tornadocash
/
snarkjs
mirror of https://github.com/tornadocash/snarkjs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Generate contract name by its name output

This commit is contained in:
adriamb 2019-06-18 16:33:14 +02:00
parent c5cd822350
commit 22a5b7bc46
3 changed files with 83 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
cli.js
View File

@ -318,12 +318,14 @@ try {
} else if (argv._[0].toUpperCase() == "GENERATEVERIFIER") { } else if (argv._[0].toUpperCase() == "GENERATEVERIFIER") {
const verificationKey = unstringifyBigInts(JSON.parse(fs.readFileSync(verificationKeyName, "utf8"))); const verificationKey = unstringifyBigInts(JSON.parse(fs.readFileSync(verificationKeyName, "utf8")));
let contractName = path.parse(verifierName).name
contractName = contractName.charAt(0).toUpperCase() + contractName.slice(1)
let verifierCode; let verifierCode;
if (verificationKey.protocol == "original") { if (verificationKey.protocol == "original") {
verifierCode = generateVerifier_original(verificationKey); verifierCode = generateVerifier_original(contractName,verificationKey);
} else if (verificationKey.protocol == "groth") { } else if (verificationKey.protocol == "groth") {
verifierCode = generateVerifier_groth(verificationKey); verifierCode = generateVerifier_groth(contractName,verificationKey);
} else { } else {
throw new Error("InvalidProof"); throw new Error("InvalidProof");
} }
@ -374,9 +376,11 @@ try {
} }
function generateVerifier_original(verificationKey) { function generateVerifier_original(contractName, verificationKey) {
let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_original.sol"), "utf-8"); let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_original.sol"), "utf-8");
template = template.replace("<%contractName%>", contractName);
const vka_str = `[${verificationKey.vk_a[0][1].toString()},`+ const vka_str = `[${verificationKey.vk_a[0][1].toString()},`+
`${verificationKey.vk_a[0][0].toString()}], `+ `${verificationKey.vk_a[0][0].toString()}], `+
`[${verificationKey.vk_a[1][1].toString()},` + `[${verificationKey.vk_a[1][1].toString()},` +
@ -422,7 +426,7 @@ function generateVerifier_original(verificationKey) {
let vi = ""; let vi = "";
for (let i=0; i<verificationKey.IC.length; i++) { for (let i=0; i<verificationKey.IC.length; i++) {
if (vi != "") vi = vi + " "; if (vi != "") vi = vi + " ";
vi = vi + `vk.IC[${i}] = Pairing.G1Point(${verificationKey.IC[i][0].toString()},`+ vi = vi + `vk.IC[${i}] = G1Point(${verificationKey.IC[i][0].toString()},`+
`${verificationKey.IC[i][1].toString()});\n`; `${verificationKey.IC[i][1].toString()});\n`;
} }
template = template.replace("<%vk_ic_pts%>", vi); template = template.replace("<%vk_ic_pts%>", vi);
@ -431,9 +435,10 @@ function generateVerifier_original(verificationKey) {
} }
function generateVerifier_groth(verificationKey) { function generateVerifier_groth(contractName,verificationKey) {
let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_groth.sol"), "utf-8"); let template = fs.readFileSync(path.join( __dirname, "templates", "verifier_groth.sol"), "utf-8");
template = template.replace("<%contractName%>", contractName);
const vkalfa1_str = `${verificationKey.vk_alfa_1[0].toString()},`+ const vkalfa1_str = `${verificationKey.vk_alfa_1[0].toString()},`+
`${verificationKey.vk_alfa_1[1].toString()}`; `${verificationKey.vk_alfa_1[1].toString()}`;
@ -464,7 +469,7 @@ function generateVerifier_groth(verificationKey) {
let vi = ""; let vi = "";
for (let i=0; i<verificationKey.IC.length; i++) { for (let i=0; i<verificationKey.IC.length; i++) {
if (vi != "") vi = vi + " "; if (vi != "") vi = vi + " ";
vi = vi + `vk.IC[${i}] = Pairing.G1Point(${verificationKey.IC[i][0].toString()},`+ vi = vi + `vk.IC[${i}] = G1Point(${verificationKey.IC[i][0].toString()},`+
`${verificationKey.IC[i][1].toString()});\n`; `${verificationKey.IC[i][1].toString()});\n`;
} }
template = template.replace("<%vk_ic_pts%>", vi); template = template.replace("<%vk_ic_pts%>", vi);

59
templates/verifier_groth.sol
View File

@ -10,7 +10,8 @@
// added requiere error messages // added requiere error messages
// //
pragma solidity ^0.5.0; pragma solidity ^0.5.0;
library Pairing { contract <%contractName%> {
struct G1Point { struct G1Point {
uint X; uint X;
uint Y; uint Y;
@ -33,16 +34,6 @@ library Pairing {
[4082367875863433681332203403145435568316851327593401208105741076214120093531, [4082367875863433681332203403145435568316851327593401208105741076214120093531,
8495653923123431417604973247489272438418190587263600148770280649306958101930] 8495653923123431417604973247489272438418190587263600148770280649306958101930]
); );
/*
// Changed by Jordi point
return G2Point(
[10857046999023057135944570762232829481370756359578518086990519993285655852781,
11559732032986387107991004021392285783925812861821192530917403151452391805634],
[8495653923123431417604973247489272438418190587263600148770280649306958101930,
4082367875863433681332203403145435568316851327593401208105741076214120093531]
);
*/
} }
/// @return the negation of p, i.e. p.addition(p.negate()) should be zero. /// @return the negation of p, i.e. p.addition(p.negate()) should be zero.
function negate(G1Point memory p) internal pure returns (G1Point memory) { function negate(G1Point memory p) internal pure returns (G1Point memory) {
@ -158,39 +149,37 @@ library Pairing {
p2[3] = d2; p2[3] = d2;
return pairing(p1, p2); return pairing(p1, p2);
} }
}
contract Verifier {
using Pairing for *;
struct VerifyingKey { struct VerifyingKey {
Pairing.G1Point alfa1; G1Point alfa1;
Pairing.G2Point beta2; G2Point beta2;
Pairing.G2Point gamma2; G2Point gamma2;
Pairing.G2Point delta2; G2Point delta2;
Pairing.G1Point[] IC; G1Point[] IC;
} }
struct Proof { struct Proof {
Pairing.G1Point A; G1Point A;
Pairing.G2Point B; G2Point B;
Pairing.G1Point C; G1Point C;
} }
function verifyingKey() internal pure returns (VerifyingKey memory vk) { function verifyingKey() internal pure returns (VerifyingKey memory vk) {
vk.alfa1 = Pairing.G1Point(<%vk_alfa1%>); vk.alfa1 = G1Point(<%vk_alfa1%>);
vk.beta2 = Pairing.G2Point(<%vk_beta2%>); vk.beta2 = G2Point(<%vk_beta2%>);
vk.gamma2 = Pairing.G2Point(<%vk_gamma2%>); vk.gamma2 = G2Point(<%vk_gamma2%>);
vk.delta2 = Pairing.G2Point(<%vk_delta2%>); vk.delta2 = G2Point(<%vk_delta2%>);
vk.IC = new Pairing.G1Point[](<%vk_ic_length%>); vk.IC = new G1Point[](<%vk_ic_length%>);
<%vk_ic_pts%> <%vk_ic_pts%>
} }
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) { function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
VerifyingKey memory vk = verifyingKey(); VerifyingKey memory vk = verifyingKey();
require(input.length + 1 == vk.IC.length,"verifier-bad-input"); require(input.length + 1 == vk.IC.length,"verifier-bad-input");
// Compute the linear combination vk_x // Compute the linear combination vk_x
Pairing.G1Point memory vk_x = Pairing.G1Point(0, 0); G1Point memory vk_x = G1Point(0, 0);
for (uint i = 0; i < input.length; i++) for (uint i = 0; i < input.length; i++)
vk_x = Pairing.addition(vk_x, Pairing.scalar_mul(vk.IC[i + 1], input[i])); vk_x = addition(vk_x, scalar_mul(vk.IC[i + 1], input[i]));
vk_x = Pairing.addition(vk_x, vk.IC[0]); vk_x = addition(vk_x, vk.IC[0]);
if (!Pairing.pairingProd4( if (!pairingProd4(
Pairing.negate(proof.A), proof.B, negate(proof.A), proof.B,
vk.alfa1, vk.beta2, vk.alfa1, vk.beta2,
vk_x, vk.gamma2, vk_x, vk.gamma2,
proof.C, vk.delta2 proof.C, vk.delta2
@ -204,9 +193,9 @@ contract Verifier {
uint[<%vk_input_length%>] memory input uint[<%vk_input_length%>] memory input
) public view returns (bool r) { ) public view returns (bool r) {
Proof memory proof; Proof memory proof;
proof.A = Pairing.G1Point(a[0], a[1]); proof.A = G1Point(a[0], a[1]);
proof.B = Pairing.G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]); proof.B = G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
proof.C = Pairing.G1Point(c[0], c[1]); proof.C = G1Point(c[0], c[1]);
uint[] memory inputValues = new uint[](input.length); uint[] memory inputValues = new uint[](input.length);
for(uint i = 0; i < input.length; i++){ for(uint i = 0; i < input.length; i++){
inputValues[i] = input[i]; inputValues[i] = input[i];

97
templates/verifier_original.sol
View File

@ -10,7 +10,8 @@
// added requiere error messages // added requiere error messages
// //
pragma solidity ^0.5.0; pragma solidity ^0.5.0;
library Pairing { contract <%contractName%> {
struct G1Point { struct G1Point {
uint X; uint X;
uint Y; uint Y;
@ -148,60 +149,58 @@ library Pairing {
p2[3] = d2; p2[3] = d2;
return pairing(p1, p2); return pairing(p1, p2);
} }
}
contract Verifier {
using Pairing for *;
struct VerifyingKey { struct VerifyingKey {
Pairing.G2Point A; G2Point A;
Pairing.G1Point B; G1Point B;
Pairing.G2Point C; G2Point C;
Pairing.G2Point gamma; G2Point gamma;
Pairing.G1Point gammaBeta1; G1Point gammaBeta1;
Pairing.G2Point gammaBeta2; G2Point gammaBeta2;
Pairing.G2Point Z; G2Point Z;
Pairing.G1Point[] IC; G1Point[] IC;
} }
struct Proof { struct Proof {
Pairing.G1Point A; G1Point A;
Pairing.G1Point A_p; G1Point A_p;
Pairing.G2Point B; G2Point B;
Pairing.G1Point B_p; G1Point B_p;
Pairing.G1Point C; G1Point C;
Pairing.G1Point C_p; G1Point C_p;
Pairing.G1Point K; G1Point K;
Pairing.G1Point H; G1Point H;
} }
function verifyingKey() internal pure returns (VerifyingKey memory vk) { function verifyingKey() internal pure returns (VerifyingKey memory vk) {
vk.A = Pairing.G2Point(<%vk_a%>); vk.A = G2Point(<%vk_a%>);
vk.B = Pairing.G1Point(<%vk_b%>); vk.B = G1Point(<%vk_b%>);
vk.C = Pairing.G2Point(<%vk_c%>); vk.C = G2Point(<%vk_c%>);
vk.gamma = Pairing.G2Point(<%vk_g%>); vk.gamma = G2Point(<%vk_g%>);
vk.gammaBeta1 = Pairing.G1Point(<%vk_gb1%>); vk.gammaBeta1 = G1Point(<%vk_gb1%>);
vk.gammaBeta2 = Pairing.G2Point(<%vk_gb2%>); vk.gammaBeta2 = G2Point(<%vk_gb2%>);
vk.Z = Pairing.G2Point(<%vk_z%>); vk.Z = G2Point(<%vk_z%>);
vk.IC = new Pairing.G1Point[](<%vk_ic_length%>); vk.IC = new G1Point[](<%vk_ic_length%>);
<%vk_ic_pts%> <%vk_ic_pts%>
} }
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) { function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
VerifyingKey memory vk = verifyingKey(); VerifyingKey memory vk = verifyingKey();
require(input.length + 1 == vk.IC.length,"verifier-bad-input"); require(input.length + 1 == vk.IC.length,"verifier-bad-input");
// Compute the linear combination vk_x // Compute the linear combination vk_x
Pairing.G1Point memory vk_x = Pairing.G1Point(0, 0); G1Point memory vk_x = G1Point(0, 0);
for (uint i = 0; i < input.length; i++) for (uint i = 0; i < input.length; i++)
vk_x = Pairing.addition(vk_x, Pairing.scalar_mul(vk.IC[i + 1], input[i])); vk_x = addition(vk_x, scalar_mul(vk.IC[i + 1], input[i]));
vk_x = Pairing.addition(vk_x, vk.IC[0]); vk_x = addition(vk_x, vk.IC[0]);
if (!Pairing.pairingProd2(proof.A, vk.A, Pairing.negate(proof.A_p), Pairing.P2())) return 1; if (!pairingProd2(proof.A, vk.A, negate(proof.A_p), P2())) return 1;
if (!Pairing.pairingProd2(vk.B, proof.B, Pairing.negate(proof.B_p), Pairing.P2())) return 2; if (!pairingProd2(vk.B, proof.B, negate(proof.B_p), P2())) return 2;
if (!Pairing.pairingProd2(proof.C, vk.C, Pairing.negate(proof.C_p), Pairing.P2())) return 3; if (!pairingProd2(proof.C, vk.C, negate(proof.C_p), P2())) return 3;
if (!Pairing.pairingProd3( if (!pairingProd3(
proof.K, vk.gamma, proof.K, vk.gamma,
Pairing.negate(Pairing.addition(vk_x, Pairing.addition(proof.A, proof.C))), vk.gammaBeta2, negate(addition(vk_x, addition(proof.A, proof.C))), vk.gammaBeta2,
Pairing.negate(vk.gammaBeta1), proof.B negate(vk.gammaBeta1), proof.B
)) return 4; )) return 4;
if (!Pairing.pairingProd3( if (!pairingProd3(
Pairing.addition(vk_x, proof.A), proof.B, addition(vk_x, proof.A), proof.B,
Pairing.negate(proof.H), vk.Z, negate(proof.H), vk.Z,
Pairing.negate(proof.C), Pairing.P2() negate(proof.C), P2()
)) return 5; )) return 5;
return 0; return 0;
} }
@ -217,14 +216,14 @@ contract Verifier {
uint[<%vk_input_length%>] memory input uint[<%vk_input_length%>] memory input
) view public returns (bool r) { ) view public returns (bool r) {
Proof memory proof; Proof memory proof;
proof.A = Pairing.G1Point(a[0], a[1]); proof.A = G1Point(a[0], a[1]);
proof.A_p = Pairing.G1Point(a_p[0], a_p[1]); proof.A_p = G1Point(a_p[0], a_p[1]);
proof.B = Pairing.G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]); proof.B = G2Point([b[0][0], b[0][1]], [b[1][0], b[1][1]]);
proof.B_p = Pairing.G1Point(b_p[0], b_p[1]); proof.B_p = G1Point(b_p[0], b_p[1]);
proof.C = Pairing.G1Point(c[0], c[1]); proof.C = G1Point(c[0], c[1]);
proof.C_p = Pairing.G1Point(c_p[0], c_p[1]); proof.C_p = G1Point(c_p[0], c_p[1]);
proof.H = Pairing.G1Point(h[0], h[1]); proof.H = G1Point(h[0], h[1]);
proof.K = Pairing.G1Point(k[0], k[1]); proof.K = G1Point(k[0], k[1]);
uint[] memory inputValues = new uint[](input.length); uint[] memory inputValues = new uint[](input.length);
for(uint i = 0; i < input.length; i++){ for(uint i = 0; i < input.length; i++){
inputValues[i] = input[i]; inputValues[i] = input[i];