Documentation
¶
Index ¶
- func DummySetup(r1cs *bls381backend.R1CS, pk *ProvingKey) error
- func ParsePublicInput(expectedNames []string, input map[string]interface{}) ([]fr.Element, error)
- func Setup(r1cs *bls381backend.R1CS, pk *ProvingKey, vk *VerifyingKey) error
- func Verify(proof *Proof, vk *VerifyingKey, inputs map[string]interface{}) error
- type Proof
- type ProvingKey
- type VerifyingKey
- func (vk *VerifyingKey) GetCurveID() gurvy.ID
- func (vk *VerifyingKey) IsDifferent(_other interface{}) bool
- func (vk *VerifyingKey) ReadFrom(r io.Reader) (n int64, err error)
- func (vk *VerifyingKey) WriteRawTo(w io.Writer) (n int64, err error)
- func (vk *VerifyingKey) WriteTo(w io.Writer) (n int64, err error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DummySetup ¶
func DummySetup(r1cs *bls381backend.R1CS, pk *ProvingKey) error
DummySetup fills a random ProvingKey used for test or benchmarking purposes
func ParsePublicInput ¶
ParsePublicInput return the ordered public input values in regular form (used as scalars for multi exponentiation). The function is public because it's needed for the recursive snark.
func Setup ¶
func Setup(r1cs *bls381backend.R1CS, pk *ProvingKey, vk *VerifyingKey) error
Setup constructs the SRS
Types ¶
type Proof ¶
Proof represents a Groth16 proof that was encoded with a ProvingKey and can be verified with a valid statement and a VerifyingKey Notation follows Figure 4. in DIZK paper https://eprint.iacr.org/2018/691.pdf
func Prove ¶
func Prove(r1cs *bls381backend.R1CS, pk *ProvingKey, solution map[string]interface{}, force bool) (*Proof, error)
Prove generates the proof of knoweldge of a r1cs with solution. if force flag is set, Prove ignores R1CS solving error (ie invalid solution) and executes the FFTs and MultiExponentiations to compute an (invalid) Proof object
func (*Proof) ReadFrom ¶ added in v0.3.6
ReadFrom attempts to decode a Proof from reader Proof must be encoded through WriteTo (compressed) or WriteRawTo (uncompressed) note that we don't check that the points are on the curve or in the correct subgroup at this point
func (*Proof) WriteRawTo ¶ added in v0.3.6
WriteRawTo writes binary encoding of the Proof elements to writer points are stored in uncompressed form Ar | Krs | Bs use WriteTo(...) to encode the proof with point compression
type ProvingKey ¶
type ProvingKey struct {
// domain
Domain fft.Domain
// [α]1, [β]1, [δ]1
// [A(t)]1, [B(t)]1, [Kpk(t)]1, [Z(t)]1
G1 struct {
Alpha, Beta, Delta curve.G1Affine
A, B, Z []curve.G1Affine
K []curve.G1Affine // the indexes correspond to the private wires
}
// [β]2, [δ]2, [B(t)]2
G2 struct {
Beta, Delta curve.G2Affine
B []curve.G2Affine
}
}
ProvingKey is used by a Groth16 prover to encode a proof of a statement Notation follows Figure 4. in DIZK paper https://eprint.iacr.org/2018/691.pdf
func (*ProvingKey) GetCurveID ¶
func (pk *ProvingKey) GetCurveID() gurvy.ID
GetCurveID returns the curveID
func (*ProvingKey) IsDifferent ¶
func (pk *ProvingKey) IsDifferent(_other interface{}) bool
IsDifferent returns true if provided pk is different than self this is used by groth16.Assert to ensure random sampling
func (*ProvingKey) ReadFrom ¶ added in v0.3.6
func (pk *ProvingKey) ReadFrom(r io.Reader) (int64, error)
ReadFrom attempts to decode a ProvingKey from reader ProvingKey must be encoded through WriteTo (compressed) or WriteRawTo (uncompressed) note that we don't check that the points are on the curve or in the correct subgroup at this point TODO while Proof points correctness is checkd in the Verifier, here may be a good place to check key
func (*ProvingKey) WriteRawTo ¶ added in v0.3.6
func (pk *ProvingKey) WriteRawTo(w io.Writer) (n int64, err error)
WriteRawTo writes binary encoding of the key elements to writer points are not compressed use WriteTo(...) to encode the key with point compression
type VerifyingKey ¶
type VerifyingKey struct {
// ordered public input names
PublicInputs []string
// e(α, β)
E curve.GT
// -[γ]2, -[δ]2
// note: storing GammaNeg and DeltaNeg instead of Gamma and Delta
// see proof.Verify() for more details
G2 struct {
GammaNeg, DeltaNeg curve.G2Affine
}
// [Kvk]1
G1 struct {
K []curve.G1Affine // The indexes correspond to the public wires
}
}
VerifyingKey is used by a Groth16 verifier to verify the validity of a proof and a statement Notation follows Figure 4. in DIZK paper https://eprint.iacr.org/2018/691.pdf
func (*VerifyingKey) GetCurveID ¶
func (vk *VerifyingKey) GetCurveID() gurvy.ID
GetCurveID returns the curveID
func (*VerifyingKey) IsDifferent ¶
func (vk *VerifyingKey) IsDifferent(_other interface{}) bool
IsDifferent returns true if provided vk is different than self this is used by groth16.Assert to ensure random sampling
func (*VerifyingKey) ReadFrom ¶ added in v0.3.6
func (vk *VerifyingKey) ReadFrom(r io.Reader) (n int64, err error)
ReadFrom attempts to decode a VerifyingKey from reader VerifyingKey must be encoded through WriteTo (compressed) or WriteRawTo (uncompressed) note that we don't check that the points are on the curve or in the correct subgroup at this point TODO while Proof points correctness is checkd in the Verifier, here may be a good place to check key
func (*VerifyingKey) WriteRawTo ¶ added in v0.3.6
func (vk *VerifyingKey) WriteRawTo(w io.Writer) (n int64, err error)
WriteRawTo writes binary encoding of the key elements to writer points are not compressed use WriteTo(...) to encode the key with point compression
Source Files