circuits

package
v0.0.0-...-03d24db Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2025 License: AGPL-3.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	FieldsPerBallot      = 8
	VotesPerBatch        = 10
	CensusProofMaxLevels = 160
	StateProofMaxLevels  = 160
)

used across different circuits

View Source 
const (
	// default process config
	MockMaxCount        = 5
	MockForceUniqueness = 0
	MockMaxValue        = 16
	MockMinValue        = 0
	MockCostExp         = 2
	MockCostFromWeight  = 0
	MockWeight          = 10
)
View Source 
const BallotProofNPubInputs = 1

BallotProofNPubInputs is the number of public inputs for the ballot proof circom circuit.

View Source 
const SerializedFieldSize = 32 // bytes

Variables

View Source 
var BaseDir = filepath.Join(".cache", "circuits-artifacts")

BaseDir is the path where the artifact cache is expected to be found. If the artifacts are not found there, they will be downloaded and stored. It can be set to a different path if needed from other packages. Thats why it is not a constant.

Defaults to '.cache/circuits-artifacts'

Functions

func AggregatedWitnessInputs 

func AggregatedWitnessInputs(api frontend.API,
	process Process[emulated.Element[sw_bn254.ScalarField]],
	votes []Vote[emulated.Element[sw_bn254.ScalarField]],
) []emulated.Element[sw_bn254.ScalarField]

AggregatedWitnessInputs returns all values that are hashed to produce the public input needed to verify AggregatedProof, in a predefined order: 

ProcessID
CensusRoot
BallotMode
EncryptionKey
Nullifiers
Ballots
Addressess
Commitments

func AggregatedWitnessInputsAsVars 

func AggregatedWitnessInputsAsVars(api frontend.API,
	process Process[frontend.Variable],
	votes []Vote[frontend.Variable],
) []frontend.Variable

AggregatedWitnessInputsAsVars returns all values that are hashed to produce the public input needed to verify AggregatedProof, in a predefined order: 

ProcessID
CensusRoot
BallotMode
EncryptionKey
Nullifiers
Ballots
Addressess
Commitments

func BigIntArrayToN 

func BigIntArrayToN(arr []*big.Int, n int) []*big.Int

BigIntArrayToN pads the big.Int array to n elements, if needed, with zeros.

func BigIntArrayToStringArray 

func BigIntArrayToStringArray(arr []*big.Int, n int) []string

BigIntArrayToStringArray converts the big.Int array to a string array.

func BigIntToMIMCHash 

func BigIntToMIMCHash(input, base *big.Int) []byte

BigIntToMIMCHash transform the inputs hash to the field provided, if it is not done, the circuit will transform it during the witness calculation and the resulting hash will be different. Moreover, the input hash should be 32 bytes so if it is not, fill with zeros at the beginning of the bytes representation.

func BoolToBigInt 

func BoolToBigInt(b bool) *big.Int

BoolToBigInt returns 1 when b is true or 0 otherwise

func Circom2GnarkPlaceholder 

func Circom2GnarkPlaceholder(vkey []byte) (*parser.GnarkRecursionPlaceholders, error)

Circom2GnarkPlaceholder function is a wrapper to convert the circom ballot circuit to a gnark recursion placeholder, it returns the resulting placeholders for the recursion.

func Circom2GnarkProof 

func Circom2GnarkProof(vkey []byte, circomProof, pubSignals string) (*parser.GnarkRecursionProof, error)

Circom2GnarkProof function is a wrapper to convert a circom proof to a gnark proof, it receives the circom proof and the public signals as strings, as snarkjs returns them. Then, it parses the inputs to the gnark format and transforms the proof to the gnark recursion format.

func CircomInputs 

func CircomInputs(api frontend.API,
	process Process[emulated.Element[sw_bn254.ScalarField]],
	vote EmulatedVote[sw_bn254.ScalarField],
	userWeight emulated.Element[sw_bn254.ScalarField],
) []emulated.Element[sw_bn254.ScalarField]

CircomInputs returns all values that are hashed to produce the public input needed to verify CircomProof, in a predefined order: 

BallotMode
Address
UserWeight
ProcessID
EncryptionKey
Nullifier
Commitment
Ballot

func FrontendError 

func FrontendError(api frontend.API, msg string, trace error)

FrontendError function is an in-circuit function to print an error message and an error trace, making the circuit fail.

func StoreConstraintSystem 

func StoreConstraintSystem(cs constraint.ConstraintSystem, filepath string) error

StoreConstraintSystem stores the constraint system in a file.

func StoreProof 

func StoreProof(proof groth16.Proof, filepath string) error

StoreProof stores the proof in a file.

func StoreVerificationKey 

func StoreVerificationKey(vkey groth16.VerifyingKey, filepath string) error

StoreVerificationKey stores the verification key in a file.

func StoreWitness 

func StoreWitness(witness witness.Witness, filepath string) error

StoreWitness stores the witness in a file.

func VoteVerifierInputs 

func VoteVerifierInputs(api frontend.API,
	process Process[emulated.Element[sw_bn254.ScalarField]],
	vote EmulatedVote[sw_bn254.ScalarField],
) []emulated.Element[sw_bn254.ScalarField]

VoteVerifierInputs returns all values that are hashed to produce the public input needed to verify VoteVerifier, in a predefined order: 

ProcessID
CensusRoot
BallotMode
EncryptionKey
Nullifier
Ballot
Address
Commitment

Types

type Artifact 

type Artifact struct {
	RemoteURL string
	Hash      types.HexBytes
	Content   types.HexBytes
}

Artifact is a struct that holds the remote URL, the hash of the content and the content itself. It provides a method to load the content from the local cache or download it from the remote URL provided. It also checks the hash of the content to ensure its integrity.

func (*Artifact) Load 

func (k *Artifact) Load(ctx context.Context) error

Load method checks if the key content is already loaded, if not, it will try to load it from the local cache or download it from the remote URL provided. If the content is downloaded, it will be stored locally. It also checks the hash of the content to ensure its integrity. If the key is not already loaded, it returns an error if the hash is not provided, the remote URL is not provided, or the content cannot be loaded locally, downloaded or written to a local file. It also returns an error if the hash of the content does not match the hash provided.

type Ballot 

type Ballot [FieldsPerBallot]elgamal.Ciphertext

func NewBallot 

func NewBallot() *Ballot

func (*Ballot) Add 

func (z *Ballot) Add(api frontend.API, x, y *Ballot) *Ballot

Add sets z to the sum x+y and returns z.

Panics if twistededwards curve init fails.

func (*Ballot) AssertIsEqual 

func (z *Ballot) AssertIsEqual(api frontend.API, x *Ballot)

AssertIsEqual fails if any of the fields differ between z and x

func (*Ballot) Select 

func (z *Ballot) Select(api frontend.API, b frontend.Variable, i1 *Ballot, i2 *Ballot) *Ballot

Select if b is true, sets z = i1, else z = i2, and returns z

func (*Ballot) Serialize 

func (z *Ballot) Serialize(api frontend.API) []emulated.Element[sw_bn254.ScalarField]

Serialize returns a slice with the C1.X, C1.Y, C2.X, C2.Y in order

func (*Ballot) SerializeVars 

func (z *Ballot) SerializeVars() []frontend.Variable

Serialize returns a slice with the C1.X, C1.Y, C2.X, C2.Y in order

type BallotMode 

type BallotMode[T any] struct {
	MaxCount        T
	ForceUniqueness T
	MaxValue        T
	MinValue        T
	MaxTotalCost    T
	MinTotalCost    T
	CostExp         T
	CostFromWeight  T
}

BallotMode is a struct that contains the common inputs for all the voters. The values of this struct should be the same for all the voters in the same process. Is a generic struct that can be used with any type of circuit input.

func BallotModeFromBM 

func BallotModeFromBM(b types.BallotMode) BallotMode[*big.Int]

func DeserializeBallotMode 

func DeserializeBallotMode(data []byte) (BallotMode[*big.Int], error)

DeserializeBallotMode reconstructs a BallotMode from a slice of bytes. The input must be of len 8*32 bytes (otherwise it returns an error), representing 8 big.Ints as little-endian.

func MockBallotMode 

func MockBallotMode() BallotMode[*big.Int]

func MockBallotModeEmulated 

func MockBallotModeEmulated() BallotMode[emulated.Element[sw_bn254.ScalarField]]

func MockBallotModeVar 

func MockBallotModeVar() BallotMode[frontend.Variable]

func (BallotMode[T]) Bytes 

func (bm BallotMode[T]) Bytes() []byte

Bytes returns 8*32 bytes representing BallotMode components. Returns an empty slice if T is not *big.Int.

func (BallotMode[T]) Serialize 

func (bm BallotMode[T]) Serialize() []T

type CircuitArtifacts 

type CircuitArtifacts struct {
	// contains filtered or unexported fields
}

CircuitArtifacts is a struct that holds the proving and verifying keys of a zkSNARK circuit. It provides a method to load the keys from the local cache or download them from the remote URLs provided.

func NewCircuitArtifacts 

func NewCircuitArtifacts(provingKey, verifyingKey *Artifact) *CircuitArtifacts

NewCircuitArtifacts creates a new CircuitArtifacts struct with the proving and verifying keys provided.

func (*CircuitArtifacts) LoadAll 

func (ca *CircuitArtifacts) LoadAll() error

LoadAll method loads the proving and verifying keys creating a context with a timeout of 5 minutes. It returns an error if the proving or verifying keys cannot be loaded.

type EmulatedBallot 

type EmulatedBallot[F emulated.FieldParams] [FieldsPerBallot]EmulatedCiphertext[F]

EmulatedBallot is a copy of the Ballot struct, but using the EmulatedCiphertext type

func NewEmulatedBallot 

func NewEmulatedBallot[F emulated.FieldParams]() *EmulatedBallot[F]

NewEmulatedBallot returns a new EmulatedBallot with all fields with both points to zero point (0, 1).

func (*EmulatedBallot[F]) Serialize 

func (z *EmulatedBallot[F]) Serialize() []emulated.Element[F]

Serialize returns a slice with the C1.X, C1.Y, C2.X, C2.Y in order

type EmulatedCiphertext 

type EmulatedCiphertext[F emulated.FieldParams] struct {
	C1, C2 EmulatedPoint[F]
}

EmulatedCiphertext struct is a copy of the elgamal.Ciphertext struct, but using the EmulatedPoint type

type EmulatedPoint 

type EmulatedPoint[F emulated.FieldParams] struct {
	X, Y emulated.Element[F]
}

EmulatedPoint struct is a copy of the elgamal.Point struct, but using the emulated.Element type

type EmulatedVote 

type EmulatedVote[F emulated.FieldParams] struct {
	Nullifier  emulated.Element[F]
	Ballot     EmulatedBallot[F]
	Address    emulated.Element[F]
	Commitment emulated.Element[F]
}

EmulatedVote is a copy of the Vote struct, but using the emulated.Element type as generic type for the Nullifier, Address and Commitment fields, and the EmulatedBallot type for the Ballot field.

type EncryptionKey 

type EncryptionKey[T any] struct {
	PubKey [2]T
}

func DeserializeEncryptionKey 

func DeserializeEncryptionKey(data []byte) (EncryptionKey[*big.Int], error)

DeserializeEncryptionKey reconstructs a EncryptionKey from a slice of bytes. The input must be of len 2*32 bytes (otherwise it returns an error), representing 2 big.Ints as little-endian.

func EncryptionKeyFromECCPoint 

func EncryptionKeyFromECCPoint(p ecc.Point) EncryptionKey[*big.Int]

func MockEncryptionKey 

func MockEncryptionKey() EncryptionKey[*big.Int]

func (EncryptionKey[T]) AsEmulatedElementBN254 

func (k EncryptionKey[T]) AsEmulatedElementBN254() EncryptionKey[emulated.Element[sw_bn254.ScalarField]]

AsEmulatedElementBN254 returns the EncryptionKey as a different type. Returns an empty EncryptionKey if T is not *big.Int.

func (EncryptionKey[T]) AsVar 

func (k EncryptionKey[T]) AsVar() EncryptionKey[frontend.Variable]

AsVar returns the EncryptionKey as a different type. Returns an empty EncryptionKey if T is not *big.Int.

func (EncryptionKey[T]) Bytes 

func (k EncryptionKey[T]) Bytes() []byte

Bytes returns 2*32 bytes representing PubKey components. Returns an empty slice if T is not *big.Int.

func (EncryptionKey[T]) Serialize 

func (k EncryptionKey[T]) Serialize() []T

type InnerProofBLS12377 

type InnerProofBLS12377 struct {
	Proof   groth16.Proof[sw_bls12377.G1Affine, sw_bls12377.G2Affine]
	Witness groth16.Witness[sw_bls12377.ScalarField]
	VK      groth16.VerifyingKey[sw_bls12377.G1Affine, sw_bls12377.G2Affine, sw_bls12377.GT] `gnark:"-"`
}

type InnerProofBN254 

type InnerProofBN254 struct {
	Proof   groth16.Proof[sw_bn254.G1Affine, sw_bn254.G2Affine]
	Witness groth16.Witness[sw_bn254.ScalarField]
	VK      groth16.VerifyingKey[sw_bn254.G1Affine, sw_bn254.G2Affine, sw_bn254.GTEl] `gnark:"-"`
}

type InnerProofBW6761 

type InnerProofBW6761 struct {
	Proof   groth16.Proof[sw_bw6761.G1Affine, sw_bw6761.G2Affine]
	Witness groth16.Witness[sw_bw6761.ScalarField]
	VK      groth16.VerifyingKey[sw_bw6761.G1Affine, sw_bw6761.G2Affine, sw_bw6761.GTEl] `gnark:"-"`
}

type Process 

type Process[T any] struct {
	ID            T
	CensusRoot    T
	BallotMode    BallotMode[T]
	EncryptionKey EncryptionKey[T]
}

Process is a struct that contains the common inputs for a process. Is a generic struct that can be used with any type of circuit input.

func (Process[T]) Serialize 

func (p Process[T]) Serialize() []T

type Vote 

type Vote[T any] struct {
	Nullifier  T
	Ballot     Ballot
	Address    T
	Commitment T
}

Vote is a struct that contains all data related to a vote. Is a generic struct that can be used with any type of circuit input.

Source Files

View all Source files

Directories

Path Synopsis
aggregator package contains the Gnark circuit defiinition that aggregates some votes and proves the validity of the aggregation.
 aggregator package contains the Gnark circuit defiinition that aggregates some votes and proves the validity of the aggregation.
test
aggregator
ballotproof
statetransition
voteverifier
voteverifier package contains the Gnark circuit definition that verifies a vote package to be aggregated by the vote aggregator and included in a new state transition.
 voteverifier package contains the Gnark circuit definition that verifies a vote package to be aggregated by the vote aggregator and included in a new state transition.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.