gadget

package
v0.0.0-...-81eada0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 5, 2022 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const DEFAULT_CHUNK_SIZE int = 1024

Default chunkSize used by GKR

View Source 
const DEFAULT_IO_STORE_ALLOCATION_EPOCH int = 32
View Source 
const GKR_MIMC_GET_HASH_HINT_ID hint.ID = hint.ID(780000001)

HINTS ID that we are using for GKR

View Source 
const GKR_MIMC_GET_INITIAL_RANDOMNESS_HINT_ID hint.ID = hint.ID(780000002)
View Source 
const GKR_MIMC_GKR_PROVER_HINT_ID hint.ID = hint.ID(780000003)

Variables

View Source 
var DummySetup outerSetupFunc
View Source 
var Setup outerSetupFunc

The setup and dummy setups are initialized by applying our wrapper

Functions

func DeriveRandomnessFromPoint 

func DeriveRandomnessFromPoint(g1 bn254.G1Affine) fr.Element

Derives the initial randomness from an elliptic curve point

func EraseOldK 

func EraseOldK(pk *ProvingKey, vk *VerifyingKey)

func GkrProofToVec 

func GkrProofToVec(proof gkrNative.Proof, resBuff []*big.Int)

Writes the proof in a res buffer. We assume the res buffer to be allocated a priori

func IncreaseCapBools 

func IncreaseCapBools(arr []bool, by int) []bool

Increase the capacity of a slice of boolean

func IncreaseCapInts 

func IncreaseCapInts(arr []int, by int) []int

Increase the capacity of a slice of integers

func IncreaseCapVariable 

func IncreaseCapVariable(arr []frontend.Variable, by int) []frontend.Variable

Increase the capacity of a slice of frontend variable

func MarkWithSigma 

func MarkWithSigma(pk *ProvingKey, vk *VerifyingKey)

Marks the public and private key with a random field element sigma

func PreInitializePublicParams 

func PreInitializePublicParams(pk grothBack.ProvingKey, vk grothBack.VerifyingKey) (ProvingKey, VerifyingKey)

Setup then wrap the keys

func SubSlicesPublicParams 

func SubSlicesPublicParams(r1cs *R1CS, pk *ProvingKey, vk *VerifyingKey)

func Verify 

func Verify(proof *Proof, vk *VerifyingKey, publicWitness witness.Witness) error

Verify verifies a proof with given VerifyingKey and publicWitness

Types

type Circuit 

type Circuit struct {
	Gadget       GkrGadget
	InnerCircuit CircuitUsingGkr
}

Generic wrapper circuit in which, we can plug any circuit using Gkr. The wrapper holds all the logic for the proving etc...

func WrapCircuitUsingGkr 

func WrapCircuitUsingGkr(c CircuitUsingGkr, opts ...GkrOption) Circuit

Wraps the given circuit into a `Circuit` object

func (*Circuit) Assign 

func (c *Circuit) Assign()

Assigns for the subcircuit

func (*Circuit) Compile 

func (c *Circuit) Compile() (R1CS, error)

Wraps the gnark circuit compiler Will only work on groth16 with bn254

func (*Circuit) Define 

func (c *Circuit) Define(cs frontend.API) error

Implements `gnark`s circuit interface

func (*Circuit) Solve 

func (c *Circuit) Solve(compiled R1CS, opt ...backend.ProverOption) (Solution, error)

Returns a solution to the circuit

type CircuitUsingGkr 

type CircuitUsingGkr interface {
	Define(cs frontend.API, gadget *GkrGadget) error
}

Interface to be implemented by any circuit willing to use Gkr

type GkrGadget 

type GkrGadget struct {
	// Pointers to variables that must have been allocated somewhere else
	InitialRandomness frontend.Variable `gnark:",public"`

	Circuit circuit.Circuit `gnark:"-"`
	// contains filtered or unexported fields
}

Helper for performing hashes using GKR

func NewGkrGadget 

func NewGkrGadget() *GkrGadget

NewGkrGadget

func (*GkrGadget) Close 

func (g *GkrGadget) Close(cs frontend.API)

Pad and close GKR, run the proof then call the verifier

func (*GkrGadget) GkrProofFromVec 

func (g *GkrGadget) GkrProofFromVec(vec []frontend.Variable) gkr.Proof

Reads the proof to obtain the variable equivalent, the gadget is here to provide the dimensions

func (*GkrGadget) GkrProverHint 

func (g *GkrGadget) GkrProverHint() *GkrProverHint

Accessor for the hint from the GkrProver

func (*GkrGadget) HashHint 

func (g *GkrGadget) HashHint() *HashHint

Accessor for the hint from the GkrGadget

func (*GkrGadget) InitialRandomnessHint 

func (g *GkrGadget) InitialRandomnessHint() *InitialRandomnessHint

Accessor for the hint from the InitialRandomnessHint

func (*GkrGadget) UpdateHasher 

func (g *GkrGadget) UpdateHasher(
	cs frontend.API,
	state frontend.Variable,
	msg frontend.Variable,
) frontend.Variable

Pass the update of a hasher to GKR

type GkrOption 

type GkrOption func(c *Circuit)

Options for the `Circuit` constructor

type GkrProverHint 

type GkrProverHint struct {
	// contains filtered or unexported fields
}

func (*GkrProverHint) Call 

func (h *GkrProverHint) Call(_ ecc.ID, inputsBI []*big.Int, oups []*big.Int) error

Returns the Hint functions that can help gnark's solver figure out that we need to compute the GkrProof and verify In order to return the fields one after the other, the function is built as a stateful iterator

func (*GkrProverHint) NbOutputs 

func (h *GkrProverHint) NbOutputs(_ ecc.ID, nbInput int) int

NbOutputs of the gkr prover hint Returns the number of field elements to represent the

func (*GkrProverHint) String 

func (h *GkrProverHint) String() string

String of the gkr prover hint hint

func (*GkrProverHint) UUID 

func (h *GkrProverHint) UUID() hint.ID

UUID of the gkr prover hint hint

type HashHint 

type HashHint struct {
	// contains filtered or unexported fields
}

func (*HashHint) Call 

func (h *HashHint) Call(curve ecc.ID, inps []*big.Int, outputs []*big.Int) error

Returns the Hint functions that can help gnark's solver figure out that the output of the GKR should be a hash

func (*HashHint) NbOutputs 

func (h *HashHint) NbOutputs(_ ecc.ID, nbInput int) int

NbOutputs of the hash hint

func (*HashHint) String 

func (h *HashHint) String() string

String of the hash hint

func (*HashHint) UUID 

func (h *HashHint) UUID() hint.ID

UUID of the hash hint

type InitialRandomnessHint 

type InitialRandomnessHint struct {
	// contains filtered or unexported fields
}

func (*InitialRandomnessHint) Call 

func (h *InitialRandomnessHint) Call(_ ecc.ID, inpss []*big.Int, oups []*big.Int) error

Hint for generating the initial randomness

func (*InitialRandomnessHint) NbOutputs 

func (h *InitialRandomnessHint) NbOutputs(_ ecc.ID, nbInput int) int

NbOutputs of the initial randomness hint

func (*InitialRandomnessHint) String 

func (h *InitialRandomnessHint) String() string

String of the initial randomness hint hint

func (*InitialRandomnessHint) UUID 

func (h *InitialRandomnessHint) UUID() hint.ID

UUID of the initial randomness hint hint

type IoStore 

type IoStore struct {
	// contains filtered or unexported fields
}

Stores the inputs and is responsible for the reordering tasks

func NewIoStore 

func NewIoStore(circuit *circuit.Circuit, allocEpoch int) IoStore

Creates a new ioStore for the given circuit

func (*IoStore) DumpForGkrProver 

func (io *IoStore) DumpForGkrProver(qPrimeArg []frontend.Variable) []frontend.Variable

Returns the io for the prover multiexp Done by concatenating the two into another array The variables are returned in the form of a buffer of interfaces 4 empty entry are appended to the result : they are used by the hint to figure out which res = qPrime || inputs || outputs

func (*IoStore) DumpForProverMultiExp 

func (io *IoStore) DumpForProverMultiExp() []frontend.Variable

Returns the io for the prover multiexp Done by concatenating the two into another array

func (*IoStore) Index 

func (io *IoStore) Index() int

Return the number of element allocated

func (*IoStore) InputsForVerifier 

func (io *IoStore) InputsForVerifier() []polynomial.MultiLin

Returns the gkr inputs in the correct order to be processed by the verifier

func (*IoStore) OutputsForVerifier 

func (io *IoStore) OutputsForVerifier() polynomial.MultiLin

Returns the gkr outputs in the correct order to be processed by the verifier

func (*IoStore) Push 

func (io *IoStore) Push(cs frontend.API, inputs []frontend.Variable, output frontend.Variable)

Add an element in the ioStack

func (*IoStore) VarAreConstant 

func (io *IoStore) VarAreConstant() []bool

Returns all the `isConstant` concatenated in a single vec

func (*IoStore) VarIds 

func (io *IoStore) VarIds() []int

Returns all the varIds in a single vec (no deduplication)

type Proof 

type Proof struct {
	Ar, Krs           bn254.G1Affine
	Bs                bn254.G2Affine
	KrsGkrPriv        bn254.G1Affine
	InitialRandomness fr.Element
}

Extend proof for GKR-enabled SNARK

func ComputeGroth16Proof 

func ComputeGroth16Proof(r1cs *cs.R1CS, pk *groth16.ProvingKey, a, b, c, wireValues []fr.Element) (*Proof, error)

Modified SNARK prover: we additionally passes a puncturedVersion of the values

func ComputeProof 

func ComputeProof(
	r1cs *R1CS,
	pk *ProvingKey, solution Solution,

	proof *Proof,
) (*Proof, error)

Compute the proof

func Prove 

func Prove(r1cs *R1CS, pk *ProvingKey, assignment *Circuit) (*Proof, error)

Solve and compute the proof

type ProvingKey 

type ProvingKey struct {
	// contains filtered or unexported fields
}

Wrappers around the proving key

type R1CS 

type R1CS struct {
	// contains filtered or unexported fields
}

R1CS wraps gnarks r1cs to add its own datas

type Solution 

type Solution struct {
	Wires, A, B, C []fr.Element
}

func (Solution) Dump 

func (s Solution) Dump()

Dump the solution vector : usefull for debugging

type VerifyingKey 

type VerifyingKey struct {
	// contains filtered or unexported fields
}

Wrapper around the verifying key

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.