groth16

package
v0.9.0-alpha Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 18, 2023 License: Apache-2.0 Imports: 27 Imported by: 169

Documentation

Overview

Package groth16 implements Groth16 Zero Knowledge Proof system (aka zkSNARK).

See also

https://eprint.iacr.org/2016/260.pdf

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewCS added in v0.4.0

func NewCS(curveID ecc.ID) constraint.ConstraintSystem

NewCS instantiate a concrete curved-typed R1CS and return a R1CS interface This method exists for (de)serialization purposes

func Setup

Setup runs groth16.Setup with provided R1CS and outputs a key pair associated with the circuit.

Note that careful consideration must be given to this step in production environment. groth16.Setup uses some randomness to precompute the Proving and Verifying keys. If the process or machine leaks this randomness, an attacker could break the ZKP protocol.

Two main solutions to this deployment issues are: running the Setup through a MPC (multi party computation) or using a ZKP backend like PLONK where the per-circuit Setup is deterministic.

func Verify

func Verify(proof Proof, vk VerifyingKey, publicWitness witness.Witness) error

Verify runs the groth16.Verify algorithm on provided proof with given witness

Types

type Proof

type Proof interface {
	// contains filtered or unexported methods
}

Proof represents a Groth16 proof generated by groth16.Prove

it's underlying implementation is curve specific (see gnark/internal/backend)

func NewProof added in v0.3.6

func NewProof(curveID ecc.ID) Proof

NewProof instantiates a curve-typed Proof and returns an interface This function exists for serialization purposes

func Prove

func Prove(r1cs constraint.ConstraintSystem, pk ProvingKey, fullWitness witness.Witness, opts ...backend.ProverOption) (Proof, error)

Prove runs the groth16.Prove algorithm.

if the force flag is set:

	will execute all the prover computations, even if the witness is invalid
 will produce an invalid proof
	internally, the solution vector to the R1CS will be filled with random values which may impact benchmarking

type ProvingKey

type ProvingKey interface {
	gnarkio.UnsafeReaderFrom

	// NbG1 returns the number of G1 elements in the ProvingKey
	NbG1() int

	// NbG2 returns the number of G2 elements in the ProvingKey
	NbG2() int

	IsDifferent(interface{}) bool
	// contains filtered or unexported methods
}

ProvingKey represents a Groth16 ProvingKey

it's underlying implementation is strongly typed with the curve (see gnark/internal/backend)

func DummySetup

func DummySetup(r1cs constraint.ConstraintSystem) (ProvingKey, error)

DummySetup create a random ProvingKey with provided R1CS it doesn't return a VerifyingKey and is use for benchmarking or test purposes only.

func NewProvingKey added in v0.3.6

func NewProvingKey(curveID ecc.ID) ProvingKey

NewProvingKey instantiates a curve-typed ProvingKey and returns an interface object This function exists for serialization purposes

type VerifyingKey

type VerifyingKey interface {
	gnarkio.UnsafeReaderFrom

	// NbPublicWitness returns number of elements expected in the public witness
	NbPublicWitness() int

	// NbG1 returns the number of G1 elements in the VerifyingKey
	NbG1() int

	// NbG2 returns the number of G2 elements in the VerifyingKey
	NbG2() int

	// ExportSolidity writes a solidity Verifier contract from the VerifyingKey
	// this will return an error if not supported on the CurveID()
	ExportSolidity(w io.Writer) error

	IsDifferent(interface{}) bool
	// contains filtered or unexported methods
}

VerifyingKey represents a Groth16 VerifyingKey

it's underlying implementation is strongly typed with the curve (see gnark/internal/backend)

ExportSolidity is implemented for BN254 and will return an error with other curves

func NewVerifyingKey added in v0.3.6

func NewVerifyingKey(curveID ecc.ID) VerifyingKey

NewVerifyingKey instantiates a curve-typed VerifyingKey and returns an interface This function exists for serialization purposes

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL