`circuit.constantIdx(i) // returns the index of the i'th constant`
			`circuit.signalIdx(i) // returns the index of the i'th signal`
Skeleton 2018-08-09 08:16:34 +02:00
			`// returns signal Idx given a signalId`
			`// if the idx >= n , it is a constant`
			`// if the idx == -1, the signal does not exist`
Extend eq and neq in bigint 2018-09-14 07:08:56 +02:00			`circuit.getSignalIdx(name);`
Skeleton 2018-08-09 08:16:34 +02:00
Extend eq and neq in bigint 2018-09-14 07:08:56 +02:00			`// returns an array aliases names of the i'th signal`
			`circuit.signalNames(i)`
Skeleton 2018-08-09 08:16:34 +02:00
			`// input is a key value object where keys are the signal names`
			`// of all the inputs (public and private)`
Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`// returns an array of values representing the witness`
Readme fixed and bigint exported 2018-09-05 05:24:24 +02:00			`circuit.calculateWitness(input)`
Skeleton 2018-08-09 08:16:34 +02:00			```

Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`### Trusted setup.`
Skeleton 2018-08-09 08:16:34 +02:00
Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```js
Skeleton 2018-08-09 08:16:34 +02:00			`const setup = zkSnark.setup(circuit);`
Fix typo in example's function The correct API is not fs.writeFileSink, its fs.writeFileSync 2018-09-15 23:14:36 +02:00			`fs.writeFileSync("myCircuit.vk_proof", JSON.stringify(setup.vk_proof), "utf8");`
			`fs.writeFileSync("myCircuit.vk_verifier", JSON.stringify(setup.vk_verifier), "utf8");`
Skeleton 2018-08-09 08:16:34 +02:00			`setup.toxic // Must be discarded.`
			```

Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`### Generate proof.`
Skeleton 2018-08-09 08:16:34 +02:00
Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```js
Skeleton 2018-08-09 08:16:34 +02:00			`const circuitDef = JSON.parse(fs.readFileSync("myCircuit.cir", "utf8"));`
			`const circuit = new zkSnark.Circuit(circuitDef);`
			`const input = {`
			`"main.pubIn1": "123",`
			`"main.out1": "456"`
			`}`
Readme fixed and bigint exported 2018-09-05 05:24:24 +02:00			`const witness = circuit.calculateWitness(input);`
Skeleton 2018-08-09 08:16:34 +02:00			`const vk_proof = JSON.parse(fs.readFileSync("myCircuit.vk_proof", "utf8"));`

			`const {proof, publicSignals} = zkSnark.genProof(vk_proof, witness);`
			```

Changes README, copyright and typos 2018-09-10 11:53:09 +02:00			`### Verifier.`
Skeleton 2018-08-09 08:16:34 +02:00
Added JS style syntaxing to README 2018-09-14 14:27:36 +02:00			```js
Skeleton 2018-08-09 08:16:34 +02:00			`const vk_verifier = JSON.parse(fs.readFileSync("myCircuit.vk_verifier", "utf8"));`

			`if (zkSnark.isValid(vk_verifier, proof, publicSignals)) {`
			`console.log("The proof is valid");`
			`} else {`
			`console.log("The proof is not valid");`
			`}`
			```
License fix and remove gig test 2018-10-21 19:41:44 +02:00
			`## License`

			`snarkjs is part of the iden3 project copyright 2018 0KIMS association and published with GPL-3 license. Please check the COPYING file for more details.`